Cussins Enterprises LLC

Technology is a paint brush on the canvas of life. 
What can we paint for you?

Cybersecurity News

Awareness of what is happening is the 1st to a secure system.

Threat Post

Firewall Bug Under Active Attack Triggers CISA Warning

On August 23, 2022Source: Web Security – ThreatpostBy Threatpost
Categories: Vulnerabilities, Web Security

CISA is warning that Palo Alto Networks’ PAN-OS is under active attack and needs to be patched ASAP.Read more

Fake Reservation Links Prey on Weary Travelers

On August 22, 2022Source: Web Security – ThreatpostBy Nate Nelson
Categories: Malware, Web Security

Fake travel reservations are exacting more pain from the travel weary, already dealing with the miseRead more

Google Patches Chrome’s Fifth Zero-Day of the Year

On August 18, 2022Source: Web Security – ThreatpostBy Elizabeth Montalbano
Categories: Vulnerabilities, Web Security, Google Chrome, zero-day vulnerabilities

An insufficient validation input flaw, one of 11 patched in an update this week, could allow for arbRead more

Phishers Swim Around 2FA in Coinbase Account Heists

On August 8, 2022Source: Web Security – ThreatpostBy Elizabeth Montalbano
Categories: Hacks, Web Security

Attackers are spoofing the widely used cryptocurrency exchange to trick users into logging in so theRead more

Open Redirect Flaw Snags Amex, Snapchat User Data

On August 5, 2022Source: Web Security – ThreatpostBy Elizabeth Montalbano
Categories: Hacks, Vulnerabilities, Web Security

Separate phishing campaigns targeting thousands of victims impersonate FedEx and Microsoft, among otRead more

Universities Put Email Users at Cyber Risk

On August 2, 2022Source: Web Security – ThreatpostBy Elizabeth Montalbano
Categories: Vulnerabilities, Web Security

DMARC analysis by Proofpoint shows that institutions in the U.S. have among some of the poorest protRead more

Threat Actors Pivot Around Microsoft’s Macro-Blocking in Office

On July 28, 2022Source: Web Security – ThreatpostBy Elizabeth Montalbano
Categories: Hacks, Malware, Web Security

Cybercriminals turn to container files and other tactics to get around the company’s attempt to thwaRead more

IoT Botnets Fuel DDoS Attacks – Are You Prepared?

On July 26, 2022Source: Web Security – ThreatpostBy Sponsored Content
Categories: Sponsored, Vulnerabilities, Web Security, indusface

The increased proliferation of IoT devices paved the way for the rise of IoT botnets that amplifiesRead more

Magecart Serves Up Card Skimmers on Restaurant-Ordering Systems

On July 20, 2022Source: Web Security – ThreatpostBy Elizabeth Montalbano
Categories: Hacks, Malware, Web Security

300 restaurants and at least 50,000 payment cards compromised by two separate campaigns against MenuRead more

Authentication Risks Discovered in Okta Platform

On July 19, 2022Source: Web Security – ThreatpostBy Nate Nelson
Categories: Privacy, Web Security

Four newly discovered attack paths could lead to PII exposure, account takeover, even organizationalRead more

Beeping Computer

https://www.bleepingcomputer.com/feed/ is invalid XML, likely due to invalid characters. XML error: XML_ERR_NAME_REQUIRED at line 1, column 5377

Motherboard

Scientists Claim AI Breakthrough to Generate Boundless Clean Fusion Energy

On February 21, 2024Source: VICE US - MotherboardBy Mirjam Guesgen
Categories: Science, nuclear fusion, AI, Abstract

Princeton researchers report that a new AI model has solved one of the major roadblocks to generatinRead more

How Starship Troopers’ Psychic Subplot Explains Its Divisive Message

On February 20, 2024Source: VICE US - MotherboardBy Jordan Pearson
Categories: Opinion, starship troopers, helldivers 2, Paul Verhoeven

The internet is warring over Paul Verhoeven’s subversive 1997 sci-fi blockbuster, and one puzzling eRead more

First Prison Photo of Sam Bankman-Fried Emerges: Bearded, Thin, and ‘Weird as Shit’

On February 20, 2024Source: VICE US - MotherboardBy Maxwell Strachan
Categories: S.B.F., sam bankman-fried, ftx, alameda research, crypto

Independent crypto journalist Tiffany Fong obtained the photo of the former FTX CEO from a former inRead more

X Suspends, Then Reinstates, Alexei Navalny’s Widow After Pledge to Continue Anti-Putin Politician’s Work

On February 20, 2024Source: VICE US - MotherboardBy Jordan Pearson
Categories: Tech news, Navalny, X, Twitter, Musk, Putin, Alexei Navalny, Yulia Navalnaya

Yulia Navalnaya pledged to continue her late husband’s work to unseat Vladimir Putin in videos shareRead more

Life in a ‘Death Trap’: How Tenants Rose Up Against a Federally Funded Mega-Landlord

On February 20, 2024Source: VICE US - MotherboardBy Roshan Abraham
Categories: housing, HUD, apartments, rentals, section 8

Years of living with rats, snakes, and rotted floorboards has led a group of tenants across the counRead more

Data Breeches

Personal data of 2.7 million Pakistanis ‘stolen’ from government records; some NADRA staffers and officials suspended

On March 28, 2024Source: DataBreaches.netBy Dissent Doe PHD
Categories: Government Sector, Non-U.S.

EFE reports: An investigation has revealed that personal information of more than 2.7 million PakistRead more

Grassley, Wyden Probe Data Breach that Exposed 1.5 Million Organ Transplant Patients’ Sensitive Data

On March 28, 2024Source: DataBreaches.netBy Dissent Doe PHD
Categories: Blog, Commentaries and Analyses, Exposure, Health Data, U.S.

AJ Taylor reports: Sens. Chuck Grassley (R-Iowa) and Ron Wyden (D-Ore.) are holding the United NetwoRead more

Too Speculative’: US Judge Throws Out Data Breach Suit Against Ally Financial

On March 27, 2024Source: DataBreaches.netBy Dissent Doe PHD
Categories: Exposure, Financial Sector, U.S.

Jane Wester reports: U.S. District Judge Nelson Román of the Southern District of New York on MondayRead more

Utah Enacts Amendments to State Breach Notification Law

On March 27, 2024Source: DataBreaches.netBy Dissent Doe PHD
Categories: Breach Laws, Legislation, Of Note, State/Local, U.S.

Hunton Andrews Kurth writes: On March 19, 2024, Utah’s Governor Spencer J. Cox signed Senate Bill (SRead more

System Status Note

On March 26, 2024Source: DataBreaches.netBy Dissent Doe PHD
Categories: Uncategorized

The RSS feed should be working again for those who are already subscribed to it or would like to subRead more

Treasury Sanctions China-Linked Hackers for Targeting U.S. Critical Infrastructure

On March 26, 2024Source: DataBreaches.netBy Dissent Doe PHD
Categories: Federal, Hack, Legislation, Of Note, U.S., APT 31, critical infrastructure, OFAC

WASHINGTON — Today, the Department of the Treasury’s Office of Foreign Assets Control (OFAC) sanctioRead more

Major credit bureau slapped with enforcement notice for data breach in South Africa

On March 26, 2024Source: DataBreaches.netBy Dissent Doe PHD
Categories: Business Sector, Hack, Non-U.S.

Jan Vermeulen reports: The Information Regulator has slapped credit bureau TransUnion with an enforcRead more

System Status Note

On March 23, 2024Source: DataBreaches.netBy Dissent Doe PHD
Categories: Uncategorized

On March 8, DataBreaches experienced a massive DDoS attack. At the time, I thought all posts had beeRead more

Commonwealth Healthcare Corporation breached, patient data involved

On March 23, 2024Source: DataBreaches.netBy Dissent Doe PHD
Categories: Blog, Hack, Health Data, HIPAA, U.S.

A new leaksite appeared this past week that appears to have been created for one particular incidentRead more

OK: Emergency Medical Services Authority notifies patients of hacking incident

On March 23, 2024Source: DataBreaches.netBy Dissent Doe PHD
Categories: Hack, Health Data, U.S.

Terré Gables of KFOR reports: Emergency Medical Services Authority (“EMSA”) says, it has identifiedRead more

Cyberscoop

Plan to resuscitate beleaguered vulnerability database draws criticism 

On March 28, 2024Source: CyberScoopBy Tim Starks
Categories: Cybersecurity, Technology, Threats, Cisco, Congress, CVE, known exploited vulnerabilities (KEV), Microsoft, National Vulnerability Database, NIST, software bill of materials, vulnerabilities, vulnerability disclosure

The National Vulnerability Database has ceased some of its work, but some experts fear the formationRead more

CISA releases draft rule for cyber incident reporting

On March 27, 2024Source: CyberScoopBy Christian Vasquez
Categories: Government, Policy, critical infrastructure, Cybersecurity and Infrastructure Security Agency (CISA), Department of Homeland Security (DHS), incident reporting, Jen Easterly

The proposal describes when critical infrastructure organizations will be required to report cyberseRead more

Treasury report calls out cyber risks to financial sector fueled by AI

On March 27, 2024Source: CyberScoopBy mbracken
Categories: AI, Cybersecurity, Artificial Intelligence (AI), National Institute of Standards and Technology (NIST), Treasury Department

The new report sounds the alarm on AI-specific cyber risks while highlighting best practices to combRead more

Spyware and zero-day exploits increasingly go hand-in-hand, researchers find

On March 27, 2024Source: CyberScoopBy eliasgroll
Categories: Cybersecurity, Privacy, Technology, Google, Mandiant, spyware, vulnerabilities

Researchers found 97 zero-days exploited in the wild in 2023; nearly two thirds of mobile and browseRead more

Chinese hackers target family members to surveil hard targets

On March 26, 2024Source: CyberScoopBy eliasgroll
Categories: Cybersecurity, Geopolitics, APT31, China, Department of Justice (DOJ), hacking, Ministry of State Security, surveillance

To surveil security conscious politicians and dissidents, hackers linked to Beijing are increasinglyRead more

US and UK accuse China of cyber operations targeting domestic politics

On March 25, 2024Source: CyberScoopBy AJ Vicens
Categories: Geopolitics, China, Treasury Department, sanctions, APT31, Department of Justice (DOJ), cyber espionage, Ministry of State Security

Officials in Washington and London say hackers backed by the Chinese state sought to silence dissideRead more

US must establish independent military cyber service to fix ‘alarming’ problems — report

On March 25, 2024Source: CyberScoopBy Billy Mitchell
Categories: Government, Uncategorized

A new report from the Foundation for Defense of Democracies aims to make the case for the creation oRead more

Top Democrat proposes minimum cybersecurity standards in wake of Change Healthcare attack

On March 22, 2024Source: CyberScoopBy AJ Vicens
Categories: Government, Ransomware, Change Healthcare, Ron Wyden, Sen. Mark Warner, UnitedHealth Group

The new legislation from Sen. Mark Warner comes as health care groups say they would oppose such proRead more

German political party targeted by SVR-linked group in spearphishing campaign, Mandiant says

On March 22, 2024Source: CyberScoopBy djohnson
Categories: Geopolitics, Government, malware, Russia, Cozy Bear, germany, spearphishing, Mandiant, SVR

The group may have been seeking insights on shifting European sentiments on Ukraine, threat analystsRead more

House-passed data privacy bill doesn’t thrill privacy groups

On March 21, 2024Source: CyberScoopBy Tim Starks
Categories: Government, Privacy, Center for Democracy & Technology, Privacy legislation, privacy law, TikTok, data brokers, Executive order, House Energy and Commerce Committee, China, Congress, Russia, Section 702, privacy

A measure to address the sale of Americans’ data doesn’t go far enough to rein in the data broker inRead more

Krebs On Security

The Hacker News

Linux Version of DinodasRAT Spotted in Cyber Attacks Across Several Countries

On March 28, 2024Source: The Hacker NewsBy

A Linux version of a multi-platform backdoor called DinodasRAT has been detected in the wiRead more

A Linux version of a multi-platform backdoor called DinodasRAT has been detected in the wild targeting China, Taiwan, Turkey, and Uzbekistan, new findings from Kaspersky reveal. DinodasRAT, also known as XDealer, is a C++-based malware that offers the ability to harvest a wide range of sensitive data from compromised hosts. In October 2023, Slovak cybersecurity firm ESET 

Finland Blames Chinese Hacking Group APT31 for Parliament Cyber Attack

On March 28, 2024Source: The Hacker NewsBy

The Police of Finland (aka Poliisi) has formally accused a Chinese nation-state actor tracked as APTRead more

The Police of Finland (aka Poliisi) has formally accused a Chinese nation-state actor tracked as APT31 for orchestrating a cyber attack targeting the country's Parliament in 2020. The intrusion, per the authorities, is said to have occurred between fall 2020 and early 2021. The agency described the ongoing criminal probe as both demanding and time-consuming, involving extensive analysis of a "

New ZenHammer Attack Bypasses RowHammer Defenses on AMD CPUs

On March 28, 2024Source: The Hacker NewsBy

Cybersecurity researchers from ETH Zurich have developed a new variant of the RowHammer DRAM (dynamiRead more

Cybersecurity researchers from ETH Zurich have developed a new variant of the RowHammer DRAM (dynamic random-access memory) attack that, for the first time, successfully works against AMD Zen 2 and Zen 3 systems despite mitigations such as Target Row Refresh (TRR). "This result proves that AMD systems are equally vulnerable to Rowhammer as Intel systems, which greatly increases the attack

New Webinar: Avoiding Application Security Blind Spots with OPSWAT and F5

On March 28, 2024Source: The Hacker NewsBy

Considering the ever-changing state of cybersecurity, it's never too late to ask yourself, "am I doiRead more

Considering the ever-changing state of cybersecurity, it's never too late to ask yourself, "am I doing what's necessary to keep my organization's web applications secure?" The continuous evolution of technology introduces new and increasingly sophisticated threats daily, posing challenges to organizations all over the world and across the broader spectrum of industries striving to maintain

Behind the Scenes: The Art of Safeguarding Non-Human Identities

On March 28, 2024Source: The Hacker NewsBy

In the whirlwind of modern software development, teams race against time, constantly pushing the bouRead more

In the whirlwind of modern software development, teams race against time, constantly pushing the boundaries of innovation and efficiency. This relentless pace is fueled by an evolving tech landscape, where SaaS domination, the proliferation of microservices, and the ubiquity of CI/CD pipelines are not just trends but the new norm. Amidst this backdrop, a critical aspect subtly weaves into the

Darcula Phishing Network Leveraging RCS and iMessage to Evade Detection

On March 28, 2024Source: The Hacker NewsBy

A sophisticated phishing-as-a-service (PhaaS) platform called Darcula has set its sights oRead more

A sophisticated phishing-as-a-service (PhaaS) platform called Darcula has set its sights on organizations in over 100 countries by leveraging a massive network of more than 20,000 counterfeit domains to help cyber criminals launch attacks at scale. "Using iMessage and RCS rather than SMS to send text messages has the side effect of bypassing SMS firewalls, which is being used to great

Telegram Offers Premium Subscription in Exchange for Using Your Number to Send OTPs

On March 28, 2024Source: The Hacker NewsBy

In June 2017, a study of more than 3,000 Massachusetts Institute of Technology (MIT) studeRead more

In June 2017, a study of more than 3,000 Massachusetts Institute of Technology (MIT) students published by the National Bureau for Economic Research (NBER) found that 98% of them were willing to give away their friends' email addresses in exchange for free pizza. "Whereas people say they care about privacy, they are willing to relinquish private data quite easily when

Hackers Hit Indian Defense, Energy Sectors with Malware Posing as Air Force Invite

On March 27, 2024Source: The Hacker NewsBy

Indian government entities and energy companies have been targeted by unknown threat actors with anRead more

Indian government entities and energy companies have been targeted by unknown threat actors with an aim to deliver a modified version of an open-source information stealer malware called HackBrowserData and exfiltrate sensitive information in some cases by using Slack as command-and-control (C2). "The information stealer was delivered via a phishing email, masquerading as an invitation letter

CISA Warns: Hackers Actively Attacking Microsoft SharePoint Vulnerability

On March 27, 2024Source: The Hacker NewsBy

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a security flawRead more

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a security flaw impacting Microsoft Sharepoint Server to its Known Exploited Vulnerabilities (KEV) catalog based on evidence of active exploitation in the wild. The vulnerability, tracked as CVE-2023-24955 (CVSS score: 7.2), is a critical remote code execution flaw that allows an authenticated attacker with Site

Microsoft Edge Bug Could Have Allowed Attackers to Silently Install Malicious Extensions

On March 27, 2024Source: The Hacker NewsBy

A now-patched security flaw in the Microsoft Edge web browser could have been abused to install arbiRead more

A now-patched security flaw in the Microsoft Edge web browser could have been abused to install arbitrary extensions on users' systems and carry out malicious actions.  "This flaw could have allowed an attacker to exploit a private API, initially intended for marketing purposes, to covertly install additional browser extensions with broad permissions without the user's knowledge," Guardio

How Can We Help?

6 + 1 =

Share This