Cussins Enterprises LLC

Technology is a paint brush on the canvas of life. 
What can we paint for you?

Cybersecurity News

Awareness of what is happening is the 1st to a secure system.

Threat Post

Firewall Bug Under Active Attack Triggers CISA Warning

On August 23, 2022Source: Web Security – ThreatpostBy Threatpost
Categories: Vulnerabilities, Web Security

CISA is warning that Palo Alto Networks’ PAN-OS is under active attack and needs to be patched ASAP.Read more

Fake Reservation Links Prey on Weary Travelers

On August 22, 2022Source: Web Security – ThreatpostBy Nate Nelson
Categories: Malware, Web Security

Fake travel reservations are exacting more pain from the travel weary, already dealing with the miseRead more

Google Patches Chrome’s Fifth Zero-Day of the Year

On August 18, 2022Source: Web Security – ThreatpostBy Elizabeth Montalbano
Categories: Vulnerabilities, Web Security, Google Chrome, zero-day vulnerabilities

An insufficient validation input flaw, one of 11 patched in an update this week, could allow for arbRead more

Phishers Swim Around 2FA in Coinbase Account Heists

On August 8, 2022Source: Web Security – ThreatpostBy Elizabeth Montalbano
Categories: Hacks, Web Security

Attackers are spoofing the widely used cryptocurrency exchange to trick users into logging in so theRead more

Open Redirect Flaw Snags Amex, Snapchat User Data

On August 5, 2022Source: Web Security – ThreatpostBy Elizabeth Montalbano
Categories: Hacks, Vulnerabilities, Web Security

Separate phishing campaigns targeting thousands of victims impersonate FedEx and Microsoft, among otRead more

Universities Put Email Users at Cyber Risk

On August 2, 2022Source: Web Security – ThreatpostBy Elizabeth Montalbano
Categories: Vulnerabilities, Web Security

DMARC analysis by Proofpoint shows that institutions in the U.S. have among some of the poorest protRead more

Threat Actors Pivot Around Microsoft’s Macro-Blocking in Office

On July 28, 2022Source: Web Security – ThreatpostBy Elizabeth Montalbano
Categories: Hacks, Malware, Web Security

Cybercriminals turn to container files and other tactics to get around the company’s attempt to thwaRead more

IoT Botnets Fuel DDoS Attacks – Are You Prepared?

On July 26, 2022Source: Web Security – ThreatpostBy Sponsored Content
Categories: Sponsored, Vulnerabilities, Web Security, indusface

The increased proliferation of IoT devices paved the way for the rise of IoT botnets that amplifiesRead more

Magecart Serves Up Card Skimmers on Restaurant-Ordering Systems

On July 20, 2022Source: Web Security – ThreatpostBy Elizabeth Montalbano
Categories: Hacks, Malware, Web Security

300 restaurants and at least 50,000 payment cards compromised by two separate campaigns against MenuRead more

Authentication Risks Discovered in Okta Platform

On July 19, 2022Source: Web Security – ThreatpostBy Nate Nelson
Categories: Privacy, Web Security

Four newly discovered attack paths could lead to PII exposure, account takeover, even organizationalRead more

Beeping Computer

https://www.bleepingcomputer.com/feed/ is invalid XML, likely due to invalid characters. XML error: XML_ERR_NAME_REQUIRED at line 1, column 5377

Motherboard

Scientists Claim AI Breakthrough to Generate Boundless Clean Fusion Energy

On February 21, 2024Source: VICE US - MotherboardBy Mirjam Guesgen
Categories: Science, nuclear fusion, AI, Abstract

Princeton researchers report that a new AI model has solved one of the major roadblocks to generatinRead more

How Starship Troopers’ Psychic Subplot Explains Its Divisive Message

On February 20, 2024Source: VICE US - MotherboardBy Jordan Pearson
Categories: Opinion, starship troopers, helldivers 2, Paul Verhoeven

The internet is warring over Paul Verhoeven’s subversive 1997 sci-fi blockbuster, and one puzzling eRead more

First Prison Photo of Sam Bankman-Fried Emerges: Bearded, Thin, and ‘Weird as Shit’

On February 20, 2024Source: VICE US - MotherboardBy Maxwell Strachan
Categories: S.B.F., sam bankman-fried, ftx, alameda research, crypto

Independent crypto journalist Tiffany Fong obtained the photo of the former FTX CEO from a former inRead more

X Suspends, Then Reinstates, Alexei Navalny’s Widow After Pledge to Continue Anti-Putin Politician’s Work

On February 20, 2024Source: VICE US - MotherboardBy Jordan Pearson
Categories: Tech news, Navalny, X, Twitter, Musk, Putin, Alexei Navalny, Yulia Navalnaya

Yulia Navalnaya pledged to continue her late husband’s work to unseat Vladimir Putin in videos shareRead more

Life in a ‘Death Trap’: How Tenants Rose Up Against a Federally Funded Mega-Landlord

On February 20, 2024Source: VICE US - MotherboardBy Roshan Abraham
Categories: housing, HUD, apartments, rentals, section 8

Years of living with rats, snakes, and rotted floorboards has led a group of tenants across the counRead more

Data Breeches

If you pay ransom, you may not get your data back and worse, you probably WILL get hit again – Cybereason Survey

On February 23, 2024Source: DataBreaches.netBy Dissent
Categories: Commentaries and Analyses, Of Note

Ever since ransomware attacks and “double extortion” attacks became common, law enforcemRead more

An Update on the SEC’s Cybersecurity Reporting Rules

On February 23, 2024Source: DataBreaches.netBy Dissent
Categories: Breach Laws, Commentaries and Analyses, Federal, Legislation, U.S.

Hunton Andrews Kurth write: As we pass the two-month anniversary of the effectiveness of the U.S. SeRead more

Maryville Addiction Treatment Centers Victim Of Data Breach

On February 23, 2024Source: DataBreaches.netBy Dissent
Categories: Hack, Health Data, U.S.

Jon Craig reports: Maryville, a nonprofit addition agency, is offering credit monitoring services foRead more

Change Healthcare responding to cyberattack; few details known at this point

On February 22, 2024Source: DataBreaches.netBy Dissent
Categories: Hack, Health Data, Of Note, Subcontractor, U.S.

Early yesterday, Change Healthcare reported that they were experiencing enterprise-wide connectivityRead more

Unpicking LockBit — 22 Cases of Affiliate Tradecraft

On February 22, 2024Source: DataBreaches.netBy Dissent
Categories: Commentaries and Analyses, Malware, Of Note

As part of its roll-out of news about the LockBit disruption, the governments involved have providedRead more

HHS’ Office for Civil Rights Settles Second Ever Ransomware Cyber-Attack for $40,000 and a Corrective Action Plan with OCR Monitoring

On February 22, 2024Source: DataBreaches.netBy Dissent
Categories: Commentaries and Analyses, Health Data, HIPAA, Malware, Of Note

HHS OCR has announced a second enforcement settlement in a ransomware case. The 2019 breach involvinRead more

Hack at Services Firm Hits 2.4 Million Eye Doctor Patients

On February 22, 2024Source: DataBreaches.netBy Dissent
Categories: Health Data, Subcontractor, U.S.

Marianne Kolbasuk McGee reports: Medical Management Resource Group, which does business as AmericanRead more

Data Breach Putative Class Action Questions Whether Broker Was Swift Enough in Notice and Response

On February 22, 2024Source: DataBreaches.netBy Dissent
Categories: Hack, Health Data, U.S.

Andrea DeField and Matthew J. Revis of Hunton Andrews Kurth write: While America was tuned into theRead more

Reward Offers for Information on LockBit Leaders and Designating Affiliates

On February 21, 2024Source: DataBreaches.netBy Dissent
Categories: Hack, Malware, Of Note

LockBitSupp, the top honcho at LockBit, always complained that there was no reward for him. He evenRead more

Au: Privacy Watchdog to investigate HWL Ebsworth over security and notifications

On February 21, 2024Source: DataBreaches.netBy Dissent
Categories: Business Sector, Hack, Non-U.S.

Jeremy Nadel reports: The investigation will cover whether the law firm violated the Privacy Act byRead more

Cyberscoop

Utilities trade association releases baseline cyber standards for distributed renewable energy

On February 23, 2024Source: CyberScoopBy Christian Vasquez
Categories: Government, critical infrastructure, Cybersecurity and Infrastructure Security Agency (CISA), Department of Energy (DOE), Department of Homeland Security (DHS), distributed energy resources, energy

The DOE-funded initiative provides voluntary guidance to electric distribution systems and distributRead more

Georgia election officials withheld evidence in voting machine breach, group alleges

On February 22, 2024Source: CyberScoopBy djohnson
Categories: Cybersecurity, Government, election, election interference, election systems, Trump, voting machines, voting systems

A filing accuses county election officials of withholding records related to unauthorized copying ofRead more

Leaked documents show how firm supports Chinese hacking operations

On February 21, 2024Source: CyberScoopBy AJ Vicens
Categories: Geopolitics, APT41, Chengdu 404, China, hack and leak, I-SOON

Documents that appear to belong to the offensive security firm I-SOON provide a rare window into theRead more

Microsoft rolls out expanded logging six months after Chinese breach

On February 21, 2024Source: CyberScoopBy eliasgroll
Categories: Geopolitics, Government, China, Cybersecurity and Infrastructure Security Agency (CISA), hacking, Microsoft, office of management and budget, OMB, Ron Wyden

The technology giant has come under heavy criticism for not making robust logging features availableRead more

Apple rolls out quantum-resistant cryptography for iMessage

On February 21, 2024Source: CyberScoopBy eliasgroll
Categories: Technology, Apple, encryption, iMessage, National Institute of Standards and Technology (NIST), NIST, quantum computing

The tech giant hopes to make its messaging platform secure against highly capable quantum computersRead more

Biden signs executive order to give Coast Guard added authority over maritime cyber threats

On February 21, 2024Source: CyberScoopBy Christian Vasquez
Categories: Government, Policy, China, critical infrastructure, U.S. Coast Guard, Executive order, Department of Homeland Security (DHS), Maritime industry, Maritime

National security officials have been sounding the alarm over a China-linked hacking group that’s beRead more

Rob Joyce leaving NSA at the end of March

On February 20, 2024Source: CyberScoopBy mbracken
Categories: Cybersecurity, Government, Cyber Command, Cybersecurity Directorate, National Security Agency (NSA)

The spy agency’s cyber director will be replaced by David Luber, deputy director of the CybersecuritRead more

Report: Manufacturing bears the brunt of industrial ransomware

On February 20, 2024Source: CyberScoopBy Christian Vasquez
Categories: Threats, industrial control systems (ICS), operational technology, ransomware

The ransomware variant LockBit is responsible for 25% of ransomware incidents affecting industrial sRead more

FBI, British authorities seize infrastructure of LockBit ransomware group

On February 19, 2024Source: CyberScoopBy AJ Vicens
Categories: Cybercrime, Randsomware, Federal Bureau of Investigation (FBI), LockBit, ransomware

An international law enforcement operation on Monday seized servers and disrupted the infrastructureRead more

Tech companies pledge to protect 2024 elections from AI-generated media

On February 16, 2024Source: CyberScoopBy djohnson
Categories: AI, Amazon, Artificial Intelligence (AI), deepfakes, Election 2024, elections, Meta, Microsoft, OpenAI, TikTok, Twitter

Twenty major tech companies committed to policies that make it harder for bad actors to leverage AIRead more

Krebs On Security

The Hacker News

Dormant PyPI Package Compromised to Spread Nova Sentinel Malware

On February 23, 2024Source: The Hacker NewsBy

A dormant package available on the Python Package Index (PyPI) repository was updated nearly after tRead more

A dormant package available on the Python Package Index (PyPI) repository was updated nearly after two years to propagate an information stealer malware called Nova Sentinel. The package, named django-log-tracker, was first published to PyPI in April 2022, according to software supply chain security firm Phylum, which detected an anomalous update to the library on February 21,

Microsoft Releases PyRIT - A Red Teaming Tool for Generative AI

On February 23, 2024Source: The Hacker NewsBy

Microsoft has released an open access automation framework called PyRIT (short for PythonRead more

Microsoft has released an open access automation framework called PyRIT (short for Python Risk Identification Tool) to proactively identify risks in generative artificial intelligence (AI) systems. The red teaming tool is designed to "enable every organization across the globe to innovate responsibly with the latest artificial intelligence advances," Ram Shankar Siva Kumar, AI red team

How to Use Tines's SOC Automation Capability Matrix

On February 23, 2024Source: The Hacker NewsBy

Created by John Tuckner and the team at workflow and automation platform Tines, the SOC AuRead more

Created by John Tuckner and the team at workflow and automation platform Tines, the SOC Automation Capability Matrix (SOC ACM) is a set of techniques designed to help security operations teams understand their automation capabilities and respond more effectively to incidents.  A customizable, vendor-agnostic tool featuring lists of automation opportunities, it's been shared

Researchers Detail Apple's Recent Zero-Click Shortcuts Vulnerability

On February 23, 2024Source: The Hacker NewsBy

Details have emerged about a now-patched high-severity security flaw in Apple's Shortcuts app that cRead more

Details have emerged about a now-patched high-severity security flaw in Apple's Shortcuts app that could permit a shortcut to access sensitive information on the device without users' consent. The vulnerability, tracked as CVE-2024-23204 (CVSS score: 7.5), was addressed by Apple on January 22, 2024, with the release of iOS 17.3, iPadOS 17.3, macOS Sonoma 14.3, and 

FTC Slams Avast with $16.5 Million Fine for Selling Users' Browsing Data

On February 23, 2024Source: The Hacker NewsBy

The U.S. Federal Trade Commission (FTC) has hit antivirus vendor Avast with a $16.5 million fine oveRead more

The U.S. Federal Trade Commission (FTC) has hit antivirus vendor Avast with a $16.5 million fine over charges that the firm sold users' browsing data to advertisers after claiming its products would block online tracking. In addition, the company has been banned from selling or licensing any web browsing data for advertising purposes. It will also have to notify users whose browsing data was

Apple Unveils PQ3 Protocol - Post-Quantum Encryption for iMessage

On February 22, 2024Source: The Hacker NewsBy

Apple has announced a new post-quantum cryptographic protocol called PQ3 that it said willRead more

Apple has announced a new post-quantum cryptographic protocol called PQ3 that it said will be integrated into iMessage to secure the messaging platform against future attacks arising from the threat of a practical quantum computer. "With compromise-resilient encryption and extensive defenses against even highly sophisticated quantum attacks, PQ3 is the first messaging protocol to reach

Cybercriminals Weaponizing Open-Source SSH-Snake Tool for Network Attacks

On February 22, 2024Source: The Hacker NewsBy

A recently open-sourced network mapping tool called SSH-Snake has been repurposed by threaRead more

A recently open-sourced network mapping tool called SSH-Snake has been repurposed by threat actors to conduct malicious activities. "SSH-Snake is a self-modifying worm that leverages SSH credentials discovered on a compromised system to start spreading itself throughout the network," Sysdig researcher Miguel Hernández said. "The worm automatically searches through known credential

A New Age of Hacktivism

On February 22, 2024Source: The Hacker NewsBy

In the past 2 years, we have observed a significant surge in hacktivism activity due to ongoing warsRead more

In the past 2 years, we have observed a significant surge in hacktivism activity due to ongoing wars and geopolitical conflicts in various regions. Since the war against Ukraine began, we have witnessed a notable mobilization of non-state and state-backed actors alike, forming new groups or joining existing hacker collectives.  We understand hacktivism as a form of computer hacking that is

Russian Government Software Backdoored to Deploy Konni RAT Malware

On February 22, 2024Source: The Hacker NewsBy

An installer for a tool likely used by the Russian Consular Department of the Ministry of Foreign AfRead more

An installer for a tool likely used by the Russian Consular Department of the Ministry of Foreign Affairs (MID) has been backdoored to deliver a remote access trojan called Konni RAT (aka UpDog). The findings come from German cybersecurity company DCSO, which linked the activity as originating from the Democratic People's Republic of Korea (DPRK)-nexus actors targeting Russia. The

U.S. Offers $15 Million Bounty to Hunt Down LockBit Ransomware Leaders

On February 22, 2024Source: The Hacker NewsBy

The U.S. State Department has announced monetary rewards of up to $15 million for information that cRead more

The U.S. State Department has announced monetary rewards of up to $15 million for information that could lead to the identification of key leaders within the LockBit ransomware group and the arrest of any individual participating in the operation. "Since January 2020, LockBit actors have executed over 2,000 attacks against victims in the United States, and around the world, causing costly

How Can We Help?

13 + 6 =

Share This