Cussins Enterprises LLC

Technology is a paint brush on the canvas of life. 
What can we paint for you?

Cybersecurity News

Awareness of what is happening is the 1st to a secure system.

Threat Post

Firewall Bug Under Active Attack Triggers CISA Warning

On August 23, 2022Source: Web Security – ThreatpostBy Threatpost
Categories: Vulnerabilities, Web Security

CISA is warning that Palo Alto Networks’ PAN-OS is under active attack and needs to be patched ASAP.Read more

Fake Reservation Links Prey on Weary Travelers

On August 22, 2022Source: Web Security – ThreatpostBy Nate Nelson
Categories: Malware, Web Security

Fake travel reservations are exacting more pain from the travel weary, already dealing with the miseRead more

Google Patches Chrome’s Fifth Zero-Day of the Year

On August 18, 2022Source: Web Security – ThreatpostBy Elizabeth Montalbano
Categories: Vulnerabilities, Web Security, Google Chrome, zero-day vulnerabilities

An insufficient validation input flaw, one of 11 patched in an update this week, could allow for arbRead more

Phishers Swim Around 2FA in Coinbase Account Heists

On August 8, 2022Source: Web Security – ThreatpostBy Elizabeth Montalbano
Categories: Hacks, Web Security

Attackers are spoofing the widely used cryptocurrency exchange to trick users into logging in so theRead more

Open Redirect Flaw Snags Amex, Snapchat User Data

On August 5, 2022Source: Web Security – ThreatpostBy Elizabeth Montalbano
Categories: Hacks, Vulnerabilities, Web Security

Separate phishing campaigns targeting thousands of victims impersonate FedEx and Microsoft, among otRead more

Universities Put Email Users at Cyber Risk

On August 2, 2022Source: Web Security – ThreatpostBy Elizabeth Montalbano
Categories: Vulnerabilities, Web Security

DMARC analysis by Proofpoint shows that institutions in the U.S. have among some of the poorest protRead more

Threat Actors Pivot Around Microsoft’s Macro-Blocking in Office

On July 28, 2022Source: Web Security – ThreatpostBy Elizabeth Montalbano
Categories: Hacks, Malware, Web Security

Cybercriminals turn to container files and other tactics to get around the company’s attempt to thwaRead more

IoT Botnets Fuel DDoS Attacks – Are You Prepared?

On July 26, 2022Source: Web Security – ThreatpostBy Sponsored Content
Categories: Sponsored, Vulnerabilities, Web Security, indusface

The increased proliferation of IoT devices paved the way for the rise of IoT botnets that amplifiesRead more

Magecart Serves Up Card Skimmers on Restaurant-Ordering Systems

On July 20, 2022Source: Web Security – ThreatpostBy Elizabeth Montalbano
Categories: Hacks, Malware, Web Security

300 restaurants and at least 50,000 payment cards compromised by two separate campaigns against MenuRead more

Authentication Risks Discovered in Okta Platform

On July 19, 2022Source: Web Security – ThreatpostBy Nate Nelson
Categories: Privacy, Web Security

Four newly discovered attack paths could lead to PII exposure, account takeover, even organizationalRead more

Beeping Computer

https://www.bleepingcomputer.com/feed/ is invalid XML, likely due to invalid characters. XML error: XML_ERR_NAME_REQUIRED at line 1, column 5315

Motherboard

The Teenager Who Lived a Secret Double Life as a Millionaire Crypto Bandit

On June 14, 2024Source: VICE US - MotherboardBy VICE Staff
Categories: Crime, cybercrime, student life, college life, cryptocurrency, Hacking, Documentary, vice

Joel Ortiz, a socially isolated college student, stole millions of dollars in crypto by hijacking hiRead more

Early Color Photography, and the Man Who Revives It

On May 17, 2024Source: VICE US - MotherboardBy Nick Thompson
Categories: Photography, Stuart Humphryes, History, autochromes

Autochromes are some of the first color photos, dating back to the 1910s and 1920s. Stuart HumphryesRead more

Scientists Claim AI Breakthrough to Generate Boundless Clean Fusion Energy

On February 21, 2024Source: VICE US - MotherboardBy Mirjam Guesgen
Categories: Science, nuclear fusion, AI, Abstract

Princeton researchers report that a new AI model has solved one of the major roadblocks to generatinRead more

How Starship Troopers’ Psychic Subplot Explains Its Divisive Message

On February 20, 2024Source: VICE US - MotherboardBy Jordan Pearson
Categories: Opinion, starship troopers, helldivers 2, Paul Verhoeven

The internet is warring over Paul Verhoeven’s subversive 1997 sci-fi blockbuster, and one puzzling eRead more

First Prison Photo of Sam Bankman-Fried Emerges: Bearded, Thin, and ‘Weird as Shit’

On February 20, 2024Source: VICE US - MotherboardBy Maxwell Strachan
Categories: S.B.F., sam bankman-fried, ftx, alameda research, crypto

Independent crypto journalist Tiffany Fong obtained the photo of the former FTX CEO from a former inRead more

Data Breeches

https://www.databreaches.net/feed/ is invalid XML, likely due to invalid characters. XML error: Mismatched tag at line 6, column 8

Cyberscoop

Chinese-aligned hacking group targeted more than a dozen government agencies, researchers find

On June 21, 2024Source: CyberScoopBy AJ Vicens
Categories: Geopolitics, China, Cisco Talos, Gh0st Rat, Yahoo Paranoids

The activity highlights a rapidly evolving, aggressive cyberespionage operation that played out acroRead more

Biden administration bans sale of Kaspersky software in US 

On June 20, 2024Source: CyberScoopBy eliasgroll
Categories: Cybersecurity, Geopolitics, Government, Commerce Department, Eugene Kaspersky, Kaspersky, Russia

The move against the Russian cybersecurity giant aims to prevent the company from being used in cybeRead more

DHS releases critical infrastructure priorities for next two years

On June 20, 2024Source: CyberScoopBy Christian Vasquez
Categories: Government, Policy, Artificial Intelligence (AI), China, Cybersecurity and Infrastructure Security Agency (CISA), Department of Homeland Security (DHS), operational technology

The agency says AI and China are some of the biggest cyber threats to the nation's most sensitive neRead more

Picketed at work, confronted at church: Why election workers have left the job

On June 20, 2024Source: CyberScoopBy djohnson
Categories: Workforce, Cybersecurity and Infrastructure Security Agency (CISA), Dominion Voting Systems, Election Assistance Commission, election security

Election workers facing unprecedented harassment are retiring in huge numbers, posing a threat to thRead more

Critical infrastructure operators’ resilience would get federal assessment under new bill

On June 20, 2024Source: CyberScoopBy mbracken
Categories: Cybersecurity, critical infrastructure, Cybersecurity and Infrastructure Security Agency (CISA), Federal Emergency Management Agency, resilience

The bipartisan House legislation calls on CISA and FEMA to report on how operators handle the switchRead more

U.S. election official: ‘Whack-a-mole’ strategies less effective to combat disinfo

On June 18, 2024Source: CyberScoopBy djohnson
Categories: Threats, Cybersecurity and Infrastructure Security Agency (CISA), disinformation, election security

A more fragmented information ecosystem is making it more difficult to combat disinformation.  The pRead more

Community colleges, HBCUs get cyber talent boost under bipartisan House bill

On June 17, 2024Source: CyberScoopBy mbracken
Categories: Workforce, cyber workforce, Cybersecurity and Infrastructure Security Agency (CISA), Department of Homeland Security (DHS)

The Cybersecurity Clinics Grant Program Act aims to provide “high-potential paths” to cyber jobs atRead more

British national with possible links to high-profile phishing campaigns arrested in Spain

On June 17, 2024Source: CyberScoopBy AJ Vicens
Categories: Cybercrime, 0ktapus, Federal Bureau of Investigation (FBI), The Com

Authorities have yet to formally identify the 22-year-old, but reports suggest he was a prominent plRead more

CISA leads first tabletop exercise for AI cybersecurity

On June 14, 2024Source: CyberScoopBy Christian Vasquez
Categories: Government, Artificial Intelligence (AI), Cybersecurity and Infrastructure Security Agency (CISA), Department of Homeland Security (DHS), Joint Cyber Defense Collaborative (JCDC)

The Biden administration-led exercise featured 15 companies and several international cyber agenciesRead more

Lawmakers question Microsoft president over China ties, repeated breaches

On June 14, 2024Source: CyberScoopBy Tim Starks
Categories: Cybersecurity, Government, Bennie Thompson, China, Congress, Cyber Safety Review Board, House Homeland Security Committee, Mark Green, Microsoft, privacy, Russia, SolarWinds

Brad Smith defended the company at a time of growing concerns about whether the tech giant is sufficRead more

Krebs On Security

The Hacker News

ExCobalt Cyber Gang Targets Russian Sectors with New GoRed Backdoor

On June 22, 2024Source: The Hacker NewsBy

Russian organizations have been targeted by a cybercrime gang called ExCobalt using a previously unkRead more

Russian organizations have been targeted by a cybercrime gang called ExCobalt using a previously unknown Golang-based backdoor known as GoRed. "ExCobalt focuses on cyber espionage and includes several members active since at least 2016 and presumably once part of the notorious Cobalt Gang," Positive Technologies researchers Vladislav Lunin and Alexander Badayev said in a technical report

Warning: New Adware Campaign Targets Meta Quest App Seekers

On June 22, 2024Source: The Hacker NewsBy

A new campaign is tricking users searching for the Meta Quest (formerly Oculus) application for WindRead more

A new campaign is tricking users searching for the Meta Quest (formerly Oculus) application for Windows into downloading a new adware family called AdsExhaust. "The adware is capable of exfiltrating screenshots from infected devices and interacting with browsers using simulated keystrokes," cybersecurity firm eSentire said in an analysis, adding it identified the activity earlier this month. "

U.S. Treasury Sanctions 12 Kaspersky Executives Amid Software Ban

On June 22, 2024Source: The Hacker NewsBy

The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) imposed sanctions agaiRead more

The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) imposed sanctions against a dozen individuals serving executive and senior leadership roles at Kaspersky Lab, a day after the Russian company was banned by the Commerce Department. The move "underscores our commitment to ensure the integrity of our cyber domain and to protect our citizens against malicious cyber

Chinese Hackers Deploy SpiceRAT and SugarGh0st in Global Espionage Campaign

On June 21, 2024Source: The Hacker NewsBy

A previously undocumented Chinese-speaking threat actor codenamed SneakyChef has been linked to an eRead more

A previously undocumented Chinese-speaking threat actor codenamed SneakyChef has been linked to an espionage campaign primarily targeting government entities across Asia and EMEA (Europe, Middle East, and Africa) with SugarGh0st malware since at least August 2023. "SneakyChef uses lures that are scanned documents of government agencies, most of which are related to various countries' Ministries

Military-themed Email Scam Spreads Malware to Infect Pakistani Users

On June 21, 2024Source: The Hacker NewsBy

Cybersecurity researchers have shed light on a new phishing campaign that has been identified as tarRead more

Cybersecurity researchers have shed light on a new phishing campaign that has been identified as targeting people in Pakistan using a custom backdoor. Dubbed PHANTOM#SPIKE by Securonix, the unknown threat actors behind the activity have leveraged military-related phishing documents to activate the infection sequence. "While there are many methods used today to deploy malware, the threat actors

How to Use Tines's SOC Automation Capability Matrix

On June 21, 2024Source: The Hacker NewsBy

Created by John Tuckner and the team at automation and AI-powered workflow platform Tines, theRead more

Created by John Tuckner and the team at automation and AI-powered workflow platform Tines, the SOC Automation Capability Matrix (SOC ACM) is a set of techniques designed to help security operations teams understand their automation capabilities and respond more effectively to incidents.  A customizable, vendor-agnostic tool featuring lists of automation opportunities, it's

Oyster Backdoor Spreading via Trojanized Popular Software Downloads

On June 21, 2024Source: The Hacker NewsBy

A malvertising campaign is leveraging trojanized installers for popular software such as Google ChroRead more

A malvertising campaign is leveraging trojanized installers for popular software such as Google Chrome and Microsoft Teams to drop a backdoor called Oyster (aka Broomstick and CleanUpLoader). That's according to findings from Rapid7, which identified lookalike websites hosting the malicious payloads that users are redirected to after searching for them on search engines like Google and Bing. The

SolarWinds Serv-U Vulnerability Under Active Attack - Patch Immediately

On June 21, 2024Source: The Hacker NewsBy

A recently patched high-severity flaw impacting SolarWinds Serv-U file transfer software is being acRead more

A recently patched high-severity flaw impacting SolarWinds Serv-U file transfer software is being actively exploited by malicious actors in the wild. The vulnerability, tracked as CVE-2024-28995 (CVSS score: 8.6), concerns a directory transversal bug that could allow attackers to read sensitive files on the host machine. Affecting all versions of the software prior to and including Serv-U 15.4.2

U.S. Bans Kaspersky Software, Citing National Security Risks

On June 21, 2024Source: The Hacker NewsBy

The U.S. Department of Commerce's Bureau of Industry and Security (BIS) on Thursday announced a "firRead more

The U.S. Department of Commerce's Bureau of Industry and Security (BIS) on Thursday announced a "first of its kind" ban that prohibits Kaspersky Lab's U.S. subsidiary from directly or indirectly offering its security software in the country. The blockade also extends to the cybersecurity company's affiliates, subsidiaries and parent companies, the department said, adding the action is based on

Researchers Uncover UEFI Vulnerability Affecting Multiple Intel CPUs

On June 20, 2024Source: The Hacker NewsBy

Cybersecurity researchers have disclosed details of a now-patched security flaw in Phoenix SecureCorRead more

Cybersecurity researchers have disclosed details of a now-patched security flaw in Phoenix SecureCore UEFI firmware that affects multiple families of Intel Core desktop and mobile processors. Tracked as CVE-2024-0762 (CVSS score: 7.5), the "UEFIcanhazbufferoverflow" vulnerability has been described as a case of a buffer overflow stemming from the use of an unsafe variable in the Trusted Platform

How Can We Help?

10 + 11 =

Share This