Cussins Enterprises LLC

Technology is a paint brush on the canvas of life. 
What can we paint for you?

Cybersecurity News

Awareness of what is happening is the 1st to a secure system.

Threat Post

Firewall Bug Under Active Attack Triggers CISA Warning

On August 23, 2022Source: Web Security – ThreatpostBy Threatpost
Categories: Vulnerabilities, Web Security

CISA is warning that Palo Alto Networks’ PAN-OS is under active attack and needs to be patched ASAP.Read more

Fake Reservation Links Prey on Weary Travelers

On August 22, 2022Source: Web Security – ThreatpostBy Nate Nelson
Categories: Malware, Web Security

Fake travel reservations are exacting more pain from the travel weary, already dealing with the miseRead more

Google Patches Chrome’s Fifth Zero-Day of the Year

On August 18, 2022Source: Web Security – ThreatpostBy Elizabeth Montalbano
Categories: Vulnerabilities, Web Security, Google Chrome, zero-day vulnerabilities

An insufficient validation input flaw, one of 11 patched in an update this week, could allow for arbRead more

Phishers Swim Around 2FA in Coinbase Account Heists

On August 8, 2022Source: Web Security – ThreatpostBy Elizabeth Montalbano
Categories: Hacks, Web Security

Attackers are spoofing the widely used cryptocurrency exchange to trick users into logging in so theRead more

Open Redirect Flaw Snags Amex, Snapchat User Data

On August 5, 2022Source: Web Security – ThreatpostBy Elizabeth Montalbano
Categories: Hacks, Vulnerabilities, Web Security

Separate phishing campaigns targeting thousands of victims impersonate FedEx and Microsoft, among otRead more

Universities Put Email Users at Cyber Risk

On August 2, 2022Source: Web Security – ThreatpostBy Elizabeth Montalbano
Categories: Vulnerabilities, Web Security

DMARC analysis by Proofpoint shows that institutions in the U.S. have among some of the poorest protRead more

Threat Actors Pivot Around Microsoft’s Macro-Blocking in Office

On July 28, 2022Source: Web Security – ThreatpostBy Elizabeth Montalbano
Categories: Hacks, Malware, Web Security

Cybercriminals turn to container files and other tactics to get around the company’s attempt to thwaRead more

IoT Botnets Fuel DDoS Attacks – Are You Prepared?

On July 26, 2022Source: Web Security – ThreatpostBy Sponsored Content
Categories: Sponsored, Vulnerabilities, Web Security, indusface

The increased proliferation of IoT devices paved the way for the rise of IoT botnets that amplifiesRead more

Magecart Serves Up Card Skimmers on Restaurant-Ordering Systems

On July 20, 2022Source: Web Security – ThreatpostBy Elizabeth Montalbano
Categories: Hacks, Malware, Web Security

300 restaurants and at least 50,000 payment cards compromised by two separate campaigns against MenuRead more

Authentication Risks Discovered in Okta Platform

On July 19, 2022Source: Web Security – ThreatpostBy Nate Nelson
Categories: Privacy, Web Security

Four newly discovered attack paths could lead to PII exposure, account takeover, even organizationalRead more

Beeping Computer

https://www.bleepingcomputer.com/feed/ is invalid XML, likely due to invalid characters. XML error: Mismatched tag at line 12, column 8

Motherboard

Secretly-Launched Russian Satellite with Unknown Purpose Breaking Up in Orbit, US Says

On February 8, 2023Source: VICE US - MotherboardBy Matthew Gault
Categories: Tech news, woldnews, russia, Satellite, cosmos 2499, kosmos 2499, Space

Cosmos 2499 was speculated to be a spy satellite, or an experimental weapon test, and now it's disinRead more

Meta Takes Aim at Bosses Who Don’t Actually Do Anything

On February 8, 2023Source: VICE US - MotherboardBy Maxwell Strachan
Categories: Facebook, meta, Mark Zuckerberg, wfh, Management

The social media and metaverse company is undergoing a process that is being referred to internallyRead more

UK Proposes Making the Sale and Possession of Encrypted Phones Illegal

On February 8, 2023Source: VICE US - MotherboardBy Joseph Cox
Categories: CYBER, encrypted phones, law enforcement, anom, sky, encrochat, phantom secure

The Home Office says it wants to target “bespoke” devices used for crime, but critics say it is unclRead more

'Disgusting': NYC Scraps Co-Op Internet in Public Housing So Big Telecom Can Move In

On February 8, 2023Source: VICE US - MotherboardBy Roshan Abraham
Categories: Tech news, ISP, Co-Op, big telecom, telecom, Internet, NYCHA, NYC

“The people who are working for us also lose their jobs," Troy Walcott, president of People's ChoiceRead more

People are 'Jailbreaking' ChatGPT to Make It Endorse Racism, Conspiracies

On February 8, 2023Source: VICE US - MotherboardBy Chloe Xiang
Categories: Tech, ChatGPT, personality, jailbreak, Filter, worldnews

Convincing an AI that it's playing a role and "scaring" it into violating safety filters is one wayRead more

Data Breeches

https://www.databreaches.net/feed/ is invalid XML, likely due to invalid characters. XML error: Mismatched tag at line 12, column 8

Cyberscoop

Global ransomware spree infects unpatched VMWare servers. CISA has a fix.

On February 8, 2023Source: CyberScoopBy Christian Vasquez
Categories: Threats, Cybersecurity and Infrastructure Security Agency (CISA), Department of Homeland Security (DHS), ransomware, virtual machines, vmware

Ransomware targeting VMware ESXi servers takes advantage of an old vulnerability and has affected moRead more

Biden calls for action on privacy rights in State of the Union

On February 7, 2023Source: CyberScoopBy Tonya Riley
Categories: Government, Uncategorized, Biden, children's privacy, Congress, privacy, White House

President Biden called for stronger limits on the data collected by large tech companies in his StatRead more

After Hive takedown, could the LockBit ransomware crew be the next to fall?

On February 7, 2023Source: CyberScoopBy AJ Vicens
Categories: Cybercrime, Department of Justice (DOJ), FBI, Hive ransomware, LockBit, ransomware

As international law enforcement agencies turn up the heat on ransomware gangs, LockBit's high-profiRead more

Russian ransomware money launderer pleads guilty to funneling Ryuk payments

On February 7, 2023Source: CyberScoopBy Michael B. Farrell
Categories: Cybercrime, Threats, cryptocurrency, cybercrime, Department of Justice (DOJ), ransomware

A Russian man extradited to the U.S. last year pleads guilty to attempting to conceal ransom paymentRead more

Phreaks and l33ts: Inside the early ‘90s tech scene that created L0pht, the legendary hackerspace 

On February 5, 2023Source: CyberScoopBy Michael B. Farrell
Categories: Special, Cybersecurity, hackers, L0pht

The hackers of LOpht testified before Congress and went on to shape today’s cybersecurity industry.Read more

Sanctioned Iranian hackers behind Charlie Hebdo breach, Microsoft says

On February 3, 2023Source: CyberScoopBy AJ Vicens
Categories: Cybercrime, Geopolitics, charlie hebdo, data breaches, Emennet Pasargad, hacking, Iran, Microsoft

U.S. officials sanctioned members of the hacking group after they attempted to interfere in the 2020Read more

Vulnerabilities could let hackers remotely shut down EV chargers, steal electricity

On February 1, 2023Source: CyberScoopBy Christian Vasquez
Categories: Research, critical infrastructure, electric vehicle, electric vehicle chargers, energy, hacking, transportation

The emerging market’s uneven response to fix the flaws suggests cybersecurity could be a growing conRead more

GoodRx will settle claim it shared sensitive health data with advertisers

On February 1, 2023Source: CyberScoopBy Tonya Riley
Categories: Privacy, data breaches, Facebook, Federal Trade Commission (FTC), FTC, GoodRx, privacy

The telehealth and discount drug provider promised health data would remain confidential and then alRead more

Watchdog warns FDIC fails to test banks’ cyberdefenses effectively

On February 1, 2023Source: CyberScoopBy eliasgroll
Categories: Government, Cybersecurity, FDIC, Financial services

The agency’s Office of Inspector General says staff at the prudential regulator are not being kept aRead more

Reality check: Is ChatGPT really the next big cybersecurity threat?

On January 31, 2023Source: CyberScoopBy eliasgroll
Categories: Technology, Threats, artificial intelligence (AI), hacking, malware

ChatGPT isn't a malware-writing savant and much of the hype around it obscures just how much expertiRead more

Krebs On Security

The Hacker News

NIST Standardizes Ascon Cryptographic Algorithm for IoT and Other Lightweight Devices

On February 8, 2023Source: The Hacker NewsBy

The U.S. National Institute of Standards and Technology (NIST) has announced that a family of authenRead more

The U.S. National Institute of Standards and Technology (NIST) has announced that a family of authenticated encryption and hashing algorithms known as Ascon will be standardized for lightweight cryptography applications. "The chosen algorithms are designed to protect information created and transmitted by the Internet of Things (IoT), including its myriad tiny sensors and actuators," NIST said.

Unpatched Security Flaws Disclosed in Multiple Document Management Systems

On February 8, 2023Source: The Hacker NewsBy

Multiple unpatched security flaws have been disclosed in open source and freemium Document ManagemenRead more

Multiple unpatched security flaws have been disclosed in open source and freemium Document Management System (DMS) offerings from four vendors LogicalDOC, Mayan, ONLYOFFICE, and OpenKM. Cybersecurity firm Rapid7 said the eight vulnerabilities offer a mechanism through which "an attacker can convince a human operator to save a malicious document on the platform and, once the document is indexed

Sydney Man Sentenced for Blackmailing Optus Customers After Data Breach

On February 8, 2023Source: The Hacker NewsBy

A Sydney man has been sentenced to an 18-month Community Correction Order (CCO) and 100 hours of comRead more

A Sydney man has been sentenced to an 18-month Community Correction Order (CCO) and 100 hours of community service for attempting to take advantage of the Optus data breach last year to blackmail its customers. The unnamed individual, 19 when arrested in October 2022 and now 20, used the leaked records stolen from the security lapse to orchestrate an SMS-based extortion scheme. The suspect

Russian Hackers Using Graphiron Malware to Steal Data from Ukraine

On February 8, 2023Source: The Hacker NewsBy

A Russia-linked threat actor has been observed deploying a new information-stealing malware in cyberRead more

A Russia-linked threat actor has been observed deploying a new information-stealing malware in cyber attacks targeting Ukraine. Dubbed Graphiron by Broadcom-owned Symantec, the malware is the handiwork of an espionage group known as Nodaria, which is tracked by the Computer Emergency Response Team of Ukraine (CERT-UA) as UAC-0056. "The malware is written in Go and is designed to harvest a wide

How to Think Like a Hacker and Stay Ahead of Threats

On February 8, 2023Source: The Hacker NewsBy

To succeed as a cybersecurity analyst, you need to understand the traits, values, and thought procesRead more

To succeed as a cybersecurity analyst, you need to understand the traits, values, and thought processes of hackers, along with the tools they use to launch their attacks.  During a webinar called The Hacker Mindset, a Red Team Researcher shared how you can use some of these tools for your own detection and prevention of breaches. He also demonstrated how an attack takes place using the Follina

Russian Hacker Pleads Guilty to Money Laundering Linked to Ryuk Ransomware

On February 8, 2023Source: The Hacker NewsBy

A Russian national on February 7, 2023, pleaded guilty in the U.S. to money laundering charges and fRead more

A Russian national on February 7, 2023, pleaded guilty in the U.S. to money laundering charges and for attempting to conceal the source of funds obtained in connection with Ryuk ransomware attacks. Denis Mihaqlovic Dubnikov, 30, was arrested in Amsterdam in November 2021 before he was extradited from the Netherlands in August 2022. He is awaiting sentencing on April 11, 2023. "Between at least

CERT-UA Alerts Ukrainian State Authorities of Remcos Software-Fueled Cyber Attacks

On February 8, 2023Source: The Hacker NewsBy

The Computer Emergency Response Team of Ukraine (CERT-UA) has issued an alert warning of cyber attacRead more

The Computer Emergency Response Team of Ukraine (CERT-UA) has issued an alert warning of cyber attacks against state authorities in the country that deploy a legitimate remote access software named Remcos. The mass phishing campaign has been attributed to a threat actor it tracks as UAC-0050, with the agency describing the activity as likely motivated by espionage given the toolset employed. The

Encrypted Messaging App Exclu Used by Criminal Groups Cracked by Joint Law Enforcement

On February 7, 2023Source: The Hacker NewsBy

A joint law enforcement operation conducted by Germany, the Netherlands, and Poland has cracked yetRead more

A joint law enforcement operation conducted by Germany, the Netherlands, and Poland has cracked yet another encrypted messaging application named Exclu used by organized crime groups. Eurojust, in a press statement, said the February 3 exercise resulted in the arrests of 45 individuals across Belgium and the Netherlands, some of whom include users as well as the administrators and owners of the

Hackers Exploit Vulnerabilities in Sunlogin to Deploy Sliver C2 Framework

On February 7, 2023Source: The Hacker NewsBy

Threat actors are leveraging known flaws in Sunlogin software to deploy the Sliver command-and-contrRead more

Threat actors are leveraging known flaws in Sunlogin software to deploy the Sliver command-and-control (C2) framework for carrying out post-exploitation activities. The findings come from AhnLab Security Emergency response Center (ASEC), which found that security vulnerabilities in Sunlogin, a remote desktop program developed in China, are being abused to deploy a wide range of payloads. "Not

Tackling the New Cyber Insurance Requirements: Can Your Organization Comply?

On February 7, 2023Source: The Hacker NewsBy

With cyberattacks around the world escalating rapidly, insurance companies are ramping up the requirRead more

With cyberattacks around the world escalating rapidly, insurance companies are ramping up the requirements to qualify for a cyber insurance policy. Ransomware attacks were up 80% last year, prompting underwriters to put in place a number of new provisions designed to prevent ransomware and stem the record number of claims. Among these are a mandate to enforce multi-factor authentication (MFA)

How Can We Help?

1 + 13 =

Share This