Cussins Enterprises LLC
Technology is a paint brush on the canvas of life.
What can we paint for you?
Cybersecurity News
Awareness of what is happening is the 1st to a secure system.Threat Post
 Firewall Bug Under Active Attack Triggers CISA WarningOn August 23, 2022Source: Web Security – ThreatpostBy ThreatpostCategories: Vulnerabilities, Web Security CISA is warning that Palo Alto Networks’ PAN-OS is under active attack and needs to be patched ASAP.… Read more |
 Fake Reservation Links Prey on Weary TravelersOn August 22, 2022Source: Web Security – ThreatpostBy Nate NelsonCategories: Malware, Web Security Fake travel reservations are exacting more pain from the travel weary, already dealing with the mise… Read more |
 Google Patches Chrome’s Fifth Zero-Day of the YearOn August 18, 2022Source: Web Security – ThreatpostBy Elizabeth MontalbanoCategories: Vulnerabilities, Web Security, Google Chrome, zero-day vulnerabilities An insufficient validation input flaw, one of 11 patched in an update this week, could allow for arb… Read more |
 Phishers Swim Around 2FA in Coinbase Account HeistsOn August 8, 2022Source: Web Security – ThreatpostBy Elizabeth MontalbanoCategories: Hacks, Web Security Attackers are spoofing the widely used cryptocurrency exchange to trick users into logging in so the… Read more |
 Open Redirect Flaw Snags Amex, Snapchat User DataOn August 5, 2022Source: Web Security – ThreatpostBy Elizabeth MontalbanoCategories: Hacks, Vulnerabilities, Web Security Separate phishing campaigns targeting thousands of victims impersonate FedEx and Microsoft, among ot… Read more |
 Universities Put Email Users at Cyber RiskOn August 2, 2022Source: Web Security – ThreatpostBy Elizabeth MontalbanoCategories: Vulnerabilities, Web Security DMARC analysis by Proofpoint shows that institutions in the U.S. have among some of the poorest prot… Read more |
 Threat Actors Pivot Around Microsoft’s Macro-Blocking in OfficeOn July 28, 2022Source: Web Security – ThreatpostBy Elizabeth MontalbanoCategories: Hacks, Malware, Web Security Cybercriminals turn to container files and other tactics to get around the company’s attempt to thwa… Read more |
 IoT Botnets Fuel DDoS Attacks – Are You Prepared?On July 26, 2022Source: Web Security – ThreatpostBy Sponsored ContentCategories: Sponsored, Vulnerabilities, Web Security, indusface The increased proliferation of IoT devices paved the way for the rise of IoT botnets that amplifies… Read more |
 Magecart Serves Up Card Skimmers on Restaurant-Ordering SystemsOn July 20, 2022Source: Web Security – ThreatpostBy Elizabeth MontalbanoCategories: Hacks, Malware, Web Security 300 restaurants and at least 50,000 payment cards compromised by two separate campaigns against Menu… Read more |
 Authentication Risks Discovered in Okta PlatformOn July 19, 2022Source: Web Security – ThreatpostBy Nate NelsonCategories: Privacy, Web Security Four newly discovered attack paths could lead to PII exposure, account takeover, even organizational… Read more |
Beeping Computer
| https://www.bleepingcomputer.com/feed/ is invalid XML, likely due to invalid characters. XML error: XML_ERR_NAME_REQUIRED at line 1, column 753 |
Motherboard
| https://motherboard.vice.com/en_us/rss is invalid XML, likely due to invalid characters. XML error: Undeclared entity error at line 30, column 112 |
Data Breeches
Computers containing thousands of patients’ records stolen from Belfast hospitalOn March 11, 2025Source: DataBreaches.NetBy DissentCategories: Health Data, Non-U.S., Theft Deborah McAleese reports: Twenty-eight computers containing the records of thousands of patients hav… Read more |
Center for Digestive Health notifies patients of April 2024 cyberattackOn March 11, 2025Source: DataBreaches.NetBy DissentCategories: Breach Incidents, Hack, Health Data In May, 2024, the threat actors known as BianLian added the Center for Digestive Health in Florida t… Read more |
Sunflower Medical Group notifies 220,968 of December cyberattack by RhysidaOn March 11, 2025Source: DataBreaches.NetBy DissentCategories: Health Data Sunflower Medical Group has notified 220,968 people of a December attack by Rhysida. According to th… Read more |
Attorney General James Sues National General and Allstate Insurance for Failing to Protect New Yorkers’ Personal InformationOn March 10, 2025Source: DataBreaches.NetBy DissentCategories: Business Sector, Of Note NEW YORK – New York Attorney General Letitia James today filed a lawsuit against several insurance c… Read more |
Endless Mountains Health Systems affected by cyberattack; patients alerted to situationOn March 9, 2025Source: DataBreaches.NetBy DissentCategories: Health Data, U.S. Endless Mountains Health Systems (EMHS) in Pennsylvania has been dealing with a cyberattack that has… Read more |
Akira ransomware gang used an unsecured webcam to bypass EDROn March 9, 2025Source: DataBreaches.NetBy DissentCategories: Commentaries and Analyses, Malware The Akira ransomware gang exploited an unsecured webcam to bypass EDR and launch encryption attacks… Read more |
SSK Plastic Surgery discloses it experienced a hack and extortion attempt in 2024On March 8, 2025Source: DataBreaches.NetBy DissentCategories: Hack, Health Data Another plastic surgery practice has revealed that it was the victim of a cyberattack with an extort… Read more |
Extensive US public school employee data compromise reported from Carruth Compliance Consulting breachOn March 8, 2025Source: DataBreaches.NetBy DissentCategories: Education Sector, Subcontractor, U.S. SC Media reports: Oregon-based third-party retirement plan administrator Carruth Compliance Consulti… Read more |
White House cyber director’s office set for more power under Trump, experts sayOn March 8, 2025Source: DataBreaches.NetBy DissentCategories: Miscellaneous Suzanne Smalley reports: The Office of the National Cyber Director (ONCD) is poised to become a stro… Read more |
Hackers expose information for 700,000 current and former Chicago students, district saysOn March 7, 2025Source: DataBreaches.NetBy DissentCategories: Breach Incidents Mila Koumpilova reports an update to the Clop attack on entities using the Cleo file transfer softwa… Read more |
Cyberscoop
Microsoft patches 57 vulnerabilities, including 6 zero-daysOn March 11, 2025Source: CyberScoopBy Matt KapkoCategories: Cybersecurity, Threats, Action1, Cybersecurity and Infrastructure Security Agency (CISA), Microsoft, Patch Tuesday, Rapid7, vulnerabilities, zero-days More than three-quarters of the vulnerabilities covered in the vendor’s monthly Patch Tuesday update… Read more |
Apple discloses zero-day vulnerability, releases emergency patchesOn March 11, 2025Source: CyberScoopBy Greg OttoCategories: Cybersecurity, Technology, Threats, Apple, iOS, Mac, patching, Safari, zero days Apple released emergency software patches Tuesday that address a newly identified zero-day vulnerabi… Read more |
X suffered a DDoS attack. Its CEO and security researchers can’t agree on who did it.On March 11, 2025Source: CyberScoopBy Matt KapkoCategories: Cybercrime, Cybersecurity, Threats, Check Point, Dark Storm, DDoS, Elon Musk, F5, Twitter, X X’s wave of outages resembled a DDoS attack and Dark Storm Team, a prolific threat group specializin… Read more |
Amid personnel turmoil at cyber agencies, a government shutdown could increase potential harmOn March 11, 2025Source: CyberScoopBy Tim StarksCategories: Government, Policy, Workforce, Armis, budget, CISA, Congress, cyber workforce, Cybersecurity and Infrastructure Security Agency, Cybersecurity and Infrastructure Security Agency (CISA), cybersecurity workforce, Department of Government Efficency, Department of Homeland Security (DHS), government shutdown, Joe Biden, National Security Council, National Security Council (NSC), Trump administration, workforce Shutdowns always hamper government operations, but personnel cuts further exacerbate cyber risks, ex… Read more |
New York sues Allstate and subsidiaries for back-to-back data breachesOn March 11, 2025Source: CyberScoopBy Matt KapkoCategories: Cybersecurity, Government, Policy, Privacy, Technology, data breaches, insurance, New York, New York Attorney General, New York DFS A pair of data breaches in late 2020 and early 2021 exposed driver’s license numbers of almost 200,0… Read more |
Sean Plankey picked by Trump to be CISA directorOn March 11, 2025Source: CyberScoopBy Tim StarksCategories: Cybersecurity, Election Security, Government, Workforce, CISA, Cybersecurity and Infrastructure Security Agency, Cybersecurity and Infrastructure Security Agency (CISA), Karen Evans, Sean Cairncross, Sean Plankey, Senate Homeland Security and Governmental Affairs Committee, Trump administration Plankey’s nomination fills the biggest remaining gap among cyber leaders in the second Trump adminis… Read more |
 Multiple vulnerabilities found in ICONICS industrial SCADA softwareOn March 10, 2025Source: CyberScoopBy djohnsonCategories: Technology, industrial control systems (ICS), Palo Alto Networks, SCADA, vulnerabilities The since-patched vulnerabilities allowed for privilege escalation, DLL hijacking, file modification… Read more |
CISA completed its election security review. It won’t make the results publicOn March 7, 2025Source: CyberScoopBy djohnsonCategories: Cybersecurity, Election Security, Government, CISA, Department of Homeland Security (DHS), disinformation, election security, Trump administration Critics said the decision creates broad uncertainty among other stakeholders who work to protect ele… Read more |
Ransomware poseurs are trying to extort businesses through physical lettersOn March 7, 2025Source: CyberScoopBy Matt KapkoCategories: Cybercrime, Cybersecurity, Healthcare, Ransomware, Threats, cybercrime, extortion, Federal Bureau of Investigation (FBI), ransomware The FBI is warning business leaders about the scam perpetrated by an unidentified threat group. The… Read more |
Krebs On Security
The Hacker News
 Blind Eagle Hacks Colombian Institutions Using NTLM Flaw, RATs and GitHub-Based AttacksOn March 11, 2025Source: The Hacker NewsByThe threat actor known as Blind Eagle has been linked to a series of ongoing campaigns targeting Col… Read more The threat actor known as Blind Eagle has been linked to a series of ongoing campaigns targeting Colombian institutions and government entities since November 2024.
"The monitored campaigns targeted Colombian judicial institutions and other government or private organizations, with high infection rates," Check Point said in a new analysis.
"More than 1,600 victims were affected during one of |
 Ballista Botnet Exploits Unpatched TP-Link Vulnerability, Infects Over 6,000 DevicesOn March 11, 2025Source: The Hacker NewsByUnpatched TP-Link Archer routers have become the target of a new botnet campaign dubbed Ballista, ac… Read more Unpatched TP-Link Archer routers have become the target of a new botnet campaign dubbed Ballista, according to new findings from the Cato CTRL team.
"The botnet exploits a remote code execution (RCE) vulnerability in TP-Link Archer routers (CVE-2023-1389) to spread itself automatically over the Internet," security researchers Ofek Vardi and Matan Mittelman said in a technical report shared with |
 Your Risk Scores Are Lying: Adversarial Exposure Validation Exposes Real ThreatsOn March 11, 2025Source: The Hacker NewsByIn cybersecurity, confidence is a double-edged sword. Organizations often operate under a false sens… Read more In cybersecurity, confidence is a double-edged sword. Organizations often operate under a false sense of security, believing that patched vulnerabilities, up-to-date tools, polished dashboards, and glowing risk scores guarantee safety. The reality is a bit of a different story. In the real world, checking the right boxes doesn’t equal being secure. As Sun Tzu warned, “Strategy without tactics is |
 Steganography Explained: How XWorm Hides Inside ImagesOn March 11, 2025Source: The Hacker NewsByInside the most innocent-looking image, a breathtaking landscape, or a funny meme, something dangero… Read more Inside the most innocent-looking image, a breathtaking landscape, or a funny meme, something dangerous could be hiding, waiting for its moment to strike.
No strange file names. No antivirus warnings. Just a harmless picture, secretly concealing a payload that can steal data, execute malware, and take over your system without a trace.
This is steganography, a cybercriminal’s secret weapon for |
 SideWinder APT Targets Maritime, Nuclear, and IT Sectors Across Asia, Middle East, and AfricaOn March 11, 2025Source: The Hacker NewsByMaritime and logistics companies in South and Southeast Asia, the Middle East, and Africa have becom… Read more Maritime and logistics companies in South and Southeast Asia, the Middle East, and Africa have become the target of an advanced persistent threat (APT) group dubbed SideWinder.
The attacks, observed by Kaspersky in 2024, spread across Bangladesh, Cambodia, Djibouti, Egypt, the United Arab Emirates, and Vietnam. Other targets of interest include nuclear power plants and nuclear energy |
 Moxa Issues Fix for Critical Authentication Bypass Vulnerability in PT SwitchesOn March 11, 2025Source: The Hacker NewsByTaiwanese company Moxa has released a security update to address a critical security flaw impacting… Read more Taiwanese company Moxa has released a security update to address a critical security flaw impacting its PT switches that could permit an attacker to bypass authentication guarantees.
The vulnerability, tracked as CVE-2024-12297, has been assigned a CVSS v4 score of 9.2 out of a maximum of 10.0.
"Multiple Moxa PT switches are vulnerable to an authentication bypass because of flaws in their |
 CISA Adds Five Actively Exploited Vulnerabilities in Advantive VeraCore and Ivanti EPM to KEV ListOn March 11, 2025Source: The Hacker NewsByThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added five security flaws… Read more The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added five security flaws impacting Advantive VeraCore and Ivanti Endpoint Manager (EPM) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation in the wild.
The list of vulnerabilities is as follows -
CVE-2024-57968 - An unrestricted file upload vulnerability in Advantive VeraCore |
 Researchers Expose New Polymorphic Attack That Clones Browser Extensions to Steal CredentialsOn March 10, 2025Source: The Hacker NewsByCybersecurity researchers have demonstrated a novel technique that allows a malicious web browser ex… Read more Cybersecurity researchers have demonstrated a novel technique that allows a malicious web browser extension to impersonate any installed add-on.
"The polymorphic extensions create a pixel perfect replica of the target's icon, HTML popup, workflows and even temporarily disables the legitimate extension, making it extremely convincing for victims to believe that they are providing credentials to |
 Desert Dexter Targets 900 Victims Using Facebook Ads and Telegram Malware LinksOn March 10, 2025Source: The Hacker NewsByThe Middle East and North Africa have become the target of a new campaign that delivers a modified v… Read more The Middle East and North Africa have become the target of a new campaign that delivers a modified version of a known malware called AsyncRAT since September 2024.
"The campaign, which leverages social media to distribute malware, is tied to the region's current geopolitical climate," Positive Technologies researchers Klimentiy Galkin and Stanislav Pyzhov said in an analysis published last week. |
 Why The Modern Google Workspace Needs Unified SecurityOn March 10, 2025Source: The Hacker NewsByThe Need For Unified Security Google Workspace is where teams collaborate, share ideas, and get work… Read more The Need For Unified Security
Google Workspace is where teams collaborate, share ideas, and get work done. But while it makes work easier, it also creates new security challenges. Cybercriminals are constantly evolving, finding ways to exploit misconfigurations, steal sensitive data, and hijack user accounts. Many organizations try to secure their environment by piecing together different |
How Can We Help?
