National Student Clearinghouse data breach impacts 890 schools – The personally identifiable information (PII) contained in the stolen documents includes names, dates of birth, contact information, Social Security numbers, student ID numbers, and some school-related records (e.g., enrollment records, degree records, and course-level data).
CyberWire Daily – Ep 1914 | 9.26.23 – Crooks phish for guests; spies phish for drone operators. ZenRAT is used in an info-stealing campaign. More MOVEit-related incidents (some involving Cl0p). DeFi platforms hit. The UK hunts forward.
CyberWire Daily – Ep 1916 | 9.28.23 -Buckworm APT’s specialized tools. Cyberattack against Johnson Controls. Oversight panel reports on Section 702. Cyber in election security, and in the US industrial base. Hacktivism versus Russia.
CyberWire Daily – Ep 1917 | 9.29.23 – Malicious ads in a chatbot. A vulnerability gets some clarification. Cl0p switches from Tor to torrents. Influence operations as an adjunct to WMD. And NSA’s new AI Security Center.
New WiKI-Eve attack can steal numerical passwords over WiFi – A new attack dubbed ‘WiKI-Eve’ can intercept the cleartext transmissions of smartphones connected to modern WiFi routers and deduce individual numeric keystrokes at an accuracy rate of up to 90%, allowing numerical passwords to be stolen.
CISA offers free security scans for public water utilities – The U.S. Cybersecurity & Infrastructure Security Agency (CISA) has announced it is offering free security scans for critical infrastructure facilities, such as water utilities, to help protect these crucial units from hacker attacks.
IBM Whitepaper: Cost of a Data Breach 2023 – IBM’s 2023 installment of their annual “Cost of a Breach” report has brought up some interesting trends such as the average cost of a breach rose once again to $4.45 million, increasing 15% over the last three years. It also has an industry-specific focus and breakdown of breaches.
W3LL Store: How a Secret Phishing Syndicate Targets 8,000+ Microsoft 365 Accounts – “The threat actor created a hidden underground market, named W3LL Store, that served a closed community of at least 500 threat actors who could purchase a custom phishing kit called W3LL Panel, designed to bypass MFA, as well as 16 other fully customized tools for business email compromise (BEC) attacks,” Group-IB said in a report shared with The Hacker News.
Little behind this week. It’s been busy. Still plugging away at learning all I can though.
(ICS)2 – The Impact of Artificial Intelligence on the Cybersecurity Industry – 8/30/23 – The impact of artificial intelligence (AI) on the cybersecurity industry is among the hottest topics discussed and debated amongst security professionals. From a positive perspective, AI has infused a myriad of threat detection and prevention platforms with newfound methods for uncovering sophisticated threats. It has also helped short-staffed security teams automate complex processes, such as incident validation and response. But AI also comes at a price. Join Steve Piper, Founder & CEO of CyberEdge (and proud CISSP), as he addresses the good, the bad, and the ugly outcomes of artificial intelligence.
US govt email servers hacked in Barracuda zero-day attacks – Suspected Chinese hackers disproportionately targeted and breached government and government-linked organizations worldwide in recent attacks targeting a Barracuda Email Security Gateway (ESG) zero-day, with a focus on entities across the Americas.
Last week was vacation, but I’m back and as before devoted to learning as much about cybersecurity as possible.
PCI DSS v4.0 – Navigating the Seven Cs – Verizon – Sam Junkin, Matt Arntsen, Ciske van Oosten & Peggy Nolan – Join us for the third installment of our webinar series, as we help companies act with confidence in light of significant updates to the flagship Payment Card Industry Data Security Standard (PCI DSS v4.0). Earlier in the series, we discussed the impact of PCI DSS v4.0, how to interpret key components and how to develop a plan to meet complex requirements. Now, we chart our course to conquer the “seven Cs” — the top constraints that most businesses face as they move forward in their transition. One of the most important things businesses must do to be successful is to take action now — and our panel is ready to show you how.
What’s New in the NIST Cybersecurity Framework 2.0 – The new version 2.0 of the popular NIST Cybersecurity Framework has expanded beyond the original framework’s five functions of an effective cybersecurity program — identify, protect, detect, respond, and recover — and added a sixth, govern.
North Korean hackers ‘ScarCruft’ breached Russian missile maker – The North Korean state-sponsored hacking group ScarCruft has been linked to a cyberattack on the IT infrastructure and email server for NPO Mashinostroyeniya, a Russian space rocket designer and intercontinental ballistic missile engineering organization.
Tunnel Vision: CloudflareD AbuseD in the WilD – Cloudflared is functionally very similar to ngrok, an ingress-as-a-service tool that’s been used by TAs for quite some time now. However, Cloudflared differs from ngrok in that it provides a lot more usability for free, including the ability to host TCP connectivity over Cloudflared. Additionally, Cloudflared provides the full suite of Access controls, Gateway configurations, Team Management, and User Analytics.
Darknet Diaries 136: TEAM XECUTER – Team Xecuter was a group involved with making and selling modchips for video game systems. They often made mods that allowed the video game system to rip games or play pirated games. It was a crowd favorite in the modding scene. Until it all fell apart.