The Hacker News Daily Updates.

 "Numbers don't lie:  Exposing the truth of cyberattacks...."

Views expressed in this cybersecurity, cybercrime update are those of the reporters and correspondents.  Accessed on 31 August 2023, 1349 UTC.  Content provided by email subscription to "The Hacker News Daily Updates."

Source: https://mail.google.com/mail/u/0/#inbox/FMfcgzGtwqPTdrRCbfDmwhQwvGXSvKTm ("The Hacker News Daily Updates").

Please click link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

The Hacker News Daily Updates

2023 State of API Security: Global Findings September 27th, 2023 | 9:00am PT/12:00pm ET Download Now Sponsored

LATEST NEWS Aug 31, 2023

Numbers Don't Lie: Exposing the Harsh Truths of Cyberattacks in New Report How often do cyberattacks happen? How frequently do threat actors target businesses and governments around the world? The BlackBerry® Threat Research... ... Read More

Earth Estries' Espionage Campaign Targets Governments and Tech Titans Across Continents A hacking outfit nicknamed Earth Estries has been attributed to a new, ongoing cyber espionage campaign targeting government and technology industri... ... Read More

Scale Cybersecurity for Your Business Take a layered approach to cybersecurity scaling efforts by becoming a CIS SecureSuite Member. Gain access to resources and tools that can be used to implement security best practices such as the CIS Critical Security Controls and the CIS ... Read More

Hackers Can Exploit Windows Container Isolation Framework to Bypass Endpoint Security New findings show that malicious actors could leverage a sneaky malware detection evasion technique and bypass endpoint security solutions by manipula... ... Read More

MMRat Android Trojan Executes Remote Financial Fraud Through Accessibility Feature A previously undocumented Android banking trojan dubbed MMRat has been observed targeting mobile users in Southeast Asia since late June 2023 to rem... ... Read More

China-Linked BadBazaar Android Spyware Targeting Signal and Telegram Users Cybersecurity researchers have discovered malicious Android apps for Signal and Telegram distributed via the Google Play Store and Samsung Galaxy Stor... ... Read More

How to Prevent ChatGPT From Stealing Your Content & Traffic ChatGPT and similar large language models (LLMs) have added further complexity to the ever-growing online threat landscape. Cybercriminals no longer n... ... Read More

Malicious npm Packages Aim to Target Developers for Source Code Theft An unknown threat actor is leveraging malicious npm packages to target developers with an aim to steal source code and configuration files from victim... ... Read More

2023 State of API Security: Global Findings September 27th, 2023 | 9:00am PT/12:00pm ET Download Now Sponsored

The CyberWire Daily Briefing Update

"International Law Enforcement hits Qakbot...."

Views expressed in this cybersecurity, cybercrime update are those of the reporters and correspondents.  Accessed on 31 August 2023, 0557 UTC. Content supplied by "The CyberWire Daily Briefing Update."

Source:  https://thecyberwire.com/newsletters/daily-briefing ("The CyberWire Daily Briefing").

Please click link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

ISSUES

V12 | Issue 166 | 8.30.23

International law enforcement hits Qakbot. Developments in the cybercriminal underworld. Cyberespionage and notes on a hybrid war.

International operation takes down Qakbot. Chinese threat actor anticipated Barracuda remediations. “Prolific” threat actor targets the crypto sector. Criminals are selling a dataset allegedly stolen from China's Ministry of State Security. Adversary-in-the-middle attacks. Making phishbait more effective. New malware exploits OpenFire vulnerability. The emergence of a new ransomware threat. UK air travel disruption was a malfunction, and not an attack. Narrative themes in Russian influence operations.

V12 | Issue 165 | 8.29.23

Trending risks: name collision, leaked ransomware source code, and quishing. DDoS and sabotage in Russia's hybrid war.

Name collision as a DNS risk. LockBit derivative active against targets in Spain. QR codes as phishbait. Healthcare cybersecurity trends. Russian hacktivist auxiliary hits Polish organizations. Investigation of railroad incidents in Poland continues.

V12 | Issue 164 | 8.28.23

Lazarus Group update. SIM swapping hits claims agent. Destructive ransomware. LockBit builder in the C2C market. Hacks and influence laundering in the hybrid war.

DPRK's Lazarus Group exploits ManageEngine issues. Data breach at Kroll traced to SIM swapping. Ransomware hits CloudNordic (it's unusually destructive). Spawn of LockBit. Polish trains disrupted by hacktivists. Influence laundering as a long-term disinformation tactic.

V12 | Issue 163 | 8.25.23

Commodified spearphishing. Developments in cyberespionage. A ransomware gang keeps a low profile. A new hacktivist group emerges.

Telekopye and the rise of commodified phishing kits. Lazarus Group fields new malware. Implications of China's campaign against vulnerable Barracuda appliances. Abhubllka ransomware's targeting and low extortion demands. A new hacktivist group emerges, and takes a particular interest in NATO members.

V12 | Issue 162 | 8.24.23

Developments in cybercrime cases. Threat trends. Notes from the hybrid war against Ukraine.

Developments in two criminal cases. New sophistication in BEC campaigns. Supply chain attacks trending. Trends in brand impersonation. Synthetic identity fraud grows. The future of Russian influence operations in the post-Prigozhin era. More on the doxing of a deputy Duma chair. Russian hacktivist auxiliaries make a major contribution to DDoS threat.

Load More

The CyberWire Daily Briefing.

Trending issues in name collision, leaked ransomware source code, and Russian hacktivist activity.

Views expressed in this cybersecurity, cybercrime update are those of the reporters and correspondents.  Accessed on 30 August 2023, 1440 UTC.  Content provided by "The CyberWire Daily Briefing."

Source:  https://thecyberwire.com/newsletters/daily-briefing ("The CyberWire Daily Briefing").

Please click link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

ISSUES

V12 | Issue 165 | 8.29.23

Trending risks: name collision, leaked ransomware source code, and quishing. DDoS and sabotage in Russia's hybrid war.

Name collision as a DNS risk. LockBit derivative active against targets in Spain. QR codes as phishbait. Healthcare cybersecurity trends. Russian hacktivist auxiliary hits Polish organizations. Investigation of railroad incidents in Poland continues.

V12 | Issue 164 | 8.28.23

Lazarus Group update. SIM swapping hits claims agent. Destructive ransomware. LockBit builder in the C2C market. Hacks and influence laundering in the hybrid war.

DPRK's Lazarus Group exploits ManageEngine issues. Data breach at Kroll traced to SIM swapping. Ransomware hits CloudNordic (it's unusually destructive). Spawn of LockBit. Polish trains disrupted by hacktivists. Influence laundering as a long-term disinformation tactic.

V12 | Issue 163 | 8.25.23

Commodified spearphishing. Developments in cyberespionage. A ransomware gang keeps a low profile. A new hacktivist group emerges.

Telekopye and the rise of commodified phishing kits. Lazarus Group fields new malware. Implications of China's campaign against vulnerable Barracuda appliances. Abhubllka ransomware's targeting and low extortion demands. A new hacktivist group emerges, and takes a particular interest in NATO members.

V12 | Issue 162 | 8.24.23

Developments in cybercrime cases. Threat trends. Notes from the hybrid war against Ukraine.

Developments in two criminal cases. New sophistication in BEC campaigns. Supply chain attacks trending. Trends in brand impersonation. Synthetic identity fraud grows. The future of Russian influence operations in the post-Prigozhin era. More on the doxing of a deputy Duma chair. Russian hacktivist auxiliaries make a major contribution to DDoS threat.

V12 | Issue 161 | 8.23.23

Speed of criminal attack, malware delivery, and the evolution of malicious AI.

Ransomware gets faster. Recent trends in malware delivery. How AI has evolved in malicious directions. A novel extortion threat. A ransomware attack shutters Belgian social service offices. FSB continues to use both USBs and phishing emails as attack vectors. Deadline for comment on US cybersecurity regulations extended to October 31st.

Load More

SecurityWeek Briefing.

"Open AI turns to Security to sell ChatGPT Enterprise."

Views expressed in this cybersecurity, cybercrime update are those of the reporters and correspondents.  Accessed on 30 August 2023, 0320 UTC.  Content provided by email subscription to "SecurityWeek Briefing."

Source:  https://mail.google.com/mail/u/0/?tab=rm&ogbl#inbox/FMfcgzGtwqMDCllbVMTjxtkWQVNtVVSC ("SecurityWeek Briefing").

Please click link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

SecurityWeek News Briefing | Tuesday, August 29, 2023 OpenAI Turns to Security to Sell ChatGPT Enterprise The Reality of Cyberinsurance in 2023 Did Microsoft Just Upend the Enterprise Browser Market? VMware Patches Major Security Flaws in Network Monitoring Product Chinese APT Was Prepared for Remediation Efforts in Barracuda ESG Zero-Day Attack New ‘MMRat’ Android Trojan Allows Attackers to Control Devices Remotely Meta Fights Sprawling Chinese ‘Spamouflage’ Operation Personal, Health Information of 1.2 Million Stolen in PurFoods Ransomware Attack UN Warns Hundreds of Thousands in Southeast Asia Roped Into Online Scams Security Team Huddle: Using the Full NIST Cybersecurity Framework for the Win Two Men Arrested Following Railway Hacking Acquisition Chatter Swirls Around SentinelOne, BlackBerry Upcoming Webinar Scaling Software Supply Chain Security: Driving Actionable SBOM Management with the OpenSSF S2C2F OSS Specification Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain. Thursday, September 7, 2023 Register SecurityWeek Expert Insights The End of “Groundhog Day” for the Security in the Boardroom Discussion - As the SEC cyber incident disclosure rules come into effect, organizations will be forced to seriously consider giving security leaders a seat at the table. (Marc Solomon) Email – The System Running Since 71’ - Working remotely is here to stay and businesses should continue to make sure their basic forms of communication are properly configured and secured. (Matt Honea) Managing and Securing Distributed Cloud Environments - The complexity and challenge of distributed cloud environments often necessitate managing multiple infrastructure, technology, and security stacks, multiple policy engines, multiple sets of controls, and multiple asset inventories. (Joshua Goldfarb) Automated Security Control Assessment: When Self-Awareness Matters - Automated Security Control Assessment enhances security posture by verifying proper, consistent configurations of security controls, rather than merely confirming their existence. (Torsten George) If You Missed It... 10 Million Likely Impacted by Data Breach at French Unemployment Agency Signs of Malware Attack Targeting Rust Developers Found on Crates.io 3 Malware Loaders Detected in 80% of Attacks: Security Firm Leaseweb Reports Cloud Disruptions Due to Cyberattack  Cryptocurrency Firms Suffer Data Breach After Kroll SIM Swapping Attack Ohio History Organization Says Personal Information Stolen in Ransomware Attack North Korean APT Hacks Internet Infrastructure Provider Europe is Cracking Down on Big Tech. This Is What Will Change When You Sign On Google Workspace Introduces New AI-Powered Security Controls In Other News: Africa Cybercrime Crackdown, Unpatched macOS Flaw, Investor Disclosures - Weekly cybersecurity news roundup that provides a summary of noteworthy stories that might have slipped under the radar for the week of August 21, 2023. RSS Feed | Webcasts | Virtual Events © 2023 Wired Business Media

SecurityWeek | 470 Atlantic Ave, 4th Floor, Boston, MA 02210 Unsubscribe kh6jrm@gmail.com Update Profile | Our Privacy Policy | Constant Contact Data Notice Sent by news@securityweek.com