BleepingComputer.com

"Cisco warns of password-spraying attacks targeting VPN services."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents. Accessed on 28 March 2024, 1658 UTC.

Content and Source: https://www.bleepingcomputer.com/BleepingComputer.com.

Please scroll down to read your selections. Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

LATEST ARTICLES

SECURITY

Cisco warns of password-spraying attacks targeting VPN services

Cisco has shared a set of recommendations for customers to mitigate password-spraying attacks that have been targeting Remote Access VPN (RAVPN) services configured on Cisco Secure Firewall devices.
BILL TOULAS

MARCH 28, 2024

12:37 PM

0

SECURITY
SPONSORED CONTENT

How Pentesting-as-a-Service can Reduce Overall Security Costs

Penetration testing plays a critical role in finding application vulnerabilities before they can be exploited. Learn more from Outpost24 on the costs of Penetration-Testing-as-a-Service vs classic pentest offerings.
SPONSORED BY OUTPOST24

MARCH 28, 2024

10:01 AM

0

DEALS

Diagram better — Microsoft Visio Pro 2021 is $25 through April 2nd

Through April 2nd at 11:59 PM PT only, you can get Microsoft Visio Professional 2021 for Windows on sale for just $24.97 (reg. $249) as a part of a limited-time price drop.
BLEEPINGCOMPUTER DEALS

MARCH 28, 2024

07:11 AM

0

SECURITY

New Darcula phishing service targets iPhone users via iMessage

A new phishing-as-a-service (PhaaS) named 'Darcula' uses 20,000 domains to spoof brands and steal credentials from Android and iPhone users in more than 100 countries.
BILL TOULAS

MARCH 27, 2024

06:12 PM

0

MICROSOFT

Windows 11 22H2 Home and Pro get preview updates until June 26

Microsoft reminded customers today that the Windows 11 22H2 Home and Pro editions will continue to receive non-security preview updates until June 26.
SERGIU GATLAN

MARCH 27, 2024

04:44 PM

0

SECURITY, GOOGLE

Google fixes Chrome zero-days exploited at Pwn2Own 2024

Google fixed seven security vulnerabilities in the Chrome web browser on Tuesday, including two zero-days exploited during the Pwn2Own Vancouver 2024 hacking competition.
SERGIU GATLAN

MARCH 27, 2024

02:44 PM

0

DEALS

Price drop: Get an security and IT education for just $39.97

Order by 4/2 to get lifetime on-demand access to all 11 courses in this bundle for just $39.97, saving $332 on the original price.
BLEEPINGCOMPUTER DEALS

MARCH 27, 2024

02:11 PM

0

SECURITY, HEALTHCARE

INC Ransom threatens to leak 3TB of NHS Scotland stolen data

The INC Ransom extortion gang is threatening to publish three terabytes of data allegedly stolen after breaching the National Health Service (NHS) of Scotland.
BILL TOULAS

MARCH 27, 2024

01:59 PM

0

SECURITY, MICROSOFT

CISA tags Microsoft SharePoint RCE bug as actively exploited

CISA warns that attackers are now exploiting a Microsoft SharePoint code injection vulnerability that can be chained with a critical privilege escalation flaw for pre-auth remote code execution attacks.
SERGIU GATLAN

MARCH 27, 2024

12:24 PM

0

CRYPTOCURRENCY, LEGAL

KuCoin charged with AML violations that let cybercriminals launder billions

The U.S. Department of Justice (DoJ) has charged global cryptocurrency exchange KuCoin and two of its founders for failing to adhere to anti-money laundering (AML) requirements, allowing threat actors to use the platform to launder money.
BILL TOULAS

MARCH 27, 2024

10:08 AM

2

SECURITY
SPONSORED CONTENT

Ransomware as a Service and the Strange Economics of the Dark Web

Ransomware is quickly changing in 2024, with massive disruptions and large gangs shutting down. Learn from Flare how affiliate competition is changing in 2024, and what might come next.
SPONSORED BY FLARE

MARCH 27, 2024

10:02 AM

1

SECURITY, GOOGLE

Google: Spyware vendors behind 50% of zero-days exploited in 2023

Google's Threat Analysis Group (TAG) and Google subsidiary Mandiant said they've observed a significant increase in the number of zero-day vulnerabilities exploited in attacks in 2023, many of them linked to spyware vendors and their clients.
SERGIU GATLAN

MARCH 27, 2024

09:00 AM

1

DEALS

Speak, read, and write in a new language with $460 off Babbel

Learning a new language broadens your mind and opens up new opportunities. A Babbel lifetime subscription gets you started on a new way to speak for $139.97, $460 off the $599 MSRP, a price only available through April 2 11:59pm PST.
BLEEPINGCOMPUTER DEALS

MARCH 27, 2024

07:19 AM

0

MICROSOFT

Windows 11 KB5035942 update enables Moment 5 features for everyone

Microsoft has released the March 2024 non-security KB5035942 preview update for Windows 11 23H2, which enables Moment 5 features by default and fixes 18 known issues.
SERGIU GATLAN

MARCH 26, 2024

06:28 PM

0

MICROSOFT

Windows 10 KB5035941 update released with lock screen widgets

Microsoft has released the optional KB5035941 preview cumulative update for Windows 10 22H2, introducing widgets on the lock screen, Windows Spotlight on the desktop, and 21 other fixes or changes.
LAWRENCE ABRAMS

MARCH 26, 2024

06:19 PM

2

SECURITY

Finland confirms APT31 hackers behind 2021 parliament breach

The Finnish Police confirmed on Tuesday that the APT31 hacking group linked to the Chinese Ministry of State Security (MSS) was behind a breach of the country's parliament disclosed in March 2021.
SERGIU GATLAN

MARCH 26, 2024

05:23 PM

0

SECURITY, HARDWARE

$700 cybercrime software turns Raspberry Pi into an evasive fraud tool

Cybercriminals are selling custom Raspberry Pi software called 'GEOBOX' on Telegram, which allows inexperienced hackers to convert the mini-computers into anonymous cyberattack tools.
BILL TOULAS

MARCH 26, 2024

04:40 PM

2

SECURITY

Germany warns of 17K vulnerable Microsoft Exchange servers exposed online

The German national cybersecurity authority warned on Tuesday that it found at least 17,000 Microsoft Exchange servers in Germany exposed online and vulnerable to one or more critical security vulnerabilities.
SERGIU GATLAN

MARCH 26, 2024

03:21 PM

4

SECURITY, ARTIFICIAL INTELLIGENCE

Hackers exploit Ray framework flaw to breach servers, hijack resources

A new hacking campaign dubbed "ShadowRay" targets an unpatched vulnerability in Ray, a popular open-source AI framework, to hijack computing power and leak sensitive data from thousands of companies.
BILL TOULAS

MARCH 26, 2024

02:51 PM

0

DEALS

Train to become a project manager with $155 off this training bundle

Project management is about discipline, on the individual and team level. These five project management training and exam prep courses help you marshal that discipline for $39.99, $155 off the $195 MSRP.
BLEEPINGCOMPUTER DEALS

MARCH 26, 2024

02:06 PM

0
1

2

3

4

5

VIEW MORE

SecurityWeek Briefing

"New RAMBO attack allows air-gapped data theft." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents. Accessed on 10 September 2024, 0035 UTC. Content and Source: https://www.securityweek.com Please check link or scroll down to read your selections. Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). Monday, September 9 , 2024 Are you worried about unmanaged devices and apps? LATEST CYBERSECURITY HEADLINES New RAMBO Attack Allows Air-Gapped Data Theft Predator Spyware Resurfaces With Fresh Infrastructure Google Pushes Rust in Legacy Firmware to Tackle Memory Safety Flaws 300,000 Impacted by Data Breach at Car Rental Firm Avis One Million US Kaspersky Customers Transferred to Pango’s UltraAV Two Indicted in US for Running Dark Web Marketplaces Offering Stolen Information Critical SonicWall Vulnerability Possibly Exploited in Ransomware Attacks CISA Breaks Silence on Controvers...