Cisco DevHub Breach, Impersonated IT Threats, Election Mail Security – Cybersecurity News [October 21, 2024]
by DuoCircle
This has been an exciting week in the cyber world, we present a scoop of recent cybersecurity highlights testing the robustness of the existential security landscape. The news coverage ranges from a data breach at Cisco affecting major services, unintentionally hiring practices of fraudulent employees leading to extortion, recent CISA and USPIS release of election mail security resources, the health sector facing a lawsuit for a major data breach, and finally, the comeback of Bumblebee and Latrodectus malware families. Let’s explore these pressing issues in detail below.
We’re back to provide you with the latest cybersecurity news of the week to keep you informed and help secure against evolving threats. This week, we dive into the critical Veeam vulnerability being exploited to spread ransomware, GitHub patching critical flaws in its enterprise servers, the FBI’s use of a fake cryptocurrency to expose manipulation in the crypto market, CISA’s warning on unencrypted cookies in F5 BIG-IP systems, and the alarming number of unpatched Fortinet instances vulnerable to a known flaw. Let’s read the authentic details stated in the news pieces discussed below.
Iranian Cyber Threats, October Patch Updates, China Infiltrates Wiretap – Cybersecurity News [September 30, 2024]
by DuoCircle
We’re back to provide you with the latest cybersecurity news of the week. This week, we dive into a joint warning from CISA and the FBI about Iranian-backed cyber activity aimed at undermining US democratic institutions. Microsoft’s Patch Tuesday for October 2024 addresses a range of critical vulnerabilities. We’ll also discuss the alarming report that China has infiltrated police wiretap systems, Sellafield’s hefty fine for cybersecurity breaches, and how gamers are tricked into downloading Lua-based malware through fake cheating script engines. Let’s explore each of these developments in detail.
We’re back to provide you with the latest cybersecurity news of the week, designed to keep you informed and secure against evolving threats. This week, we delve into Microsoft’s identification of Storm-0501 as a critical player in hybrid cloud ransomware attacks, a new HTML smuggling campaign distributing DCRat malware to Russian-speaking users, CISA’s release of a new toolkit for K-12 schools to address anonymous threats, a recently patched but less severe vulnerability in CUPS, and NIST’s revisions to identity and password guidelines. Furthermore, let us now go through the details of each story.
We’re back with the latest cybersecurity updates to inform you about recent threats and help you stay protected. This week, we’ll dive into how hackers are exploiting Versa Director through a critical vulnerability, the supply chain attack linked to Hezbollah device explosions, a zero-click vulnerability in MediaTek Wi-Fi chipsets, Transport for London’s (TfL) data breach affecting 5,000 customers, and the latest campaign by the North Korean-linked group Gleaming Pisces using poisoned Python packages to deliver backdoors. Let’s explore the news descriptions provided below!
Did you know how cyberspace unfolded this week? Here we are to inform you about this week’s most talked-about news and updates, curated and designed for you. We have covered topics around cybersecurity attacks, advisories, and other security-related updates. Some of these topics are related to leveraging cloud solutions in creating and maintaining access control, the FOCAL plan of CISA to safeguard an organization’s security posture, Chrome users being targeted to reveal account credentials, CISA’s addition of two new CVEs to the list, Fake and fraudulent live streaming websites exposed, and many more.
We are excited to announce that DuoCircle has acquired Maysoft’s SpamSentinel and Verisend products, a trusted name in email security for over twenty years. This partnership represents a new chapter for Maysoft’s customers, bringing an exciting upgrade in email protection and access to DuoCircle’s world-class customer support and services.
At DuoCircle, we have built a strong reputation for helping businesses stay secure with advanced email filtering and phishing protection. By welcoming Maysoft’s customers into the DuoCircle family, we are thrilled to provide the same level of care, combined with enhanced security features, ensuring your continued email protection is stronger than ever.
What This Means for Maysoft Customers
24/7 Technical Support: Maysoft customers will now benefit from DuoCircle’s renowned 24/7 technical support. Our team is available at any time to help with any questions or concerns, providing you with uninterrupted service and peace of mind.
Enhanced Phishing Protection and Email Filtering: As part of DuoCircle’s platform, Maysoft customers will enjoy upgraded email filtering and advanced phishing protection. This upgrade will bolster your defenses against email threats like phishing, spam, and malware.
Seamless Migration to Cloud Services: Maysoft’s on-premise customers will have the opportunity to transition to DuoCircle’s secure, cloud-based infrastructure. Our goal is to ensure that this migration is smooth, providing enhanced long-term security with minimal disruption.
A Partnership Built on Trust and Proven Solutions
Maysoft has been diligently testing DuoCircle’s platform over the last six months to ensure that this transition is seamless and beneficial for all customers. The result is a solid partnership that blends Maysoft’s trusted service with DuoCircle’s robust technology, offering you even greater protection and reliability.
We are committed to upholding the values and trust that Maysoft has established with you over the years, while also delivering the added benefits of DuoCircle’s enhanced security platform. We look forward to serving you as part of the DuoCircle family, with even stronger email security and support.
Stay tuned for more updates, and welcome to DuoCircle!
Mustang Panda Exploits, White House Roadmap, Scaling Compliance Reciprocity- Cybersecurity News [September 09, 2024]
by Duocircle
Let’s talk bout this week’s most talked-about cybersecurity news and updates, crafted to keep you updated on recent happenings. We have covered topics around cybersecurity attacks, advisories, and other relevant updates. These topics consist of the Chinese APT groups leading espionage campaigns, an initiative taken by White House to safeguard internet routing security, a suggestion to streamline compliance across global industries, Apple’s latest launches and AI-driven updates, and last but not least, Google Maps’s new feature to blur your home images online.
OTP Theft Guilty, Social Media Exploits, APT29 Targets Mobile – Cybersecurity News [September 02, 2024]
by Duocircle
We’re back to provide you with the latest cybersecurity news of the week, designed to keep you informed and secure against evolving threats. This week, we highlight the final verdict of an OTP theft case relating to 1-Time Passcode, a loophole in the financial system aided via social media platforms, Android and iOS users attacked by Russian hackers, a more personalized approach towards social engineering techniques, the role of CISOs in curating business strategies and finally the concerns associated with encryption policies amidst Telegram founder’s indictment.
We’re back with the latest cybersecurity scoop of the week that will keep you privy to the latest attacks and help you stay safe. This week, we’ll take a look at how hackers are leveraging the WPS office to spread malware, the withdrawal of Notion from Russia, how Uber was fined $325 million for illegal data transfers, the Tickler malware attacking US government systems, and the FBI’s report on RansomHub ransomware’s 210 victims and the tactics used. Let’s take a look!
Public Data Breach, Ransomware Disables Security, Hacker Fakes Death –Cybersecurity News [August 19, 2024]
by Duocircle
We’re back with the latest cybersecurity scoop of the week where we’ll take a look at the data breach that occurred at National Public Data, the new malware that disables security software, how a man was sentenced for hacking into the stage registry to fake his death, the $14 million holograph crypto hackers’ arrest, and the charges against Karakurt extortion gang’s member. Stay tuned for more!
Here we are with cybersecurity latest with our news bulletin. This week, we’ll share all the info on the Windows SmartScreen flaw, the arrest of the Reveton ransomware cartel’s operator, the sentencing of a Russian cybercriminal who stole 300,000 login credentials, the details of the 3AM ransomware breach of Kootenai Health patient data, and fake alerts on X being used as clickbait. Let’s take a look!
This week’s latest scoop in cybersecurity will take you to the TryCloudflare exploitation for deploying RATs, the new FBI warning about scammers impersonating crypto exchanges, the MS Azure outage details, new features on Google Chrome against infostealers, and the security gap in Whatsapp for Windows that allows threat actors to run malicious scripts without alerts. Stay tuned to learn more about these and how to stay safe!
This week’s cybersecurity updates include the latest Google Chrome malicious file alerts, the story of KnowBe4 hiring a North Korean Hacker, the 400 cyberattacks on the Greece Land Registry, US Sanctions on Russian Hackers targeting critical infrastructure, and threat actors taking advantage of fake CrowdStrike updates. Stay tuned!
Here’s an inside look at the latest cybersecurity news covering the 15 million emails stolen from Trello, Kaspersky’s exit from the U.S., what Revolver Rabbit is doing with 500,000 domains, the AT&T Data Breach, and info-stealer malware being distributed via Facebook ad campaigns. Let’s take a look!
Chinese Hackers Hijack Routers, US Stops Botfarm, Google Adds Passkeys – Cybersecurity News [July 08, 2024]
by DuoCircle
Here we are back again with cybersecurity’s latest covering the news that shook the world this week. We’ll take a look at Chinese hackers taking over SOHO routers for attacks, how the US DoJ shut down Russian bot accounts on X, the new passkeys for Google account protection, the Fujitsu data breach, and the compromise of personal and healthcare information of the City of Philadelphia. Stay tuned!
Welcome back to our weekly bulletin, where we bring you the latest cybersecurity information so you can stay safe against the latest attacks and malicious campaigns. We’ll share details about the new Brain Cipher ransomware, how info stealers could track users linked to child abuse sites, the corporate attack on Team Viewer, the story of a scorned employee stealing patient healthcare data, and the latest crypto drainer phishing attack on Ethereum. Stay tuned!
LockBit Bank Data Deception, Snowblind Evades Detection, FBI Warns Crypto Scams – Cybersecurity News [June 24, 2024]
by DuoCircle
This week’s cybersecurity bulletin is packed with news that’s making headlines around the world! We’ve got reports on a failed scare tactic by the LockBit ransomware gang, a new and sneaky Android malware called Snowblind, the FBI warning about fake law firms targeting crypto scam victims, a supply chain attack that backdoored WordPress plugins, and Chinese cyberspies using ransomware as a diversion. Read more below!
Don’t miss out on the latest cybersecurity scoop of the week! We’ll be covering the $3 million stolen from Kraken, the cyberattack that has affected thousands of US car dealerships, the AMD data leakage, fake Chrome errors installing malware on devices, and the cyberattack on the Toronto District School Board.