Latest Cybersecurity News-Articles

Colombian real estate firm exposes personal records of over 100K customers.

Views expressed in this cybersecurity, cybercrime, and intelligence update are those of the reporters and correspondents.

Accessed on 23 September 2021, 1405 UTC.

Content supplied by “Cyware.com.”

Source:

https://cyware.com/cyber-security-news-articles

Please click link or scroll down to read your selections.

Filter Alerts by

Latest Cybersecurity News And Articles

Colombian Real Estate Firm Exposes Personal Records of Over 100,000 Customers

More than one terabyte of data containing 5.5 million files has been left exposed, leaking personal information of over 100,000 customers of a Colombian real estate firm, according to WizCase.

Apple will disable insecure TLS in future iOS, macOS releases

Apple has deprecated the insecure Transport Layer Security (TLS) 1.0 and 1.1 protocols in recently launched iOS and macOS versions and plans to remove support in future releases altogether.

September 23, 2021

Crystal Valley Cooperative Becomes Latest Agriculture Business Hit with Ransomware Attack

The company released a statement on its website Tuesday afternoon, but the website is currently down as of Wednesday. The firm confirmed that it had been hit with a ransomware attack on September 19.

Ransomware attack levels soaring, now accounting for 69% of all attacks involving malware

The research by Positive Technologies also reveals that the volume of attacks on governmental institutions, in particular, soared from 12% in the first quarter of 2021 to 20% in the second quarter.

US Real Estate Firm Marcus & Millichap Suffers Potential Attack by BlackMatter Ransomware

US real estate investment firm Marcus & Millichap suffered a recent cyberattack that may have been the work of the BlackMatter ransomware gang, according to a malware sample found on Hatching Triage.

Biden administration issuing new security guidance to companies aimed at blunting cyberattacks

The Biden administration is issuing new security guidance to critical infrastructure firms in an attempt to blunt the impact of ransomware and other hacks, following a series of attacks on US companies.

CISA Warns of Conti Ransomware Activity, Highlights More Than 400 Incidents Against U.S. Organizations

CISA sent out an advisory on Wednesday centered around the Conti ransomware, providing detailed information for the cybersecurity community about the ransomware group and its affiliates.

September 23, 2021

LG acquires Israeli automotive cybersecurity startup Cybellum

LG signed a deal with the startup to acquire 63.9% of its shares. LG will also acquire additional shares of Cybellum by the year’s end, with the amount to be finalized then.

Google, Microsoft and Oracle generated most vulnerabilities in 2021

In H1 2021, Google holds the top slot with over 547 vulnerabilities, Microsoft was second with 432 unwanted exposure instances and Oracle is on number three with 316 vulnerabilities.

September 23, 2021

How REvil May Have Ripped Off Its Own Affiliates

Malware specialists have found evidence of how REvil ransomware’s leadership may have hijacked chats with victims of their own affiliates to cut them out of their ransomware payouts.

Users increasingly willing to abandon digital platforms that demand personal info, stringent passwords and time-consuming forms: study

A survey found that 77% of respondents have already abandoned or stopped creating an online account due to demands for too much personal information (40%) and too many security steps (29%).

MSHTML attack targets Russian state rocket centre and interior ministry

Malwarebytes has reason to believe that the MSHTML vulnerability listed under CVE-2021-40444 is being used to target Russian entities through malicious email attachments.

Phishing as a Ransomware Precursor

As ransomware continues to be delivered based on decisions and actions taken by human attackers, it becomes increasingly important to look upstream at the chain of events that lead to that decision.

RaidForums data marketplace accidentally exposes private staff page

On RaidForums, the “Staff General” section is typically restricted to internal staff members only, but in an ironic twist of fate, the private section was accidentally left open for viewing by anyone.

Data breach at Texas behavioral health center affects more than 24,000

A data breach at Texas behavioral health provider Texoma Community Center affected more than 24,000 people and highlights how timelines for breach notification may lag behind security events.

Malicious PowerPoint Documents Used to Distribute AgentTesla RAT

McAfee Labs have observed a new phishing campaign that utilizes macro capabilities available in Microsoft PowerPoint. In this campaign, the spam email comes with a PowerPoint file as an attachment.

September 22, 2021

The Record by Recorded Future

The Deputy Minister of National Defense said that the phones were selected because they had been previously identified “by the international community as posing certain cyber security risks.”

Operation Layover by Nigerian Threat Actor Targets Aviation Sector

Operation Layover by Nigerian Threat Actor Targets Aviation Sector - Cybersecurity news
Cisco Talos uncovered a three-year-long espionage campaign, dubbed Operation Layover, aimed at the airline industry. Cybercriminals are spreading AsyncRAT and njRAT via malicious documents. In the ongoing campaign, attackers can change their crypter/attack vector and continue stealing from victims … Read More

Hacking Incidents Lead to 2 Big Eye Care Provider Breaches

New Jersey-based USV Optical Inc. – a subsidiary of U.S.Vision on Sept. 3 reported to HHS’ Office for Civil Rights a hacking IT incident involving a network server and affecting 180,000 individuals.

September 22, 2021

Cring ransomware group exploits ancient ColdFusion server

In an attack recently investigated by Sophos, an unknown threat actor exploited an ancient-in-internet-years vulnerability in an 11-year-old installation of Adobe ColdFusion 9 to infect the server.

Osano, a data privacy platform, raises $11M

Osano, a data privacy platform that helps websites become compliant with international regulations, today announced that it closed an $11 million funding round led by Jump Capital.

New Nagios Software Bugs Could Let Hackers Take Over IT Infrastructures

As many as 11 security vulnerabilities have been disclosed in Nagios network management systems, some of which could be chained to achieve pre-authenticated remote code execution.

Ransomware Gangs Attack Missouri Delta Medical Center and Barlow Respiratory Hospital

Barlow Respiratory Hospital said while the attack affected several IT systems, the hospital was able to continue to operate under its emergency procedures and patient care was not interrupted.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s