- Intellexa and Cytrox are latest spyware firms to face U.S. wrath
July 19, 2023
The Biden administration struck its latest blow against foreign spyware makers on Tuesday, placing two Europe-based companies on its list that restricts U.S. companies’ business dealings with them. Greece-based Intellexa and the Hungarian company Cytrox are now on the Commerce Department’s “Entity List,” alongside related entities in Ireland and Macedonia, respectively. The organizations join Israeli spyware makers ...
- North Carolina: Kannapolis didn’t alert public when cyberattack knocked out police dispatch
July 19, 2023
More than a year ago, a cyberattack knocked out the system used in Kannapolis to dispatch police and firefighters. You wouldn’t know that based on what the city told the public. Read more… Source: Yahoo! News
- Many businesses don’t even know they’ve been hit by a security breach
July 19, 2023
Many businesses don’t know if they have suffered a data breach, and probably wouldn’t be able to spot such an event at all, due to the ever-expanding threat landscape, and notification fatigue among IT staff, new research has claimed. A report from cybersecurity experts Vectra AI surveying more than 2,000 IT security analysts found that nearly ...
- Escalating Privileges via Third-Party Windows Installers
July 19, 2023
Picture this: you’ve finally made it past the perimeter of a highly secured organization. You’re feeling pretty pleased with yourself, until you realize you only have Active Directory privileges of a newly hired intern and the thrill trickles away. However, with some crafty tricks and a bit of luck, you just might be able to ...
- Estee Lauder says hacker obtained some data from its systems
July 19, 2023
Beauty products maker Estee Lauder said on Tuesday that a hacker had obtained some data from its systems, and the incident was expected to cause disruption to parts of the company’s operations. The firm said it is working to understand the nature and scope of that data that was stolen. Estee Lauder added that it had ...
- FIN8 Uses Revamped Sardonic Backdoor to Deliver Noberus Ransomware
July 18, 2023
Symantec’s Threat Hunter Team, a part of Broadcom, recently observed the Syssphinx (aka FIN8) cyber-crime group deploying a variant of the Sardonic backdoor to deliver the Noberus ransomware. While analysis of the backdoor revealed it to be part of the Sardonic framework previously used by the group, and analyzed in a 2021 report from Bitdefender, it ...
- How Hackers Could Attack Electric Vehicle Chargers
July 18, 2023
With his electric Kia EV6 running low on power, Sky Malcolm pulled into a bank of fast-chargers near Terre Haute, Indiana, to plug in. As his car powered up, he peeked at nearby chargers. One in particular stood out. Instead of the businesslike welcome screen displayed on the other Electrify America units, this one featured a ...
- FCC Chairwoman Rosenworcel Announces Cybersecurity Labeling Program for Smart Devices
July 18, 2023
WASHINGTON, July 18, 2023—Federal Communications Commission Chairwoman Jessica Rosenworcel debuted a proposal with her fellow Commissioners to create a voluntary cybersecurity labeling program that would provide consumers with clear information about the security of their Internet-enabled devices, commonly called “Internet of Things” or “smart” devices. The proposed program—where qualifying products would bear a new U.S Cyber ...
- CISA Releases Seven Industrial Control Systems Advisories
July 18, 2023
CISA released seven Industrial Control Systems (ICS) advisories on July 18, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-199-01 Rockwell Automation Kinetix 5700 DC Bus Power Supply Series A ICSA-23-199-02 Keysight N6845A Geolocation Server ICSA-23-199-03 Iagona ScrutisWeb Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency
- Fortescue Hit by Cyber Attack That Saw Network Data Disclosed
July 18, 2023
Fortescue Metals Group Ltd. said it had been subject to a cyber attack that resulted in “the disclosure of a small portion of data from our networks.” The world’s fourth-largest iron ore exporter described the attack as “a low impact cyber incident” that occurred on May 28. The information disclosed “was not confidential in nature,” the ...