Cyber Security News

June 20, 2023

Historically, nuclear facilities have focused on securing their nuclear material against malevolent attacks by putting in place physical protection measures such as guns, guards and gates. These measures are still used to successfully build fortresses around nuclear facilities, preventing theft of nuclear or other radioactive material, sabotage or unauthorized access to control systems. However, in recent ...

June 20, 2023

CISA released two Industrial Control Systems (ICS) advisories on June 20, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-171-01 Enphase Envoy Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency  

June 19, 2023

Hackers are threatening to release confidential data stolen from Reddit unless the company pays a ransom demand – and reverses its controversial API price hikes. In a post on its dark web leak site, the BlackCat ransomware gang, also known as ALPHV, claims to have stolen 80 gigabytes of compressed data from Reddit during a February ...

June 19, 2023

Microsoft has confirmed that outages to its Azure and Outlook services were caused by DDoS attacks, which the company puts down to the threat actor that it tracks as Storm-1359. This follows the tech giant’s new nomenclature for threats, whereby Storm denotes a group that is in development. Otherwise known as Anonymous Sudan, it is said ...

June 19, 2023

Polish authorities took down a DDoS-for-hire service that’s been around for a decade following an investigation with support of the FBI, Europol and law enforcement agencies from Germany, Belgium and the Netherlands. DDoS attacks are always a nuisance, but they can inflict serious damage to companies and organizations. The simple fact that a webpage or a ...

June 18, 2023

Government departments responsible for running health and social care, and for collecting taxes, are using outdated software that leaves them wide open to cyber-attacks, according to a disturbing new investigation. The use of “legacy” servers and databases has been uncovered through freedom of information (FoI) requests from the low-tax pressure group the TaxPayers’ Alliance. It has ...

June 18, 2023

The UK will roll out a major expansion to its cyber defence programme in Ukraine, protecting the country’s critical national infrastructure from crippling Russian attacks. The programme, which supports Ukraine’s Government to rapidly respond to and defend vital government services against debilitating cyber-attacks, will be boosted by an injection of up to £25 million and a ...

June 16, 2023

The United States must immediately get ready for domestic, cyber-enabled attacks on critical domestic infrastructure and guard against foreign-initiated information operations targeted at the American people, according to speakers and panelists at an Association of the U.S. Army symposium on Wednesday in Arlington, Virginia. Mark Bristow, director of the Cyber Infrastructure Protection Innovation Center (CIPIC) at ...

June 16, 2023

Those with a Louisiana ID, registration or driver’s license could have their personal data exposed as a major cyber attack targeted the Louisiana Office of Motor Vehicles as well as other Government entities. According to the Governor’s Office of Homeland Security and Emergency Preparedness, the OMV was breached. The state says MOVEit – which is a ...

June 15, 2023

Money is the root of all evil, including cybercrime. Thus, it was inevitable that malware creators would one day begin not only to distribute malicious programs themselves, but also to sell them to less technically proficient attackers, thereby lowering the threshold for entering the cybercriminal community. The Malware-as-a-Service (MaaS) business model emerged as a result of ...

June 15, 2023

Starting as early as October 10, 2022, UNC4841 sent emails to victim organizations that contained malicious file attachments designed to exploit CVE-2023-2868 to gain initial access to vulnerable Barracuda ESG appliances. Over the course of their campaign, UNC4841 has primarily relied upon three principal code families to establish and maintain a presence on an ESG appliance, ...