CyberSecure Specialist

AT&T is informing customers about a data breach at a vendor’s system that allowed threat actors to gain access to AT&T’s Customer Proprietary Network Information (CPNI). The incident came to light after customers posted the email communication from AT&T on community forums to know if it was legitimate or email fraud. “We recently determined that an unauthorized person breached a vendor’s system and gained access to your ‘Customer Proprietary Network Information’ (CPNI),” AT&T said in…

Read More

President Biden released his FY 2024 budget proposal that seeks a bigger budget for the Cybersecurity and Infrastructure Security Agency (CISA) and greater cyber investigative capabilities for the FBI. The budget also calls for increasing the federal government’s IT modernization efforts, exploring cybersecurity efforts surrounding gender-based cybercrimes, expanding efforts to counter China’s problematic behaviors, and helping Ukraine better defend itself on the digital front. “The Budget continues to invest in cybersecurity programs recognizing that cybersecurity…

Read More

A persistent malware targeting unpatched SonicWall Secure Mobile Access (SMA) appliances has been linked to a Chinese campaign dating back to 2021, according to a Mandiant research done in partnership with SonicWall’s in-house research team. The responsible malware, dubbed UNC4540, has been found to be stealing user credentials, providing shell access, and persisting through firmware upgrades. “This is not a new vulnerability, so a patch was not published,” a Mandiant spokesperson said. “The findings are…

Read More

The cybercrime underground has long functioned as an open market where sellers of products and services are paired with buyers and contractors. One of the most valuable commodities on this market are stolen credentials since they can provide attackers with access into networks, databases, and other assets owned by organizations. It’s no surprise to see cybercriminals focused on this valuable commodity. “Last year, 4,518 data breaches were reported,” researchers from Flashpoint said in a new…

Read More

A new data regulation body that China is reportedly set to create is expected to clarify and establish new data sovereigny rules for multinational companies and accelerate tech-based initatives such as public administration services built on anonymized citizen data. The new governent body will streamline data governance policies in the country, amid increasing confusion from businesses that deal with multiple bodies presiding over different aspects of data governance within the country’s borders, according to a…

Read More

A health insurance marketplace that provides coverage for members of the US Congress and congressional staffers was found to be compromised on Wednesday, according to a letter apparently sent from House Chief Administrative Officer Catherine L. Szpindor to members of that chamber. Szpindor’s office would not directly confirm or deny the authenticity of the letter, which was first published on Twitter by a reporter for the right-wing Daily Caller news site. However, a spokesperson for…

Read More