CyberSecurity Updates

08 Mar

A Close Up Look at the Consumer Data Broker Radaris

Information, Insights

If you live in the United States, the data broker Radaris likely knows a great deal about you, and they are happy to sell what they know to anyone. But how much do we know about Radaris? Publicly available data indicates that in addition to running a dizzying array of people-search websites, the co-founders of Radaris operate multiple Russian-language dating services and affiliate programs. It also appears many of their businesses have ties to a…

Read More
08 Mar

Apple Released Security Updates for Multiple Products

Attacks, Insights, Malware

Apple released security updates to address vulnerabilities in Safari, macOS, watchOS, tvOS, and visionOS. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.  CISA encourages users and administrators to review the following advisories and apply the necessary updates:  Safari 17.4  macOS Sonoma 14.4  macOS Ventura 13.6.5  macOS Monterey 12.7.4  watchOS 10.4  tvOS 17.4  visionOS 1.1 

Read More
08 Mar

Top 10 scams targeting seniors – and how to keep your money safe

Information

Scams The internet can be a wonderful place. But it’s also awash with fraudsters targeting people who are susceptible to fraud. Phil Muncaster 06 Mar 2024  •  , 5 min. read We’re all getting older. That’s good news for digital fraudsters, who see rich pickings to be had in a rapidly ageing society. They’re increasingly targeting senior citizens because they suspect these targets to have more money to steal, but potentially less digital savvy to…

Read More
07 Mar

CISA and NSA Release Cybersecurity Information Sheets on Cloud Security Best Practices

Attacks, Insights, Malware

Today, CISA and the National Security Agency (NSA) released five joint Cybersecurity Information Sheets (CSIs) to provide organizations with recommended best practices and/or mitigations to improve the security of their cloud environment(s). Use Secure Cloud Identity and Access Management Practices Use Secure Cloud Key Management Practices Implement Network Segmentation and Encryption in Cloud Environments Secure Data in the Cloud Mitigate Risks from Managed Service Providers in Cloud Environments CISA and NSA encourage all organizations to…

Read More
07 Mar

CISA Adds One Known Exploited JetBrains Vulnerability, CVE-2024-27198, to Catalog

Attacks, Insights, Malware

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-27198 JetBrains TeamCity Authentication Bypass Vulnerability CISA urges organizations to review the following JetBrains blog post and apply the necessary updates: Additional Critical Security Issues Affecting TeamCity On-Premises (CVE-2024-27198 and CVE-2024-27199) – Update to 2023.11.4 Now. These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise. Binding Operational…

Read More
07 Mar

Cisco Releases Security Updates for Secure Client

Attacks, Insights, Malware

Cisco released security updates to address vulnerabilities in Cisco Secure Client and Secure Client for Linux. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected device. CISA encourages users and administrators to review the following security releases and apply the necessary updates:  Cisco Secure Client Carriage Return Line Feed Injection Vulnerability  Cisco Secure Client for Linux with ISE Posture Module Privilege Escalation Vulnerability

Read More
07 Mar

Irresistible: Hooks, habits and why you can’t put down your phone

Information

How often do you go somewhere without your phone? And how do you feel when you go somewhere with no signal? Let’s be honest, the majority of us would admit that going without our beloved devices close at hand causes a lot of stress. And the stats show it: studies show that nomophobia, the fear of being without our digital devices, impacts over 90% of us! But why have our smartphones become our constant companions?…

Read More
06 Mar

VMware Releases Security Advisory for Multiple Products

Attacks, Insights, Malware

VMware released a security advisory to address multiple vulnerabilities in ESXi, Workstation, Fusion, and Cloud Foundation. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following VMware security advisory and apply the necessary updates: VMSA-2024-0006

Read More
05 Mar

BlackCat Ransomware Group Implodes After Apparent $22M Payment by Change Healthcare

Data Breaches, Information, Insights

There are indications that U.S. healthcare giant Change Healthcare has made a $22 million extortion payment to the infamous BlackCat ransomware group (a.k.a. “ALPHV“) as the company struggles to bring services back online amid a cyberattack that has disrupted prescription drug services nationwide for weeks. However, the cybercriminal who claims to have given BlackCat access to Change’s network says the crime gang cheated them out of their share of the ransom, and that they still…

Read More
03 Mar

Deceptive AI content and 2024 elections – Week in security with Tony Anscombe

Information

Video As the specter of AI-generated disinformation looms large, tech giants vow to crack down on fabricated content that could sway voters and disrupt elections taking place around the world this year 01 Mar 2024 As a record number of people across the world will go to the polls this year, concerns rise about the use of AI-generated deceptive content to sway voters and undermine election integrity. This puts the spotlight on the world’s tech…

Read More