Cyber Security

The FBI has released guidelines detailing the process by which companies can seek deferment in disclosing cyber incidents to the Securities and Exchange Commission (SEC). In response to the SEC's new regulations mandating swift disclosure of "material" cybersecurity incidents and annual submission of cybersecurity risk management details, companies are required to report such incidents within...

In a recent discovery by threat hunters, the GuLoader malware has adapted new techniques to complicate analysis, making it a formidable challenge for security assessments. Elastic Security Labs researcher Daniel Stepanic highlighted the continuous evolution of GuLoader's obfuscation methods, emphasizing the strain it puts on analysis efforts despite the core functionality remaining relatively unchanged over...

Over the Thanksgiving holiday, the Greater Richmond Transit Company (GRTC), managing the central Virginia transit system, faced a disruptive cyberattack, impacting their computer network. GRTC, serving millions across Richmond, Chesterfield, and Henrico Counties, encountered a network disruption affecting specific applications and segments of their network, as disclosed by a spokesperson to Recorded Future News. Although GRTC...

Last week, cybercriminals disrupted the water supply for 180 homeowners in the Erris area, targeting equipment on a private group water scheme in a politically motivated cyber-attack. The Binghamstown/Drum scheme residents experienced a water supply outage on Thursday and Friday when the Eurotronics Israeli-made water pumping system was tampered with by hackers, resulting in the...

The LockBit ransomware strain remains a dominant force in the global landscape of ransomware and digital extortion (R&DE) attacks, as reported by ZeroFox. Over the past seven quarters, from January 2022 to September 2023, LockBit has been implicated in over a quarter of all R&DE incidents worldwide, with a particularly strong presence in Europe...

The Financial Conduct Authority (FCA) has issued a warning to the public about the heightened risk of loan fee fraud as the festive season approaches. With the cost of living crisis affecting many UK households, the FCA has observed a worrying trend of individuals being targeted by fraudulent loan offers. According to the FCA, a...

WordPress has rolled out an update, version 6.4.2, to address a critical remote code execution (RCE) vulnerability. This flaw, part of a Property Oriented Programming (POP) chain, could potentially allow attackers to execute arbitrary PHP code on websites using the platform. The vulnerability was discovered in the WordPress core version 6.4 and involves the manipulation...

A significant security flaw in Digital Communications Technologies’ fleet management software, which could potentially allow unauthorized control over vehicle fleets, has not been addressed by the vendor, despite being reported months ago. The vulnerability, identified as CVE-2023-6248, affects the Syrus4 IoT gateway and poses a risk of vehicle shutdowns. Security experts have emphasized the gravity...

A significant Bluetooth authentication bypass vulnerability, identified as CVE-2023-45866, has been reported to affect devices across Apple, Android, and Linux platforms. The flaw, which allows unauthorized connection and keystroke injection without specialized hardware, was disclosed by Marc Newlin of SkySafe. Newlin plans to release detailed information and proof-of-concept code at a future conference, once...

Security researchers have identified a vulnerability in Amazon Web Services Security Token Service (AWS STS) that could allow threat actors to infiltrate cloud accounts and execute subsequent attacks. AWS STS, which provides temporary, limited-privilege credentials for accessing AWS resources, can be exploited to impersonate user identities and roles within cloud environments. The tokens issued by...

The cybersecurity landscape has been alerted to a new threat in the form of a Linux remote access trojan named ‘Krasue’, which has been covertly targeting telecom companies in Thailand since at least 202. The malware, named after a mythical Southeast Asian spirit, is adept at hiding its presence during the initial phase of...

Google has successfully addressed three security vulnerabilities identified in its Chromecast media-streaming devices, fortifying them against potential unauthorized custom OS installations and unsigned code execution. The vulnerabilities, designated as CVE-2023-48424, CVE-2023-48425, and CVE-2023-6181, were rectified with patches released on December 5. The discovery of these flaws raised concerns over supply chain interception—a method where attackers...

The Cybersecurity and Infrastructure Security Agency (CISA) has reported a significant decrease in the number of known exploited vulnerabilities within organizations participating in its cybersecurity performance goals program. Since the program’s inception in October 2022, these organizations have seen a 20% reduction in such vulnerabilities. CISA’s initiative, aimed at small- and medium-sized organizations, provides a...

In response to the escalating cyber threats targeting hospitals, the U.S. Department of Health and Human Services (HHS) has proposed a series of actions aimed at bolstering cybersecurity across the healthcare sector. The initiative, which was initially reported by Politico, includes a mix of voluntary and potentially mandatory measures that healthcare facilities would need...

In a recent cybersecurity incident, the Aldo Group, a global shoe retailer, has clarified that a ransomware claim made by the LockBit gang pertains to the systems of one of its franchise partners. The LockBit gang had announced an attack on the company, demanding a ransom by December 25 for the return of stolen...