911Cyber

?? What's the latest in the cyber world today? ?? #CyberAlerts RomCom Exploits Firefox and Windows Zero-Day Flaws for Cyberattacks Source: Damien S. and Romain Dumont via ESET SpyLoan Apps Use Social Engineering to Steal Data and Exploit Vulnerable Users Source: McAfee Critical Flaw in WordPress Anti-Spam Plugin Exposes 200K Sites to Remote Hacking Source: Istvan Marton via WORDFENCE CISA Warns Agencies to Patch Critical Array Networks Flaw Amid Active Exploitation Source: Cybersecurity and Infrastructure Security Agency Critical QNAP Vulnerability Allows Remote Code Execution and System Compromise Source: QNAP ?? #CyberIncidents Software Supplier Blue Yonder Hit by Ransomware Disrupting Starbucks Systems Source: Blue Yonder HDFC Life Insurance in India Hit With Breach Exposing Sensitive Information Source: The Times Of India England’s Arrowe Park Hospital Suffers Major Cyberattack Disrupting Operations Source: Wirral University Teaching Hospital NHS Foundation Trust Australian ATF Services Hit by INC Ransomware Gang Exposing 1TB of Data Source: David Hollingworth via Cyber Daily Japan's JR West Hotel Suffers Data Breach Exposing Customers to Phishing Attacks Source: West Japan Railway Company ?? #CyberNews Intel Receives Over $7B for US Chip Manufacturing Under Biden's CHIPS Act Source: Us Department Of Commerce UK Businesses Lose ￡44 Billion Over Five Years Due to Cyberattacks and Data Theft Source: Howden Australian Banks Lag Behind US Counterparts in Email Scam Protection Source: Proofpoint New York Fines Geico and Travelers $11M for Breaches Involving Driver's Licenses Source: New York State Department of Financial Services Former Verizon Employee Sentenced for Sharing Secrets with Chinese Government Source: U.S. Department of Justice This Cyber Briefing is powered by https://911cyber.app? Get help from cybersecurity first responders today! Find the full stories at cybermaterial.com Or click here ?? to read the summaries. https://lnkd.in/e-uiPGVW #cyberbriefing #informationsecurity #Firefox #Malware #ZeroDays #CISA #WordPress #Australia #Windows #Starbucks

#CyberAlerts A Russia-aligned threat actor known as RomCom has exploited two zero-day vulnerabilities, one in Mozilla Firefox and the other in Microsoft Windows, to launch sophisticated cyberattacks aimed at delivering its backdoor malware. The attack, which does not require user interaction, targets a use-after-free vulnerability in Firefox’s Animation component (CVE-2024-9680) and a privilege escalation flaw in the Windows Task Scheduler (CVE-2024-49039). The exploit, triggered when a victim visits a malicious website, allows RomCom to bypass browser security, escalate privileges, and deploy the RomCom RAT. Read More: https://lnkd.in/dvx4cSHu #Mozilla #Firefox #Microsoft #Windows

#CyberNews Samsung Electronics has entered a partnership with Poland's Cyber Defense Force (WOC) to strengthen cybersecurity efforts through joint research and development initiatives. Announced on November 21, 2024, the collaboration focuses on advancing technologies, equipment, and telecommunications solutions aimed at enhancing national security in cyberspace. As part of the agreement, the two entities will engage in R&D projects, testing, and sharing expertise. This partnership builds on Samsung's ongoing involvement in Poland’s cybersecurity cooperation program, which has been active since 2019. Read More: https://lnkd.in/dpdvYa7q #Samsung #Poland #cybersecurity #Government

A recent development in cyber threat landscape has unveiled the emergence of TMChecker, a remote access tool discovered on the Dark Web, indicating a concerning shift in cybercriminal tactics. TMChecker, introduced by the threat actor known as “M762,” is designed to exploit popular VPN and mail servers, leveraging a blend of corporate access login checking features and brute-force attack strategies. If you need support, visit 911cyber.app. #VPN #Cyber #Security #911CyberApp

#CyberIncidents A large-scale Distributed Denial-of-Service (DDoS) attack has been targeting the website of the canton of Schwyz in Switzerland since the early hours of November 24, 2024. The ongoing attack has led to outages across several cantonal and municipal websites, disrupting access to key online services. While the motivation behind the attack remains unclear, no ransom demands or blackmail letters have been received. Authorities have confirmed that there has been no breach of data confidentiality or integrity. Read More: https://lnkd.in/dN-4Kvm7 #Switzerland #DDoS #Schwyz

#CyberAlerts A new attack method, dubbed the "Nearest Neighbor Attack," has emerged, showcasing the growing sophistication of cyber threats. Discovered in February 2022 by cybersecurity firm Volexity, this technique exploits nearby Wi-Fi networks to breach an organization’s network from thousands of miles away. Russian state-sponsored group GruesomeLarch (also known as APT28 or Fancy Bear) used this method to infiltrate an organization focused on Ukraine, bypassing multi-factor authentication by targeting an Enterprise Wi-Fi network. Read More: https://lnkd.in/drMbGaJG #Russia #APT28 #Russia #Ukraine #WiFi

?? What's happening in cybersecurity today? ?? #CyberAlerts APT-K-47 Exploits Hajj-Themed Lures to Deploy Advanced Asyncshell Malware Source: Knownsec Hong Kong 404 Team Google Uncovers Pro-China Fake News Influence Network Called GLASSBRIDGE Source: Vanessa M. via Google Wi-Fi Exploited in Sophisticated Nearest Neighbor Attack by Russian Hackers Source: Sean Koessel, Steven Adair and Tom Lancaster via Volexity Russian TAG-110 Attacks Organisations with HATVIBE and CHERRYSPY Malware Source: Recorded Future XorBot Botnet Returns with Enhanced Tactics and New Exploits Source: NSFOCUS ?? #CyberIncidents Over 1 Million NHS Employee Records Leaked Due to Microsoft Power Pages Misconfig Source: James Cox via breakingnews.ie Canada's Montreal North Borough IT Systems Disrupted by Cyberattack Source: Arrondissement de Montréal-Nord via Facebook Yakuza Helpline in Japan Suffers Data Leak Exposing 2500 Yakuza Victims Source: Kumamoto Prefectural Anti-Violence Movement Promotion Center Ongoing DDoS Attack Disrupts Schwyz Canton Municipal Websites in Switzerland Source: Federal Office for Cyber Security @BACS Central Carolina Insurance Agency Suffers Data Breach Affecting Thousands Source: ATTORNEY GENERAL, MAINE DEPARTMENT OF ?? #CyberNews UK Nuclear Decommissioning Authority Launches Cyber Facility to Enhance Defense Source: UK Nuclear Decommissioning Authority Australia Withdraws Misinformation Bill Amid Controversy Over Free Speech Concerns Source: David Coleman, Shadow Minister for Communications UK’s Minister of Intergovernmental Relations Says Russia Prepped for Cyber War Source: Adam Durbin via BBC Samsung Joins Forces with Poland's Cyber Defense to Boost National Security Source: Samsung Electronics EY Identity Acquires J Group Consulting to Strengthen Access Management Solutions Source: EY This Cyber Briefing is powered by https://911cyber.app? Get help from cybersecurity first responders today! Find the full stories at cybermaterial.com Or click here ?? to read the summaries. https://lnkd.in/e-uiPGVW #cyberbriefing #informationsecurity #Malware #Botnet #Russia #EY #Samsung #Poland #UK #China #EY

?? Bluesky vs. Twitter (X): A Cybersecurity Perspective ?? As Bluesky gains momentum as a decentralized alternative to Twitter (X), its privacy and security framework comes into focus. Learn about: ?? Key security features of Bluesky and its decentralized architecture. ?? How Bluesky's user privacy policies compare to Twitter (X). ?? Cybersecurity features of both platforms. Which platform is setting the benchmark for secure social networking? Read on to find out! #cybersecurity #bluesky #twitter #dataprivacy #decentralizedtech #infosec #informationsecurity

#CyberNews A recent cyberattack on U.S. telecommunications networks has been described as the "worst telecom hack in our nation’s history" by Senator Mark Warner, chairman of the Senate Intelligence Committee. The breach, allegedly linked to China, compromised sensitive surveillance data, including U.S. customer call records and communications from individuals involved in government or political activities. The hackers, identified as part of the group "Salt Typhoon," infiltrated several telecom companies' networks, allowing them to listen to phone conversations and read text messages. Read More: https://lnkd.in/dpdvYa7q #USA #Telecom #China #Hackers

A recent discovery reveals a malicious plugin injected into a WordPress/WooCommerce ecommerce website, demonstrating a dual threat. The malicious code not only creates a deceptive administrator user but also injects sophisticated credit card skimming JavaScript into the website’s checkout page The exfiltration of card details is observed sending them to a remote server controlled by the attackers. If you need support, visit 911cyber.app. #IdentityTheft #CreditCard #CyberSecurityHelp #911CyberApp