Critical 10.0 Aviatrix Controller flaw exploited in the wild
A critical code execution flaw in the Aviatrix Controller with a 10.0 CVSS score has been exploited in the wild, resulting in cryptojacking and backdoor deployment. After a proof-of-concept was published, Wiz researchers said in a Jan. 11 post that it’s especially serious because Aviatrix Controllers are a “prime target” of threat actors since they […]
Pastor indicted for Christian-themed cryptocurrency pyramid scam
A church pastor is facing more than two dozen criminal charges in connection with a cryptocurrency pyramid scheme. There is a lot to unpack in this story, but the short of it is that Francier Obando Pinillo faces 26 counts of fraud for running a scam on his congregation between November 2021 and October 2023. […]
Celebrity investors, creator metrics, and Chrome extension compromise – ESW #389
“Data-loss prevention startup Cyberhaven says hackers published a malicious update to its Chrome extension that was capable of stealing customer passwords and session tokens” Big Oof. That’s a tough statement to read for a cybersecurity vendor. A data loss prevention vendor being the source of the leak? There are a ton of details worth going […]
TalkTalk pulls support for ‘Internet Matters’ charity amid financial struggles
News TalkTalk will exit its co-founded child safety charity, Internet Matters, by the end of March, the Telegraph has reported Internet Matters, a charity that educates parents, schools, and caregivers about online safety, was founded in 2014 by TalkTalk alongside BT, Virgin Media, and Sky. Despite growing concerns about online safety and upcoming UK regulations […]
Labour government rejigs UK national AI strategy
News The government’s new AI plan aims to boost productivity, create jobs, and modernise public services amid a slowing economy The UK government has announced a plan to integrate AI into key sectors, aiming to boost economic growth, streamline public services, and create thousands of jobs. Attempting to take control of the country’s economic conversation […]
Uswitch highlights risks to customers as VMO2 targets 3G sunset
News A new survey suggests that the switch off could leave over 4.3 million people without access to mobile internet Today, Virgin Media O2 (VMO2) has announced it will begin its 3G shutdown in the city of Durham in April, before expanding to the rest of the UK by the end of the year. The […]
Updated PlugX malware launched in new RedDelta attacks
Chinese advanced persistent threat operation RedDelta has deployed attacks involving a new PlugX malware variant against Taiwan, Mongolia, Cambodia, Myanmar, and Vietnam from July 2023 to December 2024, The Hacker News reports. Attacks by RedDelta — also known as Mustang Panda, Earth Preta, Camaro Dragon, Bronze President, and HoneyMyte — commence with spear-phishing emails using Mongolian flood protection, Taiwanese […]
CISA’s Cyber Hygiene enrollment in the upswing
Nearly 7,800 U.S. critical infrastructure organizations have enrolled in the Cybersecurity and Infrastructure Security Agency’s Cyber Hygiene service between August 2022 and August 2024, representing a 201% growth over the same period, according to CyberScoop. The communications industry logged the highest increase in CyHy enrollment between 2022 and 2024, followed by the emergency services, critical manufacturing, and water […]
Data breach compromises STIIIZY customers’ data
Information compromised in the breach included not only names, birthdates, email addresses, and phone numbers, but also Social Security numbers, driver’s licenses, taxpayer IDs, payment details, and health and health insurance and billing data, according to a filing with the Office of the Maine Attorney General. Source link
The hybrid workforce crisis: How it has weakened enterprise security, and what to do about it
The hybrid workforce has revolutionized the way organizations operate, but it has also dramatically expanded the cybersecurity challenges they face. Traditional security models are proving inadequate in managing the evolving risks introduced by remote work environments, as detailed in an October 2024 report by the Institute for Critical Infrastructure Technology (ICIT). The Growing Enterprise Attack […]
© Copyright 2024 CNB Tel. All rights reserved