CampusCoin Student Feed Aggregator

+ Executives targeted in mobile spearphishing attacks—Executives are targeted in mobile spearphishing attacks, and security leaders share their insights.  [Author: algerj@bnpmedia.com (Jordyn Alger)] [Lin...

+ Internet-exposed HMIs are a risk to water facilities, CISA warns—Water and wastewater system facilities have been urged to secure internet-exposed human-machine interfaces (HMIs). [Author: algerj@bnpmedia.com (Jordy...

+ 5M unique credit and debit cards exposed in data breach—The details of 5 million unique credit and debit cards were exposed in a data breach.  [Link to media]

+ Credential phishing attacks rose by 703% in H2 of 2024—A new report analyzes scam trends to help organizations prepare for threats in 2025. [Link to media]

+ Nearly 400,000 WordPress credentials stolen—A threat actor labelled as MUT-1244 has stolen more than 390,000 WordPress credentials.  [Author: algerj@bnpmedia.com (Jordyn Alger)] [Link to media]

+ 58,000 individuals’ data exposed after Bitcoin ATM operator hack—A United States Bitcoin ATM operator, Byte Federal, recently disclosed a cyber incident.  [Author: algerj@bnpmedia.com (Jordyn Alger)] [Link to media]

+ 27 DDoS-for-hire operations shut down by law enforcement—Law enforcement agencies across 15 countries have shut down 27 DDoS-for-hire operations.  [Author: algerj@bnpmedia.com (Jordyn Alger)] [Link to media]

+ 5 Cybersecurity trends in 2024—2024 has seen a number of cybersecurity incidents, including high-profile cyberattacks and rapidly-developing artificial intelligence (AI). [Link to m...

+ Security experts respond to Krispy Kreme cyber attack—A cybersecurity incident against Krispy Kreme disrupted its operations, and security leaders are sharing their insights.  [Author: algerj@bnpmedia.com...

+ 70% of cybersecurity leaders influenced by personal liability concerns—70% of respondents believe incidents of CISOs being held liable for cybersecurity events has negatively influenced their perception of the role.  [Lin...

+ Report: New cyber scam campaign targets job seekers—Research reveals a new cyber scam campaign targeting job seekers. [Author: algerj@bnpmedia.com (Jordyn Alger)] [Link to media]

+ Top 5 sectors targeted with subject customization techniques—Research has revealed the 5 industries most frequently targeted with subject customization techniques.  [Link to media]

+ FTC prohibits data brokers from selling Americans’ location data—Two data brokers have been banned from collecting and selling the sensitive, private location data of Americans.  [Author: algerj@bnpmedia.com (Jordyn...

+ Healthcare organizations report ransomware payments over $500,000—Healthcare faced extensive cyberattack costs. [Link to media]

+ 2024 saw a 30% increase in active ransomware groups—2024 saw a rise in ransomware activity. [Link to media]

+ CISA and partners publish guide to secure communication infrastructure—CISA and its partners have released a joint guide to share best practices for protecting communication infrastructure. [Link to media]

+ 82% of security leaders say AI may raise toxic combination challenges—Research shows that AI and IT complexity may lead to greater toxic combination challenges. [Link to media]

+ FCC Chair proposes action to protect nation’s communications systems—A chairwoman for the FCC has made cybersecurity proposal for telecommunication organizations in light of recent hacking events.   [Author: algerj@bnpm...

+ FTC orders Marriott to implement information security program—The FTC will require Marriott and its subsidiary Starwood Hotels & Resorts to implement an information security program following three data breac...

+ Experts say Chinese hacking campaign underscores value of mobile data—The recent Chinese hacking campaign against telecommunications companies underscores value of mobile data.  [Author: algerj@bnpmedia.com (Jordyn Alger...

+ US Copyright Office states common AI research does not violate DMCA—The U.S. Copyright Office has clarified legal rules for trustworthiness research and red teaming of artificial intelligence.  [Author: algerj@bnpmedia...

+ A new report shows QR code phishing is on the rise—QR code phishing is on the rise, according to a new report.  [Link to media]

+ Phishing attacks rose by more than 600% in the buildup to Black Friday—In the week leading up to Black Friday and Cyber Monday, there was a 692% increase in phishing attacks.  [Link to media]

+ Warning issued for 10-year-old vulnerability, security leaders discuss—A decade-old security flaw is being actively exploited, according to a warning issued by Cisco. [Author: algerj@bnpmedia.com (Jordyn Alger)] [Link to ...

+ 600,000 sensitive files exposed by data broker SL Data Services—A non-password protected database belonging to data broker SL Data Services has exposed more than 600,000 sensitive files.  [Author: algerj@bnpmedia.c...

+ Security expert discusses Florida’s new cybersecurity standard bill—Florida passed a bill requiring local governments to adopt new cybersecurity standards. [Author: algerj@bnpmedia.com (Jordyn Alger)] [Link to media]

+ U.S. is the top generator of anonymous open source contributions—A new report has revealed the United States and Russia are the highest generators of open source projects.  [Link to media]

+ U.S. is the to generator of anonymous open source contributions—A new report has revealed the United States and Russia are the highest generators of open source projects.  [Link to media]

+ New phishing-as-a-service platform targets Microsoft 365—New phishing-as-a-service platform steals Microsoft 365 credentials via large-scale adversary-in-the-middle attacks. [Author: algerj@bnpmedia.com (Jor...

+ SmokeLoader attack targets organizations in Taiwan—Research shows an observed attack deploying the SmokeLoader malware to target organizations in Tawian.  [Author: algerj@bnpmedia.com (Jordyn Alger)] [...

+ Data breach costs: Geico and Travelers fined $11.3M by New York State—Geico and Travelers have been fined a combined total of $11.3 million by the state of New York. [Author: algerj@bnpmedia.com (Jordyn Alger)] [Link to ...

+ Supply chain technology provider Blue Yonder faces ransomware attack—Blue Yonder, a supply chain technology provider, has faced a ransomware incident.  [Author: algerj@bnpmedia.com (Jordyn Alger)] [Link to media]

+ Google launches a regular scams and fraud advisory—Google has launched an online fraud advisory due to the increasing volume and complexity of scams. [Author: algerj@bnpmedia.com (Jordyn Alger)] [Link ...

+ Security leaders discuss risks and offer advice on seasonal scams—A new report from reveals the state of the e-commerce threat landscape as the holidays approach.  [Author: algerj@bnpmedia.com (Jordyn Alger)] [Link t...

+ More than 2,000 Palo Alto Networks firewalls compromised —Malicious actors were able to compromise more than 2,000 Palo Alto Networks firewalls. [Author: algerj@bnpmedia.com (Jordyn Alger)] [Link to media]

+ CISA Director Jen Easterly to resign, cybersecurity experts weigh in—Cybersecurity experts are discussing the resignation of Jen Easterly, Director of the Cybersecurity and Infrastructure Security Agency. [Author: alger...

+ Finastra investigates data breach, security leaders discuss —Finastra is investigating an alleged data breach. Security leaders share their insights. [Author: algerj@bnpmedia.com (Jordyn Alger)] [Link to media]

+ Cyber agencies reveal top 15 routinely exploited vulnerabilities—Cybersecurity agencies from five countries collaborated on an advisory regarding Common Vulnerabilities and Exposures (CVEs) routinely exploited in 20...

+ Advice for Critical Infrastructure Security and Resilience Month—As CISA kicks off Critical Infrastructure Security and Resilience Month, the agency is offering advice to critical infrastructure organizations on how...

+ Black Friday gaming sales could be disrupted by bots—Recent research shows that bots could disrupt Black Friday gaming sales. [Link to media]

+ Security experts respond to the Amazon employee data breach—Security leaders weigh in on the Amazon data breach, offering insights on the cause, ramifications and potential preventative measures. [Author: alger...

+ Navigating the regulatory and compliance landscape of 2025—As security leaders look ahead to 2025, the regulatory and compliance landscape is set to undergo a significant transformation. [Link to media]

+ 60% increase in scam domain registrations targeting holiday shoppers—Research  reveals more than 6,000 domain registrations in the past 90 days, targeting the retail industry. [Link to media]

+ Research uncovers the tool creating recent GitHub phishing attacks—Research has unveiled a tool responsible for many recent GitHub phishing attacks. [Author: algerj@bnpmedia.com (Jordyn Alger)] [Link to media]

+ One in five organizations have experienced a NHI security incident—Cloud security remains a top concern for security leaders. [Link to media]

+ 65% of websites aren’t protected from bots —Websites see a rise in bot attacks. [Link to media]

+ Malicious Python Package Index steals Amazon Web Services credentials—Cybersecurity researchers have discovered a malicious Python package.  [Author: algerj@bnpmedia.com (Jordyn Alger)] [Link to media]

+ Chinese threat actor exploits credentials from password spray attacks —Microsoft observed malicious activity targeting and stealing credentials from Microsoft customers.  [Author: algerj@bnpmedia.com (Jordyn Alger)] [Link...

+ Multi-factor authentication to be mandatory on Google Cloud accounts —Google announced mandatory multi-factor authentication (MFA) is coming to Google Cloud accounts. Security leaders discuss the implications.  [Author: ...

+ CISA Director releases statement on the security of the 2024 elections—The CISA Director, Jen Easterly, released a statement following the 2024 elections.  [Link to media]

+ Malicious actors are exploiting DocuSign to send fake invoices—A new report reveals that malicious actors are exploiting APIs in DocuSign to send fake invoices.  [Author: algerj@bnpmedia.com (Jordyn Alger)] [Link ...

+ 500,000 people impacted by ransomware attack on Columbus, Ohio—The City of Columbus, Ohio, has notified 500,000 individuals that a ransomware attack in July 2024 stole their personal information. [Author: algerj@b...

+ Global operation EMERALDWHALE steals 15K cloud credentials—A global operation called EMERALDWHALE has resulted in the theft of more than 15,000 cloud service credentials. [Author: algerj@bnpmedia.com (Jordyn A...

+ Software and IT vendors linked to 67% of energy sector breaches —Two-thirds (67%) of third-party energy sector breaches were caused by software and IT vendors.  [Author: algerj@bnpmedia.com (Jordyn Alger)] [Link to ...

+ Security leaders discuss the Cisco security incident —Security leaders discuss the recent Cisco security incident.  [Author: algerj@bnpmedia.com (Jordyn Alger)] [Link to media]

+ 31 new ransomware groups were discovered in 2024—A report by Secureworks revealed a 30% year-over-year rise in active ransomware groups, which demonstrates fragmentation of an established criminal ec...

+ Only 24% of organizations are 'very confident' in their AI policies—According to recent data, a wave of artificial intelligence (AI) adoption is radically shifting how software goes from ideation to deployment. [Link t...

+ 99% of CISOs report fear over losing positions due to a data breach—Nearly all CISOs (99%) are worried about losing their positions if a breach occurs, with 77% of CISOs being very or extremely concerned. [Link to medi...

+ 67% of organizations say employees lack basic security awareness—67% of organizations are concerned that employee s lack fundamental security awareness.  [Author: algerj@bnpmedia.com (Jordyn Alger)] [Link to media]

+ 72% of European organizations are using AI in the workplace—According to a recent report, 53% of European organizations are confident employees are not properly utilizing generative AI. [Link to media]

+ New macOS vulnerability allows unauthorized data access—A new macOS vulnerability could allow a malicious actor to evade an operating system’s Transparency, Consent, and Control (TCC) technology.  [Author: ...

+ 4 organizations charged with misleading cyber disclosures—The SEC has charged four public companies with misleading disclosures about cyber risks and intrusions. [Link to media]

+ Middle East Escalation, Humanitarian Law and Disinformation – Episode 25—In episode 25 of the Cybersecurity & Geopolitical Discussion, our trio of hosts pull apart the rapidly deteriorating situation in the Middle East....

+ CISOs respond: 49% of CISOs plan to leave role without industry action—A survey shows that nearly half (49%) of CISOs do not believe there is a future for them in this role. CISOs are sharing their insights on this statis...

+ Iranian cyber actors are targeting critical infrastructure entities—Iranian cyber actors are targeting critical infrastructure entities via brute force. [Author: algerj@bnpmedia.com (Jordyn Alger)] [Link to media]

+ Research uncovers new attack method, security leaders share insights—Researchers at the University of Texas at Austin discovered a new attack method.  [Author: algerj@bnpmedia.com (Jordyn Alger)] [Link to media]

+ 34% of CIOs ranked securing the network as their number one priority—According to a recent report, 34% of chief information officers (CIOs) ranked securing the network as their number one priority.  [Link to media]

+ SolarWinds Help Desk software vulnerability added to CISA catalogue—Due to evidence of active exploitation, CISA added three vulnerabilities to its Known Exploited Vulnerabilities Catalogue. [Author: algerj@bnpmedia.co...

As of 12/21/24 11:05am. Last new 12/20/24 11:46pm.  Score: 382