According to security researchers at Cisco Talos, ransomware and business email compromise (BEC) attacks accounted for 60% of all incidents in the second quarter of 2024.  Technology was the most targeted sector in this period, making up 24% of incidents, a 30% rise from the previous quarter.  The researchers noted that adversaries may view technology firms as a gateway into other industries and organizations, given their role in servicing various industries, including critical infrastructure.

The Internet Systems Consortium (ISC) recently announced BIND security updates that contain patches for several remotely exploitable denial-of-service (DoS) vulnerabilities in the DNS software suite.  The ISC said that the updates resolve a total of four high-severity bugs, tracked as CVE-2024-0760, CVE-2024-1737, CVE-2024-1975, and CVE-2024-4076, all of which have a CVSS score of 7.5.  The first security defect would result in the server becoming unstable when receiving a flood of DNS messages over TCP.

By grigby1

By krahal

The Washington Post's Adela Suliman, Dan Rosenzweig-Ziff, Eva Dou and María Luisa Paúl reported that the CrowdStrikd outage, identified on 18 July, affected not only 4,700 canceled flights and 37,600 delayed (8,800 in the US) but also websites, broadcasters and payment systems.

By grigby1 

The US Department of Homeland Security (DHS) has developed a four-legged robot called "NEO" to jam the wireless transmissions of smart home devices. NEO has an onboard computer and antenna array that enable law enforcement officers to launch a Denial-of-Service (DoS) attack, disabling potentially harmful Internet of Things (IoT) devices. Although NEO might not be able to impact hard-wired smart devices, it can still disable the radio frequencies most wireless IoT devices use to reduce risks for officers. This article continues to discuss the NEO robot that can create DoS events.

According to a recent memo from the Office of Science and Technology Policy (OSTP), certain covered institutions will be required to implement cybersecurity programs for Research and Development (R&D) security. These mandates will also apply to higher education institutions that support R&D. In addition to enhancing the overall security of the US, this action is a direct response to increasing threats presented by the People's Republic of China (PRC), according to Arati Prabhakar, Assistant to the President for Science and Technology and author of the memo.

Michigan Medicine, the academic medical center of the University of Michigan, recently started notifying roughly 57,000 individuals that their personal and health information might have been compromised in a data breach.  The incident resulted from threat actors gaining access to employee email accounts on May 23 and May 29.  The compromised accounts were disabled as soon as the data breach was discovered.