"NASA Launches Cybersecurity Guide for Space Industry"

"NASA Launches Cybersecurity Guide for Space Industry"

NASA has released its first Space Security Best Practices Guide (BPG), a document aimed at improving cybersecurity for future space missions. Concerns regarding the threats that hackers pose to satellite networks and other space initiatives have grown. In August, the FBI, the National Counterintelligence and Security Center (NCSC), and the Air Force Office of Special Investigations (AFOSI) warned that foreign intelligence entities were infiltrating and subverting space industry through various means, including hacking campaigns.

Submitted by Gregory Rigby on

Palmetto Cyber Summit 2024

"The CyberSC Board of Governors and the Summit Planning Committee invite you to the 2024 Palmetto Cyber Summit.  The event is scheduled for Wednesday and Thursday, February 21-22, 2024, and will be taking place in-person at the Cooperative Conference Center in Columbia, South Carolina. The event, in its 2nd year, will bring together experts to provide timely content and address a variety of cybersecurity issues impacting South Carolinians.

IntelliC0N

"Introducing IntelliC0N, a platform inspired by esteemed and reliable cybersecurity leaders who are eager to disseminate the latest emerging threat intelligence.  We've collaborated with some of the most brilliant minds in cybersecurity, including inventors, founders, and top-level security executives.  Together, we aim to empower the cybersecurity community with game-changing solutions to outpace evolving threats."

"ESET Threat Report: ChatGPT Name Abuses, Lumma Stealer Malware Increases, Android SpinOk SDK Spyware's Prevalence"

"ESET Threat Report: ChatGPT Name Abuses, Lumma Stealer Malware Increases, Android SpinOk SDK Spyware's Prevalence"

ESET has released its H2 2023 threat report, which highlights cybercriminals' use of the ChatGPT name, the rise of the Lumma Stealer malware, the Android SpinOk Software Development Kit (SDK) spyware, and other issues. In the second half of 2023, ESET blocked 650,000 attempts to access malicious domains with "chatgpt" or a similar string in the name. Lumma Stealer, also known as LummaC2 Stealer, is a Malware-as-a-Service (MaaS) threat that targets multiple cryptocurrency wallets, user credentials, and Two-Factor Authentication (2FA) browser extensions.

Submitted by Gregory Rigby on

SANS Cyber Threat Intelligence Summit & Training 2024

Join us in Washington, DC or Free Live Online and walk away from Cyber Threat Intelligence Summit with new perspectives and learn from case studies that challenge CTI assumptions and result in a shift in your understanding.  No matter your background or skill level, you’ll have the chance to learn, connect, and share with thousands of cybersecurity professionals in attendance from around the globe.

"security.txt: A Simple File with Big Value"

"security.txt: A Simple File with Big Value"

The US Cybersecurity and Infrastructure Security Agency (CISA) included creating a "security.txt" file as one of the priority Cybersecurity Performance Goals (CPGs). When security researchers and bug hunters find flaws in an organization's ecosystem, they must know who to contact. Researchers may be unable to quickly determine where to report vulnerabilities if there are no clear reporting channels in place, leaving the organization vulnerable to attackers. However, all organizations can overcome this challenge using a simple security.txt file.

Submitted by Gregory Rigby on

"New Sneaky Xamalicious Android Malware Hits Over 327,000 Devices"

"New Sneaky Xamalicious Android Malware Hits Over 327,000 Devices"

Xamalicious is a new Android backdoor that can perform various malicious actions on infected devices. The malware discovered by the McAfee Mobile Research Team was created using an open-source mobile app framework called Xamarin. It exploits the operating system's accessibility permissions to achieve its goals. It can also gather metadata about the compromised device and contact a command-and-control (C2) server to retrieve a second-stage payload, but only after determining whether it meets the criteria.

Submitted by Gregory Rigby on

"Essential DDoS Statistics for Understanding Attack Impact"

"Essential DDoS Statistics for Understanding Attack Impact"

Distributed Denial-of-Service (DDoS) attacks have far-reaching consequences beyond inconvenience, as they can cause financial losses, result in compromised data, and erode customer trust. It is important for organizations and individuals to gain further insight into the nature and consequences of DDoS activity to protect their online presence and ensure that critical services continue to flow. To help organizations improve their cybersecurity strategies, Help Net Security has highlighted some excerpts from DDoS attack surveys covered in 2023.

Submitted by Gregory Rigby on

"How Cybercriminals Will Sway 2024 US Elections, Or Try To"

"How Cybercriminals Will Sway 2024 US Elections, Or Try To"

Foreign cyber actors, mainly based in Russia, Iran, and China, are increasing their efforts to influence US audiences ahead of the 2024 national elections. Doppelganger, a Russia-based influence operation, is one example that has established several fake news sites and social media accounts to share stories aimed at inciting political and social divisions in the US in the run-up to the elections. A December 2023 report from Recorded Future identified the Doppelganger group, operating through three sites, each posing as a legitimate news outlet.

Submitted by Gregory Rigby on

"Integris Health Data Breach Could Impact Millions"

"Integris Health Data Breach Could Impact Millions"

Integris Health, Oklahoma's largest non-profit healthcare system, has recently started informing patients of a data breach impacting their personal information.  The data breach occurred at the end of November, but the attack did not impact the healthcare provider's operations.  The company announced that the compromised personal information includes names, contact information, dates of birth, demographic data, and Social Security numbers.  Integris Health says that the personal information potentially affected varies by individual.

Submitted by Adam Ekwall on
Subscribe to