Little fires everywhere for March Patch Tuesday
Just 57 CVEs to contend with (plus advisories), but six are already under exploit in the wild
Similar Posts
North Korean Hackers Use EtherHiding to Hide Malware Inside Blockchain Smart Contracts
Bys sA threat actor with ties to the Democratic People’s Republic of Korea (aka North Korea) has been observed leveraging the EtherHiding technique to distribute malware and enable cryptocurrency theft, marking the first time a state-sponsored hacking group has embraced the method. The activity has been attributed by Google Threat Intelligence Group (GTIG) to a threat…
E.U. Commission Fined for Transferring User Data to Meta in Violation of Privacy Laws
Bys sThe European General Court on Wednesday fined the European Commission, the primary executive arm of the European Union responsible for proposing and enforcing laws for member states, for violating the bloc’s own data privacy regulations. The development marks the first time the Commission has been held liable for infringing stringent data protection laws in the…
How Long Does It Take Hackers to Crack Modern Hashing Algorithms?
Bys sWhile passwords remain the first line of defense for protecting user accounts against unauthorized access, the methods for creating strong passwords and protecting them are continually evolving. For example, NIST password recommendations are now prioritizing password length over complexity. Hashing, however, remains a non-negotiable. Even long secure passphrases should be hashed to prevent them
Cyber-crew claims it cracked American cableco, releases terrible music video to prove it
Bys sIain Thomson reports: A cyber-crime ring calling itself Arkana has made a cringe music video to boast of an alleged theft of subscriber account data from Colorado-based cableco WideOpenWest (literally, WOW!) The video features gloomy music plus narration and text in Russian that claims – which screenshots of what looks like compromised internal WOW! systems –…
Don’t be so quick to claim there’s no reason to believe there’s compromise of patient info: Saturday edition
Bys sHere’s today’s example of how an entity may claim that they had no reason to believe patient data had been compromised, only to find that it had been. In February, Whitman Hospital & Medical Clinics (“WHMC”) in California discovered they had been the victim of a cyberattack that occurred between December 26 and February 28….
Ivanti Warns of New Zero-Day Attacks Hitting Connect Secure Product
Bys sIvanti confirms zero-day exploitation of a remotely exploitable code execution flaw in its Connect Security product line. The post Ivanti Warns of New Zero-Day Attacks Hitting Connect Secure Product appeared first on SecurityWeek.