I hope on day all businesses learn Compliance is just the bare minimum—it ensures legal coverage.

True security is what sets you apart. By investing in robust security measures, you can:
• Reduce breaches
• Maintain your reputation
• Keep uptime high
• Dodge the ever-present threat of ransomware

💲 Proper security isn't just an expense; it's a smart investment that saves money in the long run.

#cyber #tech #technology #hack #hacking #cybersecurity #informationsecurity #infosec #ransomware #compliance #investments #invest #IT

$42 Million Ransom Spree & North Korea AI Cyber Attacks, Cyber News Beat

https://medium.com/@penquestr/42-million-ransom-spree-north-korea-ai-cyber-attacks-cyber-news-beat-55126e86812e

#cyber #cybernews #tech #technews #technology #news #hack #hacking #cybersecurity #cybersecuritynews #informationsecurity #infosec

🚨 Cybersecurity Alert 🚨

1️⃣ Urgent CrushFTP Zero-Day Exploited: CrushFTP has alerted users to an actively exploited zero-day vulnerability, allowing unauthenticated attackers to escape the virtual file system (VFS) and access system files. This critical flaw, reported by Airbus CERT and confirmed by CrowdStrike, has been exploited in politically motivated attacks, primarily affecting U.S. organizations. Users are urged to immediately patch their servers with the latest CrushFTP versions (10.7.1 and 11.1.0) to prevent further exploits.

2️⃣ Russian Sandworm Attack on Ukraine's Infrastructure: The Ukrainian Computer Emergency Response Team (CERT-UA) reports that the notorious Russian hacker group Sandworm targeted about 20 critical infrastructure facilities across Ukraine. Exploiting vulnerabilities in supply chain and cybersecurity defenses, the attacks focused on energy, water, and heating sectors, integrating malware like QUEUESEED and BIASBOAT to amplify the damage of concurrent physical attacks.

3️⃣ MITRE Corporation Suffers State-Sponsored Cyber Attack: The MITRE Corporation has faced a cyber attack exploiting zero-day vulnerabilities in Ivanti Connect Secure appliances. Attributed to a nation-state actor likely linked to China, the attackers compromised MITRE's unclassified NERVE network while the core enterprise network remained secure. This incident underscores the importance of vigilance and quick response to emerging cyber threats.

4️⃣ Palo Alto Networks Firewall Vulnerability Alert: Approximately 22,500 Palo Alto GlobalProtect firewall devices are at risk due to a critical CVE-2024-3400 vulnerability. This command injection flaw, actively exploited since late March 2024, enables unauthenticated command execution with root privileges. Despite the availability of patches, many devices remain vulnerable, highlighting the need for immediate updates to mitigate this significant security risk.

5️⃣ Akira Ransomware Targets Linux Servers After $42M Heist: The Akira ransomware group, after extorting $42 million from over 250 entities, has shifted focus to Linux servers, particularly targeting VMware ESXi machines. Exploiting vulnerabilities and employing tactics such as RDP and phishing, Akira's activities underscore the evolving threats in the ransomware landscape and the need for robust defenses against these sophisticated attacks.

Spread the word to help raise cybersecurity awareness, and follow if you appreciate this kind of content. Stay informed, stay secure.

#CyberSecurityAlert #CrushFTP #Sandworm #MITRECyberAttack #PaloAlto #Akira #cyber #cybernews #tech #technews #technology #news #hack #hacking #cybersecurity #cybersecuritynews #informationsecurity #infosec

🚨 Urgent Cybersecurity Alert 🚨

CrushFTP has issued an urgent update following the discovery of a zero-day vulnerability that allows unauthenticated attackers to access and download system files. This severe security flaw has been patched in the latest versions (10.7.1 and 11.1.0).

Customers are strongly advised to update their servers immediately to protect against potential exploits. Those with CrushFTP v9 should upgrade to v11 or use the dashboard for updates. A rollback option is available for any issues post-update.

The vulnerability, initially reported by Airbus CERT's Simon Garrelou, is already being exploited in the wild, affecting multiple U.S. organizations in what appears to be a politically motivated intelligence-gathering campaign.

Stay vigilant and prioritize patching to safeguard your data.

(Fix: https://www.crushftp.com/crush11wiki/Wiki.jsp?page=Update)

#CyberSecurity #DataProtection #CrushFTP #ZeroDay #PatchImmediately #cyber #cybernews #tech #technews #technology #news #hack #hacking #cybersecurity #cybersecuritynews #informationsecurity #infosec #FTP #Hack #Hacker #Hackers #Hacking

I hope no enterprises are doing this but this hits way to close for home with my home lab

#server #tech #technology #infosec #informationsecurity #IT #informationtechnology #backup #nas

Check out the latest cyber news here on my blog!

https://medium.com/@penquestr/meeting-man-who-broke-north-koreas-internet-iphones-under-attack-cyber-news-beat-c84a18099cf6

#cyber #cybernews #tech #technews #technology #news #hack #hacking #cybersecurity #cybersecuritynews #informationsecurity #infosec

🚨 Zero Day Alert 🚨

Palo Alto Networks has issued a critical warning for users of its PAN-OS software, particularly affecting GlobalProtect gateways. A severe vulnerability, identified as CVE-2024-3400, with a maximum CVSS score of 10.0, is currently being actively exploited.

This command injection flaw can allow unauthenticated attackers to execute arbitrary code with root privileges on compromised firewalls. The specific PAN-OS versions impacted are:

PAN-OS < 11.1.2-h3

PAN-OS < 11.0.4-h1

PAN-OS < 10.2.9-h1

Patches are scheduled to be released by April 14, 2024. The vulnerability affects configurations using both the GlobalProtect gateway and device telemetry settings.

🔍 The vulnerability was discovered and reported by cybersecurity firm Volexity. While specific details on the attacks remain scarce, it's important to note that the exploitation has been limited but significant.

🛡️ In response, Palo Alto Networks advises customers with a Threat Prevention subscription to enable Threat ID 95187 to mitigate the risk.

This is feels like a part of a larger trend where zero-day exploits are used for persistence. There was similar instance with Fortinet and Ivanti recenctly, specifically with Chinese APTs. If you have an affected platform it is likely not enough to just patch and call it a day. You need to scour for back doors, these APTs are very persistent and resilient.

Original Link: https://security.paloaltonetworks.com/CVE-2024-3400

#CyberSecurity #InfoSec #paloalto #PaloAltoNetworks #CVE2024_3400 #CVE20243400 #ThreatIntelligence #NetworkSecurity #tech #technews #technology #news #hack #hacking #cybersecurity #cybersecuritynews #informationsecurity #infosec #zeroday #0day

Choosing a Linux OS

#linux #redhat #chromeos #debian #ubuntu #fedora #rehl #arch #archlinux #templeos #linuxfromscratch #kali #kalilinux

🤖 This week in cybersecurity news, an unfortunately named ransomware demanding over a HUNDRED MILLION DOLLARS! 💸

https://medium.com/@penquestr/the-sexi-140-million-ransom-parades-of-trojans-cyber-news-beat-6915f2eab673

#cyber #cybernews #tech #technews #technology #news #hack #hacking #cybersecurity #cybersecuritynews #informationsecurity #infosec #ESXi #VMware #Ivanti #Dlink #Hacker #hackers #Qbot

All it takes is one person to make a difference 🙃

#cyber #tech #technology #hack #cybersecurity #informationsecurity #infosec #phishing #phish #phishingattack