CISA orders federal agencies to secure Microsoft cloud systems after ‘recent’ intrusions

The Cybersecurity and Infrastructure Security Agency (CISA) issued a binding directive on Tuesday giving federal agencies a series of deadlines to identify cloud systems, implement assessment tools and abide by the agency’s Secure Cloud Business Applications (SCuBA) secure configuration baselines.

The Record from Recorded Future News – ​Read More

Facebook Owner Hit With 251 Million Euros in Fines for 2018 Data Breach

EU privacy watchdogs hit Facebook owner Meta with fines totaling 251 million euros after an investigation into a 2018 data breach that exposed millions of accounts.

The post Facebook Owner Hit With 251 Million Euros in Fines for 2018 Data Breach appeared first on SecurityWeek.

SecurityWeek – ​Read More

CrowdStrike Survey Highlights Security Challenges in AI Adoption

Ideally, generative AI should augment, not replace, cybersecurity workers. But ROI still proves a challenge.

Security | TechRepublic – ​Read More

Nebraska AG sues Change Healthcare, UnitedHealth for data theft after ransomware attack

The 29-page filing alleges violations of Nebraska’s consumer protection and data security laws and says Change Healthcare — which is owned by UnitedHealth Group (UHG) — failed to implement proper security measures that exacerbated the data breach, disrupting critical healthcare services across the state.

The Record from Recorded Future News – ​Read More

Texas Tech Fumbles Medical Data in Massive Breach

The cyberattack impacts at least 1.4 million patients, as tranches of highly sensitive personal, medical, and financial data fall into the hands of cyber crooks who have everything they need to carry out convincing social engineering and fraud attacks.

darkreading – ​Read More

CISA Directs Federal Agencies to Secure Cloud Environments

Actions direct agencies to deploy specific security configurations to reduce cyber-risk.

darkreading – ​Read More

Hackers Leak Partial Cisco Data from 4.5TB of Exposed Records

Yet another day, yet another data leak tied to Cisco!

Hackread – Latest Cybersecurity, Tech, Crypto & Hacking News – ​Read More

Attackers Exploit Microsoft Teams and AnyDesk to Deploy DarkGate Malware

A new social engineering campaign has leveraged Microsoft Teams as a way to facilitate the deployment of a known malware called DarkGate.
“An attacker used social engineering via a Microsoft Teams call to impersonate a user’s client and gain remote access to their system,” Trend Micro researchers Catherine Loveria, Jovit Samaniego, and Gabriel Nicoleta said.
“The attacker failed to install a

The Hacker News – ​Read More

Delinea Joins CVE Numbering Authority Program

Post Content

darkreading – ​Read More

Azure Data Factory Bugs Expose Cloud Infrastructure

Three vulnerabilities in the service’s Apache Airflow integration could have allowed attackers to take shadow administrative control over an enterprise cloud infrastructure, gain access to and exfiltrate data, and deploy malware.

darkreading – ​Read More