Blog – Page 1147 – Cyber Mike

Google Fixes GCP Composer Flaw That Could’ve Led to Remote Code Execution

A now-patched critical security flaw impacting Google Cloud Platform (GCP) Composer could have been exploited to achieve remote code execution on cloud servers by means of a supply chain attack technique called dependency confusion.
The vulnerability has been codenamed CloudImposer by Tenable Research.
“The vulnerability could have allowed an attacker to hijack an internal software dependency

CISA Releases Plan to Align Operational Cybersecurity Priorities for Federal Agencies

North Korean Hackers Target Cryptocurrency Users on LinkedIn with RustDoor Malware

Cybersecurity researchers are continuing to warn about North Korean threat actors’ attempts to target prospective victims on LinkedIn to deliver malware called RustDoor.
The latest advisory comes from Jamf Threat Labs, which said it spotted an attack attempt in which a user was contacted on the professional social network by claiming to be a recruiter for a legitimate decentralized

Ransomware Group Leaks Data Allegedly Stolen From Kawasaki Motors

The RansomHub ransomware gang has published 487 gigabytes of data allegedly stolen from Kawasaki Motors Europe’s systems.

The post Ransomware Group Leaks Data Allegedly Stolen From Kawasaki Motors appeared first on SecurityWeek.

From Breach to Recovery: Designing an Identity-Focused Incident Response Playbook

Imagine this… You arrive at work to a chaotic scene. Systems are down, panic is in the air. The culprit? Not a rogue virus, but a compromised identity. The attacker is inside your walls, masquerading as a trusted user. This isn’t a horror movie, it’s the new reality of cybercrime. The question is, are you prepared?
Traditional incident response plans are like old maps in a new world. They

Microsoft Says Recent Windows Vulnerability Exploited as Zero-Day

Microsoft warns that a recently patched Windows vulnerability was exploited in the wild as a zero-day prior to July 2024.

The post Microsoft Says Recent Windows Vulnerability Exploited as Zero-Day appeared first on SecurityWeek.

88,000 Impacted by Access Sports Data Breach Resulting From Ransomware Attack

Orthopedics services provider Access Sports says the data of 88,000 people was stolen by cybercriminals.

The post 88,000 Impacted by Access Sports Data Breach Resulting From Ransomware Attack appeared first on SecurityWeek.

Master Your PCI DSS v4 Compliance with Innovative Smart Approvals

The PCI DSS landscape is evolving rapidly. With the Q1 2025 deadline looming ever larger, businesses are scrambling to meet the stringent new requirements of PCI DSS v4.0. Two sections in particular, 6.4.3 and 11.6.1, are troublesome as they demand that organizations rigorously monitor and manage payment page scripts and use a robust change detection mechanism. With the deadline fast approaching

Data Stolen in Ransomware Attack That Hit Seattle Airport

The Port of Seattle, which operates the SEA Airport, has confirmed that the August outage was the result of a ransomware attack.

The post Data Stolen in Ransomware Attack That Hit Seattle Airport appeared first on SecurityWeek.

SolarWinds Patches Critical Vulnerability in Access Rights Manager

SolarWinds has announced patches for a critical-severity remote code execution vulnerability in Access Rights Manager.

The post SolarWinds Patches Critical Vulnerability in Access Rights Manager appeared first on SecurityWeek.

Cyber News