Security Pop Quiz! q321.mp3

News

Packet Storm Security

Security Affairs

* ASUS routers with AiCloud vulnerable to auth bypass exploit
* U.S. CISA adds Apple products and Microsoft Windows NTLM flaws to its Known Exploited Vulnerabilities
* Entertainment venue management firm Legends International disclosed a data breach
* China-linked APT Mustang Panda upgrades tools in its arsenal
* Node.js malvertising campaign targets crypto users

Looking Glass Cyber

securingtomorrow.mcafee.com

Quick Heal

Threat Post

* Student Loan Breach Exposes 2.5M Records
* Watering Hole Attacks Push ScanBox Keylogger
* Tentacles of '0ktapus' Threat Group Victimize 130 Firms
* Ransomware Attacks are on the Rise
* Cybercriminals Are Selling Access to Chinese Surveillance Cameras

Naked Security

ESET

* CapCut copycats are on the prowl
* They're coming for your data: What are infostealers and how do I stay safe?
* Attacks on the education sector are surging: How can cyber-defenders respond?
* Watch out for these traps lurking in search results
* So your friend has been hacked: Could you be next?

CIS

• DeepSeek: A New Player in the Global AI Race Mon, 24 Mar 2025 09:19:00 -0400
  CIS analysts break down the rise of DeepSeek, a GenAI model that collects data and introduces security risks for users.

Malware Patrol

* InfoSec Articles (03/25/25 - 04/08/25)
* InfoSec Articles (03/11/25 - 03/25/25)

SecList

• IronHusky updates the forgotten MysterySnail RAT to target Russia and Mongolia
  MysterySnail RAT attributed to IronHusky APT group hasn’t been reported since 2021. Recently, Kaspersky GReAT detected new versions of this implant in government organizations in Mongolia and Russia.

MySonicWall

Critical Infrastructure

* The importance of security for power utility substations
* Chinese threat actor resided in US electric grid for almost one year
* US experiences 47% of global utilities cyberattacks

* Windsor port authority strengthens US-Canada border waterway
* Protecting ships from cyber terrorism
* Biden administration issues executive order to secure U.S. ports

* Ensuring safety on the move: Strengthening security in public transportation
* Nearly 1M records related to personal property were exposed
* Security experts respond to the Amazon employee data breach

Case Studies

* The 2 am call: Preparing for a government cyberattack
* Häfele recovers from ransomware attack with new SASE platform
* Ride-hailing company, inDrive, uses new platform to prevent fraud

* Campus collaboration: a security-focused work management platform
* Windsor port authority strengthens US-Canada border waterway
* From the stone age to cutting edge: A case study on key management

Tools

Exploits

Last 20 Website Defacements - Zone-h

Press Play to hear the answer!

Advisories