Lifeboat Foundation

The US Cybersecurity and Infrastructure Security Agency (CISA) today alerted organizations to patch their Pulse Secure VPN servers as a defense against ongoing attacks trying to exploit a known remote code execution (RCE) vulnerability.

This warning follows another alert issued by CISA in October 2019, and others coming from the National Security Agency (NSA), the Canadian Centre for Cyber Security, and UK’s National Cyber Security Center (NCSC).

Pulse Secure reported the vulnerability tracked as CVE-2019–11510 and disclosed by Orange Tsai and Meh Chang from the DEVCORE research team, and by Jake Valletta from FireEye in an April 2019 out-of-cycle advisory.

Dunwoody officials said Thursday that no data was compromised during the ransomware attack, which was detected on Christmas Eve and is now under investigation by the FBI. The intrusion was quickly identified by staff, which worked with the city’s computer security contractors at InterDev to shut down servers and disconnect computers in order to limit the impact of the attack.

“As soon as we detected a problem, we took immediate steps to protect the city’s infrastructure,” Ashley Smith, InterDev’s director of government services, said in a news release. “Data back-ups were used to fully restore systems with no loss.”

Dunwoody police Chief Billy Grogan said the attackers demanded a ransom be paid in bitcoin, a digital currency. He declined to reveal the amount requested but said the city did not pay.

Cybersecurity company warns that hackers are investigating industrial control systems associated with power infrastructure.

A hacking group believed to be from North Korea is reportedly stepping up its game to continue its cryptocurrency stealing campaigns.

In a statement published yesterday, security researchers from Kaspersky say they found evidence to suggest Lazarus has made significant changes to its attack methodology.

According to Kaspersky, the hacking group is taking “more careful steps” and is employing “improved tactics and procedures” to steal cryptocurrency.

Would you like to live to be 400 years old?

Microsoft publishes insights into RDP brute-force attacks from months-long 45,000 PC study.

Windows 10 users need to avoid Microsoft’s latest update, but it has already been installed by millions…

The first U.S. government website has been hacked post the killing of Qassem Suleimani, exposing the true nature of the short-term threat.

Foreign ministry officials believe another country may be responsible.