RF Wave’s Post

#Mozilla has released software updates to address a critical vulnerability in #Firefox The vulnerability is tracked as CVE-2024-9680, and when exploited, allows an attacker to run arbitrary code. Mozilla says they have reports the vulnerability is being exploited in the wild. Users are advised to patch ASAP #cybersecurity #vulnerabilitymanagement #activeexploitation https://lnkd.in/dbBuUMZZ

#ADT has revealed they were a victim of a #databreach ADT says credentials were stolen from a third-party business partner. ADT terminated the account as soon as they found out, and has engaged third-party cybersecurity experts to investigate. The investigation revealed employee data was stolen. No customer data is believed to have been stolen. Affected employees are advised to be vigilant of phishing attempts #cybersecurity https://lnkd.in/gWvGzWdr

#CybersecurityAwareness #CybersecurityAwarenessMonth Day 11 Ransomware is one of the most common types of malware. It gets downloaded onto a victim’s computing device through many different techniques such as social engineering and exploitation of a vulnerability. Then it would encrypt files on the device, making it unusable, and leaves a ransom note demanding payment, which is where ransomware got its name. The ransomware also tries to spread throughout the network so it can take more devices and data hostage. Ransomware is such a lucrative “business” nowadays that there are many organized groups specifically created to extort money from individuals and businesses. In 2023, ransomware attacks brought in US$1.1 billion by one estimate, and almost three quarters of organizations reported at least one ransomware attack. It is critical to have all the necessary defences in place to protect against ransomware attacks.

UPDATE: MoneyGram has confirmed that hackers had stolen customer personal information and transaction data #databreach https://lnkd.in/eMkhkqNd

#Lego's website was hacked last week to push cryptocurrency scams The main banner was briefly showing an image of a LEGO cryptocurrency. Clicking on the link takes the victim to a cryptocurrency site where they can buy the LEGO token. Users who bought LEGO token are advised to be aware of the risks of holding scam cryptocurrency. #cybersecurity https://lnkd.in/g6FyADeh

#CybersecurityAwareness #CybersecurityAwarenessMonth Day 10 Malware is short for “malicious software.” As the name suggests, the software is designed to cause damage, loss, or harm to the victim’s computing device and the data contained within. There are many different types of malware with different functions and purposes. Malware can be created to steal data, to erase or destroy data, to destroy the computing device, to spread from device to device, and more. Threat actors use many techniques, including deploying malware to achieve their objectives.

#CybersecurityAwareness #CybersecurityAwarenessMonth Day 9   Social engineering is an attempt to trick someone into revealing information. The information can be personal details about the victim, his/her password, and knowledge he/she may know about systems. The collected details are then usually used to gain unauthorized access to data and/or assets. Research show that more than 80% of data breaches are caused by social engineering.   There are different types of social engineering techniques. Phishing tricks victims using emails or fake websites. Vishing tricks victims by impersonating someone’s voice, and smishing tricks victims by impersonating a legitimate individual or business using SMS texting.   It is important for people to recognize social engineering attempts so they do not lead to a breach.

#Qualcomm has released software updates to address a #zeroday vulnerability in its Digital Signal Processor service The vulnerability is tracked as CVE-2024-43047 and when exploited, can lead to memory corruption. The vulnerability is believed to be under active exploitation. Qualcomm has released the patches to device makers. Users are advised to patch as soon as a patch is available for their device #cybersecurity #vulnerabilitymanagement #activeexploitation https://lnkd.in/exUm2Vvi

#AmericanWater has revealed they were a victim of a #cyberattack The attack happened on Oct 3, 2024, and forced American Water to shut down some of its systems. American Water has engaged external cybersecurity experts to investigate, and has alerted law enforcement. #cybersecurity #USA https://lnkd.in/exUm2Vvi

#CybersecurityAwareness #CybersecurityAwarenessMonth Day 8 A breach happens when a threat actor gains unauthorized access to an organization’s data or assets. A data breach is when an unauthorized party gains access to an organization’s data. In the modern cybersecurity landscape, data breaches occur frequently. For example, Kootenai Health reported a data breach in August 2024, and health records and other personal information of about 460,000 clients were compromised. Breaches have a lot of consequences for the organization, their clients and their partners. Stolen data gets sold, is used to extort victims, is used for espionage, and more. Breaches are costly in many respects, including legal, financial and reputation, and is why having good cybersecurity is critical for a business.