today's leftovers
-
Linux On Mobile ☛ 2024-04-01 [Older] Weekly GNU-like Mobile Linux Update (13/2024): Bugfixes and Improvements
-
FSFE
-
Security
-
HC3: Sector Alert: Social Engineering Attacks Targeting IT Help Desks in the Health Sector
HC3 has recently observed threat actors employing advanced social engineering tactics to target IT help desks in the health sector and gain initial access to target organizations. In general, threat actors continue to evolve their tactics, techniques, and procedures (TTPs) to achieve their goals. HC3 recommends various mitigations outlined in this alert, which involve user awareness training, as well as policies and procedures for increased security for identity verification with help desk requests.
-
On Q Financial announces data breach, law firm feeding frenzy follows
On April 2, Arizona-based On Q Financial notified the Maine Attorney General’s Office of a breach the mortgage lender experienced. Within days, law firms announced investigations into the breach and sought potential class action members.
Was there anything particularly unique that would trigger a legal feeding frenzy? No. But On Q Financial holds financial data on a lot of consumers seeking mortgages or home loans. And now 211,650 of those clients were being notified of a hacking incident.
According to On Q’s notification letter, ConnectWise notified them on February 20 of a vulnerability affecting its ScreenConnect software. On Q promptly patched and started investigating. On March 14, they discovered that an unknown individual had gained access to and exfiltrated clients’ personal data.
-
CISA ☛ 2024-04-02 [Older] CISA Publishes New Webpage Dedicated to Providing Resources for High-Risk Communities
-
CISA ☛ 2024-04-02 [Older] CISA Releases One Industrial Control Systems Advisory
-
CISA ☛ 2024-04-02 [Older] IOSIX IO-1020 Micro ELD
-
CISA ☛ 2024-03-28 [Older] Cisco Releases Security Updates for Multiple Products
-