August 2024 - Page 15

TLDR: Researchers discovered a vulnerability in the Linux kernel’s dmam_free_coherent() function, leading to a race condition that could cause system instabilities. This vulnerability allows attackers to bypass CPU and write on memory.

TLDR: QWERTY Info Stealer, a new malware strain, employs advanced anti-debugging techniques to exfiltrate data from Windows systems. It was discovered on a web server hosted in Germany and utilizes various strategies

TLDR: A Disaster Recovery Plan (DRP) is crucial for organizations to recover quickly from natural or human-spurred disasters. Partnering with an experienced cybersecurity provider is essential for developing an effective DRP. In

Article Summary TLDR: RansomHub-linked EDR-Killing Malware Summary – Malware called EDRkillShifter has been discovered, which targets endpoint detection and response (EDR) software using known vulnerable drivers. – The malware leverages legitimate but

TLDR: Weekly Cyber Security News Letter provides updates on data breaches, vulnerabilities, and cyber attacks. Key stories include ransomware attack on Sumter County, exposure of hackers’ toolkit, and new phishing campaigns. The

TLDR: Randy Marchany, the CISO at Virginia Tech, shares his cybersecurity journey and role at the university in a 2024 interview. Marchany’s career includes early experiences with SANS and a focus on

TLDR: Cyber threats are increasing in the healthcare sector, leading to disruptions in services. Resilience-based cybersecurity strategies can help businesses mitigate the impact of cyberattacks. Orange Cyberdefense UK’s Dominic Trott discusses the

TLDR: MITRE, in collaboration with partners, has developed Defending OT with ATT&CK to identify and defend against adversarial techniques in critical infrastructure. The resources include threat model methodology, reference architecture, and a

TLDR: Avast researchers discovered that the Lazarus Group, a North Korean hacker group, used a zero-day vulnerability in the Windows AFD.sys driver to gain unauthorized access to sensitive areas of targeted systems.

TLDR: The cyber-attack on McLaren Health Care is likely to impact computer systems through the end of August. The health system is working with cyber security experts to assess the extent of