Risk-based vulnerability management platforms are better equipped to help orgs prioritize threats for mitigation and ensure complete security. Learn more from Outpost24 about risk-based vulnerability management. […] Read More
BleepingComputer
The all in one place for non-profit security aid.
Risk-based vulnerability management platforms are better equipped to help orgs prioritize threats for mitigation and ensure complete security. Learn more from Outpost24 about risk-based vulnerability management. […] Read More
BleepingComputer
Notepad finally gets spellcheck, autocorrect for all Windows 11 users
Microsoft has finally released a spell check and autocorrect feature in Notepad for all Windows 11 users, forty-one years after the program was introduced in 1983. […] Read More
Air Europa Announces Potential Compromise of Customer Data
[[{“value”:”
Air Europa, a prominent Spanish airline, has announced a potential compromise of its customers’ data following a security incident detected in October of the previous year.
This incident has raised alarms over the safety of personal information in the aviation sector, prompting a swift response from the company and its stakeholders.
The breach was first detected in October, and subsequent investigations by Air Europa have revealed that a significant amount of personal customer data may have been exposed.
According to an email sent to its customers, Reuters later saw that the compromised data included sensitive information such as names, ID card or passport details, dates of birth, telephone numbers, email addresses, and nationalities.
Document
Alert Fatigue that helps no one as security teams need to triage 100s of vulnerabilities.
:
The problem of vulnerability fatigue today
Difference between CVSS-specific vulnerability vs risk-based vulnerability
Evaluating vulnerabilities based on the business impact/risk
Automation to reduce alert fatigue and enhance security posture significantly
AcuRisQ, which helps you to quantify risk accurately:
This incident marks a significant concern for Air Europa customers, as malicious entities could potentially misuse the leaked information.
Upon detecting the breach, Air Europa acted promptly, reporting the incident to the relevant authorities and notifying its customers to take necessary precautions.
The airline has emphasized its commitment to security: “Air Europa continues to implement preventative measures in what is an ongoing process of security innovation given increasing incidents.”
This statement reflects the airline’s dedication to enhancing its security measures in response to the growing threat of cyber attacks.
Air Europa recently confirmed that it suffered a data breach in October, which may have compromised its customers’ data, as USNews reported.
The Wall Street Journal, which first reported the news, attributed a statement to the International Consolidated Airlines Group (IAG), which holds a 20% stake in Air Europa.
IAG clarified its position by telling Reuters that it “would never email (Air Europa’s) customers directly.”
This response highlights the complex relationship between Air Europa and its stakeholders and the coordinated effort to address the breach.
A cybersecurity researcher, Troy Hunt, recently tweeted that AirEuropa started sending breach notifications for security incidents last year.
Looks like @AirEuropa is now sending out breach notices for their incident last year: pic.twitter.com/B3QMaER76G
— Troy Hunt (@troyhunt) March 21, 2024
This is not the first time Air Europa has faced a cyber security challenge.
In October, the airline suffered an attack on its online payment system, exposing some customers’ credit card details.
Although the company stated that no other information was compromised, the number of affected customers was not disclosed.
This previous incident underscores the ongoing cyber security challenges faced by Air Europa and the aviation industry.
The potential compromise of customer data at Air Europa serves as a stark reminder of the vulnerabilities present in the aviation sector’s digital infrastructure.
As the company and its stakeholders, like IAG, navigate through the aftermath of this incident, the focus on enhancing cyber security measures has never been more critical.
With the airline industry increasingly relying on digital technologies, protecting customer data must be a top priority to maintain trust and ensure the safety of personal information.
Stay updated on Cybersecurity news, Whitepapers, and Infographics. Follow us on LinkedIn & Twitter.
The post Air Europa Announces Potential Compromise of Customer Data appeared first on Cyber Security News.
“}]] Read More
Cyber Security News
Konni APT Exploits WinRAR Vulnerability To Attack Financial & Crypto Industries
Konni, a North Korean APT group, launched the first attack against the cryptocurrency industry, exploiting a recently found WinRAR vulnerability tagged as CVE-2023-38831.
According to the study, Konni’s decision to focus on the cryptocurrency market was unusual; typically, North Korea’s notorious Lazarus Group targets the financial and crypto industries.
“The attack target of the Konni organization captured this time is very different from the past. It is speculated that the Konni organization may be opening up a new attack direction”, Chuangyu 404 Advanced Threat Intelligence Team.
Document
FREE Webinar
Attend the Live DDoS Website & API Attack Simulation webinar to gain knowledge on various types of attacks and how to prevent them.
This time, the sample is called “wallet_Screenshot_2023_09_06_Qbao_Network.zip.” The Qbao Network is a smart cryptocurrency wallet service.
QbaoNetwork is a smart encryption wallet. It seeks to provide a gateway into the blockchain community and a blockchain ecological platform.
It incorporates cross-chain digital currency wallets, payment settlements, token exchanges, social networks, news quotations, the DAPP Store, and other features.
The sample analyzed executes malicious payloads using the recently discovered Winrar vulnerability (CVE-2023-38831).
The victim clicks the html file in the compressed file, and the carefully made directory with the identical name is opened. Execution of the malicious payload bearing the same name will occur.
The cybersecurity company Group-IB discovered this vulnerability, tracked as CVE-2023-38831. Following that, WinRAR issued a patch to address this issue, but customers were still in danger since they had not updated their fixed version.
Hence, Konni’s introduction into this industry suggests that North Korean hackers have a larger plan to attack financial institution’s networks and cryptocurrency exchanges.
Konni has shown the evolvability of APT attacks by taking advantage of a novel vulnerability and a change in the sectors it targets. The Konni hack acts as an awakening for the cryptocurrency and cybersecurity community.
To protect against these sophisticated and constantly evolving attacks, the cryptocurrency industry must be alert and proactive in upgrading its security procedures. Particularly, customers are advised to update their application version.
Keep informed about the latest Cyber Security News by following us on Google News, Linkedin, Twitter, and Facebook.
The post Konni APT Exploits WinRAR Vulnerability To Attack Financial & Crypto Industries appeared first on Cyber Security News.
Cyber Security News