BU-CERT – Page 12 – Bournemouth University Computer Emergency Response Team

Introducing Active Threat Response for Sophos Switch/Sophos Wireless (AP6)

Posted on 5 June 2024

From news.sophos.com

With Active Threat Response, we’re introducing new functionality for our network access layer products, Sophos Switch and Sophos Wireless (AP6 Series only).

Corporate networks have become harder to control, with a broad array of managed and unmanaged, wired and wireless devices connecting. It’s no longer enough to monitor the status of managed devices only; when the need arises, you have to be able to block connectivity for potentially suspicious, unmanaged hosts, such as IoT devices, that could be the target of botnets.

According to the inaugural MSP Perspectives 2024 report conducted on behalf of Sophos, Managed Service Providers (MSPs) consider insecure wireless networking and a shortage of cybersecurity skills/expertise, as the biggest perceived cybersecurity risks that they face today.

Active Threat Response and our single-platform approach help to address both of those concerns by making security management more efficient, and extending wired and wireless network security beyond the realms of what network infrastructure products can see.

Australian mining company discloses breach after BianLian leaks data

Posted on 5 June 2024

From bleepingcomputer.com

Northern Minerals issued an announcement earlier today warning that it suffered a cybersecurity breach resulting in some of its stolen data being published on the dark web.

Northern Minerals is an Australian company focused on the exploration and development of heavy rare earth elements (HRE), specifically dysprosium and terbium, used in electronics, batteries, and aircraft.

It is considered of critical strategic importance for the Australian government, as evidenced by a recent call to Chinese shareholders to offload their shares in the rare earth miner.

The firm is publicly traded on the Australian Securities Exchange (ASX) under the ticker ‘NTU,’ so it is legally obliged to disclose any data breach incidents promptly.

Zyxel Releases Patches for Firmware Vulnerabilities in EoL NAS Models

Posted on 5 June 2024

From thehackernews.com

Zyxel has released security updates to address critical flaws impacting two of its network-attached storage (NAS) devices that have currently reached end-of-life (EoL) status.

Successful exploitation of three of the five vulnerabilities could permit an unauthenticated attacker to execute operating system (OS) commands and arbitrary code on affected installations.

Impacted models include NAS326 running versions V5.21(AAZF.16)C0 and earlier, and NAS542 running versions V5.21(ABAG.13)C0 and earlier. The shortcomings have been resolved in versions V5.21(AAZF.17)C0 and V5.21(ABAG.14)C0, respectively.

NSA suggests these 11 mobile security tips to Android and iPhone users

Posted on 3 June 2024

From cybersecurity-insiders.com

The National Security Agency (NSA) of the United States has recently issued a set of comprehensive guidelines aimed at enhancing the security of Android and Apple iPhone users against various digital threats such as hacks and snooping campaigns. These guidelines are particularly pertinent for users in India and other Asian countries, which have been increasingly targeted by sophisticated cyber-attacks.

As Allies, Kenya & US Aim to Bolster Digital Security in Africa

Posted on 3 June 2024

From darkreading.com

With a visit to the United States and his country’s designation by the US as a major non-NATO ally, Kenyan President William S. Ruto plans to accelerate the African nation’s technological progress, with boosting the training of cybersecurity specialists and hardening defenses against cyberattacks among the priorities.

During May 23 meetings with President Biden, President Ruto committed to the Framework for Responsible State Behavior in Cyberspace — an existing agreement between European, North American, and Asian countries — to follow specific norms in cyberspace. The US and Kenya’s leaders also agreed to share threat information between partners in the East Africa region and highlighted private industry collaborations, including a joint effort between the Kenyan government and Google to establish a cyber-operations platform along with an e-government pilot project. The US also committed to providing policy and regulatory advisory services.

Threat Actors Claiming Breach Of Heineken Employees Data

Posted on 3 June 2024

From gbhackers.com

Threat actors have claimed responsibility for a data breach involving Heineken employees.

The news broke through a post on the social media platform tweeted by the account DarkWebInformer, which specializes in monitoring and reporting on dark web activities.

ShinyHunters claims Santander breach, selling data for 30M customers

Posted on 3 June 2024

From bleepingcomputer.com

A threat actor known as ShinyHunters is claiming to be selling a massive trove of Santander Bank data, including information for 30 million customers, employees, and bank account data, two weeks after the bank reported a data breach.

ShinyHunters is known for selling and leaking data from numerous companies over the years, including this week’s alleged massive Ticketmaster data breach impacting 560 million people.

They’re also the owner of BreachForums, a notorious online community trafficking in the sale and leaking of stolen data which has survived several law enforcement takedowns over the past couple of years.