Information Security Buzz

1 week ago | informationsecuritybuzz.com | Kirsten Doyle

The Cybersecurity and Infrastructure Security Agency (CISA), in coordination with the FBI, Environmental Protection Agency (EPA), and Department of Energy (DoE), has issued a joint alert warning that unsophisticated cyber actors are increasingly targeting operational technology (OT) and industrial control systems (ICS) within the United States’ critical infrastructure.

1 week ago | informationsecuritybuzz.com | Kirsten Doyle

One of the largest data breaches in U.S. educational history is worsening, as the attacker behind the December 2024 cyberattack on PowerSchool is now directly extorting affected schools, threatening to leak sensitive student and teacher data unless ransom payments are made. PowerSchool, a widely used student information system (SIS) platform across American K–12 institutions, confirmed that the breach compromised. Data belonging to over 60 million students and 9.5 million educators.

1 week ago | informationsecuritybuzz.com | Kirsten Doyle

In a novel malware campaign, attackers are leveraging fake AI-powered video and image editing sites to spread a newly identified malware strain: Noodlophile Stealer. This was revealed in recent research by Morphisec.  Cybercriminals are like pickpockets; they go where the crowds are. They see users eagerly flocking to platforms that promise to turn selfies into cinematic videos or enhance images with a click and are seizing the day.

1 week ago | informationsecuritybuzz.com | Kirsten Doyle

In a recent security advisory, the FBI warned of a quietly growing cyber threat: outdated home and small business routers are being turned into tools for criminal anonymity. Bad actors are compromising end-of-life (EoL) routers (devices no longer supported by their manufacturers) to install malware and conscript them into sprawling proxy networks like 5Socks and AnyProxy.

1 week ago | informationsecuritybuzz.com | Kirsten Doyle

While reports suggest that the latest version of Samsung MagicINFO 9 Server (21.1050.0) addresses the high-severity vulnerability tracked as CVE-2024-7399, Huntress has independently confirmed that this version remains vulnerable to a publicly available proof-of-concept (PoC). Huntress has also observed active exploitation of this flaw in the wild, affecting even the most recent version. Until a proper fix is released, Huntress says MagicINFO 9 Server should not be exposed to the internet.