SonicWall initially issued an advisory of a notable increase in both internally and externally reported cyber incidents involving Gen 7 SonicWall firewalls where SSL VPN is enabled. A likely zero-day vulnerability in SonicWall VPNs was being actively exploited to bypass MFA...
Over the last several days, SonicWall issued an advisory of a notable increase in both internally and externally reported cyber incidents involving Gen 7 SonicWall firewalls where SSL VPN is enabled. A likely zero-day vulnerability in SonicWall VPNs is being actively exploited.
The Federal Bureau of Investigation (FBI) released this FBI Liaison Alert System (FLASH) to disseminate indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) associated with 5Socks and Anyproxy cyber criminal services' targeting malware that affects EOL
The NJCCIC was recently notified of a cyber incident in which a threat actor compromised a user's account credentials by targeting the Password Hash Synchronization (PHS) login method. Azure utilizes PHS to validate credentials and authenticate users without needing an additional...
A new botnet known as Eleven11bot quickly became one of the largest in the last several years, infecting over 86,000 Internet of Things (IoT) devices. The botnet, mainly comprised of security cameras and network video recorders, has been used to launch distributed denial-of-service.
DISA Global Solutions (DISA) is a third-party administrator of employment screening services, including drug and alcohol testing, background checks, occupational health, transportation compliance, and financial due diligence. DISA has more than 6,000 collection sites.
Stark Aerospace, a US missile systems and aerial weapons manufacturer based in Mississippi, was targeted by the INC Ransom group. The group claims to have exfiltrated 4TB of sensitive data, including source code, design plans, employee passports, etc.
UnitedHealth Group (UHG) reported that last year's breach of its technology subsidiary, Change Healthcare, affected 190 million people— double the initial estimate following the cyberattack on February 21, 2024. This incident is the largest healthcare data breach in history.
In light of the recent PowerSchool incident in which the personally identifiable information (PII) of students and teachers was breached, the NJCCIC is sharing the Identity Theft and Compromised PII document to assist schools in providing recommendations to those impacted.
The breach was discovered on December 28, 2024, when unauthorized access to customer information was detected on their PowerSource customer support platform. Some impacted districts reported unauthorized activity as early as December 22.
