The Onyx Information Technology Group

Microsoft Incident Response Retainer is generally available - Microsoft Security Blog Microsoft Security is expanding its incident response presence and we’re excited to announce the Microsoft Incident Response Retainer is now generally available.

Pwn2Own Hacker Competition Awards Over $1 Million In Vancouver Competitors who successfully exploited 27 zero-day vulnerabilities during Pwn2Own Vancouver 2023 were awarded over $ 1 million and a Tesla Model 3 for the winner.

OpenAI: ChatGPT Payment Data Leak Caused By Open-Source Bug OpenAI's ChatGPT's open-source software leaked much data through a bug that exposed ChatGPT payment details and random users' conversation histories.

14 Million Customer Details Breached In Latitude Financial Firm The personal information of 14 million Australians and New Zealanders has been stolen due to a severe security breach in latitude financial group in the hack a fortnight ago.

Rundown Of News And Events That Happened This Week Here is the rundown of news and events that happened this week in the world of cybersecurity.

GitHub Replaces Exposed RSA SSH Key To Keep Git Operations GitHub replaced its RSA SSH host key to encrypt Git operations "out of an excess of caution" after it was briefly exposed in a public repository.

Guidance for investigating attacks using CVE-2023-23397 - Microsoft Security Blog This guide provides steps organizations can take to assess whether users have been targeted or compromised by threat actors exploiting CVE-2023-23397.

WooCommerce Payments Plugin Patches Critical Vulnerability WooCommerce payments developers found a vast security patch that may have affected over 500,000 WordPress sites making it a prime target for fraudsters.

City Of Toronto Admits Data Theft, Clop Takes Blame The City of Toronto admits it has been breached by clop ransomware using Fortra's GoAnywhere secure file transfer application. It has breached more than 130 firms.

New Government Cyber Security Strategy Vital For Healthcare New Government Cyber Security Strategy is Vital For Healthcare given that cybersecurity advocates have been urging the recognition of the nation's healthcare entities.

German And South Korean Agencies Alerts Of Kimsuky's Attacks An alert against the growing cyberattacks of North Korean hackers known as Kimsuky has been issued jointly by German and South Korean security agencies.

How Microsoft Defender for Business helps secure SMBs - Microsoft Security Blog The latest Microsoft Defender for Business innovations offer new security features for small and medium-sized businesses so they can focus on what they care about most.

Malicious ChatGPT Chrome Extension Targets Facebook Accounts Security researchers have issued another alert regarding a security problem that is spreading in Malicious ChatGPT and posing as a Chrome extension.

How To Install LXD on Ubuntu 22.04 LTS using apt/snap Explains how to install LXD on Ubuntu Linux 22.04 LTS using APT or snap and configure your first Linux container for dev or prod purposes.

Bash/KSH: Define Delimiter (IFS) While Using read Command Explains how to define and read a fields using while loop and read command with IFS (Internal Field Separator) delimiter under bash/ksh

Windows 11 Snipping Tool Vulnerability Exposes Sensitive Data Snipping Tool found in Windows 11 & Windows 10 was determined to be more effective than a weakness that could allow third parties to access sensitive data.

Microsoft Defender for Cloud provides CNAPP security - Microsoft Security Blog Here's how Microsoft Defender for Cloud can help secure multicloud environments as a cloud-native application protection platform (CNAPP).

Microsoft a Leader in the 2023 Forrester Wave™ for Data Security Platforms - Microsoft Security Blog Microsoft is named a Leader in Forrester’s 2023 Wave for Data Security Platforms for Microsoft Purview Information Protection, Microsoft Priva, and more.

Google Bans Chinese App Pinduoduo Over Security Concerns Google has revealed that it has removed the Chinese app Pinduoduo from its Play Store due to US tech firms' growing worries about the security of user data by the app.

BreachForums Admin Baphomet Closes The Hacking Forum BreachForums Admin Baphomet has officially taken down the hacking forum, but the current admin stressed that "it's not the end" in an abrupt change of events.

NBA Alerts Fans After Hack Of The Third-Party Service Provider NBA alerts fans after a hack on the information held by a third-party service provider that assists the NBA in communicating with fans that voluntarily share their details.

Identity protection with Microsoft and Recorded Future - Microsoft Security Blog Learn how to protect your organization beyond multifactor authentication with the integration of Microsoft and Recorded Future.

Ferrari Reveals Data Breach After Getting Ransom Demand Ferrari has admitted a data leak after hackers demanded a ransom. The event occurred last month, and the company is cooperating with law police to investigate.

Mandiant Zero-Day Exploitation Report 2022 Mandiant zero-day exploitation report of 2022 explores the exploitation discovered in its original research, breach investigation findings, and reporting from open sources.

Royal Dirkzwager Attacked By Play Ransomware Group The Play group's ransomware struck the shipping company Royal Dirkzwager; the attack had little impact on business operations but resulted in data theft from servers.

Microsoft achieves Cloud Data Management Capabilities certification - Microsoft Security Blog Microsoft announces Cloud Data Management Capabilities (CDMC) certification, accelerating the industry’s move to the cloud.

Cloud-powered security in Microsoft Defender for IoT - Microsoft Security Blog Learn how the new cloud-powered Microsoft Defender for IoT delivers integrated, comprehensive security for your OT environment.

FBI Detains Owner Of Notorious Cybercrime Forum, BreachForums Conor Brian Fitzpatrick, a 26-year-old native of New York, has been detained by the Federal Bureau of Investigation (FBI) for running BreachForums.

What Is Shoulder Surfing? How Does It Affect Cybersecurity Shoulder surfing usually happens in crowded public places when the criminal stands or sits nearby to watch the victim physically enter their information.

Healthcare Firm ILS Alerts 4.2 Million People Of Data Breach ILS, a Miami-based healthcare administration and care provider, breached 4,226,508 users' data in the most significant healthcare data breach by several victims.

New Zealand Moves To Ban TikTok On Its Parliament Devices New Zealand moves to ban TikTok on its parliament devices, stating security concerns, making them the most recent government to place limitations on Tiktok.

ChipMixer Crypto Mixer Shutdown By German & US Authorities ChipMixer, a darknet bitcoin "mixing" service, was just taken down in a planned worldwide operation, according to European and American officials.

KillNet and affiliate hacktivist groups targeting healthcare with DDoS attacks - Microsoft Security Blog In the last year, geopolitical tension has led to an uptick of reported cybercrime events fueled by hacktivist groups. The US Cybersecurity and Infrastructure Security Agency (CISA) published an advisory to warn organizations about these attacks and teamed with the FBI on a distributed denial-of-ser...

Microsoft Outlook Zero-Day Vulnerabilities Exposed Microsoft announced advisories for two zero-day vulnerabilities that still pose a threat to users of the Windows OS, with a good number of software security upgrades.

Over $10bn Lost To Online Frauds - FBI Internet Crimes 2022 Report Over $10bn has been lost by Americans to online fraud, according to reports from the FBI's investigation, which noted that losses were the biggest in five years.

Future-Proofing Your Business Against Insider Threats Insider threats can still occur despite preventative measures. Early detection of insider threats is crucial for preventing the harm that they can end up causing.

Cybercriminals Devising More Tactics For Phishing Attacks In evading security agencies, cybercriminals are constantly improving their phishing attacks by implementing new strategies and techniques to carry out their deeds.

Join us at Microsoft Secure to discover the latest security solutions - Microsoft Security Blog Register for Microsoft Secure on March 28, 2023, for insights on AI, identity, data security, and more. In this blog post, we preview what to expect and session highlights you won’t want to miss.

Two Young US Men Charged, Hacked Into DEA Portal In 2022 Two young American men have been accused of breaking into a DEA portal in 2022. That contains databases and sensitive data of 16 federal law enforcement organizations.

Rubrik Admits Data Theft In GoAnywhere Zero-Day Attack Rubrik admits data theft in the GoAnywhere Zero-day attack, and the Clop ransomware group has taken responsibility for the attacks that affected many organizations globally.