CISA Publishes Encrypted DNS Implementation Guidance to Federal Agencies

 Prepared Together – Cyber Storm IX Recap

 Siemens RUGGEDCOM APE1808

+9 from  cisa

 Springtail: New Linux Backdoor Added to Toolkit

 GUEST ESSAY: Turning to cloud services can help SMBs scale to meet growth needs  - Meeting the demands of the modern-day SMB is one of the challenges facing many business leaders and IT operators today. Traditional, office-based infrastructure was fine up until the point where greater capacity was needed than those servers could deliver, vendor support became an issue, or the needs...

 BreachForums seized! One of the world's largest hacking forums is taken down by the FBI... again  - Law enforcement agencies worldwide have coordinated to take down one of the world’s largest hacker forums, scoring a victory against cybercrime. BreachForums, a notorious marketplace for stolen data, was seized by the authorities on Wednesday, according to a message on its website. BREACHFORUMS IS UNDER...

 Android malware Grandoreiro returns after police disruption  - The Android banking trojan "Grandoreiro" is spreading in a large-scale phishing campaign in over 60 countries, targeting customer accounts of roughly 1,500 banks.

 Microsoft to start enforcing Azure multi-factor authentication in July  - Starting in July, Microsoft will begin gradually enforcing multi-factor authentication (MFA) for all users signing into Azure to administer resources.

 Five charged for cyber schemes to benefit North Korea's weapons program  - ​The U.S. Justice Department charged five individuals today, a U.S. Citizen woman, a Ukrainian man, and three foreign nationals, for their involvement in cyber schemes that generated revenue for North Korea's nuclear weapons program.

+4 from  bleepingcomputer

 Russian hackers use new Lunar malware to breach a European govt's agencies  - Security researchers discovered two previously unseen backdoors dubbed LunarWeb and LunarMail that were used to compromise a European government's diplomatic institutions abroad.

+1 from  bleepingcomputer

 CrowdStrike launches advanced SIEM to power the AI-native SOC at RSAC 2024  - VentureBeat

 The Week in Ransomware - May 17th 2024 - Mailbombing is back  - This week was pretty quiet on the ransomware front, with most of the attention on the seizure of the BreachForums data theft forum. However, that does not mean there was nothing of interest released this week about ransomware.

 SEC: Financial orgs have 30 days to send data breach notifications  - The Securities and Exchange Commission (SEC) has adopted amendments to Regulation S-P that require certain financial institutions to disclose data breach incidents to impacted individuals within 30 days of discovery.

+2 from  bleepingcomputer

 Microsoft shares temp fix for Outlook encrypted email reply issues  - ​Microsoft has shared a temporary fix for a known issue preventing Microsoft 365 customers from replying to encrypted emails using the Outlook Desktop client.

 Most Companies Affected by Software Supply Chain Attacks in the Last Year, Struggling to Detect and React Effectively

+1 from  itsecurityguru.org

 Microsoft: Windows Server 2019 updates fail with 0x800f0982 errors  - ​Microsoft has acknowledged a new known issue causing this month's KB5037765 security update for Windows Server 2019 to fail to install with 0x800f0982 errors.

+2 from  bleepingcomputer