NIST Gives IoT Security a Boost with Ascon Encryption Algorithm Standardization

The Hacker News Daily Updates [Newsletter]( [cover]( [CISO Guide to Business Email Compromise]( To counter these highly sophisticated attacks, large enterprise organizations need the right security platform. [Download Now]( Sponsored LATEST NEWS Feb 9, 2023 [NewsPenguin Threat Actor Emerges with Malicious Campaign Targeting Pakistani Entities]( A previously unknown threat actor dubbed NewsPenguin has been linked to a phishing campaign targeting Pakistani entities by leveraging the upcoming international maritime expo as a lure. "The attacker sent out targeted phishing emails with a weaponized document attached that purports to be an exhibitor manual for PIMEC-23," the BlackBerry Research and Intelligence Team said. PIMEC, short ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [A Hackers Pot of Gold: Your MSP's Data]( A single ransomware attack on a New Zealand managed service provider (MSP) disrupted several of its clients' business operations overnight, most belonging to the healthcare sector. According to the country's privacy commissioner, "a cyber security incident involving a ransomware attack" in late November upended the daily operations of New Zealand's health ministry when it prevented the ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [Developer-friendly eSignature API that scales with your workflows]( Add eSignatures to your software. Empower users to sign, send, and track documents without leaving your website, CRM, or app. Get 250 legally-binding signature for free with our free ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [Gootkit Malware Adopts New Tactics to Attack Healthcare and Finance Firms]( The Gootkit malware is prominently going after healthcare and finance organizations in the U.S., U.K., and Australia, according to new findings from Cybereason. The cybersecurity firm said it investigated a Gootkit incident in December 2022 that adopted a new method of deployment, with the actors abusing the foothold to deliver Cobalt Strike and SystemBC for post-exploitation. "The threat ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [OpenSSL Fixes Multiple New Security Flaws with Latest Update]( The OpenSSL Project has released fixes to address several security flaws, including a high-severity bug in the open source encryption toolkit that could potentially expose users to malicious attacks. Tracked as CVE-2023-0286, the issue relates to a case of type confusion that may permit an adversary to "read memory contents or enact a denial-of-service," the maintainers said in an advisory. ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [NIST Standardizes Ascon Cryptographic Algorithm for IoT and Other Lightweight Devices]( The U.S. National Institute of Standards and Technology (NIST) has announced that a family of authenticated encryption and hashing algorithms known as Ascon will be standardized for lightweight cryptography applications. "The chosen algorithms are designed to protect information created and transmitted by the Internet of Things (IoT), including its myriad tiny sensors and actuators," ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [Unpatched Security Flaws Disclosed in Multiple Document Management Systems]( Multiple unpatched security flaws have been disclosed in open source and freemium Document Management System (DMS) offerings from four vendors LogicalDOC, Mayan, ONLYOFFICE, and OpenKM. Cybersecurity firm Rapid7 said the eight vulnerabilities offer a mechanism through which "an attacker can convince a human operator to save a malicious document on the platform and, once the document is ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [Sydney Man Sentenced for Blackmailing Optus Customers After Data Breach]( A Sydney man has been sentenced to an 18-month Community Correction Order (CCO) and 100 hours of community service for attempting to take advantage of the Optus data breach last year to blackmail its customers. The unnamed individual, 19 when arrested in October 2022 and now 20, used the leaked records stolen from the security lapse to orchestrate an SMS-based extortion scheme. The ... [Read More]( [Twitter]( [Facebook]( [LinkedIn]( [cover]( [CISO Guide to Business Email Compromise]( To counter these highly sophisticated attacks, large enterprise organizations need the right security platform. [Download Now]( Sponsored This email was sent to {EMAIL}. You are receiving this newsletter because you opted-in to receive relevant communications from The Hacker News. To manage your email newsletter preferences, please [click here](. Contact The Hacker News: info@thehackernews.com [Unsubscribe]( The Hacker News | Pearls Omaxe, Netaji Subash Place, Pitampura, Delhi 110034 India