22Articles
7Categories
2023-07-13Date
🐛 COMMON VULNERABILITIES AND EXPOSURES 5[−]
13 JulNew Vulnerabilities Disclosed in SonicWall and Fortinet Network Security ProductsSonicWall on Wednesday urged customers of Global Management System (GMS) firewall management and Analytics network reporting engine software to apply the latest fixes to secure against a set of 15 security flaws that could be exploited by a threat actor to circumvent authenticati…THEHACKERNEWS.COM
13 JulCVE-2023-24936 .NET, .NET Framework, and Visual Studio Elevation of Privilege VulnerabilityIn the Security Updates table, added all supported versions of all supported versions of .NET Framework, Visual Studio 2022 version 17.0, Visual Studio 2022 version 17.2, and Visual Studio 2022 version 17.4 because these products are also affected by this vulnerability. Microsoft…MSRC.MICROSOFT.COM
13 JulCVE-2023-36883 Microsoft Edge for iOS Spoofing VulnerabilityInformation published.MSRC.MICROSOFT.COM
⚠️ VULNERABILITY DISCLOSURE 2[−]
13 JulFake PoC for Linux Kernel Vulnerability on GitHub Exposes Researchers to MalwareIn a sign that cybersecurity researchers continue to be under the radar of malicious actors, a proof-of-concept (PoC) has been discovered on GitHub, concealing a backdoor with a "crafty" persistence method. "In this instance, the PoC is a wolf in sheep's clothing, harboring malic…THEHACKERNEWS.COM
13 JulRockwell Automation ControlLogix Bugs Expose Industrial Systems to Remote AttacksThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has alerted of two security flaws impacting Rockwell Automation ControlLogix EtherNet/IP (ENIP) communication module models that could be exploited to achieve remote code execution and denial-of-service (DoS). "The …THEHACKERNEWS.COM
📢 SECURITY ADVISORIES 2[−]
13 JulU.S. Government Agencies' Emails Compromised in China-Backed Cyber AttackAn unnamed Federal Civilian Executive Branch (FCEB) agency in the U.S. detected anomalous email activity in mid-June 2023, leading to Microsoft's discovery of a new China-linked espionage campaign targeting two dozen organizations. The details come from a joint cybersecurity advi…THEHACKERNEWS.COM
🔥 INCIDENT REPORTING 3[−]
13 JulThe State of Ransomware in Financial Services 2023New insights into how ransomware impacts the financial services sector, including the frequency, root causes of attacks, and data recovery costs.SOPHOS.COM
13 JulIOTW: A full timeline of the MOVEit cyber attackAn up-to-date timeline of the MOVEit cyber attack, its victims and its impactCSHUB.COM
13 JulSEO Expert Hired and Fired By Ashley Madison Turned on Company, Promising Revenge[This is Part II of a story published here last week on reporting that went into a new Hulu documentary series on the 2015 Ashley Madison hack.] It was around 9 p.m. on Sunday, July 19, when I received a message through the contact form on KrebsOnSecurity.com that the marital inf…KREBSONSECURITY.COM
🕵️ THREAT INTELLIGENCE 4[−]
13 JulFrench Police Will Be Able to Spy on People through Their Cell PhonesThe French police are getting new surveillance powers : French police should be able to spy on suspects by remotely activating the camera, microphone and GPS of their phones and other devices, lawmakers agreed late on Wednesday, July 5. […] Covering laptops, cars and other …SCHNEIER.COM
13 JulLucky MVP 13Presently sponsored by: Kolide ensures that if a device isn't secure, it can't access your apps. It's Device Trust for Okta. Watch the demo today! Each year since 2011, Microsoft has sent me a lovely email around this time: I've been fortunate enough to find a passion in lif…TROYHUNT.COM
13 JulDetecting BPFDoor Backdoor Variants Abusing BPF FiltersAn analysis of advanced persistent threat (APT) group Red Menshen’s different variants of backdoor BPFDoor as it evolves since it was first documented in 2021.TRENDMICRO.COM
13 JulA Leader in IDC’s 2023 NESaaS and ZTNA MarketScape ReportsPalo Alto Networks is a leader in the latest IDC Network Edge security as a service (NESaaS) and Zero Trust Network Access (ZTNA) MarketScape reports. The post A Leader in IDC’s 2023 NESaaS and ZTNA MarketScape Reports appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
🌐 CYBER THREAT LANDSCAPE 2[−]
13 JulPicassoLoader Malware Used in Ongoing Attacks on Ukraine and PolandGovernment entities, military organizations, and civilian users in Ukraine and Poland have been targeted as part of a series of campaigns designed to steal sensitive data and gain persistent remote access to the infected systems. The intrusion set, which stretches from April 2022…THEHACKERNEWS.COM
13 JulTeamTNT's Silentbob Botnet Infecting 196 Hosts in Cloud Attack CampaignAs many as 196 hosts have been infected as part of an aggressive cloud campaign mounted by the TeamTNT group called Silentbob. "The botnet run by TeamTNT has set its sights on Docker and Kubernetes environments, Redis servers, Postgres databases, Hadoop clusters, Tomcat and Nginx…THEHACKERNEWS.COM
📡 INFOSEC NEWS 4[−]
13 JulIntrusion Detection & Prevention Systems GuideIDPS, IDS, IPS… what’s the difference? Discover key differences between intrusion detection and prevention systems as well as 9 technical and non-technical questions to ask when evaluating vendors.TRENDMICRO.COM
13 JulAI Coding Companions: Comparing AWS, GitHub, & GoogleTop cloud vendors and software companies are rolling out AI coding companions that use generative AI to speed up and streamline DevOps. In this blog, we take a look at what some of these new tools have in common, where they differ, and what they mean for cybersecurity.TRENDMICRO.COM
13 JulPlatform Approach to Cybersecurity: The New ParadigmEmbracing platform approach as the path to enhanced security and resilienceTRENDMICRO.COM
13 JulThe danger within: 5 steps you can take to combat insider threatsSome threats may be closer than you think. Are security risks that originate from your own trusted employees on your radar?WELIVESECURITY.COM