22Articles
7Categories
2023-07-17Date
🚨 CISA KEV 1[−]
17 Jul KEVCISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2023-36884 Microsoft Office and Windows HTML Remote Code Execution Vulnerability These types of vulnerabilities are frequent attack vectors for mali…CISA.GOV
⚠️ VULNERABILITY DISCLOSURE 7[−]
17 JulA Vulnerability in FortiOS and FortiProxy Could Allow for Remote Code ExecutionA vulnerability has been discovered in Fortinet FortiOS and FortiProxy, which could allow for remote code execution. FortiOS is the Fortinet’s proprietary Operation System which is utilized across multiple product lines. FortiProxy is a secure web gateway that attempts to protect…CISECURITY.ORG
17 JulA Vulnerability in Adobe Coldfusion Could Allow for Arbitrary Code ExecutionA vulnerability has been discovered in Adobe Coldfusion which could allow for arbitrary code execution. Adobe ColdFusion is a commercial web-application development platform designed to build and deploy web applications. Successful exploitation of this vulnerabilities could allow…CISECURITY.ORG
17 JulA Vulnerability in Apple Products Could Allow for Arbitrary Code ExecutionA vulnerability has been discovered in Apple products, which could allow for arbitrary code execution. iOS is a mobile operating system for mobile devices, including the iPhone, iPad, and iPod touch. iPadOS is the successor to iOS 12 and is a mobile operating system for iPads. ma…CISECURITY.ORG
17 JulHackers exploiting critical WordPress WooCommerce Payments bugHackers are conducting widespread exploitation of a critical WooCommerce Payments plugin to gain the privileges of any users, including administrators, on vulnerable WordPress installation. [...]BLEEPINGCOMPUTER.COM
17 JulCritical ColdFusion flaws exploited in attacks to drop webshellsHackers are actively exploiting two ColdFusion vulnerabilities to bypass authentication and remotely execute commands to install webshells on vulnerable servers. [...]BLEEPINGCOMPUTER.COM
17 JulHackers Exploit WebAPK to Deceive Android Users into Installing Malicious AppsThreat actors are taking advantage of Android's WebAPK technology to trick unsuspecting users into installing malicious web apps on Android phones that are designed to capture sensitive personal information. "The attack began with victims receiving SMS messages suggesting the nee…THEHACKERNEWS.COM
17 JulCybercriminals Exploit Microsoft Word Vulnerabilities to Deploy LokiBot MalwareMicrosoft Word documents exploiting known remote code execution flaws are being used as phishing lures to drop malware called LokiBot on compromised systems. "LokiBot, also known as Loki PWS, has been a well-known information-stealing Trojan active since 2015," Fortinet FortiGuar…THEHACKERNEWS.COM
📢 SECURITY ADVISORIES 1[−]
17 JulCISA shares free tools to help secure data in the cloudThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has shared a factsheet providing details on free tools and guidance for securing digital assets after switching to the cloud from on-premises environments. [...]BLEEPINGCOMPUTER.COM
🔥 INCIDENT REPORTING 5[−]
17 JulIT worker jailed for impersonating ransomware gang to extort employer28-year-old Ashley Liles, a former IT employee, has been sentenced to over three years in prison for attempting to blackmail his employer during a ransomware attack. [...]BLEEPINGCOMPUTER.COM
17 JulMeet NoEscape: Avaddon ransomware gang's likely successorThe new NoEscape ransomware operation is believed to be a rebrand of Avaddon, a ransomware gang that shut down and released its decryption keys in 2021. [...]BLEEPINGCOMPUTER.COM
17 JulEmbracing Consolidation and Squashing SilosWhile silos pose significant dangers to an enterprise's cybersecurity posture, consolidation serves as a powerful solution to overcome these risks, offering improved visibility, efficiency, incident response capabilities, and risk management. The post Embracing Consolidation and …SECURITYWEEK.COM
17 JulMalicious USB Drives Targetinging Global Targets with SOGU and SNOWYDRIVE MalwareCyber attacks using infected USB infection drives as an initial access vector have witnessed a three-fold increase in the first half of 2023, That's according to new findings from Mandiant, which detailed two such campaigns – SOGU and SNOWYDRIVE – targeting both public and privat…THEHACKERNEWS.COM
17 JulCERT-UA Uncovers Gamaredon's Rapid Data Exfiltration Tactics Following Initial CompromiseThe Russia-linked threat actor known as Gamaredon has been observed conducting data exfiltration activities within an hour of the initial compromise. "As a vector of primary compromise, for the most part, emails and messages in messengers (Telegram, WhatsApp, Signal) are used, in…THEHACKERNEWS.COM
🕵️ THREAT INTELLIGENCE 2[−]
17 JulTracking Down a Suspect through Cell Phone RecordsInteresting forensics in connection with a serial killer arrest: Investigators went through phone records collected from both midtown Manhattan and the Massapequa Park area of Long Island—two areas connected to a “burner phone” they had tied to the killings. (In…SCHNEIER.COM
17 JulMicrosoft hack sees emails stolen from US agenciesMicrosoft said that a “China-based threat actor with espionage objectives” was responsible for the hackCSHUB.COM
🎙️ PODCASTS 1[−]
17 JulCyber Security Today, July 17, 2023 - USB-based attacks rising, attacks on AWS increasing and moreThis episode reports on attacks on AWS, Azure and Google Cloud environments, Russia's attempt to disconnect from the global internet and moreCYBERSECURITYTODAY.LIBSYN.COM
📡 INFOSEC NEWS 5[−]
17 JulPolice arrests Ukrainian scareware developer after 10-year huntThe Spanish National Police has apprehended a Ukrainian national wanted internationally for his involvement in a scareware operation spanning from 2006 to 2011. [...]BLEEPINGCOMPUTER.COM
17 JulFrontline Security Practitioners Reveal the Latest About AIOrganizers at mWISE, the anticipated cybersecurity conference from Mandiant, now part of Google Cloud, have released this year's session catalog. Learn more from Mandiant about the upcoming mWise sessions. [...]BLEEPINGCOMPUTER.COM
17 JulThese 6 Questions Will Help You Choose the Best Attack Surface Management PlatformThe hype around different security categories can make it difficult to discern features and capabilities from bias when researching new platforms. You want to advance your security measures, but what steps actually make sense for your business? For anyone ready to find an attack …THEHACKERNEWS.COM
17 JulTaking the Fight to the Cyber-CriminalsTrend Micro and INTERPOL collaborate to create a safer digital worldTRENDMICRO.COM
17 JulFrom Bounty Leaderboards to Microsoft Security Researcher, Meet Cameron Vincent!Fun Facts: Game you binged: Guitar Hero and Rock Band fanatic. Go to snack: Nutri-Grain Bars. Favorite Drink: Soda – Coca Cola specifically. Favorite Place: Singapore – stayed an extra week after a hacking collaboration and truly fell in love and hopes to get back as soon as poss…MSRC.MICROSOFT.COM