🐛 COMMON VULNERABILITIES AND EXPOSURES 9[−]
18 Jul“Never Assume Anything” – Unauthenticated Stored Cross-Site Scripting Vulnerability Exposed in 14 Email Logging Plugins“Never Assume Anything” – that is the 4th Guiding Principle written in the Security section of the WordPress Common APIs Handbook for developers. When it comes to WordPress plugin security, assumptions can be dangerous. This became evident when the Wordfence Threat Intelligence t…MALWARE.NEWS
18 JulNew critical Citrix ADC and Gateway flaw exploited as zero-daysCitrix today is alerting customers of a critical-severity vulnerability (CVE-2023-3519) in NetScaler ADC and NetScaler Gateway that already has exploits in the wild, and "strongly urges" to install updated versions without delay. [...]BLEEPINGCOMPUTER.COM
18 JulWordPress Sites Hacked via Critical Vulnerability in WooCommerce Payments PluginAttackers have started exploiting CVE-2023-28121, a recent critical vulnerability in the WooCommerce Payments WordPress plugin. The post WordPress Sites Hacked via Critical Vulnerability in WooCommerce Payments Plugin appeared first on SecurityWeek .SECURITYWEEK.COM
18 JulNew critical Citrix ADC and Gateway flaw exploited as zero-dayCitrix today is alerting customers of a critical-severity vulnerability (CVE-2023-3519) in NetScaler ADC and NetScaler Gateway that already has exploits in the wild, and "strongly urges" to install updated versions without delay. [...]BLEEPINGCOMPUTER.COM
18 JulCybercriminals Exploiting WooCommerce Payments Plugin Flaw to Hijack WebsitesThreat actors are actively exploiting a recently disclosed critical security flaw in the WooCommerce Payments WordPress plugin as part of a massive targeted campaign. The flaw, tracked as CVE-2023-28121 (CVSS score: 9.8), is a case of authentication bypass that enables unauthenti…THEHACKERNEWS.COM
18 Jul
Exploit Attempts for "Stagil navigation for Jira Menus & Themes" CVE-2023-26255 and CVE-2023-26256, (Tue, Jul 18th)Today, I noticed the following URL on our "first seen URLs" page:
ISC.SANS.EDU
18 JulAdobe Releases Security Updates for ColdFusionAdobe has released security updates to address a critical vulnerability (CVE-2023-38203) affecting ColdFusion . An attacker can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Adobe security relea…CISA.GOV
18 JulCitrix Releases Security Updates for NetScaler ADC and GatewayCitrix has released security updates to address vulnerabilities (CVE-2023-3519, CVE-2023-3466, and CVE-2023-3467) affecting NetScaler ADC and NetScaler Gateway . An attacker can exploit one of these vulnerabilities to take control of an affected system. According to Citrix, CVE-2…CISA.GOV
⚠️ VULNERABILITY DISCLOSURE 31[−]
18 JulFoundational cyber security actions for small organizations - ITSAP.10.300In this publication, we summarize the foundational security actions you can take to begin building your cyber security resilience. These actions are a minimum set of practices that you can implement over time. You will find some additional recommendations on security actions that…CYBER.GC.CA
18 JulNational Cyber Threat AssessmentsResources from the Cyber Centre to help Canadian individuals and organizations understand the cyber threats facing Canada and learn how to better protect themselves.CYBER.GC.CA
18 JulIstio graduates to top level at CNCFThe Cloud Native Computing Foundation has declared that Istio, an open-source service mesh that was originally created by Google and IBM, is now a top-level project at the organization beside Kubernetes and other cloud-native technologies, Cloud Native Now reports. Article Link: …MALWARE.NEWS
18 JulNovel NoEscape ransomware operation believed to be Avaddon rebrandNovel ransomware group NoEscape, which has begun double extortion attacks against enterprise targets last month, has been suspected to be a rebrand of the Avaddon operation that was dismantled by U.S. and Australian law enforcement authorities two years ago, reports BleepingCompu…MALWARE.NEWS
18 JulCisco to acquire Oort for identity security boostIdentity threat detection and response technology startupOort is being acquired by Cisco for undisclosed terms in a deal expected to close in Ciscos early 2024 fiscal year, SDxCentral reports. Article Link: https://cms.cyberriskalliance.com/brief/cloud-security/cisco-to-acquire-o…MALWARE.NEWS
18 JulMalicious Android apps deployed via WebAPK exploitationAndroid users have been lured to install malicious web apps through the exploitation of the platform's WebAPK technology, according to The Hacker News. Article Link: https://cms.cyberriskalliance.com/brief/application-security/malicious-android-apps-deployed-via-webapk-exploitati…MALWARE.NEWS
18 JulNearly 350 organizations impacted by Cl0p MOVEit hackThe widespread Cl0p ransomware attack involving the exploitation of a MOVEit security vulnerability has already impacted 347 organizations, compromising the data of more than 18.6 million individuals, SecurityWeek reports. Article Link: https://cms.cyberriskalliance.com/brief/ran…MALWARE.NEWS
18 JulJumpCloud 'nation state’ phishing attack spotlights third-party risk managementA state-sponsored phishing attack on JumpCloud highlights the importance of strong third-party risk management (TPRM). The big identity service provider believes it was a victim of a sophisticated breach that targeted a few specific customers. JumpCloud is being praised for…MALWARE.NEWS
18 JulArchitecting Cloud InstrumentationArchitecting cloud instrumentation to secure a complex and diverse enterprise infrastructure is no small feat. Picture this: you have hundreds of virtual machines, some with specialized purposes and tailor-made configurations, thousands of containers with different images, a plet…MALWARE.NEWS
18 JulImplementing an ISO-compliant threat intelligence programImplementing a threat intelligence program that meets the definition of threat intelligence control as described in ISO/IEC 27002:2022 — a set of standards set forth by the International Organization for Standardization — is not onerous. The ISO/IEC 27002 standard describes a non…MALWARE.NEWS
18 JulMass attack on WordPress sites targets bug in WooCommerce pluginThe ongoing campaign is exploiting a now-patched vulnerability in the popular ecommerce plugin that can give hackers admin access to websites. Article Link: https://cms.cyberriskalliance.com/news/identity-and-access/mass-attack-on-wordpress-sites-targets-bug-in-woocommerce-plugin…MALWARE.NEWS
18 JulHTML Attachments Used in Malicious Phishing Campaigns Skyrocket: Increase 168% from 2022 and 450% from 2021<div> <div> <div> <div> <div> <p>Author: Max Gannon </p><p>Through the first six months of 2023, our Intelligence team has seen alarming changes in the email security and phishing landscape. Most notably, compared to both Q…MALWARE.NEWS
18 JulSecurity Alert: Exploit Chain Actively Hits ColdFusionAttackers Drop Web Shell; Flaw Is Not Fixed, But Latest Patch Offers Protection Warning: Hackers are actively exploiting a flaw in Adobe's ColdFusion rapid web application development platform to execute malicious code. While Adobe attempted to patch the flaw, researchers say att…DATABREACHTODAY.CO.UK
18 JulFostering a More Inclusive Culture to Close the Skills GapEd Parsons of (ISC)² on Meeting Underrepresented Groups 'Where They Are' In the drive to build a more diverse workforce, security organizations are progressing in many ways, such as ensuring that required skills in job descriptions are more inclusive, said Ed Parsons of (ISC)². B…DATABREACHTODAY.CO.UK
18 JulArmy Alert on Free Smartwatches: Don't Sport These WearablesMalware-Infected Watches Are the New USB Thumb Drive for Social Engineers Are unsolicited smartwatches the new USB thumb drive? The U.S. Army warns that service members are being sent free wearables preloaded with malware designed to steal data from mobile devices as well as inte…DATABREACHTODAY.CO.UK
18 JulCISA orders govt agencies to mitigate Windows and Office zero-daysCISA ordered federal agencies to mitigate remote code execution zero-days affecting Windows and Office products that were exploited by the Russian-based RomCom cybercriminal group in NATO phishing attacks. [...]BLEEPINGCOMPUTER.COM
18 JulGrowing Scam Activity Linked to Social Media and AutomationThe average number of scam resources per brand across all regions and industries more than doubled year-on-year in 2022, up 162%, according to Group-IB. Additionally, the total number of scam pages detected in 2022 was more than thrice in 2021.HELPNETSECURITY.COM
18 JulSuspected Scareware Fraudster Arrested After Decade on the RunThe fraudster was apprehended at Barcelona airport after managing to evade capture for over a decade, according to Spanish police. They were apparently supported by the FBI and Interpol, which had issued a red notice for the individual’s capture.INFOSECURITY-MAGAZINE.COM
18 JulPatch Adobe ColdFusion zero-days, CISA urges security teamsSecurity pros say Adobe’s most recent advisory covers the patches for all the most recent vulnerabilities discovered in the ColdFusion web development platform. Article Link: https://cms.cyberriskalliance.com/news/vulnerability-management/patch-adobe-coldfusion-zero-days-cisa-urg…MALWARE.NEWS
18 Jul KEVTwo New Adobe ColdFusion Vulnerabilities Exploited in AttacksAt least two new Adobe ColdFusion vulnerabilities have been exploited in the wild, including one that has not been completely patched by the software giant. The post Two New Adobe ColdFusion Vulnerabilities Exploited in Attacks appeared first on SecurityWeek .SECURITYWEEK.COM
18 JulNumber of Victims Breached Via MOVEit Zero-Day Keeps ClimbingVictim Count Is 370 Organizations, 20 Million Individuals - and It's Likely to Rise How bad is the breach of the MOVEit zero-day to businesses, government agencies and their customers? The short answer is that the known fallout from the Clop ransomware group attack already looks …DATABREACHTODAY.CO.UK
18 JulThe tail of the MOVEit hack may be longer than we realizeA significant minority of victims disclosed thus far do not appear to be direct users of MOVEit Transfer and had their data stolen via a third-party provider. Article Link: https://cms.cyberriskalliance.com/analysis/vulnerability-management/the-tail-of-the-moveit-hack-may-be-long…MALWARE.NEWS
18 JulTrail of Bits’s Response to OSTP National Priorities for AI RFIBy Michael Brown and Heidy Khlaaf The Office of Science and Technology Policy (OSTP) has circulated a request for information (RFI) on how best to develop policies that support the responsible development of AI while minimizing risk to rights, safety, and national security. In ou…MALWARE.NEWS
18 JulSpanish Police End a Decade on the Run for Ukrainian HackerPolice Also Apprehend a Smishing Fraudster and Break Up a Phishing Nexus Spanish law enforcement officers scored several recent wins against cybercriminals this month. Police nabbed a Ukrainian hacker on the run for 10 years, arrested a fraudster known to have run a smishing camp…DATABREACHTODAY.CO.UK
18 JulUS Gov Mercenary Spyware Clampdown Hits Cytrox, IntellexaThe two foreign companies are being sanctioned for “for trafficking in cyber exploits used to gain access to information systems.” The post US Gov Mercenary Spyware Clampdown Hits Cytrox, Intellexa appeared first on SecurityWeek .SECURITYWEEK.COM
18 JulLeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack[This is Part III in a series on research conducted for a recent Hulu documentary on the 2015 hack of marital infidelity website AshleyMadison.com.] In 2019, a Canadian company called Defiant Tech Inc. pleaded guilty to running LeakedSource[.]com, a service that sold access to bi…KREBSONSECURITY.COM
18 JulVirusTotal Data Leak Exposes Some Registered Customers' DetailsData associated with a subset of registered customers of VirusTotal, including their names and email addresses, were exposed after an employee inadvertently uploaded the information to the malware scanning platform. The security incident, which comprises a database of 5,600 names…THEHACKERNEWS.COM
18 JulCISA Releases Seven Industrial Control Systems AdvisoriesCISA released seven Industrial Control Systems (ICS) advisories on July 18, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-199-01 Rockwell Automation Kinetix 5700 DC Bus Power Supply Series A…CISA.GOV
18 JulOracle Releases Security UpdatesOracle has released its Critical Patch Update Advisory, Solaris Third Party Bulletin, and Linux Bulletin for July 2023 to address vulnerabilities affecting multiple products. A remote attacker can exploit some of these vulnerabilities to take control of an affected system. CISA e…CISA.GOV
18 JulMicrosoft Inspire: Partner resources to prepare for the future of security with AIMicrosoft Inspire is an incredible opportunity to share all the ways AI can support security efforts with our partner ecosystem. Register to hear strategies to prepare your organization for AI with comprehensive security and security posture. The post Microsoft Inspire: Partner r…MICROSOFT.COM
18 JulSpearphishing Campaign Targets Zimbra Webmail Portals of Government Organizationssubmitted by freeman to securitynews 4 points | 0 comments https://blog.eclecticiq.com/spearphishing-campaign-targets-zimbra-webmail-portals-of-government-organizations Also here: malwarebytes.com/…/act-now-unpatched-zimbra-vulne…ECLECTICIQ.COM
📢 SECURITY ADVISORIES 77[−]
18 JulIncreased Truebot activity infects U.S. and Canada based networks - Joint Cybersecurity AdvisoryCYBER.GC.CA
18 JulTop 10 IT security actions: No. 3 managing and controlling administrative privileges - ITSM.10.094CYBER.GC.CA
18 JulCSE and international partners publish a cyber security advisory on LockBit ransomwareCYBER.GC.CA
18 JulCSE and its Canadian Centre for Cyber Security release advisory on People's Republic of China state-sponsored cyber threatCYBER.GC.CA
18 JulStatement from the Minister of National Defence – Cyber Threats to Critical InfrastructureCANADA.CA
18 JulCitrix security advisory (AV23-416)Article Link: Citrix security advisory (AV23-416) - Canadian Centre for Cyber Security 1 post - 1 participant Read full topicMALWARE.NEWS
18 JulBreachForums' Admin Pleads Guilty, Faces 40 Years in PrisonConor 'Pompompurin' Fitzpatrick, 20, Charged with Hacking, Amassed $700K in a Year The administrator of the now-defunct BreachForums has pleaded guilty to two counts of hacking and one count of child pornographic possession. Conor Fitzpatrick, 20, operating under the moniker Pomp…DATABREACHTODAY.CO.UK
18 JulENISA: Cybersecurity Aspects in the Maritime SectorENISA has published the first EU report ever on cybersecurity challenges in the Maritime sector. This principal analysis highlights essential key insights, as well as existing initiatives, as a baseline for cybersecurity. Finally, high-level recommendations are given for addressi…DATABREACHTODAY.CO.UK
18 JulENISA: Guidelines on Incident ReportingENISA has issued guidelines to national telecom regulatory authorities about the implementation of Article 13a, in particular, the two types of incident reporting mentioned in Article 13a: the annual summary reporting of significant incidents to ENISA and the European Commission …DATABREACHTODAY.CO.UK
18 JulENISA: Technical Guidelines on Minimum Security MeasuresENISA has issued guidance to national telecom regulatory authorities about the implementation of Article 13a, in particular about the security measures that providers of public communications networks must take to ensure security and integrity of these networks.DATABREACHTODAY.CO.UK
18 JulENISA Launches Information Security Awareness VideosThe European Network and Information Security Agency [ENISA] has launched information security awareness videos in 23 European languages.DATABREACHTODAY.CO.UK
18 JulWhite House Unveils Consumer Labeling Program to Strengthen IoT SecurityThe Biden administration has considered an Energy Star type of consumer labeling program a key part of an effort to strengthen the nation’s cyber infrastructure following the SolarWinds and Colonial Pipeline attacks.CYBERSECURITYDIVE.COM
18 Jul[Control systems] GE Digital security advisory (AV23-417)Article Link: [Control systems] GE Digital security advisory (AV23-417) - Canadian Centre for Cyber Security 1 post - 1 participant Read full topicMALWARE.NEWS
18 Jul[Control systems] GeoVision security advisory (AV23-421)Article Link: [Control systems] GeoVision security advisory (AV23-421) - Canadian Centre for Cyber Security 1 post - 1 participant Read full topicMALWARE.NEWS
18 Jul[Control systems] Keysight security advisory (AV23-422)Article Link: [Control systems] Keysight security advisory (AV23-422) - Canadian Centre for Cyber Security 1 post - 1 participant Read full topicMALWARE.NEWS
18 Jul[Control systems] WellinTech security advisory (AV23-420)Article Link: [Control systems] WellinTech security advisory (AV23-420) - Canadian Centre for Cyber Security 1 post - 1 participant Read full topicMALWARE.NEWS
18 Jul[Control systems] Iagona security advisory (AV23-418)Article Link: [Control systems] Iagona security advisory (AV23-418) - Canadian Centre for Cyber Security 1 post - 1 participant Read full topicMALWARE.NEWS
18 Jul[Control systems] Rockwell Automation security advisory (AV23-419)Article Link: [Control systems] Rockwell Automation security advisory (AV23-419) - Canadian Centre for Cyber Security 1 post - 1 participant Read full topicMALWARE.NEWS
18 JulNSA, CISA Issue Guidance on 5G Network Slicing SecurityThe NSA and CISA have published guidance on hardening 5G standalone network slices against potential threats. The post NSA, CISA Issue Guidance on 5G Network Slicing Security appeared first on SecurityWeek .SECURITYWEEK.COM
18 JulInternational Engagement – Brussels and BeyondInternational engagement is an integral part of many ongoing NIST efforts, including the Journey to the Cybersecurity Framework (CSF 2.0) update, our update to the digital identity guidelines, and increasing awareness of the NIST Privacy Framework and IoT cybersecurity work. In t…NIST.GOV
18 JulInternational Engagement – Brussels and BeyondInternational engagement is an integral part of many ongoing NIST efforts, including the Journey to the Cybersecurity Framework (CSF 2.0) update , our update to the digital identity guidelines, and increasing awareness of the NIST Privacy Framework and IoT cybersecurity work. In …NIST.GOV
🔥 INCIDENT REPORTING 26[−]
18 JulSteps for effectively deploying multi-factor authentication (MFA) - ITSAP.00.105This guidance can help your organization to effectively deploy MFA as an additional layer of security to reduce your risk and likelihood of compromised credential attacks or data breaches.CYBER.GC.CA
18 JulDefending against data exfiltration threats - ITSM.40.110Data exfiltration attacks occur in various forms, including data espionage, user or system credentials theft, financial data theft, digital identity compromise, and data de-anonymization. To protect against these attacks, your organizations should secure your data lifecycle proce…CYBER.GC.CA
18 JulSeparate ransomware attacks take toll on Wisconsin, California citiesSignificant disruptions have been brought upon by separate ransomware attacks in a Wisconsin county and a California city, according to The Record, a news site by cybersecurity firm Recorded Future. Article Link: https://cms.cyberriskalliance.com/brief/ransomware/separate-ransomw…MALWARE.NEWS
18 JulInsights on bolstering healthcare incident response with AI detailedArtificial intelligence has been noted by Providence Health & Services Chief Information Security Officer Adam Zoller to be crucial in strengthening healthcare organizations' incident response efforts, VentureBeat reports. Article Link: https://cms.cyberriskalliance.com/brief…MALWARE.NEWS
18 JulJumpCloud attributes breach to nation-state threat operationTechCrunch reports that U.S cloud-based directory services firm JumpCloud had its customers' API keys invalidated earlier this month due to a breach by an unspecified sophisticated state-sponsored threat operation. Article Link: https://cms.cyberriskalliance.com/brief/cloud-secur…MALWARE.NEWS
18 JulLive EMEA Webinar | Where Did the Hackers Go? They Ran(somware): Insights into Ransomware RecoveryDATABREACHTODAY.CO.UK
18 JulApplication Security Testing vs. API Security TestingHow They Differ & How Noname Security Active Testing Helps Your Business Shift Left Application security testing, or AST, and API security testing are important components of a comprehensive cybersecurity strategy. We'll discuss the application and API security best practices for…DATABREACHTODAY.CO.UK
18 JulFIN8 deploys ALPHV ransomware using Sardonic malware variantA financially motivated cybercrime gang has been observed deploying BlackCat ransomware payloads on networks backdoored using a revamped Sardonic malware version. [...]BLEEPINGCOMPUTER.COM
18 JulGoogle Cloud Build bug lets hackers launch supply chain attacksA critical design flaw in the Google Cloud Build service discovered by cloud security firm Orca Security can let attackers escalate privileges, providing them with almost nearly-full and unauthorized access to Google Artifact Registry code repositories. [...]BLEEPINGCOMPUTER.COM
18 JulUK: IT Worker Jailed for Impersonating Ransomware Gang to Extort EmployerTo deceive the company, he impersonated the ransomware gang extorting them. He tried to redirect the ransomware payments by switching the cybercriminals' cryptocurrency wallet to one under his control.BLEEPINGCOMPUTER.COM
18 JulUpdate: UKG Agrees to Pay Up to $6M in Lawsuit Tied to 2021 BreachThe ransomware attack, which impacted multiple UKG customers such as Tesla, PepsiCo, Whole Foods, and New York City’s Metropolitan Transportation Authority, hindered some customers’ ability to process payroll.CYBERSECURITYDIVE.COM
18 JulBlack Hat Hacker Exposes Real Identity After Infecting Own Computer With MalwareUsing the online moniker ‘La_Citrix’, the threat actor has been active on Russian-speaking cybercrime forums since 2020, offering access to hacked companies and info-stealer logs from active infections.SECURITYWEEK.COM
18 JulPhoenician Medical Center Cyberattack Affects Up to 162,500 PatientsThe forensic investigation confirmed that there had been unauthorized access to files containing the protected health information of patients, some of which may have been obtained by the hackers.HIPAAJOURNAL.COM
18 JulDating App That Claims 50 Million Users Suffered a Data BreachCybersecurity researcher Jeremiah Fowler discovered a non-password-protected database containing approximately 2.3 million records associated with multiple dating applications.VPNMENTOR.COM
18 JulFIN8 Uses Revamped Sardonic Backdoor to Deliver Noberus RansomwareThe Syssphinx cybercrime group, known for financially motivated attacks, has diversified its tactics by deploying ransomware in addition to its traditional point-of-sale attacks.SYMANTEC-ENTERPRISE-BLOGS.SECURITY.COM
18 JulCybersecurity firm Sophos impersonated by new SophosEncrypt ransomwareCybersecurity vendor Sophos is being impersonated by a new ransomware-as-a-service called SophosEncrypt, with the threat actors using the company name for their operation. [...]BLEEPINGCOMPUTER.COM
18 JulNetcraft Snags $100M, Names Former DigiCert Executive as CEORyan Woodley Doubles Down on US Growth, Real-Time Attack Identification, Takedown Netcraft landed a DigiCert and Progressive Leasing executive as its CEO to expand the company's footprint in the U.S. and better identify cyberattacks in real time. The firm tapped Ryan Woodley to c…DATABREACHTODAY.CO.UK
18 JulSophos Discovers Ransomware Abusing “Sophos” NameAttackers will sometimes use the name of security companies in their malware. While performing a regular search on VirusTotal looking for interesting malware and new ransomware variants using our threat hunting rules this week, a Sophos X-Ops analyst discovered a novel ransomware…SOPHOS.COM
18 JulSophos Discovers Ransomware Abusing “Sophos” NameAttackers will sometimes use the name of security companies in their malware. While performing a regular search on VirusTotal looking for interesting malware and new ransomware variants using our threat hunting rules this week, a Sophos X-Ops analyst discovered a novel ransomware…MALWARE.NEWS
18 JulUtility Experts Highlight Chinese Threat to US Electric GridCompromised Equipment, AI Leave US Electric Grid Susceptible to Chinese Cyberattack China poses a growing threat to electric infrastructure due to increased capabilities, potentially compromised equipment and the rise of artificial intelligence. A 2022 national intelligence repor…DATABREACHTODAY.CO.UK
18 JulPakistani Entities Targeted in Sophisticated Attack Deploying ShadowPad MalwareAn unidentified threat actor compromised an application used by multiple entities in Pakistan to deliver ShadowPad, a successor to the PlugX backdoor that's commonly associated with Chinese hacking crews. Targets included a Pakistan government entity, a public sector bank, and a …THEHACKERNEWS.COM
18 JulGo Beyond the Headlines for Deeper Dives into the Cybercriminal UndergroundDiscover stories about threat actors’ latest tactics, techniques, and procedures from Cybersixgill’s threat experts each month. Each story brings you details on emerging underground threats, the threat actors involved, and how you can take action to mitigate risks. Learn about th…THEHACKERNEWS.COM
18 JulFIN8 Group Using Modified Sardonic Backdoor for BlackCat Ransomware AttacksThe financially motivated threat actor known as FIN8 has been observed using a "revamped" version of a backdoor called Sardonic to deliver the BlackCat ransomware. According to the Symantec Threat Hunter Team, part of Broadcom, the development is an attempt on the part of the e-c…THEHACKERNEWS.COM
18 JulOwner of BreachForums Pleads Guilty to Cybercrime and Child Pornography ChargesConor Brian Fitzpatrick, the owner of the now-defunct BreachForums website, has pleaded guilty to charges related to his operation of the cybercrime forum as well as having child pornography images. The development, first reported by DataBreaches.net last week, comes nearly four …THEHACKERNEWS.COM
18 JulJumpCloud Blames 'Sophisticated Nation-State' Actor for Security BreachA little over a week after JumpCloud reset API keys of customers impacted by a security incident, the company said the intrusion was the work of a sophisticated nation-state actor. The adversary "gained unauthorized access to our systems to target a small and specific set of our …THEHACKERNEWS.COM
18 JulRoblox Developer Conference - 3,943 breached accountsIn July 2023, a list of alleged attendees from the 2017-2020 Roblox Developers Conferences was circulated on a forum . The data contained 4k unique email addresses along with names, usernames, dates of birth, phone numbers, physical and IP addresses and T-shirt sizesHAVEIBEENPWNED.COM
🕵️ THREAT INTELLIGENCE 25[−]
18 JulDisabling Self-Driving Cars with a Traffic ConeYou can disable a self-driving car by putting a traffic cone on its hood: The group got the idea for the conings by chance. The person claims a few of them walking together one night saw a cone on the hood of an AV, which appeared disabled. They weren’t sure at the time whi…SCHNEIER.COM
18 JulBest practices for setting up a security operations centre (SOC) - ITSAP.00.500As cyber threats become more complex and threat actors more sophisticated, many security operations centres are being set up.CYBER.GC.CA
18 JulSophos Firewall Receives the 2023 Competitive Strategy Leadership AwardSophos has received Frost & Sullivan’s prestigious Competitive Strategy Leadership Award in the next-generation firewall (NGFW) industry. Article Link: Sophos Firewall Receives the 2023 Competitive Strategy Leadership Award – Sophos News 1 post - 1 participant Read full topicMALWARE.NEWS
18 JulSaaS Management tool by Auvik launchesCloud network management software provider Auvik announced the launch of Auvik SaaS Management, a new software-as-a-service tool that the company says can help enterprises identify and mitigate previously undetected security and cost impacts of SaaS sprawl,SiliconANGLE reports. A…MALWARE.NEWS
18 JulCisco rolls out speedier Secure Network Analytics versionCisco announced that the latest version of its Secure Network Analytics software has significantly increased the tools scale and performance, enabling processing speeds of 3 million flows per second, according to Network World. Article Link: https://cms.cyberriskalliance.com/brie…MALWARE.NEWS
18 JulInadvertent leak of millions of US military emails to Mali reportedMillions of emails intended for members of the U.S. military have been inadvertently sent to Mali-based email accounts for more than a decade as a result of a domain name typo, with misdirected emails reaching 117,000 in January alone, reports The Verge. Article Link: https://cms…MALWARE.NEWS
18 JulNew Russian RedCurl attacks detailedCommercial cyberespionage attacks against a major Russian bank and an Australian firm have been conducted by Russian hacking operation RedCurl this year, reports The Record, a news site by cybersecurity firm Recorded Future. Article Link: https://cms.cyberriskalliance.com/brief/t…MALWARE.NEWS
18 JulSaaS security startup Savvy emerges from stealthSavvy, a startup that offers cybersecurity solutions for SaaS applications, has raised $30 million in a funding round as it launched out of stealth, reports TechCrunch. Article Link: https://cms.cyberriskalliance.com/brief/cloud-security/saas-security-startup-savvy-emerges-from-s…MALWARE.NEWS
18 JulProtect yourself from ticketing scams ahead of the Premier League Summer Series USA TourThere is a significant secondary marketplace where tickets can sell for several times their original value, opening the opportunity for scammers and fraud The post Protect yourself from ticketing scams ahead of the Premier League Summer Series USA Tour appeared first on WeLiveSec…MALWARE.NEWS
18 JulProtect Your Systems from Malicious Packages: What You Need to KnowMalicious packages are a growing threat to businesses and organizations of all sizes. These packages are often disguised as legitimate software, but they can contain harmful code that can steal data, install malware, or disrupt operations. In 2022, there was […] The post Protect …MALWARE.NEWS
18 JulA Look at the Email Threat Landscape in Q1 2023VIPRE's Email Threat Trends Report for Q1 2023 analyzed 1.8 billion emails to provide a comprehensive understanding of contemporary email threats. The post A Look at the Email Threat Landscape in Q1 2023 appeared first on Security Boulevard . Article Link: A Look at the Email Thr…MALWARE.NEWS
18 JulExposure Management: Best Practices for Getting Ahead of Cyber RiskWhat is exposure management? Learn how you can assess your organization’s cyber risk exposure and get ahead of cyber risk. Article Link: Exposure Management: Best Practices for Getting Ahead of Cyber Risk | Bitsight 1 post - 1 participant Read full topicMALWARE.NEWS
18 JulWormGPT: How GPT's Evil Twin Could Be Used in BEC AttacksBlack Hat AI Tool Helps Hackers Create Convincing Phishing Emails, Researchers Warn Cybercriminals may be using a generative AI tool called WormGPT to create convincing phishing emails to support business email compromise attacks. A new survey shows that 1 in 5 people fall for th…DATABREACHTODAY.CO.UK
18 JulBlotchyQuasar RAT Targets Users in LATAM RegionA series of phishing emails is directing recipients to packed executable files containing the BlotchyQuasar malware variant, allegedly developed by a threat group known as Hive0129. Several features of it were found to overlap with a malware called ProyectoRAT. IOCs associated wi…CYWARE.COM
18 JulChina Raises Cybersecurity Barriers to Tech InvestmentsBeijing Solidifies Control Over Cyberspace Despite Weakening Investor Sentiment President Xi Jinping directed state agencies to strengthen the government’s control over the internet and information technology sector, potentially discouraging investment in the country. Among the o…DATABREACHTODAY.CO.UK
18 JulOT Security Is More Than Just CybersecuritySchneider Electric's Andre Shori on Who Owns OT Security Risk While IT-OT convergence is accelerating, awareness and maturity of OT technologies still have a long road ahead. In this transition, organizations need to ensure the safety and health of workers is always the top prior…DATABREACHTODAY.CO.UK
18 JulGamaredon APT Steals Data Within an HourOnce again, the Gamaredon APT is carrying out a new wave of phishing attacks targeting Ukrainian government agencies, stealing data within an hour of the attack. The campaign is aimed at entities in Ukraine, including security services, military, and government organizations.&nbs…CYWARE.COM
18 JulNigerian Man Sentenced to 8 Years in US Prison for $8 Million BEC SchemeOlalekan Jacob Ponle, a Nigerian national living in the UAE, was sentenced to 8 years in a US prison for his role in an $8 million BEC scheme. The post Nigerian Man Sentenced to 8 Years in US Prison for $8 Million BEC Scheme appeared first on SecurityWeek .SECURITYWEEK.COM
18 JulBlack Hat Hacker Exposes Real Identity After Infecting Own Computer With MalwareA threat actor’s real identity was uncovered after they infected their own computer with an information stealer. The post Black Hat Hacker Exposes Real Identity After Infecting Own Computer With Malware appeared first on SecurityWeek .SECURITYWEEK.COM
18 JulWhite House Unveils Cybersecurity Labeling Program for Smart DevicesNew US cyber program will label smart devices that are considered safer and less vulnerable to attacks. The post White House Unveils Cybersecurity Labeling Program for Smart Devices appeared first on SecurityWeek .SECURITYWEEK.COM
18 JulHacker Conversations: Inside the Mind of Daniel Kelley, ex-BlackhatDaniel Kelley was just 18 years old when he was arrested and charged on thirty counts – most infamously for the 2015 hack of UK telco TalkTalk. The post Hacker Conversations: Inside the Mind of Daniel Kelley, ex-Blackhat appeared first on SecurityWeek .SECURITYWEEK.COM
18 JulNetcraft Raises $100M, Hires New CEO for Global ExpansionThe British company secures $100 million in funding and announced the hiring of a new chief executive to pursue global expansion plans. The post Netcraft Raises $100M, Hires New CEO for Global Expansion appeared first on SecurityWeek .SECURITYWEEK.COM
18 JulNorway Threatens $100,000 Daily Fine on Meta Over DataNorway's data protection agency wants to ban Facebook and Instagram owner Meta from using the personal information of users for targeted advertising, threatening a $100,000 daily fine if the company continues. The post Norway Threatens $100,000 Daily Fine on Meta Over Data appear…SECURITYWEEK.COM
18 JulWhy Bitcoin Is No Longer Cybercriminals' Currency of ChoiceUse of the Token for Cybercrime Fell From 97% to 19% Within 7 Years Cryptocurrency hackers are shifting their focus from bitcoin to other tokens and newer blockchain services such as cross-chain bridges for illicit activity. Why is the oldest crypto token so unappealing to hacker…DATABREACHTODAY.CO.UK
18 JulISC Stormcast For Tuesday, July 18th, 2023 https://isc.sans.edu/podcastdetail/8576, (Tue, Jul 18th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
🌐 CYBER THREAT LANDSCAPE 6[−]
18 JulThe cyber threat to Canada’s oil and gas sectorInformation about the cyber threat to Canada’s oil and gas sector.CYBER.GC.CA
18 JulLearning HubThe Cyber Centre’s Learning Hub offers courses on basic, advanced and specialized topics in cyber security for employees of the Government of Canada and those who work on systems of importance to the Government of Canada.CYBER.GC.CA
18 JulThe cyber threat from supply chainsInformation on the cyber threat from supply chainsCYBER.GC.CA
18 JulFederal partners remind Canadian consumers to be vigilant for cyber threats this Black Friday and Cyber MondayCYBER.GC.CA
18 JulVirusTotal Data Leak Exposes Some Registered Customers' DetailsData associated with a subset of registered customers of VirusTotal, including their names and email addresses, were exposed after an employee inadvertently uploaded the information to the malware scanning platform.THEHACKERNEWS.COM
🎙️ PODCASTS 2[−]
18 JulMDM: Balancing the Need for User Privacy, Corporate ControlIn this episode of CyberEd.io's podcast series "Cybersecurity Insights," Weldon Dodd of Kandji discusses the evolution of Apple's security and privacy practices and how mobile device management can help achieve a balance between user privacy and corporate control.DATABREACHTODAY.CO.UK
18 JulNavigating the Complexities of Cyber Insurance"Insurance is a tool," said Libby Benet, the global chief underwriting officer for AXA XL. "When you buy an insurance policy, you are buying a network of professional crisis managers." In this episode of "Cybersecurity Insights," Benet discussed present and future cybersecurity i…DATABREACHTODAY.CO.UK
📡 INFOSEC NEWS 52[−]
18 JulGenerative artificial intelligence (AI) - ITSAP.00.041This publication provides some information on the potential risks and mitigation measures associated with generative AI.CYBER.GC.CA
18 JulCSE urges the Canadian cyber security community to adopt a heightened state of vigilanceCYBER.GC.CA
18 JulCloud network security zones - ITSP.80.023This document outlines cloud network security zone models and architectures and provides technical guidance on implementing cloud network security zones.CYBER.GC.CA
18 JulTop 10 IT security actions: No. 5 segment and separate information – ITSM.10.092This document provides guidance on how you can segment your networks into various security zones. Network segmentation separates similar information technology (IT) assets, like hardware, software, and data, into logical groupings that have the same security policies and security…CYBER.GC.CA
18 JulDevice security for travel and telework abroad - ITSAP.00.188Traveling with mobile devices can pose risks to you and your organization. These risks can be amplified if you are teleworking abroad. This publication provides advice and guidance to employees traveling or working abroad with corporate devices.CYBER.GC.CA
18 JulCanadian Common Criteria program requirements and procedures for testing laboratoriesProcess by which a commercial organization may become an approved Common Criteria testing labCYBER.GC.CA
18 JulUsing information technology asset management (ITAM) to enhance cyber security – ITSM.10.004This publication provides organizations with advice and guidance related to information technology (IT) asset management (ITAM).CYBER.GC.CA
18 JulCommunications Security Establishment (CSE) and international partners publish joint guide on secure-by-design and -default principlesThis joint guide on implementing secure by design and by default measures is the result of a collaborative effort by the cybersecurity authorities of five nations: Canada, Australia, New Zealand, the United Kingdom, and the United States, as well as Germany and the Netherlands.CYBER.GC.CA
18 JulA zero trust approach to security architecture - ITSM.10.008Best practices to help prioritize efforts when implementing a zero trust architecture (ZTA).CYBER.GC.CA
18 JulObsolete products - ITSAP.00.095It’s a good practice to discontinue the use of technologies once they are obsolete. However, realistically, organizations will need time to upgrade or replace IT assets. This document offers some guidance on how to minimize risks as your organization transitions away from obsolet…CYBER.GC.CA
18 JulCSE urges the Canadian cyber security community to adopt a heightened state of vigilance after one-year mark of Russia’s full-scale invasion of UkraineCYBER.GC.CA
18 JulTop 10 IT security actions – No. 7 protect information at the enterprise level - ITSM.10.097CYBER.GC.CA
18 JulCryptocurrency - ITSAP.00.650Investing in cryptocurrency can be uncertain and comes with a variety of risks.CYBER.GC.CA
18 JulNetwork security logging and monitoring - ITSAP.80.085This document provides high-level guidance for conducting network logging and monitoring.CYBER.GC.CA
18 JulNetwork security auditing - ITSAP.80.086The goal of auditing is to identify threats, areas of weaknesses, and compromises.CYBER.GC.CA
18 JulData transfer and upload protection - ITSAP.40.212This document offers information on how to secure your data transfer processes to minimize potential cyber security risks.CYBER.GC.CA
18 JulZero Trust security model - ITSAP.10.008This document provides information on Zero Trust (ZT) as a model to address the modern challenges of securing remote workers, protecting hybrid cloud environments and defending against cyber security threats.CYBER.GC.CA
18 JulSecurity considerations for exposure of classified IT systems to mobile devices and wireless signals - ITSB-104CYBER.GC.CA
18 JulSophos Firewall Receives the 2023 Competitive Strategy Leadership AwardSophos has received Frost & Sullivan’s prestigious Competitive Strategy Leadership Award in the next-generation firewall (NGFW) industry.SOPHOS.COM
18 JulWebinar | The Role of Resilience in Reducing Burnout: A Cybersecurity Discussion About PeopleDATABREACHTODAY.CO.UK
18 JulSecurity Awareness Matters: How to Build Awareness that Transforms Culture and Reduces RiskDATABREACHTODAY.CO.UK
18 JulThe Surveillance Society and Digital FreedomWe live in a surveillance society, but even though citizens are concerned about the lack of privacy, they don't know what to do about it, said David Sinclair, founder of 4Freedom Mobile, a mobile service provider that helps subscribers secure their phones and stop tracking, hacki…DATABREACHTODAY.CO.UK
18 JulCritical Vendor Risk Considerations for AI Use in HealthcareAs generative AI applications become more common in healthcare, organizations will need to carefully consider critical third-party risk issues involving the use of these technologies, said Damian Chung, business information security officer at security firm Netskope.DATABREACHTODAY.CO.UK
18 JulLeveraging Usage-Based LicensingHow to Enable Digital Acceleration Success Traditional licensing models that lock organizations into fixed solutions or time periods are no longer ideal. Organizations need to consider usage-based licensing approaches that offer flexibility to deploy whatever solutions are requir…DATABREACHTODAY.CO.UK
18 JulWho Should Pay for Payment Scams - Banks, Telcos, Big Tech?Making the Case for Penalizing Social Media Firms for Authorized Push Payment Scams Big banks want social media firms to take accountability for scams that occur on their payment platforms, but that doesn’t mean reimbursing victims. Banks need to take the lead in making victims w…DATABREACHTODAY.CO.UK
18 JulStrengthening Password Security may Lower Cyber Insurance PremiumsWhen insurers assess an organization's cybersecurity posture, password security is a key element considered. Learn more from Specops Software on how password security can affect your insurance premiums. [...]BLEEPINGCOMPUTER.COM
18 JulMicrosoft Exchange Online hit by new outage blocking emailsMicrosoft is investigating an ongoing Exchange Online outage preventing customers from sending emails and triggering 503 errors on affected systems. [...]BLEEPINGCOMPUTER.COM
18 JuldrIBAN Fraud Operations Target Corporate Banking CustomersOperating as part of a Man-in-the-Browser (MITB) attack, the web injects allow cybercriminals to manipulate the content of legitimate web pages in real time, bypassing the TLS protocol.INFOSECURITY-MAGAZINE.COM
18 Jul'Millions of emails' for US military sent to .ml addressesFor the past decade, millions of emails destined for .mil US military addresses were actually directed at .ml addresses, that being the top-level domain for the African nation of Mali, it's claimed.THEREGISTER.COM
18 JulNetcraft Raises $100M, Hires New CEO for Global ExpansionThe British company known for its anti-phishing and cybercrime disruption tools said the $100 million financing was led by Spectrum Equity, a growth equity firm focused on internet-enabled software and data services companies.SECURITYWEEK.COM
18 JulPresident Xi Wants to Make the Great Firewall of China Even GreaterChinese President Xi Jinping has directed officials to build a Beijing-controlled "security barrier" around the country's internet, emphasizing the Party's leadership and the need to govern cyberspace according to the law.THEREGISTER.COM
18 JulU.S. preparing Cyber Trust Mark for more secure smart devicesA new cybersecurity certification and labeling program called U.S. Cyber Trust Mark is being shaped to help U.S. consumers choose connected devices that are more secure and resilient to hacker attacks. [...]BLEEPINGCOMPUTER.COM
18 JulThe XDR Payoff: Better Security PostureAs the extended detection and response (XDR) market grows and evolves, it’s a great opportunity to learn about the positive outcomes like better security posture experienced by organizations that have invested in these capabilities.TRENDMICRO.COM
18 JulProtect yourself from ticketing scams ahead of the Premier League Summer Series USA TourThere is a significant secondary marketplace where tickets can sell for several times their original value, opening the opportunity for scammers and fraudWELIVESECURITY.COM