🚨 CISA KEV 1[−]
19 Jul KEVCISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2023-3519 Citrix NetScaler ADC and NetScaler Gateway Code Injection Vulnerability These types of vulnerabilities are frequent attack vectors for mal…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 11[−]
19 JulSecurity Alert: Alert Regarding Vulnerability (CVE-2023-3519) in Citrix ADC and Citrix GatewayArticle Link: Alert Regarding Vulnerability (CVE-2023-3519) in Citrix ADC and Citrix Gateway 1 post - 1 participant Read full topicMALWARE.NEWS
19 JulZero-Day Attacks Exploited Critical Vulnerability in Citrix ADC and GatewayCitrix today is alerting customers of a critical-severity vulnerability (CVE-2023-3519) in NetScaler ADC and NetScaler Gateway that already has exploits in the wild, and “strongly urges” to install updated versions without delay.THEHACKERNEWS.COM
19 JulExploitation of New Citrix Zero-Day Likely to Increase, Organizations WarnedCitrix has patched several vulnerabilities, including CVE-2023-3519, a critical remote code execution zero-day that has been exploited in attacks. The post Exploitation of New Citrix Zero-Day Likely to Increase, Organizations Warned appeared first on SecurityWeek .SECURITYWEEK.COM
19 JulComprehensive analysis of initial attack samples exploiting CVE-2023-23397 vulnerabilityOn March 14, 2023, Microsoft published a blogpost describing an Outlook Client Elevation of Privilege Vulnerability (CVSS: 9.8 CRITICAL). The publication generated a lot of activity among white, grey and black hat researchers, as well as lots of publications and tweets about the …MALWARE.NEWS
19 JulSafe programming languages: A solid first stepYou’ve run every software composition analysis tool, you've statically and dynamically analyzed your code, and maybe you've even pen-tested it before deployment. If there’s anything else to consider as far as software security is concerned, you don’t know about it. And yet, despi…MALWARE.NEWS
19 JulCitrix ADC Vulnerability CVE-2023-3519, 3466 and 3467 - Patch Now!, (Wed, Jul 19th)Article Link: https://isc.sans.edu/diary/rss/30044 1 post - 1 participant Read full topicMALWARE.NEWS
19 JulMemory corruption vulnerability in Microsoft Edge; MilesightVPN and router could be taken overSince the beginning of July, Cisco Talos has published 40 vulnerability advisories affecting a range of software and hardware, including the Microsoft Edge browser. In our new series called “Vulnerability Roundup,” we’ll be recapping the vulnerabilities we recently disclosed to p…MALWARE.NEWS
19 JulSecurity Agencies Urge Users to Patch Citrix Zero-Day FlawVulnerable Citrix Appliances Used in Healthcare Sector; Exploits Seen in the Wild Top U.S. and Australian cybersecurity agencies strongly urged users to patch a critical zero-day flaw in Citrix ADC and Gateway appliances being exploited by unnamed threat actors in the wild. The b…DATABREACHTODAY.CO.UK
19 JulAdobe fixes patch bypass for exploited ColdFusion CVE-2023-29298 flawAdobe released an emergency ColdFusion security update that fixes critical vulnerabilities, including a fix for a new zero-day exploited in attacks. [...]BLEEPINGCOMPUTER.COM
19 Jul KEVZero-Day Attacks Exploited Critical Vulnerability in Citrix ADC and GatewayCitrix is alerting users of a critical security flaw in NetScaler Application Delivery Controller (ADC) and Gateway that it said is being actively exploited in the wild. Tracked as CVE-2023-3519 (CVSS score: 9.8), the issue relates to a case of code injection that could result in…THEHACKERNEWS.COM
19 JulCitrix ADC Vulnerability CVE-2023-3519, 3466 and 3467 - Patch Now!, (Wed, Jul 19th)
Citrix released details on a new vulnerability on their ADC (Application Delivery Controller) yesterday (18 July 2023), CVE-2023-3519. This is an unauthenticated RCE (remote code execution), which means an attacker can run arbitrary code on your ADC without authentication. …ISC.SANS.EDU
⚠️ VULNERABILITY DISCLOSURE 24[−]
19 JulVulnerability Monitoring: Reducing Third-Party RiskHere’s how to use threat intelligence to monitor vulnerabilities and exploits that are of the most interest to cybercriminals and reduce third-party and supplier risk. Article Link: Vulnerability Monitoring: Reducing Third-Party Risk | Intel471 1 post - 1 participant Read full to…MALWARE.NEWS
19 JulDefunct Avaddon Rebranded as NoEscape RansomwareA strong argument for a connection has been established between the NoEscape ransomware and the obsolete Avaddon group. The encryption algorithms used by NoEscape and Avaddon ransomware are nearly identical, except that NoEscape switched to using the Salsa20 algorithm. Furthermor…CYWARE.COM
19 JulMedical Device Maker Flags Eight Flaws in Drug Infusion ProductsCISA said the BD product vulnerabilities have a "low attack complexity" and that successful exploitation could allow a malicious actor to compromise sensitive data, hijack a session, modify firmware, and make changes to system configurations.GOVINFOSECURITY.COM
19 JulGoogle Fixes ‘Bad.Build’ Vulnerability Affecting Cloud Build ServiceOrca Security, which reported the bug to Google, said that attackers could impersonate the accounts and manipulate the build, injecting malicious code or taking other actions.THERECORD.MEDIA
19 JulFortiGuard Labs Warns of .ZIP Domains Fueling Phishing AttacksThreat actors are now exploiting the .ZIP top-level domain as a tool for phishing attacks, using the familiar file extension to deceive users into downloading malicious files.HACKREAD.COM
19 JulMario Movie Malware Might Maliciously Mess With Your MachineDownloading pirated movies from dubious sources can expose users to malware, putting personal and financial data at risk. Even visiting piracy websites or clicking on pop-ups and redirect links can lead to malware infections.AVAST.COM
19 JulU.S. Blacklists Two Spyware Firms Run by an Israeli Former GeneralThe Biden administration added two Europe-based hacking firms controlled by an Israeli former general to a Commerce Department blacklist, marking its latest effort to try to rein in a spyware industry that has spiraled out of control in recent years.NYTIMES.COM
19 JulTwo Jira Plugin Vulnerabilities in Attacker CrosshairsAttackers are exploiting two path traversal vulnerabilities in the Stagil navigation for Jira – Menus & Themes plugin. The post Two Jira Plugin Vulnerabilities in Attacker Crosshairs appeared first on SecurityWeek .SECURITYWEEK.COM
19 JulBiden Admin. Adds ‘Mercenary Spyware’ Firms to Ban ListEuropean cousins Intellexa and Cytrox essentially banned by Commerce Dept. — Predator/ALIEN not welcome in U.S. The post Biden Admin. Adds ‘Mercenary Spyware’ Firms to Ban List appeared first on Security Boulevard . Article Link: Biden Admin. Adds ‘Mercenary Spyware’ Firms to Ban…MALWARE.NEWS
19 JulImagine360, others impacted by separate third-party data breachesSeparate third-party healthcare data breaches have been disclosed by Pennsylvania-based self-funded health plan provider Imagine360, the Arizona Health Care Cost Containment System, and holistic healthcare provider Parsley Health, according to HealthITSecurity. Article Link: http…MALWARE.NEWS
19 JulUS adds spyware developers Intellexa, Cytrox to blacklistThe U.S. Commerce Department's Bureau of Industry and Security has updated its Entity List to include spyware developers Intellexa and Cytrox AD due to threats posed by their commercial surveillance tools to U.S. national security, reports The Record, a news site by cybersecurity…MALWARE.NEWS
19 JulHHS urged to bolster protection of health recordsThe U.S. Department of Health and Human Services has been urged by Sens. Ron Wyden, D-Ore., and Patty Murray, D-Wash., as well as Rep. Sarah Jacobs, D-Calif., to prevent warrantless access to reproductive and other health records, as well as mandate notifications from law enforce…MALWARE.NEWS
19 JulSupply chain attacks possible with Google Cloud Build vulnerabilityThreat actors could leverage a critical design vulnerability in Google Cloud Build dubbed 'Bad.Build' to achieve privilege escalation and obtain unauthorized Google Artifact Registry code repository access, reports BleepingComputer. Article Link: https://cms.cyberriskalliance.com…MALWARE.NEWS
19 JulLegislators say HHS is failing to adequately protect health records from law enforcementLawmakers are demanding the Department of Health and Human Services (HHS) to prevent law enforcement from accessing reproductive and other health records without a warrant.THERECORD.MEDIA
19 JulAdobe emergency patch fixes new ColdFusion zero-day used in attacksAdobe released an emergency ColdFusion security update that fixes critical vulnerabilities, including a fix for a new zero-day exploited in attacks. [...]BLEEPINGCOMPUTER.COM
19 JulAttacker ID’ed After Infecting Own Computer With MalwareA threat actor that goes by the name of “La_Citrix” inadvertently infected his own computer. Cyberthreat research firm sent his information on to law enforcement. The post Attacker ID’ed After Infecting Own Computer With Malware appeared first on Security Boulevard . Article Link…MALWARE.NEWS
19 JulMultiple Vulnerabilities in Adobe ColdFusion Could Allow for Arbitrary Code ExecutionMultiple vulnerabilities have been discovered in Adobe ColdFusion, the most severe of which could allow for arbitrary code execution. Adobe ColdFusion is a commercial web-application development platform designed to build and deploy web applications. Successful exploitation of th…CISECURITY.ORG
19 JulOracle Quarterly Critical Patches Issued July 18, 2023Multiple vulnerabilities have been discovered in Oracle products, which could allow for remote code execution.CISECURITY.ORG
19 JulMultiple Vulnerabilities in Citrix Products Could Allow for Remote Code ExecutionMultiple vulnerabilities have been discovered in Citrix products, the most severe of which could allow for remote code execution. Citrix ADC performs application-specific traffic analysis to intelligently distribute, optimize, and secure Layer 4 - Layer 7 network traffic for web …CISECURITY.ORG
19 JulChinese APT41 Hackers Target Mobile Devices with New WyrmSpy and DragonEgg SpywareThe prolific China-linked nation-state actor known as APT41 has been linked to two previously undocumented strains of Android spyware called WyrmSpy and DragonEgg. "Known for its exploitation of web-facing applications and infiltration of traditional endpoint devices, an establis…THEHACKERNEWS.COM
19 JulBad.Build Flaw in Google Cloud Build Raises Concerns of Privilege EscalationCybersecurity researchers have uncovered a privilege escalation vulnerability in Google Cloud that could enable malicious actors tamper with application images and infect users, leading to supply chain attacks. The issue, dubbed Bad.Build, is rooted in the Google Cloud Build serv…THEHACKERNEWS.COM
19 JulU.S. Government Blacklists Cytrox and Intellexa Spyware Vendors for Cyber EspionageThe U.S. government on Tuesday added two foreign commercial spyware vendors, Cytrox and Intellexa, to an economic blocklist for weaponizing cyber exploits to gain unauthorized access to devices and "threatening the privacy and security of individuals and organizations worldwide."…THEHACKERNEWS.COM
19 JulThreat Level - GUARDEDOn July 19, the Cyber Threat Alert Level was evaluated and is remaining at Blue (Guarded) due to vulnerabilities in Cisco, Apple, Adobe, Fortinet, Citrix, Oracle, and Google products. On July 12, the MS-SIAC released an advisory for a vulnerability in Cisco SD-WAN that could allo…CISECURITY.ORG
19 JulBad.Build: A Critical Privilege Escalation Design Flaw in Google Cloud Build Enables a Supply Chain Attacksubmitted by 0xCBE to cloudsecurity 3 points | 0 comments https://orca.security/resources/blog/bad-build-google-cloud-build-potential-supply-chain-attack-vulnerability/ORCA.SECURITY
📢 SECURITY ADVISORIES 23[−]
19 Jul[Control systems] Weintek security advisory (AV23-423)Article Link: [Control systems] Weintek security advisory (AV23-423) - Canadian Centre for Cyber Security 1 post - 1 participant Read full topicMALWARE.NEWS
19 JulWhy are there so many malware-as-a-service offerings?Whether known as commodity malware or “as-a-service,” threat actors have long been turning to their fellow adversaries in the hopes of selling off their tools and opening a new stream of revenue. When used legitimately, as-a-service software is when a third-party company offers i…MALWARE.NEWS
19 JulRed Hat security advisory (AV23-424)Article Link: Red Hat security advisory (AV23-424) - Canadian Centre for Cyber Security 1 post - 1 participant Read full topicMALWARE.NEWS
19 JulOracle security advisory – July 2023 quarterly rollup (AV23-426)Article Link: Oracle security advisory – July 2023 quarterly rollup (AV23-426) - Canadian Centre for Cyber Security 1 post - 1 participant Read full topicMALWARE.NEWS
19 JulGoogle Chrome security advisory (AV23-425)Article Link: Google Chrome security advisory (AV23-425) - Canadian Centre for Cyber Security 1 post - 1 participant Read full topicMALWARE.NEWS
19 JulFoxit security advisory (AV23-427)Article Link: Foxit security advisory (AV23-427) - Canadian Centre for Cyber Security 1 post - 1 participant Read full topicMALWARE.NEWS
19 JulBiden Administration Blacklists 2 Commercial Spyware FirmsCytrox and Intellexa Accused of Threatening Privacy and Security Worldwide The U.S. government has added two more commercial spyware vendors - Cytrox and Intellexa - to its list of organizations that face restrictions if they attempt to procure American goods or services, owing t…DATABREACHTODAY.CO.UK
19 JulWhite House seeks public insight to harmonize ‘inconsistent’ cyber regulationsThe Biden administration wants to use public feedback to shape baseline cybersecurity regulations that function across industries and sectors. Article Link: White House seeks public insight to harmonize ‘inconsistent’ cyber regulations - Nextgov/FCW 1 post - 1 participant Read fu…MALWARE.NEWS
19 JulAdobe security advisory (AV23-428)Article Link: Adobe security advisory (AV23-428) - Canadian Centre for Cyber Security 1 post - 1 participant Read full topicMALWARE.NEWS
19 JulAtlassian security advisory (AV23-429)Article Link: Atlassian security advisory (AV23-429) - Canadian Centre for Cyber Security 1 post - 1 participant Read full topicMALWARE.NEWS
19 JulAn important step towards secure and interoperable messagingPosted by Giles Hogben, Privacy Engineering Director Most modern consumer messaging platforms (including Google Messages) support end-to-end encryption, but users today are limited to communicating with contacts who use the same platform. This is why Google is strongly supportive…MALWARE.NEWS
19 JulMicrosoft Expands Logging Access After Chinese Hack BlowbackE3 Licensees Unlock Access to More Cloud Logs After Only E5 Clients Could Spot Hack Microsoft customers will gain access to expanded cloud logging capabilities at no additional cost just days after lower-level customers were unable to detect a Chinese cyberattack. CISA has identi…DATABREACHTODAY.CO.UK
19 JulWhite House Unveils Cyber Trust Label for Smart DevicesProposed Cybersecurity-Labeling Program to Certify Consumer IoT Devices The Biden administration on Tuesday initiated a nationwide cybersecurity certification and labeling program aimed at helping consumers choose smart devices that offer enhanced protection against hacking risks…DATABREACHTODAY.CO.UK
19 JulCISA and NSA Issue New Guidance to Strengthen 5G Network Slicing Against ThreatsU.S. cybersecurity and intelligence agencies have released a set of recommendations to address security concerns with 5G standalone network slicing and harden them against possible threats. "The threat landscape in 5G is dynamic; due to this, advanced monitoring, auditing, and ot…THEHACKERNEWS.COM
19 JulAn important step towards secure and interoperable messagingPosted by Giles Hogben, Privacy Engineering Director Most modern consumer messaging platforms (including Google Messages) support end-to-end encryption, but users today are limited to communicating with contacts who use the same platform. This is why Google is strongly supportive…SECURITY.GOOGLEBLOG.COM
🔥 INCIDENT REPORTING 18[−]
19 JulCyber Security Today, July 19, 2023 - The Sturmous ransomware group is back, a ransomware gang adds a new backdoor, and moreThis episode reports on the jailing of an IT security analyst who tried leverage a cyber attack to extort money from the U.K. company he worked for, an AI chatbot for crooks, and moreCYBERSECURITYTODAY.LIBSYN.COM
19 JulHCA Healthcare data breach impacts 11 million patientsThe data of 11 million patients was stolen and posted onlineCSHUB.COM
19 JulNot all cybersecurity analytics are created equal: What CISOs should look forNot all cybersecurity analytics are useful. Some are built on data and methodology that is scientifically shown to be correlated with risks and incidents. Article Link: Not all cybersecurity analytics are created equal: What CISOs should look for | Bitsight 1 post - 1 participant…MALWARE.NEWS
19 JulCybersecurity Firm Sophos Impersonated by New SophosEncrypt RansomwareDiscovered yesterday by MalwareHunterTeam, the ransomware was initially thought to be part of a red team exercise by Sophos. However, the Sophos X-Ops team tweeted that they did not create the encryptor and that they are investigating its launch.BLEEPINGCOMPUTER.COM
19 JulTrends in Ransomware-as-a-Service and Cryptocurrency to MonitorTo defend against RaaS groups, organizations need a holistic, defense-in-depth approach that includes measures like multi-factor authentication, email security, patch management, and comprehensive asset management.HELPNETSECURITY.COM
19 JulFIN8 retools backdoor malware to avoid detectionThe long-established APT has developed a stealthy new variant of the Sardonic malware as it pivots from PoS attacks to ransomware. Article Link: https://cms.cyberriskalliance.com/news/malware/fin8-retools-backdoor-malware-to-avoid-detection 1 post - 1 participant Read full topicMALWARE.NEWS
19 JulNorwegian Mining and Recycling Company TOMRA Experiences Disruptive CyberattackThe cyberattack on TOMRA highlights the ongoing threat to companies involved in critical infrastructure, with potential significant financial and social damage if operations are disrupted.THEREGISTER.COM
19 JulFCC launches 'U.S. Cyber Trust Mark' labeling for IoT devicesAt a White House press event, the FCC said it wants to help consumers purchase smart devices that are less vulnerable to cyberattacks. Article Link: https://cms.cyberriskalliance.com/news/device-security/biden-fcc-u-s-cyber-trust-mark-labeling 1 post - 1 participant Read full top…MALWARE.NEWS
19 JulMicrosoft expands access to cloud logging data for free after Exchange hacksMicrosoft is expanding access to additional cloud logging data for customers worldwide at no additional cost, allowing easier detection of breached networks and accounts. [...]BLEEPINGCOMPUTER.COM
19 JulNew Attack Campaign Enters the 'FakeUpdates' Arena to Deliver NetSupport RATA new campaign called FakeSG, similar to SocGholish, is using hacked WordPress websites to distribute the NetSupport RAT and deliver additional payloads. FakeSG utilizes different layers of obfuscation and delivery techniques.MALWAREBYTES.COM
19 JulRecycling Giant Tomra Takes Systems Offline Following CyberattackNorwegian recycling giant Tomra says internal systems have been taken offline to contain an extensive cyberattack. The post Recycling Giant Tomra Takes Systems Offline Following Cyberattack appeared first on SecurityWeek .SECURITYWEEK.COM
19 JulNovel SophosEncrypt RaaS operation emergesBleepingComputer reports that threat actors have established the new SophosEncrypt ransomware-as-a-service operation, which was initially believed by MalwareHunterTeam to be included within Sophos' red team unit before being debunked by the cybersecurity provider's X-Ops team. Ar…MALWARE.NEWS
19 JulCyberattack disrupts TOMRAThe Register reports that major Norwegian recycling and mining corporation TOMRA had some of its systems taken offline following an "extensive cyberattack" that began on July 16. Article Link: https://cms.cyberriskalliance.com/brief/critical-infrastructure/cyberattack-disrupts-to…MALWARE.NEWS
19 JulMost financial and insurance firms report security issues in production APIsSalt Security study says 17% of financial services and insurance companies experienced an API-related breach, and nearly 70% had rollout delays due to API security issues. Article Link: https://cms.cyberriskalliance.com/news/application-security/most-financial-and-insurance-firms…MALWARE.NEWS
19 JulReporting Cyber Incidents Within 72 Hours: Challenges AheadMany critical infrastructure sector organizations, especially smaller entities, will likely struggle to comply with an upcoming requirement to report cyber incidents to federal regulators within 72 hours - due to an assortment of reasons, said Stanley Mierzwa of Kean University.DATABREACHTODAY.CO.UK
19 JulEstée Lauder beauty giant breached in two separate ransomware attacksTwo ransomware actors, ALPHV/BlackCat and Clop, have listed beauty company Estée Lauder on their data leak sites as a victim of separate attacks. [...]BLEEPINGCOMPUTER.COM
19 JulEstée Lauder beauty giant breached by two ransomware gangsTwo ransomware actors, ALPHV/BlackCat and Clop, have listed beauty company Estée Lauder on their data leak sites as a victim of separate attacks. [...]BLEEPINGCOMPUTER.COM
19 JulSogu, SnowyDrive Malware Spreads, USB-Based Cyberattacks Surgesubmitted by IllNess to securitynews 7 points | 0 comments https://www.darkreading.com/attacks-breaches/sogu-snowydrive-malware-usb-based-cyberattacks-surgeDARKREADING.COM
🕵️ THREAT INTELLIGENCE 32[−]
19 JulSecurity Alert: Oracle Releases Critical Patch Update, July 2023Article Link: Oracle Releases Critical Patch Update, July 2023 1 post - 1 participant Read full topicMALWARE.NEWS
19 JulExtending Burp Suite for fun and profit – The Montoya way – Part 3Setting up the environment + Hello […] The post Extending Burp Suite for fun and profit – The Montoya way – Part 3 appeared first on hn security . Article Link: Extending Burp Suite for fun and profit - The Montoya way - Part 3 - hn security 1 post - 1 participant Read full topicMALWARE.NEWS
19 JulVariants of BPFDoor Deployed in Linux KernelTrend Micro uncovered a cyber operation by the Red Menshen APT group wherein it utilizes various versions of the BPFDoor backdoor to target Linux and cloud servers. A six-fold increase has been observed in the addition of instructions to BPF as those found in samples from 2022. S…CYWARE.COM
19 JulOracle Releases 508 New Security Patches With July 2023 CPUOracle has released 508 new security patches as part of the July 2023 CPU, including more than 70 that address critical vulnerabilities The post Oracle Releases 508 New Security Patches With July 2023 CPU appeared first on SecurityWeek .SECURITYWEEK.COM
19 JulChrome 115 Patches 20 VulnerabilitiesChrome 115 released with patches for 20 vulnerabilities, including 11 reported by external researchers, who earned thousands of dollars in bug bounties. The post Chrome 115 Patches 20 Vulnerabilities appeared first on SecurityWeek .SECURITYWEEK.COM
19 JulDiligent and Bitsight Partner to Increase Board Confidence in Cyber Risk OversightBitsight & Diligent launch extension partnership focused on correlated, independent, & comparable cyber ratings within Diligent’s Board Reporting for IT Risk. Article Link: Diligent and Bitsight Partner to Increase Board Confidence in Cyber Risk Oversight | Bitsight 1 pos…MALWARE.NEWS
19 JulSecurity Awareness Training Isn’t Working – How Can We Improve It?Security awareness training isn’t working to the level it needs to. Social engineering, however, is getting better. Why doesn’t awareness training work, and how can we improve it? The post Security Awareness Training Isn’t Working – How Can We Improve It? appeared first on …SECURITYWEEK.COM
19 JulRussia Expected to Increase Critical Infrastructure AttacksRussia’s war strategy increasingly involves cybersecurity, with the country expected to ramp up attacks on critical infrastructure in Ukraine and countries that are members of NATO, according to Switzerland’s Federal Intelligence Service (FIS). “The war in Ukraine represents a th…MALWARE.NEWS
19 JulChinese APT41 Hackers Target Mobile Devices with New WyrmSpy and DragonEgg SpywareAPT41, also known as Axiom, Blackfly, Brass Typhoon (formerly Barium), Bronze Atlas, HOODOO, Wicked Panda, and Winnti, is known to be operational since at least 2007, targeting a wide range of industries to conduct intellectual property theft.THEHACKERNEWS.COM
19 JulVirtual Event Today: 2023 Cloud & Data Security SummitRegister for the Cloud & Data Security Summit to learn how to utilize tools, controls, and design models needed to properly secure cloud environments. The post Virtual Event Today: 2023 Cloud & Data Security Summit appeared first on SecurityWeek .SECURITYWEEK.COM
19 JulRecently Patched GE Cimplicity Vulnerabilities Reminiscent of Russian ICS AttacksOver a dozen vulnerabilities patched by GE in its Cimplicity HMI/SCADA product are reminiscent of ICS attacks conducted by the Russian Sandworm group. The post Recently Patched GE Cimplicity Vulnerabilities Reminiscent of Russian ICS Attacks appeared first on SecurityWeek .SECURITYWEEK.COM
19 JulChatGPT Provides Limited Help Identifying MalwareCurrent LLM-based tech like ChatGPT can accurately classify malware risk in only 5% of cases—and they may never be able to recognize novel approaches used to create malware. The post ChatGPT Provides Limited Help Identifying Malware appeared first on Security Boulevard . Article …MALWARE.NEWS
19 JulISC Stormcast For Wednesday, July 19th, 2023 https://isc.sans.edu/podcastdetail/8578, (Wed, Jul 19th)Article Link: https://isc.sans.edu/diary/rss/30040 1 post - 1 participant Read full topicMALWARE.NEWS
19 JulHAM Radio + Enigma Machine Challenge, (Wed, Jul 19th)For those of you with a HAM radio (receiver) setup and an interest in crypto, the MRHS (Maritime Radio Historical Society) and the Cipher History Museum have an Enigma challenge this Saturday (July 22, 2023) Article Link: https://isc.sans.edu/diary/rss/30042 1 post - 1 participan…MALWARE.NEWS
19 JulMicrosoft backtracks: Premium security logging is now freeStandard license holders will get access to more than 30 types of logging previously available to higher paying customers, and all logs will be stored for twice as long, 180 days, by default. Article Link: https://cms.cyberriskalliance.com/news/critical-infrastructure/microsoft-b…MALWARE.NEWS
19 JulDDoS attack prevalence, sophistication spikesDistributed denial-of-service attacks have significantly increased in prevalence and sophistication during the second quarter of 2023, with DNS laundering attacks being the most common DDoS attack between April to June, according to CyberScoop. Article Link: https://cms.cyberrisk…MALWARE.NEWS
19 JulVirusTotal leak impacts US, other countries' government agenciesGoogle-owned VirusTotal has confirmed the exposure of a database with the names and email addresses of 5,600 customers, including employees at the U.S. Cyber Command, National Security Agency, Department of Justice, and FBI, as well as government agencies in Germany, Taiwan, the …MALWARE.NEWS
19 JulWhy a cyber resilience approach to digital risk is needed now more than everAs cyber risk practitioners ourselves, we believe that understanding past claims trends is core to future planning for enterprises. Part of Resilience’s mission is to bring this knowledge to our clients, and now, with the release of our first annual Claims Report, the public as w…MALWARE.NEWS
19 JulWormGPT: What you need to know about the cybercriminal's answer to ChatGPTShould we be concerned about a malicious cousin to ChatGPT? Here’s everything you need to know. Article Link: WormGPT: What you need to know about the cybercriminal's answer to ChatGPT | ZDNET 1 post - 1 participant Read full topicMALWARE.NEWS
19 JulWhat is the new Enhanced Safe Browing for Gmail (and should you enable it)?Google now offers additional protection for its Gmail service. What is it – and is it worth enabling for your account? Article Link: What is the new Enhanced Safe Browing for Gmail (and should you enable it)? | ZDNET 1 post - 1 participant Read full topicMALWARE.NEWS
19 JulSophos Team Go Wild for VolunteeringBuilding new aviaries for rescued birds at a wildlife rescue center. Article Link: Sophos Team Go Wild for Volunteering – Sophos News 1 post - 1 participant Read full topicMALWARE.NEWS
19 JulMicrosoft Bows to Pressure to Free Up Cloud Security LogsFacing intense pressure after Chinese APT hack, Microsoft plans to expand logging defaults for lower-tier M365 customers. The post Microsoft Bows to Pressure to Free Up Cloud Security Logs appeared first on SecurityWeek .SECURITYWEEK.COM
19 JulPractice Your Security Prompting SkillsGandalf is an interactive LLM game where the goal is to get the chatbot to reveal its password. There are eight levels of difficulty, as the chatbot gets increasingly restrictive instructions as to how it will answer. It’s a great teaching tool. I am stuck on Level 7. Feel …SCHNEIER.COM
19 JulGoogle is cutting off internet access for some employees. Here's whyCould you get your work done without the internet? Article Link: Google is cutting off internet access for some employees. Here's why | ZDNET 1 post - 1 participant Read full topicMALWARE.NEWS
19 JulAn ‘Alarming Escalation’ of Sophistication in DDoS Attacks, Cloudflare SaysDistributed DDoS attacks are becoming increasingly sophisticated and complex, making an already-expanding threat landscape even more challenging. The post An ‘Alarming Escalation’ of Sophistication in DDoS Attacks, Cloudflare Says appeared first on Security Boulevard . Article Li…MALWARE.NEWS
19 JulOpenAI credentials stolen by the thousands for sale on the dark webThreat actors are showing an increased interest in generative artificial intelligence tools, with hundreds of thousands of OpenAI credentials for sale on the dark web and access to a malicious alternative for ChatGPT. [...]BLEEPINGCOMPUTER.COM
19 JulUS power grid faces escalating cyber threats, infrastructure experts warnThe power grid is experiencing heightened threats from foreign adversaries and domestic extremist groups that can pose devastating consequences for the nation’s supply of electricity, experts told a House subcommittee on Tuesday. Article Link: US power grid faces escalating cyber…MALWARE.NEWS
19 JulUkrainian Police Shutter Propaganda-Spreading Bot FarmBot Accounts Also Used to Illegally Distribute Ukrainians' Personal Data The Ukrainian Cyber Police dismantled yet another large-scale bot farm spreading Russian propaganda over social media. Cyber police seized nearly 150,000 SIM cards of different mobile operators used in the c…DATABREACHTODAY.CO.UK
19 JulRussian Hackers Probe Ukrainian Defense Sector With BackdoorNovel .NET Backdoor DeliveryCheck Sends a Variety of Secondary Payloads The Russian Turla hacker group has targeted the Ukrainian defense sector and other Eastern European entities with a novel backdoor, dubbed DeliveryCheck, to deploy secondary payloads likely used for espionage…DATABREACHTODAY.CO.UK
19 JulCreativity Test of GPT’s Story Telling Ability Based on an Image AloneThe iPhone App on Apple’s store using ChatGPT-4 that was previously evaluated here as best in class, AI Smith (aka Chat Bot), recently announced several new features, including one intriguing new ability involving creativity. Review of Open AI’s New iPhone Version App and Three N…MALWARE.NEWS
19 JulISC Stormcast For Wednesday, July 19th, 2023 https://isc.sans.edu/podcastdetail/8578, (Wed, Jul 19th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
19 JulExpanding cloud logging to give customers deeper security visibilityToday we are expanding Microsoft’s cloud logging accessibility and flexibility even further. Over the coming months, we will include access to wider cloud security logs for our worldwide customers at no additional cost. The post Expanding cloud logging to give customers deeper …MICROSOFT.COM
🌐 CYBER THREAT LANDSCAPE 4[−]
19 JulWormGPT: Emerging AI Tool Raises Concerns over Advanced Cyber ThreatsA new malicious tool dubbed WormGPT is doing rounds in underground forums as a new generative AI cybercrime tool. Attackers could be preparing to execute sophisticated phishing attacks by crafting highly convincing fake emails, said security experts.CYWARE.COM
19 JulUS govt bans European spyware vendors Intellexa and CytroxThe U.S. government has banned European commercial spyware manufacturers Intellexa and Cytrox, citing risks to U.S. national security and foreign policy interests. [...]BLEEPINGCOMPUTER.COM
19 JulDangerousPassword Attacks Targeting Developers’ Windows, macOS, and Linux EnvironmentsThe targeted attack group DangerousPassword has been continuously attacking cryptocurrency exchange developers since June 2019, using malware that infects Windows, macOS, and Linux environments with Python and Node.js installed.BLOGS.JPCERT.OR.JP
19 JulMicrosoft: Hackers turn Exchange servers into malware control centersMicrosoft and the Ukraine CERT warn of new attacks by the Russian state-sponsored Turla hacking group, targeting the defense industry and Microsoft Exchange servers with a new 'DeliveryCheck' malware backdoor. [...]BLEEPINGCOMPUTER.COM
📡 INFOSEC NEWS 19[−]
19 JulEMEA Webinar | Security Awareness Matters: How to Build Awareness that Transforms Culture and Reduces RiskDATABREACHTODAY.CO.UK
19 JulCalled a Bogus Airline Customer Support Number? Google is Hustling to Fix ThatThe company noted that it filed a lawsuit last month against a scammer who was posting fake reviews on Google Maps and attempting to manipulate other Google services for small businesses.THERECORD.MEDIA
19 JulFBI: Tech support scams now use shipping companies to collect cashFBI warns of a surge in tech support scams targeting the elderly across the United States and urging victims to dispatch cash concealed within magazines or similar items through shipping firms. [...]BLEEPINGCOMPUTER.COM
19 JulGermany’s new cyber chief to ‘intensify and focus’ work shaping European rulesClaudia Plattner, the new president of Germany’s BSI, told journalists she aimed to “intensify and focus” the agency’s work on using the levers of the European Union to improve cybersecurity in Germany and across the continent.THERECORD.MEDIA
19 JulBureau raises $16.5 million to help users prevent fraudBureau announced an additional $4.5 million from GMO VenturePartners, GMO Payment Gateway, and existing investors to complete its Series A funding round at $16.5 million. With this, total funding for the startup has reached $20.5 million to date.HELPNETSECURITY.COM
19 JulUkraine takes down massive bot farm, seizes 150,000 SIM cardsCyber Police Department of the National Police of Ukraine dismantled another massive bot farm linked to more than 100 individuals after searches at almost two dozen locations. [...]BLEEPINGCOMPUTER.COM
19 JulFIA World Endurance Championship Driver Passports Left UnsecuredOn June 16th, Cybernews researchers came across two misconfigured, meaning publicly exposed, Google Cloud Storage buckets. Both combined, they contained over 1.1 million files.SECURITYAFFAIRS.COM
19 JulFacebook behavioral ads banned by Norwegian privacy watchdogThe Norwegian Data Protection Authority (DPA), the country's data privacy watchdog, has banned behavioral advertising on Meta's Facebook and Instagram social networks. [...]BLEEPINGCOMPUTER.COM
19 JulUkraine Police Bust Another Bot Farm Accused of Pro-Russia Propaganda, Internet FraudUkraine's Cyber Police shut down yet another bot farm that was reportedly spreading disinformation about the war in Ukraine on social media, just one month after a similar illicit operation was raided in west-central Ukraine.THERECORD.MEDIA
19 JulSophos Team Go Wild for VolunteeringBuilding new aviaries for rescued birds at a wildlife rescue center.SOPHOS.COM
19 JulTech Support Scams Now Use Shipping Companies to Collect CashFBI warns of a surge in tech support scams targeting the elderly across the United States and urging victims to dispatch cash concealed within magazines or similar items through shipping firms.BLEEPINGCOMPUTER.COM
19 JulMeta confirms WhatsApp is down worldwideWhatsApp, the globally renowned messaging app, unexpectedly went offline today, leaving its vast user base unable to send or receive messages. [...]BLEEPINGCOMPUTER.COM
19 JulHands on with GPT-4-powered Bing AI Chat's virtual searchBing Chat continues to enrich its user experience by rolling out a new feature - Visual Search in Chat. This function combines the power of OpenAI's GPT-4 model with image search abilities to offer a more interactive way of browsing the web. [...]BLEEPINGCOMPUTER.COM
19 JulHow to Manage Your Attack Surface?Attack surfaces are growing faster than security teams can keep up. To stay ahead, you need to know what's exposed and where attackers are most likely to strike. With cloud migration dramatically increasing the number of internal and external targets, prioritizing threats and man…THEHACKERNEWS.COM
19 JulExploring the Dark Side: OSINT Tools and Techniques for Unmasking Dark Web OperationsOn April 5, 2023, the FBI and Dutch National Police announced the takedown of Genesis Market, one of the largest dark web marketplaces. The operation, dubbed "Operation Cookie Monster," resulted in the arrest of 119 people and the seizure of over $1M in cryptocurrency. You can re…THEHACKERNEWS.COM
19 JulHAM Radio + Enigma Machine Challenge, (Wed, Jul 19th)For those of you with a HAM radio (receiver) setup and an interest in crypto, the MRHS (Maritime Radio Historical Society) and the Cipher History Museum have an Enigma challenge this Saturday (July 22, 2023)
ISC.SANS.EDU
19 JulAWS Reliability Pillar: Consistent Cloud ArchitectureGain insight into the Reliability pillar of the AWS Well-Architected Framework and best practices for cloud-based operations, including change management and disaster recovery.TRENDMICRO.COM
19 JulChild identity theft: how do I keep my kids’ personal data safe?Why is kids’ personal information in high demand, how do criminals steal it, and what can parents do to help prevent child identity theft?WELIVESECURITY.COM