122Articles
8Categories
2023-07-20Date
🚨 CISA KEV 3[−]
20 Jul KEVThreat Actors Exploiting Citrix CVE-2023-3519 to Implant WebshellsSUMMARY The Cybersecurity and Infrastructure Security Agency (CISA) is releasing this Cybersecurity Advisory to warn network defenders about exploitation of CVE-2023-3519, an unauthenticated remote code execution (RCE) vulnerability affecting NetScaler (formerly Citrix) Applicati…CISA.GOV
20 Jul KEVThreat Actors Exploiting Citrix CVE-2023-3519 to Implant WebshellsSUMMARY The Cybersecurity and Infrastructure Security Agency (CISA) is releasing this Cybersecurity Advisory to warn network defenders about exploitation of CVE-2023-3519, an unauthenticated remote code execution (RCE) vulnerability affecting NetScaler (formerly Citrix) Applicati…MALWARE.NEWS
20 Jul KEVCISA Adds Two Known Exploited Vulnerabilities to CatalogCISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2023-29298 Adobe ColdFusion Improper Access Control Vulnerability CVE-2023-38205 Adobe ColdFusion Improper Access Control Vulnerability These type…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 10[−]
20 JulNew research reveals rapid remediation of MOVEit Transfer vulnerabilitiesCVE-2023-35036 & CVE-2023-35708 — were identified on June 9th and June 15th in the latest series of high-profile software supply chain vulnerabilities. Article Link: New research reveals rapid remediation of MOVEit Transfer vulnerabilities | Bitsight 1 post - 1 participant Re…MALWARE.NEWS
20 JulCVE-2023-36934: Progress Software MOVEit Transfer SQL Injection Remote Code Execution VulnerabilityIn this excerpt of a Trend Micro Vulnerability Research Service vulnerability report, Guy Lederfein and Lucas Miller of the Trend Micro Research Team detail a recently patched remote code execution vulnerability in Progress MOVEit Transfer. This bug was originally discovered by T…MALWARE.NEWS
20 JulZyxel Vulnerability Exploited by DDoS Botnets on Linux SystemsDistributed Denial of Service (DDoS) botnets have been used to actively exploit a critical vulnerability found in Zyxel firewall models. The flaw, identified by Fortinet security researchers as CVE-2023-28771, explicitly affects Linux platforms.INFOSECURITY-MAGAZINE.COM
20 Jul KEVBMC&C: Lights Out ForeverIntroduction Earlier this year, Eclypsium Research discovered and reported 5 vulnerabilities in American Megatrends (AMI) MegaRAC Baseboard Management Controller (BMC) software. MegaRAC BMC is a critical supply chain component found in millions of devices worldwide and used by mu…MALWARE.NEWS
20 JulMultiple DDoS Botnets Exploiting Recent Zyxel VulnerabilityMultiple DDoS botnets have been observed targeting CVE-2023-28771, a Zyxel firewall vulnerability patched in April. The post Multiple DDoS Botnets Exploiting Recent Zyxel Vulnerability appeared first on SecurityWeek .SECURITYWEEK.COM
20 Jul KEVThe federal government’s cybersecurity policies are falling into place just in time to be stalled againWelcome to this week’s edition of the Threat Source newsletter. Last week, the Biden administration released its formal roadmap for its national cybersecurity initiative meant to encourage greater investment in cybersecurity and strengthen the U.S.’s critical infrastructure secur…MALWARE.NEWS
20 JulActive exploitation of Citrix Netscaler ADC, Gateway bug underwayCitrix has disclosed that vulnerable NetScaler Application Delivery Controller and Gateway instances have been targeted in ongoing attacks leveraging the critical remote code execution flaw, tracked as CVE-2023-3519, The Hacker News reports. Article Link: https://cms.cyberriskall…MALWARE.NEWS
20 JulSimilarities between newly patched GE Cimplicity flaws, Sandworm attacks observedSecurityWeek reports that several recently addressed memory corruption vulnerabilities in the GE Cimplicity human-machine interface and supervisory control and data acquisition system, tracked as CVE-2023-3463, were noted by cybersecurity researcher Michael Heinzl, who discovered…MALWARE.NEWS
20 Jul KEVAdobe Rolls Out New Patches for Actively Exploited ColdFusion VulnerabilityAdobe has released a fresh round of updates to address an incomplete fix for a recently disclosed ColdFusion flaw that has come under active exploitation in the wild. The critical shortcoming, tracked as CVE-2023-38205 (CVSS score: 7.5), has been described as an instance of impro…THEHACKERNEWS.COM
20 Jul KEVCISA Releases Cybersecurity Advisory on Threat Actors Exploiting Citrix CVE-2023-3519The Cybersecurity and Infrastructure Security Agency (CISA) released a Cybersecurity Advisory (CSA), Threat Actors Exploiting Citrix CVE-2023-3519 to Implant Webshells , to warn organizations about threat actors exploiting CVE-2023-3519, an unauthenticated remote code execution (…CISA.GOV
⚠️ VULNERABILITY DISCLOSURE 24[−]
20 JulTwo Jira Plugin Vulnerabilities in Attacker CrosshairsAttackers are apparently trying to exploit two path traversal vulnerabilities in the ‘Stagil navigation for Jira – Menus & Themes’ plugin, the SANS Internet Storm Center warns.SECURITYWEEK.COM
20 JulAdobe Releases New Patches for Exploited ColdFusion VulnerabilitiesAdobe releases a second round of patches for recent ColdFusion vulnerabilities, including flaws that have been exploited in attacks. The post Adobe Releases New Patches for Exploited ColdFusion Vulnerabilities appeared first on SecurityWeek .SECURITYWEEK.COM
20 JulOracle Releases 508 New Security Patches With July 2023 CPUSuccessful exploitation of some of these vulnerabilities may lead to complete application or system compromise, Oracle says. Many of the updates also include additional third-party patches.SECURITYWEEK.COM
20 JulNew P2PInfect Worm Targeting Redis Servers on Linux and Windows Systems"P2PInfect exploits Redis servers running on both Linux and Windows Operating Systems making it more scalable and potent than other worms," Palo Alto Networks Unit 42 researchers William Gamazo and Nathaniel Quist said.THEHACKERNEWS.COM
20 JulEP14: The Permissions Management Nightmare in SharePoint Online<div> <div> <div> <div><div></div></div> </div><div> <div><p>We’re back for another episode with Philip Galea, R&amp;D Manager at Hornetsecurity. In today’s episode, Andy and Philip discuss the frustrations and…MALWARE.NEWS
20 JulProtecting energy infrastructure from cyberattacksThe content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article.  In the current geopolitical climate, the energy sector , which powers our modern…MALWARE.NEWS
20 JulWeekly Intelligence Snapshot – Week 29, 2023<div> <div> <div> <div><p>QuoIntelligence’s Weekly Intelligence Snapshot for the week of <strong>13 – 19 July 2023 </strong>is now available!&nbsp;Find a summary here and subscribe to our mailing list below if you want to receive regu…MALWARE.NEWS
20 JulThe Week in Security: Google Cloud Build permissions can be poisoned, WormGPT weaponizes AIWelcome to the latest edition of The Week in Security, which brings you the newest headlines from both the world and our team across the full stack of security: application security, cybersecurity, and beyond. This week: Google Cloud Build permissions can be abused to poison prod…MALWARE.NEWS
20 JulNew P2P Worm Puts Windows and Linux Redis Servers in its SightsA new peer-to-peer (P2P) worm, P2PInfect, is spreading across instances of the Redis open source database software in the cloud. The post New P2P Worm Puts Windows and Linux Redis Servers in its Sights appeared first on Security Boulevard . Article Link: New P2P Worm Puts Windows…MALWARE.NEWS
20 Jul1,000 CISOs strong: How cross-company collaboration strengthens enterprise cybersecurityMembership in CyberRisk Alliance's two peer-to-peer organizations, the Cybersecurity Collaboration Forum and Cybersecurity Collaborative, has topped 1,000 CISOs. Here's how joining either organization can reinforce your company's cybersecurity posture. Article Link: https://cms.c…MALWARE.NEWS
20 JulA look at Chrome’s security review culturePosted by Alex Gough, Chrome Security Team Security reviewers must develop the confidence and skills to make fast, difficult decisions. A simplistic piece of advice to reviewers is “just be confident” but in reality that takes practice and experience. Confidence comes with time, …MALWARE.NEWS
20 JulP2PInfect: New Peer-to-Peer Worm Targeting Redis ServersThe Rust-based peer-to-peer worm ‘P2PInfect’ is targeting a Lua sandbox escape vulnerability in internet-accessible Redis servers. The post P2PInfect: New Peer-to-Peer Worm Targeting Redis Servers appeared first on SecurityWeek .SECURITYWEEK.COM
20 JulNew free cloud security tools offered by CISAThe Cybersecurity and Infrastructure Security Agency has updated its free open-source cloud protection software toolkit with five new programs aimed at helping bolster cloud security posture and malicious activity detection, according to SiliconAngle. Article Link: https://cms.cy…MALWARE.NEWS
20 JulSupply chain security for Go, Part 3: Shifting leftJulie Qiu, Go Security & Reliability and Jonathan Metzman, Google Open Source Security Team Previously in our Supply chain security for Go series, we covered dependency and vulnerability management tools and how Go ensures package integrity and availability as part of the com…MALWARE.NEWS
20 Jul KEVAdobe Fixes ColdFusion Zero-Day - AgainRework of Previous Update Available for ColdFusion Versions 2023, 2021 and 2018 Adobe released a fresh out-of-band security update to patch an improperly fixed ColdFusion zero-day vulnerability being actively exploited in the wild that allows attackers to bypass security controls…DATABREACHTODAY.CO.UK
20 JulMallox Ransomware Exploits Weak MS-SQL Servers to Breach NetworksMallox ransomware activities in 2023 have witnessed a 174% increase when compared to the previous year, new findings from Palo Alto Networks Unit 42 reveal. "Mallox ransomware, like many other ransomware threat actors, follows the double extortion trend: stealing data before encr…THEHACKERNEWS.COM
20 JulCritical Flaws in AMI MegaRAC BMC Software Expose Servers to Remote AttacksTwo more security flaws have been disclosed in AMI MegaRAC Baseboard Management Controller (BMC) software that, if successfully exploited, could allow threat actors to remotely commandeer vulnerable servers and deploy malware. "These new vulnerabilities range in severity from Hig…THEHACKERNEWS.COM
20 JulApache OpenMeetings Web Conferencing Tool Exposed to Critical VulnerabilitiesMultiple security flaws have been disclosed in Apache OpenMeetings, a web conferencing solution, that could be potentially exploited by malicious actors to seize control of admin accounts and run malicious code on susceptible servers. "Attackers can bring the application into an …THEHACKERNEWS.COM
20 JulNew P2PInfect Worm Targeting Redis Servers on Linux and Windows SystemsCybersecurity researchers have uncovered a new cloud targeting, peer-to-peer (P2P) worm called P2PInfect that targets vulnerable Redis instances for follow-on exploitation. "P2PInfect exploits Redis servers running on both Linux and Windows Operating Systems making it more scalab…THEHACKERNEWS.COM
20 JulCISA Releases One Industrial Control Systems AdvisoryCISA released one Industrial Control Systems (ICS) advisory on July 20, 2023. This advisory provides timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-201-01 Schneider Electric EcoStruxure Products, Modicon PLCs, and Programm…CISA.GOV
20 JulSupply chain security for Go, Part 3: Shifting leftJulie Qiu, Go Security & Reliability and Jonathan Metzman, Google Open Source Security Team Previously in our Supply chain security for Go series, we covered dependency and vulnerability management tools and how Go ensures package integrity and availability as part of the com…SECURITY.GOOGLEBLOG.COM
20 JulA look at Chrome’s security review culturePosted by Alex Gough, Chrome Security Team Security reviewers must develop the confidence and skills to make fast, difficult decisions. A simplistic piece of advice to reviewers is “just be confident” but in reality that takes practice and experience. Confidence comes with time, …SECURITY.GOOGLEBLOG.COM
20 JulThe number of contributors to an open source project seems to inversely relate to the number of CVEs published (normalized over the age of the project and the Lines Of Code)submitted by lukstru to securitynews 10 points | 1 comments https://feddit.de/pictrs/image/2a906cff-56fa-4249-949f-525a981f2217.png I created some plots from the data I collected for my research on correlating CVEs to Clean Code requirements. Disclaimer: My n=19 is really low. Th…FEDDIT.DE
20 JulApple employee reportedly didn’t tell Google about zero-day exploit found in Chromesubmitted by Mustafaalbazy to security 4 points | 2 comments https://9to5mac.com/2023/07/20/apple-google-chrome-exploit/ As we often report here, it’s common for tech companies to help each other improve their security systems by sharing zero-day exploits found by security resear…9TO5MAC.COM
📢 SECURITY ADVISORIES 4[−]
20 JulCommentary on the Implementation Plan for the 2023 US National Cybersecurity StrategyThe Atlantic Council released a detailed commentary on the White House’s new “Implementation Plan for the 2023 US National Cybersecurity Strategy.” Lots of interesting bits. So far, at least three trends emerge: First, the plan contains a (somewhat) more concret…SCHNEIER.COM
20 JulIndustry Experts Urge CISA to Update Secure by Design GuidanceA joint letter by a group of industry experts urges CISA to go further in integrating and advocating threat modeling in the document, which aims to help manufacturers prioritize cybersecurity practices while designing technology products.INFOSECURITY-MAGAZINE.COM
20 JulCISA and NSA Issue New Guidance to Strengthen 5G Network Slicing Against ThreatsU.S. cybersecurity and intelligence agencies have released a set of recommendations to address security concerns with 5G standalone network slicing and harden them against possible threats.THEHACKERNEWS.COM
20 JulJustice to merge 2 offices in step with cyber implementation planThe agency has been granted new and important roles under the Biden administration’s plan to safeguard U.S. digital networks. Article Link: Justice to merge 2 offices in step with cyber implementation plan - Nextgov/FCW 1 post - 1 participant Read full topicMALWARE.NEWS
🔥 INCIDENT REPORTING 21[−]
20 JulFIN8 APT Delivers BlackCat Ransomware Using Sardonic Backdoor VariantSymantec's Threat Hunter Team found a new variant of the FIN8’s Sardonic backdoor used to deliver the Noberus ransomware. In this new version, the group behind Sardonic has reworked most of its code, most likely to avoid detection. Organizations are recommended to monitor the net…CYWARE.COM
20 JulHealthcare Organizations in the Crosshairs of CyberattackersIn an era where cyber threats continue to evolve, healthcare organizations are increasingly targeted by malicious actors employing multiple attack vectors, according to Trustwave.HELPNETSECURITY.COM
20 JulJumpCloud breach traced back to North Korean state hackersUS-based enterprise software company JumpCloud was breached by North Korean Lazarus Group hackers, according to security researchers at SentinelOne and CrowdStrike. [...]BLEEPINGCOMPUTER.COM
20 JulEstée Lauder Takes Down Some Systems Following CyberattackThe ALPHV group claims Estée Lauder has not responded and listed the company on its leak site Tuesday, according to activity observed by Emsisoft Threat Analyst Brett Callow.CYBERSECURITYDIVE.COM
20 JulRussian Medical Lab Suspends Some Services After Ransomware AttackCustomers of the Russian medical laboratory Helix have been unable to receive their test results for several days due to a “serious” cyberattack that crippled the company's systems over the weekend.THERECORD.MEDIA
20 JulThe State of Ransomware in Education 2023The realities of ransomware attacks facing education providers in 2023, including the frequency, root causes of attacks, and data recovery costs.SOPHOS.COM
20 JulThe State of Ransomware in Education 2023The realities of ransomware attacks facing education providers in 2023, including the frequency, root causes of attacks, and data recovery costs. Article Link: The State of Ransomware in Education 2023 – Sophos News 1 post - 1 participant Read full topicMALWARE.NEWS
20 JulTurla's New DeliveryCheck Backdoor Breaches Ukrainian Defense SectorDeliveryCheck is distributed via email with malicious macros and can breach Microsoft Exchange servers to install a server-side component, turning a legitimate server into a malware C2 server.THEHACKERNEWS.COM
20 JulTampa General Hospital Says Hackers Exfiltrated the Data of 1.2 Million PatientsA security breach was detected on May 31, 2023, when suspicious activity was identified within its network. The affected systems were immediately taken offline to prevent further unauthorized access.HIPAAJOURNAL.COM
20 JulCombat IT Team Burnout by Embracing AutomationExpel VP Chris Waynforth on How Security Researchers Can Reduce False Positives Unnecessary cyber alerts are a threat that can overwhelm defenders, leading to burnout and reduced efficiency within the team. Chris Waynforth, vice president and general manager at Expel, said adopti…DATABREACHTODAY.CO.UK
20 JulJumpCloud Cyberattack Linked to North Korean HackersSentinelOne has linked the recent JumpCloud cyberattack to North Korean hackers, based on the published IoCs. The post JumpCloud Cyberattack Linked to North Korean Hackers appeared first on SecurityWeek .SECURITYWEEK.COM
20 JulCosmetics Giant Estée Lauder Targeted by Two Ransomware GroupsEstée Lauder has confirmed suffering a data breach just as two ransomware groups claimed to have targeted the company, both allegedly stealing vast amounts of information. The post Cosmetics Giant Estée Lauder Targeted by Two Ransomware Groups appeared first on SecurityWeek .SECURITYWEEK.COM
20 JulNew Ransomware With RAT Capabilities Impersonating SophosThe recently discovered SophosEncrypt ransomware is impersonating the cybersecurity firm Sophos. The post New Ransomware With RAT Capabilities Impersonating Sophos appeared first on SecurityWeek .SECURITYWEEK.COM
20 JulCl0p, ALPHV/BlackCat claim separate attacks against Estee LauderBleepingComputer reports that U.S. multinational cosmetics company Estee Lauder was claimed to be compromised by the Cl0p and ALPHV/BlackCat ransomware gangs in separate attacks. Article Link: https://cms.cyberriskalliance.com/brief/ransomware/cl0p-alphv-blackcat-claim-separate-a…MALWARE.NEWS
20 JulRansomware attack impacts Russian medical laboratoryRansomware attack impacts Russian medical laboratory Russian medical laboratory Helix had its systems compromised by a ransomware attack over the weekend, resulting in the prolonged disruption of some services that delayed medical result delivery to many of its customers, reports…MALWARE.NEWS
20 JulJumpCloud Blames North Korean Hackers on BreachThreat Actor Is Financially Motivated Focusing on Cryptocurrency, Says Mandiant Days after attributing the recent breach in its customer environment, enterprise software company JumpCloud on Thursday confirmed the involvement of a North Korean nation-state actor who appears to be…DATABREACHTODAY.CO.UK
20 JulBreach Roundup: US Ambassador to China's Email Hacked TooAlso: Linux Malware infects 70K Routers, More MOVEit Fallout, Estée Lauder Hit by Breach This week, U.S. Ambassador to China is the latest victim of Chinese hacks, Linux malware infected 70,000 routers, Norway banned Meta ads, the MOVEit breach affected 1.2 million more customers…DATABREACHTODAY.CO.UK
20 JulTurla's New DeliveryCheck Backdoor Breaches Ukrainian Defense SectorThe defense sector in Ukraine and Eastern Europe has been targeted by a novel .NET-based backdoor called DeliveryCheck (aka CAPIBAR or GAMEDAY) that's capable of delivering next-stage payloads. The Microsoft threat intelligence team, in collaboration with the Computer Emergency R…THEHACKERNEWS.COM
20 JulMicrosoft Expands Cloud Logging to Counter Rising Nation-State Cyber ThreatsMicrosoft on Wednesday announced that it's expanding cloud logging capabilities to help organizations investigate cybersecurity incidents and gain more visibility after facing criticism in the wake of a recent espionage attack campaign aimed at its email infrastructure. The tech …THEHACKERNEWS.COM
20 JulSecurity Patch Management Strengthens Ransomware DefenseWith thousands of applications to manage, enterprises need an effective way to prioritize software security patches. That calls for a contextualized, risk-based approach and good overall attack surface risk management.TRENDMICRO.COM
🕵️ THREAT INTELLIGENCE 45[−]
20 Jul KEVFamed Hacker Kevin Mitnick Dead at 59Famed hacker Kevin Mitnick has died after a battle with pancreatic cancer. At the time of his death, he was KnowBe4 Chief Hacking Officer. The post Famed Hacker Kevin Mitnick Dead at 59 appeared first on SecurityWeek .SECURITYWEEK.COM
20 JulISC Stormcast For Thursday, July 20th, 2023 https://isc.sans.edu/podcastdetail/8580, (Thu, Jul 20th)Article Link: https://isc.sans.edu/diary/rss/30046 1 post - 1 participant Read full topicMALWARE.NEWS
20 JulThreat Actors Enhance Phishing Tactics with Zip DomainsResearchers have discovered a rising trend of .zip domains in phishing campaigns that criminals are utilizing to boost their phishing attacks and improve their effectiveness. Many anti-phishing solutions are designed to scan URLs for suspicious keywords or patterns, but they may …CYWARE.COM
20 JulUnderstanding Artificial IntelligenceLike all technologies, artificial intelligence (AI) describes a number of different techniques and tools . This guide provides a short introduction to help you better understand the differences – and why they matter. What is artificial intelligence? AI can be thought of as a very…MALWARE.NEWS
20 JulDeobfuscation of Malware Delivered Through a .bat File, (Thu, Jul 20th)I found a phishing email that delivered a RAR archive (password protected). Inside the archive, there was a simple .bat file (SHA256: 57ebd5a707eb69dd719d461e1fbd14f98a42c6c3dcb8505e4669c55762810e70) with the following name: SRI DISTRITAL - DPTO DE COBRO -SRI Informa-Deuda pendie…MALWARE.NEWS
20 JulAlleged drug baron coordinating drug production in Europe is arrested in ColombiaThe suspect, a Colombian national, is believed to have been coordinated cocaine and methamphetamine production in the Netherlands for Mexican cartels. The suspect is also associated with the import of large amounts of cocaine and with various drug labs in the Netherlands. The 43 …MALWARE.NEWS
20 JulSingapore releases draft guidelines on personal data use in AI trainingGuidelines aim to clarify how Singapore’s laws will apply when companies use personal data to train AI models and systems, including under research and business improvement exceptions. Article Link: Singapore releases draft guidelines on personal data use in AI training | ZDNET 1…MALWARE.NEWS
20 Jul[SANS ISC] Deobfuscation of Malware Delivered Through a .bat FileToday, I published the following diary on isc.sans.edu: “ Deobfuscation of Malware Delivered Through a .bat File “: I found a phishing email that delivered a RAR archive (password protected). Inside the archive, there was a simple .bat file (SHA256: 57ebd5a707eb69dd719d461e1fbd14…MALWARE.NEWS
20 JulJob Scams Using Bioscience Lures Target UniversitiesThe threat actors used email lures, posing as bioscience and health organizations, to entice recipients. The emails contained attached PDFs with information about the organization and the job, as well as salary and equipment specifications.PROOFPOINT.COM
20 JulRecently Patched GE Cimplicity Vulnerabilities Reminiscent of Russian ICS AttacksOver a dozen vulnerabilities patched recently by GE in its Cimplicity product are reminiscent of industrial control system (ICS) attacks conducted by a notorious Russian hacker group.SECURITYWEEK.COM
20 JulProtected: Neo_Net | The Kingpin of Spanish eCrimePassword Protected To view this protected post, enter the password below: Password: Submit The post Protected: Neo_Net | The Kingpin of Spanish eCrime appeared first on QuoIntelligence . Article Link: Neo_Net | The Kingpin of Spanish eCrime - QuoIntelligence 1 post - 1 participan…MALWARE.NEWS
20 JulBad ad fad leads to IcedID, Gozi infectionsMalvertising campaigns using paid ads result in infostealer and backdoor attacks Article Link: Bad ad fad leads to IcedID, Gozi infections – Sophos News 1 post - 1 participant Read full topicMALWARE.NEWS
20 JulNation States Using Cybercrime Groups as Proxies, Warns NCA ChiefIn his first public speech, Graeme Biggar, the new chief of the UK's National Crime Agency (NCA), highlighted the emerging links between serious crime groups and nation-state operations in cyberspace.INFOSECURITY-MAGAZINE.COM
20 JulAPT41 hackers target Android users with WyrmSpy, DragonEgg spywareThe Chinese state-backed APT41 hacking group is targeting Android devices with two newly discovered spyware strains dubbed WyrmSpy and DragonEgg by Lookout security researchers. [...]BLEEPINGCOMPUTER.COM
20 JulLessons Learned From Brazil's PIX for US FedNow ProgramCarlos Kazuo Missao Shares Case Studies From Brazil's Faster Payments Ecosystem Brazil's instant payment system, PIX, is second only to India's UPI in number of transactions. As the United States prepares for the launch of FedNow, GFT's Carlos Kazuo Missao shares his experience w…DATABREACHTODAY.CO.UK
20 JulAnonymous Sudan DDoS strikes dominate attacks by KillNet collectiveMandiant researchers say Anonymous Sudan has taken over as the most prolific affiliate of KillNet, a collective of Russia-aligned ‘hacktivist’ groups, carrying out the majority of the group's DDoS attacks in recent months. Article Link: https://cms.cyberriskalliance.com/news/crit…MALWARE.NEWS
20 JulMy go-to cleaning app for Mac just got a major security upgradeCleanMyMac X has long been my primary choice for clearing out system junk and optimizing performance. This latest update makes malware detection and elimination even better. Article Link: My go-to cleaning app for Mac just got a major security upgrade | ZDNET 1 post - 1 participa…MALWARE.NEWS
20 JulThreat Actors are Targeting Your Web Applications – Here’s How To Protect ThemOrgs must take proactive measures to safeguard their web applications and eliminate weak points. Learn more from Outpost24 on these threats, attack strategies, and the steps you can take to protect your web applications. [...]BLEEPINGCOMPUTER.COM
20 JulShenetworks’ Guide to Landing Your First Tech JobSerena DiPenti // Buckle up for this one because I’m about to give you A LOT of information. As someone who works in tech and creates tech content, I am […] Article Link: Shenetworks’ Guide to Landing Your First Tech Job – Black Hills Information Security 1 post - 1 participant R…MALWARE.NEWS
20 JulNorth Korean-linked Lazarus Group tied to supply chain attack on JumpCloudFurther research after Colorado-based JumpCloud invalidated its API keys two weeks ago led to indicators of compromise linked to North Korea. Article Link: https://cms.cyberriskalliance.com/news/third-party-risk/north-korean-linked-lazarus-group-tied-to-supply-chain-attack-on-jum…MALWARE.NEWS
20 Jul KEVRemembering World-Famous Computer Hacker Kevin MitnickSocial Engineering Expert Was Featured on FBI's Most Wanted List Before Going Legit Kevin Mitnick, the self-described "world's most famous hacker" - thanks in no small part to hisbeing featured on the FBI's Most Wanted list during a two-year manhunt - has died at the age of 59. A…DATABREACHTODAY.CO.UK
20 JulNew AMI BMC Flaws Allowing Takeover and Physical Damage Could Impact Millions of DevicesTwo new serious vulnerabilities in AMI BMC, which is used by millions of devices, can allow attackers to take control of systems and cause physical damage. The post New AMI BMC Flaws Allowing Takeover and Physical Damage Could Impact Millions of Devices appeared first on Security…SECURITYWEEK.COM
20 JulHuman Cyber-Risk Can Be Demonstrably Mitigated by Behavior Changing Training: AnalysisWhile traditional security awareness teaches users how to recognize social engineering, new behavior changing trains the brain on the correct recognition and response to phishing. The post Human Cyber-Risk Can Be Demonstrably Mitigated by Behavior Changing Training: Analysis appe…SECURITYWEEK.COM
20 Jul10 Steps to Help Secure Your APIsSecuring APIs is a noble, though complex journey. Security teams can leverage these 10 steps to help secure their APIs. The post 10 Steps to Help Secure Your APIs appeared first on SecurityWeek .SECURITYWEEK.COM
20 Jul KEVRemembrances pour on to social media on the passing of famed hacker Kevin MitnickPossibly the world’s most famous hacker, Kevin Mitnick was a controversial figure who passed away July 16 after a 14-month battle with pancreatic cancer. He was 59. Article Link: https://cms.cyberriskalliance.com/news/social-engineering/remembrances-pour-on-to-social-media-on-the…MALWARE.NEWS
20 Jul KEVKevin Mitnick DiedObituary .SCHNEIER.COM
20 JulStolen OpenAI credentials prevalent on the dark webOver 200,000 OpenAI credentials are being sold as stealer logs on the dark web, reports BleepingComputer. Article Link: https://cms.cyberriskalliance.com/brief/emerging-technology/stolen-openai-credentials-prevalent-on-the-dark-web 1 post - 1 participant Read full topicMALWARE.NEWS
20 JulBioscience, health job lures leveraged in new scam campaignUniversity students across North America have been targeted by a new scam campaign that involved the use of fraudulent bioscience, biotechnology, and healthcare job offers to facilitate advance fee fraud since March, according to The Record, a news site by cybersecurity firm Reco…MALWARE.NEWS
20 JulMalware risk inaccurately classified by AI, LLMsArtificial intelligence and large language models continue to be lacking in analyzing malware, with malware risk accurately classified by LLMs in only about 5% of cases, SiliconAngle reports. Article Link: https://cms.cyberriskalliance.com/brief/malware/malware-risk-inaccurately-…MALWARE.NEWS
20 JulNew Turla attacks target Exchange servers with DeliveryCheck malwareMicrosoft Exchange servers used by Ukraine's and Eastern Europe's defense sector have been targeted in new attacks by Russian state-backed hacking group Turla, also known as UAC-0003, KRYPTON, and Secret Blizzard, deploying the novel DeliveryCheck backdoor, BleepingComputer repor…MALWARE.NEWS
20 JulNovel Android spyware strain versions leveraged by APT41Chinese state-sponsored threat operation APT41, also known as Bronze Atlas, Winnti, Brass Typhoon, Axiom, Blackfly, HOODOO, and Wicked Panda, has launched recent attacks deploying new versions of the DragonEgg and WyrmSpy Android spyware strains, according to The Hacker News. Art…MALWARE.NEWS
20 JulCyber Resilience Act: The Future of Software in the European UnionRepresentatives of member states of the European Union (EU) reached a common agreement yesterday regarding the proposed Cyber Resilience Act (CRA) . Article Link: Cyber Resilience Act: The Future of Software in the European Union 1 post - 1 participant Read full topicMALWARE.NEWS
20 JulUN security council delegates urge AI controls to defuse potential global threatThe United Nations supports calls for a separate UN entity to facilitate collective efforts to govern artificial intelligence. Article Link: UN security council delegates urge AI controls to defuse potential global threat | ZDNET 1 post - 1 participant Read full topicMALWARE.NEWS
20 JulBlack SEO Offerings Gaining Momentum in Underground ForumsMalvertising Campaigns Trick Users Searching for AI-Related Tools Such as ChatGPT Cybercriminals are leveraging Google's paid advertisement service to push malicious sites on top search results in order to trick victims into downloading info stealers and backdoors. Researchers su…DATABREACHTODAY.CO.UK
20 JulFeds Warn Hospitals, Telehealth Firms About Web Tracker UseHHS, FTC Notify 130 Entities About Risk of Sharing Sensitive Data in Tracking Tools The U.S. Federal Trade Commission and the Department of Health and Human Services are jointly warning dozens of hospitals and telehealth providers of potential patient data privacy and cybersecuri…DATABREACHTODAY.CO.UK
20 JulGraylog Buys API Security Firm Resurface for Added TelemetryDeal Will Allow Graylog to Offer More Context Around Risk Tied to API-Based Threats Graylog bought an API security startup founded by a former Dell and Intel software engineer to give its customers broader and more complete threat detection. Resurface.io will allow companies to c…DATABREACHTODAY.CO.UK
20 JulIBM’s Watson rebooted as a secure AI alternativeIBM enters crowded generative AI market with watsonx, a safe, secure and private studio platform. Article Link: https://cms.cyberriskalliance.com/news/risk-management/ibm-watson-rebooted-ai-alternative 1 post - 1 participant Read full topicMALWARE.NEWS
20 JulGitHub warns of Lazarus hackers targeting devs with malicious projectsGitHub is warning of a social engineering campaign targeting the accounts of developers in the blockchain, cryptocurrency, online gambling, and cybersecurity sectors to infect their devices with malware. [...]BLEEPINGCOMPUTER.COM
20 JulChinese Threat Group APT41 Linked To Android Malware AttacksAPT41 Used WyrmSpy and DragonEgg Surveillance Malware to Target Android Users Security researchers say the Chinese state-sponsored espionage group APT41 is using WyrmSpy and DragonEgg surveillance malware to target Android mobile devices. APT41 recently switched tactics to develo…DATABREACHTODAY.CO.UK
20 JulFederal Reserve's FedNow Goes Live With Fast PaymentsProgram Expected to Modernize Country's Payment Systems FedNow, the Federal Reserve's first instant payment service, officially launched on Thursday. FedNow so far has 35 banks and credit unions and 16 service providers certified to use the service including community banks and l…DATABREACHTODAY.CO.UK
20 JulNorth Korean State-Sponsored Hackers Suspected in JumpCloud Supply Chain AttackAn analysis of the indicators of compromise (IoCs) associated with the JumpCloud hack has uncovered evidence pointing to the involvement of North Korean state-sponsored groups, in a style that's reminiscent of the supply chain attack targeting 3CX. The findings come from Sentinel…THEHACKERNEWS.COM
20 JulDeobfuscation of Malware Delivered Through a .bat File, (Thu, Jul 20th)I found a phishing email that delivered a RAR archive (password protected). Inside the archive, there was a simple .bat file (SHA256: 57ebd5a707eb69dd719d461e1fbd14f98a42c6c3dcb8505e4669c55762810e70) with the following name: SRI DISTRITAL - DPTO DE COBRO -SRI Informa-Deuda pendie…ISC.SANS.EDU
20 JulISC Stormcast For Thursday, July 20th, 2023 https://isc.sans.edu/podcastdetail/8580, (Thu, Jul 20th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
20 JulLLM in the Cloud — Advantages and RisksThe development of large language models (LLMs) has shown great promise in enhancing cloud security. The post LLM in the Cloud — Advantages and Risks appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
20 Jul KEVKevin Mitnick Obituary - Las Vegas, NVsubmitted by N7x to securitynews 34 points | 0 comments https://www.dignitymemorial.com/obituaries/las-vegas-nv/kevin-mitnick-11371668 RIPDIGNITYMEMORIAL.COM
🌐 CYBER THREAT LANDSCAPE 5[−]
20 JulBad ad fad leads to IcedID, Gozi infectionsMalvertising campaigns using paid ads result in infostealer and backdoor attacksSOPHOS.COM
20 JulNew P2PInfect worm malware targets Linux and Windows Redis serversEarlier this month, security researchers discovered a new peer-to-peer (P2P) malware with self-spreading capabilities that targets Redis instances running on Internet-exposed Windows and Linux systems. [...]BLEEPINGCOMPUTER.COM
20 JulKillNet DDoS Attacks Further Moscow's Psychological AgendaMore Evidence Suggests Self-Promoting 'Hacktivist' Group Is Tool of Russian State While self-proclaimed Russian hacktivist groups such as KillNet, Tesla Botnet and Anonymous Russia claim they're wreaking havoc on anti-Moscow targets, a fresh analysis of their attacks finds that d…DATABREACHTODAY.CO.UK
20 JulCritical AMI MegaRAC bugs can let hackers brick vulnerable serversTwo new critical severity vulnerabilities have been discovered in the MegaRAC Baseboard Management Controller (BMC) software made by hardware and software company American Megatrends International. [...]BLEEPINGCOMPUTER.COM
20 JulPart I: Implementing Effective Cyber Security Metrics That Reduce Risk RealisticallyAs a CISO or business leader, some burning questions that often come to your mind are:  Although such questions are easy to raise, finding straightforward answers is equally tricky. The crux of the issue lies in identifying the right metrics to measure and a way to report th…QUALYS.COM
📡 INFOSEC NEWS 10[−]
20 JulOpenAI Credentials Stolen by the Thousands for Sale on the Dark WebOver 200,000 OpenAI credentials are available for sale on the dark web, indicating that cybercriminals see potential in using AI tools like ChatGPT for malicious activities.BLEEPINGCOMPUTER.COM
20 JulMicrosoft Set to Expand Access to Detailed Logs in the Wake of Chinese Hacking OperationMicrosoft said in a blog post on Wednesday that it will include “access to wider cloud security logs for our worldwide customers at no additional cost” starting in September and that it would increase default log retention from 90 to 180 days.CYBERSCOOP.COM
20 JulGoogle Chrome gets Windows 11's new design - how to enable itGoogle's browser, Chrome, in its 115th version, has unveiled a feature that allows users to use Windows Mica material, a design element that enhances user personalization. To access this function, users are required to go to the Chrome flags menu and activate it manually. [...]BLEEPINGCOMPUTER.COM
20 JulPhishing via Google AdsHackers are using URL redirects within Google ads to lead users to malicious sites, leveraging the trust and legitimacy of Google Ads. This technique, known as BEC 3.0, involves referencing legitimate sites instead of spoofed ones.AVANAN.COM
20 JulRenewable technologies add risk to the US electric grid, experts warnTechnologies that underpin solar and wind energy storage systems, which are central to transferring renewable power to the grid, are potential hacking risks, experts noted at a congressional hearing Tuesday.CYBERSCOOP.COM
20 JulUpdate: Old Roblox Data Leak Resurfaces, 4000 Users' Personal Information ExposedThe leak, which initially occurred in 2021 but gained more attention after being re-published on a public hacking forum, has led to high-profile users receiving malicious calls, texts, and emails.INFOSECURITY-MAGAZINE.COM
20 JulA Few More Reasons Why RDP is Insecure (Surprise!)If it seems like Remote Desktop Protocol (RDP) has been around forever, it's because it has (at least compared to the many technologies that rise and fall within just a few years.) The initial version, known as "Remote Desktop Protocol 4.0," was released in 1996 as part of the Wi…THEHACKERNEWS.COM
20 JulUpdated Researcher Portal Submission Form: Discover the New Fields in the Submission FormSummary: We are excited to announce the release of the updated Researcher Portal submission form. These new fields allow Security Researchers to provide additional context for the reported security issue, providing product teams with more data for analysis, gain insights and iden…MSRC.MICROSOFT.COM
20 Jul8 common work-from-home scams to avoidThat ‘employer’ you’re speaking to may in reality be after your personal information, your money or your help with their illegal activitiesWELIVESECURITY.COM