🐛 COMMON VULNERABILITIES AND EXPOSURES 28[−]
21 JulP2PInfect Worm: A Stealthy Cross-Platform Threat Targeting Redis ServersCybersecurity researchers discovered a new P2P worm named P2PInfect that targets vulnerable Redis instances for exploitation. The worm is notable for its use of the critical Lua sandbox escape flaw, identified as CVE-2022-0543, to infect systems. Written in Rust, its attacks are …CYWARE.COM
21 Jul KEVAdobe Releases New Patches for Exploited ColdFusion VulnerabilitiesOn July 19, Adobe issued another ColdFusion update to fix three new CVEs. One of them, CVE-2023-38205, is the bypass for CVE-2023-29298. The software giant warned in its advisory that CVE-2023-38205 has been exploited in the wild in limited attacks.SECURITYWEEK.COM
21 JulNew AMI BMC Flaws Allowing Takeover and Physical Damage Could Impact Millions of DevicesThe new vulnerabilities disclosed by Eclypsium on Thursday are CVE-2023-34329, a critical authentication bypass issue that can be exploited by spoofing HTTP headers, and CVE-2023-34330, a code injection flaw.SECURITYWEEK.COM
21 JulCitrix Zero-Day Exploited Against Critical Infrastructure OrganizationCISA says the new Citrix zero day vulnerability tracked as CVE-2023-3519 has been exploited against a critical infrastructure organization. The post Citrix Zero-Day Exploited Against Critical Infrastructure Organization appeared first on SecurityWeek .SECURITYWEEK.COM
21 JulCitrix Zero-Day Exploited Against Critical Infrastructure OrganizationThe US Cybersecurity and Infrastructure Security Agency (CISA) revealed on Thursday that the recently disclosed Citrix zero-day vulnerability tracked as CVE-2023-3519 has been exploited against a critical infrastructure organization.SECURITYWEEK.COM
21 JulCISA: Citrix RCE bug exploited to breach critical infrastructure orgThreat actors have breached the network of a U.S. organization in the critical infrastructure sector after exploiting a zero-day RCE vulnerability currently identified as CVE-2023-3519, a critical-severity issue in NetScaler ADC and Gateway that Citrix patched this week. [...]BLEEPINGCOMPUTER.COM
21 JulNetscaler ADC bug exploited to breach US critical infrastructure orgThe US government is warning that threat actors breached the network of a U.S. organization in the critical infrastructure sector after exploiting a zero-day RCE vulnerability currently identified as CVE-2023-3519, a critical-severity issue in NetScaler ADC and Gateway that Citri…BLEEPINGCOMPUTER.COM
21 JulThreat Actors exploiting Citrix CVE-2023-3519 to implant webshells - CISA cybersecurity advisoryCYBER.GC.CA
21 JulAtlassian Releases Security UpdatesAtlassian has released its Security Bulletin for July 2023 to address vulnerabilities in Confluence Data Center & Server ( CVE-2023-22505 and CVE-2023-22508 ) and Bamboo Data Center ( CVE-2023-22506 ). An attacker can exploit these vulnerabilities to take control of an affected s…CISA.GOV
21 JulCVE-2023-24881 Microsoft Teams Information Disclosure VulnerabilityRemoved one of the FAQs. This is an information change only.MSRC.MICROSOFT.COM
21 JulCVE-2023-33151 Microsoft Outlook Spoofing VulnerabilityAdded an FAQ to explain what customers should do if they run into issues opening UNC, SMB, and file:// type URLs after installing the July 2023 Outlook updates. This is an informational change only.MSRC.MICROSOFT.COM
21 JulCVE-2023-38173 Microsoft Edge for Android Spoofing VulnerabilityInformation published.MSRC.MICROSOFT.COM
21 JulCVE-2023-35311 Microsoft Outlook Security Feature Bypass VulnerabilityAdded an FAQ to explain what customers should do if they run into issues opening UNC, SMB, and file:// type URLs after installing the July 2023 Outlook updates. This is an informational change only.MSRC.MICROSOFT.COM
21 JulCVE-2023-35392 Microsoft Edge (Chromium-based) Spoofing VulnerabilityInformation published.MSRC.MICROSOFT.COM
21 JulCVE-2023-38187 Microsoft Edge (Chromium-based) Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
21 JulChromium: CVE-2023-3727 Use after free in WebRTCThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
21 JulChromium: CVE-2023-3728 Use after free in WebRTCThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
21 JulChromium: CVE-2023-3730 Use after free in Tab GroupsThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
21 JulChromium: CVE-2023-3732 Out of bounds memory access in MojoThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
21 JulChromium: CVE-2023-3733 Inappropriate implementation in WebApp InstallsThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
21 JulChromium: CVE-2023-3734 Inappropriate implementation in Picture In PictureThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
21 JulChromium: CVE-2023-3735 Inappropriate implementation in Web API Permission PromptsThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
21 JulChromium: CVE-2023-3736 Inappropriate implementation in Custom TabsThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
21 JulChromium: CVE-2023-3737 Inappropriate implementation in NotificationsThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
21 JulChromium: CVE-2023-3738 Inappropriate implementation in AutofillThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
21 JulChromium: CVE-2023-3740 Insufficient validation of untrusted input in ThemesThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
21 JulCVE-2023-21531 Azure Service Fabric Container Elevation of Privilege VulnerabilityUpdated FAQ information. This is an informational change only.MSRC.MICROSOFT.COM
21 JulCVE-2021-27075 Azure Virtual Machine Information Disclosure VulnerabilityUpdated FAQ information. This is an informational change only.MSRC.MICROSOFT.COM
⚠️ VULNERABILITY DISCLOSURE 14[−]
21 JulThe case for phishing-resistant MFANew MFA bypass techniques have reinforced the need for strong, phishing-resistant MFA. Article Link: https://cms.cyberriskalliance.com/perspective/identity-and-access/the-case-for-phishing-resistant-mfa 1 post - 1 participant Read full topicMALWARE.NEWS
21 JulAndroid SpyNote attacks electric and water public utility users in JapanAuthored by Yukihiro Okutomi McAfee Mobile team observed a smishing campaign against Japanese Android users posing as a power and water infrastructure company in early June 2023. This campaign ran for a short time from June 7. The SMS message alerts about payment problems …MALWARE.NEWS
21 JulLLMs and AI positioned to dominate the AppSec worldAs modern software trends toward distributed architectures, microservices, and extensive use of third-party and open-source components, dependency management only gets harder, according to Endor Labs.HELPNETSECURITY.COM
21 JulAI and MicrodirectivesImagine a future in which AIs automatically interpret—and enforce—laws. All day and every day, you constantly receive highly personalized instructions for how to comply with the law, sent directly by your government and law enforcement. You’re told how to cross …SCHNEIER.COM
21 JulAndroid Spyware WyrmSpy and DragonEgg Attributed to APT41The Chinese nation-state group APT41 has been associated with two new Android spyware strains, named WyrmSpy and DragonEgg. The initial infection vector for the mobile surveillanceware campaign remains uncertain, but social engineering is suspected. Users should avoid downloading…CYWARE.COM
21 JulOpenMeetings Flaws Allow Hackers to Hijack Instances, Execute Code on ServersThree vulnerabilities in Apache OpenMeetings could be exploited by attackers to take over an administrator account and execute arbitrary code remotely. The post OpenMeetings Flaws Allow Hackers to Hijack Instances, Execute Code on Servers appeared first on SecurityWeek .SECURITYWEEK.COM
21 JulMallox Ransomware Activity Surges by 174%Mallox ransomware activity surged by nearly 174% in 2023, using the new variant Xollam, employing the double extortion tactic to demand ransom from victims. The development is also being perceived as more affiliate groups coming together in this mission. Organizations must remain…CYWARE.COM
21 JulApache OpenMeetings Web Conferencing Tool Exposed to Critical VulnerabilitiesMultiple security flaws have been disclosed in Apache OpenMeetings, a web conferencing solution, that could be potentially exploited by malicious actors to seize control of admin accounts and run malicious code on susceptible servers.THEHACKERNEWS.COM
21 JulHotRat as Hidden Script in Cracked SoftwareIn a recent encounter, security researchers stumbled across a HotRat malware distribution campaign that cybercriminals were offering bundled as cracked programs and games. HotRat is an offshoot of the open-source AsyncRAT framework. Implement strict software policies, regularly u…CYWARE.COM
21 JulMultiple Vulnerabilities in Mozilla Thunderbird Could Allow for Arbitrary Code ExecutionMultiple vulnerabilities have been discovered in Mozilla Thunderbird, the most severe of which could allow for arbitrary code execution. Mozilla Thunderbird is a free and open-source cross-platform email client, personal information manager, news client, RSS and chat client. Succ…CISECURITY.ORG
21 JulLocal Governments Targeted for Ransomware – How to Prevent Falling VictimRegardless of the country, local government is essential in most citizens' lives. It provides many day-to-day services and handles various issues. Therefore, their effects can be far-reaching and deeply felt when security failures occur. In early 2023, Oakland, California, fell v…THEHACKERNEWS.COM
21 JulDDoS Botnets Hijacking Zyxel Devices to Launch Devastating AttacksSeveral distributed denial-of-service (DDoS) botnets have been observed exploiting a critical flaw in Zyxel devices that came to light in April 2023 to gain remote control of vulnerable systems. "Through the capture of exploit traffic, the attacker's IP address was identified, an…THEHACKERNEWS.COM
21 JulCitrix NetScaler ADC and Gateway Devices Under Attack: CISA Urges Immediate ActionThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an advisory on Thursday warning that the newly disclosed critical security flaw in Citrix NetScaler Application Delivery Controller (ADC) and Gateway devices is being abused to drop web shells on vulnerable s…THEHACKERNEWS.COM
21 JulVictims sue US healthcare network for breach of patient data. Multiple blanks impacted in MOVEit data breaches. A closer look at Cl0p.submitted by IllNess to securitynews 10 points | 0 comments https://thecyberwire.com/newsletters/privacy-briefing/5/137 Posted just in case you are paywalled. Summary At a glance. Victims sue US healthcare network for breach of patient data. Multiple blanks impacted in MOVEit dat…THECYBERWIRE.COM
📢 SECURITY ADVISORIES 3[−]
21 JulUpdate: Cyberattack on Github Customers Linked to North Korean Hackers, Microsoft SaysGitHub attributed the attacks to a group known at Microsoft (which owns GitHub) by the name “Jade Sleet” and called TraderTraitor by the U.S. Cybersecurity and Infrastructure Security Agency (CISA).THERECORD.MEDIA
21 JulEvolving CDM to Transform Government Cybersecurity Operations and Enable CISA’s Approach to Interactive Cyber DefenseCISA.GOV
21 JulNavigating NIS2 Compliance: Key Considerations for UKI Organisations in the Evolving Cybersecurity LandscapeBeyondTrust's Karl Lankford on Meeting Challenges of the Enhanced NIS Directive The new version of the Network and Information Systems Directive, or NIS2, created by EU member states in January 2023, enhances security requirements, simplifies reporting obligations and introduces …DATABREACHTODAY.CO.UK
🔥 INCIDENT REPORTING 19[−]
21 JulIOTW: Estee Lauder data stolen in cyber attackThe company had to take its systems offline to mitigate the cyber attackCSHUB.COM
21 JulJumpCloud Blames North Korean Hackers for BreachThreat Actor Is Financially Motivated and Focusing on Cryptocurrency, Says Mandiant Days after attributing the recent breach in its customer environment, enterprise software company JumpCloud on Thursday confirmed the involvement of a North Korean nation-state actor who appears t…DATABREACHTODAY.CO.UK
21 JulFakeSG: A SocGholish Competitor Delivers NetSupport RATA new malicious campaign FakeSG has emerged, mirroring the tactics of the well-known SocGholish in delivering the NetSupport RAT through compromised WordPress websites. FakeSG imitates browser update templates based on the victim's browser and uses different layers of obfuscation…CYWARE.COM
21 JulUK: Most CNI Firms Think Climate Tech is Increasing Cyber RiskOver eight in 10 (83%) of the UK’s critical national infrastructure (CNI) firms believe new technologies designed to enhance sustainability will become a significant vector for cyberattacks, according to Bridewell.INFOSECURITY-MAGAZINE.COM
21 JulThreat Group Assessment: Mallox RansomwareMallox ransomware is a strain of ransomware that targets Microsoft Windows systems. It has been active since June 2021 and has recently seen an increase in activity, with a 174% rise in attacks compared to the previous year.UNIT42.PALOALTONETWORKS.COM
21 JulTampa General Hospital Says Patient Information Stolen in Ransomware AttackTampa General Hospital has started informing patients that their personal information was stolen in a ransomware attack. The post Tampa General Hospital Says Patient Information Stolen in Ransomware Attack appeared first on SecurityWeek .SECURITYWEEK.COM
21 JulExploring the Macro Shifts in Enterprise SecurityThe number of successful ransomware attacks and data breach attempts fell by 30% over the last year, the number of reported security incident types at organizations increased, according to the 2023 Cybersecurity Perspectives Survey by Scale.HELPNETSECURITY.COM
21 JulUpdate: Chinese Hackers Breached Ambassador’s Email According to New ReportA Chinese cyber-espionage campaign revealed by Microsoft last week compromised the government email account of the US ambassador to China and other officials, a new report has claimed.INFOSECURITY-MAGAZINE.COM
21 JulPro-Russian Hacktivists Attributed to the Surge in DDoS Attacks in Q2Sophisticated DDoS attacks worldwide reached 5.4 trillion in Q2 2023. This represents a 15% increase compared to the number of attacks observed in Q1 2023. One of the factors associated with the pro-Russia hacker groups REvil, Killnet, and Anonymous Sudan targeting Western websit…CYWARE.COM
21 JulSophisticated BundleBot Malware Disguised as Google AI Chatbot and UtilitiesA new malware strain known as BundleBot has been stealthily operating under the radar by taking advantage of .NET single-file deployment techniques, enabling threat actors to capture sensitive information from compromised hosts.THEHACKERNEWS.COM
21 JulClop gang to earn over $75 million from MOVEit extortion attacksThe Clop ransomware gang is expected to earn between $75-100 million from extorting victims of their massive MOVEit data theft campaign. [...]BLEEPINGCOMPUTER.COM
21 JulCount of Organizations Breached via MOVEit Campaign Hits 40020 Million Individuals' Details Collectively Stolen, Based on 20% of Victim Reports The count of organizations affected by the Clop ransomware group's attack on MOVEit file-transfer software users continues to grow, now numbering over 400 organizations that were directly or indir…DATABREACHTODAY.CO.UK
21 JulCyber Security Today, Week in Review for Friday, July 21, 2023This episode features a discussion on an attacker forging a Microsoft authentication key for cloud access, developers including private keys in Docker containers, the continuing increase in ransomware attacks and moreCYBERSECURITYTODAY.LIBSYN.COM
21 JulFlorida Hospital Says Data Theft Attack Affects 1.2 MillionTampa General Hospital Says Incident Involved Thwarted Ransomware Encryption Attempt A Florida hospital is notifying 1.2 million patients that their information was stolen by hackers in a cybersecurity incident that spanned for nearly three weeks in May as attackers tried to encr…DATABREACHTODAY.CO.UK
21 JulThe Week in Ransomware - July 21st 2023 - Avaddon Back as NoEscapeThis edition of the Week in Ransomware covers the last two weeks of news, as we could not cover it last week, and includes quite a bit of new information, including the return of the Avaddon ransomware gang. [...]BLEEPINGCOMPUTER.COM
21 JulStolen Azure AD key offered widespread access to Microsoft cloud servicesThe Microsoft private encryption key stolen by Storm-0558 Chinese hackers provided them with access far beyond the Exchange Online and Outlook.com accounts that Redmond said were compromised, according to Wiz security researchers. [...]BLEEPINGCOMPUTER.COM
21 JulStolen Microsoft key offered widespread access to Microsoft cloud servicesThe Microsoft consumer signing key stolen by Storm-0558 Chinese hackers provided them with access far beyond the Exchange Online and Outlook.com accounts that Redmond said were compromised, according to Wiz security researchers. [...]BLEEPINGCOMPUTER.COM
21 JulFew Fortune 100 Firms List Security Pros in Their Executive RanksMany things have changed since 2018, such as the names of the companies in the Fortune 100 list. But one aspect of that vaunted list that hasn't shifted much since is that very few of these companies list any security professionals within their top executive ranks. The next time …KREBSONSECURITY.COM
21 JulSophisticated BundleBot Malware Disguised as Google AI Chatbot and UtilitiesA new malware strain known as BundleBot has been stealthily operating under the radar by taking advantage of .NET single-file deployment techniques, enabling threat actors to capture sensitive information from compromised hosts. "BundleBot is abusing the dotnet bundle (single-fil…THEHACKERNEWS.COM
🕵️ THREAT INTELLIGENCE 19[−]
21 JulShodan's API For The (Recon) Win!, (Fri, Jul 21st)Ever been on a call with a client, and had that “I need a full set of nmap results for that host in 5 seconds” moment? Like when you’re trying to scope out the size of a project (maybe a pentest project) and if you just had the list of open ports you’d have an answer other …MALWARE.NEWS
21 JulISC Stormcast For Friday, July 21st, 2023 https://isc.sans.edu/podcastdetail/8582, (Fri, Jul 21st)Article Link: https://isc.sans.edu/diary/rss/30052 1 post - 1 participant Read full topicMALWARE.NEWS
21 JulUpdate: Attacker Infrastructure Links JumpCloud Intrusion to North Korean APT ActivityAnalysis of the infrastructure linked to the JumpCloud intrusion reveals patterns consistent with previous DPRK-linked campaigns, highlighting their unique tactics and techniques.SENTINELONE.COM
21 JulTech Titans Promise Watermarks to Expose AI CreationsAmazon, Google, Meta, Microsoft, OpenAI and other tech firms have voluntary agreed to AI safeguards set by the White House. The post Tech Titans Promise Watermarks to Expose AI Creations appeared first on SecurityWeek .SECURITYWEEK.COM
21 JulGitHub Warns of North Korean Social Engineering Attacks Targeting Tech Firm EmployeesNorth Korean hackers are targeting employees at technology firms with repository invitations and malicious NPM packages. The post GitHub Warns of North Korean Social Engineering Attacks Targeting Tech Firm Employees appeared first on SecurityWeek .SECURITYWEEK.COM
21 JulVirusTotal Provides Clarifications on Data Leak Affecting Premium AccountsVirusTotal has provided clarifications on the recent data leak that resulted in the exposure of information on 5,600 of the threat analysis service’s customers. The post VirusTotal Provides Clarifications on Data Leak Affecting Premium Accounts appeared first on SecurityWeek .SECURITYWEEK.COM
21 JulIn Other News: Military Emails Leaked, Google Restricts Internet Access, Chinese SpywareWeekly cybersecurity news roundup that provides a summary of noteworthy stories that might have slipped under the radar for the week of July 17, 2023. The post In Other News: Military Emails Leaked, Google Restricts Internet Access, Chinese Spyware appeared first on SecurityWeek …SECURITYWEEK.COM
21 JulRussia Seeks 18 Years in Jail for Founder of Cybersecurity FirmA Russian prosecutor requested an 18-year prison sentence for Ilya Sachkov, founder of cybersecurity firm Group-IB. The post Russia Seeks 18 Years in Jail for Founder of Cybersecurity Firm appeared first on SecurityWeek .SECURITYWEEK.COM
21 JulGoogle Creates Red Team to Test Attacks Against AI SystemsGoogle has created a dedicated AI Red Team tasked with carrying out complex technical attacks on artificial intelligence systems. The post Google Creates Red Team to Test Attacks Against AI Systems appeared first on SecurityWeek .SECURITYWEEK.COM
21 JulMerck's Success Story: Boosting Efficiency With RPA and BotsHow Merck Used Bots to Assist With Regulatory Filings in 23 Geographies Discover how Merck, a traditional global pharma giant, achieved efficiency by embracing RPA and bots for regulatory documentation. Learn how this technology revolutionized their workflow and what it mean for …DATABREACHTODAY.CO.UK
21 JulMicrosoft Cloud Hack Exposed More than Exchange, Outlook EmailsCloud security researcher warns that stolen Microsoft signing key was more powerful and not limited to Outlook.com and Exchange Online. The post Microsoft Cloud Hack Exposed More than Exchange, Outlook Emails appeared first on SecurityWeek .SECURITYWEEK.COM
21 JulJumpCloud Hackers Likely Targeting GitHub Accounts TooTargets Include Blockchain, Crypto, Online Gambling and Cybersecurity Sectors Suspected North Korean hackers who targeted enterprise software firm JumpCloud are likely behind a social engineering campaign targeting the personal GitHub accounts of employees from major technology f…DATABREACHTODAY.CO.UK
21 JulISMG Editors: Microsoft's Move to Expand Logging AccessAlso: ISMG's Healthcare Summit and Emerging Trends, Challenges, New Tech In the latest weekly update, ISMG editors discuss key takeaways from ISMG's recent Healthcare Summit, how the healthcare sector is embracing generative AI tools, and why Microsoft just decided to give all cu…DATABREACHTODAY.CO.UK
21 Jul7 Tech Firms Pledge to White House to Make AI Safe, SecureMicrosoft, Google, Meta, Amazon Among Companies Making 'Voluntary Commitments' With both excitement and fear swirling around the opportunities and risks offered by emerging AI, seven technology companies - including Microsoft, Amazon, Google and Meta - have promised the White Hou…DATABREACHTODAY.CO.UK
21 JulFriday Squid Blogging: ChromatophoresNeat : Chromatophores are tiny color-changing cells in cephalopods. Watch them blink back and forth from purple to white on this squid’s skin in an Instagram video taken by Drew Chicone… It’s completely hypnotic to watch these tiny cells flash with color. ItR…SCHNEIER.COM
21 Jul KEVWeekly Update 357Presently sponsored by: Kolide ensures that if a device isn't secure, it can't access your apps. It's Device Trust for Okta. Watch the demo today! Sad news to wake up to today. Kevin was a friend and as I say in this week's video, probably the most well-known identity in inf…TROYHUNT.COM
21 JulAzure AD Token Forging Technique in Microsoft Attack Extends Beyond Outlook, Wiz ReportsThe recent attack against Microsoft's email infrastructure by a Chinese nation-state actor referred to as Storm-0558 is said to have a broader scope than previously thought. According to cloud security company Wiz, the inactive Microsoft account (MSA) consumer signing key used to…THEHACKERNEWS.COM
21 JulHotRat: New Variant of AsyncRAT Malware Spreading Through Pirated SoftwareA new variant of AsyncRAT malware dubbed HotRat is being distributed via free, pirated versions of popular software and utilities such as video games, image and sound editing software, and Microsoft Office. "HotRat malware equips attackers with a wide array of capabilities, such …THEHACKERNEWS.COM
21 JulISC Stormcast For Friday, July 21st, 2023 https://isc.sans.edu/podcastdetail/8582, (Fri, Jul 21st)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
🌐 CYBER THREAT LANDSCAPE 4[−]
21 JulReport: DDoS Attacks, Growing More Sophisticated, Surged in Q2Among the most serious attacks during Q2 2023, researchers noted an ACK flood DDoS attack that originated from a Mirai-variant botnet comprising about 11,000 IP addresses. The attack targeted an ISP in the U.S. and peaked at 1.4 terabits per second.CYBERSECURITYDIVE.COM
21 JulCyber Security Today, July 21, 2023 - MOVEit victim numbers climb higher, news on spyware, and moreThis episode reports on the latest news in the MOVEIt hack, spyware, attribution in the JumpCloud hack and moreCYBERSECURITYTODAY.LIBSYN.COM
21 JulAndroid SpyNote Attacks Electric and Water Public Utility Users in JapanA smishing campaign is targeting Japanese Android users by posing as a power and water infrastructure company and luring victims to a phishing website to download the SpyNote malware.MCAFEE.COM
21 JulHotRat: New Variant of AsyncRAT Malware Spreading Through Pirated SoftwareA new variant of AsyncRAT malware dubbed HotRat is being distributed via free, pirated versions of popular software and utilities such as video games, image and sound editing software, and Microsoft Office.THEHACKERNEWS.COM
📡 INFOSEC NEWS 12[−]
21 JulReport: Microsoft the Most Phished Brand in Q2 2023Microsoft, Google, and Apple were the most frequently impersonated brands in phishing attacks during Q2 2023, highlighting the need for cybersecurity measures to protect against brand phishing.HACKREAD.COM
21 JulVirusTotal apologizes for data leak affecting 5,600 customersVirusTotal apologized on Friday for leaking the information of over 5,600 customers after an employee mistakenly uploaded a CSV file containing their info to the platform last month. [...]BLEEPINGCOMPUTER.COM
21 JulReport: 67% of Daily Security Alerts Overwhelm SOC AnalystsOn average, SOC teams receive 4,484 alerts daily and spend nearly three hours a day manually triaging alerts, according to a study by Vectra AI. Security analysts are unable to deal with 67% of the daily alerts received.HELPNETSECURITY.COM
21 JulCritical API Security Gaps Found in Financial ServicesAccording to the new data presented in Salt Security's 2023 State of API Security for Financial Services and Insurance report, nearly 70% of financial services and insurance companies have encountered rollout delays due to API security issues.INFOSECURITY-MAGAZINE.COM
21 JulAmazon agrees to $25 million fine for Alexa children privacy violationsThe U.S. Justice Department and the Federal Trade Commission (FTC) announced that Amazon has agreed to pay a $25 million fine to settle alleged children's privacy laws violations related to the company's Alexa voice assistant service. [...]BLEEPINGCOMPUTER.COM
21 JulSuzuki Dealership Websites in Brazil and Bahrain Leave Credentials, Secret Tokens ExposedThe exposed data included passwords, secret tokens, and credentials, which could have been used by malicious actors to carry out attacks such as phishing campaigns and website manipulation.SECURITYAFFAIRS.COM
21 JulAmazon Agrees to $25 Million Fine for Alexa Children Privacy ViolationsThe U.S. Justice Department and the Federal Trade Commission (FTC) announced that Amazon has agreed to pay a $25 million fine to settle alleged children's privacy laws violations related to the company's Alexa voice assistant service.BLEEPINGCOMPUTER.COM
21 JulTake the First Steps Towards Better Cybersecurity With these Four GoalsEvery day, organizations across our country are impacted by cyber intrusions, many of which affect the delivery of essential services. Security professionals and business leaders alike recognize the need to protect their customers, employees, and enterprises against this threat,CISA.GOV
21 JulShodan's API For The (Recon) Win!, (Fri, Jul 21st)Ever been on a call with a client, and had that "I need a full set of nmap results for that host in 5 seconds" moment&#;x26;#;x3f;&#;x26;#;xc2;&#;x26;#;xa0; Like when you&#;x26;#…ISC.SANS.EDU
21 JulWhat happens if AI is wrong? – Week in security with Tony AnscombeResponses generated by ChatGPT about individual people could be misleading or harmful or spill their personal information. What are the takeaways for you as a ChatGPT user?WELIVESECURITY.COM
21 JulSensor Intel Series: Top CVEs in June 2023In terms of attacker interest, it was more about continuity than change in June, with many of the same old CVEs being targeted.F5.COM
21 JulSensor Intel Series: Top CVEs in June 2023In terms of attacker interest, it was more about continuity than change in June, with many of the same old CVEs being targeted.F5.COM