83Articles
8Categories
2023-07-25Date
🚨 CISA KEV 1[−]
25 Jul KEVCISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2023- 35078 Ivanti Endpoint Manager Mobile Authentication Bypass Vulnerability These types of vulnerabilities are frequent attack vectors for malici…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 8[−]
25 JulAtlassian Releases Patches for Critical Flaws in Confluence and BambooAtlassian has released updates to address three security flaws impacting its Confluence Server, Data Center, and Bamboo Data Center products that, if successfully exploited, could result in remote code execution on susceptible systems. The list of the flaws is below - CVE-2023-22…THEHACKERNEWS.COM
25 Jul KEVIvanti Releases Urgent Patch for EPMM Zero-Day Vulnerability Under Active ExploitationIvanti is warning users to update their Endpoint Manager Mobile (EPMM) mobile device management software (formerly MobileIron Core) to the latest version that fixes an actively exploited zero-day vulnerability. Dubbed CVE-2023-35078, the issue has been described as a remote unaut…THEHACKERNEWS.COM
25 Jul KEVApple Rolls Out Urgent Patches for Zero-Day Flaws Impacting iPhones, iPads and MacsApple has rolled out security updates to iOS, iPadOS, macOS, tvOS, watchOS, and Safari to address several security vulnerabilities, including one actively exploited zero-day bug in the wild. Tracked as CVE-2023-38606, the shortcoming resides in the kernel and permits a malicious …THEHACKERNEWS.COM
25 JulApple Rolls Out Urgent Patches for Zero-Day Flaws Impacting iPhones, iPads and MacsTracked as CVE-2023-38606, the shortcoming resides in the kernel and permits a malicious app to modify sensitive kernel state potentially. The company said it was addressed with improved state management.THEHACKERNEWS.COM
25 JulIvanti Zero-Day Vulnerability Exploited in Attack on Norwegian GovernmentAn Ivanti EPMM product zero-day vulnerability tracked as CVE-2023-35078 has been exploited in an attack aimed at the Norwegian government. The post Ivanti Zero-Day Vulnerability Exploited in Attack on Norwegian Government appeared first on SecurityWeek .SECURITYWEEK.COM
25 JulZenbleed: New Flaw in AMD Zen 2 Processors Puts Encryption Keys and Passwords at RiskA new security vulnerability has been discovered in AMD's Zen 2 architecture-based processors that could be exploited to extract sensitive data such as encryption keys and passwords. Discovered by Google Project Zero researcher Tavis Ormandy, the flaw – codenamed Zenbleed and tra…THEHACKERNEWS.COM
25 JulNew 'Zenbleed' Flaw in AMD Zen 2 Processors Puts Encryption Keys and Passwords at RiskDiscovered by Google Project Zero researcher Tavis Ormandy, the flaw – codenamed Zenbleed and tracked as CVE-2023-20593 (CVSS score: 6.5) – allows data exfiltration at the rate of 30 kb per core, per second.THEHACKERNEWS.COM
⚠️ VULNERABILITY DISCLOSURE 19[−]
25 JulA Vulnerability in Ivanti Endpoint Manager Mobile Could Allow for Unauthorized Access to API PathsA vulnerability has been discovered in Ivanti Endpoint Manager Mobile which could allow for unauthorized access to specific API paths. Ivanti Endpoint Manager Mobile is a mobile management software engine that enables IT to set policies for mobile devices, applications and conten…CISECURITY.ORG
25 JulNorway says Ivanti zero-day was used to hack govt IT systemsThe Norwegian National Security Authority (NSM) has confirmed that attackers used a zero-day vulnerability in Ivanti's Endpoint Manager Mobile (EPMM) solution to breach a software platform used by 12 ministries in the country. [...]BLEEPINGCOMPUTER.COM
25 JulIvanti Patches Mobileiron Zero-Day Bug Exploited in AttacksThe patches can be installed by upgrading to EPMM 11.8.1.1, 11.9.1.1, and 11.10.0.2. They also target unsupported and end-of-life software versions lower than 11.8.1.0 (e.g., 11.7.0.0, 11.5.0.0)BLEEPINGCOMPUTER.COM
25 JulTETRA:BURST — 5 New Vulnerabilities Exposed in Widely Used Radio Communication SystemA set of five security vulnerabilities have been disclosed in the Terrestrial Trunked Radio (TETRA) standard for radio communication used widely by government entities and critical infrastructure sectors, including what's believed to be an intentional backdoor that could have pot…THEHACKERNEWS.COM
25 JulAMD CPU Vulnerability ‘Zenbleed’ Can Expose Sensitive InformationAMD has released microcode patches to address Zenbleed, a vulnerability in its Zen 2 CPUs that can allow an attacker to access sensitive information. The post AMD CPU Vulnerability ‘Zenbleed’ Can Expose Sensitive Information appeared first on SecurityWeek .SECURITYWEEK.COM
25 JulApple Releases Security Updates for Multiple ProductsApple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected device. CISA encourages users and administrators to review the following advisories and apply the necessary …CISA.GOV
25 Jul KEVFive New 'TETRA:BURST' Vulnerabilities Exposed in Widely Used Radio Communication SystemThe issues, discovered by Midnight Blue in 2021 and held back until now, have been collectively called TETRA:BURST. There is no conclusive evidence to determine that the vulnerabilities have been exploited in the wild to date.THEHACKERNEWS.COM
25 JulVMware fixes bug exposing CF API admin credentials in audit logsVMware has patched an information disclosure vulnerability in VMware Tanzu Application Service for VMs (TAS for VMs) and Isolation Segment caused by credentials being logged and exposed via system audit logs. [...]BLEEPINGCOMPUTER.COM
25 JulCISA Releases Four Industrial Control Systems AdvisoriesCISA released four Industrial Control Systems (ICS) advisories on July 25, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-206-01 AXIS A1001 ICSA-23-206-02 Rockwell Automation ThinManager Thin…CISA.GOV
25 JulTETRA Radio Standard Vulnerabilities Can Expose Military Comms, Industrial SystemsTETRA:BURST - vulnerabilities in widely used radio standard could threaten military and law enforcement communications, as well as ICS. The post TETRA Radio Standard Vulnerabilities Can Expose Military Comms, Industrial Systems appeared first on SecurityWeek .SECURITYWEEK.COM
25 JulIvanti Zero-Day Used in Norway Government BreachFlaw in Ivanti Endpoint Manager Mobile Rated 10 on CVSS Scale A mobile security vendor patched a critically rated zero-day vulnerability in its endpoint management platform that had been used by unknown hackers to attack the Norwegian government. The flaw is rated 10 on the CVSS …DATABREACHTODAY.CO.UK
25 JulCloud Is an Easy Conduit for AttackersCado Security's James Campbell on How Attackers Find Gaps in Cloud Environments The rapid adoption of cloud is a double-edged sword. While it offers organizations great opportunities for embracing innovation, it also outpaces security measures, leaving gaps for attackers to explo…DATABREACHTODAY.CO.UK
25 JulManaging Legacy Medical, OT, IoT Device Risk in HealthcareWhile patient safety risks posed by unpatched security vulnerabilities in legacy medical devices often grab headlines, healthcare entities shouldn't underestimate the serious business risks involving other poorly secured IoT and OT gear used in healthcare settings, said Mohammad …DATABREACHTODAY.CO.UK
25 JulCISA warns govt agencies to patch Ivanti bug exploited in attacksThe Cybersecurity and Infrastructure Security Agency (CISA) warned U.S. federal agencies today to secure their systems against a maximum severity authentication bypass vulnerability in Ivanti's Endpoint Manager Mobile (EPMM), formerly MobileIron Core. [...]BLEEPINGCOMPUTER.COM
25 JulCritical Vulnerabilities Found in Radio Encryption SystemTETRA Algorithms Can Be Decrypted, Says Cybersecurity Firm Midnight Blue Security researchers uncovered multiple vulnerabilities in a widely used radio communication system used by law enforcement and in critical infrastructure for data transmission that could allow remote decryp…DATABREACHTODAY.CO.UK
25 JulSupply Chain, Open Source Pose Major Challenge to AI SystemsChatGPT's 'Giant Leap' Means AI Could Achieve Human-Level Intelligence in 5 Years Supply chain compromise, open source technology and rapid advances in AI capabilities pose significant challenges to safeguarding artificial intelligence systems. The "giant leap" achieved by system…DATABREACHTODAY.CO.UK
25 JulCryptojacking: Understanding and defending against cloud compute resource abuseCloud cryptojacking, a type of cyberattack that uses computing power to mine cryptocurrency, could result in financial loss to targeted organizations due to the compute fees that can be incurred from the abuse. The post Cryptojacking: Understanding and defending against cloud com…MICROSOFT.COM
25 JulBookCrossing - 1,582,323 breached accountsIn August 2022, the book social networking site BookCrossing disclosed a data breach that dated back to a database backup from November 2012 . The incident exposed almost 1.6M records including names, usernames, email and IP addresses, dates of birth and plain text passwords.HAVEIBEENPWNED.COM
25 JulDear all, What are some common subject lines in phishing emails?Scammers exploit current ongoing events, account notifications, corporate communication, and a sense of urgency.WELIVESECURITY.COM
📢 SECURITY ADVISORIES 13[−]
25 JulCasbaneiro Banking Malware Goes Under the Radar with UAC Bypass TechniqueThe financially motivated threat actors behind the Casbaneiro banking malware family have been observed making use of a User Account Control (UAC) bypass technique to gain full administrative privileges on a machine, a sign that the threat actor is evolving their tactics to avoid…THEHACKERNEWS.COM
25 JulMore US States are ramping up data privacy laws in 2023Legislation moves slowly, but in 2023 almost all five of the below regulations will take effect, making it a huge year for state data privacy acts. Learn more from Specops Software about the US privacy laws and what it means for your organization.. [...]BLEEPINGCOMPUTER.COM
25 JulHacker Claims to Have Stolen Sensitive Medical Records from Egypt's Ministry of HealthThe allegation, made on the hacker forum Popürler, was observed by cyber threat intelligence provider SOCRadar and dark web monitoring firm Falcon Feeds on July 25, 2023.INFOSECURITY-MAGAZINE.COM
25 JulHelp Your Employees Guard Against Rising AttacksGuidehouse Security Director on Solutions to Stem Social Engineering Attacks With social engineering attacks escalating, security organizations should embrace better cybersecurity awareness training to protect their organizations against insidious schemes, said Barry Coatsworth, …DATABREACHTODAY.CO.UK
🔥 INCIDENT REPORTING 12[−]
25 JulRoblox data breach exposes developer dataThe personally identifying information of attendees of the Roblox Developer Conference between 2017-2020 may have been stolenCSHUB.COM
25 JulClop Could Make $100m from MOVEit CampaignThe notorious Clop ransomware gang may earn as much as $100m from its recent data extortion campaign, after a small number of victims paid the group large sums of money, according to Coveware.INFOSECURITY-MAGAZINE.COM
25 JulLaw Firm Hack Affects Victims of an Earlier Breach AgainOrrick, Herrington & Sutcliffe on July 20 reported the data breach to several state regulators, including the attorneys general of Maine and California, as well as a HIPAA breach to the U.S. Department of Health and Human Services.BANKINFOSECURITY.COM
25 JulData Breach Costs Hit Record High but Fall For SomeThe average global cost of a data breach now stands at a record $4.45m, up a little over 2% year on year (YoY), according to IBM's 18th annual Cost of a Data Breach Report, compiled by the Ponemon Institute.INFOSECURITY-MAGAZINE.COM
25 JulGlobal Ransomware Onslaught: GRIT Discovers 14 Fresh Ransomware GroupsGuidePoint Research and Intelligence Team (GRIT) published its ransomware report for Q2 2023, which noted some shocking statistics. The report also identified a surge in the activity of Ransomware-as-a-Service (RaaS) groups throughout the quarter, attributed to the emergence of 1…CYWARE.COM
25 JulLazarus APT Hackers Hijack Microsoft IIS Servers to Spread MalwareIn the recent attacks observed by ASEC's analysts, Lazarus compromised legitimate South Korean websites to perform 'Watering Hole' attacks on visitors using a vulnerable version of the INISAFE CrossWeb EX V6 software.BLEEPINGCOMPUTER.COM
25 JulRaaS proliferation: 14 new ransomware groups target organizations worldwideIn the second quarter of 2023, GuidePoint Research and Intelligence Team (GRIT) tracked 1,177 total publicly posted ransomware victims claimed by 41 different threat groups.HELPNETSECURITY.COM
25 JulUpdate: North Korean Cyber Group Suspected in JumpCloud BreachMandiant’s investigation into the attack now revealed that the intrusions were attributed to UNC4899, a hacking group associated with the Democratic People’s Republic of Korea (DPRK).INFOSECURITY-MAGAZINE.COM
25 JulMaritime Cyberattack Database Launched by Dutch UniversityThe NHL Stenden University of Applied Sciences in the Netherlands has launched MCAD, the Maritime Cyber Attack Database. The post Maritime Cyberattack Database Launched by Dutch University appeared first on SecurityWeek .SECURITYWEEK.COM
25 JulData Breach Cost Control: Practice and Preparedness Pay OffHealthcare Sector Spends Most on Cleanup, IBM's Annual Breach Study Finds A new IBM study of data breaches found that if an organization's internal team first detects a breach and the organization has well-practiced incident response plans, that organization will be able to more …DATABREACHTODAY.CO.UK
25 JulWho and What is Behind the Malware Proxy Service SocksEscort?Researchers this month uncovered a two-year-old Linux-based remote access trojan dubbed AVrecon that enslaves Internet routers into botnet that bilks online advertisers and performs password-spraying attacks. Now new findings reveal that AVrecon is the malware engine behind a 12-…KREBSONSECURITY.COM
🕵️ THREAT INTELLIGENCE 11[−]
25 JulISC Stormcast For Tuesday, July 25th, 2023 https://isc.sans.edu/podcastdetail/8586, (Tue, Jul 25th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
25 JulNew York Using AI to Detect Subway Fare EvasionThe details are scant—the article is based on a “heavily redacted” contract—but the New York subway authority is using an “AI system” to detect people who don’t pay the subway fare. Joana Flores, an MTA spokesperson, said the AI system do…SCHNEIER.COM
25 JulThales to Buy Imperva From PE Firm Thoma Bravo for $3.6BThales-Imperva Deal Will Create a $2.66B Cyber Behemoth With Strength in Apps, Data Thales has agreed to purchase Imperva for $3.6 billion to enter the application and API security market and expand its footprint in data security. The deal will add a robust web application firewa…DATABREACHTODAY.CO.UK
25 JulThales Acquiring Imperva From Thoma Bravo for $3.6 BillionFrench aerospace, defense, and security giant Thales is acquiring cybersecurity firm Imperva from Thoma Bravo in a $3.6 billion deal. The post Thales Acquiring Imperva From Thoma Bravo for $3.6 Billion appeared first on SecurityWeek .SECURITYWEEK.COM
25 JulNorth Korean Nation-State Actors Exposed in JumpCloud Hack After OPSEC BlunderNorth Korean nation-state actors affiliated with the Reconnaissance General Bureau (RGB) have been attributed to the JumpCloud hack following an operational security (OPSEC) blunder that exposed their actual IP address. Google-owned threat intelligence firm Mandiant attributed th…THEHACKERNEWS.COM
25 JulChinese Cyberespionage Group APT31 Targets Eastern European EntitiesA China-linked group APT31 (aka Zirconium) has been linked to a cyberespionage campaign targeting industrial organizations in Eastern Europe. The attackers abused DLL hijacking vulnerabilities in cloud-based data storage systems such as Dropbox or Yandex, as well as a temporary f…CYWARE.COM
25 JulWebinar Tomorrow: Exposing Common Myths of OT CybersecurityJoin SecurityWeek and TXOne Networks for this webinar as we expose common misconceptions surrounding the security of Operational Technology (OT) and dive into the evolving threat landscape. The post Webinar Tomorrow: Exposing Common Myths of OT Cybersecurity appeared first on Sec…SECURITYWEEK.COM
25 JulHow to build stronger security teamsJayson Street of Truesec talks about security awareness training and building a foundation of cybersecurity. The post How to build stronger security teams appeared first on Microsoft Security Blog .MICROSOFT.COM
25 JulHow to write a killer pentest reportGraham Cluley Security News is sponsored this week by the folks at PlexTrac. Thanks to the great team there for their support! Reports are the critical deliverables that make pentest results actionable, but do they have to be so painful to prepare? Not anymore. Check out our guid…GRAHAMCLULEY.COM
25 JulPalo Alto Networks Secures Black Hat from ItselfAs a trusted partner, Palo Alto Networks is providing three functions within the NOC/SOC at this year’s Black Hat USA. The post Palo Alto Networks Secures Black Hat from Itself appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
25 JulHacking police radios: 30-year-old crypto flaws in the spotlightsubmitted by mwguy to securitynews 29 points | 0 comments https://infosec.pub/pictrs/image/949c1f45-310c-4652-8ed2-601fe48139ae.jpeg If you’d been quietly chasing down cryptographic bugs in a proprietary police radio system since 2021, but you’d had to wait until the second half …INFOSEC.PUB
🌐 CYBER THREAT LANDSCAPE 6[−]
25 JulmacOS Under Attack: Examining the Growing Threat and User PerspectivesAs the number of people using macOS keeps going up, so does the desire of hackers to take advantage of flaws in Apple's operating system. What Are the Rising Threats to macOS? There is a common misconception among macOS fans that Apple devices are immune to hacking and malware in…THEHACKERNEWS.COM
25 JulOver 400,000 corporate credentials stolen by info-stealing malwareThe analysis of nearly 20 million information-stealing malware logs sold on the dark web and Telegram channels revealed that they had achieved significant infiltration into business environments. [...]BLEEPINGCOMPUTER.COM
25 JulMysterious Decoy Dog malware toolkit still lurks in DNS shadowsNew details have emerged about Decoy Dog, a largely undetected sophisticated toolkit likely used for at least a year in cyber intelligence operations, relying on the domain name system (DNS) for command and control activity. [...]BLEEPINGCOMPUTER.COM
25 JulCasbaneiro Banking Malware Goes Under the Radar with UAC Bypass Technique"They are still heavily focused on Latin American financial institutions, but the changes in their techniques represent a significant risk to multi-regional financial organizations as well," Sygnia said in a statement shared with The Hacker News.THEHACKERNEWS.COM
25 JulRealst info-stealing malware targets macOS cryptocurrency usersA new Mac malware named "Realst" is being used in a massive campaign targeting Apple computers, with some of its latest variants including support for macOS 14 Sonoma, which is still in development. [...]BLEEPINGCOMPUTER.COM
25 JulNew Realst macOS malware steals your cryptocurrency walletsA new Mac malware named "Realst" is being used in a massive campaign targeting Apple computers, with some of its latest variants including support for macOS 14 Sonoma, which is still in development. [...]BLEEPINGCOMPUTER.COM
📡 INFOSEC NEWS 13[−]
25 JulOnetrust Hauls in Another $150 Million on a $4.5 Billion Down Round ValuationThe round was led by Generation Investment Management, which is former vice president Al Gore’s firm, with participation from existing investor Sands Capital. OneTrust CEO Kabir Barday says that the company has been executing since its last round.TECHCRUNCH.COM
25 JulLos Angeles SIM Swapper Pleads Guilty to Cybercrime ChargesBetween April 2019 and February 2023, the man, Amir Hossein Golshan, 24, engaged in account takeovers, Zelle payment fraud, and Apple support impersonation, causing roughly $740,000 in losses to his victims.SECURITYWEEK.COM
25 JulHow MDR Helps Solve the Cybersecurity Talent GapHow do you overcome today's talent gap in cybersecurity? This is a crucial issue — particularly when you find executive leadership or the board asking pointed questions about your security team's ability to defend the organization against new and current threats. This is why many…THEHACKERNEWS.COM
25 JulGoogle Messages Getting Cross-Platform End-to-End Encryption with MLS ProtocolMLS, as the name implies, is a security layer for end-to-end encryption that facilitates interoperability across messaging services and platforms. It was approved for publication as a standard by IETF in March 2023.THEHACKERNEWS.COM
25 JulThales Acquiring Imperva From Thoma Bravo for $3.6 BillionThales will buy Imperva for an enterprise value of $3.6 billion ($3.7 billion gross value minus $0.1 billion tax benefits). The transaction is expected to close by the beginning of 2024.SECURITYWEEK.COM
25 JulIntroducing Sophos MDR for Microsoft DefenderStrengthen Microsoft Defender with 24/7 human-led threat detection and response from the world’s most trusted MDR service provider.SOPHOS.COM
25 JulMicrosoft shares temp fix for Outlook Desktop slow saving bugMicrosoft is investigating a known issue causing Microsoft 365 customers to experience significant delays when saving attachments in Outlook Desktop to a network share. [...]BLEEPINGCOMPUTER.COM
25 JulSpyhide Stalkerware is Spying on Tens of Thousands of PhonesSpyhide is secretly collecting private data from tens of thousands of Android devices worldwide. The app is often installed on a victim's phone by someone who knows their passcode, and it remains hidden on the home screen.TECHCRUNCH.COM
25 JulGoogle Chrome to offer 'Link Previews' when hovering over linksGoogle is set to improve Chrome by introducing a new "Link Preview" feature. This feature, currently in development for desktop use, could significantly change how users interact with web content. [...]BLEEPINGCOMPUTER.COM
25 JulSuper Admin elevation bug puts 900,000 MikroTik devices at riskA critical severity 'Super Admin' privilege elevation flaw puts over 900,000 MikroTik RouterOS routers at risk, potentially enabling attackers to take full control over a device and remain undetected. [...]BLEEPINGCOMPUTER.COM
25 JulHow to Leverage AWS Performance Efficiency PillarExplore the Performance Efficiency pillar of the AWS Well-Architected Framework and discover how to create performance efficiency in the compute, storage, database, and network elements of cloud infrastructures.TRENDMICRO.COM
25 Jul4 Cybersecurity Budget Management TipsLearn how CISOs and security leaders can strategically manage their cybersecurity budget to run more productive security teams amid a recession and skills shortage.TRENDMICRO.COM