85Articles
9Categories
2023-07-26Date
🚨 CISA KEV 2[−]
26 Jul KEVCISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2023-37580 Zimbra Collaboration (ZCS) Cross-Site Scripting (XSS) Vulnerability These types of vulnerabilities are frequent attack vectors for malici…CISA.GOV
26 Jul KEVCISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2023-38606 Apple Multiple Products Kernel Unspecified Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber a…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 4[−]
26 JulCritical MikroTik RouterOS Vulnerability Exposes Over Half a Million Devices to HackingA severe privilege escalation issue impacting MikroTik RouterOS could be weaponized by remote malicious actors to execute arbitrary code and seize full control of vulnerable devices. Cataloged as CVE-2023-30799 (CVSS score: 9.1), the shortcoming is expected to put approximately 5…THEHACKERNEWS.COM
26 JulVMware Fixes Bug Exposing Cloud Foundry API Admin Credentials in Audit LogsTracked as CVE-2023-20891, the security flaw addressed today by Vmware would allow remote attackers with low privileges to access Cloud Foundry API admin credentials on unpatched systems in low-complexity attacks that don't require user interaction.BLEEPINGCOMPUTER.COM
26 JulSuper Admin Elevation Bug Puts 900,000 Mikrotik Devices at RiskThe critical flaw, tracked as CVE-2023-30799, allows remote attackers with an existing admin account to elevate their privileges to "super-admin" via the device's Winbox or HTTP interface.BLEEPINGCOMPUTER.COM
26 JulPreventing Web Application Access Control AbuseSUMMARY The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC), U.S. Cybersecurity and Infrastructure Security Agency (CISA), and U.S. National Security Agency (NSA) are releasing this joint Cybersecurity Advisory to warn vendors, designers, and developers o…CISA.GOV
⚠️ VULNERABILITY DISCLOSURE 16[−]
26 JulUpdate: Norway Says Ivanti Zero-Day Was Used to Hack Government IT SystemsThe Norwegian National Security Authority (NSM) has confirmed that attackers used a zero-day vulnerability in Ivanti's Endpoint Manager Mobile (EPMM) solution to breach a software platform used by 12 ministries in the country.BLEEPINGCOMPUTER.COM
26 JulCyber Security Today, July 26, 2023 - Reports on successful ransomware attacks, on stolen credentials for accessing business applications, and moreThis episode reports on the slow adoption of DMARC protection, infected packages in open source repositories and moreCYBERSECURITYTODAY.LIBSYN.COM
26 Jul KEVEU Governments Reject Requiring Manufacturers to Report Vulnerabilities to Central Cyber AgencyEuropean Union governments have pushed back on the central role initially suggested for the bloc’s cybersecurity agency, rejecting a proposal requiring manufacturers to report actively exploited vulnerabilities to the ENISA.THERECORD.MEDIA
26 JulBackdoor in TETRA Police RadiosSeems that there is a deliberate backdoor in the twenty-year-old TErrestrial Trunked RAdio (TETRA) standard used by police forces around the world. The European Telecommunications Standards Institute (ETSI), an organization that standardizes technologies across the industry, firs…SCHNEIER.COM
26 JulDecoy Dog Malware Evolves to Use New Command-and-Control and Persistence MethodsInitially discovered and disclosed in April 2023, Decoy Dog has proven to be more sophisticated than previously thought, using DNS for command-and-control (C2) and is suspected to be employed in ongoing nation-state cyberattacks.INFOSECURITY-MAGAZINE.COM
26 JulCode Execution Vulnerability Impacts 900k MikroTik DevicesOver 900,000 devices are impacted by an arbitrary code execution vulnerability in MikroTik RouterOS. The post Code Execution Vulnerability Impacts 900k MikroTik Devices appeared first on SecurityWeek .SECURITYWEEK.COM
26 JulProtect AI Raises $35M to Guard ML From Supply Chain ThreatsSeries A Funding Will Help Enterprises Spot Vulnerabilities in Open-Source Packages A startup led by former AWS and Oracle AI executives completed a Series A funding round to strengthen security around ML systems and AI applications. Seattle-based Protect AI plans to use the $35 …DATABREACHTODAY.CO.UK
26 JulCISA Releases Analysis of FY22 Risk and Vulnerability AssessmentsCISA has released an analysis and infographic detailing the findings from the 121 Risk and Vulnerability Assessments (RVAs) conducted across multiple critical infrastructure sectors in fiscal year 2022 (FY22). The analysis details a sample attack path including tactics and steps …CISA.GOV
26 JulDecoy Dog: New Breed of Malware Posing Serious Threats to Enterprise NetworksA deeper analysis of a recently discovered malware called Decoy Dog has revealed that it's a significant upgrade over the Pupy RAT, an open-source remote access trojan it's modeled on. "Decoy Dog has a full suite of powerful, previously unknown capabilities – including the abilit…THEHACKERNEWS.COM
26 JulMicrosoft Message Queuing Vulnerabilities Allow Remote Code Execution, DoS AttacksFortinet has published details on a series of critical- and high-severity vulnerabilities in the Microsoft Message Queuing service. The post Microsoft Message Queuing Vulnerabilities Allow Remote Code Execution, DoS Attacks appeared first on SecurityWeek .SECURITYWEEK.COM
26 JulSupply Chain, Open Source Pose Major Challenge to AI SystemsSupply chain compromise, open source technology, and rapid advances in artificial intelligence capabilities pose significant challenges to safeguarding AI, experts told a Senate panel Tuesday.BANKINFOSECURITY.COM
26 JulLatest MOVEit Data Breach Victim Tally: 455 Organizations23 Million Individuals' Personal Details Exposed, Notifications Collectively Show More details about victims of the Clop crime group's zero-day attacks on users of the widely used MOVEit file transfer software continue to come to light. Researchers now report that at least 455 or…DATABREACHTODAY.CO.UK
26 JulProtect AI Raises $35M to Build a Suite of AI-Defending ToolsProtect AI announced that it raised $35 million in a Series A round led by Evolution Equity Partners with participation from Salesforce Ventures, Acrew Capital, boldstart ventures, Knollwood Capital and Pelion Ventures.TECHCRUNCH.COM
26 JulWhy CrowdStrike Is Eyeing Cyber Vendor Bionic at Up to $300MBionic Is in Line for a 9-Figure Deal Just 31 Months After Emerging From Stealth A startup founded by two Israeli Defense Forces veterans and backed by the likes of Insight Partners and Cyberstarts could soon be acquired by CrowdStrike. The endpoint security firm is in advanced n…DATABREACHTODAY.CO.UK
26 JulWiz Says 62% of AWS Environments Exposed to Zenbleed ExploitationResearchers say a whopping 62 percent of AWS environments may be exposed to the newly documented AMD 'Zenbleed' information leak flaw. The post Wiz Says 62% of AWS Environments Exposed to Zenbleed Exploitation appeared first on SecurityWeek .SECURITYWEEK.COM
26 JulBreachForums - 212,156 breached accountsIn November 2022, the well-known hacking forum "BreachForums" was itself, breached. Later the following year, the operator of the website was arrested and the site seized by law enforcement agencies . The breach exposed 212k records including usernames, IP and email add…HAVEIBEENPWNED.COM
📢 SECURITY ADVISORIES 8[−]
26 JulNorwegian government ministries hit by cyber attackTwelve government ministries have been impacted by a supply chain cyber attackCSHUB.COM
26 JulFenix Cybercrime Group Poses as Tax Authorities to Target Latin American UsersTax-paying individuals in Mexico and Chile have been targeted by a Mexico-based cybercrime group that goes by the name Fenix to breach targeted networks and steal valuable data. A key hallmark of the operation entails cloning official portals of the Servicio de Administración Tri…THEHACKERNEWS.COM
26 JulFederal Privacy Bill Would Strip FCC's Role as Telecom Industry’s Privacy CopSweeping federal privacy legislation now under debate in Congress is expected to move oversight of the telecom industry’s privacy practices from the FCC to the FTC, a shift that has long been a priority for telecom companies.THERECORD.MEDIA
26 JulEx-NSA Official Harry Coker Tapped for National Cyber Director JobThe Biden administration has nominated former Navy commander Harry Coker to replace the retired Chris Inglis. The post Ex-NSA Official Harry Coker Tapped for National Cyber Director Job appeared first on SecurityWeek .SECURITYWEEK.COM
26 JulCybersecurity Performance Goals: Sector-Specific GoalsNow that the cross-sector CPGs have been published, CISA is working to develop Sector-Specific Goals (SSGs) for each of the 16 Critical Infrastructure sectors.CISA.GOV
🔥 INCIDENT REPORTING 14[−]
26 JulALPHV ransomware adds data leak API in new extortion strategyThe ALPHV ransomware gang, also referred to as BlackCat, is trying to put more pressure on their victims to pay a ransom by providing an API for their leak site to increase visibility for their attacks. [...]BLEEPINGCOMPUTER.COM
26 JulThe Alarming Rise of Infostealers: How to Detect this Silent ThreatA new study conducted by Uptycs has uncovered a stark increase in the distribution of information stealing (a.k.a. infostealer or stealer) malware. Incidents have more than doubled in Q1 2023, indicating an alarming trend that threatens global organizations. According to the new …THEHACKERNEWS.COM
26 JulALPHV Ransomware Adds Data Leak API in New Extortion StrategyThe ALPHV ransomware gang, also referred to as BlackCat, is trying to put more pressure on their victims to pay a ransom by providing an API for their leak site to increase visibility for their attacks.BLEEPINGCOMPUTER.COM
26 JulFenix Cybercrime Group Poses as Tax Authorities to Target Latin American UsersThe goal of Fenix, according to the cybersecurity firm Metabase Q, is to act as an initial access broker and get a foothold into different companies in the region, and sell the access to ransomware affiliates for further monetization.THEHACKERNEWS.COM
26 JulAverage cost of healthcare data breach reaches $11M, report findsHealthcare continues to be the most expensive industry for data breaches, beating out other sectors for the 13th year in a row, according to research conducted by the Ponemon Institute and published by IBM Security.CYBERSECURITYDIVE.COM
26 JulDozens of Organizations Targeted by Akira RansomwareThe Akira ransomware operators claim to have compromised 63 organizations since March 2023, mostly SMBs. The post Dozens of Organizations Targeted by Akira Ransomware appeared first on SecurityWeek .SECURITYWEEK.COM
26 JulNew Nitrogen malware pushed via Google Ads for ransomware attacksA new 'Nitrogen' initial access malware campaign uses Google and Bing search ads to promote fake software sites that infect unsuspecting users with Cobalt Strike and ransomware payloads. [...]BLEEPINGCOMPUTER.COM
26 JulUK Ambulance Services Disrupted by Infosec FiendsSeveral UK NHS ambulance organizations have been struggling to record patient data and pass it to other providers following a cyberattack aimed at health software company Ortivus.THEREGISTER.COM
26 JulSEC now requires companies to disclose cyberattacks in 4 daysThe U.S. Securities and Exchange Commission has adopted new rules requiring publicly traded companies to disclose cyberattacks within four business days after determining they're material incidents. [...]BLEEPINGCOMPUTER.COM
26 JulSEC Votes to Require Material Incident Disclosure in 4 DaysRules Approved in 3-2 Party Line Vote, Will Take Effect in December for Large Firms U.S. federal market regulators adopted rules Wednesday that require publicly traded companies to disclose most "material cybersecurity incidents" within four business days of determining materiali…DATABREACHTODAY.CO.UK
26 JulSoftware Vendor Attack Slows Down 2 UK Ambulance ServicesParamedics Can’t Access NHS Patient Records, Resort to Using Pen and Paper A cyberattack against a Swedish software and services vendor has reportedly severed access to digital health records for at least two National Health Service ambulance services in the United Kingdom. Param…DATABREACHTODAY.CO.UK
26 JulCardiac Monitoring Software Firm Hit With CyberattackCardioComm Says Business Operations Will Be Affected for Days or 'Longer' Toronto, Canada-based CardioComm Solutions Inc., which sells cardiac monitoring and electrocardiogram software globally, said it is dealing with a cyberattack that could affect the company's business operat…DATABREACHTODAY.CO.UK
26 JulNew IBM report reveals the cost of a data breach now tops $4.45 millionIBM Security has released its annual Cost of a Data Breach Report, revealing that the global average cost of a data breach reached $4.45 million in 2023. This marks a significant increase of 15% over the past 3 years, making it the highest recorded cost in the history of the repo…KNOWBE4.COM
26 JulFollowing claims by two ransomware groups, Yamaha confirms cyberattackYamaha Corporation, the world's largest producer of musical equipment, has confirmed that has suffered a "cybersecurity incident" during which hackers gained unauthorised access to its systems, and stole data. Read more in my article on the Hot for Security blog.BITDEFENDER.COM
🕵️ THREAT INTELLIGENCE 15[−]
26 JulISC Stormcast For Wednesday, July 26th, 2023 https://isc.sans.edu/podcastdetail/8588, (Wed, Jul 26th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
26 JulCybersecurity Public-Private Partnership: Where Do We Go Next?Sharing threat information and cooperating with other threat intelligence groups helps to strengthen customer safeguards and boosts the effectiveness of the cybersecurity sector overall.SECURITYWEEK.COM
26 JulNew AI Tool 'FraudGPT' Emerges, Tailored for Sophisticated AttacksFollowing the footsteps of WormGPT, threat actors are advertising yet another cybercrime generative artificial intelligence (AI) tool dubbed FraudGPT on various dark web marketplaces and Telegram channels. "This is an AI bot, exclusively targeted for offensive purposes, such as c…THEHACKERNEWS.COM
26 JulCISO Conversations: Field CISOs From VMware Carbon Black and NetSPISecurityWeek talks to Field CISOs, Fawaz Rasheed (VMware Carbon Black) and Nabil Hannan (NetSPI), about this emerging role. The post CISO Conversations: Field CISOs From VMware Carbon Black and NetSPI appeared first on SecurityWeek .SECURITYWEEK.COM
26 JulRussian Cybersecurity Firm Founder Jailed for 14 YearsRussia has sentenced Ilya Sachkov, co-founder of the Group-IB cybersecurity firm, to 14 years in prison on treason charges. The post Russian Cybersecurity Firm Founder Jailed for 14 Years appeared first on SecurityWeek .SECURITYWEEK.COM
26 JulNew York State Cyber Lead Warns of What States Face in Critical Infrastructure DefenseCritical infrastructure providers are under more frequent and sophisticated cyberthreats as more nation-state adversaries work with criminal hackers to target the U.S., according to Colin Ahern, chief cyber officer for New York State.CYBERSECURITYDIVE.COM
26 JulNew Realst Info-stealer Targets MacOS, Empties Crypto WalletsIn the ever-evolving information-stealer landscape, a new malware dubbed Realst has emerged. Realst is designed to target macOS systems and is capable of emptying crypto wallets and stealing stored passwords and browser data. A ttackers are using tricks to lure gamers with money,…CYWARE.COM
26 JulCyclops Emerges From Stealth With Security Search Platform Powered by Generative AICyclops emerges from stealth mode with $6.4 million in seed funding and a generative AI-powered cybersecurity search platform. The post Cyclops Emerges From Stealth With Security Search Platform Powered by Generative AI appeared first on SecurityWeek .SECURITYWEEK.COM
26 JulDutch Police Nab Suspected Genesis Market Super UserA 32-Year-Old Dutch National Is Likely Among Top 10 Genesis Market Users Dutch police arrested a suspected super user of Genesis Market, characterizing him as likely one of the busted criminal bazaar's top 10 most active buyers of stolen digital credentials and access to infected…DATABREACHTODAY.CO.UK
26 JulSmokeLoader Campaign Intensifying, Ukrainian CERT WarnsMalware Has 2nd-Highest Number of Detections Domestically in May and June Ukrainian cyber defenders said a financially motivated threat actor is intensifying efforts to entice users into installing a backdoor Trojan known as SmokeLoader. The SSSCIP said the malware had the second…DATABREACHTODAY.CO.UK
26 JulLazarus hackers linked to $60 million Alphapo cryptocurrency heistBlockchain analysts blame the North Korean Lazarus hacking group for a recent attack on payment processing platform Alphapo where the attackers stole almost $60 million in crypto. [...]BLEEPINGCOMPUTER.COM
26 JulCriminals Are Flocking to a Malicious Generative AI ToolA 12-Month Subscription to FraudGPT Costs $1,700 Cybercriminals are using an evil twin of OpenAI's generative artificial intelligence tool Chat GPT. It's called FraudGPT, it's available on criminal forums, and it can be used to write malicious code and create convincing phishing …DATABREACHTODAY.CO.UK
26 JulChatGPT's Web3 Bug Reports Are 'Nonsensical,' Immunefi SaysThe Generative AI Tool Can Write Bug Reports - Just Not Useful Ones Natural language models aren't the boon to auditing many in the Web3 community hoped that generative artificial intelligence tools would be. After a burst of optimism, the consensus now is that AI tools generate …DATABREACHTODAY.CO.UK
26 JulBarbie-Related Scams Emerge After Recent Movie ReleaseScammers are taking advantage of the popularity of the Barbie movie, according to researchers at McAfee .KNOWBE4.COM
26 Jul[Live Demo] Ridiculously Easy Security Awareness Training and PhishingOld-school awareness training does not hack it anymore. Your email filters have an average 7-10% failure rate; you need a strong human firewall as your last line of defense.KNOWBE4.COM
🌐 CYBER THREAT LANDSCAPE 5[−]
26 JulSuspicious IP Addresses Avoided by Malware Samples, (Wed, Jul 26th)Modern malware samples implement a lot of anti-debugging and anti-analysis techniques.&#;x26;#;xc2;&#;x26;#;xa0;The idea is to slow down the malware analyst&#;x26;#;39;s job&#;x26;&#…ISC.SANS.EDU
26 JulOver 400,000 Corporate Credentials Stolen by Info-Stealing MalwareThe analysis of nearly 20 million information-stealing malware logs sold on the dark web and Telegram channels revealed that they had achieved significant infiltration into business environments.BLEEPINGCOMPUTER.COM
26 JulRust-based Realst Infostealer Targeting Apple macOS Users' Cryptocurrency WalletsA new malware family called Realst has become the latest to target Apple macOS systems, with a third of the samples already designed to infect macOS 14 Sonoma, the upcoming major release of the operating system. Written in the Rust programming language, the malware is distributed…THEHACKERNEWS.COM
26 JulNew Realst macOS Malware Steals Your Cryptocurrency WalletsA new Mac malware named "Realst" is being used in a massive campaign targeting Apple computers, with some of its latest variants including support for macOS 14 Sonoma, which is still in development.BLEEPINGCOMPUTER.COM
26 JulNew Realst Mac malware, disguised as blockchain games, steals cryptocurrency walletsFake blockchain games, that are being actively promoted by cybercriminals on social media, are actually designed to infect the computers of unsuspecting Mac users with cryptocurrency-stealing malware.GRAHAMCLULEY.COM
🎙️ PODCASTS 1[−]
26 JulSmashing Security podcast #332: Nudes leak at the plastic surgery, Mali mail mix-up, and WormGPTDr 90210 finds himself in a sticky situation after his patients' plastic surgery photos AND more end up in the hands of hackers, emails to the US military end up in the wrong hands, and script kiddies salivate at the thought of Business Email Compromise powered by generative AI. …GRAHAMCLULEY.COM
📡 INFOSEC NEWS 20[−]
26 JulAustralian Government Exposed Personal Information via Security ReportThe Guardian Australia revealed yesterday that around 50 business owners and employees got more than they bargained for when they took part in the Understanding Small Business and Cyber Security study.INFOSECURITY-MAGAZINE.COM
26 JulCritical Flaws Found in Microsoft Message Queuing ServiceThree vulnerabilities have been discovered within the Microsoft Message Queuing (MSMQ) service – a proprietary messaging protocol designed to enable secure communication between applications running on separate computers.INFOSECURITY-MAGAZINE.COM
26 JulInto the tank with NitrogenThe element originally known as “foul air” stinks up computers as a new initial-access campaign exhibiting some uncommon techniquesSOPHOS.COM
26 JulFormer NSA Insider Coker is White House Pick for National Cyber DirectorPresident Joe Biden on Tuesday announced he intends to nominate Harry Coker, a former executive director of the National Security Agency, to be the country’s national cyber director.THERECORD.MEDIA
26 JulMicrosoft fixes bug that broke video recording in Windows appsMicrosoft has fixed a known issue causing video recording and playing failures in some apps on Windows 10 and Windows 11 systems. [...]BLEEPINGCOMPUTER.COM
26 JulConsumers Demand More From Businesses When It Comes to SecurityIncorporating machine learning into fraud prevention strategies is crucial for businesses to effectively identify and prevent fraud, as well as meet growing fraud risks and consumer expectations.HELPNETSECURITY.COM
26 JulCompanies are rushing into generative AI without a cohesive, secure strategyDespite mass adoption of generative AI, most companies don’t have a coordinated strategy for deploying it or know how to assess its security—exposing them to risks and disadvantages if they don’t change their approach, according to Grammarly.HELPNETSECURITY.COM
26 JulUK Government Report Finds Cybersecurity Skills Gap StagnantThe UK Government’s Cyber Security Skills in the UK Labour Market 2023 report shows a staggering 50% of all UK businesses have a basic cybersecurity skills gap, showing little improvement from the 2022 report.INFOSECURITY-MAGAZINE.COM
26 JulFraudGPT: The Villain Avatar of ChatGPTCybercriminals are using artificial intelligence tools like FraudGPT to create sophisticated phishing attacks and other malicious activities, posing a significant threat to organizations.NETENRICH.COM
26 JulNATO investigates alleged data theft by SiegedSec hackersNATO has confirmed that its IT team is investigating claims about an alleged data-theft hack on the Communities of Interest (COI) Cooperation Portal by a hacking group known as SiegedSec. [...]BLEEPINGCOMPUTER.COM
26 JulTo Execute the National Cyber Strategy, It’s Going to Take the Whole US GovernmentThe implementation plan for the national cybersecurity strategy assigns specific tasks and responsibilities to various government agencies, highlighting the need for coordination and collaboration.CYBERSECURITYDIVE.COM
26 JulWindows 10 KB5028244 update released with 19 fixes, improved securityMicrosoft has released the optional KB5028244 Preview cumulative update for Windows 10 22H2 with 19 fixes or changes, including an update to the Vulnerable Driver Blocklist to block BYOVD attacks. [...]BLEEPINGCOMPUTER.COM
26 JulRussia Sends Cybersecurity CEO to Jail for 14 YearsThe Russian government today handed down a treason conviction and 14-year prison sentence on Iyla Sachkov, the former founder and CEO of one of Russia's largest cybersecurity firms. Sachkov, 37, has been detained for nearly two years under charges that the Kremlin has kept classi…KREBSONSECURITY.COM
26 JulWindows 11 KB5028254 update fixes VPN performance issues, 27 bugsMicrosoft has released the July 2023 optional cumulative update for Windows 11, version 22H2, with fixes for 27 issues, including ones affecting VPN performance and display or audio devices. [...]BLEEPINGCOMPUTER.COM
26 JulAlmost 40% of Ubuntu users vulnerable to new privilege elevation flawsTwo Linux vulnerabilities introduced recently into the Ubuntu kernel create the potential for unprivileged local users to gain elevated privileges on a massive number of devices. [...]BLEEPINGCOMPUTER.COM
26 JulMicrosoft previews Defender for IoT firmware analysis serviceMicrosoft announced the public preview of a new Defender for IoT feature that helps analyze the firmware of embedded Linux devices like routers for security vulnerabilities and common weaknesses. [...]BLEEPINGCOMPUTER.COM
26 JulMicrosoft fixes bug that breaks video recording in Windows appsMicrosoft has fixed a known issue causing video recording and playing failures in some apps on Windows 10 and Windows 11 systems. [...]BLEEPINGCOMPUTER.COM
26 JulGathering dust and data: How robotic vacuums can spy on youMitigate the risk of data leaks with a careful review of the product and the proper settings.WELIVESECURITY.COM