🚨 CISA KEV 1[−]
1 Aug KEVThreat Actors Exploiting Ivanti EPMM VulnerabilitiesSUMMARY The Cybersecurity and Infrastructure Security Agency (CISA) and the Norwegian National Cyber Security Centre (NCSC-NO) are releasing this joint Cybersecurity Advisory (CSA) in response to active exploitation of CVE-2023-35078 and CVE-2023-35081. Advanced persistent threat…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 7[−]
1 AugCISA and International Partner NCSC-NO Release Joint Cybersecurity Advisory on Threat Actors Exploiting Ivanti EPMM VulnerabilitiesThe Cybersecurity and Infrastructure Security Agency (CISA) and the Norwegian National Cyber Security Centre (NCSC-NO) have released a joint Cybersecurity Advisory (CSA), Threat Actors Exploiting Ivanti EPMM Vulnerabilities , in response to the active exploitation of CVE-2023-350…CISA.GOV
1 AugCVE-2021-34506 Microsoft Edge (Chromium-based) Security Feature Bypass VulnerabilityAdded an FAQ. This is an information change only.MSRC.MICROSOFT.COM
1 AugCVE-2021-42307 Microsoft Edge (Chromium-based) Information Disclosure VulnerabilityUpdated one or more CVSS scores for the affected products. This is an informational change only.MSRC.MICROSOFT.COM
1 AugCVE-2021-31982 Microsoft Edge (Chromium-based) Security Feature Bypass VulnerabilityUpdated one or more CVSS scores for the affected products. This is an informational change only.MSRC.MICROSOFT.COM
1 AugCVE-2021-34475 Microsoft Edge (Chromium-based) Elevation of Privilege VulnerabilityAdded an FAQ. This is an information change only.MSRC.MICROSOFT.COM
1 AugCVE-2023-28261 Microsoft Edge (Chromium-based) Elevation of Privilege VulnerabilityUpdated one or more CVSS scores for the affected products and added an FAQ explaining the vector string settings. This is an informational change only.MSRC.MICROSOFT.COM
1 AugCVE-2022-29144 Microsoft Edge (Chromium-based) Elevation of Privilege VulnerabilityUpdated one or more CVSS scores for the affected products. This is an informational change only.MSRC.MICROSOFT.COM
⚠️ VULNERABILITY DISCLOSURE 13[−]
1 Aug136: Team XecutorTeam Xecutor was a group involved with making and selling modchips for video game systems. They often made mods that allowed the video game system to rip games or play pirated games. It was a crowd favorite in the modding scene. Until it all fell apart. The story of what happened…DARKNETDIARIES.COM
1 AugWhite House Unveils ‘Whole of Society’ Push To Expand Cybersecurity WorkforceA sweeping partnership comprising nine government agencies and over 200 nonprofits, corporations, colleges, and universities will together build an organized “whole of society” approach to expanding the cybersecurity workforce, the ONCD announced.THERECORD.MEDIA
1 AugThe Race Against Time in Ransomware AttacksDespite both the rise in threats and the high percentage of respondents whose organizations suffered recent attacks, there hasn’t been a corresponding uptick in strategic measures to shore up cyber resilience, according to BigID.HELPNETSECURITY.COM
1 AugMeta Subsidiaries Must Pay $14M Over Misleading Data Collection DisclosureFacebook's subsidiaries, including Onavo, have been ordered to pay $14 million in an Australian court case for undisclosed data collection through a now-discontinued VPN, highlighting the company's privacy issues.MALWAREBYTES.COM
1 AugRansomware Attacks Frequently Target Organizations with 51-200 EmployeesHigh-profile ransomware attacks on corporations like Kaseya, Colonial Pipeline, and MOVEit may lead to the misconception that only large organizations are targeted. However, the fact is that underestimating the risk due to focusing on large organizations may increase your vulnera…GBHACKERS.COM
1 AugHacker Conversations: Youssef Sammouda, Bug Bounty HunterSecurityWeek speaks to Youssef Sammouda about using cybersecurity research and bug bounties as a way of life and source of income. The post Hacker Conversations: Youssef Sammouda, Bug Bounty Hunter appeared first on SecurityWeek .SECURITYWEEK.COM
1 AugStremio Vulnerability Exposes Millions to AttackCyFox researchers have discovered a DLL planting/hijacking vulnerability in popular media center application Stremio, which could be exploited by attackers to execute code on the victim’s system, steal information, and more.HELPNETSECURITY.COM
1 AugHow to manage a mass password reset due to a ransomware attackResetting the passwords for thousands of people after a ransomware attack is challenging, to say the least, for any IT team. Learn more from Specops Software on why organizations are forced into mass password resets and how to make the process manageable. [...]BLEEPINGCOMPUTER.COM
1 AugSocket Scores $20M as Investors Bet on Software Supply Chain Security StartupsSan Francisco startup Socket raises $20 million as investors continue to bet on companies in the open source software security category. The post Socket Scores $20M as Investors Bet on Software Supply Chain Security Startups appeared first on SecurityWeek .SECURITYWEEK.COM
1 Aug KEVCISA issues new warning on actively exploited Ivanti MobileIron bugsThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned today of state hackers exploiting two flaws in Ivanti's Endpoint Manager Mobile (EPMM), formerly MobileIron Core. [...]BLEEPINGCOMPUTER.COM
1 AugWhy Many Organizations Are Consolidating Tool Sets With MSPsOpenText Cybersecurity Director Steven Wood on Consolidation, Skills Shortage As more organizations undergo resource and cost pressures, 86% of managed security services customers are deciding to consolidate security tools and outsource their security requirements, according to t…DATABREACHTODAY.CO.UK
1 AugFirefox fixes a flurry of flaws in the first of two releases this monthNo zero-days, but some interesting patches with their very own "teachable moments".NAKEDSECURITY.SOPHOS.COM
1 AugInvesting in a Robust Cybersecurity WorkforcePalo Alto Networks prioritizes cybersecurity awareness and education so individuals of all ages and backgrounds have the tools to stay safe online. The post Investing in a Robust Cybersecurity Workforce appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
📢 SECURITY ADVISORIES 3[−]
🔥 INCIDENT REPORTING 11[−]
1 AugEnterprises Should Layer-up Security to Avoid Legal RepercussionsImplementing a nimble incident response process and establishing repeatable procedures for investigations are crucial for reducing the impact of data breaches and minimizing legal repercussions.HELPNETSECURITY.COM
1 AugWeb Browsing is the Primary Entry Vector for Ransomware InfectionsThe attackers have been spotted rotating different URLs/hostnames to host the same ransomware or using the same URL to deliver different ransomware. Some attackers do both of these things.HELPNETSECURITY.COM
1 AugRansomware Attacks on Industrial Organizations Doubled in Past Year: ReportThe number of ransomware attacks targeting industrial organizations and infrastructure has doubled since the second quarter of 2022, according to Dragos. The post Ransomware Attacks on Industrial Organizations Doubled in Past Year: Report appeared first on SecurityWeek .SECURITYWEEK.COM
1 AugBedding Giant Tempur Sealy Takes Systems Offline Following CyberattackBedding products provider Tempur Sealy says it has shut down certain systems following a cyberattack. The post Bedding Giant Tempur Sealy Takes Systems Offline Following Cyberattack appeared first on SecurityWeek .SECURITYWEEK.COM
1 AugSpike in Ransomware Delivery via URLs, Reports Unit 42Ransomware delivered through URLs has become the leading method for distributing ransomware, accounting for over 77% of cases in 2022 - found Unit 42. This is followed by emails at 12%. Researchers observed attackers using different URLs/hostnames to host or deliver different mal…CYWARE.COM
1 AugMattress Giant Tempur Sealy Hit with Cyberattack Forcing System ShutdownThe company’s chief financial officer Bhaskar Rao reported to the U.S. Securities and Exchange Commission on Monday morning that Tempur Sealy’s operations had been hindered by a cyberattack that began on July 23.THERECORD.MEDIA
1 AugThe State of Ransomware in State and Local Government 2023New insights into how ransomware impacts this sector, including the frequency, root causes of attacks, and data recovery costs.SOPHOS.COM
1 AugRetail chain Hot Topic discloses wave of credential-stuffing attacksAmerican apparel retailer Hot Topic is notifying customers about multiple cyberattacks between February 7 and June 21 that resulted in exposing sensitive information to hackers. [...]BLEEPINGCOMPUTER.COM
1 AugHackers use new malware to breach air-gapped devices in Eastern EuropeChinese state-sponsored hackers have been targeting industrial organizations with new malware that can steal data from air-gapped systems. [...]BLEEPINGCOMPUTER.COM
1 AugHosting Provider Accused of Facilitating Nation-State HacksResearchers Allege Cloudzy Lacks Know-Your-Customer Safeguards, Operates From Iran A little-known cloud infrastructure provider called Cloudzy has been facilitating nation-state hackers, commercial spyware operations and ransomware affiliates' attacks by failing to keep a close e…DATABREACHTODAY.CO.UK
1 AugTennessee Heart Clinic Tells 170,000 of Hacking, Data BreachAttack Detected in Mid-April But Hackers Accessed, Acquired Patient Files in March A Tennessee-based cardiac care clinic is notifying more than 170,000 patients and others that hackers may have stolen their sensitive personal and medical information in a cyberattack detected in A…DATABREACHTODAY.CO.UK
🕵️ THREAT INTELLIGENCE 25[−]
1 AugISC Stormcast For Tuesday, August 1st, 2023 https://isc.sans.edu/podcastdetail/8596, (Tue, Aug 1st)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
1 AugPossible Chinese Malware in US Systems a ‘Ticking Time Bomb’: ReportChina has implanted malware in key US power and communications networks in a "ticking time bomb" that could disrupt the military in event of a conflict The post Possible Chinese Malware in US Systems a ‘Ticking Time Bomb’: Report appeared first on SecurityWeek .SECURITYWEEK.COM
1 Aug200 Canon Printer Models May Expose Wi-Fi Connection DataCanon says more than 200 inkjet printer models fail to properly erase Wi-Fi configuration settings. The post 200 Canon Printer Models May Expose Wi-Fi Connection Data appeared first on SecurityWeek .SECURITYWEEK.COM
1 AugChina's APT31 Suspected in Attacks on Air-Gapped Systems in Eastern EuropeA nation-state actor with links to China is suspected of being behind a series of attacks against industrial organizations in Eastern Europe that took place last year to siphon data stored on air-gapped systems. Cybersecurity company Kaspersky attributed the intrusions with mediu…THEHACKERNEWS.COM
1 AugResearchers Expose Space Pirates' Cyber Campaign Across Russia and SerbiaThe threat actor known as Space Pirates has been linked to attacks against at least 16 organizations in Russia and Serbia over the past year by employing novel tactics and adding new cyber weapons to its arsenal. "The cybercriminals' main goals are still espionage and theft of co…THEHACKERNEWS.COM
1 AugNew Android Malware Via WhatsApp steals Call logs, Locations, & ContactsAccording to reports, a new Android malware is circulating under the guise of a fake chat application that is being distributed through WhatsApp. This malware is discovered to belong to the APT Bahamut and has some footprints of tactics used by the DoNot APT. This malicious Andro…GBHACKERS.COM
1 AugHacking AI Resume Screening with Text in a White FontThe Washington Post is reporting on a hack to fool automatic resume sorting programs: putting text in a white font. The idea is that the programs rely primarily on simple pattern matching, and the trick is to copy a list of relevant keywords—or the published job description…SCHNEIER.COM
1 AugMeow Campaign Reaches Misconfigured Jupyter Notebook InstancesThe "Meow" campaign, targeting unsecured databases, has resurfaced, with the threat actor using misconfigured Jupyter Notebook instances to gather information and delete databases.AQUASEC.COM
1 AugA Long-Running Credential Phishing ExpeditionResearchers at Akamai describe a credential phishing campaign that’s been running since at least March 2022. Due to the volume of traffic to the phishing sites, the researchers estimate that the attackers are raking in up to $150,000 per year by selling the stolen credentials.KNOWBE4.COM
1 AugCyberheistNews Vol 13 #31 [Beware of the Barbie Scams] What You Need to Know After the Recent Movie ReleaseKNOWBE4.COM
1 AugResearchers Expose Space Pirates' Cyber Campaign Across Russia and Serbia"The cybercriminals' main goals are still espionage and theft of confidential information, but the group has expanded its interests and the geography of its attacks," Positive Technologies said in a deep dive report published last week.THEHACKERNEWS.COM
1 AugIranian Hackers Posed as Israelis in Targeted LinkedIn Phishing AttackDuring the conversation, the malicious actors would send seemingly harmless attachments, such as invitations to conferences or files related to the targets’ professional interests, such as studies or articles.HACKREAD.COM
1 AugSummary of DNS over HTTPS requests against our honeypots., (Tue, Aug 1st)Our honeypots see a lot of DNS over HTTP(s) requests against the "/dns-query" endpoint. This endpoint is used by DNS over HTTPs requests to receive queries. Queries can use different encodings. You may either see the more readable URL enc…ISC.SANS.EDU
1 AugWeaponized Excel, OneNote, or PDF Attachments Deliver New WikiLoader MalwareThe Italian organizations, including tax agencies, were targeted by a new malware downloader delivering banking Trojan. The new loader malware is presently undergoing active development, employing a diverse array of sophisticated mechanisms to evade detection effectively. This ne…GBHACKERS.COM
1 AugNile Raises $175 Million for Secure NaaS SolutionsNetwork-as-a-service (NaaS) solutions provider Nile has raised $175 million in a Series C funding round that brings the total raised by the firm to $300 million. The post Nile Raises $175 Million for Secure NaaS Solutions appeared first on SecurityWeek .SECURITYWEEK.COM
1 AugSilk Security Emerges from Stealth With $12.5 Million Seed FundingSilk Security raised $12.5 million in seed funding and is on a mission to break down the silos between security and development with an integrated ‘find and fix’ platform. The post Silk Security Emerges from Stealth With $12.5 Million Seed Funding appeared first on SecurityWeek .SECURITYWEEK.COM
1 AugSpecterOps Updates BloodHound Active Directory Mapping ToolSpecterOps announces version 5.0 of BloodHound Active Directory mapping tool with enterprise-grade deployment, usability, and UI. The post SpecterOps Updates BloodHound Active Directory Mapping Tool appeared first on SecurityWeek .SECURITYWEEK.COM
1 AugBurp Suite 2023.8 Released – What’s New!The updated Burp suite scanner has new add-on features and bug fixes that enhance the scanning process’s overall performance. Burp Suite is an integrated platform/graphical tool for performing security testing of web applications. On 27 July 2023, Portswigger released all i…GBHACKERS.COM
1 AugNearly All Modern CPUs Leak Data to New Collide+Power Side-Channel AttackA new power side-channel attack named Collide+Power can allow an attacker to obtain sensitive information and it works against nearly any modern CPU. The post Nearly All Modern CPUs Leak Data to New Collide+Power Side-Channel Attack appeared first on SecurityWeek .SECURITYWEEK.COM
1 AugIran-Run ISP ‘Cloudzy’ Caught Supporting Nation-State APTs, Cybercrime Hacking GroupsResearchers unmask an Iranian-run company providing command-and-control services to hacking groups, including state-sponsored APT actors. The post Iran-Run ISP ‘Cloudzy’ Caught Supporting Nation-State APTs, Cybercrime Hacking Groups appeared first on SecurityWeek .SECURITYWEEK.COM
1 AugThreat actors abuse Google AMP for evasive phishing attacksSecurity researchers are warning of increased phishing activity that abuses Google Accelerated Mobile Pages (AMP) to bypass email security measures and get to inboxes of enterprise employees. [...]BLEEPINGCOMPUTER.COM
1 AugForgepoint Capital Places $20M Series A Bet on Converge InsuranceForgepoint Capital makes another investment in the cyber-insurance sector with a $15 million Series A investment in Converge Insurance. The post Forgepoint Capital Places $20M Series A Bet on Converge Insurance appeared first on SecurityWeek .SECURITYWEEK.COM
1 AugWhy Security Leaders Need to Have a 'Broadness of Skills'Security Analyst Paul Watts on How the CISO's Role Is Connected to the Business Security is about more than technology, said Paul Watts, a distinguished analyst at the Information Security Forum. It's also about people and process, he said, with the ultimate goal of adding value …DATABREACHTODAY.CO.UK
1 AugBusiness-to-Business Synthetic ID Fraud Is on the RiseThomson Reuters' Dori Buckethal on How Fraudsters Have Evolved Their Modus Operandi Synthetic ID fraud has moved beyond business-to-consumers to business-to-business fraud as more bad actors are opening fraudulent commercial accounts at financial institutions, said Dori Buckethal…DATABREACHTODAY.CO.UK
1 AugMicrosoft Defender for Office 365 gets highest rating in SE Labs Enterprise Email Security Services test for Q1 2023In Q1 2023 Q1, Microsoft was once again part of an evaluation of email security platforms conducted by SE Labs. We are thrilled to announce that Microsoft Defender for Office 365 has once again received an AAA Protection Award, the highest possible that a vendor can achieve in th…MICROSOFT.COM
🌐 CYBER THREAT LANDSCAPE 8[−]
1 AugCybercriminals Renting WikiLoader to Target Italian Organizations with Banking TrojanOrganizations in Italy are the target of a new phishing campaign that leverages a new strain of malware called WikiLoader with an ultimate aim to install a banking trojan, stealer, and spyware called Ursnif (aka Gozi). "It is a sophisticated downloader with the objective of insta…THEHACKERNEWS.COM
1 AugNew WikiLoader Malware Employs Sophisticated EvasionWikiLoader is a sophisticated downloader malware that evades detection and is likely available for sale to multiple cybercriminal groups. It has been observed in multiple campaigns targeting Italian organizations.PROOFPOINT.COM
1 AugEuropean Bank Customers Targeted in SpyNote Android Trojan CampaignVarious European customers of different banks are being targeted by an Android banking trojan called SpyNote as part of an aggressive campaign detected in June and July 2023. "The spyware is distributed through email phishing or smishing campaigns and the fraudulent activities ar…THEHACKERNEWS.COM
1 AugSpyNote Android Spyware Strikes Financial Institutions Through Smishing CampaignsThe infection chain typically begins with a deceptive SMS message urging users to install a “new certified banking app,” followed by a redirect to a seemingly authentic TeamViewer app, which is used for technical remote support.INFOSECURITY-MAGAZINE.COM
1 AugCybercriminals train AI chatbots for phishing, malware attacksIn the wake of WormGPT, a ChatGPT clone trained on malware-focused data, a new generative artificial intelligence hacking tool called FraudGPT has emerged, and at least another one is under development that is allegedly based on Google's AI experiment, Bard. [...]BLEEPINGCOMPUTER.COM
1 AugHackers Steal Signal, Whatsapp User Data With Fake Android Chat AppThe Android spyware is suspected to be a variant of "Coverlm," which steals data from communication apps such as Telegram, Signal, WhatsApp, Viber, and Facebook Messenger.BLEEPINGCOMPUTER.COM
1 AugNew NodeStealer Targeting Facebook Business Accounts and Crypto WalletsCybersecurity researchers have unearthed a Python variant of a stealer malware NodeStealer that's equipped to fully take over Facebook business accounts as well as siphon cryptocurrency. Palo Alto Network Unit 42 said it detected the previously undocumented strain as part of a ca…THEHACKERNEWS.COM
1 Aug4 Generative AI Security BenefitsIt may be some time before generative AI security can autonomously mitigate cyber threats, but we’re already seeing early examples of how AI models can strengthen enterprise cybersecurity in powerful and transformative ways.TRENDMICRO.COM
📡 INFOSEC NEWS 6[−]
1 AugBe Aware of Exposure of Sensitive Data on Wi-Fi Settings for Canon Inkjet PrintersCanon warns that sensitive information on the Wi-Fi connection settings stored in the memories of home and office/large format inkjet printers may not be deleted by the usual initialization process.SECURITYAFFAIRS.COM
1 AugWhat is Data Security Posture Management (DSPM)?Data Security Posture Management is an approach to securing cloud data by ensuring that sensitive data always has the correct security posture - regardless of where it's been duplicated or moved to. So, what is DSPM? Here's a quick example: Let's say you've built an excellent sec…THEHACKERNEWS.COM
1 AugDynatrace Acquires Cloud-Native Debugging Platform RookoutObservability and security platform Dynatrace today announced that it plans to acquire Rookout, a Tel Aviv-based observability startup that focuses on helping developers troubleshoot and debug their code in production.TECHCRUNCH.COM
1 AugHow to Leverage the AWS Cost Optimization PillarExplore the Cost Optimization pillar of the AWS Well-Architected Framework and gain best practices for designing processes that make it possible to go to market and optimize costs early on.TRENDMICRO.COM
1 AugA Better Way to Secure Servers & Cloud WorkloadsWhy endpoint security falls short in the complexity of modern IT infrastructureTRENDMICRO.COM
1 AugQuantum computing: Will it break crypto security within a few years?Current cryptographic security methods watch out - quantum computing is coming for your lunch.WELIVESECURITY.COM