84Articles
9Categories
2023-08-02Date
🚨 CISA KEV 1[−]
2 Aug KEV2022 Top Routinely Exploited VulnerabilitiesSUMMARY The following cybersecurity agencies coauthored this joint Cybersecurity Advisory (CSA): United States: The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Federal Bureau of Investigation (FBI) Australia: Australian Signals Dir…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 4[−]
2 AugIvanti Zero-Day Exploited by APT Since at Least April in Norwegian Government AttackThe recently patched Ivanti EPMM zero-day CVE-2023-35078 has been exploited to hack the Norwegian government since at least April 2023. The post Ivanti Zero-Day Exploited by APT Since at Least April in Norwegian Government Attack appeared first on SecurityWeek .SECURITYWEEK.COM
2 AugCISA Published a Warning About Ivanti EPMM Zero-day VulnerabilitiesThe United States Director of the Cybersecurity and Infrastructure Security Agency (CISA) released a warning on Friday about the active exploitation of Ivanti EPMM (formerly MobileIron Core) Vulnerabilities. CVE-2023-35078 is a critical vulnerability affecting Ivanti Endpoint Man…GBHACKERS.COM
2 AugFirefox Fixes a Flurry of Flaws in the First of Two Releases This MonthMozilla has released a new version of Firefox, marking the first of two upgrades for the month. The patched flaws are tracked as CVE-2023-4045, CVE-2023-4047, CVE-2023-4048, CVE-2023-4050, CVE-2023-4051, CVE-2023-4057, and CVE-2023-4058.NAKEDSECURITY.SOPHOS.COM
2 AugOver 640 Citrix servers backdoored with web shells in ongoing attacksHundreds of Citrix Netscaler ADC and Gateway servers have already been breached and backdoored in a series of attacks targeting a critical remote code execution (RCE) vulnerability tracked as CVE-2023-3519. [...]BLEEPINGCOMPUTER.COM
⚠️ VULNERABILITY DISCLOSURE 22[−]
2 AugNorwegian Entities Targeted in Ongoing Attacks Exploiting Ivanti EPMM VulnerabilityAdvanced persistent threat (APT) actors exploited a recently disclosed critical flaw impacting Ivanti Endpoint Manager Mobile (EPMM) as a zero-day since at least April 2023 in attacks directed against Norwegian entities, including a government network. The disclosure comes as par…THEHACKERNEWS.COM
2 AugCISA and NCSC-NO Release Joint Cybersecurity Advisory on Threat Actors Exploiting Ivanti EPMM VulnerabilitiesCISA and NCSC-NO recommend administrators use the CISA developed nuclei templates to determine if their system has these vulnerabilities and use the NCSC-NO developed checklist to identify signs of compromise.CISA.GOV
2 AugSocket Lands $20M Investment to Help Companies Secure Open Source SoftwareThe round was led by Andreessen Horowitz (a16z), along with participation from Abstract Ventures, Wndrco, Unusual Ventures, and a high-profile list of angel investors, including the co-founders of Box, Figma, Okta, Vercel, and Eventbrite.SG.NEWS.YAHOO.COM
2 AugNew Collide+Power Exploit Let Attacker Steal Sensitive Data From All Modern CPUsThe build and shared components on the CPUs are exploited by a method called Collide+Power. This attack vector does not target specific programs but the hardware itself. Advanced software-based power side channels echoed the discovery of Meltdown and Spectre vulnerability, which …GBHACKERS.COM
2 AugResearchers Uncover AWS SSM Agent Misuse as a Covert Remote Access TrojanCybersecurity researchers have discovered a new post-exploitation technique in Amazon Web Services (AWS) that allows the AWS Systems Manager Agent (SSM Agent) to be run as a remote access trojan on Windows and Linux environments "The SSM agent, a legitimate tool used by admins to…THEHACKERNEWS.COM
2 AugFirefox 116 Patches High-Severity VulnerabilitiesFirefox 116 was released with patches for 14 CVEs, including nine high-severity vulnerabilities, some of which can lead to remote code execution or sandbox escapes. The post Firefox 116 Patches High-Severity Vulnerabilities appeared first on SecurityWeek .SECURITYWEEK.COM
2 AugHackers exploited Salesforce zero-day in Facebook phishing attackHackers exploited a zero-day vulnerability in Salesforce's email services and SMTP servers to launch a sophisticated phishing campaign targeting valuable Facebook accounts. [...]BLEEPINGCOMPUTER.COM
2 AugCyberattack on Montclair Township Led to $450K SettlementThe Garden State Joint Insurance Fund made the deal as law enforcement began investigations into possible criminal charges, Joseph Hartnett, interim township manager, said Thursday.MONTCLAIRLOCAL.NEWS
2 AugIndustrial Control Systems Vulnerabilities Soar: Over One-Third Unpatched in 2023About 34% of security vulnerabilities impacting industrial control systems (ICSs) that were reported in the first half of 2023 have no patch or remediation, registering a significant increase from 13% the previous year. According to data compiled by SynSaber, a total of 670 ICS p…THEHACKERNEWS.COM
2 AugPhishers Exploit Salesforce's Email Services Zero-Day in Targeted Facebook CampaignA sophisticated Facebook phishing campaign has been observed exploiting a zero-day flaw in Salesforce's email services, allowing threat actors to craft targeted phishing messages using the company's domain and infrastructure. "Those phishing campaigns cleverly evade conventional …THEHACKERNEWS.COM
2 Aug KEVBeware! Hacker-Sold macOS HVNC Tool Allows Complete TakeoverThreat actors targeting macOS have increased lately as there were several cases of macOS information stealer malware found in the past, and many are being currently exploited in the wild. According to reports, there was a new macOS malware found that is capable of taking over the…GBHACKERS.COM
2 AugMozilla Releases Security Updates for Firefox and Firefox ESRMozilla has released security updates to address vulnerabilities for Firefox 116, Firefox ESR 115.1, and Firefox ESR 102.14. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Mozilla’s…CISA.GOV
2 AugNile, Which Offers Enterprise Networks as a Service, Raises $175MNile, a networking-as-a-service (NaaS) provider founded by former Cisco executive Pankaj Patel, has raised $175 million in a Series C funding round. The funding will be used for go-to-market growth and expanding the company's workforce.TECHCRUNCH.COM
2 AugAmazon's AWS SSM agent can be used as post-exploitation RAT malwareResearchers have discovered a new post-exploitation technique in Amazon Web Services (AWS) that allows hackers to use the platform's System Manager (SSM) agent as an undetectable Remote Access Trojan (RAT). [...]BLEEPINGCOMPUTER.COM
2 AugMillions Stolen From Crypto Platforms Through Exploited ‘Vyper’ VulnerabilityMillions of dollars worth of cryptocurrency were stolen from several platforms over the weekend after hackers exploited a vulnerability in a programming language used widely in the cryptocurrency world.THERECORD.MEDIA
2 AugResearchers Uncover AWS SSM Agent Misuse as a Covert Remote Access TrojanCybersecurity researchers have discovered a new post-exploitation technique in Amazon Web Services (AWS) that allows the AWS Systems Manager Agent (SSM Agent) to be run as a remote access trojan on Windows and Linux environments.THEHACKERNEWS.COM
2 AugExpel: Firms Still Threatened by Old VulnerabilitiesSolution Architecture Director Andrew Hoyt Shares Expel's Q1 2023 Threat Report According to Expel's Q1 2023 Quarterly Threat Report, criminals are exploiting 1- to 2-year-old vulnerabilities. This suggests organizations don’t know which vulnerabilities pose the biggest threats t…DATABREACHTODAY.CO.UK
2 AugTenable CEO Slams Microsoft for Failing to Quickly Patch BugAmit Yoran Says Microsoft Left Critical Azure Vulnerability Unpatched for 4 Months Tenable CEO Amit Yoran once again accused Microsoft of irresponsible security practices, this time for letting a critical Azure vulnerability stay unpatched for four months. Tenable told Microsoft …DATABREACHTODAY.CO.UK
2 AugIvanti discloses new critical auth bypass bug in MobileIron CoreIT software company Ivanti disclosed today a new critical security vulnerability in its MobileIron Core mobile device management software. [...]BLEEPINGCOMPUTER.COM
2 AugIvanti Norway Hacks Began in April, Says US CISAMobile Device Management Are 'Attractive Targets,' Warns Joint Advisory With Norway A hacking campaign that exploited Ivanti mobile device manager to target the Norwegian government began in April and possible earlier, say cybersecurity agencies from the U.S. and Norway. Mobile d…DATABREACHTODAY.CO.UK
2 AugPerformance and security clash yet again in “Collide+Power” attackIt's a real vulnerability, but the data leakage rate can be as low as... let's just say that an IMAX-quality copy of the new "Oppenheimer" movie could take you 4 billion years to exfiltrate.NAKEDSECURITY.SOPHOS.COM
2 Aug“PhishForce” — Vulnerability Uncovered in Salesforce’s Email Services Exploited for Phishing Facebook Accounts In-The-Wildsubmitted by IllNess to securitynews 9 points | 1 comments https://labs.guard.io/phishforce-vulnerability-uncovered-in-salesforces-email-services-exploited-for-phishing-32024ad4b5faLABS.GUARD.IO
📋 SECURITY BULLETINS 1[−]
2 AugCloud Tech Debt Puts Millions of Apps at Risk, Says New ReportAccording to new data by Qualys, over 60 million applications reached the end of support and end of life during the research period. Critical categories, such as databases, web servers, and security software, now lack security updates.INFOSECURITY-MAGAZINE.COM
📢 SECURITY ADVISORIES 7[−]
2 AugCyber Security Today, August 2, 2023 - A valuable report from the CISAThis episode reports on lessons from an analysis by the U.S. Cybersecurity and Infrastructure Security Agency (CISA) on 121 assessments it did on security incidents last yearCYBERSECURITYTODAY.LIBSYN.COM
2 AugUK Military Embraces Security by DesignThe UK’s Ministry of Defence (MoD) has launched its Secure by Design initiative, which is to transform how cybersecurity is built into its systems and capabilities both internally and across its supply chain.INFOSECURITY-MAGAZINE.COM
2 AugPossible Chinese Malware in US Systems a ‘Ticking Time Bomb’: ReportThe Biden administration believes China has implanted malware in key US power and communications networks in a “ticking time bomb” that could disrupt the military in event of a conflict, The New York Times reported Saturday.SECURITYWEEK.COM
2 AugKnowBe4 Chooses Drata as Their Exclusive GRC PartnerDrata is KnowBe4’s preferred compliance automation platform for KnowBe4 customers. KNOWBE4.COM
🔥 INCIDENT REPORTING 14[−]
2 AugData Breach Reported in Arizona’s School Voucher ProgramArizona's Empowerment Scholarship Account program experienced a data breach where personal information of students, including names and disability categories, was viewable on the program's financial vendor's website.FOX10PHOENIX.COM
2 AugHot Topic hit by wave of cyber attacksThose in retail chain’s rewards programme may have had their personal data stolen in the cyber attacksCSHUB.COM
2 AugNew SEC Rules around Cybersecurity Incident DisclosuresThe US Securities and Exchange Commission adopted final rules around the disclosure of cybersecurity incidents. There are two basic rules: Public companies must “disclose any cybersecurity incident they determine to be material” within four days, with potential delays…SCHNEIER.COM
2 AugChattanooga Heart Institute Notifies 170,000 of Hacking, Data BreachIn a report filed to Maine's attorney general on Friday, The Chattanooga Heart Institute said that on April 17 it saw indications of a cyberattack on its IT network. The incident affected 170,450 individuals in total, including five Maine residents.BANKINFOSECURITY.COM
2 AugStudy Downplays Cyber Insurance as Incentive to Pay RansomFears that cyber insurance coverage drives companies into paying ransomware demands more easily than otherwise appear unfounded, concludes a British think tank study that suggests insurers should do more to enact corporate discipline.BANKINFOSECURITY.COM
2 AugKazakhstan Refuses to Extradite Detained Russian Cyber Expert to UsAt the same time, a Moscow court also issued an arrest warrant for Kislitsin, charging him with unauthorized access to protected computer information. Russia said it will also seek his extradition from Kazakhstan.THERECORD.MEDIA
2 AugBad Actor Uses Fake Android Chat to Install MalwareResearchers at CYFIRMA warn that the Bahamut threat actor is using a malicious Android app to deliver malware.KNOWBE4.COM
2 AugCloudzy With a Chance of Global CybercrimeHalcyon Research uncovers C2P entities enabling ransomware attacks, identifies new affiliates, and links them to the ISP Cloudzy, facilitating anonymous RDP VPS services with cryptocurrencies. Experts confidently concluded that Cloudzy is highly likely to be a front for abrNOC, t…CYWARE.COM
2 AugRetail Chain Hot Topic Discloses Wave of Credential-Stuffing AttacksIn a data breach notification today, the company explained that hackers used stolen account credentials and accessed the Rewards platform multiple times, potentially stealing customer data, too.BLEEPINGCOMPUTER.COM
2 AugPrivacy Watchdog Slams Sharing of Patient Data Via WhatsAppShadow IT Incident: Health Staff Shared Images and Video Using Unauthorized Tool Shadow IT strikes again: Britain's privacy watchdog has reprimanded the NHS Lanarkshire health board in Scotland after finding its staff used WhatsApp for the unauthorized sharing of patient data and…DATABREACHTODAY.CO.UK
2 AugSlack down: Outage causing connection errors, blurry imagesSlack is investigating an ongoing incident preventing users from accessing the instant messaging platform and making shared images blurry for those already logged in. [...]BLEEPINGCOMPUTER.COM
2 AugThe Urgent Need For Cyber Resilience in HealthcareA US hospital closed two years after a ransomware incident , highlighting that the health sector continues to be under threat.KNOWBE4.COM
2 AugClass Action Attorneys Circling Major Healthcare BreachesDespite Scant Details on Hacks, Law Firms Poised to Pounce on Norton, Fairfax Oral Public details have been scant so far from two medical care providers about recent major hacks that compromised the personal information of an unconfirmed number of patients. But that hasn't stoppe…DATABREACHTODAY.CO.UK
2 AugMagicDuel - 138,443 breached accountsIn August 2023, the MagicDuel Adventure website suffered a data breach that exposed 138k user records . The data included player names, email and IP addresses and bcrypt password hashes.HAVEIBEENPWNED.COM
🕵️ THREAT INTELLIGENCE 18[−]
2 AugISC Stormcast For Wednesday, August 2nd, 2023 https://isc.sans.edu/podcastdetail/8598, (Wed, Aug 2nd)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
2 AugIranian Company Cloudzy Accused of Aiding Cybercriminals and Nation-State HackersServices offered by an obscure Iranian company known as Cloudzy are being leveraged by multiple threat actors, including cybercrime groups and nation-state crews. "Although Cloudzy is incorporated in the United States, it almost certainly operates out of Tehran, Iran – in possibl…THEHACKERNEWS.COM
2 AugNew Infostealer Uncovered in Phishing Scam Targeting Facebook Business AccountsThis novel campaign, believed to be perpetrated by a threat actor of Vietnamese origin, is part of a growing trend of attackers targeting Facebook business accounts for advertising fraud and other purposes in the past year.INFOSECURITY-MAGAZINE.COM
2 AugThreat Actors Abuse Google AMP for Evasive Phishing AttacksThe idea behind using Google AMP URLs embedded in phishing emails is to make sure that email protection technology does not flag messages as malicious or suspicious due to Google’s good reputation.BLEEPINGCOMPUTER.COM
2 AugUS Internet Hosting Company Appears to Facilitate Global Cybercrime, Researchers SayA little-known American internet hosting company appears to be partially enabling a “wide range” of cybercrime, nation-state hackers and a sanctioned spyware vendor, researchers alleged Tuesday.CYBERSCOOP.COM
2 AugNewly Discovered WikiLoader Malware Used to Install Ursnif TrojanProofpoint discovered a new malware WikiLoader, a sophisticated malware downloader that targets Italian organizations to drop Ursnif trojan. It uses multiple evasion techniques to make detection and analysis difficult. Organizations and network defenders must leverage IOCs relate…CYWARE.COM
2 AugTop Industries Significantly Impacted by Illicit Telegram NetworksIn recent years the rise of illicit activities conducted within online messaging platforms has become a growing concern for countless industries. One of the most notable platforms that has been host to many malicious actors and nefarious activities has been Telegram. Thanks to it…THEHACKERNEWS.COM
2 AugGoogle AMP Abused in Phishing Attacks Aimed at Enterprise UsersThreat actors are using Google AMP URLs in phishing campaigns as a new detection evasion tactic. The post Google AMP Abused in Phishing Attacks Aimed at Enterprise Users appeared first on SecurityWeek .SECURITYWEEK.COM
2 AugRussian Cyber Adversary BlueCharlie Alters Infrastructure in Response to DisclosuresA Russa-nexus adversary has been linked to 94 new domains, suggesting that the group is actively modifying its infrastructure in response to public disclosures about its activities. Cybersecurity firm Recorded Future linked the new infrastructure to a threat actor it tracks under…THEHACKERNEWS.COM
2 AugNew hVNC macOS Malware Advertised on Hacker ForumA new macOS-targeting hVNC malware family is being advertised on a prominent cybercrime forum. The post New hVNC macOS Malware Advertised on Hacker Forum appeared first on SecurityWeek .SECURITYWEEK.COM
2 AugCyble Raises $24 Million for AI-Powered Threat Intelligence PlatformThreat intelligence firm Cyble has raised $24 million in a Series B funding round co-led by Blackbird Ventures and King River Capital. The post Cyble Raises $24 Million for AI-Powered Threat Intelligence Platform appeared first on SecurityWeek .SECURITYWEEK.COM
2 AugUsers of Facebook for Business are the Target of a New Phishing AttackAn unreported phishing campaign that disseminated a Python version of the NodeStealer has been found. NodeStealer gave threat actors the ability to steal browser cookies and use them to hijack users’ accounts on the platform, with a focus on business accounts. The malw…GBHACKERS.COM
2 AugResearchers Uncovered a New Flaw in ChatGPT to Turn Them EvilLLMs are commonly trained on vast internet text data, often containing offensive content. To mitigate this, developers use “alignment” methods via finetuning to prevent harmful or objectionable responses in recent LLMs. ChatGPT and AI siblings were fine-tuned to avoid…GBHACKERS.COM
2 AugShield and Visibility Solutions Target Phishing From Inside the BrowserMenlo Security introduced anti-phishing solutions that analyze what users see on a landing page rather than just analyzing the content of an email. The post Shield and Visibility Solutions Target Phishing From Inside the Browser appeared first on SecurityWeek .SECURITYWEEK.COM
2 AugMalware Campaign Targets Eastern European Air-Gapped SystemsKaspersky Identifies Campign From Beijing-aligned APT31 Threat Actor A multi-stage malware campaign is targeting industrial organizations in Eastern Europe with the objective of pilfering valuable intellectual property, including data from air-gapped systems. Researchers at Kaspe…DATABREACHTODAY.CO.UK
2 AugRussian hackers target govt orgs in Microsoft Teams phishing attacksMicrosoft says a hacking group tracked as APT29 and linked to Russia's Foreign Intelligence Service (SVR) targeted dozens of organizations worldwide, including government agencies, in Microsoft Teams phishing attacks. [...]BLEEPINGCOMPUTER.COM
2 AugMicrosoft Catches Russian Government Hackers Phishing with Teams Chat AppMicrosoft says a Russian government-linked hacking group is using its Microsoft Teams chat app to phish for credentials at targeted organizations. The post Microsoft Catches Russian Government Hackers Phishing with Teams Chat App appeared first on SecurityWeek .SECURITYWEEK.COM
2 AugMidnight Blizzard conducts targeted social engineering over Microsoft TeamsMicrosoft Threat Intelligence has identified highly targeted social engineering attacks using credential theft phishing lures sent as Microsoft Teams chats by the threat actor that Microsoft tracks as Midnight Blizzard (previously tracked as NOBELIUM). The post Midnight Blizzard …MICROSOFT.COM
🌐 CYBER THREAT LANDSCAPE 1[−]
2 AugOT/IoT Malware Surges Tenfold in First Half of the YearMalware-related cyber-threats in operational technology (OT) and Internet of Things (IoT) environments jumped tenfold year-on-year in the first six months of 2023, according to Nozomi Networks.INFOSECURITY-MAGAZINE.COM
📡 INFOSEC NEWS 16[−]
2 AugUK: NHS Staff Reprimanded for WhatsApp Data SharingSome 26 staff at NHS Lanarkshire accessed the WhatsApp group between April 2020 and April 2022, entering sensitive patient data including names, phone numbers, addresses, images, videos, screenshots, and clinical information, according to the UK ICO.INFOSECURITY-MAGAZINE.COM
2 AugMeow Attack Campaign Evolves to Target Jupyter NotebooksAquasec researchers have discovered cybercriminals targeting unsecured Jupyter notebooks in the new Meow attack campaign, which is currently affecting hundreds of publicly accessible databases online. These criminals have wiped out data from over 4,000 databases, including Cassan…CYWARE.COM
2 AugForgepoint Capital Places $15M Series A Bet on Converge Insurance“This funding will enable us to expand our outreach and grow our bench of in-house experts while accelerating the availability of the Converge platform worldwide,” the newly appointed CEO, Tom Kang, said.SECURITYWEEK.COM
2 AugSilk Security Emerges from Stealth With $12.5 Million Seed FundingThe seed funding round for the New York-based company was led by Insight Partners and Hetz Ventures, with the CrowdStrike Falcon Fund and angel investors including Shlomo Kramer, Mickey Boodaei, and Rakesh Loonkar also participating.SECURITYWEEK.COM
2 AugSha zhu pan scam uses AI chat tool to target iPhone and Android usersCryptoRom” fake crypto-trading mobile apps pushed through AI-assisted romance scam, using ChatGPT to lure targets.SOPHOS.COM
2 AugNearly All Modern CPUs Leak Data to New Collide+Power Side-Channel AttackThe research was conducted by a group of eight researchers representing the Graz University of Technology in Austria and the CISPA Helmholtz Center for Information Security in Germany.SECURITYWEEK.COM
2 AugWhy Every Security Practitioner Should Attend mWISEWhat's in store for mWISE 2023? 80+ curated sessions. 90+ hand-picked speakers. 7 session tracks. It's taking place September 18-20, 2023 in Washington, DC. Register now and get $300 off a full conference pass, which includes access to all the sessions, evening receptions, and ev…BLEEPINGCOMPUTER.COM
2 AugLawsuit Alleges Bytedance’s Capcut App Secretly Reaps Massive Amounts of User DataCapCut and sister company TikTok are owned by the Chinese company ByteDance Ltd., which has long been under scrutiny by American officials concerned with how it collects and leverages American users’ personal data, allegedly including biometric data.THERECORD.MEDIA
2 AugThe Most Important Part of the Internet You’ve Probably Never Heard OfFew people realize how much they depend on the Border Gateway Protocol (BGP) every day—a set of technical rules responsible for routing data efficiently.CISA.GOV
2 AugThe Gap in Users’ Identity Security Knowledge Gives Cybercriminals an OpeningWith exponential growth in the number of human and machine actors on the network and more sophisticated technology in more places, identity in this new era is rapidly becoming a super-human problem, according to RSA.HELPNETSECURITY.COM
2 AugNew Collide+Power side-channel attack impacts almost all CPUsA new software-based power side-channel attack called 'Collide+Power' was discovered, impacting almost all CPUs and potentially allowing data to leak. However, the researchers warn that the flaw is low-risk and will likely not be used in attacks on end users. [...]BLEEPINGCOMPUTER.COM
2 AugFake FlipperZero sites promise free devices after completing offerA site impersonating Flipper Devices promises a free Flipper Zero after completing an offer but only leads to shady browser extensions and scam sites. [...]BLEEPINGCOMPUTER.COM
2 AugTech Consolidation – How and When?Streamlining IT for business optimal business performanceTRENDMICRO.COM
2 AugHow to set up privacy and security in Threads | Kaspersky official blogWe explain how to use Threads settings to improve the privacy and security of your profile on the social network.KASPERSKY.COM
2 AugThe grand theft of Jake Moore’s voice: The concept of a virtual kidnapWith powerful AI, it doesn’t take much to fake a person virtually, and while there are some limitations, voice-cloning can have some dangerous consequences.WELIVESECURITY.COM