🐛 COMMON VULNERABILITIES AND EXPOSURES 3[−]
4 AugFBI, CISA, and NSA Reveal Top Exploited Vulnerabilities of 2022While the Common Vulnerabilities and Exposures (CVE) Program published over 25,000 new security vulnerabilities until the end of 2022, only five vulnerabilities made it to the list of the top 12 flaws exploited in attacks the same year.BLEEPINGCOMPUTER.COM
4 AugExploitation of Ivanti EPMM Flaw Picking Up as New Vulnerability Is DisclosedExploitation of the Ivanti EPMM flaw CVE-2023-35078 is picking up as a new critical vulnerability tracked as CVE-2023-35082 is disclosed. The post Exploitation of Ivanti EPMM Flaw Picking Up as New Vulnerability Is Disclosed appeared first on SecurityWeek .SECURITYWEEK.COM
4 AugCISA Advisory of Top 42 Frequently Exploited Flaws of 2022The Cybersecurity and Infrastructure Security Agency (CISA) has published a report which was co-authored by the NSA, FBI, and the FYEY (Five Eyes) from different countries. The report provides a complete insight into the Common Vulnerabilities and Exposures (CVEs) that were frequ…GBHACKERS.COM
⚠️ VULNERABILITY DISCLOSURE 21[−]
4 AugMysterious Team Bangladesh Hackers Launched 750 DDoS Attacks and Hacked 78 WebsiteThe notorious Hacktivists group, Known as Mysterious Team Bangladesh, exploits vulnerable versions of PHPMyAdmin and WordPress. It conducts DDoS and defacement attacks through open-source utilities and is believed to have carried out over 750 DDoS and 70+ website defacements with…GBHACKERS.COM
4 AugMajor Cybersecurity Agencies Collaborate to Unveil 2022's Most Exploited VulnerabilitiesA four-year-old critical security flaw impacting Fortinet FortiOS SSL has emerged as one of the most routinely and frequently exploited vulnerabilities in 2022. "In 2022, malicious cyber actors exploited older software vulnerabilities more frequently than recently disclosed vulne…THEHACKERNEWS.COM
4 AugDozens of RCE Vulnerabilities Impact Milesight Industrial RouterDozens of vulnerabilities impacting the Milesight UR32L industrial router could be exploited to execute arbitrary code or commands, Cisco’s Talos security researchers warn.SECURITYWEEK.COM
4 Aug670 ICS Vulnerabilities Disclosed by CISA in First Half of 2023: AnalysisSynSaber’s analysis, conducted in collaboration with the ICS Advisory Project, shows that CISA published 185 ICS advisories in the first half of 2023, down from 205 in the first half of 2022.SECURITYWEEK.COM
4 AugDecommissioned Medical Infusion Pumps Expose Wi-Fi Configuration DataMost medical infusion pumps sold via secondary market sources still contain Wi-Fi configuration settings from the original organization that deployed them, cybersecurity firm Rapid7 has discovered.SECURITYWEEK.COM
4 AugFive Eyes Agencies Call Attention to Most Frequently Exploited VulnerabilitiesFive Eyes government agencies have published a list of the software vulnerabilities that were most frequently exploited in malicious attacks in 2022. The post Five Eyes Agencies Call Attention to Most Frequently Exploited Vulnerabilities appeared first on SecurityWeek .SECURITYWEEK.COM
4 AugPatching Conundrum: 4-Year Old Flaw Again Tops Most-Hit ListEnsure You've Fixed These 12 Most Exploited Flaws, Cybersecurity Officials Urge A four-year-old flaw in Fortinet SSL VPNs remains one of the most widely exploited flaws, despite years of patch warnings. So warn cybersecurity officials across the U.S. and its Five Eyes partners in…DATABREACHTODAY.CO.UK
4 AugPatching Conundrum: 5-Year Old Flaw Again Tops Most-Hit ListEnsure You've Fixed These 12 Most Exploited Flaws, Cybersecurity Officials Urge A five-year-old flaw in Fortinet SSL VPNs remains one of the world's most widely exploited vulnerabilities. So warn cybersecurity officials across the U.S. and its Five Eyes partners in a joint securi…DATABREACHTODAY.CO.UK
4 AugThreat Actors Abuse Cloudflare Tunnel for Persistent Access, Data TheftThreat actors have been observed abusing the open source Cloudflare Tunnel tool Cloudflared to maintain stealthy, persistent access to compromised systems. The post Threat Actors Abuse Cloudflare Tunnel for Persistent Access, Data Theft appeared first on SecurityWeek .SECURITYWEEK.COM
4 AugMicrosoft Criticized Over Handling of Critical Power Platform VulnerabilityA critical Microsoft Power Platform vulnerability exposed authentication data and other secrets, but the tech giant has been accused of handling it poorly. The post Microsoft Criticized Over Handling of Critical Power Platform Vulnerability appeared first on SecurityWeek .SECURITYWEEK.COM
4 AugIn Other News: Cybersecurity Funding Rebounds, Cloud Threats, BeyondTrust VulnerabilityWeekly cybersecurity news roundup that provides a summary of noteworthy stories that might have slipped under the radar for the week of July 31, 2023. The post In Other News: Cybersecurity Funding Rebounds, Cloud Threats, BeyondTrust Vulnerability appeared first on SecurityWeek .SECURITYWEEK.COM
4 AugCISA Releases its Cybersecurity Strategic PlanToday, CISA released a strategic plan to lay out how we will fulfill our cybersecurity mission over the next three years. The CISA Cybersecurity Strategic Plan aligns the following nine objectives to specific enabling measures and measures of effectiveness to drive accountability…CISA.GOV
4 AugHackers Deliver Magniber Ransomware Disguised as Windows Security Update PackageMagniber Ransomware was first detected in late 2017; it targeted South Korean users through malvertising attacks using the Magnitude Exploit Kit. It had been distributed earlier through Internet Explorer(IE) vulnerabilities. Since Microsoft announced IE’s end of support, it…GBHACKERS.COM
4 AugCyber Security Today, Week in Review for Friday, August 4, 2023This repeat episode is a conversation with Aaron McIntosh, co-author of the Ransomware Task Forces' Blueprint for Ransomware Defence.CYBERSECURITYTODAY.LIBSYN.COM
4 AugCalifornia Hospital Chain Facing Ransom, Service Disruption'IT Complications' at Prospect Medical Holdings Shut Down Ambulances, Appointments A ransomware attack has forced a California-based hospital chain to divert ambulances from its emergency rooms and cancel appointments for services. The group of 17 hospitals, 166 outpatient clinic…DATABREACHTODAY.CO.UK
4 AugNew PaperCut critical bug exposes unpatched servers to RCE attacksPaperCut recently fixed a critical security vulnerability in its NG/MF print management software that allows unauthenticated attackers to gain remote code execution on unpatched Windows servers. [...]BLEEPINGCOMPUTER.COM
4 AugMeet Window Snyder, the trailblazer who helped secure the internet and billions of devicesAfter the band played Miles Davis’ “Seven Steps to Heaven,” and an effusive introduction from the head of the school, Window Snyder stands in front of a hall filled with around 800 students at her old high school to receive an alumni award. Some of the students have a…TECHCRUNCH.COM
4 AugHealth data of 1.7 million Oregon residents accessed by MOVEit hackersHackers behind the mass-exploitation of a vulnerability in the popular corporate file transfer tool MOVEit Transfer have accessed the protected health information of 1.7 million Oregon citizens. Performance Health Technology (PH Tech), a company that provides data management serv…TECHCRUNCH.COM
4 AugPixel Binary Transparency: verifiable security for Pixel devicesJay Hou, Software Engineer, TrustFabric (transparency.dev) Pixel Binary Transparency was originally announced in 2021; the following blog post offers a closer look at how it works. Pixel Binary Transparency With Android powering billions of devices, we’ve long put security …SECURITY.GOOGLEBLOG.COM
4 AugMicrosoft mitigates Power Platform Custom Code information disclosure vulnerabilitySummary Summary On 30 March 2023, Tenable informed Microsoft under Coordinated Vulnerability Disclosure (CVD) of a security issue concerning Power Platform Custom Connectors using Custom Code. This feature allows customers to write code for custom connectors. This issue has been …MSRC.MICROSOFT.COM
4 AugPawning your users to Cloudflare is not how you offer your users security; fedi admins must realize this.submitted by diyrebel to cloudsecurity 2 points | 6 comments cross-posted from: lemmy.dbzer0.com/post/1491194 I would love if just once an admin of a fedi host under DDoS attack would have the integrity to say: “We are under attack. But we will not surrender to Cloudflare & l…INFOSEC.PUB
📢 SECURITY ADVISORIES 5[−]
4 AugPoints.com Vulnerabilities Allowed Customer Data Theft, Rewards Program HackingMultiple vulnerabilities in the airline and hotel rewards platform points.com could have led to personal information theft and unauthorized administrative access. The post Points.com Vulnerabilities Allowed Customer Data Theft, Rewards Program Hacking appeared first on SecurityWe…SECURITYWEEK.COM
4 AugCISA Cybersecurity Strategic Plan: Shifting the Arc of National Risk to Create a Safer FutureCISA.GOV
4 AugUS CISA Urges Improvements to Key Computer ComponentUnified Extensible Firmware Interface Should Be More Secure, Says Agency The U.S. government is urging computer manufacturers to improve the security of firmware architecture that boots up devices after a powerful bootkit sparked concerns over permanent malware infections. Among …DATABREACHTODAY.CO.UK
4 AugISMG Editors: Financial Services SpecialPayments Expert Troy Leach on Regulations, Cloud and AI in the Financial Sector In the latest weekly update, Troy Leach, chief strategy officer at Cloud Security Alliance, joins ISMG editors to discuss preparing for new regulations, new requirements for third-party cloud penetrat…DATABREACHTODAY.CO.UK
🔥 INCIDENT REPORTING 10[−]
4 AugAre Leaked Credentials Dumps Used by Attackers?, (Fri, Aug 4th)Leaked credentials are a common thread for a while. Popular services like “Have I Been Pwnedâ€[ 1 ] help everyone know if some emails and passwords have been leaked. This is a classic problem: One day, you create an account on a web…ISC.SANS.EDU
4 AugPoor access management besets most cloud compromises, Google saysAbout 55% of all cloud compromises analyzed by Google Cloud’s incident response teams during the quarter were the result of weak or nonexistent passwords, the company said in its Threat Horizons Report.CYBERSECURITYDIVE.COM
4 AugMalicious npm Packages Found Exfiltrating Sensitive Data from DevelopersCybersecurity researchers have discovered a new bunch of malicious packages on the npm package registry that are designed to exfiltrate sensitive developer information. Software supply chain firm Phylum, which first identified the "test" packages on July 31, 2023, said they "demo…THEHACKERNEWS.COM
4 AugHawai’I’s Gemini North Observatory Suspends Operations Following CyberattackThe National Science Foundation’s NOIRLab did not respond to requests for comment but published a notice on Tuesday night explaining that the lab had discovered an attempted cyberattack on its systems that morning.THERECORD.MEDIA
4 AugUS Government Contractor Serco Discloses Data Breach After MOVEit Transfer AttacksThe personal information compromised in the attack includes any combination of the following: name, U.S. Social Security Number, date of birth, home mailing address, Serco and/or personal e-mail address, and selected health benefits for the year.BLEEPINGCOMPUTER.COM
4 AugA Cyberattack Has Disrupted Hospitals and Health Care in Five StatesA cyberattack has disrupted hospital computer systems in several states, forcing some emergency rooms to close and ambulances to be diverted. The post A Cyberattack Has Disrupted Hospitals and Health Care in Five States appeared first on SecurityWeek .SECURITYWEEK.COM
4 AugUK Sounds Warning Over Targeted Healthcare AttackNational Health System Faces Up to 1 in 4 Chance of Being Attacked A targeted cyberattack against Britain's national healthcare system could lead to "second-order impacts" such as delays and cancellations, the U.K. government warns. The probably of such an attack occurring during…DATABREACHTODAY.CO.UK
4 AugThe Week in Ransomware - August 4th 2023 - Targeting VMware ESXiRansomware gangs continue to prioritize targeting VMware ESXi servers, with almost every active ransomware gang creating custom Linux encryptors for this purpose. [...]BLEEPINGCOMPUTER.COM
4 AugIsrael cybersecurity agency says no breach after senior official self-infects home PC with malwareIsrael’s National Cybersecurity Directorate said there was “no breach” of its network after passwords belonging to a senior agency official were stolen from their home computer earlier this year and published online. A security researcher, who asked not to be na…TECHCRUNCH.COM
4 AugRansomware attacks cost manufacturing sector $46 billion in downtime since 2018, report claimsNewly-released research reveals the eye-watering costs that the manufacturing sector has suffered in recent years at the hands of ransomware. Read more in my article on the Tripwire State of Security blog.TRIPWIRE.COM
🕵️ THREAT INTELLIGENCE 9[−]
4 AugISC Stormcast For Friday, August 4th, 2023 https://isc.sans.edu/podcastdetail/8602, (Fri, Aug 4th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
4 AugNew hVNC Malware Targets macOS DevicesResearchers warned of a new hVNC malware targeting macOS devices. The malware, advertised on a Russian hacker forum, has been available since April 2023. It provides threat actors with stealthy remote control over infected machines with reverse shell, file management, and browser…CYWARE.COM
4 AugHacker Group of 1980s is Back with Secure Coding Framework for DevelopersCult of the Dead Cow (cDc) is one of the oldest and most highly influential hacking groups that was formed at the end of the 1980s. This group was once responsible for distributing hacking tools and pointing out flaws in software companies, shaming them to improve their security …GBHACKERS.COM
4 AugWhat is Business Email Compromise (BEC) Attacks? – Prevention GuideBEC, an acronym for Business Email Compromise, is a sophisticated form of cybercrime. Cyber threats have become a pressing concern in a world where almost every aspect of our lives is digitized. One of these threats that have been growing exponentially in recent years is the BEC …GBHACKERS.COM
4 AugNew Version of Rilide Data Theft Malware Adapts to Chrome Extension Manifest V3Rilide was first documented by the cybersecurity company in April 2023, uncovering two different attack chains that made use of Ekipa RAT and Aurora Stealer to deploy rogue browser extensions capable of data and crypto theft.THEHACKERNEWS.COM
4 AugNew York Couple Plead Guilty to Bitcoin LaunderingA married couple from New York dubbed "Bitcoin Bonnie and Crypto Clyde" pleaded guilty to laundering billions of dollars in stolen bitcoin. The post New York Couple Plead Guilty to Bitcoin Laundering appeared first on SecurityWeek .SECURITYWEEK.COM
4 AugRilide Stealer Evolves to Target Chrome Extension Manifest V3A rather sophisticated version of the Rilide malware was identified targeting Chromium-based web browsers to steal sensitive data and cryptocurrency. Experts identified over 1,300 phishing websites distributing the new version of Rilide Stealer along with other harmful…CYWARE.COM
4 AugBoarding Pass Selfies and Cybersecurity Don't MixThere is no such thing as a vacation for cybercriminals. We recently released our top summer cybersecurity travel tips to help keep you safe. Earlier this year, we posted about travel-themed phishing attacks , and Forbes just posted a great reminder about the dangers of sharing y…KNOWBE4.COM
4 AugFriday Squid Blogging: 2023 Squid Oil Global Market ReportI had no idea that squid contain sufficient oil to be worth extracting . As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here .SCHNEIER.COM
🌐 CYBER THREAT LANDSCAPE 4[−]
4 AugThese Are the Top Five Cloud Security Risks, Qualys SaysThe five key risk areas are misconfigurations, external-facing vulnerabilities, weaponized vulnerabilities, malware inside a cloud environment, and remediation lag (that is, delays in patching).SECURITYWEEK.COM
4 AugFake VMware vConnector package on PyPI targets IT prosA malicious package that mimics the VMware vSphere connector module 'vConnector' was uploaded on the Python Package Index (PyPI) under the name 'VMConnect,' targeting IT professionals. [...]BLEEPINGCOMPUTER.COM
4 AugHackers can Abuse Microsoft Office Executables to Download MalwareThe list of LOLBAS files - legitimate binaries and scripts present in Windows that can be abused for malicious purposes, will soon include the main executables for Microsoft’s Outlook email client and Access database management system.BLEEPINGCOMPUTER.COM
4 AugGoogle explains how Android malware slips onto Google Play StoreThe Google Cloud security team acknowledged a common tactic known as versioning used by malicious actors to slip malware on Android devices after evading the Google Play Store's review process and security controls. [...]BLEEPINGCOMPUTER.COM
🎙️ PODCASTS 1[−]
4 AugCyber Security Today, August 4, 2023 -- The shadow hanging over your IT networkThis episode looks at a recent from the UK National Cyber Security Centre on shadow ITCYBERSECURITYTODAY.LIBSYN.COM
📡 INFOSEC NEWS 19[−]
4 AugFake FlipperZero Site Used to Phish UsersScammers were found impersonating Flipper Devices and offering free FlipperZero gadgets in exchange for completing an offer. However, the website directs users to insecure browser extensions and fraudulent sites. The real Flipper Devices warns users to be cautious, as they have n…CYWARE.COM
4 AugIOTW Italian banks hit with DDoS attacksThe distributed denial of service attacks were launched by Russian hacking group NoNameCSHUB.COM
4 AugPolitical Milestones for AIChatGPT was released just nine months ago, and we are still learning how it will affect our daily lives, our careers, and even our systems of self-governance. But when it comes to how AI may threaten our democracy, much of the public conversation lacks imagination. People talk ab…SCHNEIER.COM
4 AugSCARF Cipher Sets New Standards in Protecting Sensitive DataThe cipher, designed by Assistant Professor Rei Ueno from the Research Institute of Electrical Communication at Tohoku University, addresses the threat of cache side-channel attacks, offering enhanced security and exceptional performance.HELPNETSECURITY.COM
4 AugWebinar - Making PAM Great Again: Solving the Top 5 Identity Team PAM ChallengesPrivileged Access Management (PAM) solutions are widely acknowledged as the gold standard for securing critical privileged accounts. However, many security and identity teams face inherent obstacles during the PAM journey, hindering these solutions from reaching their full potent…THEHACKERNEWS.COM
4 AugBurger King Forgets to put a Password on Their Systems, AgainOn June 1st, 2023, the Cybernews research team discovered a publicly accessible environment file (.env) belonging to Burger King’s French website, containing various credentials. The file was hosted on the subdomain used for posting job offers.SECURITYAFFAIRS.COM
4 AugNYC Couple Pleads Guilty to Money Laundering in $3.6 Billion Bitfinex HackA married couple from New York City has pleaded guilty to money laundering charges in connection with the 2016 hack of cryptocurrency stock exchange Bitfinex, resulting in the theft of about 120,000 bitcoin. The development comes more than a year after Ilya Lichtenstein, 35, and …THEHACKERNEWS.COM
4 AugSpotify down: music searches, pages, account signups not workingSpotify users are reporting the music streaming service to be down in the last hour. Spotify team is currently investigating the cause. [...]BLEEPINGCOMPUTER.COM
4 AugTeach a Man to Phish and He’s Set for LifeOne frustrating aspect of email phishing is the frequency with which scammers fall back on tried-and-true methods that really have no business working these days. Like attaching a phishing email to a traditional, clean email message, or leveraging link redirects on LinkedIn, or a…KREBSONSECURITY.COM
4 AugExtended warranty robocallers fined $300 million after 5 billion scam callsThe Federal Communications Commission (FCC) has announced a record-breaking $299,997,000 fine imposed on an international network of companies for placing five billion robocalls to more than 500 million phone numbers over three months in 2021. [...]BLEEPINGCOMPUTER.COM
4 AugMondee Security Lapse Exposed Flight Itineraries and Unencrypted Credit Card NumbersThe database, hosted on Oracle’s cloud and more than 1.7 terabytes in size at the time it was exposed, contained customer’s personal information, including names, gender, dates of birth, home addresses, flight information and passport numbers.TECHCRUNCH.COM
4 AugMalicious Apps Use Sneaky Versioning Technique to Bypass Google Play Store Scanners"Campaigns using versioning commonly target users' credentials, data, and finances," Google Cybersecurity Action Team (GCAT) said in its August 2023 Threat Horizons Report shared with The Hacker News.THEHACKERNEWS.COM
4 AugMicrosoft kills Cortana in Windows 11 preview, long live AI!Microsoft has officially begun killing off Cortana as the company moves its focus towards integrating ChatGPT and AI into Windows 11. [...]BLEEPINGCOMPUTER.COM
4 AugFBI warns of scammers posing as NFT devs to steal your cryptoThe FBI warned today of fraudsters posing as Non-Fungible Token (NFT) developers to prey upon NFT enthusiasts and steal their cryptocurrency and NFT assets. [...]BLEEPINGCOMPUTER.COM
4 AugMicrosoft fixes flaw after being called irresponsible by Tenable CEOMicrosoft fixed a security flaw in the Power Platform Custom Connectors feature that let unauthenticated attackers access cross-tenant applications and Azure customers' sensitive data after being called "grossly irresponsible" by Tenable's CEO. [...]BLEEPINGCOMPUTER.COM
4 Aug“Crocodile of Wall Street” and her husband plead guilty to giant-sized cryptocrimesSentences still to be decided, but she could get up to 10 years and he could get as many as 20.NAKEDSECURITY.SOPHOS.COM
4 AugBreak IT/OT Silos by Expanding SOC ResponsibilitiesThe latest study said that enterprise SOCs are expanding their responsibilities to the OT domain, but major visibility and skills-related challenges are causing roadblocks.TRENDMICRO.COM
4 AugAirbnb security tips | Kaspersky official blogA few threats that travelers can face when using Airbnb, and how to stay safe.KASPERSKY.COM
4 AugCheck cybersecurity pre-invest – Week in security with Tony AnscombeWhen you invest in a company, do you check its cybersecurity? The U.S. Securities and Exchange Commission has adopted new cybersecurity rules.WELIVESECURITY.COM