194Articles
9Categories
2023-08-08Date
🐛 COMMON VULNERABILITIES AND EXPOSURES 79[−]
8 AugUpdate: All Versions of Ivanti Product Affected by Vulnerability Used in Norway Government Attack“Since originally reporting CVE-2023-35082… Ivanti has continued its investigation and has found that this vulnerability impacts all versions of Ivanti Endpoint Manager Mobile 11.10, 11.9, and 11.8 and MobileIron Core 11.7 and below,” Ivanti said.THERECORD.MEDIA
8 AugCVE-2023-29328 Microsoft Teams Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
8 AugCVE-2023-29330 Microsoft Teams Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
8 AugCVE-2023-35359 Windows Kernel Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
8 AugCVE-2023-36869 Azure DevOps Server Spoofing VulnerabilityInformation published.MSRC.MICROSOFT.COM
8 AugCVE-2023-36873 .NET Framework Spoofing VulnerabilityInformation published.MSRC.MICROSOFT.COM
8 AugCVE-2023-36899 ASP.NET Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
8 AugCVE-2023-36908 Windows Hyper-V Information Disclosure VulnerabilityInformation published.MSRC.MICROSOFT.COM
8 AugCVE-2023-35380 Windows Kernel Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
8 AugCVE-2023-35382 Windows Kernel Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
8 AugCVE-2023-35386 Windows Kernel Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
8 AugCVE-2023-35393 Azure Apache Hive Spoofing VulnerabilityInformation published.MSRC.MICROSOFT.COM
8 AugCVE-2023-38188 Azure Apache Hadoop Spoofing VulnerabilityInformation published.MSRC.MICROSOFT.COM
8 AugCVE-2023-38169 Microsoft OLE DB Remote Code Execution VulnerabilityInformation published. This CVE was addressed by SQL related updates that were released in June 2023, but the CVE was inadvertently omitted from the June 2023 Security Updates. This is an informational change only. Customers who have already installed the June 2023 update do not …MSRC.MICROSOFT.COM
8 AugCVE-2023-35371 Microsoft Office Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
8 AugCVE-2023-36877 Azure Apache Oozie Spoofing VulnerabilityInformation published.MSRC.MICROSOFT.COM
8 AugCVE-2023-36881 Azure Apache Ambari Spoofing VulnerabilityInformation published.MSRC.MICROSOFT.COM
8 AugCVE-2023-36891 Microsoft SharePoint Server Spoofing VulnerabilityInformation published.MSRC.MICROSOFT.COM
8 AugCVE-2023-36892 Microsoft SharePoint Server Spoofing VulnerabilityInformation published.MSRC.MICROSOFT.COM
8 AugCVE-2023-36893 Microsoft Outlook Spoofing VulnerabilityInformation published.MSRC.MICROSOFT.COM
8 AugCVE-2023-36896 Microsoft Excel Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
8 AugCVE-2023-20569 AMD: CVE-2023-20569 Return Address PredictorInformation published.MSRC.MICROSOFT.COM
8 AugCVE-2023-38181 Microsoft Exchange Server Spoofing VulnerabilityInformation published.MSRC.MICROSOFT.COM
8 AugCVE-2023-38154 Windows Kernel Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
8 AugFortinet Releases Security Update for FortiOSFortinet has released a security update to address a vulnerability (CVE-2023-29182) affecting FortiOS. A remote attacker can exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review the Fortinet security release [ FG-IR-…CISA.GOV
8 Aug KEVMicrosoft Office update breaks actively exploited RCE attack chainMicrosoft today released a defense-in-depth update for Microsoft Office that prevents exploitation of a remote code execution (RCE) vulnerability tracked as CVE-2023-36884 that threat actors have already leveraged in attacks. [...]BLEEPINGCOMPUTER.COM
8 AugDownfall and Zenbleed: Googlers helping secure the ecosystemTavis Ormandy, Software Engineer and Daniel Moghimi, Senior Research Scientist Finding and mitigating security vulnerabilities is critical to keeping Internet users safe.  However, the more complex a system becomes, the harder it is to secure—and that is also the case with c…SECURITY.GOOGLEBLOG.COM
8 AugCVE-2017-11882 is still being exploited | Kaspersky official blogKaspersky solutions are still detecting attempts to exploit CVE-2017-11882 vulnerability in Microsoft Office.KASPERSKY.COM
⚠️ VULNERABILITY DISCLOSURE 33[−]
8 AugNew PaperCut NG/MF Flaw Let Attackers Execute Code on Unpatched Windows ServersA Critical vulnerability was discovered in the widely used PaperCut MG/ NF print management software running on Windows prior to version 22.1.3. As of the July 2023 security bulletin, patches have been released by PaperCut to fix this vulnerability. PaperCut is a widely used prin…GBHACKERS.COM
8 AugLOLBAS in the Wild: 11 Living-Off-The-Land Binaries Used for Malicious PurposesCybersecurity researchers have discovered a set of 11 living-off-the-land binaries-and-scripts (LOLBAS) that could be maliciously abused by threat actors to conduct post-exploitation activities. "LOLBAS is an attack method that uses binaries and scripts that are already part of t…THEHACKERNEWS.COM
8 AugSpanish Police Arrest Three Behind Payment Card FraudThe group mainly targeted ATMs of Spanish national banks using cloned payment cards. Spanish police estimated the group had fraudulently pocketed nearly 196,000 euros (~$215,000).BANKINFOSECURITY.COM
8 AugMicrosoft Shares Guidance and Resources for AI Red TeamsMicrosoft has shared guidance and resources from its AI Red Team program to help organizations and individuals with AI security. The post Microsoft Shares Guidance and Resources for AI Red Teams appeared first on SecurityWeek .SECURITYWEEK.COM
8 AugUnderstanding Active Directory Attack Paths to Improve SecurityIntroduced in 1999, Microsoft Active Directory is the default identity and access management service in Windows networks, responsible for assigning and enforcing security policies for all network endpoints. With it, users can access various resources across networks. As things te…THEHACKERNEWS.COM
8 AugUK Think Tank Proposes Greater Ransomware Reporting From Cyberinsurance to GovernmentThe Royal United Services Institute (RUSI) examined the relationship between cyberinsurance and ransomware, and proposes greater reporting from victims to government, enforced through insurance policies. The post UK Think Tank Proposes Greater Ransomware Reporting From Cyberinsur…SECURITYWEEK.COM
8 AugBug Bounty Program: Microsoft Rewarded $13.8M for 345 Security ResearchesMicrosoft Bug Bounty Program awarded $13.8M for their collaboration with over 345 security researchers from +45 countries around the world between July 01, 2023, to June 30, 2023. Bug Bounty Programs authorize independent security experts to report bugs to a company in exchange f…GBHACKERS.COM
8 Aug[INFOGRAPHIC] Q2 2023 Top-Clicked Phishing Test Results Favor HR-Related SubjectsKnowBe4's latest reports on top-clicked  phishing email subjects have been released for Q2 2023. We analyze 'in the wild' attacks reported via our Phish Alert Button , top subjects globally clicked on in  phishing tests , top attack vector types, and holiday email phish…KNOWBE4.COM
8 Aug5 Intriguing Ways AI Is Changing the Landscape of Cyber AttacksIn today's world, cybercriminals are learning to harness the power of AI. Cybersecurity professionals must be prepared for the current threats of zero days, insider threats, and supply chain, but now add in Artificial Intelligence (AI), specifically Generative AI. AI can revoluti…KNOWBE4.COM
8 AugThreat Actors Using an Armed OpenBullet Pentesting Tool to Manipulate Script KidsRecent reports indicate that threat actors have been manipulating Script kiddies or amateur hackers into performing malicious actions that they never intended. This is done with the OpenBullet tool, which is used by web application testers and security professionals. OpenBullet i…GBHACKERS.COM
8 AugSpanish Police Arrest 3 Suspected of Payment Card FraudCybercrime Group Defrauded Nearly 200,000 Euros Spanish police estimate that a group that mainly targeted ATMs of Spanish national banks using cloned payment cards had fraudulently pocketed nearly 196,000 euros. Authorities arrested three suspected members of the group Sunday in …DATABREACHTODAY.CO.UK
8 AugWhite House Pushes Cybersecurity Defense for K-12 SchoolsTypically understaffed and underfunded when it comes to cybersecurity, American K-12 schools have experienced a ramp-up in ransomware attacks, particularly after the pandemic forced the hasty adoption of remote tools for teaching.BANKINFOSECURITY.COM
8 AugUK Electoral Commission data breach exposes 8 years of voter dataThe UK Electoral Commission disclosed a massive data breach exposing the personal information of anyone who registered to vote in the United Kingdom between 2014 and 2022. [...]BLEEPINGCOMPUTER.COM
8 AugGoogle Cybersecurity Action Team Threat Horizons Report #7 Is Out!This is my completely informal, uncertified, unreviewed and otherwise completely unofficial blog inspired by my reading of our seventh Threat Horizons Report ( full version ) that we just released ( the official blog for #1 report , my unofficial blogs for #2 , #3 , #4 , #5 and #…MEDIUM.COM
8 AugADV190023 Microsoft Guidance for Enabling LDAP Channel Binding and LDAP SigningMicrosoft is announcing that the August 8, 2023 updates are available for Windows Server 2022 and Windows Server 2022 (Server Core installation) to audit client machines that cannot utilize LDAP channel binding tokens via events on Active Directory domain controllers. The updates…MSRC.MICROSOFT.COM
8 AugCISA Releases Two Industrial Control Systems AdvisoriesCISA released two Industrial Control Systems (ICS) advisories on August 8, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-220-01 Schneider Electric IGSS ICSA-23-220-02 Hitachi Energy RTU500 s…CISA.GOV
8 AugUkrainian State Agencies Targeted with Open-Source Malware MerlinAgentIn early August, an unidentified threat actor tracked as UAC-0154 sent malicious emails to its targets, purportedly containing security tips from Ukraine's computer emergency response team (CERT-UA).THERECORD.MEDIA
8 AugADV230004 Memory Integrity System Readiness Scan Tool Defense in Depth UpdateThe Memory Integrity System Readiness Scan Tool (hvciscan_amd64.exe and hvciscan_arm64.exe) is used to check for compatibility issues with memory integrity, also known as hypervisor-protected code integrity (HVCI). The original version was published without a RSRC section, which …MSRC.MICROSOFT.COM
8 AugNew Downfall attacks on Intel CPUs steal encryption keys, dataA senior research scientist at Google has devised new CPU attacks to exploit a vulnerability dubbed Downfall that affects multiple Intel microprocessor families and allows stealing passwords, encryption keys, and private data like emails, messages, or banking info from users that…BLEEPINGCOMPUTER.COM
8 Aug KEVMicrosoft August 2023 Patch Tuesday warns of 2 zero-days, 87 flawsToday is Microsoft's August 2023 Patch Tuesday, with security updates for 87 flaws, including two actively exploited and twenty-three remote code execution vulnerabilities. [...]BLEEPINGCOMPUTER.COM
8 AugMeet the Brains Behind the Malware-Friendly AI Chat Service ‘WormGPT’WormGPT, a private new chatbot service advertised as a way to use Artificial Intelligence (AI) to help write malicious software without all the pesky prohibitions on such activity enforced by ChatGPT and Google Bard, has started adding restrictions on how the service can be used.…KREBSONSECURITY.COM
8 AugMicrosoft August 2023 Patch Tuesday, (Tue, Aug 8th)This month we got patches for 88 vulnerabilities. Of these, 6 are critical, and 2 are already being exploited, according to Microsoft. ISC.SANS.EDU
8 AugMicrosoft Releases August 2023 Security UpdatesMicrosoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s August 2023 Security Update Guide …CISA.GOV
8 AugPatch Tuesday: Microsoft (Finally) Patches Exploited Office Zero-DaysPatch Tuesday: A month after confirming active exploitation of Office code execution flaws, Microsoft has shipped patches for multiple affected products. The post Patch Tuesday: Microsoft (Finally) Patches Exploited Office Zero-Days appeared first on SecurityWeek .SECURITYWEEK.COM
8 AugCritical Patches Issued for Microsoft Products, August 08, 2023Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, o…CISECURITY.ORG
8 AugAdobe Releases Security Updates for Multiple ProductsAdobe has released security updates to address multiple vulnerabilities in Adobe software. An attacker can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Adobe Security Bulletins and ap…CISA.GOV
8 AugKyiv Cyber Defenders Spot Open-Source RAT in Phishing EmailsThreat Actor Coaxes Users Into Downloading MerlinAgent Hackers attempting to spy on the Ukrainian government are using an open-source remote access Trojan, said Kyiv cyber defenders. The RAT, MerlinAgent, is available on GitHub. The threat actor spoofed the Computer Emergency Res…DATABREACHTODAY.CO.UK
8 AugNews alert: SandboxAQ launches new open source framework to simplify cryptography managementPalo Alto, Calif., Aug. 8, 2023 – SandboxAQ today announced Sandwich, an open source framework and meta-library of cryptographic algorithms that simplifies modern cryptography management. With an intuitive, unified API, Sandwich empowers developers to embed the cryptographic algo…LASTWATCHDOG.COM
8 Aug KEVAndroid 14 introduces first-of-its-kind cellular connectivity security featuresPosted by Roger Piqueras Jover, Yomna Nasser, and Sudhi Herle Android is the first mobile operating system to introduce advanced cellular security mitigations for both consumers and enterprises. Android 14 introduces support for IT administrators to disable 2G support in their ma…SECURITY.GOOGLEBLOG.COM
8 AugAn update on Chrome Security updates – shipping security fixes to you fasterPosted by Amy Ressler, Chrome Security Team To get security fixes to you faster, starting now in Chrome 116, Chrome is shipping weekly Stable channel updates. Chrome ships a new milestone release every four weeks . In between those major releases, we ship updates to address secur…SECURITY.GOOGLEBLOG.COM
8 AugCongratulations to the MSRC 2023 Most Valuable Security Researchers!The Microsoft Researcher Recognition Program offers public thanks and recognition to security researchers who help protect our customers through discovering and sharing security vulnerabilities under Coordinated Vulnerability Disclosure. Today, we are excited to recognize this ye…MSRC.MICROSOFT.COM
8 AugUpdating our Vulnerability Severity Classification for AI SystemsThe Microsoft Security Response Center (MSRC) is always looking for ways to provide clarity and transparency around how we assess the impact of vulnerabilities reported in our products and services. To this end, we are announcing the Microsoft Vulnerability Severity Classificatio…MSRC.MICROSOFT.COM
8 AugMultiplying Force with Automation — Reducing the Soul Crushing WorkUnlocking the Security Potential: Automation's Role in SOC transformation and incident remediation to deliver tailored insights. The post Multiplying Force with Automation — Reducing the Soul Crushing Work appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
📋 SECURITY BULLETINS 2[−]
8 AugICS Patch Tuesday: Siemens Fixes 7 Vulnerabilities in Ruggedcom ProductsICS Patch Tuesday: Siemens releases a dozen advisories covering over 30 vulnerabilities, but Schneider Electric has only published one advisory. The post ICS Patch Tuesday: Siemens Fixes 7 Vulnerabilities in Ruggedcom Products appeared first on SecurityWeek .SECURITYWEEK.COM
8 AugPatch Tuesday: Adobe Patches 30 Acrobat, Reader VulnsAdobe rolls out a big batch of security updates to fix at least 30 Acrobat and Reader vulnerabilities affecting Windows and macOS users. The post Patch Tuesday: Adobe Patches 30 Acrobat, Reader Vulns appeared first on SecurityWeek .SECURITYWEEK.COM
📢 SECURITY ADVISORIES 13[−]
8 AugYou Can’t Rush Post-Quantum-Computing Cryptography StandardsI just read an article complaining that NIST is taking too long in finalizing its post-quantum-computing cryptography standards. This process has been going on since 2016, and since that time there has been a huge increase in quantum technology and an equally large increase in qu…SCHNEIER.COM
8 AugCISA Unveils Cybersecurity Strategic Plan for Next Three YearsThe Cybersecurity Strategic Plan for fiscal years 2024-2026 outlines the agency’s plans for achieving a future where damaging cyberattacks are rare, organizations are resilient, and technology is secure by design.SECURITYWEEK.COM
8 AugCISA and FEMA Partner to Provide $374.9 Million in Grants to Bolster State and Local CybersecurityCISA and FEMA are partnering to provide $374.9 million in grants to help state, local, and territorial government partners build the cybersecurity capabilities they need.CISA.GOV
8 AugWhite House Holds First-Ever Summit on the Ransomware Crisis Plaguing the Nation’s Public SchoolsCISA will step up training for the K-12 sector and technology providers, including Amazon Web Services and Cloudflare, will offer grants and free software. The post White House Holds First-Ever Summit on the Ransomware Crisis Plaguing the Nation’s Public Schools appeared first on…SECURITYWEEK.COM
8 AugNews alert: DigiCert extends cert management platform to support Microsoft CA, AWS Private CALehi, Utah, Aug. 8, 2023 – DigiCert today announced the expansion of its certificate management platform, DigiCert Trust Lifecycle Manager, to provide full lifecycle support for multiple CAs including Microsoft CA and AWS Private CA, as well as integration with … (more…)LASTWATCHDOG.COM
8 AugEnsuring Compliance with DORA: How Qualys Solutions Can HelpIntroduction The Digital Operational Resilience Act (DORA) is a new regulation implemented by the European Union to ensure the stability and security of the financial sector. Coming into effect in 2022, DORA mandates enhanced cybersecurity and operational resilience standards for…QUALYS.COM
🔥 INCIDENT REPORTING 17[−]
8 AugReport: Manufacturing Sector Lost $46 Billion to Ransomware AttacksRansomware attacks on manufacturing organizations have surged annually, resulting in substantial financial losses, with a recent report by Comparitech revealing that the sector suffered $46 billion in downtime since 2018. So far 56 manufacturing organizations have been targeted i…CYWARE.COM
8 AugTargetCompany Ransomware Abuses FUD Obfuscator PackersThe TargetCompany ransomware is using fully undetectable (FUD) packers and Metasploit to infect vulnerable systems, making it difficult for current security solutions to detect and prevent.TRENDMICRO.COM
8 AugNew Yashma Ransomware Variant Targets Multiple English-Speaking CountriesAn unknown threat actor is using a variant of the Yashma ransomware to target various entities in English-speaking countries, Bulgaria, China, and Vietnam at least since June 4, 2023. Cisco Talos, in a new write-up, attributed the operation with moderate confidence to an adversar…THEHACKERNEWS.COM
8 AugClustering attacker behavior reveals hidden patternsA collection of very specific behaviors, observed by Sophos X-Ops incident response analysts in the lead-up to four separate ransomware attacks in the first quarter of 2023, indicates an unexpected connection between the attacks. In the parlance of the Managed Detection and Respo…SOPHOS.COM
8 AugBudget Constraints Threaten Cybersecurity in Government BodiesGovernment organizations and public services are increasingly targeted by cyberattacks from both nation-states and cybercriminals, necessitating the need for stronger cybersecurity measures.HELPNETSECURITY.COM
8 AugUK: Over 200 Million Brits Have Data Compromised in Four YearsInterestingly, the analysis also revealed that malicious attacks such as malware, phishing, and ransomware accounted for just a third (33%) of breaches reported to the ICO, versus 40% of incidents caused by insider threats.INFOSECURITY-MAGAZINE.COM
8 AugHackers Abusing Cloudflare Tunnels for Covert CommunicationsNew research has revealed that threat actors are abusing Cloudflare Tunnels to establish covert communication channels from compromised hosts and retain persistent access. "Cloudflared is functionally very similar to ngrok," Nic Finn, a senior threat intelligence analyst at Guide…THEHACKERNEWS.COM
8 AugHHS Warns Healthcare Sector of Attacks by Rhysida Ransomware GroupAuthorities are sounding the alarm about double-extortion attacks against healthcare and public health sector organizations by a relatively new ransomware-as-a-service group, Rhysida, which until recently had mainly focused on other industries.HEALTHCAREINFOSECURITY.COM
8 AugNew Threat Actor Targets Bulgaria, China, Vietnam, and Other Countries With Customized Yashma RansomwareThe threat actor behind this operation uses an uncommon technique of downloading the ransom note from a GitHub repository, evading detection by embedding it in an embedded batch file.TALOSINTELLIGENCE.COM
8 AugHackers Increasingly Abuse Cloudflare Tunnels for Stealthy ConnectionsCloudflare Tunnels provide a range of access controls, gateway configurations, team management, and user analytics, giving users a high degree of control over the tunnel and the exposed compromised services.BLEEPINGCOMPUTER.COM
8 AugBig Cyberespionage Attack Against Japan Attributed to ChinaJapan's Classified Defense Networks Reportedly Suffered a Major Breach in 2020 Japanese classified military networks reportedly suffered a massive breach in 2020 at the hands of a Chinese cyberespionage group that proved tough to eject. One cybersecurity expert said Chinese cyber…DATABREACHTODAY.CO.UK
8 AugUK Electoral Commission Suffered 'Complex' Hack in 2021Agency Detected the Incident in October 2022 - Over 1 Year After the Hack The U.K. Electoral Commission suffered a "complex cyber-attack" in 2021, resulting in hackers accessing sensitive voter information. Commission CEO Shaun McNally said the attack resulted in hackers accessin…DATABREACHTODAY.CO.UK
8 AugMicrosoft Purview data security mitigations for BazaCall and other human-operated data exfiltration attacksMicrosoft Defender is our toolset for prevention and mitigation of data exfiltration and ransomware attacks. Microsoft Purview data security offers important mitigations as well and should be used as part of a defense-in-depth strategy. The post Microsoft Purview data security mi…MICROSOFT.COM
8 AugElectoral Commission hack exposed data of 40 million UK votersThe personal information of approximately 40 million U.K. voters was exposed to hackers for more than a year after the Electoral Commission fell victim to a “complex cyberattack.” The Electoral Commission, the watchdog responsible for overseeing elections in the U.K., said in a s…TECHCRUNCH.COM
8 AugNews alert: Picus Security attack simulations report reveals organizations prevent 6 of 10 attacksSan Francisco, Calif., Aug. 8, 2023 – Picus Security , the pioneer of Breach and Attack Simulation (BAS) technology, has released The Blue Report 2023 . Based on an analysis of more than 14 million cyber attacks simulated by The … (more…)LASTWATCHDOG.COM
8 AugLower Data Breach Insurance Costs with These TipsThe changing attack landscape has resulted in the hardening of the data breach insurance market. Gain insight into how implementing security controls can reduce the mean time to detect and control the costliness of an attack.TRENDMICRO.COM
8 AugCraftRise - 2,532,527 breached accountsIn May 2023, news broke of a data breach of the Turkish Minecraft server known as CraftRise . The data of over 2.5M users was subsequently shared on a popular hacking forum and included email addresses, usernames, geographic locations and plain text passwords. The newest records …HAVEIBEENPWNED.COM
🕵️ THREAT INTELLIGENCE 19[−]
8 AugISC Stormcast For Tuesday, August 8th, 2023 https://isc.sans.edu/podcastdetail/8606, (Tue, Aug 8th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
8 AugNew Microsoft Azure AD CTS Feature can be Abused for Lateral MovementMicrosoft's new Azure Active Directory Cross-Tenant Synchronization (CTS) feature, introduced in June 2023, has created a new potential attack surface that might allow threat actors to more easily spread laterally to other Azure tenants.BLEEPINGCOMPUTER.COM
8 AugNorth Korean Hackers Compromise Sanctioned Russian Missile Engineering CompanyA recent investigation by cybersecurity firm SentinelLabs has revealed that North Korean hackers have targeted a Russian missile engineering organization called NPO Mashinostroyeniya.SENTINELONE.COM
8 AugBlack Hat Preview: The Business of Cyber Takes Center StageThe cybersecurity industry heads to Las Vegas this week for Black Hat in a state of economic contraction, confusion and excitement. Can the promise of AI overcome the hype cycle to truly solve security problems? The post Black Hat Preview: The Business of Cyber Takes Center Stage…SECURITYWEEK.COM
8 AugIdentity-Based Attacks Soared in Past Year: ReportIdentity-based attacks have soared in the past year, according to CrowdStrike’s 2023 Threat Hunting Report. The post Identity-Based Attacks Soared in Past Year: Report appeared first on SecurityWeek .SECURITYWEEK.COM
8 Aug43 Malicious Android Apps With Over 2.5 Million Installs Display Secret AdsIt has been reported that over 43 Android applications, which are available on the Google Play Store, display ads while the mobile screen is turned off. When the users attempt to open their home screen, they might catch a glimpse of the ad. Though this seems to be less annoying f…GBHACKERS.COM
8 AugMost Organizations Using Weak Multifactor AuthenticationMost organizations are still using weak forms of multi-factor authentication (MFA), a survey by Nok Nok has found. These forms of MFA can be bypassed if an employee falls for a social engineering attack.KNOWBE4.COM
8 AugProtection is No Longer Straightforward – Why More Cybersecurity Solutions Must Incorporate ContextContext helps complete the picture and results in actionable intelligence that security teams can use to make informed decisions more quickly. The post Protection is No Longer Straightforward – Why More Cybersecurity Solutions Must Incorporate Context appeared first on SecurityWe…SECURITYWEEK.COM
8 AugHorizon3 AI Raises $40 Million to Expand Automated Pentesting PlatformHorizon3.ai, a provider of autonomous security testing solutions, raised $40 million through a Series C funding round. The post Horizon3 AI Raises $40 Million to Expand Automated Pentesting Platform appeared first on SecurityWeek .SECURITYWEEK.COM
8 AugKnowBe4’s Interactive Phishing Analysis Center: Keep Your Finger On The PulseAs a security awareness practitioner, keeping your pulse on industry - and geographical - benchmarking data and best practices is always a good way to measure your organization’s security awareness success.KNOWBE4.COM
8 AugNorway Threatens Meta With Fines for Ad ViolationsSocial Media Giant Faces Prospect of Being Fined $100,000 Per Day Starting Aug. 14 The Norwegian data regulator said it will start fining Facebook parent company Meta nearly $100,000 daily starting on Monday unless the social media giant stops showing users behavioral ads without…DATABREACHTODAY.CO.UK
8 AugLawmaker Quizzes Google on 'Guardrails' for AI in HealthcareSen. Mark Warner Asks Google CEO to Address AI Trust, Privacy, Ethical Practices Citing several growing concerns, Sen. Mark Warner, D-Va., on Tuesday sent a letter quizzing Google CEO Sundar Pichai about how the tech giant is applying privacy, trust and ethical "guardrails" aroun…DATABREACHTODAY.CO.UK
8 AugBoost identity protection with Axiad Cloud and Microsoft Entra IDAs IT environments become more complex and multilayered to combat cybersecurity attacks, authentication processes for applications, operating systems, and workplace locations are increasingly managed in silos. Axiad Cloud and Microsoft Entra ID help to strengthen security perimet…MICROSOFT.COM
8 AugBlack Hat Fireside Chat: ‘UEM’ solutions seek to protect endpoints, preserve user experienceLAS VEGAS — Shadow IT and BYOD security exposures have long bedeviled businesses – ever since the iPhone and Dropbox first came on the scene. Covid 19 only intensified the problem of how to securely manage the personally owned devices … (more…)LASTWATCHDOG.COM
8 AugThe Forrester Consulting TEI of Guardium Data Protection study: 5 data security lessonsPracticality and simplicity: That’s what data security analysts want most from their data protection tools. That’s the essence we gleaned from the Forrester Consulting Total Economic Impact (TEI) study commissioned by IBM for its IBM Security Guardium Data Protection …SECURITYINTELLIGENCE.COM
8 AugUnmasking hypnotized AI: The hidden risks of large language modelsThe emergence of Large Language Models (LLMs) is redefining how cybersecurity teams and cybercriminals operate. As security teams leverage the capabilities of generative AI to bring more simplicity and speed into their operations, it’s important we recognize that cybercrimi…SECURITYINTELLIGENCE.COM
8 AugDisrupting Japan podcast: The forgotten mistake that killed Japan's software industry - 33 minutessubmitted by ashar to security_cpe 5 points | 0 comments https://www.disruptingjapan.com/the-forgotten-mistake-that-killed-japans-software-industry/ “Everyone loves to complain about the poor quality of Japanese software, but today I’m going to explain exactly what went wrong. Yo…DISRUPTINGJAPAN.COM
8 AugDHS Announces Additional $374.9 Million in Funding to Boost State, Local Cybersecurity | Homeland Securitysubmitted by Ground3461 to cybersecurity 19 points | 0 comments https://www.dhs.gov/news/2023/08/07/dhs-announces-additional-3749-million-funding-boost-state-local-cybersecurity Worth looking into for any state or local governmentsDHS.GOV
🌐 CYBER THREAT LANDSCAPE 6[−]
8 AugLatest Batloader Campaigns Use Pyarmor Pro for EvasionThe Batloader initial access malware, used by the group Water Minyades, has upgraded its evasion techniques by utilizing Pyarmor Pro to obfuscate its malicious Python scripts.TRENDMICRO.COM
8 AugNigerian Man Admits to $1.3M Business Email Compromise ScamA Nigerian national pleaded guilty to participating in a BEC scheme to steal $1.25m from a Boston investment firm. The scam involved using malware and a spoofed domain name to trick the firm into transferring money to attacker-controlled accounts.BANKINFOSECURITY.COM
8 AugStealthy npm Malware Exposes Developer DataUpon analyzing the attack code, Phylum uncovered that it utilized a combination of post-install hooks and pre-install scripts to trigger the execution of malicious code once the packages were installed.INFOSECURITY-MAGAZINE.COM
8 AugQakBot Malware Operators Expand C2 Network with 15 New ServersThe operators associated with the QakBot (aka QBot) malware have set up 15 new command-and-control (C2) servers as of late June 2023. The findings are a continuation of the malware's infrastructure analysis from Team Cymru, and arrive a little over two months after Lumen Black Lo…THEHACKERNEWS.COM
8 AugNew Malware Campaign Targets Inexperienced Cybercriminals with OpenBullet ConfigsA new malware campaign has been observed making use of malicious OpenBullet configuration files to target inexperienced cybercriminals with the goal of delivering a remote access trojan (RAT) capable of stealing sensitive information.THEHACKERNEWS.COM
8 AugCybersecurity Threat 1H 2023 Brief with Generative AIHow generative AI influenced threat trends in 1H 2023TRENDMICRO.COM
🎙️ PODCASTS 1[−]
8 AugADV230003 Microsoft Office Defense in Depth UpdateMicrosoft has released an update for Microsoft Office that provides enhanced security as a defense in depth measure.MSRC.MICROSOFT.COM
📡 INFOSEC NEWS 24[−]
8 AugExtended warranty robocallers fined $300 million after 5 billion scam callsThe Federal Communications Commission (FCC) has announced a record-breaking $299,997,000 fine imposed on an international network of companies for placing five billion robocalls to more than 500 million phone numbers over three months in 2021.BLEEPINGCOMPUTER.COM
8 AugCyberinsurance Firm Resilience Raises $100 Million to Expand Its Cyber Risk PlatformThe Series D round was led by Intact Ventures, an affiliate of Resilience’s primary capacity provider, Intact Insurance’s underwriting companies, with participation by Lightspeed Venture Partners, as well as General Catalyst and Founders Fund.SECURITYWEEK.COM
8 AugTeach a Man to Phish and He’s Set for Life – Krebs on SecurityA recent phishing scam has been using an old trick to fool Microsoft Windows users. The scam involves sending an email with an attachment that appears to be a PDF file, but is actually an .eml file disguised as a .pdf.KREBSONSECURITY.COM
8 AugEnough attribution to countNaming and shaming the bad guys can be gratifying, but for practical protection, Threat Activity Clusters are the waySOPHOS.COM
8 AugPoints.com Vulnerabilities Allowed Customer Data Theft, Rewards Program HackingMultiple vulnerabilities in the popular airline and hotel rewards platform points.com could have allowed attackers to access users’ personal information, security researchers warn.SECURITYWEEK.COM
8 AugDHS Grants $375 Million to State and Local Government Cyber-Resilience EffortsThe State and Local Cybersecurity Grant Program (SLCGP), now in its second year, is a $1 billion fund with allocations spanning four years and specifically targeting state, local, and territorial government cyber resilience efforts.THERECORD.MEDIA
8 AugMassive Phishing Campaign Impersonates 340 Companies Using Over 800 Scam DomainsThe phishing operation, originating from Russia but pretending to be Ukrainian, utilized a high-quality single-page application to create convincing websites and steal credit card and bank details.IMPERVA.COM
8 AugInvisible Ad Fraud Campaign Targets South Korean Android UsersThe discovery by McAfee’s Mobile Research Team shed light on a trend where certain apps distributed through Google Play discreetly load ads while the user’s device screen is turned off.INFOSECURITY-MAGAZINE.COM
8 AugReport: Two-Thirds of UK Sites Vulnerable to Bad BotsThe majority (66%) of UK websites are unable to block simple bot attacks, exposing their businesses to fraud, account compromise, and much more, according to a report by DataDome.INFOSECURITY-MAGAZINE.COM
8 AugAndroid 14 to block connections to unencrypted cellular networksGoogle has announced new cellular security features for its upcoming Android 14, expected later this month, that aim to protect business data and communications. [...]BLEEPINGCOMPUTER.COM
8 AugNew Inception attack leaks secrets from all AMD Zen CPUsResearchers have discovered a new and powerful transient execution attack called 'Inception' that can leak privileged secrets and data using unprivileged processes on all AMD Zen CPUs, including the latest models. [...]BLEEPINGCOMPUTER.COM
8 AugNew Inception attack leaks sensitive data from all AMD Zen CPUsResearchers have discovered a new and powerful transient execution attack called 'Inception' that can leak privileged secrets and data using unprivileged processes on all AMD Zen CPUs, including the latest models. [...]BLEEPINGCOMPUTER.COM
8 AugAndroid 14 to let you block connections to unencrypted cellular networksGoogle has announced new cellular security features for its upcoming Android 14, expected later this month, that aim to protect business data and communications. [...]BLEEPINGCOMPUTER.COM
8 AugInterpol takes down 16shop phishing-as-a-service platformA joint operation between Interpol and cybersecurity firms has led to an arrest and shutdown of the notorious 16shop phishing-as-a-service (PhaaS) platform. [...]BLEEPINGCOMPUTER.COM
8 AugWindows 10 KB5029244 and KB5029247 updates releasedMicrosoft has released Windows 10 KB5029244 and KB5028168 cumulative updates for versions 22H2, 21H2, and 1809 to fix problems and add new features to the operating system. [...]BLEEPINGCOMPUTER.COM
8 AugSophos Named Customers’ Choice for Managed Detection and Response (MDR) in the Inaugural Gartner® Voice of the Customer Peer Insights™ ReportSophos earned a 97% “Willingness to Recommend” score and had more customer reviews than the other three Customers’ Choice selections combined.SOPHOS.COM
8 AugWindows 11 KB5029263 cumulative update released with 27 fixesMicrosoft has released the Windows 11 22H2 KB5029263 cumulative update to fix security vulnerabilities and introduce 20 changes, improvements, and bug fixes. [...]BLEEPINGCOMPUTER.COM
8 AugMalicious extensions can abuse VS Code flaw to steal auth tokensMicrosoft's Visual Studio Code (VS Code) code editor and development environment contains a flaw that allows malicious extensions to retrieve authentication tokens stored in Windows, Linux, and macOS credential managers. [...]BLEEPINGCOMPUTER.COM
8 AugMicrosoft Visual Studio Code flaw lets extensions steal passwordsMicrosoft's Visual Studio Code (VS Code) code editor and development environment contains a flaw that allows malicious extensions to retrieve authentication tokens stored in Windows, Linux, and macOS credential managers. [...]BLEEPINGCOMPUTER.COM
8 AugGoogle’s Messages app will now use RCS by default and encrypt group chatsGoogle announced today it’s making its Messages by Google app more secure with improvements to RCS, or Rich Communication Services — a protocol aimed at replacing SMS that is more on par with the advanced features found in Apple’s iMessage. The company says it w…TECHCRUNCH.COM
8 AugRubrik acquires Laminar to expand in data security across public cloudsCybersecurity startups, in particular those hatched in Israel, have been getting scooped up at a rapid pace by larger tech companies looking to bolt on new capabilities to address business customers’ growing security needs as they adopt new technologies themselves. In the l…TECHCRUNCH.COM
8 AugHorizon3 secures $40M to expand its pen testing platformCybersecurity funding is falling after enjoying impressive heights in the last few years. According to Crunchbase, VC financing for security declined to just over $1.6 billion in Q2 2023, marking a 63% drop compared to the same quarter last year — when startups landed nearl…TECHCRUNCH.COM
8 AugSerious Security: Why learning to touch-type could protect you from audio snoopingFast, quiet, smooth, consistent and low impact... why true hacker-grade touch-typing might keep you more secure.NAKEDSECURITY.SOPHOS.COM
8 AugLeverage the AWS Sustainability Pillar to Minimize Environmental ImpactOne of the key pillars of the AWS Well-Architected Framework (WAF) is sustainability: the idea that cloud applications should be designed to minimize their environmental impact. Gain insight into the WAF sustainability pillar and discover best practices for architecting your clou…TRENDMICRO.COM