21Articles
7Categories
2023-08-12Date
🐛 COMMON VULNERABILITIES AND EXPOSURES 1[−]
12 AugMultiple data center vulnerabilities could cripple cloud servicesMultiple vulnerabilities in data center infrastructure management systems/power distribution units have the potential to cripple popular cloud-based services. That's according to new findings from the Trellix Advanced Research Center, which revealed four vulnerabilities in CyberP…CSOONLINE.COM
⚠️ VULNERABILITY DISCLOSURE 7[−]
12 AugNew Python URL Parsing Flaw Enables Command Injection AttacksA high-severity security flaw has been disclosed in the Python URL parsing function that could be exploited to bypass domain or protocol filtering methods implemented with a blocklist, ultimately resulting in arbitrary file reads and command execution. "urlparse has a parsing pro…THEHACKERNEWS.COM
12 AugLolek Bulletproof Hosting Servers Seized, 5 Key Operators ArrestedEuropean and U.S. law enforcement agencies have announced the dismantling of a bulletproof hosting service provider called Lolek Hosted, which cybercriminals have used to launch cyber-attacks across the globe. "Five of its administrators were arrested, and all of its servers seiz…THEHACKERNEWS.COM
12 AugHackers Compromised ChatGPT Model with Indirect Prompt InjectionChatGPT quickly gathered more than 100 million users just after its release, and the ongoing trend includes newer models like the advanced GPT-4 and several other smaller versions. LLMs are now widely used in a multitude of applications, but flexible modulation through natural pr…GBHACKERS.COM
12 AugBlack Hat USA 2023: Complete AI Briefings RoundupThe 26th annual BLACK HAT USA is taken place at the Mandalay Bay Convention Centre in Las Vegas from August 5 to August 10, 2023. Four days of intensive cybersecurity training covering all skill levels are scheduled to start off the event. More than 100 selected Briefings, dozens…GBHACKERS.COM
12 AugZoom ZTP & AudioCodes Phones Flaws Uncovered, Exposing Users to EavesdroppingMultiple security vulnerabilities have been disclosed in AudioCodes desk phones and Zoom's Zero Touch Provisioning (ZTP) that could be potentially exploited by a malicious attacker to conduct remote attacks. "An external attacker who leverages the vulnerabilities discovered in Au…THEHACKERNEWS.COM
12 AugFord says cars with WiFi vulnerability still safe to driveFord is warning of a buffer overflow vulnerability in its SYNC3 infotainment system used in many Ford and Lincoln vehicles, which could allow remote code execution, but says that vehicle driving safety isn't impacted. [...]BLEEPINGCOMPUTER.COM
12 AugDell Credentials Bug Opens VMware Environments to Takeoversubmitted by IllNess to securitynews 20 points | 0 comments https://www.darkreading.com/threat-intelligence/dell-credentials-bug-vmware-environments-takeover Pohl only found that out by accident, while working with a client’s network. “When I got into the device in question, I th…DARKREADING.COM
📢 SECURITY ADVISORIES 1[−]
12 AugHonor Among Cybercriminals? Why a Canadian Firm Paid RansomA nonprofit firm that administers government dental programs in Canada is notifying nearly 1.5 million individuals that their data, including banking information for some, was compromised in a ransomware incident last month.BANKINFOSECURITY.COM
🔥 INCIDENT REPORTING 7[−]
12 AugUK: Cumbria Police Admit Huge Breach of Data of Officers and StaffCumbria police have admitted accidentally publishing the names and salaries of every one of its more than 2,000 employees and have apologized. The data breach happened in March and has not previously been publicized.THEGUARDIAN.COM
12 AugNew SystemBC Malware Variant Targets Southern African Power CompanyAn unknown threat actor has been linked to a cyber attack on a power generation company in South Africa with a new variant of the SystemBC malware called DroxiDat as a precursor to a suspected ransomware attack.THEHACKERNEWS.COM
12 AugMultiple Flaws Found in the Avada WordPress Theme and PluginThese security flaws in the widely used Avada theme and the Avada Builder plugin, uncovered by Patchstack’s security researcher Rafie Muhammad, expose a significant number of WordPress websites to potential breaches.INFOSECURITY-MAGAZINE.COM
12 AugHow the FBI goes after DDoS cyberattackersIn 2016, hackers using a network of compromised internet-connected devices — vulnerable security cameras and routers — knocked some of the then biggest websites on the internet offline for several hours. Twitter, Reddit, GitHub and Spotify all went down intermittently that day, v…TECHCRUNCH.COM
12 AugKnight ransomware distributed in fake Tripadvisor complaint emailsThe Knight ransomware is being distributed in an ongoing spam campaign that pretends to be TripAdvisor complaints. [...]BLEEPINGCOMPUTER.COM
12 AugCySecurity News - Latest Information Security and Hacking Incidents: Emerging Technology Facilitating Increased Vehicle Thefts and Accidents by Criminalssubmitted by Lanky_Pomegranate530 to cybersecurity -5 points | 0 comments https://www.cysecurity.news/2023/08/emerging-technology-facilitating.htmlCYSECURITY.NEWS
12 AugEY breach exposes Bank of America customer credit card numberssubmitted by Lanky_Pomegranate530 to cybersecurity 15 points | 1 comments https://cybernews.com/news/ey-bank-of-america-data-breach/CYBERNEWS.COM
🕵️ THREAT INTELLIGENCE 3[−]
12 AugJanelaRAT: Repurposed BX Rat Variant Targeting LATAM FinTechZscaler ThreatLabz has discovered a threat actor targeting FinTech users in the LATAM region with a malware called JanelaRAT. This malware uses tactics such as DLL side-loading and dynamic C2 infrastructure.ZSCALER.COM
12 AugBlackhat 2023 USA - Presentation slidessubmitted by Ground3461 to cybersecurity 18 points | 0 comments https://github.com/onhexgroup/Conferences/tree/main/Black%20Hat%20USA%202023%20slidesGITHUB.COM
12 AugBlack Hat 2023: ‘Teenage’ AI not enough for cyberthreat intelligenceCurrent LLMs are just not mature enough for high-level tasksWELIVESECURITY.COM
🌐 CYBER THREAT LANDSCAPE 1[−]
12 AugMacOS Systems Turned Into Proxy Exit Nodes by AdloadAdLoad malware is still infecting Mac systems and has been observed turning infected systems into a giant proxy botnet. AT&T Alien Labs has identified over 10,000 IPs behaving as proxy exit nodes, indicating a potentially widespread infection.CYBERSECURITY.ATT.COM
📡 INFOSEC NEWS 1[−]