104Articles
9Categories
2023-08-17Date
🚨 CISA KEV 2[−]
17 Aug KEVCISA Adds Citrix ShareFile Flaw to KEV Catalog Due to In-the-Wild AttacksThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security flaw in Citrix ShareFile storage zones controller to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active in-the-wild exploitation. Tracked as CVE-2023-24489 (…THEHACKERNEWS.COM
17 Aug KEVCitrix ShareFile vulnerability actively exploited (CVE-2023-24489)CVE-2023-24489, a critical Citrix ShareFile vulnerability that the company has fixed in June 2023, is being exploited by attackers. GreyNoise has flagged on Tuesday a sudden spike in IP addresses from which exploitation attempts are coming, and the Cybersecurity and Infrastructur…HELPNETSECURITY.COM
🐛 COMMON VULNERABILITIES AND EXPOSURES 9[−]
17 AugHPE Aruba Networking Product Vulnerabilities Allow File OverwriteThe vulnerabilities, CVE-2023-38401 and CVE-2023-38402, affect the HPE Aruba Networking Virtual Intranet Access (VIA) client for the Microsoft Windows operating system. If the exploit is successful, the attacker can overwrite arbitrary files. HPE Aruba Networking has issued an up…GBHACKERS.COM
17 Aug KEVCISA Warns of Critical Citrix ShareFile Flaw Exploited in the WildCISA is warning that a critical Citrix ShareFile secure file transfer vulnerability tracked as CVE-2023-24489 is being targeted by unknown actors and has added the flaw to its catalog of known security flaws exploited in the wild.BLEEPINGCOMPUTER.COM
17 AugExploitation of Citrix ShareFile Vulnerability Spikes as CISA Issues WarningExploitation of a Citrix ShareFile vulnerability tracked as CVE-2023-24489 has spiked as CISA added it to its ‘must patch’ catalog. The post Exploitation of Citrix ShareFile Vulnerability Spikes as CISA Issues Warning appeared first on SecurityWeek .SECURITYWEEK.COM
17 Aug KEVCISA says hackers are exploiting a new file transfer bug in Citrix ShareFileHackers are exploiting a newly discovered vulnerability in yet another enterprise file transfer software, the U.S. government’s cybersecurity agency has warned. CISA on Wednesday added a vulnerability in Citrix ShareFile, tracked as CVE-2023-24489, to its Known Exploited Vulnerab…TECHCRUNCH.COM
17 AugPlay Ransomware Using MSPs and N-Days to AttackFortinet SSL VPN Vulnerability Is Among Top Most Common Vulnerabilities The Play ransomware group is targeting security managed service providers to gain initial access and using up to a half-decade-old vulnerabilities in security appliances, warn security researchers with Adlumi…DATABREACHTODAY.CO.UK
17 AugAtlassian Releases Security Update for Confluence Server and Data CenterAtlassian has released its security bulletin for August 2023 to address a vulnerability in Confluence Server and Data Center, CVE-2023-28709. A remote attacker can exploit this vulnerability to cause a denial-of-service condition. CISA encourages users and administrators to revie…CISA.GOV
17 AugProxyjacking campaign LABRAT targets vulnerable GitLab deploymentsResearchers from Sysdig are warning of an ongoing attack campaign against vulnerable GitLab servers that results in deployment of cryptojacking and proxyjacking malware. The attacks use cross-platform malware, kernel rootkits, and multiple layers of obfuscation and try to evade d…CSOONLINE.COM
⚠️ VULNERABILITY DISCLOSURE 22[−]
17 Aug KEVKubernetes clusters face widespread attacks across numerous organizationsIn this Help Net Security video, Assaf Morag, Lead Threat Intelligence Analyst at Aqua Security, discusses research that discovered openly accessible and unprotected Kubernetes clusters belonging to more than 350 organizations, open-source projects, and individuals. At least 60% …HELPNETSECURITY.COM
17 AugThe road ahead for ecommerce fraud preventionEcommerce platforms are incorporating sophisticated fraud detection measures, but fraudsters, too, are refining their strategies. In this Help Net Security interview, Eduardo Mônaco, CEO at ClearSale, explains the complexities of ecommerce fraud, discussing the evolution of fraud…HELPNETSECURITY.COM
17 Aug6 best practices to defend against corporate account takeover attacksWhile there are similarities between the two, corporate account takeovers (CATO) often have larger implications than breaches affecting individual accounts and can result in significant financial losses, reputational damage, and compromised sensitive business information. "In the…CSOONLINE.COM
17 AugCisco Unified Communications Manager Flaw Let Attacker Launch SQL Injection AttacksAn SQL injection vulnerability was discovered in the web-based management interface of Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME).  Cisco Unified CM is used for handling voice and vid…GBHACKERS.COM
17 AugCISA Publishes Plan For Remote Monitoring Tools After Nation-State, Ransomware ExploitationIn an announcement Wednesday, CISA said it worked with industry partners as part of the Joint Cyber Defense Collaborative (JCDC) to create a “clear roadmap to advance security and resilience of the RMM ecosystem.”THERECORD.MEDIA
17 AugNIST CSF, JTAG vs (OG) Xbox, Tricked Ya, Intel's Security, & Josh Debates Jeff - PSW #795In the Security News: You should read the NIST CSF, JTAG hacking the original Xbox, tricked into sharing your password, attacking power management software, the vulnerability is in the SDK, tearing apart printers to find vulnerabilities, a pain in the NAS, urllib.parse is vulnera…YOUTUBE.COM
17 AugDefending Public Infrastructure While At War - Antranig Vartanian - PSW #795The 2020 Armenian war with Azerbaijan called into action over 100 volunteer incident responders from across the country (and the globe) into action. Our guest for this segment was one of the leads during the 40-day conflict and helped organize teams that responded to everything f…YOUTUBE.COM
17 AugPlay Ransomware Found Using Security MSPs and N-Day Exploits to AttackThe Play ransomware group is targeting managed security service providers (MSSPs) to gain initial access and use up to a half-decade-old vulnerabilities in security appliances, warn security researchers with Adlumin.BANKINFOSECURITY.COM
17 AugNew Apple iOS 16 Exploit Enables Stealthy Cellular Access Under Fake Airplane ModeCybersecurity researchers have documented a novel post-exploit persistence technique on iOS 16 that could be abused to fly under the radar and main access to an Apple device even when the victim believes it is offline. The method "tricks the victim into thinking their device's Ai…THEHACKERNEWS.COM
17 AugNew LABRAT Campaign Exploits GitLab Flaw for Cryptojacking and Proxyjacking ActivitiesA new, financially motivated operation dubbed LABRAT has been observed weaponizing a now-patched critical flaw in GitLab as part of a cryptojacking and proxyjacking campaign. "The attacker utilized undetected signature-based tools, sophisticated and stealthy cross-platform malwar…THEHACKERNEWS.COM
17 AugCISA Releases Three Industrial Control Systems AdvisoriesCISA released three Industrial Control Systems (ICS) advisories on August 17, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-229-01 ICONICS and Mitsubishi Electric Products ICSA-23-229-03 Sch…CISA.GOV
17 AugRapid7 Says ROI for Ransomware Remains High; Zero-Day Usage ExpandsA new report from Rapid7 says a ransomware gang like Cl0p would easily be able to afford a bevy of zero-day exploits for vulnerable enterprise software. The post Rapid7 Says ROI for Ransomware Remains High; Zero-Day Usage Expands appeared first on SecurityWeek .SECURITYWEEK.COM
17 AugCisco Patches High-Severity Vulnerabilities in Enterprise ApplicationsCisco has patched high-severity vulnerabilities in enterprise applications that could lead to privilege escalation, SQL injection, and denial-of-service. The post Cisco Patches High-Severity Vulnerabilities in Enterprise Applications appeared first on SecurityWeek .SECURITYWEEK.COM
17 AugProjectDiscovery raises $25M to launch a cloud version of its threat-scanning platformProjectDiscovery, a platform that detects new, exploitable vulnerabilities in codebases, today announced that it raised $25 million in a Series A funding round led by CRV with participation from Point72, SignalFire, Rain Capital, Mango Capital, Accel and Lightspeed. ProjectDiscov…TECHCRUNCH.COM
17 AugNoFilter Attack: Sneaky Privilege Escalation Method Bypasses Windows SecurityA previously undetected attack method called NoFilter has been found to abuse the Windows Filtering Platform (WFP) to achieve privilege escalation in the Windows operating system. "If an attacker has the ability to execute code with admin privilege and the target is to perform LS…THEHACKERNEWS.COM
17 AugCisco Releases Security Advisories for Multiple ProductsCisco has released security advisories for vulnerabilities affecting multiple Cisco products. A cyber threat actor can exploit some of these vulnerabilities to take control of an affected system or cause a denial-of service condition. CISA encourages users and administrators to r…CISA.GOV
17 AugGoogle Brings AI Magic to Fuzz Testing With Eye-Opening ResultsGoogle sprinkles magic of generative-AI into its open source fuzz testing infrastructure and finds immediate success with code coverage. The post Google Brings AI Magic to Fuzz Testing With Eye-Opening Results appeared first on SecurityWeek .SECURITYWEEK.COM
17 AugWhy HHS Regulators Are Heavily Scrutinizing Web Tracker UseSusan Rhodes of HHS OCR Discusses HIPAA Enforcement Agency's Top Priorities The federal agency that enforces HIPAA is heavily focused on investigations of potential violations involving online tracking tools in healthcare websites that impermissibly transmit sensitive patient inf…DATABREACHTODAY.CO.UK
17 AugCryptohack Roundup: Argentina Investigates WorldCoinAlso: Milk Sad Vulnerability, FBI Forfeiture, X Crypto Scams This week's roundup of digital assets-related cybersecurity incidents includes Argentina's investigation into WorldCoin; hackers' exploitation of Libbitcoin; Zunami and RocketSwap; Curve Finance's compensation plans for…DATABREACHTODAY.CO.UK
17 AugManaging Threats, Reduce your Attack Surface, MDR Evolved - Randy Watkins, Richard Yew... - ESW #328The rapid growth of APIs used to build microservices in cloud-native architecture has left many enterprises in the dark when it comes to knowing where, how many, and what types of APIs they have. With multiple teams creating their own API endpoints without shared visibility or go…YOUTUBE.COM
17 AugAnimated Video on Buffer Overflow Attacks and DeGoogled Phonessubmitted by L4s to secops 1 points | 0 comments https://video.simplifiedprivacy.com/why-grapheneos-is-more-secure/ Animated Video on Buffer Overflow Attacks and DeGoogled Phones::undefinedVIDEO.SIMPLIFIEDPRIVACY.COM
📢 SECURITY ADVISORIES 5[−]
17 AugRussian Hackers Use Zulip Chat App for Covert C&C in Diplomatic Phishing AttacksAn ongoing campaign targeting ministries of foreign affairs of NATO-aligned countries points to the involvement of Russian threat actors. The phishing attacks feature PDF documents with diplomatic lures, some of which are disguised as coming from Germany, to deliver a variant of …THEHACKERNEWS.COM
17 AugCISA Releases Cyber Defense Plan to Reduce RMM Software RisksCISA has published a cyber defense plan outlining strategies to help critical infrastructure organizations reduce the risks associated with RMM software. The post CISA Releases Cyber Defense Plan to Reduce RMM Software Risks appeared first on SecurityWeek .SECURITYWEEK.COM
17 AugCISA and Election Security Partners Hold Tabletop the Vote Election Security ExerciseToday CISA hosted the nation’s largest annual election security exercise this week in close coordination with the National Association of Secretaries of State (NASS) and the National Association of State Election Directors (NASED).CISA.GOV
🔥 INCIDENT REPORTING 17[−]
17 AugRansomware: To Pay or Not to PayThe best strategy against ransomware attacks is a combination of robust defenses to protect assets and a focus on resilience and flexibility to minimize disruptions and respond effectively to incidents.HELPNETSECURITY.COM
17 AugPublic Sector Hit in Sudden Surge, Reveals New ReportA BlackBerry threat intelligence report revealed a 40% rise in cyberattacks against government and public service entities versus the previous quarter. This includes public transit, utilities, schools, and other government services we rely on daily.THEHACKERNEWS.COM
17 AugOngoing Hijacking Campaign Targets LinkedIn AccountsSeveral LinkedIn users have reported difficulties in recovering their hacked or locked-out accounts through LinkedIn support. Some claimed to have faced ransom demands or account deletion threats. In the past few months, according to Google Trends, there’s been a 5000% increase i…CYWARE.COM
17 AugMalvertisers up Their Game Against ResearchersThreat actors are using advanced cloaking techniques in malvertising campaigns to remain undetected and drop malware, making it more challenging for defenders to identify and report these incidents.MALWAREBYTES.COM
17 AugThe link between home, family and company securityIt’s no surprise that cyber criminals target high-profile individuals or those with access privilege. Malicious actors often use social engineering and whale phishing attacks against these people to breach systems. But households and family members of company executives may…SECURITYINTELLIGENCE.COM
17 AugThe Plan to Better Protect US Hospitals From RansomwareThe HHS' Advanced Research Projects Agency for Health (Arpa-H) launched an initiative to find and help fund the development of cybersecurity technologies that can specifically improve defenses for digital infrastructure in US health care.WIRED.COM
17 AugTransatlantic Cable podcast, episode 312 | Kaspersky official blogDiscover cybercriminal tactics targeting hacked websites for phishing schemes. Learn about AI-driven hiring tools, chatbots in HR, and the UK Electoral Commission's cyberattack on voter data.KASPERSKY.COM
17 AugTriple Extortion Ransomware and the Cybercrime Supply ChainRansomware attacks continue to grow both in sophistication and quantity. Learn more from Flare about ransomware operation's increasing shift to triple extortion. [...]BLEEPINGCOMPUTER.COM
17 AugCyber Criminals Attacking Web Services to Breach OrganisationsWeb servers are a prime target for threat actors due to their open and volatile nature. However, these servers must remain open to provide various web services to users. Web services that are provided on Windows servers by the Web servers include the following elements:- Cybersec…GBHACKERS.COM
17 AugChina-Linked Bronze Starlight Group Targeting Gambling Sector with Cobalt Strike BeaconsAn ongoing cyber attack campaign originating from China is targeting the Southeast Asian gambling sector to deploy Cobalt Strike beacons on compromised systems. Cybersecurity firm SentinelOne said the tactics, techniques, and procedures point to the involvement of a threat actor …THEHACKERNEWS.COM
17 Aug5 Types of Cyber Crime GroupsDiscover the five main types of cyber crime groups: access as a service, ransomware as a service, bulletproof hosting, crowd sourcing, and phishing as a service as well as tips to strengthen your defense strategy.TRENDMICRO.COM
17 AugBreach Roundup: Raccoon Stealer Makes a ComebackAlso: QR Codes Used in Phishing Campaign; Belarus ISPs Used for Spying This week, Raccoon Stealer returned, hackers used QR codes, Belarus ISPs were used to spy on diplomats, Geico reported a MOVEit breach, an Israeli hospital dealt with ransomware extortion, Clorox took systems …DATABREACHTODAY.CO.UK
17 AugMalware Is Turning Windows Machines Into ProxiesProxy App Is Covertly Installed Via Alluring Offers or Compromised Software Researchers say a proxy service is routing internet traffic through unsuspecting users' systems that it turns into residential exit nodes, luring them into downloading the proxy application through offers…DATABREACHTODAY.CO.UK
17 AugHackers ask $120,000 for access to multi-billion auction houseHackers have breached the network of a major auction house and offered access to whoever was willing to pay $120,000. [...]BLEEPINGCOMPUTER.COM
17 AugCheckPoint buys Perimeter81, SecureWorks Cuts 300 Jobs, and News from BlackHat - ESW #328In the enterprise security news, 1. Check Point buys Perimeter 81 to augment its cybersecurity 2. 2023 Layoff Tracker: SecureWorks Cuts 300 Jobs 3. Hackers Rig Casino Card-Shuffling Machines for ‘Full Control’ Cheating 4. ‘DoubleDrive’ attack turns Microsoft OneDrive into ransomw…YOUTUBE.COM
17 AugMicrosoft: BlackCat's Sphynx ransomware embeds Impacket, RemComMicrosoft has discovered a new version of the BlackCat ransomware that embeds the Impacket networking framework and the Remcom hacking tool, both enabling spreading laterally across a breached network. [...]BLEEPINGCOMPUTER.COM
17 AugiMenu360 - 3,425,860 breached accountsIn approximately late 2022, 3.4M customer records from iMenu360 ("The world's #1 most trusted online ordering platform") were exposed. The data appeared to be from ordering systems using the platform and contained email and physical addresses, latitudes and longitudes, …HAVEIBEENPWNED.COM
🕵️ THREAT INTELLIGENCE 22[−]
17 AugFindlargedir: Find all “blackhole” directories with a huge amount of filesystem entriesFindlargedir is a tool written to help quickly identify “black hole” directories on any filesystem having more than 100k entries in a single flat structure. When a directory has many entries (directories or files), getting a directory listing gets slower and slower, i…HELPNETSECURITY.COM
17 AugISC Stormcast For Thursday, August 17th, 2023 https://isc.sans.edu/podcastdetail/8620, (Thu, Aug 17th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
17 AugHeavy workloads driving IT professionals to resignA quarter of IT professionals are seriously contemplating leaving their current jobs within the next six months, potentially costing US companies upwards of 145 billion dollars, according to Ivanti. These statistics highlight the pressing need for organizations to relieve the bur…HELPNETSECURITY.COM
17 AugPDF Lures Aimed at NATO Countries Contain a Russian ClueOne of the PDFs delivered a variant of Duke, malware that has been linked to Russian state-sponsored cyber-espionage activities of APT29, also known as Nobelium, Cozy Bear, and The Dukes.THERECORD.MEDIA
17 AugHow Disjoined Threat Intelligence Limits Companies — And What to do About itThreat intelligence is more abundant than ever. The information defenders can use to hunt, prepare for and counter potential threats isn’t hard to find, but it is fragmented.CYBERSECURITYDIVE.COM
17 AugHackers Selling SMS Bomber Attack Tools on Underground ForumsIn the current world of cybersecurity, security threats are evolving at a rapid pace, as there are always new problems to deal with. Among the ever-evolving threats, SMS Bomber attacks are one of the modern attacks in the current threat landscape that can cause severe and adverse…GBHACKERS.COM
17 AugPhishers use QR codes to target companies in various industriesA phishing campaign using QR codes has been detected targeting various industries, with the aim to acquire Microsoft credentials. “The most notable target, a major Energy company based in the US, saw about 29% of the over 1000 emails containing malicious QR codes. Other top…HELPNETSECURITY.COM
17 AugGozi strikes again, targeting banks, cryptocurrency and moreIn the world of cybercrime, malware plays a prominent role. One such malware, Gozi, emerged in 2006 as Gozi CRM, also known as CRM or Papras. Initially offered as a crime-as-a-service (CaaS) platform called 76Service, Gozi quickly gained notoriety for its advanced capabilities. O…SECURITYINTELLIGENCE.COM
17 AugDetecting “Violations of Social Norms” in Text with AIResearchers are trying to use AI to detect “social norms violations.” Feels a little sketchy right now, but this is the sort of thing that AIs will get better at. (Like all of these systems, anything but a very low false positive rate makes the detection useless in pr…SCHNEIER.COM
17 AugCybersecurity M&A Roundup for August 1-15, 2023Twenty-five cybersecurity-related M&A deals were announced in the first half of August 2023. The post Cybersecurity M&A Roundup for August 1-15, 2023 appeared first on SecurityWeek .SECURITYWEEK.COM
17 AugFake Out: Disinformation Campaigns Get Generative AI BoostNation-States Running Information Operations Embrace AI-Generated Images and Video Hackers wielding generative artificial intelligence tools have yet to pose a serious cybersecurity risk, say researchers at Google's threat intelligence group Mandiant, as they sound the alarm inst…DATABREACHTODAY.CO.UK
17 AugThousands of Systems Turned Into Proxy Exit Nodes via MalwareThreat actors have been observed deploying a proxy application on Windows and macOS systems that were infected with malware. The post Thousands of Systems Turned Into Proxy Exit Nodes via Malware appeared first on SecurityWeek .SECURITYWEEK.COM
17 AugNews Alert: Cynomi study shows MSPs offering virtual CISO services to rise fivefold next yearTel Aviv, Israel, Aug. 17, 2023 — Cynomi , the leading AI-powered virtual Chief Information Security Officer (vCISO) platform vendor for Managed Service Providers (MSPs), Managed Security Service Providers (MSSPs) and consulting firms, has published the results of its first…LASTWATCHDOG.COM
17 AugDefending Public Infrastructure While At War | News - PSW7956:00pm ET - Antranig Vartanian 7:00pm ET - Security News This week, we start things off with an interview with Antranig Vartanian, CEO at illuria Security, Inc., about Defending Public Infrastructure While At War. Then we follow up with our security news for the week! →Full Show …YOUTUBE.COM
17 AugThousands of Android APKs use compression trick to thwart analysisThreat actors increasingly distribute malicious Android APKs (packaged app installers) that resist decompilation using unsupported, unknown, or heavily tweaked compression algorithms. [...]BLEEPINGCOMPUTER.COM
17 AugMalicious QR Codes Used in Phishing Attack Targeting US Energy CompanyA widespread phishing campaign utilizing malicious QR codes has hit organizations in various industries, including a major energy company in the US. The post Malicious QR Codes Used in Phishing Attack Targeting US Energy Company appeared first on SecurityWeek .SECURITYWEEK.COM
17 AugDefending Public Infrastructure While At War | News - PSW7956:00pm ET - Antranig Vartanian 7:00pm ET - Security News This week, we start things off with an interview with Antranig Vartanian, CEO at illuria Security, Inc., about Defending Public Infrastructure While At War. Then we follow up with our security news for the week! →Full Show …YOUTUBE.COM
17 AugMicrosoft PowerShell Gallery vulnerable to spoofing, supply chain attacksLax policies for package naming on Microsoft's PowerShell Gallery code repository allow threat actors to perform typosquatting attacks, spoof popular packages and potentially lay the ground for massive supply chain attacks. [...]BLEEPINGCOMPUTER.COM
17 AugPalo Alto, Versa, Fortinet, Cato Command SASE Forrester WaveProviders Build, Buy Their Way Into Native SD-WAN, SSE Capabilities Over Past Year Palo Alto Networks edged out Versa Networks, Cato Networks and firewall rival Fortinet for the top spot in Forrester's first-ever secure access service edge rankings. Leading providers have over th…DATABREACHTODAY.CO.UK
17 AugSEC Rule Sparks Reimagining of Cybersecurity OperationsThe U.S. SEC's new cybersecurity reporting rule mandates companies disclose their cybersecurity risk management processes in annual reports. The post SEC Rule Sparks Reimagining of Cybersecurity Operations appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
17 AugProjectDiscovery Lands $25M Investment for Cloud Security TechSan Francisco startup ProjectDiscovery has banked $25 million in early-stage financing as investors continue bet on cloud security vendors. The post ProjectDiscovery Lands $25M Investment for Cloud Security Tech appeared first on SecurityWeek .SECURITYWEEK.COM
17 AugAnonFiles shut down...submitted by OppositeOfOxymoron to securitynews 10 points | 0 comments https://cybernews.com/tech/anonfiles-shuts-down/ I guess we just can’t have nice things. The dumb part was relying on ads. There are privacy-focused crypto tokens out there.CYBERNEWS.COM
🌐 CYBER THREAT LANDSCAPE 9[−]
17 AugUnveiling the Sophisticated Statc StealerZscaler ThreatLabz detected and dissected Statc Stealer, a potent information-stealing malware targeting Windows systems. This C++-based malware effectively extracts sensitive data from popular web browsers, cryptocurrency wallets, and messaging apps like Telegram. To counteract …CYWARE.COM
17 AugGlobal IoT Trust Survey Reveals Security ConcernsA report, Circles of Trust 2023: Exploring Consumer Trust in the Digital Society, published by Utimaco, suggests only 14% of consumers view smart devices as secure, despite 38% using them.INFOSECURITY-MAGAZINE.COM
17 AugRaccoon Stealer Returns with New Evasion CapabilitiesAfter a 6-month hiatus, the developers behind the notorious Raccoon Stealer information-stealing malware have reintroduced version 2.3.0 to cybercriminal forums. Its enhanced features include a quick search tool, anti-suspicion measures against security-assisting bots, IP reporti…CYWARE.COM
17 AugLarge-Scale Campaign Delivers Proxy Server App to Make Systems Serve as Residential Exit NodesThe proxy application is silently installed by malware on infected systems without user knowledge or interaction, and it goes undetected by anti-virus software as it is signed.CYBERSECURITY.ATT.COM
17 AugFBI warns cryptocurrency app beta-testers of malware menaceAre you the kind of person who runs the beta-test versions of mobile apps before they are officially released? If so, the FBI is warning you to be on your guard. Read more in my article on the Hot for Security blog.BITDEFENDER.COM
17 AugHackers are Increasingly Hiding Within Services Such as Slack and Trello to Deploy MalwareAn analysis of more than 400 malware families deployed over the past two years found that at least a quarter of them abused legitimate internet services in some way as part of their infrastructure.CYBERSCOOP.COM
17 AugLinkedIn under attack, hackers seize accountsSecurity researchers have identified that a widespread LinkedIn hacking campaign has seen many users locked out of their accounts worldwide. Read more in my article on the Tripwire State of Security blog.TRIPWIRE.COM
🎙️ PODCASTS 1[−]
17 AugSmashing Security podcast #335: AI chat wars, and hacker passwords exposedAI chatbots are under fire in Las Vegas, the secrets of hackers’ passwords are put under the microscope, and Graham reveals (possibly) the greatest TV programme of all time. All this and more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity v…GRAHAMCLULEY.COM
📡 INFOSEC NEWS 17[−]
17 AugCommand Line Parsing - Are These Really Unique Strings?, (Thu, Aug 17th)There are occassions where data needs to cleaned prior to use. One example came to me while reviewing passwords submitted to one of my DShield honeypots. There appeared to be duplicate passwords, even when I attempted to export unique values from the command line. ISC.SANS.EDU
17 AugGoogle Introduces First Quantum Resilient FIDO2 Security Key ImplementationThe development comes less than a week after the tech giant said it plans to add support for quantum-resistant encryption algorithms in Chrome 116 to set up symmetric keys in TLS connections.THEHACKERNEWS.COM
17 AugA Third of UK University Students Targeted By FraudOne in three students at British universities encountered fraud attempts online last year, according to a new study from NatWest. A third of respondents said they’d encountered a scam over the previous 12 months.INFOSECURITY-MAGAZINE.COM
17 AugAWS Customers’ Most Common Security MistakeMisconfigurations play a central and persistent role in cyber intrusions. According to Google Cloud research released earlier this month, poor identity and access management is directly linked to more than 3 in 5 compromises in the cloud.CYBERSECURITYDIVE.COM
17 AugWhy You Need Continuous Network Monitoring?Changes in the way we work have had significant implications for cybersecurity, not least in network monitoring. Workers no longer sit safely side-by-side on a corporate network, dev teams constantly spin up and tear down systems, exposing services to the internet. Keeping track …THEHACKERNEWS.COM
17 AugCybercriminals Selling SMS Bomber Attack Tools on Underground ForumsThe underground market for SMS Bomber services is thriving, with various platforms offering attack services for a fee, highlighting the need for increased security measures in registration pages and APIs.SOCRADAR.IO
17 AugS3 Ep148: Remembering crypto heroesCelebrating the true crypto bros. Listen now (full transcript available).NAKEDSECURITY.SOPHOS.COM
17 AugInside the Rise of 'Dark' AI Tools - Scary, But Effective?WormGPT, DarkGPT and Their Ilk Underdelivered - or Were Scams, Researchers Report Various "dark" generative artificial intelligence tools purportedly help criminals more quickly amass victims. Guess what? They've all gone bust, if they weren't simply outright scams - in part beca…DATABREACHTODAY.CO.UK
17 AugNYC Finance Department Sent Every Employee Their Colleagues’ Personal InfoThe New York City’s tax collection agency accidentally shared the home addresses, cell phone numbers, and personal email addresses of more than 1,700 workers with all those employees.THECITY.NYC
17 AugWindows Task Manager refresh can be paused using CTRL keyA very useful and previously unknown Windows tip was revealed this week, where you can halt process jumping in Task Manager by holding down the Ctrl key on your keyboard, allowing easier access to a listed process. [...]BLEEPINGCOMPUTER.COM
17 AugStealthy LABRAT Operation Runs Cryptojacking and Proxyjacking Campaign Targeting GitLabThe Sysdig Threat Research Team (TRT) recently discovered a new, financially motivated operation, dubbed LABRAT. This operation set itself apart from others due to the attacker’s emphasis on stealth and defense evasion in their attacks.SYSDIG.COM
17 AugPhishing campaign steals accounts for Zimbra email servers worlwideAn ongoing phishing campaign has been underway since at least April 2023 that attempts to steal credentials for Zimbra Collaboration email servers worldwide. [...]BLEEPINGCOMPUTER.COM
17 AugKarma Catches Up to Global Phishing Service 16ShopYou've probably never heard of "16Shop," but there's a good chance someone using it has tried to phish you. Last week, the international police organization INTERPOL said it had shuttered the notorious 16Shop, a popular phishing-as-a-service platform launched in 2017 that made it…KREBSONSECURITY.COM
17 AugMass-spreading campaign targeting Zimbra usersESET researchers have observed a new phishing campaign targeting users of the Zimbra Collaboration email server.WELIVESECURITY.COM