🐛 COMMON VULNERABILITIES AND EXPOSURES 2[−]
18 AugMAR-10459736.r1.v1 WHIRLPOOL BackdoorNotification This report is provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained herein. The DHS does not endorse any commercial product or service referenced in…CISA.GOV
18 AugZenbleed: hardware vulnerability in AMD CPUs | Kaspersky official blogAMD CPU hardware vulnerability Zenbleed (CVE-2023-20593) explained in simple terms.KASPERSKY.COM
⚠️ VULNERABILITY DISCLOSURE 30[−]
18 AugDiscord.io exposes personal data of more than 760,000 usersA hacker gained access to Discord.io's database via a code vulnerabilityCSHUB.COM
18 AugA closer look at the new TSA oil and gas pipeline regulationsThe TSA has announced updates to its Security Directive (SD) to strengthen the operational resilience of oil and natural gas pipeline owners and operators against cyber-attacks. In this Help Net Security video, Chris Warner, OT Senior Security Consultant at GuidePoint Security, d…HELPNETSECURITY.COM
18 AugNew infosec products of the week: August 18, 2023Here’s a look at the most interesting products from the past week, featuring releases from Action1, MongoDB, Bitdefender, SentinelOne and Netskope. Action1 platform update bridges the gap between vulnerability discovery and remediation Action1 Corporation has released a new versi…HELPNETSECURITY.COM
18 AugSneaky 'NoFilter' Privilege Escalation Attack Bypasses Windows SecurityA previously undetected attack method called NoFilter has been found to abuse the Windows Filtering Platform (WFP) to achieve privilege escalation in the Windows operating system.THEHACKERNEWS.COM
18 AugCyber Security Today, August 18, 2023 -- CISA urges action on a Citrix File Share vulnerability, and moreThis episode reports on a hole in the naming policies of modules developers can put in Microsoft's PowerShell Gallery, lessons from a honeypot test and moreCYBERSECURITYTODAY.LIBSYN.COM
18 Aug KEVNew CISO appointments 2023The upper ranks of corporate security are seeing a high rate of change as companies try to adapt to the evolving threat landscape. Many companies are hiring a chief security officer (CSO) or chief information security officer (CISO) for the first time to support a deeper commitme…CSOONLINE.COM
18 AugNew Apple iOS 16 Exploit Enables Stealthy Cellular Access Under Fake Airplane ModeCybersecurity researchers have documented a novel post-exploit persistence technique on iOS 16 that could be abused to fly under the radar and maintain access to an Apple device even when the victim believes it is offline.THEHACKERNEWS.COM
18 AugWhat you need to know about protecting your data across the hybrid cloudThe adoption of hybrid cloud environments driving business operations has become an ever-increasing trend for organizations. The hybrid cloud combines the best of both worlds, offering the flexibility of public cloud services and the security of private on-premises infrastructure…SECURITYINTELLIGENCE.COM
18 AugHackers Ask $120,000 for Access to Multi-Billion Auction HouseResearchers at threat intelligence company Flare poured through three months of IAB offers on the Russian-language hacker forum Exploit to better understand who they target, their ask prices, and who are the most active.BLEEPINGCOMPUTER.COM
18 AugBots Are Better than Humans at Solving CAPTCHAsInteresting research: “ An Empirical Study & Evaluation of Modern CAPTCHAs “: Abstract: For nearly two decades, CAPTCHAS have been widely used as a means of protection against bots. Throughout the years, as their use grew, techniques to defeat or bypass CAPTCHAS h…SCHNEIER.COM
18 AugNew BlackCat Ransomware Variant Adopts Advanced Impacket and RemCom ToolsMicrosoft on Thursday disclosed that it found a new version of the BlackCat ransomware (aka ALPHV and Noberus) that embeds tools like Impacket and RemCom to facilitate lateral movement and remote code execution. "The Impacket tool has credential dumping and remote service executi…THEHACKERNEWS.COM
18 AugSecurity Basics Aren’t So Basic — They’re HardFundamental defenses — identity and access management, MFA, memory-safe languages, patching and vulnerability management — are lacking or nonexistent across the economy, according to cybersecurity experts.CYBERSECURITYDIVE.COM
18 AugArtificial Airplane Mode – New iOS 16 Hack Blocks All Apps Except Attackers OnlineThe Airplane mode in smartphones ensures safe device use on flights, as this feature prevents interference with critical flight systems by deactivating all the wireless functions of the smartphone. Besides this, the Airplane Mode’s role extends beyond travel, serving as: Re…GBHACKERS.COM
18 AugCompanies Respond to ‘Downfall’ Intel CPU VulnerabilitySeveral major companies have published advisories in response to the Downfall vulnerability affecting Intel CPUs. The post Companies Respond to ‘Downfall’ Intel CPU Vulnerability appeared first on SecurityWeek .SECURITYWEEK.COM
18 Aug14 Suspected Cybercriminals Arrested Across Africa in Coordinated CrackdownA coordinated law enforcement operation across 25 African countries has led to the arrest of 14 suspected cybercriminals, INTERPOL announced Friday. The exercise, conducted in partnership with AFRIPOL, enabled investigators to identify 20,674 cyber networks that were linked to fi…THEHACKERNEWS.COM
18 AugThe Vulnerability of Zero Trust: Lessons from the Storm 0558 HackWhile IT security managers in companies and public administrations rely on the concept of Zero Trust, APTS (Advanced Persistent Threats) are putting its practical effectiveness to the test. Analysts, on the other hand, understand that Zero Trust can only be achieved with comprehe…THEHACKERNEWS.COM
18 AugBloomberg Reports: Stealth QR Code Phishing Attack On Major US Energy CompanyDuring my two years as the CEO of a Public Company , Bloomberg became one of my go-to sources for financial news. I am still subscribed and today found an interesting story from Drake Bennett in New York.KNOWBE4.COM
18 AugJenkins Patches High-Severity Vulnerabilities in Multiple PluginsJenkins has announced patches for high and medium-severity vulnerabilities impacting several of the open source automation tool’s plugins. The post Jenkins Patches High-Severity Vulnerabilities in Multiple Plugins appeared first on SecurityWeek .SECURITYWEEK.COM
18 AugJuniper Releases Security Advisory for Multiple Vulnerabilities in Junos OSJuniper has released a security advisory to address vulnerabilities in Junos OS on SRX Series and EX Series. A remote cyber threat actor could exploit these vulnerabilities to cause a denial-of service condition. CISA encourages users and administrators to review Juniper’s Suppor…CISA.GOV
18 AugEdge Ecosystem in Healthcare, Active Directory Modernization, Security Data Pipelines ... - ESW #328As more organizations explore edge computing, understanding the entire ecosystem is paramount for bolstering security and resiliency, especially within a critical industry like healthcare. In this segment, Theresa Lanowitz, Head of Cybersecurity Evangelism at AT&T Business, w…YOUTUBE.COM
18 AugInterpol arrests 14 suspected cybercriminals for stealing $40 millionAn international law enforcement operation led by Interpol has led to the arrest of 14 suspected cybercriminals in an operation codenamed 'Africa Cyber Surge II,' launched in April 2023. [...]BLEEPINGCOMPUTER.COM
18 AugInterpol Arrests 14 Suspected Cybercriminals for Stealing $40 MillionAn international law enforcement operation led by Interpol has led to the arrest of 14 suspected cybercriminals in an operation codenamed 'Africa Cyber Surge II,' launched in April 2023.BLEEPINGCOMPUTER.COM
18 AugWinRAR flaw lets hackers run programs when you open RAR archivesA high-severity vulnerability has been fixed in WinRAR, the popular file archiver utility for Windows used by millions, that can execute commands on a computer simply by opening an archive. [...]BLEEPINGCOMPUTER.COM
18 AugFrom reactive to proactive: The next evolution of threat intelligenceAs the world becomes increasingly digital, the need for cyber threat intelligence (CTI) is growing in parallel. Current estimations project that 120 zettabytes of data will be created, captured, copied, and consumed worldwide in 2023. From that wealth of information, Microsoft tr…CSOONLINE.COM
18 AugCyber Security Today, Week in Review for Friday, August 18, 2023This episode features a discussion on a report into the successes of the Lapsus$ extortion gang, a ransomware attack against a Canadian non-profit, a vulnerability in the WiFi module of the infotainment system of some Ford vehicles and whether governments should mandate minimum c…CYBERSECURITYTODAY.LIBSYN.COM
18 AugPrevention First: Don’t Neglect Endpoint SecurityWhile there is a lot of talk now about the capabilities of MDR (Managed Detection and Response) and XDR (Extended Detection and Response) in security, it is essential for organizations to remember that prevention comes first. That means critical endpoint protection can't be overl…CSOONLINE.COM
18 AugCrowdStrike, Google, Recorded Future Lead Threat Intel WaveKaspersky Falls From Leaderboard as Deliberate Decision Made to Nix Russian Firms Recorded Future has joined CrowdStrike and Google atop Forrester's external threat intelligence services rankings, while Kaspersky tumbled from the leaders category. Leading threat intelligence prov…DATABREACHTODAY.CO.UK
18 AugBlackCat Ransomware Variant Incorporates Impacket, RemComVersion Uses Open-Source Communication Framework Tool for Lateral Movement Microsoft identified a new variant of BlackCat ransomware malware that uses an open-source communication framework tool to facilitate lateral movement. BlackCat, also known as Alphv, is a Russian-speaking …DATABREACHTODAY.CO.UK
18 AugHW Security Keys - 2023 - State of Tech?submitted by nickwitha_k to cybersecurity 7 points | 4 comments Hello all! I’m wondering what folks who are more involved with infosec and have their fingers on the pulse are thinking for best devices and practices at this time. From my perspective, modern computing has made MFA …INFOSEC.PUB
📢 SECURITY ADVISORIES 4[−]
18 AugFederal agencies gear up for zero trust executive order deadlineFederal agencies are prepared to meet the zero trust executive order requirements from the Biden Administration with just over a year until the deadline, according to Swimlane. The research investigated the confidence level of these agencies in meeting the memorandum’s requ…HELPNETSECURITY.COM
18 AugFederally Insured Credit Unions Required to Report Cyber Incidents Within 3 DaysThe National Credit Union Administration is requiring all federally insured credit unions to report cyber incidents within 72 hours of discovery. The post Federally Insured Credit Unions Required to Report Cyber Incidents Within 3 Days appeared first on SecurityWeek .SECURITYWEEK.COM
🔥 INCIDENT REPORTING 9[−]
18 AugBanks Defending Their Right to Security are Missing the Point About Consumer TrustWhen businesses override a customer's security decision, does it make them fully liable when a breach occurs? That's a question banks like those in Singapore need to consider before they roll out their next security feature.ZDNET.COM
18 AugUpdate: Suncor CEO Says Company Mostly Recovered From June CyberattackSuncor Energy executives said the Canadian energy giant has recovered most of its normal operations since a June cyberattack. But the incident was serious, executives said, and Suncor learned significant lessons.CYBERSECURITYDIVE.COM
18 AugMicrosoft Warns of BlackCat's New 'Sphynx' Ransomware VariantMicrosoft has discovered a new version of the BlackCat ransomware that embeds the Impacket networking framework and the Remcom hacking tool, both enabling spreading laterally across a breached network.BLEEPINGCOMPUTER.COM
18 AugCleveland City School District Suffers Ransomware AttackCleveland City Schools say they are dealing with the aftermath of a ransomware attack Tuesday. They say less than 5% of faculty and staff devices were affected. A CCS spokesperson says their printers are down.NEWSCHANNEL9.COM
18 AugCatching up With Wooflocker, the Most Elaborate Traffic Redirection Scheme to Tech Support ScamsThe WoofLocker tech support scam campaign, which was first discovered in 2020, is still active and has evolved to become more sophisticated. The campaign relies on compromised websites to distribute its malicious code, with a focus on adult websites.MALWAREBYTES.COM
18 AugBehind WoofLocker: Long-running Traffic Diversion SchemeThe long-standing WoofLocker tech support scam campaign, initiated in 2017, remains active with enhanced resilience as it employs a unique traffic redirection approach on compromised websites. Redirecting targeted users to a fake virus warning browser locker screen, WoofLocker ha…CYWARE.COM
18 AugCuba Ransomware Armed with New Weapons to Attack U.S InfrastructureThe Cuba ransomware seems to be gaining more pace with each passing year, and this ransomware has been operating and active since 2019. Until now, the operators of the Cuba ransomware have executed several high-profile attacks to target many industries and sectors. Besides this, …GBHACKERS.COM
18 AugThe Shifting Dynamics of Cyber InsuranceErik Decker of Intermountain Healthcare on Cyber Insurance Renewal Strategies The cyber insurance landscape has evolved significantly over the last 10 to 15 years. Initially, renewals were relatively straightforward, but with the rise of cyberthreats such as ransomware, the marke…DATABREACHTODAY.CO.UK
18 AugThe Week in Ransomware - August 18th 2023 - LockBit on Thin IceWhile there was quite a bit of ransomware news this week, the highlighted story was the release of Jon DiMaggio's third article in the Ransomware Diaries series, with the focus of this article on the LockBit ransomware operation. [...]BLEEPINGCOMPUTER.COM
🕵️ THREAT INTELLIGENCE 20[−]
18 Aug30% of phishing threats involve newly registered domainsPhishing remains the most dominant and fastest growing internet crime, largely due to the ubiquity of email and the ceaseless issue of human error that is preyed upon by today’s threat actors, according to Cloudflare. While business email compromise (BEC) losses have topped $50 b…HELPNETSECURITY.COM
18 AugISC Stormcast For Friday, August 18th, 2023 https://isc.sans.edu/podcastdetail/8622, (Fri, Aug 18th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
18 AugReinventing OT security for dynamic landscapesFrom understanding the challenges of disparate OT protocols and the increasing convergence with IT to grappling with the monumental role of human error, our latest interview with Rohit Bohara, CTO at asvin, delves deep into the landscape of OT security. As cloud solutions gain pr…HELPNETSECURITY.COM
18 AugZimbra users in Europe, Latin America face phishing threatESET researchers have uncovered a mass-spreading phishing campaign aimed at collecting Zimbra account users’ credentials. Zimbra Collaboration is an open-core collaborative software platform, a popular alternative to enterprise email solutions. About the Zimbra phishing campaign …HELPNETSECURITY.COM
18 Aug4 ways simulation training alleviates team burnoutBurnout is endemic in the cybersecurity industry, damaging the mental and physical health of cyber professionals and leaving organizations underskilled, understaffed, and overexposed to cyber risk as security leaders and team members leave for more promising career opportunities …HELPNETSECURITY.COM
18 AugReport: 30% of Phishing Threats Involve Newly Registered DomainsPhishing remains the most dominant and fastest-growing internet crime, largely due to the ubiquity of email and the ceaseless issue of human error that is preyed upon by today’s threat actors, according to Cloudflare.HELPNETSECURITY.COM
18 AugChinese Hackers Accused of Targeting Southeast Asian Gambling SectorHackers based in China are targeting the gambling sector across Southeast Asia in a campaign that researchers say is closely related to data collection and surveillance operations identified earlier this year.THERECORD.MEDIA
18 AugIsrael, US to Invest $4 Million in Critical Infrastructure Security ProjectsIsrael and US government agencies have announced plans to invest close to $4 million in projects to improve the security of critical infrastructure systems. The post Israel, US to Invest $4 Million in Critical Infrastructure Security Projects appeared first on SecurityWeek .SECURITYWEEK.COM
18 AugStealthy ‘LabRat’ Campaign Abuses TryCloudflare to Hide InfrastructureThe ‘LabRat’ cryptomining and proxyjacking operation relies on signature-based tools and stealthy cross-platform malware, and abuses TryCloudflare to hide its C&Cs. The post Stealthy ‘LabRat’ Campaign Abuses TryCloudflare to Hide Infrastructure appeared first on …SECURITYWEEK.COM
18 AugThe Number of MSPs Offering Virtual CISO Services Will Grow Fivefold By Next Year: Cynomi StudyCynomi, the leading AI-powered virtual Chief Information Security Officer (vCISO) platform vendor for Managed Service Providers (MSPs), Managed Security Service Providers (MSSPs) and consulting firms, has published the results of its first annual report, “The State of the Virtual…GBHACKERS.COM
18 AugIn Other News: US Hacking China, Unfixed PowerShell Gallery Flaws, Free Train TicketsWeekly cybersecurity news roundup that provides a summary of noteworthy stories that might have slipped under the radar for the week of August 14, 2023. The post In Other News: US Hacking China, Unfixed PowerShell Gallery Flaws, Free Train Tickets appeared first on SecurityWeek .SECURITYWEEK.COM
18 AugNorth Korea Nabs $200M in Crypto Theft So Far In 2023DPRK Hackers Likely Won't Match 2022 Record But Remain Formidable Thieves North Korea is on track to have a middling year of cryptocurrency theft despite Pyongyang's constant demand for ready cash. Hackers deployed by the totalitarian regime have stolen $200 million in cryptocurr…DATABREACHTODAY.CO.UK
18 AugDilithium, Africa, Suse, Citrix, QR, AI, & More News - SWN #319Elon Throttling, Dilithium, Africa, Suse, Citrix, QR Codes, AI Meetings, and More on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-319YOUTUBE.COM
18 AugCloaked Malvertising: Unmasking Complex Fingerprinting and Evading DetectionMalwarebytes Labs identified a new trend in malvertising campaigns that use advanced cloaking techniques to evade detection. Threat actors are targeting the users of popular IT programs by creating malicious ads displayed on Google search results. To safeguard against ever-evolvi…CYWARE.COM
18 AugISMG Editors: Lessons Learned From the Lapsus$ Crime GroupAlso: Highlights from BlackHat 2023; Latest Cybersecurity M&A Activity In the latest weekly update, ISMG editors discuss important cybersecurity and privacy issues including highlights of interviews at Black Hat 2023, lessons learned from the success of the Lapsus$ cybercrime…DATABREACHTODAY.CO.UK
18 AugMass Phishing Campaign Targets Zimbra Users WorldwideTargets Include Small and Medium Businesses and Government Agencies Threat actors are on a phishing spree targeting users of Zimbra Collaboration email suite, in particular small and medium businesses and government agencies. Security firm Eset on Thursday revealed the ongoing ca…DATABREACHTODAY.CO.UK
18 AugFriday Squid Blogging: Squid Brand Fish SauceSquid Brand is a Thai company that makes fish sauce : It is part of Squid Brand’s range of “personalized healthy fish sauces” that cater to different consumer groups, which include the Mild Fish Sauce for Kids and Mild Fish Sauce for Silver Ages. It also has a V…SCHNEIER.COM
18 AugBSidesLV 2023 - I am the cavalrysubmitted by ashar to security_cpe 3 points | 0 comments https://bsideslv.org/schedule#IATC video recordings: Livestream BSides LV 2023 - I am the Calvary - Tuesday Livestream BSides LV 2023 - I am the Calvary - Wednesday BSidesLV IATC 2023 Schedule BSides LV Website The Cavalry …BSIDESLV.ORG
18 AugI Am The Cavalry 2022 - BSidesLV - 10 videossubmitted by ashar to security_cpe 2 points | 0 comments https://youtube.com/playlist?list=PLjpIlpOLoRNTdZqdr-jR9sa8niVSy4pPf Playlist BSLV22_IAmTheCavalry 10 videosYOUTUBE.COM
18 AugShort session expiration does not help securitysubmitted by canpolat to security 12 points | 2 comments https://www.sjoerdlangkemper.nl/2023/08/16/session-timeout/SJOERDLANGKEMPER.NL
🌐 CYBER THREAT LANDSCAPE 4[−]
18 AugGoogle Chrome's New Feature Alerts Users About Auto-Removal of Malicious ExtensionsGoogle has announced plans to add a new feature in the upcoming version of its Chrome web browser to alert users when an extension they have installed has been removed from the Chrome Web Store. The feature, set for release alongside Chrome 117, allows users to be notified when a…THEHACKERNEWS.COM
18 AugThousands of Android APKs Use Compression Trick to Thwart AnalysisThe main advantage of this approach is to evade detection by security tools using static analysis and hamper examination by researchers, delaying the development of an in-depth understanding of how an Android malware strain works.BLEEPINGCOMPUTER.COM
🎙️ PODCASTS 1[−]
18 AugUsing AI to Separate the Good Signals From the BadIn this episode of CyberEd.io's podcast series "Cybersecurity Insights," Oliver Tavakoli, CTO at Vectra AI, discusses ways that discriminative AI technology can filter out all of the noise from the massive volume of alerts from a portfolio of cybersecurity tools.DATABREACHTODAY.CO.UK
📡 INFOSEC NEWS 18[−]
18 AugSecurity Awareness Matters: How to Build Awareness that Transforms Culture and Reduces RiskDATABREACHTODAY.CO.UK
18 AugInnovative QR Code Phishing Scheme Hits U.S. Energy FirmCofense detected a significant phishing campaign that employed QR codes to target Microsoft credentials across various industries. Among the targets, a major U.S.-based energy company stood out, with around 29% of over 1,000 malicious QR code emails directed at it. Organizations …CYWARE.COM
18 AugWhy DORA Makes Operational Resilience a Priority For Financial Services Organisations?DATABREACHTODAY.CO.UK
18 AugFederal Judge Inclined to Grant Claims in Meta Pixel CaseThe consolidated proposed class action lawsuit filed last year alleges that Facebook and Instagram parent Meta violated privacy laws by obtaining the sensitive data of millions of patients through its web tracking Pixel tool.BANKINFOSECURITY.COM
18 AugFrom a Zalando Phishing to a RAT, (Fri, Aug 18th)Phishing remains a lucrative threat. We get daily emails from well-known brands (like DHL, PayPal, Netflix, Microsoft, Dropbox, Apple, etc). Recently, I received a bunch of phishing emails targeting Zalando customers. Zalando is a German retailer of shoes, fashion across Europe. …ISC.SANS.EDU
18 AugGerman Police Warn of Increased Foreign Cybercrime ThreatIn a report published on Wednesday, the Federal Criminal Police Office of Germany, or BKA, said the country had recorded 136,865 cases of cybercrime in 2022, resulting in an estimated loss of 203 billion euros.BANKINFOSECURITY.COM
18 AugMass-Spreading Campaign Targeting Zimbra UsersESET researchers have discovered a widespread phishing campaign targeting users of the Zimbra Collaboration email server. The campaign, which has been active since April 2023, aims to collect Zimbra account users' credentials.WELIVESECURITY.COM
18 AugNew Wave of Attack Campaign Targeting Zimbra Email Users for Credential TheftA new "mass-spreading" social engineering campaign is targeting users of the Zimbra Collaboration email server with an aim to collect their login credentials for use in follow-on operations. The activity, active since April 2023 and still ongoing, targets a wide range of small an…THEHACKERNEWS.COM
18 AugEndpoint Security Challenges in Manufacturing and Strategies to Alleviate Associated RisksDATABREACHTODAY.CO.UK
18 AugOur Health Care System May Soon Receive A Much Needed Cybersecurity BoostPACKETSTORMSECURITY.COM
18 AugThe Current Security State of Private 5G NetworksPrivate 5G networks offer businesses enhanced security, reliability, and scalability. Learn more about why private 5G could be the future of secure networking.TRENDMICRO.COM
18 AugHotmail email delivery fails after Microsoft misconfigures DNSHotmail users worldwide have problems sending emails, with messages flagged as spam or not delivered after Microsoft misconfigured the domain's DNS SPF record. [...]BLEEPINGCOMPUTER.COM
18 AugOngoing Phishing Campaign Targets Zimbra CredentialsESET uncovered an ongoing phishing campaign targeting Zimbra Collaboration users, aiming to harvest their Zimbra account credentials. The phishing emails lure victims by posing as email server updates, account deactivations, or similar issues, and directing them to click on an at…CYWARE.COM
18 AugEvacuation of 30,000 hackers – Week in security with Tony AnscombeDEF CON, the annual hacker convention in Las Vegas, was interrupted on Saturday evening when authorities evacuated the event's venue due to a bomb threatWELIVESECURITY.COM
18 AugDEF CON 31: US DoD urges hackers to go and hack ‘AI’The limits of current AI need to be tested before we can rely on their outputWELIVESECURITY.COM