131Articles
8Categories
2023-08-21Date
🚨 CISA KEV 1[−]
21 Aug KEVCISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2023-26359 Adobe ColdFusion Deserialization of Untrusted Data Vulnerability These types of vulnerabilities are frequent attack vectors for malicious…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 26[−]
21 AugWinRAR vulnerable to remote code execution, patch now! (CVE-2023-40477)RARLAB has fixed a high-severity RCE vulnerability (CVE-2023-40477) in the popular file archiver tool WinRAR. About CVE-2023-40477 A widely used Windows-only utility, WinRAR can create and extract file archives in various compression formats (RAR, ZIP, CAB, ARJ, LZH, TAR, GZip, U…HELPNETSECURITY.COM
21 AugCuba Ransomware Expands Horizons: New Industries, New ToolsThe Cuba ransomware group has been seen deploying a comprehensive toolset. The criminals used a couple of exploits - Veeam Backup & Replication vulnerability (CVE-2023-27532) and the ZeroLogon bug (CVE-2020-1472) against critical Infrastructure sector in the U.S. and Latin Am…CYWARE.COM
21 AugNew WinRAR Vulnerability Could Allow Hackers to Take Control of Your PCA high-severity security flaw has been disclosed in the WinRAR utility that could be potentially exploited by a threat actor to achieve remote code execution on Windows systems. Tracked as CVE-2023-40477 (CVSS score: 7.8), the vulnerability has been described as a case of imprope…THEHACKERNEWS.COM
21 AugChromium: CVE-2023-2312 Use after free in OfflineThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
21 AugChromium: CVE-2023-4349 Use after free in Device Trust ConnectorsThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
21 AugChromium: CVE-2023-4350 Inappropriate implementation in FullscreenThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
21 AugChromium: CVE-2023-4351 Use after free in NetworkThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
21 AugChromium: CVE-2023-4352 Type Confusion in V8This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
21 AugChromium: CVE-2023-4353 Heap buffer overflow in ANGLEThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
21 AugChromium: CVE-2023-4354 Heap buffer overflow in SkiaThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
21 AugChromium: CVE-2023-4355 Out of bounds memory access in V8This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
21 AugChromium: CVE-2023-4356 Use after free in AudioThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
21 AugChromium: CVE-2023-4357 Insufficient validation of untrusted input in XMLThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
21 AugChromium: CVE-2023-4358 Use after free in DNSThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
21 AugChromium: CVE-2023-4359 Inappropriate implementation in App LauncherThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
21 AugChromium: CVE-2023-4360 Inappropriate implementation in ColorThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
21 AugChromium: CVE-2023-4361 Inappropriate implementation in AutofillThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
21 AugChromium: CVE-2023-4362 Heap buffer overflow in Mojom IDLThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
21 AugChromium: CVE-2023-4363 Inappropriate implementation in WebShareThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
21 AugChromium: CVE-2023-4364 Inappropriate implementation in Permission PromptsThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
21 AugChromium: CVE-2023-4365 Inappropriate implementation in FullscreenThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
21 AugChromium: CVE-2023-4366 Use after free in ExtensionsThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
21 AugChromium: CVE-2023-4367 Insufficient policy enforcement in Extensions APIThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
21 AugChromium: CVE-2023-4368 Insufficient policy enforcement in Extensions APIThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
21 AugWinRAR users urged to upgrade to fix critical vulnerabilitiesUsers are advised to upgrade their WinRAR installations to fix two high-severity flaws that attackers could exploit to execute arbitrary code. The RAR archive format, which is associated with WinRAR, has been abused and exploited by cybercriminals before due to its long history o…CSOONLINE.COM
21 AugCVE Report for Damn Vulnerable Web Application (DVWA)submitted by mike to cybersecurity 3 points | 3 comments https://nvd.nist.gov/vuln/detail/CVE-2023-39848#VulnChangeHistorySection In case you need a quick laugh, have a look at this CVE report. For context: quote DVWA Repo : Damn Vulnerable Web Application (DVWA) is a PHP/MySQL w…NVD.NIST.GOV
⚠️ VULNERABILITY DISCLOSURE 24[−]
21 AugHow EU lawmakers can make mandatory vulnerability disclosure responsibleThere is a standard playbook and best practice for when an organization discovers or is notified about a software vulnerability: The organization works quickly to fix the problem and, once a fix is available, discloses that vulnerability for the benefit of the community. This pla…HELPNETSECURITY.COM
21 AugCisco Patches High-Severity Vulnerabilities in Enterprise ApplicationsLast week, Cisco announced security updates for several enterprise applications to patch high-severity vulnerabilities leading to privilege escalation, SQL injection, directory traversal, and denial-of-service (DoS).SECURITYWEEK.COM
21 AugFour Juniper Junos OS Flaws can be Chained to Remotely Hack DevicesJuniper Networks has released an “out-of-cycle” security update to address four vulnerabilities in the J-Web component of Junos OS. The vulnerabilities could be chained to achieve remote code execution on vulnerable appliances.SECURITYAFFAIRS.COM
21 AugTasks that bog down security teams (and what to do about them)Most CISOs know the challenges that come with budget and staffing constraints, and they don't see them going away anytime soon. Recent research supports their concern -- Proofpoint's 2023 Voice of the CISO report found that 58% of global CISOs surveyed said the economic downturn …CSOONLINE.COM
21 AugAre you prepared for the rise of the artificial intelligence CISO?If one were to solicit a list of the developments most often on the mind of CISOs, AI would certainly be near the top and will continue to be for years to come. After all, there is clear evidence that CISOs and cybersecurity professionals more broadly simultaneously see immense r…CSOONLINE.COM
21 AugTesla Discloses Data Breach Related to Whistleblower LeakTesla has disclosed a data breach impacting 75,000 people, but it’s a result of a whistleblower leak, not a malicious cyberattack. The post Tesla Discloses Data Breach Related to Whistleblower Leak appeared first on SecurityWeek .SECURITYWEEK.COM
21 AugFighting API Bots with Cloudflare's Invisible TurnstilePresently sponsored by: Unpatched devices keeping you up at night? Kolide can get your entire fleet updated in days. It's Device Trust for Okta. Watch the demo! There's a "hidden" API on HIBP. Well, it's not "hidden" insofar as it's easily disco…TROYHUNT.COM
21 AugHow EU Lawmakers Can Make Mandatory Vulnerability Disclosure ResponsibleRequiring companies to report unpatched vulnerabilities before adequate fixes could potentially lead to information misuse and make organizations and EU citizens less secure.HELPNETSECURITY.COM
21 AugCybersecurity Study Reveals Web App Vulnerability CrisisA recent cybersecurity study has brought to light a concerning vulnerability crisis affecting web applications. A substantial 74% of assets housing personally identifiable information (PII) as susceptible to well-known significant exploits.INFOSECURITY-MAGAZINE.COM
21 AugFlaws in Juniper Switches and Firewalls Can Be Chained for Remote Code ExecutionJuniper Networks has released Junos OS updates to address J-Web vulnerabilities that can be combined to achieve unauthenticated, remote code execution. The post Flaws in Juniper Switches and Firewalls Can Be Chained for Remote Code Execution appeared first on SecurityWeek .SECURITYWEEK.COM
21 AugGoogle Brings AI Magic to Fuzz Testing With Eye-Opening ResultsGoogle added generative AI technology to its OSS-FUZZ project (a free service that runs fuzzers for open-source projects) and discovered a massive improvement in code coverage when LLMs are used to create new fuzz targets.SECURITYWEEK.COM
21 AugUS Gov Warns of Foreign Intelligence Cyberattacks Against US Space IndustryThe FBI, NCSC, and AFOSI warn US space industry organizations of foreign intelligence targeting and exploitation, including cyberattacks. The post US Gov Warns of Foreign Intelligence Cyberattacks Against US Space Industry appeared first on SecurityWeek .SECURITYWEEK.COM
21 AugJapanese watchmaker Seiko breached by BlackCat ransomware gangThe BlackCat/ALPHV ransomware gang has added Seiko to its extortion site, claiming responsibility for a cyberattack disclosed by the Japanese firm earlier this month. [...]BLEEPINGCOMPUTER.COM
21 AugWhy Managed File Transfer Products Are a Hacker's ParadiseJohn Dwyer of IBM Security X-Force on Using Predictive Threat Intelligence This year's massive exploitation of managed file transfer products such as Fortra's GoAnywhere and Progress Software's MOVEit proves that MFTs are a hacker's paradise. Research by John Dwyer of IBM Securit…DATABREACHTODAY.CO.UK
21 Aug KEVIvanti warns of new actively exploited MobileIron zero-day bugUS-based IT software company Ivanti warned customers today that a critical Sentry API authentication bypass vulnerability is being exploited in the wild. [...]BLEEPINGCOMPUTER.COM
21 AugCISA, NSA, and NIST Publish Factsheet on Quantum ReadinessToday, the Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA) and National Institute of Standards and Technology (NIST) released a joint factsheet, Quantum-Readiness: Migration to Post-Quantum Cryptography (PQC), to inform organizations—especi…CISA.GOV
21 AugRansomware Attacks Trends/Impacts & Using Generative AI to Up Your Cyberdefenses - BSW #317Ransomware-as-a-Service has contributed to a steady rise in sophisticated ransomware attacks. Ransomware authors are increasingly staying under the radar by launching encryption-less attacks which involve large volumes of data exfiltration. Organizations must move away from using…YOUTUBE.COM
21 AugIvanti Ships Urgent Patch for API Authentication Bypass VulnerabilityA critical-severity vulnerability in the Ivanti Sentry (formerly MobileIron Sentry) product exposes sensitive API data and configurations. The post Ivanti Ships Urgent Patch for API Authentication Bypass Vulnerability appeared first on SecurityWeek .SECURITYWEEK.COM
21 AugNews Alert: airSlate partners with Forthright to launch automated business-efficiency, workflow toolBoston, Mass, Aug. 22, 2023 – airSlate , a leader in document workflow automation solutions, today announced the launch of QuickStart in collaboration with partner Forthright Technology Providers , a leading provider of user-centric IT solutions and services. The comprehensive &#…LASTWATCHDOG.COM
21 AugmTLS: When certificate authentication is done wrongsubmitted by L4s to secops 3 points | 0 comments https://github.blog/2023-08-17-mtls-when-certificate-authentication-is-done-wrong/ mTLS: When certificate authentication is done wrong::In this post, we’ll deep dive into some interesting attacks on mTLS authentication. We’ll have …GITHUB.BLOG
21 AugVulnerability Summary for the Week of August 14, 2023submitted by Lanky_Pomegranate530 to cybersecurity 11 points | 1 comments https://www.cisa.gov/news-events/bulletins/sb23-233CISA.GOV
21 AugFord SYNC 3 infotainment vulnerable to Wi-Fi hijackingsubmitted by c0mmando to netsec 33 points | 0 comments https://go.theregister.com/feed/www.theregister.com/2023/08/14/ford_sync_vulnerability/GO.THEREGISTER.COM
21 AugBreaking Secure Boot on the Silicon Labs Gecko platformIn this blog post, we present a new vulnerability on the Gecko Bootloader from Silicon Labs more precisely inside the OTA parser.QUARKSLAB.COM
📢 SECURITY ADVISORIES 10[−]
21 AugThe future of SIEM: Embracing predictive analyticsSecurity information and event management (SIEM) is a crucial tool that offers real-time monitoring and analysis of security-related events as well as tracking and logging of security data for compliance or auditing purposes. SIEM plays an important role in identifying security i…SECURITYINTELLIGENCE.COM
21 AugAustralia’s .AU Domain Administrator Denies Data Breach After Ransomware PostingThe organization that manages Australia’s internet domain .au denied that it was affected by a data breach on Friday after a ransomware gang added it to their list of victims.THERECORD.MEDIA
21 AugFederally Insured Credit Unions Required to Report Cyber Incidents Within 72 HoursThe new policy, National Credit Union Administration (NCUA) announced, comes into effect on September 1, and will cover all incidents that impact information systems or the integrity, confidentiality, or availability of data on those systems.SECURITYWEEK.COM
21 AugEx-USSS CISO Explains Agencies' Struggle with Biden EOEd Cabrera, former CISO of the US Secret Service and current Chief Cybersecurity Officer for Trend Micro, explains why Federal agencies are slow to comply with Biden's cybersecurity executive order.TRENDMICRO.COM
21 AugUS CISA Urges Security by Design for AIPart of Agency's Campaign to Align Design, Development With Security From the Start The U.S federal government is advocating for artificial intelligence developers to embrace security as a core requirement, warning that machine learning code is particularly difficult and expensiv…DATABREACHTODAY.CO.UK
🔥 INCIDENT REPORTING 15[−]
21 AugNetwork detection and response in the modern eraIn this Help Net Security interview, David Gugelmann, CEO at Exeon, sheds light on the current cyber threats and their challenges for network security. He discusses the role of Network Detection and Response (NDR) solutions that leverage machine learning algorithms to improve thr…HELPNETSECURITY.COM
21 AugCyber Security Today, August 21, 2023 - The latest ransomware news, and security patches issued by Cisco, Juniper and JenkinsThis episode includes reports on how much Dallas paid for a ransomware incident response, data released by the Black Basta ransomware gang after an attack on a U.S. housing authority and moreCYBERSECURITYTODAY.LIBSYN.COM
21 AugThis Malware Turned Thousands of Hacked Windows and macOS PCs into Proxy ServersThreat actors are leveraging access to malware-infected Windows and macOS machines to deliver a proxy server application and use them as exit nodes to reroute proxy requests. According to AT&T Alien Labs, the unnamed company that offers the proxy service operates more than 40…THEHACKERNEWS.COM
21 AugUS Agencies Warn of Cyberattacks on Space Industry by Foreign Intelligence EntitiesThe U.S. intelligence agencies are warning about unnamed foreign intelligence entities targeting the private space sector to steal sensitive data related to satellite payloads and disrupting and degrading US satellite capabilities.BANKINFOSECURITY.COM
21 AugTelsa data breach caused by ‘insider wrongdoing’Two former employees gained access to and leak the sensitive data of more than 75,000 Tesla employeesCSHUB.COM
21 AugTesla says data breach impacting 75,000 employees was an insider jobTesla has said that insider wrongdoing was to blame for a data breach affecting more than 75,000 company employees. Tesla, the electric car maker owned by Elon Musk, said in a data breach notice filed with Maine’s attorney general that an investigation had found that two former e…TECHCRUNCH.COM
21 Aug[Eye-Opening] Increase of Phishing Attacks in Australia Should Alarm OrganizationsPhishing attacks are on the rise in Australia, the Australian Broadcasting Corporation ( ABC ) reports.KNOWBE4.COM
21 AugAustralian Lender Latitude Financial Reports AU$76 Million Cyberattack CostsAustralian lender Latitude Financial said the recent ransomware attack has cost it AU$76 million (roughly US$50 million). The post Australian Lender Latitude Financial Reports AU$76 Million Cyberattack Costs appeared first on SecurityWeek .SECURITYWEEK.COM
21 AugTesla Discloses Data Breach Impacting 75,000 People's Personal InformationA notification letter sent to impacted people reveals that the data breach is related to a couple of former employees sending confidential information to German media outlet Handelsblatt.SECURITYWEEK.COM
21 AugThe Hidden Benefits of Negotiating With Ransomware AttackersGuidePoint Security's Mark Lance on Ways to Delay and Gather Info on Cybercriminals Conventional wisdom recommends to never negotiate with ransomware actors. They can't be trusted. But Mark Lance at GuidePoint Security recently made the case that organizations can gather importan…DATABREACHTODAY.CO.UK
21 AugJapanese Watchmaker Seiko Breached by BlackCat Ransomware GangSeiko apologized to the potentially impacted customers and business partners and urged them to be vigilant against email or other communication attempts potentially impersonating Seiko.BLEEPINGCOMPUTER.COM
21 AugEntering the 3rd week of real estate software provider Rapattoni's supposed ransomware attacksubmitted by atocci to cybersecurity 14 points | 1 comments https://arstechnica.com/security/2023/08/5-days-on-cyberattack-on-data-provider-stymies-realty-markets-throughout-the-us/ I’ve linked an article from a week ago here, but the content is still relevant as the attack is on…ARSTECHNICA.COM
21 AugLeak of 75k staff records was insiders' fault, Tesla claimssubmitted by c0mmando to netsec 0 points | 0 comments https://go.theregister.com/feed/www.theregister.com/2023/08/21/breach_of_75k_employee_records/GO.THEREGISTER.COM
21 AugLargest switching and terminal railroad in US investigating ransomware data theftsubmitted by c0mmando to netsec 11 points | 0 comments https://therecord.media/belt-railway-chicago-ransomware-data-theft-akiraTHERECORD.MEDIA
🕵️ THREAT INTELLIGENCE 39[−]
21 AugThe complex world of CISO responsibilitiesA Chief Information Security Officer (CISO) plays a crucial role in protecting an organization’s digital assets. They are responsible for ensuring the security of sensitive information, defending against cyber threats, and maintaining data integrity. Their work involves cre…HELPNETSECURITY.COM
21 AugISC Stormcast For Monday, August 21st, 2023 https://isc.sans.edu/podcastdetail/8624, (Mon, Aug 21st)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
21 AugOrganizations invest in AI tools to elevate email securityTo counteract new and emerging threat methods enhanced by artificial intelligence, specialized email security vendors are leveraging a synergy of AI and human insights to enhance email security, according to IRONSCALES and Osterman Research. Cybercriminals are already using AI in…HELPNETSECURITY.COM
21 AugHiatusRAT Malware Resurfaces: Taiwan Firms and U.S. Military Under AttackThe threat actors behind the HiatusRAT malware have returned from their hiatus with a new wave of reconnaissance and targeting activity aimed at Taiwan-based organizations and a U.S. military procurement system. Besides recompiling malware samples for different architectures, the…THEHACKERNEWS.COM
21 AugQuick Malware Triage With Inotify Tools, (Mon, Aug 21st)When you handle a lot of malicious files, you must have a process and tools in place to speedup the analysis. It&#;x26;#;39;s impossible to investigate all files and a key point is to find interesting files that deserve more attention. In my malware an…ISC.SANS.EDU
21 AugChrome will tell users when extensions they use are removed from Chrome Web StoreGoogle will be extending the Safety check feature within the Chrome browser to alert users when a previously installed extension is no longer available in the Chrome Web Store. A safety check for Chrome extensions The Safety check scan can be run from Chrome’s Settings (und…HELPNETSECURITY.COM
21 AugWhite House Announces AI Cybersecurity ChallengeAt Black Hat last week, the White House announced an AI Cyber Challenge . Gizmodo reports : The new AI cyber challenge (which is being abbreviated “AIxCC”) will have a number of different phases. Interested would-be competitors can now submit their proposals to the Sm…SCHNEIER.COM
21 AugBrazilian Hacker Claims Bolsonaro Asked Him to Hack Into the Voting System Ahead of 2022 VoteA Brazilian hacker claims former president Bolsonaro asked him to hack into the voting system ahead of the 2022 election. The post Brazilian Hacker Claims Bolsonaro Asked Him to Hack Into the Voting System Ahead of 2022 Vote appeared first on SecurityWeek .SECURITYWEEK.COM
21 AugSuspected North Korean Hackers Target Joint Military Exercise Between South Korea and the USSuspected North Korean hackers have attempted an attack targeting a major joint military exercise between Seoul and Washington that starts on Monday, South Korean police said.SECURITYWEEK.COM
21 AugWebinar Tomorrow:  ZTNA Superpowers CISOs Should KnowJoin Cloudflare and SecurityWeek for a webinar to discuss “VPN Replacement: Other ZTNA Superpowers CISOs Should Know” The post Webinar Tomorrow: ZTNA Superpowers CISOs Should Know appeared first on SecurityWeek .SECURITYWEEK.COM
21 AugBrazen Malware Operation Targets Taiwanese Firms and U.S. Military Procurement SystemThe threat actors behind the HiatusRAT malware have returned from their hiatus with a new wave of reconnaissance and targeting activity aimed at Taiwan-based organizations and a U.S. military procurement system.THEHACKERNEWS.COM
21 AugOvercoming the Inertia of Assessing and Securing APIsTraceable AI CSO Richard Bird on Best Practices for Fighting API-Based Attacks Large enterprises may have hundreds or thousands of APIs. Concerns over API vulnerabilities have been around for years, but most organizations outside of highly regulated industries such as banking hav…DATABREACHTODAY.CO.UK
21 Aug3,000+ Android Malware Using Unique Compression Methods to Avoid DetectionAndroid Smartphones lay a vital role in our daily life, as they help us to stay connected and, not only that even it also helps in performing several daily tasks like:- But, besides this, it also attracts the attention of cybercriminals or threat actors since smartphones hold our…GBHACKERS.COM
21 AugInterpol Arrested 14 cybercriminals and uncovered 20,674 suspicious cyber networksThe recent Africa Cyber Surge II operation conducted by INTERPOL and AFRIPOL has revealed a stark reality – the surge in digital insecurity and cybercriminals threats across Africa.  This operation spanned 25 African countries and successfully identified 20,674 suspicious cy…GBHACKERS.COM
21 AugVersaAI delivers AI-assisted enhancements across the Versa Networks portfolioVersa Networks has released a set of enhancements to VersaAI that includes new embedded generative AI capabilities to identify malicious behaviors in real time, secure generative AI tools, and enhance network and security operational excellence. These capabilities are powered by …HELPNETSECURITY.COM
21 AugResearchers Uncover Real Identity of CypherRAT and CraxsRAT Malware DeveloperCyfirma security researchers uncover the real identity of the CypherRAT and CraxsRAT malware developer and MaaS operator. The post Researchers Uncover Real Identity of CypherRAT and CraxsRAT Malware Developer appeared first on SecurityWeek .SECURITYWEEK.COM
21 AugThe Only Leader in Single-Vendor SASE. Period.Palo Alto Networks® was recognized as the only Leader in the inaugural 2023 Gartner® Magic Quadrant™ for Single-Vendor SASE. The post The Only Leader in Single-Vendor SASE. Period. appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
21 AugResearchers Uncover Real Identity of CypherRAT and CraxsRAT Malware DeveloperThe CraxsRAT builder, Cyfirma says, generates highly obfuscated packages, allowing threat actors to customize the contents based on the type of attack they are preparing, including with WebView page injections.SECURITYWEEK.COM
21 AugZero Authority: Future of Security and Business EnablementJake Seid of Ballistic Ventures on How Zero Authority Revolutionizes Security In the ever-evolving landscape of cybersecurity, zero authority is giving defenders a new perspective on security and business enablement, said Jake Seid, general partner at Ballistic Ventures. "Zero au…DATABREACHTODAY.CO.UK
21 AugHiatusRAT Returns after a Hiatus in a Fresh Wave of AttacksThe HiatusRAT malware group reemerged to target Taiwan-based organizations and a U.S. military procurement system allegedly to snoop on military contracts. The audacity of threat actors is evident in their disregard for previous disclosures and their minimal efforts to change the…CYWARE.COM
21 AugSecurity Money: The Index is Still Trying to Recover | Black Hat Executive Interviews - BSW #317This week, we start things off with our Security Money segment for this week, about how The Index is Still Trying to Recover. Then we follow up with our some interviews from Hacker Summer Camp with Deepen Desai, Global CISO & Head of Security Research at Zscaler & Eyal Benishti, …YOUTUBE.COM
21 AugResearchers Spoof an Apple Device and Trick Users Into Sharing Sensitive DataThe spoofed Apple device prompts users to connect their Apple ID or share a password with a nearby Apple TV, allowing threat actors to collect data such as phone numbers and Apple ID emails.SECURITYAFFAIRS.COM
21 AugGUEST ESSAY: Lessons to be learned from the waves of BofA phone number spoofing scamsPhone number spoofing involves manipulating caller ID displays to mimic legitimate phone numbers, giving scammers a deceptive veil of authenticity. Related: The rise of ‘SMS toll fraud’ The Bank of America scam serves as a prime example of how criminals … (more……LASTWATCHDOG.COM
21 AugSecurity Money: The Index is Still Trying to Recover - BSW #317The Security Weekly 25 Index is still trying to recover. Inflation fears have tampered the recovery and the NASDAQ is outperforming the Index. Fastly replaces Sumo Logic in the Index and Thoma Bravo has not acquired anyone, so hoping the index stays stable for more than a quarter…YOUTUBE.COM
21 AugUK Competition Regulator Clears Broadcom, VMware MergerBroadcom Anticipates It Can Close Deal Before Oct. 30 The British competition regulator cleared Broadcom's $61 billion proposed acquisition of cloud and virtualization giant VMware, a decision the company says removes one of the last major regulatory obstacles to putting Symantec…DATABREACHTODAY.CO.UK
21 AugSIEM and SOAR in 2023: Key trends and new changesSecurity information and event management (SIEM) systems remain a key component of security operations centers (SOCs). Security orchestration, automation, and response (SOAR) frameworks, meanwhile, have emerged to fill the gap in these capabilities left by many SIEM systems. But …SECURITYINTELLIGENCE.COM
21 AugColdFusion | EncroChat | Ivanti | Sneaky Amazon | Spoofing Apple | Jason Wood & more – SWN320This week, Aaran Talks: ColdFusion, EncroChat, Ivanti, Sneaky Amazon, Spoofing Apple, Jason Wood, and more on the Security Weekly News. →Full Show Notes: https://securityweekly.com/swn320 →Join the Security Weekly Discord Server: https://discord.gg/pqSwWm4 →Visit our website: htt…YOUTUBE.COM
21 AugManaging Bug Bounty Programs At Scale | News - PSW7966:00pm ET - Dr. Jared DeMott 7:00pm ET - Security News This week, we start things off with an interview with Dr. Jared DeMott, Principal Security Engineering Manager at Microsoft, about - . Then we follow up with our security news for the week! →Full Show Notes: https://securityw…YOUTUBE.COM
21 AugTackling the Perennial Problem | Enterprise News | Black Hat Executive Interviews - ESW329This week, we kick things off with and interview with Jason Meller, Founder and CEO at Kolide, about - . Then we discuss our weekly Enterprise News for the week. Finally we will be airing some more interviews from Black Hat 2023, with John Shier, Field CTO Commercial at Sophos, S…YOUTUBE.COM
21 AugOpenfire | Firepower | Barracuda | CosmicBeetle | Encryption | Aaran Leyland & more – SWN321This week, Doug Talks: Openfire, Firepower, Barracuda, CosmicBeetle, Encryption, Aaran Leyland, and more on the Security Weekly News. →Full Show Notes: https://securityweekly.com/swn321 →Join the Security Weekly Discord Server: https://discord.gg/pqSwWm4 →Visit our website: https…YOUTUBE.COM
21 AugMentorship Monday - Discussions for career and learning!submitted by shellsharks to cybersecurity 7 points | 2 comments Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? …INFOSEC.PUB
21 AugThreat Hunting Newslettersubmitted by L4s to secops 0 points | 0 comments https://marcusedmondson.substack.com/ Threat Hunting Newsletter::I share threat hunting advice and tips for small and medium sized businesses on a budget. Click to read The Threat Hunter’s Dilemma, by Marcus Edmondson, a Substack p…MARCUSEDMONDSON.SUBSTACK.COM
21 AugWinRAR vuln could allow code to run when files are openedsubmitted by c0mmando to netsec 4 points | 5 comments https://www.theregister.com/2023/08/21/winrar_vuln_could_allow_code/THEREGISTER.COM
21 AugAlarm raised over broken authorization in Mozilla VPN clientsubmitted by c0mmando to netsec 50 points | 1 comments https://www.theregister.com/2023/08/04/mozilla_vpn_linux_flaw/THEREGISTER.COM
21 Aug“Please do not make it public”: Vulnerabilities in Sogou Keyboard encryption expose keypresses to network eavesdroppingsubmitted by c0mmando to netsec 18 points | 0 comments https://citizenlab.ca/2023/08/vulnerabilities-in-sogou-keyboard-encryption/CITIZENLAB.CA
21 AugHackers Rig Casino Card-Shuffling Machines for ‘Full Control’ Cheatingsubmitted by c0mmando to netsec 40 points | 2 comments https://web.archive.org/web/20230820170657/https://www.wired.com/story/card-shuffler-hack/WEB.ARCHIVE.ORG
21 AugTunnelCrack attack may cause vulnerable VPNs to leak trafficsubmitted by c0mmando to netsec 11 points | 0 comments https://www.theregister.com/2023/08/10/tunnelcrack_vpn/THEREGISTER.COM
21 AugAn Apple Malware-Flagging Tool Is ‘Trivially’ Easy to Bypasssubmitted by c0mmando to netsec 8 points | 1 comments https://www.wired.com/story/apple-mac-background-task-management-flaw/WIRED.COM
21 AugGoogle paves way for FIDO2 security keys that can resist quantum computer attackssubmitted by c0mmando to netsec 12 points | 0 comments https://www.zdnet.com/article/google-paves-way-for-fido2-security-keys-that-can-resist-quantum-computer-attacks/ZDNET.COM
🌐 CYBER THREAT LANDSCAPE 5[−]
21 AugIsrael, US to Invest $4 Million in Critical Infrastructure Security ProjectsGovernment agencies in Israel and the US have announced plans to invest $3.85 million in projects meant to improve the security of critical infrastructure in both countries.SECURITYWEEK.COM
21 AugTurns Out AI Probably Isn’t Very Good at Writing MalwareRecent research from Trend Micro and Google's Mandiant indicates that while criminals show interest in using generative AI models for malicious purposes, the actual usage remains limited.THEREGISTER.COM
21 AugGoogle Chrome's New Feature Alerts Users About Auto-Removal of Malicious ExtensionsThe feature, set for release alongside Chrome 117, allows users to be notified when an add-on has been unpublished by a developer, taken down for violating Chrome Web Store policy, or marked as malware.THEHACKERNEWS.COM
21 AugA Bard’s Tale – how fake AI bots try to install malwareThe AI race is on! It’s easy to lose track of the latest developments and possibilities, and yet everyone wants to see firsthand what the hype is about. Heydays for cybercriminals!WELIVESECURITY.COM
📡 INFOSEC NEWS 11[−]
21 AugJenkins Patches High-Severity Vulnerabilities in Multiple PluginsThe patches address three high-severity cross-site request forgery (CSRF) and cross-site scripting (XSS) issues in the Folders, Flaky Test Handler, and Shortcut Job plugins.SECURITYWEEK.COM
21 AugProjectDiscovery Raises $25M to Launch a Cloud Version of Its Threat-Scanning PlatformProjectDiscovery today announced that it raised $25 million in a Series A funding round led by CRV with participation from Point72, SignalFire, Rain Capital, Mango Capital, Accel, and Lightspeed.TECHCRUNCH.COM
21 AugHow to Investigate an OAuth Grant for Suspicious Activity or Overly Permissive ScopesFrom a user’s perspective, OAuth works like magic. In just a few keystrokes, you can whisk through the account creation process and gain immediate access to whatever new app or integration you’re seeking. Unfortunately, few users understand the implications of the permissions the…THEHACKERNEWS.COM
21 AugOngoing Duo outage causes Azure Auth authentication errorsCisco-owned multi-factor authentication (MFA) provider Duo Security is investigating an ongoing outage that has been causing authentication failures and errors starting three hours ago. [...]BLEEPINGCOMPUTER.COM
21 AugBuilt-in authenticator in Kaspersky Password Manager | Kaspersky official blogKaspersky Password Manager now features a built-in one-time code generator for two-factor authentication in other services and applications.KASPERSKY.COM
21 Aug“Snakes in airplane mode” – what if your phone says it’s offline but isn’t?WYSIWYG is short for "what you see is what you get". Except when it isn't...NAKEDSECURITY.SOPHOS.COM
21 AugSneaky Amazon Google ad leads to Microsoft support scamA legitimate-looking ad for Amazon in Google search results redirects visitors to a Microsoft Defender tech support scam that locks up their browser. [...]BLEEPINGCOMPUTER.COM
21 AugSneaky Amazon Google Ad Leads to Microsoft Support ScamA fake Amazon ad in Google search results is redirecting users to a tech support scam that poses as a Microsoft Defender alert. The tech support scam locks up the browser in full-screen mode.BLEEPINGCOMPUTER.COM
21 AugTP-Link smart bulbs can let hackers steal your WiFi passwordResearchers from Italy and the UK have discovered four vulnerabilities in the TP-Link Tapo L530E smart bulb and TP-Link's Tapo app, which could allow attackers to steal their target's WiFi password. [...]BLEEPINGCOMPUTER.COM