113Articles
9Categories
2023-08-22Date
🚨 CISA KEV 1[−]
22 Aug KEVCISA Adds Two Known Exploited Vulnerabilities to CatalogCISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2023-38035 Ivanti Sentry Authentication Bypass Vulnerability CVE-2023-27532 Veeam Backup & Replication Cloud Connect Missing Authentication fo…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 10[−]
22 Aug KEVCritical Adobe ColdFusion Flaw Added to CISA's Exploited Vulnerability CatalogThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security flaw in Adobe ColdFusion to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability, cataloged as CVE-2023-26359 (CVSS score: 9.8)…THEHACKERNEWS.COM
22 Aug KEVIvanti Warns of Critical Zero-Day Flaw Being Actively Exploited in Sentry SoftwareSoftware services provider Ivanti is warning of a new critical zero-day flaw impacting Ivanti Sentry (formerly MobileIron Sentry) that it said is being actively exploited in the wild, marking an escalation of its security woes. Tracked as CVE-2023-38035 (CVSS score: 9.8), the iss…THEHACKERNEWS.COM
22 AugJuniper Networks fixes flaws leading to RCE in firewalls and switchesJuniper Networks has fixed four vulnerabilities (CVE-2023-36844, CVE-2023-36845, CVE-2023-36846, CVE-2023-36847) in Junos OS that, if chained together, could allow attackers to achieve remote code execution (RCE) on the company’s SRX firewalls and EX switches. The fixed Jun…HELPNETSECURITY.COM
22 Aug KEVCISA Warns of Another Exploited Adobe ColdFusion VulnerabilityCISA warns that CVE-2023-26359, an Adobe ColdFusion vulnerability patched in March, has been exploited in the wild. The post CISA Warns of Another Exploited Adobe ColdFusion Vulnerability appeared first on SecurityWeek .SECURITYWEEK.COM
22 AugIvanti Sentry zero-day vulnerability fixed, patch ASAP! (CVE-2023-38035)Ivanti is urging administrators of Ivanti Sentry (formerly MobileIron Sentry) gateways to patch a newly discovered vulnerability (CVE-2023-38035) that could be exploited to change configuration, run system commands, or write files onto the vulnerable system. “As of now, we …HELPNETSECURITY.COM
22 AugCustomer-configured rules now the biggest contributor to mitigated trafficCustomer-configured rules are now the biggest contributor to mitigated traffic as organizations adopt web application firewalls (WAFs) and improve at configuring/locking down their applications. That's according to Cloudflare's Application Security Report: Q2 2023 , based on HTTP…CSOONLINE.COM
22 AugIvanti warns customers another zero-day is under active attackU.S. software giant Ivanti has scrambled to patch another zero-day vulnerability under active attack. The vulnerability, tracked as CVE-2023-38035 with a vulnerability severity rating of 9.8 out of 10, affects the software company’s Sentry product. Ivanti Sentry (formerly MobileI…TECHCRUNCH.COM
22 AugCVE-2023-23382 Azure Machine Learning Compute Instance Information Disclosure VulnerabilityCorrected one or more links in the FAQ. This is an informational change only.MSRC.MICROSOFT.COM
22 AugCVE-2023-28312 Azure Machine Learning Information Disclosure VulnerabilityCorrected one or more links in the FAQ. This is an informational change only.MSRC.MICROSOFT.COM
22 AugTechnical Details of CVE-2023-30988 - IBM Facsimile Support Privilege Escalationsubmitted by L4s to secops 1 points | 0 comments https://blog.silentsignal.eu/2023/08/22/2023-08-22-Facsimile-Support-CVE-2023-30988/ Technical Details of CVE-2023-30988 - IBM Facsimile Support Privilege Escalation::Because we can!SILENTSIGNAL.EU
⚠️ VULNERABILITY DISCLOSURE 24[−]
22 Aug8 open-source OSINT tools you should tryOpen-Source Intelligence (OSINT) refers to gathering, assessing, and interpreting public information to address specific intelligence queries. All the tools listed here are available for free. Amass The OWASP Amass project performs network mapping of attack surfaces and external …HELPNETSECURITY.COM
22 AugUnderstanding how attackers exploit APIs is more important than everIn this Help Net Security video, Andy Hornegold, Product Lead at Intruder, dives into API security and explores how several recent high-profile breaches were caused by simple failings – which didn’t require sophisticated security to prevent. The number of APIs is increasing year …HELPNETSECURITY.COM
22 Aug KEVIvanti Warns of New Actively Exploited Sentry Zero-Day BugDiscovered and reported by researchers at mnemonic, the critical vulnerability enables unauthenticated attackers to gain access to sensitive admin portal configuration APIs exposed over port 8443, used by MobileIron Configuration Service (MICS).BLEEPINGCOMPUTER.COM
22 Aug10 benefits of security performance metrics for CISOsMeasuring security performance may not sound like the most exciting exercise on the CISO's agenda, but the right metrics can deliver significant value to security leaders and go a long way to helping them tackle a diverse set of challenges. The intersection of modern security and…CSOONLINE.COM
22 Aug KEVCritical Adobe ColdFusion Flaw Added to CISA's Exploited Vulnerability CatalogThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security flaw in Adobe ColdFusion to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.THEHACKERNEWS.COM
22 AugBalancing risk and compliance: implications of the SEC’s new cybersecurity regulationsCorporate cybersecurity is becoming a non-negotiable priority. How companies prepare for and defend themselves against cyber intrusions has profound implications for their operations, reputation, and bottom line. Companies have historically underestimated the magnitude of cyberse…CSOONLINE.COM
22 AugeSentire introduces LLM Gateway to help businesses secure generative AIManaged detection and response (MDR) vendor eSentire has announced the availability of LLM Gateway , an open-source framework to help security teams improve their governance and monitoring of generative AI and large language models (LLMs). Originally developed for internal purpos…CSOONLINE.COM
22 AugCerby Raises $17 Million for Access Management Platform for Nonstandard ApplicationsThe investment round was led by Two Sigma Ventures, with additional funding from Outpost Ventures, AV8, Bowery Capital, Founders Fund, Incubate Fund, Okta Ventures, Ridge Ventures, Salesforce Ventures, and Tau Ventures.SECURITYWEEK.COM
22 AugJuniper Networks Junos OS let Attacker Remotely Execute CodeMultiple vulnerabilities have been discovered on Junos OS, which can be combined to execute a preAuth remote code execution vulnerability on Junos OS on SRX and EX Series. An unauthenticated network-based attacker can exploit these vulnerabilities by chaining them. Junos OS SRX i…GBHACKERS.COM
22 AugApache Ivy Injection Flaw Let Attackers Exfiltrate Sensitive DataA blind XPath injection vulnerability was discovered in Apache Software Foundation Apache Ivy, which allows threat actors to exfiltrate data and access sensitive information that is restricted to only the machine that runs Apache Ivy. This vulnerability exists in the parsing of X…GBHACKERS.COM
22 AugTP-Link Smart Bulb Vulnerabilities Expose Households to Hacker AttacksVulnerabilities in the TP-Link Tapo L530E smart bulb and accompanying mobile application can be exploited to obtain the local Wi-Fi password. The post TP-Link Smart Bulb Vulnerabilities Expose Households to Hacker Attacks appeared first on SecurityWeek .SECURITYWEEK.COM
22 AugIvanti Sentry Flaw: Let Attackers Access Critical APIs Used for ConfigurationAn unauthenticated critical API access vulnerability was found in the Ivanti Sentry interface, which could allow a threat actor to gain access to sensitive APIs that can be used to access the Ivanti administrator portal and configure Ivanti Sentry. This vulnerability can also be …GBHACKERS.COM
22 AugCISA Releases Four Industrial Control Systems AdvisoriesCISA released four Industrial Control Systems (ICS) advisories on August 22, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-234-01 Hitachi Energy AFF66x ICSA-23-234-02 Trane Thermostats ICSA-…CISA.GOV
22 AugTwo Data Breaches in Gadsden: Court System, EMS Report That Data May Have Been StolenThe 2nd Judicial Circuit announced Monday that law enforcement is investigating a data breach involving Gadsden County court records. In a news release, the circuit said that initial assessments show some of the records contained PII.YAHOO.COM
22 AugSecurity in a Cloud Native World & Mobile App Attacks - Asaf Ashkenazi, Jason Rolleston - ASW #252Modern applications are transforming how businesses serve their customers, employees, and partners. But they also challenge security teams with limited to no visibility or control while expanding an organization’s attack surface. Jason Rolleston, vice president and general manage…YOUTUBE.COM
22 AugThousands of Android Malware Apps Use Stealthy APKs to Bypass SecurityThreat actors are reportedly exploiting APK files that employ unknown or unsupported compression methods to bypass malware analysis, warned cybersecurity firm Zimperium. The approach hinders decompilation efforts while still enabling installation on Android devices running OS ver…CYWARE.COM
22 AugAttacking Your Way to Accurate Answers with Breach and Attack Simulation - Tomer Bar - BH23 #2It’s no secret that the attack surface is increasing and the best defense is one that’s matched to the most relevant risks. Through proactive and reactive research, The SafeBreach Labs team helps customers discover their most critical threats and security gaps by building the ind…YOUTUBE.COM
22 AugNew Zero-Day Bug Affects All Versions of Ivanti SentryZero-Day Can Be Exploited by Chaining It With Last Month's Ivanti MobileIron Bugs Mobile endpoint security vendor Ivanti disclosed a critical vulnerability that could allow an attacker to take control of an Ivanti Sentry gateway server, which stands between mobile devices and bac…DATABREACHTODAY.CO.UK
22 AugBlackCat Ransomware Group Targets Japanese Watchmaker SeikoSeiko Hints at Data Breach But Declines to Address BlackCat’s Claims The BlackCat group on Monday claimed responsibility for a ransomware attack on Japanese watchmaker Seiko, publishing samples of stolen data files as proof of its exploit. Seiko Group Corp. announced earlier this…DATABREACHTODAY.CO.UK
22 AugCuba Ransomware Exploits Veeam VulnerabilityThe Attack Accesses an Exposed API on a Component of the Veeam Application The Cuba ransomware group is exploiting a bug in data backup software exposed in March, warn BlackBerry security researchers. The firm says the Cuba group in June attacked a critical infrastructure organiz…DATABREACHTODAY.CO.UK
22 AugAdapting tools & tactics to fight modern ransomwareIn today's cybersecurity landscape, ransomware continues to be a potent adversary, disrupting business and shaking trust in organizations globally. Many businesses have responded by investing in threat intelligence and protection options, but it’s virtually impossible to lock dow…CSOONLINE.COM
22 AugNews Alert: AVer joins forces with Nureva to deliver seamless, simplified meeting equipmentFremont, Calif., Aug. 22, 2023 — AVer Information Inc. USA , the award-winning provider of video collaboration and education solutions, announces a technology collaboration with Nureva to streamline hybrid meeting room connectivity. The plug-and-play hybrid meeting bundles includ…LASTWATCHDOG.COM
📋 SECURITY BULLETINS 1[−]
22 AugCarderbee Attacks: Hong Kong Organizations Targeted via Malicious Software UpdatesA previously undocumented threat cluster has been linked to a software supply chain attack targeting organizations primarily located in Hong Kong and other regions in Asia. The Symantec Threat Hunter Team, part of Broadcom, is tracking the activity under its insect-themed moniker…THEHACKERNEWS.COM
📢 SECURITY ADVISORIES 9[−]
22 AugUS CISA Urges Security by Design for AIThe U.S federal government is advocating for artificial intelligence developers to embrace security as a core requirement, warning that machine learning code is particularly difficult and expensive to fix after deployment.BANKINFOSECURITY.COM
22 AugDeceptive AI Bots Spread Malware, Raise Security ConcernsAccording to a new advisory published by ESET security researchers, the campaign came to light when an advertisement on Facebook promoted the download of what seemed to be the latest version of Google’s authentic AI tool, “Bard.”INFOSECURITY-MAGAZINE.COM
22 AugBritish Intelligence is Tipping off Ransomware Targets to Disrupt AttacksOn average, every 72 hours for the past three months, cyber experts at the UK’s NCSC have detected the beginnings of a new ransomware attack against a British organization and then tipped off the target in a bid to prevent the attack from executing.THERECORD.MEDIA
22 AugEx-USSS CISO Explains Agencies' Struggle with Biden EOEd Cabrera, former CISO of the US Secret Service and current Chief Cybersecurity Officer for Trend Micro, explains why Federal agencies are slow to comply with Biden's cybersecurity executive order.TRENDMICRO.COM
22 AugNew Windows 11 policy lets admins control optional updates installationMicrosoft now provides administrators with a new Windows 11 policy that controls how monthly non-security preview updates are installed on enterprise devices. [...]BLEEPINGCOMPUTER.COM
🔥 INCIDENT REPORTING 24[−]
22 AugAtmeltomo - 580,177 breached accountsIn April 2021, "Japan's largest e-mail friend search site" Atmeltomo suffered a data breach that was later sold on a popular hacking forum . The breach exposed 1.3M records with 580k unique email addresses along with usernames, IP addresses and unsalted MD5 password has…HAVEIBEENPWNED.COM
22 AugIT’s rising role in physical security technologyAs the adoption of cloud-based and mobile-access security systems continues to increase among both new and established businesses, the lines between traditional physical security personnel and IT staff are beginning to blur. Traditionally, the common approach towards organization…HELPNETSECURITY.COM
22 AugAustralian Lender Latitude Financial Reports $50 Million in Cyberattack CostsIn a financial report covering the first half of 2023, the consumer lender reported AU$76 million (roughly US$50 million) of pre-tax costs and provisions relating to the cyber incident.SECURITYWEEK.COM
22 AugSeiko joins growing list of ALPHV/BlackCat ransomware victimsJapanese watchmaker Seiko has been added to ALPHV (BlackCat) ransomware group’s victim list, following a data breach occurring in early August. The Seiko data breach The company published a data breach and response notice on August 10, 2023, stating that an unidentified par…HELPNETSECURITY.COM
22 AugFrench Town of Sartrouville Recovering From Cyberattack Claimed by Ransomware GangOfficials noted that the town’s IT department has set up a “robust” backup system that allowed them to preserve critical data and “minimize disruption to the operation of municipal services.THERECORD.MEDIA
22 AugAustralian Software Provider Energy One Hit by CyberattackWholesale energy software provider Energy One reported on Friday a cyberattack had affected "certain corporate systems" in Australia and the UK. In a statement, the company said analysis is underway to identify which systems have been affected.DARKREADING.COM
22 AugCISOs Tout SaaS Cybersecurity Confidence, But 79% Admit to SaaS Incidents, New Report FindsA new State of SaaS Security Posture Management Report from SaaS cybersecurity provider AppOmni indicates that Cybersecurity, IT, and business leaders alike recognize SaaS cybersecurity as an increasingly important part of the cyber threat landscape. And at first glance, responde…THEHACKERNEWS.COM
22 AugEcuador’s National Election Agency Says Cyberattacks Caused Absentee Voting IssuesEcuador’s national election on Sunday was marred by difficulties voting online for citizens living abroad — incidents the country’s election agency attributed to cyberattacks originating from seven different countries.THERECORD.MEDIA
22 AugRansomware Group Starts Leaking Data From Japanese Watchmaking Giant SeikoThe BlackCat/ALPHV ransomware group has started publishing data allegedly stolen from Japanese watchmaking giant Seiko. The post Ransomware Group Starts Leaking Data From Japanese Watchmaking Giant Seiko appeared first on SecurityWeek .SECURITYWEEK.COM
22 AugAustralian Energy Software Firm Energy One Hit by CyberattackEnergy One, an Australian company that provides software products and services to the energy sector, has been hit by a cyberattack. The post Australian Energy Software Firm Energy One Hit by Cyberattack appeared first on SecurityWeek .SECURITYWEEK.COM
22 AugEnhanced VMware Cloud helps customers modernize, optimize, and protect their businessesVMware has enhanced VMware Cloud, empowering customers with new editions and capabilities that will help them modernize, optimize, and better protect their organizations. With VMware Cloud, customers innovate faster, operate more efficiently, improve threat defenses, and more qui…HELPNETSECURITY.COM
22 AugOne simple way to cut ransomware recovery costs in halfWhichever way you look at the data, it is considerably cheaper to use backups to recover from a ransomware attack than to pay the ransom. The median recovery cost for those that use backups is half the cost incurred by those that paid the ransom, according to a recent study. Simi…SECURITYINTELLIGENCE.COM
22 AugOne simple way to cut ransomware recovery costs in halfWhichever way you look at the data, it is considerably cheaper to use backups to recover from a ransomware attack than to pay the ransom. The median recovery cost for those that use backups is half the cost incurred by those that paid the ransom, according to a recent study. Simi…SECURITYINTELLIGENCE.COM
22 AugAkira ransomware targets Cisco VPNs to breach organizationsThere's mounting evidence that Akira ransomware targets Cisco VPN (virtual private network) products as an attack vector to breach corporate networks, steal, and eventually encrypt data. [...]BLEEPINGCOMPUTER.COM
22 AugAkira Ransomware Targets Cisco VPNs to Breach OrganizationsThere's mounting evidence that Akira ransomware targets Cisco VPN (virtual private network) products as an attack vector to breach corporate networks, steal, and eventually encrypt data.BLEEPINGCOMPUTER.COM
22 AugTesla Sues 2 Former Employees Over Insider Data BreachWhistleblower Leaks Included Information on 75,735 Current and Former Employees Tesla says it's suing two former employees for perpetrating a May data breach that exposed personal information for 75,735 current and former employees. The information was contained in a massive set …DATABREACHTODAY.CO.UK
22 AugCold Fusion, EncroChat, Apple Device Spoofing, Tesla Breach, Jason Wood & More - SWN #320Cold Fusion Flaw, EncroChat, sneaky Amazon and Google, Spoofing Apple devices, Telsa data breach, Space and Jason Wood on this episode of the Security Weekly News! Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-320YOUTUBE.COM
22 AugDiscord.io Stops, Azure AD Pops, Zoom AI Drops, Model Confusion Attacks, Early XSS - ASW #252Discord.io ceases to be, Azure AD breach to get scrutiny from the CSRB, Zoom's AI stumbles show security concerns, model confusion attacks, a look at how far we have -- and haven't -- come with XSS flaws, an approachable article on AI, and more! Visit https://www.securityweekly.c…YOUTUBE.COM
22 AugMOVEit Attack Spree Makes Clop This Summer’s Most-Prolific Ransomware GroupClop was responsible for one-third of all ransomware attacks in July, positioning the financially-motivated threat actor to become the most prolific ransomware threat actor this summer, according to multiple threat intelligence reports.CYBERSECURITYDIVE.COM
22 AugTourists Give Themselves Away by Looking Up. So Do Most Network Intruders.In large metropolitan areas, tourists are often easy to spot because they're far more inclined than locals to gaze upward at the surrounding skyscrapers. Security experts say this same tourist dynamic is a dead giveaway in virtually all computer intrusions that lead to devastatin…KREBSONSECURITY.COM
22 AugThe Role Generative AI Can Play in Threat DetectionSkyhawk Security CEO Chen Burshan on Going Beyond Risk Management and Reduction Chen Burshan, the CEO of Skyhawk Security, wants to use the power of generative AI as part of the threat detection flow. Organizations with risk management tools in place and risk reduction occurring …DATABREACHTODAY.CO.UK
22 AugMonti Ransomware Deploying New Linux EncryptorMore Ransomware Groups Targeting Linux Systems A ransomware campaign by the recently emerged Monti ransomware group is targeting victims with a new Linux variant of its malware. The threat group is the latest in a growing number of ransomware groups finding profit in going after …DATABREACHTODAY.CO.UK
22 AugScarabs colon-izing vulnerable serversAnalysis of Spacecolon, a toolset used to deploy Scarab ransomware on vulnerable servers, and its operators, CosmicBeetleWELIVESECURITY.COM
🕵️ THREAT INTELLIGENCE 26[−]
22 AugISC Stormcast For Tuesday, August 22nd, 2023 https://isc.sans.edu/podcastdetail/8626, (Tue, Aug 22nd)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
22 AugMaintaining consistent security in diverse cloud infrastructuresAs cloud infrastructures become increasingly API-driven and dynamically spread across expansive attack surfaces, achieving clarity proves difficult. Compounding this challenge is the integration of DevOps practices, microservices, and container technologies, which, while fosterin…HELPNETSECURITY.COM
22 AugDotRunpeX Malware Injector Widely Delivers Known Malware Families to Attack WindowsDotRunpeX is one of the new and stealthiest .NET injectors that employs the “Process Hollowing” method, through which this malware distributes a diverse range of other malware strains. Cybersecurity researchers at Check Point recently revealed the real-world use and c…GBHACKERS.COM
22 AugHave You Ever Heard of the Fernet Encryption Algorithm?, (Tue, Aug 22nd)In cryptography, there is a gold rule that states to not develop your own algorithm because... it will be probably weak and broken! They are strong algorithms (like AES) that do a great job so why reinvent the wheel? However, there are projects that try to develop new a…ISC.SANS.EDU
22 AugCerby Raises $17 Million for Access Management Platform for Nonstandard ApplicationsCerby has raised $17 million in Series A funding for its access management platform for applications not supported by identity providers. The post Cerby Raises $17 Million for Access Management Platform for Nonstandard Applications appeared first on SecurityWeek .SECURITYWEEK.COM
22 AugApplying AI to License Plate SurveillanceLicense plate scanners aren’t new. Neither is using them for bulk surveillance. What’s new is that AI is being used on the data, identifying “suspicious” vehicle behavior: Typically, Automatic License Plate Recognition (ALPR) technology is used to search f…SCHNEIER.COM
22 AugNew ‘Carderbee’ APT Targeted Chinese Security Software in Supply Chain AttackA new APT group called Carderbee has been observed deploying the PlugX backdoor via a supply chain attack targeting organizations in Hong Kong. The post New ‘Carderbee’ APT Targeted Chinese Security Software in Supply Chain Attack appeared first on SecurityWeek .SECURITYWEEK.COM
22 AugGrip Security Lands $41 Million Series B FinancingIsraeli startup Grip Security has banked $41 million in new financing from a group of investors led by Third Point Ventures. The post Grip Security Lands $41 Million Series B Financing appeared first on SecurityWeek .SECURITYWEEK.COM
22 AugGrip Security raises $41 million to accelerate growth and extend its marketGrip Security is raising $41 million in Series B funding led by Third Point Ventures, with participation from YL Ventures, Intel Capital and The Syndicate Group. The investment would bring Grip Security’s total funding to $66 million and marks a major milestone for the company, f…HELPNETSECURITY.COM
22 AugMITRE appoints Deborah Youmans as CIOMITRE has named Deborah Youmans as its new chief information officer (CIO). Youmans will oversee more than 400 IT professionals in MITRE’s Enterprise Computing and Information Systems division in areas including innovation and experimentation, information security, enterprise inf…HELPNETSECURITY.COM
22 AugUS Military Targeted in Recent HiatusRAT AttackThe threat actor behind HiatusRAT was seen performing reconnaissance against a US military procurement system in June 2023. The post US Military Targeted in Recent HiatusRAT Attack appeared first on SecurityWeek .SECURITYWEEK.COM
22 AugKyndryl becomes a VMware Cross-Cloud managed services providerKyndryl has become a VMware Cross-Cloud managed services provider. Kyndryl has achieved the VMware Managed Services Specialization and has completed a Validated Service Offering (VSO) for VMware Cloud on AWS. Through this expanded collaboration, both organizations are committed t…HELPNETSECURITY.COM
22 AugHacker Conversations: Cris Thomas (AKA Space Rogue) From Lopht Heavy IndustriesCris Thomas, also known as Space Rogue, was a founding member of the Lopht Heavy Industries hacker collective. The post Hacker Conversations: Cris Thomas (AKA Space Rogue) From Lopht Heavy Industries appeared first on SecurityWeek .SECURITYWEEK.COM
22 AugSupply Side Security: How to Maintain a Talent Pipeline - Helen Patton - CSP #136There are a ton of entry-level candidates for security roles, but we need mid- to late-career cyber candidates to fill our open positions. Hiring managers need to partner with non-security people to build and maintain that pipeline. Let's talk about how to go about getting this d…YOUTUBE.COM
22 AugCarderbee APT Uses Legitimate Software in Supply Chain Attack Targeting Hong Kong FirmsThe group appears to be skilled and patient, selectively pushing payloads to specific victims. The use of signed malware and supply chain attacks makes it difficult for security software to detect.SYMANTEC-ENTERPRISE-BLOGS.SECURITY.COM
22 AugCarderbee hacking group hits Hong Kong orgs in supply chain attackA previously unidentified APT hacking group named 'Carderbee' was observed attacking organizations in Hong Kong and other regions in Asia, using legitimate software to infect targets' computers with the PlugX malware. [...]BLEEPINGCOMPUTER.COM
22 AugResearchers Uncovered the Developer of CypherRAT and CraxsRATResearchers have identified a new Malware-as-a-Service (MaaS) operator called ‘EVLF DEV’ as being behind the creation of CypherRAT and CraxsRAT. EVLF has been selling CraxsRAT, one of the most extremely dangerous Android RATs accessible today, for the past three years, with at le…GBHACKERS.COM
22 AugNew HiatusRAT malware attacks target US Defense DepartmentIn a new HiatusRAT malware campaign, threat actors have targeted a server belonging to the U.S. Department of Defense in what researchers described as a reconnaissance attack. [...]BLEEPINGCOMPUTER.COM
22 AugScraped data of 2.6 million Duolingo users released on hacking forumThe scraped data of 2.6 million DuoLingo users was leaked on a hacking forum, allowing threat actors to conduct targeted phishing attacks using the exposed information. [...]BLEEPINGCOMPUTER.COM
22 Aug5 security fixes: Chrime Desktop Stable Updatesubmitted by sv1sjp to cybersecurity 5 points | 1 comments https://chromereleases.googleblog.com/2023/08/chrome-desktop-stable-update.htmlCHROMERELEASES.GOOGLEBLOG.COM
22 AugLemmy community on disinformationsubmitted by kristoff to cybersecurity 10 points | 0 comments Hi all, Small question. Does anybody know if there already exists a lemmy community on disinformation (in the infosec area or more broadly)? Thanks! :-) Kr.INFOSEC.PUB
22 AugTraining Tuesday - Discussions for certs, training and learning-at-homesubmitted by shellsharks to cybersecurity 3 points | 0 comments Weekly thread to discuss industry certifications, trainings and other courses/learning. Ask questions, share your experiences and help others!INFOSEC.PUB
22 AugUnlocking Discord Nitro Features for Freesubmitted by vedard to cybersecurity 14 points | 0 comments https://blog.0x7d0.dev/history/unlocking-discord-nitro-features-for-free/0X7D0.DEV
22 AugThe Chaos Communication Camp 2023 - 143 videos - ENGLISH and GERMANsubmitted by ashar to security_cpe 3 points | 0 comments https://media.ccc.de/c/camp2023 15.-19.08.2023, Ziegeleipark Mildenberg, Zehdenick, Germany, Earth, Milky Way The Chaos Communication Camp is an international, five-day open-air event for hackers and associated life-forms. …MEDIA.CCC.DE
22 AugMicrosoft has announced Excel will support Pythonsubmitted by L4s to secops 18 points | 7 comments https://techcommunity.microsoft.com/t5/microsoft-365-blog/introducing-python-in-excel-the-best-of-both-worlds-for-data/ba-p/3905482 Microsoft has announced Excel will support Python::Python is one of the most popular programming l…TECHCOMMUNITY.MICROSOFT.COM
22 AugTrack AWS IAM changes in Git with CloudTrail Attributionsubmitted by ccastrapel to cloudsecurity 2 points | 0 comments https://www.noq.dev/blog/iambic-bridging-the-gap-between-iam-changes-and-version-control I wanted to share a recent blog post we’ve put together on IAMbic Change Detection with Cloudtrail logging and attribution. If y…NOQ.DEV
🌐 CYBER THREAT LANDSCAPE 5[−]
22 AugNew Variant of XLoader macOS Malware Disguised as 'OfficeNote' Productivity AppA new variant of an Apple macOS malware called XLoader has surfaced in the wild, masquerading its malicious features under the guise of an office productivity app called "OfficeNote." "The new version of XLoader is bundled inside a standard Apple disk image with the name OfficeNo…THEHACKERNEWS.COM
22 AugCerby lands $17M to manage access to ‘nonstandard’ enterprise appsBel Lepe, a former Google software engineer, tells me that it always seemed risky to him that there were apps business users needed and used, but that IT and security teams were unwilling to approve them because of their lack of support for identity standards. It’s a legiti…TECHCRUNCH.COM
22 AugNew Variant of XLoader macOS Malware Disguised as 'OfficeNote' Productivity AppXLoader, the macOS malware first detected in 2020, is considered a successor to Formbook and is an information stealer and keylogger offered under the malware-as-a-service (MaaS) model.THEHACKERNEWS.COM
22 AugCrypto Botnet On X Is Powered By ChatGPTPACKETSTORMSECURITY.COM
22 AugEVLF DEV - Knowing the Creator of CypherRAT and CraxsRATA fresh player in the realm of cyber threats has emerged under the moniker EVLF DEV, operating as a Malware-as-a-Service (MaaS) provider. Hailing from Syria and active for over eight years, this actor has developed the CypherRAT and CraxsRAT malware strains. To counteract such ca…CYWARE.COM
📡 INFOSEC NEWS 13[−]
22 AugPolice Insider Tipped Off Criminal Friend About EncroChat BustAn intelligence analyst working for police in the North West of England shared information about a major countrywide operation with a criminal contact, in what has been described as a “disgraceful” betrayal of her colleagues.INFOSECURITY-MAGAZINE.COM
22 AugRust Developers Push Back as Serde Project Ships Precompiled BinariesSerde is a commonly used serialization and deserialization framework for Rust data structures that, according to its website, is designed to conduct these operations "efficiently and generically."BLEEPINGCOMPUTER.COM
22 AugTP-Link Smart Bulbs can Let Hackers Steal Your WiFi PasswordResearchers from Italy and the UK have discovered four vulnerabilities in the TP-Link Tapo L530E smart bulb and TP-Link’s Tapo app, which could allow attackers to steal their target’s WiFi password.BLEEPINGCOMPUTER.COM
22 AugUK Government Urges More Students to be Cyber ExplorersAround 2000 schools across the UK are participating in Cyber Explorers – a free learning platform for 11–14-year-olds designed to introduce them to key cybersecurity concepts.INFOSECURITY-MAGAZINE.COM
22 AugUkrainian Hackers Claim to Leak Emails of Russian Parliament Deputy ChiefUkrainian hackers claim to have broken into the email account of a senior Russian politician and exposed documents that allegedly prove his involvement in money laundering and sanction evasion schemes.THERECORD.MEDIA
22 AugGrip Security Raises $41 Million to Accelerate Growth and Extend its MarketThe investment brings Grip Security’s total funding to $66 million and marks a major milestone for the company, further accelerating its go-to-market strategy and advancing product development.HELPNETSECURITY.COM
22 AugMicrosoft Excel to let you run Python scripts as formulasMicrosoft is adding the Python programming language to Microsoft Excel, allowing users to create powerful functions for analyzing and manipulating data. [...]BLEEPINGCOMPUTER.COM
22 AugSnatch Gang Claims the Hack of South Africa's Department of DefenseThe group claims to have stolen military contracts, internal call signs, and personal data, amounting to 1.6 TB. If the attack gets confirmed, the disclosure of confidential information poses a serious risk to organizations involved in the contracts.SECURITYAFFAIRS.COM
22 AugMeasures to protect data when an employee leavesWhat systems do departing employees most often retain access to, and how to protect them from data leaks?KASPERSKY.COM
22 AugWindows 11 KB5029351 preview update released with Search fixesMicrosoft has released the optional August 2023 cumulative update for Windows 11, version 22H2, with fixes for several issues affecting the Search app. [...]BLEEPINGCOMPUTER.COM
22 AugSmart light bulbs could give away your password secretsCryptography isn't just about secrecy. You need to take care of authenticity (no imposters!) and integrity (no tampering!) as well.NAKEDSECURITY.SOPHOS.COM