127Articles
9Categories
2023-08-23Date
🐛 COMMON VULNERABILITIES AND EXPOSURES 8[−]
23 AugExploitation of Ivanti Sentry Zero-Day ConfirmedWhile initially it was unclear if the Ivanti Sentry vulnerability CVE-2023-38035 has been exploited, the vendor and CISA have now confirmed it. The post Exploitation of Ivanti Sentry Zero-Day Confirmed appeared first on SecurityWeek .SECURITYWEEK.COM
23 AugApache XML Graphics Batik Flaw Exposes Sensitive InformationTwo Server-Side Request Forgery (SSRF) vulnerabilities were found in Apache Batik, which could allow a threat actor to access sensitive information in Apache Batik. These vulnerabilities exist in the Apache XML Graphics Batik and are given CVE IDs CVE-2022-44729 and CVE-2022-4473…GBHACKERS.COM
23 AugContainer security probes provide continuous penetration testingContainerized applications bring many benefits -- they are a fast way to deploy software across multiple computing environments. But securing containers is a challenge , since their unique attributes, particularly their ephemeral nature, means that they have been treated differen…CSOONLINE.COM
23 Aug KEVWinRAR zero-day exploited since April to hack trading accountsA WinRar zero-day vulnerability tracked as CVE-2023-38831 was actively exploited to install malware when clicking on harmless files in an archive, allowing the hackers to breach online cryptocurrency trading accounts. [...]BLEEPINGCOMPUTER.COM
23 AugAttackers exploited WinRAR zero-day for months to steal money from brokers (CVE-2023-38831)Financially-motivated attackers have exploited a zero-day vulnerability in WinRAR (CVE-2023-38831) to trick traders into installing malware that would allow them to steal money from broker accounts. “This vulnerability has been exploited since April 2023,” says Group-…HELPNETSECURITY.COM
23 Aug3,000 Openfire Servers Exposed to Attacks Targeting Recent VulnerabilityTracked as CVE-2023-32315, the high-severity flaw was discovered in Openfire’s administration console and is described as a path traversal bug via the setup environment that allows unauthenticated attackers to access restricted pages.SECURITYWEEK.COM
23 Aug KEVOver 3,000 Openfire servers vulnerable to takover attacksThousands of Openfire servers remain vulnerable to CVE-2023-32315, an actively exploited and path traversal vulnerability that allows an unauthenticated user to create new admin accounts. [...]BLEEPINGCOMPUTER.COM
23 AugTraders' Dollars in Danger: CVE-2023-38831 zero-Day vulnerability in WinRAR exploited by cybercriminals to target traderssubmitted by L4s to secops 1 points | 0 comments https://www.group-ib.com/blog/cve-2023-38831-winrar-zero-day/ Traders’ Dollars in Danger: CVE-2023-38831 zero-Day vulnerability in WinRAR exploited by cybercriminals to target traders::Leading provider of cybersecurity solutions: T…GROUP-IB.COM
⚠️ VULNERABILITY DISCLOSURE 26[−]
23 AugCybercriminals turn to AI to bypass modern email security measuresCybercriminals employ artificial intelligence (AI) to create complex email threats like phishing and business email compromise (BEC) attacks, while modern email security systems use AI to counter these attacks, according to Perception Point and Osterman Research. AI’s role in ema…HELPNETSECURITY.COM
23 AugOver a Dozen Malicious npm Packages Target Roblox Game DevelopersMore than a dozen malicious packages have been discovered on the npm package repository since the start of August 2023 with capabilities to deploy an open-source information stealer called Luna Token Grabber on systems belonging to Roblox developers. The ongoing campaign, first d…THEHACKERNEWS.COM
23 AugHackers exploit WinRAR zero-day bug to steal funds from broker accountsCybercriminals are exploiting a zero-day vulnerability in WinRAR, the venerable shareware archiving tool for Windows, to target traders and steal funds. Cybersecurity company Group-IB discovered the vulnerability, which affects the processing of the ZIP file format by WinRAR, in …TECHCRUNCH.COM
23 AugHow API authentication vulnerabilities are at the center of cloud security concernsThe cloud computing skies have been somewhat stormy of late for Microsoft, which has found itself in the crosshairs of not only an attacker who abused authentication but also the firm Tenable, which pointed out that the cloud services giant has a general problem with authenticati…CSOONLINE.COM
23 AugProfile Stealers Spread via LLM-themed Facebook AdsThreat actors are exploiting paid Facebook promotions featuring LLMs to spread malware and steal victims' credentials. The malicious code is distributed through fake profiles and ads promising access to AI tools like Google Bard or Meta AI.TRENDMICRO.COM
23 AugOpen redirect flaws increasingly exploited by phishersPhishing attacks using open redirect flaws are on the rise again, according to Kroll’s Cyber Threat Intelligence (CTI) team, which means organizations should consider refreshing employees’ awareness and knowledge on how to spot them. Malicious URL redirection Open redirect …HELPNETSECURITY.COM
23 AugGenerative AI fueling significant rise in cyberattacksThreat actors' use of generative AI has fueled a significant rise in attacks worldwide during the last 12 months. That's one of several key findings from Deep Instinct's latest Voice of SecOps Report , which surveyed 652 senior cybersecurity experts from companies with more than …CSOONLINE.COM
23 AugSurge in identity crime victims reporting suicidal thoughtsIdentity theft can have great financial impact on the victims, but the experienced emotional, physical and psychological impact can be even more devastating, according to the 2023 Consumer Impact Report from the Identity Theft Resource Center (ITRC) and Experian. The report surve…HELPNETSECURITY.COM
23 AugBeyondID launches BeyondID SOCBeyondID has released the BeyondID Security Operations Center (SOC). This 24/7/365 security monitoring and threat detection service is designed to help organizations maintain the security of their systems in real-time. The BeyondID SOC offers a comprehensive range of benefits tha…HELPNETSECURITY.COM
23 AugOpen Redirect Flaws Increasingly Exploited by PhishersPhishing attacks using open redirect flaws are on the rise again, according to Kroll’s Cyber Threat Intelligence (CTI) team, which means organizations should consider refreshing employees’ awareness and knowledge on how to spot them.HELPNETSECURITY.COM
23 AugScarab Ransomware Deployed Worldwide via Spacecolon ToolsetAccording to an advisory published by ESET, the toolset is believed to gain entry into victim organizations by exploiting vulnerable web servers or leveraging brute-force attacks on Remote Desktop Protocol (RDP) credentials.INFOSECURITY-MAGAZINE.COM
23 AugNorth Korean Affiliates Suspected in $40M Cryptocurrency Heist, FBI WarnsThe U.S. Federal Bureau of Investigation (FBI) on Tuesday warned that threat actors affiliated with North Korea may attempt to cash out stolen cryptocurrency worth more than $40 million. The law enforcement agency attributed the blockchain activity to an adversary the U.S. govern…THEHACKERNEWS.COM
23 AugDope Security wants to help CISOs get a handle on shadow ITApplications and devices brought into a company without being vetted or approved by the CISO or the IT team -- in other words shadow IT -- is increasing, and so are related security issues . That’s because technology companies have made it easier than ever for anyone to acquire a…CSOONLINE.COM
23 AugCybercriminals Turn to AI to Bypass Modern Email Security MeasuresCybercriminals employ AI to create complex email threats like phishing and business email compromise (BEC) attacks, while modern email security systems use AI to counter these attacks, according to Perception Point and Osterman Research.HELPNETSECURITY.COM
23 AugThe End of “Groundhog Day” for the Security in the Boardroom Discussion?As the SEC cyber incident disclosure rules come into effect, organizations will be forced to seriously consider giving security leaders a seat at the table. The post The End of “Groundhog Day” for the Security in the Boardroom Discussion? appeared first on SecurityWeek .SECURITYWEEK.COM
23 Aug3,000 Openfire Servers Exposed to Attacks Targeting Recent VulnerabilityMore than 3,000 Openfire servers are not patched against a recent vulnerability and are exposed to attacks employing a new exploit. The post 3,000 Openfire Servers Exposed to Attacks Targeting Recent Vulnerability appeared first on SecurityWeek .SECURITYWEEK.COM
23 AugGoogle Workspace to gain AI-enabled security, digital sovereignty controlsGoogle has announced enhancements to its Workspace productivity and collaboration suite that it claims will reduce security risks for distributed workforces. The company uses Google AI to improve data loss prevention (DLP) controls in Drive, implement new zero-trust controls, cla…CSOONLINE.COM
23 AugUniversity of Minnesota Investigates Alleged Data Breach Involving Seven Million AlumniThe University of Minnesota has contacted law enforcement and launched an investigation into a data breach that could impact millions of alumni. A hacker claimed to have collected 7 million Social Security numbers in July.FOX9.COM
23 AugGoogle plans to bring AI-fueled security enhancements to Google WorkspaceAs companies move to the cloud, keeping data secure is always front of mind. While Google is quick to point out that it has never had an exploit in Google Workspace, it doesn’t mean it isn’t working to continually stay ahead of security issues. Today, the company announced a numb…TECHCRUNCH.COM
23 AugSocial Engineering Is the Number One Cybersecurity Problem by FarThe number one way that hackers and malware compromise people, devices, and networks is social engineering . No one argues that anymore, but it was not always known or discussed that way. Even though social engineering has been the number one way hackers and malware exploit peopl…KNOWBE4.COM
23 AugDiscord starts notifying users affected by March data breachStarting on Monday, Discord has been reaching out to users affected by a data breach disclosed earlier this year to let them know what Personal Identifying Information (PII) was exposed in the incident. [...]BLEEPINGCOMPUTER.COM
23 AugBitwarden releases free and open-source E2EE Secrets ManagerBitwarden, the maker of the popular open-source password manager tool, has released 'Secrets Manager,' an end-to-end encrypted secrets manager for IT professionals, software development teams, and the DevOps industry. [...]BLEEPINGCOMPUTER.COM
23 AugClop ransomware dominates ransomware space after MOVEit exploit campaignThe number of ransomware attacks in July rose over 150% compared to last year and the actors behind the Clop ransomware were responsible for over a third of them. The gang took the lead from LockBit as the top ransomware threat after exploiting a zero-day vulnerability in a manag…CSOONLINE.COM
23 AugLapsus$ teen hackers convicted of high-profile cyberattacksA London jury has found that an 18-year-old member of the Lapsus$ data extortion gang helped hack multiple high-profile companies, stole data from them, and demanded a ransom threatening to leak the information. [...]BLEEPINGCOMPUTER.COM
23 AugNavigating the AI frontier: cybercrime’s evolution and defense strategiesThe last decade has witnessed rapid adoption of machine learning (ML) and artificial intelligence (AI) technologies across various sectors. More recently, the introduction of generative AI, exemplified by platforms like ChatGPT , has propelled AI into the public spotlight, sparki…CSOONLINE.COM
📋 SECURITY BULLETINS 3[−]
23 AugCyber Security Today, August 23, 2023 -Public exposure doesn't deter this attacker, and moreThis episode reports on a persistent attacker, security updates for Ivanti Sentry and moreCYBERSECURITYTODAY.LIBSYN.COM
23 AugFirst Weekly Chrome Security Update Patches High-Severity VulnerabilitiesGoogle has released the first weekly Chrome security update, which patches five memory safety vulnerabilities, including four rated ‘high severity’. The post First Weekly Chrome Security Update Patches High-Severity Vulnerabilities appeared first on SecurityWeek .SECURITYWEEK.COM
23 AugFirst Weekly Chrome Security Update Patches High-Severity VulnerabilitiesGoogle this week announced a Chrome 116 security update that patches five memory safety vulnerabilities reported by external researchers, including four issues rated ‘high severity’.SECURITYWEEK.COM
📢 SECURITY ADVISORIES 6[−]
23 AugUS Government Publishes Guidance on Migrating to Post-Quantum CryptographyCISA, NSA, and NIST urge organizations to create quantum-readiness roadmaps and prepare for post-quantum cryptography migration. The post US Government Publishes Guidance on Migrating to Post-Quantum Cryptography appeared first on SecurityWeek .SECURITYWEEK.COM
23 AugLOKKER launches On-demand Website Privacy Audit for healthcare organizationsLOKKER has revealed the availability of the new On-demand Website Privacy Audit, a feature within its Privacy Edge software suite, geared toward healthcare organizations. This audit summarizes the highest priority privacy risks on an organization’s website. Healthcare marke…HELPNETSECURITY.COM
23 AugNagarro-Seclore Secure Collaboration Solution ensures business complianceSeclore has announced in partnership with Nagarro, the general availability of the Nagarro-Seclore Secure Collaboration Solution. This joint solution offers businesses safe, effective, and compliant collaboration, bridging the divide between organizations and their external partn…HELPNETSECURITY.COM
23 AugCISA Prioritizing On-Site K-12 Cybersecurity Reviews This School YearThe assessments can encompass a wide range of individualized reviews and actions, from preventing cyber-enabled fraud schemes to combating ransomware attacks and other digital intrusions.NEXTGOV.COM
🔥 INCIDENT REPORTING 27[−]
23 AugLarge-scale breaches overshadow decline in number of healthcare data incidentsWhile H1 2023 saw an encouraging decrease in the overall number of data breaches impacting healthcare organizations, it was overshadowed by large-scale breaches resulting in a significant increase in the number of individuals affected, which reached record levels, according to Cr…HELPNETSECURITY.COM
23 AugDuolingo - 2,676,696 breached accountsIn August 2023, 2.6M records of data scraped from Duolingo were broadly distributed on a popular hacking forum . Obtained by enumerating a vulnerable API, the data had earlier appeared for sale in January 2023 and contained email addresses, names, the languages being learned, XP …HAVEIBEENPWNED.COM
23 AugSpacecolon Toolset Fuels Global Surge in Scarab Ransomware AttacksA malicious toolset dubbed Spacecolon is being deployed as part of an ongoing campaign to spread variants of the Scarab ransomware across victim organizations globally. "It probably finds its way into victim organizations by its operators compromising vulnerable web servers or vi…THEHACKERNEWS.COM
23 AugReport: 15% Drop in Healthcare Breaches, 31% Surge in VictimsA report from Critical Insight notes an overall decrease of 15% in total breaches during the first half of 2023 compared to the latter half of 2022 – a positive development given the healthcare industry’s previous upward trend in attacks.INFOSECURITY-MAGAZINE.COM
23 AugTesla Sues Two Former Employees Over Insider Data BreachThe Austin, Texas-based electric car manufacturer began notifying affected individuals Friday, as part of its ongoing probe into a May data breach it blamed on "insider wrongdoing."HEALTHCAREINFOSECURITY.COM
23 AugTime keeps on slippin’ slippin’ slippin’: The 2023 Active Adversary Report for Tech LeadersA deep dive into incident-response cases from the first half of this year finds both attackers and defenders picking up the paceSOPHOS.COM
23 AugBlackCat ransomware gang claims credit for Seiko data breachThe BlackCat ransomware gang has claimed credit for a cybersecurity attack against Japanese watchmaker Seiko. BlackCat (also known as ALPHAV) posted on its dark web leak site what it claims are files stolen from Seiko's servers.GRAHAMCLULEY.COM
23 AugRansomware actors log on when you log off. Here’s how to stop them.With 90% of ransomware attacks occurring outside standard business hours, Sophos' 24/7 Managed Detection and Response (MDR) service is now an essential part of an effective security stack.SOPHOS.COM
23 AugSpeed Demons: Ransomware Attackers' Dwell Time ShrinksSeeking Every Advantage, Most Ransomware Groups Attack Outside of Business Hours Ransomware-wielding hackers are moving faster than ever to pull the trigger on malicious encryption - but they could be bumping up against the limits of how fast they can go, say security researchers…DATABREACHTODAY.CO.UK
23 AugPhishing Tops the List as the Most Costly Initial Attack Vector in Data BreachesAfter you come to grips with the massive average cost of a data breach to an enterprise organization measured in the millions, it’s time to look at the factors that increase – and lower – that cost.KNOWBE4.COM
23 AugData Breach Costs in Healthcare Rise 53% to More than Double the AverageIt appears that one of the most regulated industries also holds the title for the highest average data breach costs – coming in at just under $11 million per breach.KNOWBE4.COM
23 AugMalwarebytes releases EDR Extra Strength for endpoint protectionMalwarebytes is revolutionizing endpoint protection for IT constrained businesses with EDR Extra Strength, a new solution that combines the company’s deep historical threat intelligence knowledge with endpoint detection and response (EDR) and AI-driven tools for attack surf…HELPNETSECURITY.COM
23 AugLearning the lessons from cybersecurity trash fires at TC Disrupt 2023We’ve all seen headlines about major hacks and data breaches of major companies — it can feel like nobody’s safe. Security is a constant learning curve, and what we learn when things go wrong can help defend against similar threats and would-be incidents in the future…TECHCRUNCH.COM
23 AugRansomware Intrusion Impacts All Servers of Danish Cloud ProviderThe attack occurred on August 18, and since then, efforts have been made to restore the data, but it has proved difficult. CloudNordic has stated that it will not pay the ransom demanded by the hackers.THEREGISTER.COM
23 AugHosting firm says it lost all customer data after ransomware attackDanish hosting firms CloudNordic and AzeroCloud have suffered ransomware attacks, causing the loss of the majority of customer data and forcing the hosting providers to shut down all systems, including websites, email, and customer sites. [...]BLEEPINGCOMPUTER.COM
23 AugThe MOVEit hack and what it taught us about application securityWhen a cyberattack like the 2023 MOVEit hack makes global news headlines, attention often focuses on the names of the affected organizations. This article from @Outpost24 overviews the Moveit hack and aims to draw some important actionable takeaways for your business. [...]BLEEPINGCOMPUTER.COM
23 AugReport: Ransomware Attackers' Dwell Time ShrinksRansomware-wielding hackers are moving faster than ever to pull the trigger on malicious encryption - but they could be bumping up against the limits of how fast they can go, said security researchers from Sophos.BANKINFOSECURITY.COM
23 AugHow Malware Sandboxes Strengthen Your CybersecurityCyberattacks are becoming increasingly sophisticated, threatening organizations’ critical infrastructure and sensitive data more than ever. Core solutions such as SIEMs are often insufficient to ensure complete protection against malware infections, especially new and unexp…GBHACKERS.COM
23 AugCybersecurity Companies Report Surge in Ransomware AttacksCybersecurity companies have released a dozen ransomware reports in recent weeks and most of them show a surge in attacks. The post Cybersecurity Companies Report Surge in Ransomware Attacks appeared first on SecurityWeek .SECURITYWEEK.COM
23 AugSpyCloud raises $110 million to accelerate identity threat protectionSpyCloud has closed a $110 million growth round commitment of primary and secondary capital led by Riverwood Capital, a global investor in high-growth technology companies. More than 500 market leaders across every industry – including half of the Fortune 10 – already use SpyClou…HELPNETSECURITY.COM
23 AugHackers Threaten Patients Following a Massive Cyberattack on a HospitalOne of the renowned hospitals in Israel became the victim of a data breach, and patients were blackmailed with a financial motive. According to an Israel Hayom report, Maayanei HaYeshua Medical Center in Bnei Brak was attacked, and the sensitive data of most prominent politicians…GBHACKERS.COM
23 AugRansomware Attacks Rise 69% and 1500 Organizations Feel the HurtA new report from  Rapid7  has found that the number of ransomware attacks increased by 69% in the first half of 2023. Rapid7 incident response data found that at least 1500 organizations were attacked by ransomware during this period.KNOWBE4.COM
23 AugDanish cloud host says customers ‘lost all data’ after ransomware attackCloud host CloudNordic says most of its customers have “lost all data with us” following a ransomware attack on its datacenter systems, including its backups. The Denmark-based cloud company said the ransomware attack began Friday, during which cybercriminals “s…TECHCRUNCH.COM
23 AugJury Finds 2 Teenagers Perpetrated Lapsus$ Group HacksRockstar, Uber, Okta, Microsoft and Other Big-Name Players Fell to Group's Attacks A British jury found that two teenagers had been members of the Lapsus$ hacking group that attacked Uber, Okta, Rockstar and other organizations. Lapsus$ earned notoriety for stealing data via low-…DATABREACHTODAY.CO.UK
23 AugFBI Says North Korea’s Lazarus Hackers Behind Recent Crypto HeistsJune saw three headline-grabbing incidents involving cryptocurrency companies: a $100 million hack of Atomic Wallet on June 2, as well as two June 22 attacks in which cybercriminals stole $60 million from Alphapo and $37 million from CoinsPaid.THERECORD.MEDIA
23 AugData Breaches Involving Social Engineering Attacks Take Longer to Identify and ContainContinuing coverage of IBM’s recently-released Cost of a Data Breach report, we focus on the impact attacks involving social engineering have on data breach costs.KNOWBE4.COM
23 AugMOVEit Health Data Breach Tally Keeps GrowingMore Hacks Compromising Protected Health Info Being Reported to Regulators The tally of entities notifying federal regulators about mega health data breaches involving Clop cybercrime group hacks on Progress Software's MOVEit file transfer application keeps growing, and millions …DATABREACHTODAY.CO.UK
🕵️ THREAT INTELLIGENCE 32[−]
23 AugProfile Stealers Spread via LLM-themed Facebook AdsIn this entry, we discuss how a threat actor abuses paid Facebook promotions featuring LLMs to spread malicious code, with the goal of installing a malicious browser add-on and stealing victims’ credentials.TRENDMICRO.COM
23 AugISC Stormcast For Wednesday, August 23rd, 2023 https://isc.sans.edu/podcastdetail/8628, (Wed, Aug 23rd)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
23 AugAnticipating the next wave of IoT cybersecurity challengesIn this Help Net Security interview, Roland Atoui, Managing Director at Red Alert Labs, discusses the intricacies of transitioning from isolated IoT setups to interconnected environments, examining the broadening attack surface and the nuanced complexities this evolution imposes.…HELPNETSECURITY.COM
23 AugHow the downmarket impacted enterprise cybersecurity budgetsBelts have tightened, and that ROI and cost reduction are now driving CISO decision-making more than ever. In this Help Net Security video, Sara Behar, Content Manager at YL Ventures, discusses how enterprise cybersecurity budgets have been impacted by the downmarket and how vend…HELPNETSECURITY.COM
23 AugSecurity Onion 2.4: Free, open platform for defenders gets huge updateSecurity Onion is a free and open platform for threat hunting, enterprise security monitoring, and log management. It has been downloaded over 2 million times and is being used by security teams worldwide. Security Onion 2.4 comes with many updates, and the hotfix 2.4.10 release …HELPNETSECURITY.COM
23 AugCarderbee Hacking Group Uses Legitimate Software in Supply Chain AttackFor a supply chain attack and to plant the Korplug backdoor (aka PlugX) on the systems of the targeted victims, an unknown APT group was found to be using the “Cobra DocGuard.” Cobra DocGuard is a legit software package that enables users to manage their Consolidated …GBHACKERS.COM
23 AugBogus OfficeNote app delivers XLoader macOS malwareA new macOS-specific variant of the well known XLoader malware is being delivered disguised as the “OfficeNote” app. “Multiple submissions of this sample have appeared on VirusTotal throughout July, indicating that the malware has been widely distributed in the …HELPNETSECURITY.COM
23 AugSyrian Threat Actor EVLF Unmasked as Creator of CypherRAT and CraxsRAT Android MalwareA Syrian threat actor named EVLF has been outed as the creator of malware families CypherRAT and CraxsRAT. "These RATs are designed to allow an attacker to remotely perform real-time actions and control the victim device's camera, location, and microphone," Cybersecurity firm Cyf…THEHACKERNEWS.COM
23 AugFBI says North Korean hackers preparing to cash out after high-profile crypto hacksThe U.S. government said it believes North Korean hackers are preparing to cash out millions of dollars stolen during a spate of high-profile crypto hacks. On Tuesday, the FBI warned cryptocurrency companies about recent blockchain activity connected to the theft of hundreds of m…TECHCRUNCH.COM
23 AugDeceptive Links, Brand Impersonation, and Identity Deception Top the List of Phishing Attack TacticsAs phishing attacks continue to dominate as an initial attack vector, new data shows that attackers maintain the use of tried-and-true techniques as the means to successful attacks.KNOWBE4.COM
23 AugPhishing Campaigns Targeting Microsoft Login Credentials Jump an Unprecedented 6100%Monitoring of traffic to phishing pages hosted on the free hosting service Cloudflare R2 show an unheard of spike of 6100%, many going undetected by many security solutions due to the evasive techniques used.KNOWBE4.COM
23 AugScammers Impersonate the Australian Tax OfficeThe Australian Taxation Office (ATO) has warned of an increase in SMS and email phishing attacks targeting taxpayers, News.com.au reports. The scams attempt to steal credentials or personal information in order to commit identity theft.KNOWBE4.COM
23 AugSupply Chain Attack: Carderbee APT Strikes Hong Kong OrganizationsUndocumented threat cluster Carderbee was observed targeting organizations in Hong Kong and other Asian regions via a trojanized version of the legitimate software EsafeNet Cobra DocGuard Client to deliver the PlugX backdoor and gain access to victim networks. Strengthening suppl…CYWARE.COM
23 AugRemote access detection in 2023: Unmasking invisible fraudIn the ever-evolving fraud landscape, fraudsters have shifted their tactics from using third-party devices to on-device fraud. Now, users face the rising threat of fraud involving remote access tools (RATs), while banks and fraud detection vendors struggle with new challenges in …SECURITYINTELLIGENCE.COM
23 AugLinkedIn Deception: How a Chinese Spy Tricked Thousands of UK OfficialsIn last few years, cyber espionage has taken a new form. A recent investigation by The Times has unveiled a Chinese intelligence officer's extensive use of LinkedIn to target UK officials. Operating under the alias "Robin Zhang," this spy has been luring thousands of officials, s…KNOWBE4.COM
23 AugFBI: Lazarus hackers readying to cash out $41 million in stolen cryptoThe FBI warned that North Koreans are likely readying to cash out tens of millions worth of stolen cryptocurrency out of hundreds of millions stolen in the last year alone. [...]BLEEPINGCOMPUTER.COM
23 AugThoma Bravo Merges ForgeRock with Ping IdentityThe private equity firm merges the newly acquired ForgeRock with Ping Identity, combining two of the biggest names in enterprise IAM market. The post Thoma Bravo Merges ForgeRock with Ping Identity appeared first on SecurityWeek .SECURITYWEEK.COM
23 AugSmart Cities: Utopian Dream, Security Nightmare, or Political Gimmick?As smart cities evolve with more and more integrated connected services, cybersecurity concerns will increase dramatically. The post Smart Cities: Utopian Dream, Security Nightmare, or Political Gimmick? appeared first on SecurityWeek .SECURITYWEEK.COM
23 AugFBI Finds 1,580 Bitcoin in Crypto Wallets Linked to North Korean HackersThe FBI has published information on six crypto wallets in which North Korean hackers moved roughly 1,580 Bitcoin from various heists. The post FBI Finds 1,580 Bitcoin in Crypto Wallets Linked to North Korean Hackers appeared first on SecurityWeek .SECURITYWEEK.COM
23 AugUS charges founders of Tornado Cash mixer used by Lazarus hackersThe U.S. Justice Department charged two Tornado Cash founders with helping criminals, including the notorious North Korean Lazarus hacking group, launder over $1 billion worth of stolen cryptocurrency through their decentralized crypto mixing service. [...]BLEEPINGCOMPUTER.COM
23 AugINTERPOL + Trend to Fight African Cybercrime NetworksGlobal threat intelligence helps to disrupt thousands of African cyber crimes networksTRENDMICRO.COM
23 AugThreat Actor Targets Hong Kong With Korplug BackdoorPreviously Unknown APT Uses Supply Chain Hack to Reach Victims A previously unknown threat group orchestrated a supply chain attack using a Chinese encryption app to target victims mostly located in Hong Kong. Korplug, the backdoor incorporated into the encryption app, "is known …DATABREACHTODAY.CO.UK
23 AugUS FBI Urges Action on Barracuda ESG HackingChinese Hackers Adapt to Countermeaures The U.S. FBI urged the removal of email security appliances made by Barracuda Networks in a Wednesday flash alert, injecting fresh urgency in a push to stymie what's been called the broadest Chinese cyber spying campaign in years. Mandiant …DATABREACHTODAY.CO.UK
23 AugHas anyone tried obtaining ccTLD zone files?submitted by lemmyingly to cybersecurity 3 points | 0 comments I’m interested in looking at newly registered domains for bad actors. There are services out there that offer zone files for ‘all’ TLDs but are too expensive for individuals not backed by a company to pick up the bill…INFOSEC.PUB
23 AugWhat are You Working on Wednesdaysubmitted by shellsharks to cybersecurity 8 points | 11 comments Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.INFOSEC.PUB
23 AugDevoxx UK 2023 - 135 videossubmitted by ashar to security_cpe 1 points | 0 comments https://youtube.com/playlist?list=PLRsbF2sD7JVq1Kgn45vtXriIIYm5YqcKX Playlist Devoxx UK Website Devoxx UK is a space for developers to learn, sharpen their skills and get hands-on experience with the latest tech. At this 3-…YOUTUBE.COM
23 AugDanger: Generative AI Fuels Extremism | Deeplab.comsubmitted by L4s to secops 1 points | 0 comments https://deeplab.com/security/3235-danger-generative-ai-fuels-extremism Danger: Generative AI Fuels Extremism | Deeplab.com::How cybercriminals skillfully utilize neural networks for their increasingly sophisticated and elusive illi…DEEPLAB.COM
23 AugThe Importance of Key Rotation for Data Securitysubmitted by L4s to secops 3 points | 0 comments https://www.piiano.com/blog/key-rotation The Importance of Key Rotation for Data Security::Enhance data security with key rotation. Learn why regularly changing encryption keys is crucial for adequate data security.PIIANO.COM
23 AugLateral movement: A conceptual overviewsubmitted by L4s to secops 1 points | 0 comments https://diablohorn.com/2023/08/22/lateral-movement-a-conceptual-overview/ Lateral movement: A conceptual overview::I’ve often been in the situation of explaining lateral movement to people who do not work in the offensive security …DIABLOHORN.COM
23 AugBritish court convicts two teen Lapsus$ members of hacking tech firmssubmitted by c0mmando to netsec 5 points | 1 comments https://therecord.media/lapsus%24-hackers-convinctions-teens-uk-courtTHERECORD.MEDIA
23 AugNorth Korea’s Lazarus hackers behind recent crypto heists: FBIsubmitted by c0mmando to netsec 3 points | 0 comments https://therecord.media/north-korea-lazarus-behind-crypto-heistsTHERECORD.MEDIA
23 AugMillions stolen from crypto platforms Exactly Protocol and Harbor Protocolsubmitted by c0mmando to netsec 15 points | 0 comments https://therecord.media/millions-stolen-exactly-harbor-protocol-defi-cryptocurrencyTHERECORD.MEDIA
🌐 CYBER THREAT LANDSCAPE 4[−]
23 AugNew Agniane Stealer Peddled on Dark Web Forums to Enable Crypto TheftAgniane Stealer is a new information stealer malware that targets credentials, system information, and cryptocurrency wallets, and is available for sale on dark web forums.ZSCALER.COM
23 AugFake Roblox Packages Target NPM With Luna Grabber Information-Stealing MalwareResearchers at ReversingLabs have discovered a malicious campaign targeting Roblox developers on the npm public repository. The campaign involves malicious packages that imitate the legitimate package noblox.js, a Node.js Roblox API wrapper.REVERSINGLABS.COM
23 AugAgile Approach to Mass Cloud Credential Harvesting and Crypto Mining Sprints AheadDevelopers are not the only people who have adopted the agile methodology for their development processes. From 2023-06-15 to 2023-07-11, Permiso Security’s p0 Labs team identified and tracked an attacker developing and deploying eight (8) incremental iterations of their credenti…THEHACKERNEWS.COM
23 AugThe ‘US Cyber Trust Mark’ finally gives device makers a reason to spend big on securityApu Pavithran Contributor Apu Pavithran is the founder and CEO of Hexnode. The Internet of Things (IoT) is in hacker crosshairs. Last year, more than 110 million IoT malware attacks took place — an 87% increase from the previous 12 months. And as connected devices take on more cr…TECHCRUNCH.COM
🎙️ PODCASTS 1[−]
23 AugSmashing Security podcast #336: Pizza pests, and securing your wearablesSurely you should be able to order pizza without being pestered for sex? And Carole takes a look at the what and why of wearables... All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriaul…GRAHAMCLULEY.COM
📡 INFOSEC NEWS 20[−]
23 AugMeta plans to roll out default end-to-end encryption for Messenger by the end of the yearMeta said today that the company plans to enable end-to-end encryption by default for Messenger by the end of this year. The tech giant is also expanding its test of end-to-end encryption features to “millions more people’s chats.” The company has been building …TECHCRUNCH.COM
23 AugMore Exotic Excel Files Dropping AgentTesla, (Wed, Aug 23rd)Excel is an excellent target for attackers. The Microsoft Office suite is installed on millions of computers, and people trust these files. If we have the classic xls, xls, xlsm file extensions, Excel supports many others! Just check your local registry: ISC.SANS.EDU
23 AugData of 2.6 million Duolingo users posted on the dark webA malicious actor is offering $1,500 for the data set which was scraped using an open APICSHUB.COM
23 AugZoom’s AI terms overhaul sets stage for broader data use scrutinyZoom updated its terms and conditions — again — on Friday following persistent criticism related to language that allowed the company to use customer data to train its AI systems.CYBERSECURITYDIVE.COM
23 AugDecember’s Reimagining Democracy WorkshopImagine that we’ve all—all of us, all of society—landed on some alien planet, and we have to form a government: clean slate. We don’t have any legacy systems from the US or any other country. We don’t have any special or unique interests to perturb o…SCHNEIER.COM
23 AugNearly a third of young people preyed on by “text pest” delivery driversSurely you should be able to order pizza without being pestered for sex or a date? So, how come so many young people are claiming that they are being hassled after ordering an online delivery? Read more in my article on the Hot for Security blog.BITDEFENDER.COM
23 AugScraped Data of 2.6 Million DuoLingo Users Released on Hacking ForumThis data includes a mixture of public login and real names, and non-public information, including email addresses and internal information related to the DuoLingo service.BLEEPINGCOMPUTER.COM
23 AugMeta Set to Enable Default End-to-End Encryption on Messenger by Year EndMeta has once again reaffirmed its plans to roll out support for end-to-end encryption (E2EE) by default for one-to-one friends and family chats on Messenger by the end of the year. As part of that effort, the social media giant said it's upgrading "millions more people's chats" …THEHACKERNEWS.COM
23 AugDefense Contractor Belcan Leaks Admin Password With a List of FlawsOn May 15th, the Cybernews research team discovered an open Kibana instance containing sensitive information regarding Belcan, their employees, and internal infrastructure.SECURITYAFFAIRS.COM
23 AugGoogle Workspace will require two admins to sign off on critical changesGoogle announced today new cybersecurity defense controls that will allow security teams to thwart account takeover attempts and social engineering attacks targeting Workspace users. [...]BLEEPINGCOMPUTER.COM
23 AugKali Linux 2023.3 released with 9 new tools, internal changesKali Linux 2023.3, the third version of 2023, is now available for download, with nine new tools and internal optimizations. [...]BLEEPINGCOMPUTER.COM
23 AugWhat Can Generative AI do for Hybrid Cloud Security?As enterprise security operations centers absorb cloud security functions, they face new challenges and require new skills. Generative AI can help by laying a secure cloud foundation and empowering SOC teams to respond effectively when threats arise.TRENDMICRO.COM
23 AugWindow Snyder talks striking out on her own in cybersecurity at TechCrunch DisruptWhen Window Snyder started security infrastructure startup Thistle Technologies in 2020, she already had a decades-long career in cybersecurity under her belt. Snyder first made waves as a senior security strategist at Microsoft, where she is credited with pushing the tech giant …TECHCRUNCH.COM
23 AugThoma Bravo Merges ForgeRock with Ping IdentityPrivate equity powerhouse Thoma Bravo on Wednesday announced plans to merge the just-acquired ForgeRock with Ping Identity, combining two of the biggest names in the enterprise identity and access management market.SECURITYWEEK.COM
23 AugUsing WinRAR? Be sure to patch against these code execution bugs…Imagine if you clicked on a harmless-looking image, but an unknown application fired up instead...NAKEDSECURITY.SOPHOS.COM
23 AugNew stealthy techniques let hackers gain Windows SYSTEM privilegesSecurity researchers have released NoFilter, a tool that abuses the Windows Filtering Platform to elevate a user's privileges to increases privileges to SYSTEM, the highest permission level on Windows. [...]BLEEPINGCOMPUTER.COM
23 AugWindows 10 KB5029331 update introduces a new Backup appMicrosoft has released the optional KB5029331 Preview cumulative update for Windows 10 22H2 with sixteen improvements or fixes, including the introduction of a new Backup app. [...]BLEEPINGCOMPUTER.COM