🚨 CISA KEV 2[−]
24 Aug KEVMore than 3,000 Openfire servers exposed to attacks using a new exploitThe experts pointed out that the bug has been exploited for more than two months, but yet to be added to the CISA KEV catalog. The researchers discovered approximately 6,300 servers on Shodan and a bit more using the Censys search engine.SECURITYAFFAIRS.COM
24 Aug KEVCISA Adds Two Known Exploited Vulnerabilities to CatalogCISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2023- 38831 RARLAB WinRAR Code Execution Vulnerability CVE-2023- 32315 Ignite Realtime Openfire Path Traversal Vulnerability These types of vulner…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 7[−]
24 AugGroundPeony Group Exploiting Zero-day Flaw to Attack Government AgenciesA cyber attack group – GroundPeony, targeting the Taiwanese government, was discovered in March 2023; it used several tactics, such as tampering with legitimate websites for distributing malware, URL obfuscation, and multi-stage loaders. Further investigations revealed that…GBHACKERS.COM
24 AugThousands of Unpatched Openfire XMPP Servers Still Exposed to High-Severity FlawThousands of Openfire XMPP servers are unpatched against a recently disclosed high-severity flaw and are susceptible to a new exploit, according to a new report from VulnCheck. Tracked as CVE-2023-32315 (CVSS score: 7.5), the vulnerability relates to a path traversal vulnerabilit…THEHACKERNEWS.COM
24 AugWinRAR Security Flaw Exploited in Zero-Day Attacks to Target TradersA recently patched security flaw in the popular WinRAR archiving software has been exploited as a zero-day since April 2023, new findings from Group-IB reveal. The vulnerability, cataloged as CVE-2023-38831, allows threat actors to spoof file extensions, thereby making it possibl…THEHACKERNEWS.COM
24 AugHackers use public ManageEngine exploit to breach internet orgThe North Korean state-backed hacker group tracked as Lazarus has been exploiting a critical vulnerability (CVE-2022-47966) in Zoho's ManageEngine ServiceDesk to compromise an internet backbone infrastructure provider and healthcare organizations. [...]BLEEPINGCOMPUTER.COM
24 AugFBI: Patches for Recent Barracuda ESG Zero-Day IneffectiveThe FBI says that the patches Barracuda released in May for an exploited ESG zero-day vulnerability (CVE-2023-2868) were not effective. The post FBI: Patches for Recent Barracuda ESG Zero-Day Ineffective appeared first on SecurityWeek .SECURITYWEEK.COM
24 AugCVE-2023-30943 - Playing Dominos with Moodle's Security (1/2)submitted by bOt to netsec 1 points | 0 comments https://www.sonarsource.com/blog/playing-dominos-with-moodles-security-1/ This is an automated archive. The original was posted on /r/netsec by /u/monoimpact on 2023-08-24 18:01:27+00:00.SONARSOURCE.COM
24 AugIvanti Sentry Authentication Bypass CVE-2023-38035 Deep-Dive, IOCs, and Exploit POCsubmitted by bOt to netsec 1 points | 0 comments https://www.horizon3.ai/ivanti-sentry-authentication-bypass-cve-2023-38035-deep-dive/ This is an automated archive. The original was posted on /r/netsec by /u/scopedsecurity on 2023-08-24 12:14:13+00:00.HORIZON3.AI
⚠️ VULNERABILITY DISCLOSURE 34[−]
24 AugManaging Bug Bounty Programs At Scale - Dr. Jared DeMott - PSW #796Jared has a long, and outstanding, history in cybersecurity. Today, he works for Microsoft helping them run and respond to bug bounty reports. The scale is massive and I think we can all learn a thing or two about vulnerability management and bug bounties! Segment Resources: http…YOUTUBE.COM
24 AugWebinar: The external attack surface & AI’s role in proactive securityThe enterprise perimeter is now a massively decentralized IT landscape characterized by large-scale adoption of cloud platforms, digital services, and an increasingly tangled digital supply chain. Regulators are on the march as new threat actors emerge, exploiting increasingly so…HELPNETSECURITY.COM
24 AugLack of visibility into cloud access policies leaves enterprises flying blindFragmented access policies are top security concern in multi-cloud environments, with more than 75% of enterprises reporting they do not know where applications are deployed and who has access to them, according to Strata Identity. Cloud security concerns According to the report,…HELPNETSECURITY.COM
24 AugThreat Actors Leverage LLMs-related Facebook Ads to Steal CredentialsThreat actors were seen exploiting paid Facebook promotions to disseminate malicious code, aiming to deploy a harmful browser add-on for credential theft. Going by the keywords and variables noticed within the malicious script, researchers believe that Vietnamese threat acto…CYWARE.COM
24 AugBitwarden launches E2EE Secrets ManagerBitwarden, a popular open-source password management service, has released Bitwarden Secrets Manager, an open-source, end-to-end encrypted solution that helps development, IT and DevOps teams store, manage, automate, and share secrets. About Bitwarden Secrets Manager Bitwarden Se…HELPNETSECURITY.COM
24 AugSpecialized third-party solutions prove effective against malicious bots, ATO attacks, script risksSpecialized third-party solutions are proving notably effective in helping businesses tackle malicious bots, account takeover (ATO) attacks, and third-party script threats. That's according to a new survey of IT and security professionals by security vendor Akamai in collaboratio…CSOONLINE.COM
24 AugNoFilter: Tool that Escalates Privilege Abusing Windows Filtering PlatformPrivilege escalation is a commonly employed attack vector in the Windows operating system environment. Attackers often leverage offensive tools such as Meterpreter, CobaltStrike, or Potato tools to execute code such as “NT AUTHORITY\SYSTEM.” These tools typicall…GBHACKERS.COM
24 Aug KEVUK court finds teenagers guilty of carrying out LAPSUS$ hacking spreeA UK court has found an 18-year-old from Oxford was a part of international cybercrime gang LAPSUS$, responsible for a hacking spree against major tech firms. Arion Kurtaj was a key member of the LAPSUS$ group that hacked the likes of Uber, Nvidia, and Rockstar Games. A 17-year-o…CSOONLINE.COM
24 AugTraders Targeted by Cybercriminals in Attack Exploiting WinRAR Zero-DayA financially motivated cybercrime group has exploited a WinRAR zero-day to deliver malware to traders and steal their money. The post Traders Targeted by Cybercriminals in Attack Exploiting WinRAR Zero-Day appeared first on SecurityWeek .SECURITYWEEK.COM
24 AugBugs in NVIDIA Graphics Driver Leads to Memory CorruptionAn attacker could exploit these vulnerabilities from guest machines running virtualization environments to perform a guest-to-host escape, as we’ve illustrated with previous vulnerabilities in NVIDIA graphics drivers.TALOSINTELLIGENCE.COM
24 AugErmetic CNAPP available on Google Cloud MarketplaceErmetic has unveiled that the Ermetic cloud native application protection platform (CNAPP) is now available on Google Cloud Marketplace. “The availability of the Ermetic CNAPP on Google Cloud Marketplace makes it fast and easy for customers to pay for and provision advanced secur…HELPNETSECURITY.COM
24 AugWhat are Brute Force Attacks, and How to Protect Your APIs Against them?Brute force attacks have been one of the most common attack types. In Q1 2022, brute force made up 51% of all attacks! These attacks often pave the way for other types of threats and have devastating consequences for the organization. Brute force on APIs is a bigger problem since…GBHACKERS.COM
24 AugLessons learned from the Microsoft Cloud breachIn early July, the news broke that threat actors in China used a Microsoft security flaw to execute highly targeted and sophisticated espionage against dozens of entities. Victims included the U.S. Commerce Secretary, several U.S. State Department officials and other organization…SECURITYINTELLIGENCE.COM
24 AugImmuniWeb releases Mobile Neuron to scan for OWASP Mobile Top 10 vulnerabilities, iOS/Android weaknessesApplication security vendor ImmuniWeb has announced the release of Neuron Mobile, a mobile application security testing solution designed to scan for OWASP Mobile Top 10 vulnerabilities and weaknesses in iOS and Android apps. Neuron Mobile is an entirely automated solution that f…CSOONLINE.COM
24 AugLazarus Group Exploits ManageEngine Vulnerability to Deploy QuiteRATQuiteRAT is clearly an evolution of MagicRAT. While MagicRAT is a bigger, bulkier malware family averaging around 18MB in size, QuiteRAT is a much much smaller implementation, averaging around 4 to 5MB in size.TALOSINTELLIGENCE.COM
24 AugTalon unveils digital experience capabilities, equipping IT teams with advanced metricsTalon Cyber Security has released new digital experience capabilities available in the Talon Enterprise Browser. The capabilities arm IT teams with advanced metrics on device, application, and network performance to ensure that issues can be proactively resolved, and employees ha…HELPNETSECURITY.COM
24 AugWinRAR 0-Day That Uses Poisoned JPG And TXT Files Under Exploit Since AprilPACKETSTORMSECURITY.COM
24 AugKingston IronKey Keypad 200C hardware-encrypted USB Type-C drive releasedKingston Digital Europe has launched the Kingston IronKey Keypad 200C, a hardware-encrypted USB Type-C drive that ensures both security and convenience at your fingertips. Now, users can achieve seamless data protection and effortless compatibility without the use of adapters whe…HELPNETSECURITY.COM
24 AugExploit released for Ivanti Sentry bug abused as zero-day in attacksProof-of-concept exploit code is now available for a critical Ivanti Sentry authentication bypass vulnerability that enables attackers to execute code remotely as root on vulnerable systems. [...]BLEEPINGCOMPUTER.COM
24 AugCyberattack disrupts major Mississippi health systemDespite the shutdown of certain internal systems following the detection of unusual network activity, SRHS disclosed that workarounds have been implemented to ensure the partial continuation of business operations.SCMAGAZINE.COM
24 AugLazarus Group Exploits Critical Zoho ManageEngine Flaw to Deploy Stealthy QuiteRAT MalwareThe North Korea-linked threat actor known as Lazarus Group has been observed exploiting a now-patched critical security flaw impacting Zoho ManageEngine ServiceDesk Plus to distribute a remote access trojan called such as QuiteRAT. Targets include internet backbone infrastructure…THEHACKERNEWS.COM
24 AugCISA Releases Six Industrial Control Systems AdvisoriesCISA released six Industrial Control Systems (ICS) advisories on August 24, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-236-01 KNX Protocol ICSA-23-236-02 Opto 22 SNAP PAC S1 ICSA-23-236-0…CISA.GOV
24 AugThe delta between perception and preparednessAs ransomware flourishes and attackers' techniques get more sophisticated, organizations of all sizes and industries are targets. For this reason, security leaders must immediately invest in the appropriate technologies, people and processes to avoid a ransomware attack in the fu…CSOONLINE.COM
24 Aug KEVWebshells: Why an old tactic is still relevantThe threat landscape is constantly evolving, but often, it's the same old tricks that pay off. In the past several months, we've been seeing a preponderance of webshell attacks. In fact, a good portion of the attacks my research team has seen this year has had some kind of shell …CSOONLINE.COM
24 AugJupiter X Core WordPress plugin could let hackers hijack sitesTwo vulnerabilities affecting some version of Jupiter X Core, a premium plugin for setting up WordPress and WooCommerce websites, allow hijacking accounts and uploading files without authentication. [...]BLEEPINGCOMPUTER.COM
24 AugCourt finds autistic members of LAPSUS$ gang responsible for GTA 6 hack and other high profile breachesA London court has found two British teens responsible for a spree of high profile hacks, including one that saw the leaking of source code and videos of Rockstar Games's as-yet unreleased "Grand Theft Auto 6." Read more in my article on the Hot for Security blog.BITDEFENDER.COM
24 AugMississippi Hospital System Still Struggling With AttackThe Gulf Coast Provider Is Among the Regional Health Systems Hit Recently A three-hospital health system serving the Mississippi Gulf Coast has resorted to paper charting and other manual processes for patient care as it deals with a cyberattack that forced it to take systems off…DATABREACHTODAY.CO.UK
24 AugFlax Typhoon using legitimate software to quietly access Taiwanese organizationsChina-based actor Flax Typhoon is exploiting known vulnerabilities for public-facing servers, legitimate VPN software, and open-source malware to gain access to Taiwanese organizations, but not taking further action. The post Flax Typhoon using legitimate software to quietly acce…MICROSOFT.COM
24 AugBypassing Bitlocker using a cheap logic analyzer on a Lenovo laptopsubmitted by tedu to cybersecurity 20 points | 3 comments https://www.errno.fr/BypassingBitlocker.html The vulnerability should be obvious: at some point in the boot process, the VMK transits unencrypted between the TPM and the CPU. This means that it can be captured and used to …ERRNO.FR
24 AugWhy Decentralization is the Only Way to Prevent Cybersecurity Breaches?submitted by Shannon to security 23 points | 3 comments https://programming.dev/pictrs/image/97ccb895-e671-4f91-b593-0c742515c961.png Why Decentralization is the Only Way to Prevent Cybersecurity Breaches? 1/ A decentralized network is built by people, where individuals function …PROGRAMMING.DEV
24 AugDeep dive into the recent bugs in the NVMe protocol and the impact on cloud providers and on-premises servers.submitted by L4s to secops 8 points | 0 comments https://www.cyberark.com/resources/threat-research-blog/nvme-new-vulnerabilities-made-easy Deep dive into the recent bugs in the NVMe protocol and the impact on cloud providers and on-premises servers.::undefinedCYBERARK.COM
24 AugChanges to UK Surveillance Regime May Violate International Lawsubmitted by DocMcStuffin to cybersecurity 29 points | 3 comments https://www.justsecurity.org/87615/changes-to-uk-surveillance-regime-may-violate-international-law/ The UK government is revising the Investigatory Powers Act 2016 (IPA). The proposed changes could allow the govern…JUSTSECURITY.ORG
24 AugLearn how to protect your data and systems from upstream and Side Channel attacks with the Clean Source principle and Azure solutions. Discover the power of PAW and Confidential Computesubmitted by bOt to netsec 1 points | 0 comments https://github.com/HotCakeX/Harden-Windows-Security/wiki/Clean-Source-principle,-Azure-and-Privileged-Access-Workstations This is an automated archive. The original was posted on /r/netsec by /u/HotCakeXXXXXXXXXXXXX on 2023-08-24 1…GITHUB.COM
📢 SECURITY ADVISORIES 13[−]
24 AugHow digital identity protects connected carsIn this Help Net Security video, Eve Maler, CTO at ForgeRock, discusses how digital identity can help create a more secure connected car experience and what car manufacturers should consider regarding data privacy regulation. The post How digital identity protects connected cars …HELPNETSECURITY.COM
24 AugImmuniWeb introduces ImmuniWeb Neuron Mobile, an automated mobile app security testing solutionImmuniWeb has introduced ImmuniWeb Neuron Mobile – its 6th product available on the ImmuniWeb AI Platform that currently covers over 20 cybersecurity, privacy and compliance use cases. ImmuniWeb Neuron Mobile Dashboard ImmuniWeb Neuron Mobile is a fully automated, AI-enabled mobi…HELPNETSECURITY.COM
24 AugDarkGate Reloaded via Malvertising and SEO Poisoning CampaignsTwo blog posts came out in early August, identifying new DarkGate attacks. Advanced IP Scanner is a popular tool used by IT administrators. Victims who click on the ad are presented with a decoy site.MALWAREBYTES.COM
24 AugCypago, which aims to automate compliance and governance for companies, raises $13MThere’s a growing number of cybersecurity regulations designed to keep business and customer data protected. In 2022 alone, over 40 U.S. states introduced 250 bills focused on cybersecurity, according to the National Conference of State Legislatures. And more are on the way…TECHCRUNCH.COM
24 AugTrulioo enhances identity verification with “person match” intelligent routingIdentity verification platform Trulioo has announced new Workflow Studio capabilities to accelerate global person matching through personally identifiable information (PII) and identity documents. The platform streamlines the verification of good users through intelligent transac…CSOONLINE.COM
24 AugNIST publishes draft post-quantum cryptography standards, calls for industry feedbackThe US National Institute of Standards and Technology (NIST) has published draft post-quantum cryptography (PQC) standards that are designed as a global framework to help organizations protect themselves from future quantum-enabled cyberattacks. The standards were selected by NIS…CSOONLINE.COM
24 AugRecord startup funding, identity and context, and the Hot Ones format comes to Cyber! - ESW #329Record funding levels over the last two weeks top 2023 and the same time last year. We discuss Palo Alto's plans for the future, CISA's analysis of the LAPSUS$ hacking group, and the uselessness of Quantum Security pitches. Chrome adds the ability to alert users about malicious e…YOUTUBE.COM
24 AugInsights from a CISO Survival GuideThis is the cost of progress: Connectedness is essential to keep customers, partners, and employees productive and highly satisfied, but it invites breach contagion that is sure to make everyone unhappy. That leaves CISOs walking a fine line between boom and backlash as they try …CSOONLINE.COM
🔥 INCIDENT REPORTING 20[−]
24 AugHow to spot phishing on a hacked WordPress website | Kaspersky official blogThree signs that a WordPress site has been hacked by phishers.KASPERSKY.COM
24 AugSpyCloud raises $110 million to accelerate identity threat protectionIts latest solution, SpyCloud Compass, enables Post-Infection Remediation of malware exposures, including the compromised assets most likely to lead to ransomware attacks.HELPNETSECURITY.COM
24 AugHosting Provider CloudNordic Loses All Customer Data in Ransomware AttackDanish cloud hosting provider CloudNordic says most customers lost all data after ransomware shut down all its systems and servers. The post Hosting Provider CloudNordic Loses All Customer Data in Ransomware Attack appeared first on SecurityWeek .SECURITYWEEK.COM
24 AugUK Court Concludes Teenager Behind Huge Hacking CampaignA UK court has found a teenager responsible for a hacking campaign that included one of the biggest breaches in the history of the video game industry. The post UK Court Concludes Teenager Behind Huge Hacking Campaign appeared first on SecurityWeek .SECURITYWEEK.COM
24 AugTransatlantic Cable podcast, episode 313 | Kaspersky official blogIn episode 313, the team look at Quantum resilient FIDO keys, Duolingo data breach and Interpol arrestsKASPERSKY.COM
24 AugNew "Whiffy Recon" Malware Triangulates Infected Device Location via Wi-Fi Every MinuteThe SmokeLoader malware is being used to deliver a new Wi-Fi scanning malware strain called Whiffy Recon on compromised Windows machines. "The new malware strain has only one operation. Every 60 seconds it triangulates the infected systems' positions by scanning nearby Wi-Fi acce…THEHACKERNEWS.COM
24 AugSt Helens Council Warns of Phishing After Ransomware BreachThe council warned in a further message on its website for locals to watch out for phishing emails impersonating their bank and informing them of a new direct debit. That would suggest that the hackers have access to citizens’ personal information.INFOSECURITY-MAGAZINE.COM
24 AugCloud hosting firms hit by devastating ransomware attackDanish cloud hosting firms CloudNordic and Azero – both owned by Certiqa Holding – have suffered a ransomware attack that resulted in most customer data being stolen and systems and servers rendered inaccessible. The CloudNordic and Azero ransomware attack In the earl…HELPNETSECURITY.COM
24 AugTitle Lender TMX Now Says Payment Card Data Stolen in Breach5 Million Borrowers Informed February Breach Was Worse Than Previously Announced The parent company of subprime lender TitleMax is warning nearly 5 million customers that a data breach affecting them is worse than was previously reported. In addition to names and Social Security …DATABREACHTODAY.CO.UK
24 Aug6 Ransomware Trends & Evolutions to Watch ForIn the era of digital transformation, ransomware groups are adapting to changing technology. The next evolution of ransomware could begin with these trends.TRENDMICRO.COM
24 AugMillions stolen from crypto platforms Exactly Protocol and Harbor ProtocolTwo DeFi platforms, Exactly and Harbor, fell victim to cyberattacks resulting in the theft of millions of dollars' worth of cryptocurrency. Exactly Protocol confirmed suffering a loss of around $7.3 million worth of ETH.THERECORD.MEDIA
24 AugSensitive Data of 10m at Risk After French Employment Agency BreachIn a public statement published on August 23, 2023, Pôle emploi confirmed “a breach in the information system of one of its service providers, involving a risk of disclosure of jobseekers' personal data.”INFOSECURITY-MAGAZINE.COM
24 AugCryptohack Roundup: Tornado Cash in the Eye of the StormAlso: FBI Issues DPRK Alert; Incidents Affect Exactly, Harbor and Venus Protocols This week, charges were filed against Tornado Cash founders, the FBI found North Korean bitcoin wallets holding stolen cash, theft occurred in the Exactly and Harbor protocols, Venus Protocol liquid…DATABREACHTODAY.CO.UK
24 AugRansomware hackers dwell time drops to 5 days, RDP still widely usedRansomware threat actors are spending less time on compromised networks before security solutions sound the alarm. In the first half of the year the hackers' median dwell time dropped to five days from nine in 2022 [...]BLEEPINGCOMPUTER.COM
24 AugUniversity of Minnesota Confirms Data Breach, Says Ransomware Not InvolvedUniversity of Minnesota confirms data was stolen from its systems, says no malware infection or file encryption has been identified. The post University of Minnesota Confirms Data Breach, Says Ransomware Not Involved appeared first on SecurityWeek .SECURITYWEEK.COM
24 AugFBI warns of patched Barracuda ESG appliances still being hackedThe Federal Bureau of Investigation warned that patches for a critical Barracuda Email Security Gateway (ESG) remote command injection flaw are "ineffective," and patched appliances are still being compromised in ongoing attacks. [...]BLEEPINGCOMPUTER.COM
24 AugBreach Roundup: Rhysida Ransom Gang Cops to Hospital HacksAlso: Cyberattack Disrupts Expat Voting in Ecuador; Africa Arrests Cybercriminals This week, a ransomware gang claimed responsibility for attacks on a multistate U.S. hospital chain, a cyberattack disrupted expat voting in Ecuador, Africa cracked down on cybercrime, Latitude Fina…DATABREACHTODAY.CO.UK
24 AugRansomware Economy Players, Pentest War Stories, & Ransomware Groups Working Together - ESW #329During this segment, Jon will explore today’s ransomware economy players from IABS to RaaS affiliates, to money launders and now C2Ps. For the discussion, Jon will leverage Halcyon’s latest research, which demonstrates a new technique to uncover how C2Ps, like Cloudzy, are used t…YOUTUBE.COM
24 AugSevenRooms - 1,205,385 breached accountsIn December 2022, over 400GB of data belonging to restaurant customer management platform SevenRooms was posted for sale to a popular hacking forum . The data included 1.2M unique email addresses alongside names and purchases. SevenRooms advised that the breach was due to unautho…HAVEIBEENPWNED.COM
24 AugScarab Ransomware Deployed Using SpaceColon ToolkitDevelopers Appear To Be Preppring New Ransomware Malware Hackers are using toolset that first appeared in 2020 apparently developed by Turkish-speakers to deploy Scarab ransomware, say security researchers. Eset dubs the threat actors behind the framework "CosmicBeetle."DATABREACHTODAY.CO.UK
🕵️ THREAT INTELLIGENCE 31[−]
24 AugHow I made a qwerty ?keyboard walk? password generator with ChatGPT [Guest Diary], (Wed, Aug 23rd)[This is a Guest Diary by John Grant, an ISC intern as part of the SANS.edu BACS program]
ISC.SANS.EDU
24 AugISC Stormcast For Thursday, August 24th, 2023 https://isc.sans.edu/podcastdetail/8630, (Thu, Aug 24th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
24 AugAI and the evolution of surveillance systemsIn this Help Net Security interview, Gerwin van der Lugt, CTO at Oddity, discusses the future of surveillance and AI’s influence. He also delves into how organizations can prevent their systems from perpetuating biases or violating individual rights. What precautions are in…HELPNETSECURITY.COM
24 AugDoes a secure coding training platform really work?As security vulnerabilities are reported to you time and again, you may ask yourself: “Why don’t these developers learn the lesson?” The next thing you may think is: “We should train developers, so they stop making these mistakes.” For many years, those were my thoughts as …HELPNETSECURITY.COM
24 AugKali Linux 2023.3 released: Major overhaul of Kali Autopilot, 9 new tools, and more!Offensive Security has released Kali Linux 2023.3, the latest version of its penetration testing and digital forensics platform. New tools in Kali Linux 2023.3 Besides updates to current tools, new versions of Kali typically introduce fresh tools. On this occasion, they are: Cali…HELPNETSECURITY.COM
24 AugFBI Urges Immediate Removal of Patched Barracuda ESG DevicesBureau Warns of 'Active Intrusions' as Chinese Hackers Defeat Countermeasures The FBI urged the immediate removal of previously patched email security appliances made by Barracuda Networks, injecting fresh urgency in a push to stymie what's been called the broadest Chinese cyber …DATABREACHTODAY.CO.UK
24 AugKali Linux 2023.3 Released: What’s New!Kali Linux 2023.3 is now available, and it includes a variety of new packages and tools, as well as the usual upgrades. The release of Kali Linux 2023.3 arrives three months after Kali Linux 2023.2. This upgrades the kernel from Debian Bookworm’s long-term supported LiLinux…GBHACKERS.COM
24 AugRussian Toolkit Aims to Make Online Scamming Easy for AnyoneFraudster Users Call Victims 'Mammoths,' Leading Eset to Dub Them 'Neanderthals' A likely Russian toolkit dubbed Telekopye by security researchers lets thieves concentrate on honing their social engineering without having to worry about the technical side of online scamming. User…DATABREACHTODAY.CO.UK
24 AugDigital Identity Protection Firm SpyCloud Raises $110 MillionAccount takeover and fraud protection firm SpyCloud has raised $110 million in a growth funding round led by Riverwood Capital. The post Digital Identity Protection Firm SpyCloud Raises $110 Million appeared first on SecurityWeek .SECURITYWEEK.COM
24 AugSimplify Secure Enterprise Device Management With QR CodesCorporate mobile devices have become essential to everyday tasks for employees, but this convenience also comes with security risks. The challenge lies in managing and securing multiple devices, especially without a proper solution. This is where mobile device management (MDM) co…GBHACKERS.COM
24 AugParmesan Anti-Forgery ProtectionThe Guardian is reporting about microchips in wheels of Parmesan cheese as an anti-forgery measure.SCHNEIER.COM
24 Augnao-sec.orgThe APT group starts by sending a spear-phishing email, which consists of a DOC file embedded with a URL for a ZIP file download. Once the ZIP file gets downloaded, it contains an EXE file and a DLL file which are executed to infect malware.NAO-SEC.ORG
24 AugRockwell ThinManager Vulnerabilities Could Expose Industrial HMIs to AttacksRockwell Automation ThinManager ThinServer vulnerabilities could allow remote attackers to take control of servers and hack HMIs. The post Rockwell ThinManager Vulnerabilities Could Expose Industrial HMIs to Attacks appeared first on SecurityWeek .SECURITYWEEK.COM
24 AugNew Telegram Bot "Telekopye" Powering Large-scale Phishing Scams from RussiaA new financially motivated operation is leveraging a malicious Telegram bot to help threat actors scam their victims. Dubbed Telekopye, a portmanteau of Telegram and kopye (meaning "spear" in Russian), the toolkit functions as an automated means to create a phishing web page fro…THEHACKERNEWS.COM
24 AugDuolingo Users Should Be on the Lookout for Targeted Phishing AttacksUsers of the language learning app Duolingo should be wary of targeted phishing attacks following a recent data leak, according to Anthony Spadafora at Tom’s Guide. Criminals scraped the names and email addresses of 2.6 million Duolingo users earlier this year, and are now sellin…KNOWBE4.COM
24 AugNew Relic enhances its AIOps capabilities with recommended alertsNew Relic has further enhanced its AIOps capabilities with recommended alerts. This provides the ability to detect and resolve alert coverage gaps by using AI to identify anomalous behavior, determine areas of the technology stack that aren’t being monitored, and recommend new al…HELPNETSECURITY.COM
24 AugLora Projects, WinRAR, Kali Mobile, Benchmarks Vs. IRL, & VPN HYPE! - PSW #796In the Security News: Lora projects are popular, simple checksums are not enough, WinRAR: shareware or native OS?, ATM software is vulnerable, attackers could learn from security researchers (but lets hope they don’t), NoFilter and behavior by design, Apple vs. A security researc…YOUTUBE.COM
24 AugTelekopye: Hunting Mammoths using Telegram botThe exact origins of the threat actors, dubbed Neanderthals, are unclear, but evidence points to Russia as the country of origin of the toolkit's authors and users, owing to the use of Russian SMS templates.WELIVESECURITY.COM
24 AugCisco Patches Vulnerabilities Exposing Switches, Firewalls to DoS AttacksCisco has released patches for three high-severity vulnerabilities in NX-OS and FXOS software that could lead to denial-of-service (DoS) conditions. The post Cisco Patches Vulnerabilities Exposing Switches, Firewalls to DoS Attacks appeared first on SecurityWeek .SECURITYWEEK.COM
24 AugMysterious Malware Uses Wi-Fi Scanning to Get Location of Infected DeviceMysterious Whiffy Recon malware scans for nearby Wi-Fi access points to obtain the location of the infected device. The post Mysterious Malware Uses Wi-Fi Scanning to Get Location of Infected Device appeared first on SecurityWeek .SECURITYWEEK.COM
24 AugWireshark 4.0.8 Release: What’s New!The most widely used network protocol analyzer in the world, Wireshark, has released version 4.0.8. It is employed for network analysis, troubleshooting, software and communications protocol development, and education. This new version includes bug fixes, improved protocol suppor…GBHACKERS.COM
24 AugNETGEAR launches PR60X Pro RouterNETGEAR has launched the NETGEAR 10G/Multi-Gigabit Dual WAN Pro Router (PR60X) making it the latest addition to their total networking solution platform, Insight. NETGEAR’s line of Smart Switches, Pro WiFi Access Points, Insight cloud-based management platform, and now the PR60X …HELPNETSECURITY.COM
24 AugNorth Korea ready to cash out more than $40 million in Bitcoin after summer of hacks, warns FBIAfter a series of high-profile cryptocurrency hacks, the state-sponsored North Korean Lazarus Group is poised to cash out millions of dollars. Read more in my article on the Tripwire State of Security blog.TRIPWIRE.COM
24 AugTackling the Perennial Problem | Enterprise News | Black Hat Executive Interviews - ESW329This week, we kick things off with and interview with Jason Meller, Founder and CEO at Kolide, about - . Then we discuss our weekly Enterprise News for the week. Finally we will be airing some more interviews from Black Hat 2023, with John Shier, Field CTO Commercial at Sophos, S…YOUTUBE.COM
24 AugChinese-backed APT ‘Flax Typhoon’ Hacks Taiwan with Minimal Malware FootprintMicrosoft warns that Chinese spies are hacking into Taiwanese organizations with minimal use of malware and by abusing legitimate software. The post Chinese-backed APT ‘Flax Typhoon’ Hacks Taiwan with Minimal Malware Footprint appeared first on SecurityWeek .SECURITYWEEK.COM
24 AugTackling the Perennial Problem of Device Management - Jason Meller - ESW #329Incredibly, the seemingly simple task of managing corporate-owned devices is still a struggle for most organizations in 2023. Maybe best MDM for Mac doesn't work with Windows, or the best MDM for Windows doesn't work with Mac. Maybe neither have Linux support. Perhaps they don't …YOUTUBE.COM
24 AugBSides Perth 2023 - 17 videossubmitted by ashar to security_cpe 2 points | 0 comments https://youtube.com/playlist?list=PLtogThlxLoTVTU59g5s1wu86J322xR1PT&si=gCzALobYuWkqTXiY Schedule for BSides Perth 2023 BSides Perth 2023 PlaylistYOUTUBE.COM
24 AugDevoxx Greece 2023 - 71 videos - ENGLISH languagesubmitted by ashar to security_cpe 2 points | 0 comments https://youtube.com/playlist?list=PLRsbF2sD7JVpbq0m2mUKFmR-JUgaGwuF-&si=kRWsgKoJRHMfmE5p Devoxx Greece website Devoxx Greece 2023 playlist Devoxx Greece 2023 takes place for the very first time from May 4th until the 6t…YOUTUBE.COM
24 AugBypassing Bitlocker using a cheap logic analyzer on a Lenovo laptopsubmitted by L4s to secops 2 points | 0 comments https://www.errno.fr/BypassingBitlocker Bypassing Bitlocker using a cheap logic analyzer on a Lenovo laptop::undefinedERRNO.FR
24 AugFrosty Trails: Threat-Hunting For Identity Threats In Snowflake Snowflakesubmitted by bOt to netsec 1 points | 0 comments https://www.rezonate.io/blog/threat-hunting-in-snowflake/ This is an automated archive. The original was posted on /r/netsec by /u/Or1rez on 2023-08-24 16:34:01+00:00.REZONATE.IO
24 AugNews alert: Cypago unveils Cyber GRC Automation (CGA) platform to simplify GRC processesTel Aviv, Israel, Aug. 24, 2023 – Cypago announced the release of its Cyber GRC Automation (CGA) platform today, revolutionizing the GRC space by bridging the gap between management, security, and operations teams. This announcement follows the company’s $13M in … (more…)LASTWATCHDOG.COM
🌐 CYBER THREAT LANDSCAPE 5[−]
24 AugSafe Online Surfing Launching for 2023-2024 School Year | Federal Bureau of InvestigationThe SOS program, created for students in third through eighth grades, covers topics like cyberbullying, passwords, malware, social media, and more. It also provides teachers with a curriculum that meets state and federal internet safety mandates.FBI.GOV
24 AugHP Report Details Tactics Used to Evade Detection ToolsNone of these attacks are especially sophisticated, but they do show how cybercriminals are shifting their attack techniques by combining techniques in different ways to evade detection.SECURITYBOULEVARD.COM
24 AugNational intelligence office issues cyber warning for government and commercial satellitesThe warning comes just about a month after three teams at the DEF CON 23 convention in Las Vegas managed to successfully hack a government satellite in orbit. Other less technical tactics are also being used to steal information.NEXTGOV.COM
24 AugSmoke Loader Drops Whiffy Recon Wi-Fi Scanning and Geolocation MalwareWhiffy Recon works by checking for the WLAN AutoConfig service (WLANSVC) on the infected system and terminating itself if the service name doesn't exist. Persistence is achieved by means of a shortcut that's added to the Windows Startup folder.SECUREWORKS.COM
24 AugNew Whiffy Recon malware uses WiFi to triangulate your locationCybercriminals behind the Smoke Loader botnet are using a new piece of malware called Whiffy Recon to triangulate the location of infected devices through WiFi scanning and Google's geolocation API. [...]BLEEPINGCOMPUTER.COM
🎙️ PODCASTS 1[−]
24 AugS3 Ep149: How many cryptographers does it take to change a light bulb?Latest episode - listen now! Full transcript inside...NAKEDSECURITY.SOPHOS.COM
📡 INFOSEC NEWS 12[−]
24 AugOT and IT Visibility and Efficiency BarriersLearn the common OT and IT visibility and efficiency barriers, as well as how to get around them.TRENDMICRO.COM
24 AugTornado Cash Founders Charged in Billion-Dollar Crypto Laundering ScandalThe U.S. Justice Department (DoJ) on Wednesday unsealed an indictment against two founders of the now-sanctioned Tornado Cash cryptocurrency mixer service, charging them with laundering more than $1 billion in criminal proceeds. Both the individuals, Roman Storm and Roman Semenov…THEHACKERNEWS.COM
24 AugBrazil’s Top Escort Service Exposes Millions of Escort and Client DataThe exposed data encompassed a vast array of information from the logging database containing around 14.7 million records, totalling a size of approximately 19.17 GB, to the AWS cloud storage which held over 3.5 million files.HACKREAD.COM
24 AugRedline Stealer Demonstrates a Low-Barrier-to-Entry ThreatVariants analyzed can target multiple browsers, including Firefox, Edge, Chrome, and Brave. It can log keystrokes, target Coinomi crypto-wallets, and provide thorough fingerprinting of the local system.ECLECTICIQ.COM
24 AugThe Hidden Dangers of Public Wi-FiPublic Wi-Fi, which has long since become the norm, poses threats to not only individual users but also businesses. With the rise of remote work, people can now work from virtually anywhere: a cafe close to home, a hotel in a different city, or even while waiting for a plane at t…THEHACKERNEWS.COM
24 AugLast call for mWISE, the security conference for frontline practitioners.We're down to the final weeks of registration for mWISE, the community-focused cybersecurity conference from Mandiant. Learn more from Mandiant about the available attendance options and what you should expect. [...]BLEEPINGCOMPUTER.COM
24 AugNew Windows updates cause UNSUPPORTED_PROCESSOR blue screensMicrosoft says the August 2023 preview updates released this week for Windows 11 and Windows 10 systems are causing blue screens with errors mentioning an unsupported processor issue. [...]BLEEPINGCOMPUTER.COM
24 AugTelekopye: Hunting Mammoths using Telegram botAnalysis of Telegram bot that helps cybercriminals scam people on online marketplacesWELIVESECURITY.COM
24 AugSensor Intel Series: Top CVEs in July 2023One old favorite CVE declined by more than half in July, and a new one (to us) was so heavily targeted it ended up ranked fifth out of 72.F5.COM
24 AugSensor Intel Series: Top CVEs in July 2023One old favorite CVE declined by more than half in July, and a new one (to us) was so heavily targeted it ended up ranked fifth out of 72.F5.COM