85Articles
8Categories
2023-08-25Date
🐛 COMMON VULNERABILITIES AND EXPOSURES 7[−]
25 Aug KEVWinRAR Zero-Day Actively Exploited to Distribute MalwareA recently discovered zero-day vulnerability in WinRAR has been exploited in a malware distribution campaign that has been ongoing since April. The vulnerability, known as CVE-2023-3881, allows attackers to create malicious zip archives with spoofed file extensions, concealing th…CYWARE.COM
25 AugHackers Continue to Exploit Barracuda ESG Zero-Day Flaw: FBI Flash AlertThe recent discovery of a zero-day vulnerability (CVE-2023-2868) in Barracuda Networks Email Security Gateway (ESG) appliances has brought significant concern.  CVE-2023-2868 is a remote command injection vulnerability that grants unauthorized execution of system commands wi…GBHACKERS.COM
25 AugTop cybersecurity M&A deals for 2023Uncertainty and instability marked the end of 2022 for many in the tech sector, a trend that bled into the beginning of 2023. Following on the heels of a drought in IT talent came mass layoffs at many of the world's biggest tech companies as predictions of recession loomed and wa…CSOONLINE.COM
25 AugResearchers released PoC exploit for Ivanti Sentry flaw CVE-2023-38035The vulnerability could be exploited to access sensitive API data and configurations, run system commands, or write files onto the system. The vulnerability CVE-2023-38035 impacts Sentry versions 9.18 and prior.SECURITYAFFAIRS.COM
25 AugLazarus Group exploited ManageEngine vulnerability to target critical infrastructureNorth Korean state-sponsored hackers Lazarus Group have been exploiting a ManageEngine ServiceDesk vulnerability (CVE-2022-47966) to target internet backbone infrastructure and healthcare institutions in Europe and the US. The group leveraged the vulnerability to deploy QuiteRAT,…HELPNETSECURITY.COM
25 AugNorth Korea’s Lazarus Group hits organizations with two new RATsOne of North Korea’s most prominent cyberespionage groups has been using two new remote access trojans (RATs) in attack campaigns this year, researchers warn. One of the operations targeted internet backbone infrastructure and healthcare organizations from Europe and the United S…CSOONLINE.COM
25 AugCVE-2020-19909 Is Everything That Is Wrong With Cvessubmitted by tedu to cybersecurity 28 points | 1 comments https://daniel.haxx.se/blog/2023/08/26/cve-2020-19909-is-everything-that-is-wrong-with-cves/ It was obvious already before that NVD really does not try very hard to actually understand or figure out the problem they grade.…DANIEL.HAXX.SE
⚠️ VULNERABILITY DISCLOSURE 13[−]
25 AugUrgent FBI Warning: Barracuda Email Gateways Vulnerable Despite Recent PatchesThe U.S. Federal Bureau of Investigation (FBI) is warning that Barracuda Networks Email Security Gateway (ESG) appliances patched against a recently disclosed critical flaw continue to be at risk of potential compromise from suspected Chinese hacking groups. It also deemed the fi…THEHACKERNEWS.COM
25 AugRockwell ThinManager Vulnerabilities Could Expose Industrial HMIs to AttacksExploitation of the vulnerabilities can allow causing a denial-of-service (DoS) condition, deleting arbitrary files with system privileges, and uploading arbitrary files to any folder on the drive where ThinServer.exe is installed.SECURITYWEEK.COM
25 AugTime keeps on slippin’ slippin’ slippin’: The 2023 Active Adversary Report for Tech LeadersIn H1 2023, compromised credentials accounted for 50% of root causes, whereas exploiting a bug came in at 23%. We can’t conclusively say that attackers are favoring compromised credentials over vulnerabilities, but it can’t be denied either.SOPHOS.COM
25 AugCisco NX-OS Software Flaw Let Attacker Trigger a DoS AttackA high-severity vulnerability in TACACS+ and RADIUS remote authentication for Cisco NX-OS Software might allow an unauthenticated local attacker to force an affected device to unintentionally reload. NX-OS is a network operating system for Cisco Systems’ Nexus-series Ethern…GBHACKERS.COM
25 AugLawmaker Wants Federal Contractors to Have Vulnerability Disclosure PoliciesCongresswoman Nancy Mace has introduced a bill that would require federal contractors to have a Vulnerability Disclosure Policy (VDP). The post Lawmaker Wants Federal Contractors to Have Vulnerability Disclosure Policies appeared first on SecurityWeek .SECURITYWEEK.COM
25 AugNorth Korean APT Hacks Internet Infrastructure Provider via ManageEngine FlawNorth Korea-linked Lazarus Group exploited a ManageEngine vulnerability to compromise an internet backbone infrastructure provider. The post North Korean APT Hacks Internet Infrastructure Provider via ManageEngine Flaw appeared first on SecurityWeek .SECURITYWEEK.COM
25 AugCISA’s VDP Platform 2022 Annual Report Showcases SuccessToday, the Cybersecurity and Infrastructure Security Agency (CISA) released its inaugural Vulnerability Disclosure Policy (VDP) Platform 2022 Annual Report , highlighting the service’s progress supporting vulnerability awareness and remediation across the Federal Civilian Executi…CISA.GOV
25 AugIn Other News: Africa Cybercrime Crackdown, Unpatched macOS Flaw, Investor DisclosuresWeekly cybersecurity news roundup that provides a summary of noteworthy stories that might have slipped under the radar for the week of August 21, 2023. The post In Other News: Africa Cybercrime Crackdown, Unpatched macOS Flaw, Investor Disclosures appeared first on SecurityWeek …SECURITYWEEK.COM
25 AugCisco NX-OS Software TACACS+ or RADIUS Remote Authentication Directed Request Denial of Service VulnerabilityThis vulnerability can only be exploited over Telnet, which is disabled by default, or over the console management connection. This vulnerability cannot be exploited over SSH connections to the device.SEC.CLOUDAPPS.CISCO.COM
25 AugKroll Employee SIM-Swapped for Crypto Investor DataSecurity consulting giant Kroll disclosed today that a SIM-swapping attack against one of its employees led to the theft of user information for multiple cryptocurrency platforms that are relying on Kroll services in their ongoing bankruptcy proceedings. And there are indications…KREBSONSECURITY.COM
25 AugUnitedHealthcare Fined $80K for 6-Month Records Access DelayHHS Settlement Is Agency's 45th HIPAA 'Right of Access' Enforcement Action Four years ago, federal regulators started sending a message to healthcare entities about the need to give patients timely access to their health records. Insurer UnitedHealthcare, the 45th firm penalized …DATABREACHTODAY.CO.UK
25 AugAll your parcel are belong to us – Talk at Troopers 2023submitted by Branquinho to cybersecurity 8 points | 0 comments https://insinuator.net/2023/07/all-your-parcel-are-belong-to-us-talk-at-troopers-2023/INSINUATOR.NET
25 Augcrosspost > All your parcel are belong to us – Talk at Troopers 2023 - Infosec.Pubsubmitted by ashar to security_cpe 3 points | 0 comments https://infosec.pub/post/1815326 crossposted from c/cybersecurityINFOSEC.PUB
📢 SECURITY ADVISORIES 5[−]
25 AugCypago Raises $13 Million for GRC Automation PlatformIsraeli startup Cypago raises $13 million in funding and launches a governance, risk management and compliance (GRC) automation platform. The post Cypago Raises $13 Million for GRC Automation Platform appeared first on SecurityWeek .SECURITYWEEK.COM
25 AugKroll data breach exposes info of FTX, BlockFi, Genesis creditorsMultiple reports on social media warn of a data breach at financial and risk advisory company Kroll that resulted in exposing to an unauthorized third-party the personal data of some credit claimants. [...]BLEEPINGCOMPUTER.COM
25 AugSpain to Launch Europe's First AI Regulatory AgencyMadrid Touts Strategy for 'Inclusive, Sustainable, Citizen-Focused' AI Spain is set to launch Europe's first-ever artificial intelligence regulatory agency as the trading bloc finalizes legislation meant to mitigate risks and ban AI applications considered too risky. Madrid said …DATABREACHTODAY.CO.UK
25 AugISMG Editors: The Shifting Cyber Insurance LandscapeAlso: Global Privacy Trends; Tornado Cash Founders Charged In the latest weekly update, ISMG editors discuss the shifting dynamics of cyber insurance, why APAC is approaching privacy regulations around emerging technologies, and how U.S. authorities charged the co-founders of cry…DATABREACHTODAY.CO.UK
🔥 INCIDENT REPORTING 15[−]
25 AugRansomware dwell time hits new lowMedian attacker dwell time—the time from when an attack starts to when it’s detected—shrunk from 10 to eight days for all attacks, and to five days for ransomware attacks during the first half of 2023, according to Sophos. In 2022, the median dwell time decreased from 15 to 10 da…HELPNETSECURITY.COM
25 AugGoogle Workspace: New account security, DLP capabilities announcedNew capabilities in Google Workspace will help enterprises improve account and data security, by making unauthorized takeover of admin and user accounts and exfiltration of sensitive data more difficult. Some of these options are already available in preview and others will by th…HELPNETSECURITY.COM
25 AugCloud Hosting Provider Lost all Customer Data Following Ransomware AttackThere has been a cyber attack on two cloud hosting providers, namely CloudNordic and Azero Cloud, both of which are owned by Certiqa Holding. The cyber attack has resulted in a complete data loss for all of their customers. The cloud attack was reportedly on Friday, 18th August 2…GBHACKERS.COM
25 AugNearly 1,000 Organizations, 60 Million Individuals Impacted by MOVEit HackNearly 1,000 organizations and 60 million individuals are impacted by the MOVEit hack, and the Cl0p ransomware gang is leaking stolen data. The post Nearly 1,000 Organizations, 60 Million Individuals Impacted by MOVEit Hack appeared first on SecurityWeek .SECURITYWEEK.COM
25 AugTitle Lender TMX Now Says Payment Card Data Stolen in BreachA revised data breach notification is being sent to victims stating that attackers may have also stolen their credit/debit card number, beyond the raft of personal information.BANKINFOSECURITY.COM
25 AugChina-Linked Flax Typhoon Cyber Espionage Targets Taiwan's Key SectorsA nation-state activity group originating from China has been linked to cyber attacks on dozens of organizations in Taiwan as part of a suspected espionage campaign. The Microsoft Threat Intelligence team is tracking the activity under the name Flax Typhoon, which is also known a…THEHACKERNEWS.COM
25 AugKyndryl and Cisco expand partnership to help customers respond to cyber incidentsKyndryl has expanded technology partnership with Cisco to deliver services focused on cyber resilience. Through this partnership, Kyndryl will utilize Cisco’s comprehensive portfolio of network software, hardware and equipment with Kyndryl’s cyber resilience framework to help cus…HELPNETSECURITY.COM
25 AugTwo LAPSUS$ Hackers Convicted in London Court for High-Profile Tech Firm HacksTwo U.K. teenagers have been convicted by a jury in London for being part of the notorious LAPSUS$ transnational gang and for orchestrating a series of brazen, high-profile hacks against major tech firms and demanding a ransom in exchange for not leaking the stolen information. T…THEHACKERNEWS.COM
25 AugRansomware With an Identity Crisis Targets Small Businesses, IndividualsA key reason it was so tricky for researchers to identify TZW as a spinoff of Adhubllka is because of the small ransom demands the group typically makes. At such a level, victims often pay attackers and the attackers continue to fly under the radar.DARKREADING.COM
25 AugLeaseweb is restoring ‘critical’ systems after security breachLeaseweb, one of the world's largest cloud and hosting providers, notified people that it's working on restoring "critical" systems disabled following a recent security breach. [...]BLEEPINGCOMPUTER.COM
25 AugVictims Sue Financial Firms Over MOVEit Data BreachesFresh Lawsuits Target Prudential, Plus Charles Schwab and Subsidiary TD Ameritrade Two financial services giants hit by the mass attack on MOVEit file-sharing software - Prudential and Schwab - are the latest victims to face lawsuits from affected individuals. The suit filed agai…DATABREACHTODAY.CO.UK
25 AugMOVEit, the biggest hack of the year, by the numbersA mass-hack involving the MOVEit Transfer software has rapidly cemented itself as the largest hack of the year so far. While the full impact of the attack will likely remain untold for months to come, there are now more than 1,000 known victims of the MOVEit breach, according to …TECHCRUNCH.COM
25 AugData breach at French govt agency exposes info of 10 million peoplePôle emploi, France's governmental unemployment registration and financial aid agency, is informing of a data breach that exposed data belonging to 10 million individuals. [...]BLEEPINGCOMPUTER.COM
25 AugBankrupt Crypto Platforms FTX and BlockFi Warn Customers of Data BreachFTX learned that Kroll, the claims agent in the bankruptcy, experienced a cybersecurity incident that compromised non-sensitive customer data of certain claimants in the pending bankruptcy case.THERECORD.MEDIA
25 AugCyber Security Today, Week in Review for Friday, August 25, 2023This episode features a discussion about zero trust and the cyber attack on Tesla by former employeesCYBERSECURITYTODAY.LIBSYN.COM
🕵️ THREAT INTELLIGENCE 27[−]
25 AugUnrealistic expectations exacerbate the cybersecurity talent shortageConsumers believe today’s cybersecurity talent shortage is in large part due to limited exposure to the profession and a lack of cybersecurity education and training at a younger age within school systems, according to ThreatX. 90% of consumers polled say they have concerns about…HELPNETSECURITY.COM
25 AugISC Stormcast For Friday, August 25th, 2023 https://isc.sans.edu/podcastdetail/8632, (Fri, Aug 25th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
25 AugIEEE 802.11az provides security enhancements, solves longstanding problemsIn this Help Net Security interview, Jonathan Segev, IEEE 802.11 Task Group (TG) Chair of next-generation positioning (TGaz) at IEEE, discusses IEEE 802.11az. The new standard will enable accuracy to less than 0.1 meters, which is a significant improvement from the current Wi-Fi …HELPNETSECURITY.COM
25 AugNew infosec products of the week: August 25, 2023Here’s a look at the most interesting products from the past week, featuring releases from Security Onion, OffSec, ImmuniWeb, LOKKER, Kingston Digital and Bitwarden. Security Onion 2.4: Free, open platform for defenders gets huge update Security Onion is a free and open platform …HELPNETSECURITY.COM
25 AugCybersecurity insurance is missing the riskCybersecurity insurance is a rapidly growing market, swelling from approximately $13B in 2022 to an estimated $84B in 2030 (26% CAGR), but insurers are struggling with quantifying the potential risks of offering this type of insurance. The traditional actuary models do not apply …HELPNETSECURITY.COM
25 AugNew Luna Grabber Poses as Roblox Packages, Strikes NPMMalicious actors are targeting Roblox developers with a new malware called Luna Grabber, distributed through npm packages that impersonate legitimate software. These fake packages, including noblox.js-vps, noblox.js-ssh, and noblox.js-secure, house malicious multi-stage payloads.…CYWARE.COM
25 AugChina-based 'Flax Typhoon' hackers targeting Taiwan govt: MicrosoftThe activities observed suggest the threat actor intends to perform espionage and maintain access to organizations across a broad range of industries for as long as possible.YAHOO.COM
25 AugHacking Food Labeling LawsThis article talks about new Mexican laws about food labeling, and the lengths to which food manufacturers are going to ensure that they are not effective. There are the typical high-pressure lobbying tactics and lawsuits. But there’s also examples of companies hacking the …SCHNEIER.COM
25 AugEurope is Cracking Down on Big Tech. This Is What Will Change When You Sign OnThe Digital Services Act aims to protect European users when it comes to privacy, transparency and removal of harmful or illegal content. The post Europe is Cracking Down on Big Tech. This Is What Will Change When You Sign On appeared first on SecurityWeek .SECURITYWEEK.COM
25 AugGoogle Workspace Introduces New AI-Powered Security ControlsGoogle has announced new AI-powered zero trust, digital sovereignty, and threat defense controls for Workspace customers. The post Google Workspace Introduces New AI-Powered Security Controls appeared first on SecurityWeek .SECURITYWEEK.COM
25 AugYour KnowBe4 Fresh Content Updates from August 2023Check out the 21 new pieces of training content added in August, alongside the always fresh content update highlights, events and new features.KNOWBE4.COM
25 AugJuice jacking: Is it a real issue or media hype?You get off a flight and realize your phone is almost out of battery, which will make getting an Uber at your destination a bit challenging. Then you see it — a public charging station at the next gate like a pot of gold at the end of the rainbow. As you run rom-com style […SECURITYINTELLIGENCE.COM
25 AugClearSale launches Client Portal to help customers view and manage fraud prevention dataClearSale has released its new Client Portal. Used by ClearSale customers to view and manage their fraud prevention data, orders, and chargebacks, the portal offers enhanced functionality and a streamlined interface. The ClearSale Client Portal offers the ability to see fraud det…HELPNETSECURITY.COM
25 AugMicrosoft: Stealthy Flax Typhoon hackers use LOLBins to evade detectionMicrosoft has identified a new hacking group it now tracks as Flax Typhoon that argets government agencies and education, critical manufacturing, and information technology organizations likely for espionage purposes. [...]BLEEPINGCOMPUTER.COM
25 AugOpenfire, Firepower, Barracuda, CosmicBeetle, Encryption, Aaran Leyland, and More - SWN #321Openfire, Firepower, Barracuda, CosmicBeetle, Lazarus, Encryption, Network Tourism, India's on the Moon, Aaran Leyland, and More on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.c…YOUTUBE.COM
25 AugFeds Seek Innovative Tech Ideas for Health Sector SecurityAgency Requests Proposals for Applying National Security to Civilian Systems A new healthcare-focused research agency is seeking proposals for innovative cybersecurity technologies that can apply a national security approach to protecting this highly targeted civilian industry. T…DATABREACHTODAY.CO.UK
25 AugChinese State Hackers 'Flax Typhoon' Targeting TaiwanLikely Espionage Campaign Focuses on Persistence and Credential Dumping Chinese state hackers are targeting Taiwanese organizations, likely for espionage, in a difficult-to-detect campaign that relies on Windows utilities. Microsoft dubbed the threat actor Flax Typhoon in a Thurs…DATABREACHTODAY.CO.UK
25 AugFriday Squid Blogging: China’s Squid Fishing Ban IneffectiveChina imposed a “pilot program banning fishing in parts of the south-west Atlantic Ocean from July to October, and parts of the eastern Pacific Ocean from September to December.” However, the conservation group Oceana analyzed the data and figured out that the Chinese…SCHNEIER.COM
25 AugLazarus Group Debuts Tiny Trojan for Espionage AttacksThe Malware Is Based on an Unusual Development Framework Researchers spotted North Korean state hackers deploying a more compact remote access Trojan through a flaw in IT service management software in a campaign affecting European and U.S. critical infrastructure. Cisco Talos sa…DATABREACHTODAY.CO.UK
25 AugIntroducing Proof-of-Work Defense for Onion Services | Tor Projectsubmitted by sv1sjp to cybersecurity 15 points | 0 comments https://blog.torproject.org/introducing-proof-of-work-defense-for-onion-services/TORPROJECT.ORG
25 AugHand crafted bot accounts and community targeted ads, what's the story?submitted by bulwark to cybersecurity 44 points | 10 comments https://infosec.pub/pictrs/image/3adc474a-4c45-4dcc-909f-7eeddf8b9eda.png During the last two days it seems we have been “bombarded” with advertisement bots. I found it curious, the advertisements are correctly targete…INFOSEC.PUB
25 AugNew OpenSecurityTraining2 class "Architecture 2821: Windows Kernel Internals 2" by Cedric Halbronn (~5 hours)submitted by L4s to secops 1 points | 0 comments https://ost2.fyi/Arch2821 New OpenSecurityTraining2 class “Architecture 2821: Windows Kernel Internals 2” by Cedric Halbronn (~5 hours)::undefinedOST2.FYI
25 AugGitHub - dwisiswant0/ipfuscator: A blazing-fast, thread-safe, straightforward and zero memory allocations tool to swiftly generate alternative IP(v4) address representations in Go.submitted by bOt to netsec 2 points | 0 comments https://github.com/dwisiswant0/ipfuscator This is an automated archive. The original was posted on /r/netsec by /u/dwisiswant0 on 2023-08-25 09:32:05+00:00.GITHUB.COM
25 AugLazarus Group's infrastructure reuse leads to discovery of new malwaresubmitted by c0mmando to netsec 3 points | 0 comments https://blog.talosintelligence.com/lazarus-collectionrat/TALOSINTELLIGENCE.COM
25 AugFBI fingers China for attacks on Barracuda email appliancessubmitted by c0mmando to netsec 9 points | 0 comments https://go.theregister.com/feed/www.theregister.com/2023/08/25/fbi_china_barracuda/GO.THEREGISTER.COM
🌐 CYBER THREAT LANDSCAPE 5[−]
25 AugRoblox developers targeted with malwareA malicious actor has been hiding information-stealing malware in legitimate software packagesCSHUB.COM
25 AugRoblox developers targeted with malwareA malicious actor has been hiding information-stealing malware in legitimate software packagesCSHUB.COM
25 AugPython Malware Using Postgresql for C2 Communications, (Fri, Aug 25th)For modern malware, having access to its C2 (Command and control) is a crucial point. There are many ways to connect to a C2 server using tons of protocols, but today, HTTP remains very common because HTTP is allowed on most networks... ISC.SANS.EDU
25 AugNavigating Legacy Infrastructure: A CISO's Actionable Strategy for SuccessEvery company has some level of tech debt. Unless you’re a brand new start-up, you most likely have a patchwork of solutions that have been implemented throughout the years, often under various leadership teams with different priorities and goals. As those technologies age, they …THEHACKERNEWS.COM
🎙️ PODCASTS 1[−]
25 AugCyber Security Today, August 25, 2023 - FBI warning about Barracuda ESG gateways and thousands of more US MOVEit victimsThis episode reports on what some crooks are doing with stolen personal data, and moreCYBERSECURITYTODAY.LIBSYN.COM
📡 INFOSEC NEWS 12[−]
25 AugPrivacy and security threats of short links | Kaspersky official blogHow short links work and how to protect yourself from the privacy and security threats they can pose.KASPERSKY.COM
25 AugLearn How Your Business Data Can Amplify Your AI/ML Threat Detection CapabilitiesIn today's digital landscape, your business data is more than just numbers—it's a powerhouse. Imagine leveraging this data not only for profit but also for enhanced AI and Machine Learning (ML) threat detection. For companies like Comcast, this isn't a dream. It's reality. Your b…THEHACKERNEWS.COM
25 AugSextortion Scams Surge 178% in a YearThe good news is that the scam is an empty threat that aims to play on the victim’s fear of leaking data. By knowing this, they can then be confidently ignored. ESET traced one scam wherein an actor demanded £1000 ($1260) in BTC from the victim.INFOSECURITY-MAGAZINE.COM
25 AugNearly 1,000 Organizations, 60 Million Individuals Impacted by MOVEit HackOn August 14 and 15, the cybercriminals leaked nearly 1 Tb of information allegedly stolen from 16 of the victims, Resecurity said. These victims include UCLA, Siemens Energy, Cognizant, and cybersecurity firms Norton LifeLock and Netscout.SECURITYWEEK.COM
25 AugByju’s exposed sensitive student data, including loan detailsByju’s, the edtech giant and India’s most valuable startup, has fixed a server-side misconfiguration that was exposing the sensitive data of its students. The Indian startup exposed some students’ names, phone numbers, addresses and email IDs. The exposed data a…TECHCRUNCH.COM
25 AugICO calls social media firms to protect people's data from scrapingUK's Information Commissioner's Office (ICO), together with eleven data protection and privacy authorities from around the world, have published a statement calling social media platforms to up their protections against data scrapers. [...]BLEEPINGCOMPUTER.COM
25 AugMSI: Recent wave of Windows blue screens linked to MSI motherboardsMSI has officially confirmed the recent surge of blue screens of death (BSODs) encountered by Windows users after installing this week's optional preview updates is linked to some of its motherboard models. [...]BLEEPINGCOMPUTER.COM
25 AugTop 5 Most Abused Brands By HackersPACKETSTORMSECURITY.COM
25 AugICO calls on social media firms to protect user's data from scrapingUK's Information Commissioner's Office (ICO), together with eleven data protection and privacy authorities from around the world, have published a statement calling social media platforms to up their protections against data scrapers. [...]BLEEPINGCOMPUTER.COM
25 AugHow a Telegram bot helps scammers target victims – Week in security with Tony AnscombeESET researchers uncover a Telegram bot that enables even less tech-savvy scammers to defraud people out of their moneyWELIVESECURITY.COM