🚨 CISA KEV 1[−]
29 Aug KEVIdentification and Disruption of QakBot InfrastructureSUMMARY The Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) are releasing this joint Cybersecurity Advisory (CSA) to disseminate QakBot infrastructure indicators of compromise (IOCs) identified through FBI investigations as of Aug…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 9[−]
29 AugMultiple Vulnerabilities Found in Techview LA-5570 Wireless Gateway Home Automation Controllersubmitted by bOt to netsec 1 points | 0 comments https://www.exploitsecurity.io/post/cve-2023-34723-cve-2023-34724-cve-2023-34725 This is an automated archive. The original was posted on /r/netsec by /u/9lyph on 2023-08-28 23:09:55+00:00. CVE-2023-34723 Vulnerability Type: Direct…EXPLOITSECURITY.IO
29 Aug11 search engines for cybersecurity research you can use right nowStaying ahead in cybersecurity requires constant learning and adaptation. If you’re interested in cybersecurity research, explore the resources outlined below. DNSdumpster DNSdumpster is a free domain research tool that can discover hosts related to a domain. Finding visibl…HELPNETSECURITY.COM
29 AugMicrosoft Edge Privilege Escalation Flaw – Update Now!Microsoft Edge has published a release note that mentioned a Privilege escalation vulnerability with the CVE ID of CVE-2023-36741 and has a CVSS Score of 8.3 (High). This vulnerability exists in the Microsoft-Edge Chromium-based versions prior to 116.0.1938.62. An unauthorized re…GBHACKERS.COM
29 AugAttacks on Citrix NetScaler Systems Linked to Ransomware ActorA threat actor believed to be tied to the FIN8 hacking group exploits the CVE-2023-3519 remote code execution flaw to compromise unpatched Citrix NetScaler systems in domain-wide attacks.BLEEPINGCOMPUTER.COM
29 AugCitrix NetScaler Alert: Ransomware Hackers Exploiting Critical VulnerabilityUnpatched Citrix NetScaler systems exposed to the internet are being targeted by unknown threat actors in what's suspected to be a ransomware attack. Cybersecurity company Sophos is tracking the activity cluster under the moniker STAC4663. Attack chains involve the exploitation o…THEHACKERNEWS.COM
29 Aug KEVRansomware group exploits Citrix NetScaler systems for initial accessA known threat actor specializing in ransomware attacks is believed to be behind a recent campaign that targeted unpatched internet-facing Citrix NetScaler systems to serve as an initial foothold into enterprise networks. “Our data indicates strong similarity between attack…HELPNETSECURITY.COM
29 AugAndroid Goes All-in on FuzzingPosted by Jon Bottarini and Hamzeh Zawawy, Android Security Fuzzing is an effective technique for finding software vulnerabilities. Over the past few years Android has been focused on improving the effectiveness, scope, and convenience of fuzzing across the organization. This eff…SECURITY.GOOGLEBLOG.COM
29 AugCISA Releases IOCs Associated with Malicious Barracuda ActivityCISA has released additional indicators of compromise (IOCs) associated with exploitation of CVE-2023-2868. CVE-2023-2868 is a remote command injection vulnerability affecting Barracuda Email Security Gateway (ESG) Appliance, versions 5.1.3.001-9.2.0.006. Malicious threat actors …CISA.GOV
29 AugRecently patched Juniper firewall flaws allow remote code executionHackers have begun exploiting recently patched vulnerabilities in Juniper Networks firewalls that can be chained together to achieve remote code execution. Exploit details and a proof-of-concept were released late last week by a team of security researchers. “This is an interesti…CSOONLINE.COM
⚠️ VULNERABILITY DISCLOSURE 34[−]
29 AugSecurity Plan Templatessubmitted by bOt to cybersecurity 1 points | 0 comments This is an automated archive. The original was posted on /r/cybersecurity by /u/Sigma-Aurelius on 2023-08-28 23:52:44+00:00. Does anyone have examples, templates, and resources they use for the following: Data Breach Securit…ZEROBYTES.MONSTER
29 AugVulnerability Summary for the Week of August 21, 2023 | CISAsubmitted by bOt to cybersecurity 1 points | 0 comments https://www.cisa.gov/news-events/bulletins/sb23-240 This is an automated archive. The original was posted on /r/cybersecurity by /u/antdude on 2023-08-28 21:22:37+00:00.CISA.GOV
29 Aug[Career] The state of entry level cybersecurity jobs.submitted by bOt to cybersecurity 1 points | 0 comments This is an automated archive. The original was posted on /r/cybersecurity by /u/0xh0russ on 2023-08-28 20:59:18+00:00. TLDR: Having multiple years of security professional experience as a prerequisite to apply for penetratio…ZEROBYTES.MONSTER
29 AugCybercriminals Used Just Three Malware Loaders to Launch 80% of Attacks, Deets InsideReliaQuest has identified the top malware loaders that have been causing trouble for SOC teams. These loaders are often used by threat actors to gain initial access to a network and drop payloads for further exploitation. The top seven most observed malware loaders from January 1…CYWARE.COM
29 AugRansomware Attack Cleanup Costs: $10M So Far for RackspaceThe San Antonio, Texas, company's multi-million expenditure includes "costs to investigate and remediate, legal and other professional services, and supplemental staff resources that were deployed to provide support to customers."BANKINFOSECURITY.COM
29 AugHow financial institutions can reduce security and other risks from MRAsCISOs who work in the financial industry within the United States are familiar with matters requiring attention (MRA). An MRA is a notice that is communicated verbally and in writing to a financial institution's board and management team and is included in the organization's exam…CSOONLINE.COM
29 AugEasy-to-exploit Skype vulnerability reveals users’ IP addressA vulnerability in Skype mobile apps can be exploited by attackers to discover a user’s IP address – a piece of information that may endanger individuals whose physical security depends on their general location remaining secret. The vulnerability The security vulnera…HELPNETSECURITY.COM
29 AugSuspected London’s Met Police data breach potentially exposes sensitive officer, staff informationThe Metropolitan Police Service (MPS) is investigating a possible data breach following "unauthorised access" to the systems of one of its suppliers. The company had access to names, ranks, photos, vetting levels, and pay numbers for officers and staff, the force said in a statem…CSOONLINE.COM
29 AugIdentity Theft from 1965 Uncovered through Face RecognitionInteresting story : Napoleon Gonzalez, of Etna, assumed the identity of his brother in 1965, a quarter century after his sibling’s death as an infant, and used the stolen identity to obtain Social Security benefits under both identities, multiple passports and state identif…SCHNEIER.COM
29 AugSurvey Provides Takeaways for Security Pros to Operationalize their Remediation Life CycleAsk any security professional and they’ll tell you that remediating risks from various siloed security scanning tools requires a tedious and labor-intensive series of steps focused on deduplication, prioritization, and routing of issues to an appropriate “fixer” somewhere in the …THEHACKERNEWS.COM
29 AugAndroid Banking Trojan MMRat Carries Out Bank Fraud via Fake App StoresMMRat uses customized command-and-control protocols and remains undetected on VirusTotal, highlighting its ability to evade detection and exploit large volumes of data transfer.TRENDMICRO.COM
29 AugUS govt email servers hacked in Barracuda zero-day attacksSuspected Chinese hackers disproportionately targeted and breached government and government-linked organizations worldwide in recent attacks targeting a Barracuda Email Security Gateway (ESG) zero-day, with a focus on entities across the Americas. [...]BLEEPINGCOMPUTER.COM
29 AugSAP and Google Cloud join forces to provide customers with generative AI capabilitiesSAP and Google Cloud announced an expanded partnership to help enterprises harness the power of data and generative AI. The companies will combine their integrated open data cloud using SAP Datasphere with Vertex AI to launch new generative AI-powered industry solutions, starting…HELPNETSECURITY.COM
29 AugTime and effort to obtain cyber insurance increasing for US businessesThe time and effort required to obtain cyber insurance is increasing significantly for US organizations, with the number of companies requiring six months or more rising year over year. That's according to Delinea's 2023 State of Cyber Insurance report , based on a survey of more…CSOONLINE.COM
29 AugFortinet enhances its SASE solution to help organizations prevent data leaksFortinet announced new enhancements to its single-vendor SASE offering. FortiSASE already protects the hybrid workforce via a unified agent and includes SD-WAN integration for the branch. SASE for microbranches and IoT/OT devices FortiSASE now includes expanded integrations withi…HELPNETSECURITY.COM
29 AugLogRhythm and Cimcor collaborate to enhance cyberattack protection for organizationsLogRhythm and Cimcor have joined forces to help organizations around the globe increase visibility and protect against modern cyberattacks. This partnership leverages LogRhythm’s comprehensive security information and event management (SIEM) platform and Cimcor’s file…HELPNETSECURITY.COM
29 AugChinese APT Was Prepared for Remediation Efforts in Barracuda ESG Zero-Day AttackChinese threat actor exploiting Barracuda ESG appliances deployed persistence mechanisms in preparation for remediation efforts. The post Chinese APT Was Prepared for Remediation Efforts in Barracuda ESG Zero-Day Attack appeared first on SecurityWeek .SECURITYWEEK.COM
29 AugHackers exploit critical Juniper RCE bug chain after PoC releaseHackers have started using a critical exploit chain to target Juniper EX switches and SRX firewalls via their Internet-exposed J-Web configuration interface. [...]BLEEPINGCOMPUTER.COM
29 AugChinese Hacking Group Exploits Barracuda Zero-Day to Target Government, Military, and TelecomA suspected Chinese-nexus hacking group exploited a recently disclosed zero-day flaw in Barracuda Networks Email Security Gateway (ESG) appliances to breach government, military, defense and aerospace, high-tech industry, and telecom sectors as part of a global espionage campaign…THEHACKERNEWS.COM
29 AugOkta for Global 2000 gives CEOs flexibility to centralize or decentralize their business strategyOkta announced Okta for Global 2000, a solution designed to give the world’s largest organizations choice in how they run their technology infrastructure with flexible and automated identity management. Okta for Global 2000 enables the technical agility executives need to balance…HELPNETSECURITY.COM
29 AugCISA Releases One Industrial Control Systems AdvisoryCISA released one Industrial Control Systems (ICS) advisory on August 29, 2023. This advisory provides timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-241-01 PTC CodeBeamer CISA encourages users and administrators to review…CISA.GOV
29 AugTanium Vulnerability Risk and Compliance for ServiceNow accelerates security investigationsTanium announced Tanium Vulnerability Risk and Compliance for ServiceNow – a new solution enabling ServiceNow customers to identify security risks from vulnerabilities and non-compliant configurations and remediate all from within the ServiceNow platform. The integrated offering …HELPNETSECURITY.COM
29 AugUS Government Email Servers Hacked in Barracuda Zero-Day AttacksThe attacks' motivation was espionage, with the threat actor (tracked as UNC4841) engaging in targeted exfiltration from systems belonging to high-profile users in government and high-tech verticals.BLEEPINGCOMPUTER.COM
29 AugGenerative AI policy enforcement with Sophos FirewallFull control over which Generative AI solutions to block, accelerate, or simply monitor.SOPHOS.COM
29 AugQakbot botnet dismantled after infecting over 700,000 computersQakbot, one of the largest and longest-running botnets to date, was taken down following a multinational law enforcement operation spearheaded by the FBI and known as Operation DuckHunt. [...]BLEEPINGCOMPUTER.COM
29 AugOperation 'Duck Hunt' Dismantles QakBotU.S. authorities Tuesday said they permanently dismantled the notorious QakBot botnet in an international operation that seized 52 servers and nearly $9 million worth of cryptocurrency. Law enforcement identified more than 700,000 computers infected with the QakBot malware.DATABREACHTODAY.CO.UK
29 AugGo Crypto in Practice, Excel Executes Python, Protecting Users, DARPA Distills - ASW #253A Go Crypto presentation from Real World Crypto, Excel releases support for Python, protecting users from malware like the Luna Grabber and WinRAR RCE, DARPA's V-SPELLS project, and more! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://se…YOUTUBE.COM
29 AugHow Can Security Be Smart About Using AI? - Jeff Pollard - ASW #253We go deep on LLMs and generative AIs to shine a light on areas that security leaders should focus on. There are technical concerns like prompt injection and access controls, and privacy concerns in training and usage. But there are also areas where security tools are starting to…YOUTUBE.COM
29 AugU.S. Hacks QakBot, Quietly Removes Botnet InfectionsThe U.S. government today announced a coordinated crackdown against QakBot, a complex malware family used by multiple cybercrime groups to lay the groundwork for ransomware infections. The international law enforcement operation involved seizing control over the botnet's online i…KREBSONSECURITY.COM
29 AugGoogle Cloud announces Duet AI enhancements for Mandiant, ChronicleGoogle Cloud today previewed new AI-enhanced capabilities for its Chronicle and Mandiant offerings: Duet AI in Mandiant Threat Intelligence, Duet AI in Chronicle Security Operations, and Duet AI in Security Command Center. The preview was was part of a larger group of generative …CSOONLINE.COM
29 AugHow the FBI nuked Qakbot malware from infected Windows PCsThe FBI announced today the disruption of the Qakbot botnet in an international law enforcement operation that not only seized infrastructure but also uninstalled the malware from infected devices. [...]BLEEPINGCOMPUTER.COM
29 AugDreamBus malware exploits RocketMQ flaw to infect serversA new version of the DreamBus botnet malware exploits a critical-severity remote code execution vulnerability in RocketMQ servers to infect devices. [...]BLEEPINGCOMPUTER.COM
29 AugOperation ‘Duck Hunt’: Qakbot Malware Disrupted, $8.6 Million in Cryptocurrency SeizedU.S. law enforcement announce the disruption of the notorious Qakbot cybercrime operation and the release of an auto-disinfection tool to 700,000 infected machines. The post Operation ‘Duck Hunt’: Qakbot Malware Disrupted, $8.6 Million in Cryptocurrency Seized appeared first on S…SECURITYWEEK.COM
29 AugChinese Hackers Anticipated Barracuda ESG PatchThreat Actor Deployed an Additional Backdoor to Select Targets Chinese espionage hackers behind an eight-month campaign to hack Barracuda email security appliances intensified their focus on high-priority targets around the time the company moved to fix the zero-day flaw behind t…DATABREACHTODAY.CO.UK
📢 SECURITY ADVISORIES 9[−]
29 AugIs the cybersecurity community’s obsession with compliance counter-productive?Does anyone think the chances of surviving a plane crash increase if our tray tables are locked and our carry-on bags are completely stowed under our seats? That we’ll be OK if the plane hits a mountain if we have our seat belts buckled securely across our waists? Not even the fl…HELPNETSECURITY.COM
29 AugSecurity Team Huddle: Using the Full NIST Cybersecurity Framework for the WinJust as a professional football team needs coordination, strategy and adaptability to secure a win on the field, a well-rounded cybersecurity strategy must address specific challenges and threats. The post Security Team Huddle: Using the Full NIST Cybersecurity Framework for the …SECURITYWEEK.COM
29 AugCase Study: LoanLogics Combined Compliance & Security Awareness Training to Improve Security CultureIn the drive to build a strong security culture, security awareness and compliance training should work hand in hand.KNOWBE4.COM
29 AugIs the Cybersecurity Community’s Obsession With Compliance Counter-Productive?Cybersecurity professionals should focus on effectively defending their organizations against common breach types, rather than prioritizing compliance and checking boxes on audit forms.HELPNETSECURITY.COM
29 AugMidwest Hospital Group Experiencing Systemwide IT OutageIncident Comes as Several Other Regional Providers Recover From Recent Attacks Two organizations that operate clinics and hospitals in the Midwest are the latest medical care providers struggling with an enterprisewide IT outage affecting clinical and administrative applications.…DATABREACHTODAY.CO.UK
🔥 INCIDENT REPORTING 19[−]
29 AugCybersecurity incident at NSF NOIRLabsubmitted by bOt to cybersecurity 1 points | 0 comments This is an automated archive. The original was posted on /r/cybersecurity by /u/Mirda76de on 2023-08-28 21:43:25+00:00. Cybersecurity incident at NSF’s NOIRLab Does anybody have some more details about this situation?ZEROBYTES.MONSTER
29 AugA story about cyber defensesubmitted by bOt to cybersecurity 1 points | 0 comments This is an automated archive. The original was posted on /r/cybersecurity by /u/West-Hippo-535 on 2023-08-28 21:18:15+00:00. The Day the Digital Tides Swelled In the annals of cybersecurity history, there was a day when the …ZEROBYTES.MONSTER
29 AugCybersecurity Newslettersubmitted by bOt to cybersecurity 1 points | 0 comments http://www.cyber-oracle.com/ This is an automated archive. The original was posted on /r/cybersecurity by /u/Professional-Ad6429 on 2023-08-28 18:22:21+00:00. Hello y’all. I recently started a cybersecurity newsletter that m…CYBER-ORACLE.COM
29 AugRansomware Attack Cleanup Costs: $11M So Far for RackspaceFallout From Crypto-Locking Malware Attacks and Data Exfiltration Remains Costly Ransomware and data-exfiltration attacks are continuing to stick victims with serious bills to cover cleanup, legal and other resulting costs - to the tune of $10.8 million and counting for cloud com…DATABREACHTODAY.CO.UK
29 AugAttacks on Citrix NetScaler systems linked to ransomware actorsubmitted by bOt to cybersecurity 1 points | 0 comments This is an automated archive. The original was posted on /r/cybersecurity by /u/ConditionOk1875 on 2023-08-29 04:00:02+00:00.ZEROBYTES.MONSTER
29 AugTwo Men Arrested Following Poland’s Railway System Signals HackAuthorities in Poland arrested two individuals on suspicion of planning an unlawful hack into the communication network of the national railway, which caused delays in train service in some areas. The Polish PKP railway’s radio communication system was hacked on Friday nigh…GBHACKERS.COM
29 AugNew TZW Ransomware Unlocked; Belongs to Adhubllka FamilySecurity researchers at Netenrich laid bare a previously misclassified strain of ransomware, TZW, as part of the Adhubllka ransomware family. Unlike other high-profile ransomware campaigns, TZW targets individuals and small businesses, demanding small ransoms ranging from $800 to…CYWARE.COM
29 AugSurvival time for web sites, (Tue, Aug 29th)Many, many years ago we (SANS Internet Storm Center) published some interesting research about survival time of new machines connected to the Internet. Back then, when Windows XP was the most popular operating system, it was enough to connect your new machine to the Internet and …ISC.SANS.EDU
29 AugSpainish Police Warns of LockBit Locker Ransomware Phishing Attacks"A wave of sending emails to architecture companies has been detected, although it is not ruled out that they extend their action to other sectors," reads the machine-translated police announcement.BLEEPINGCOMPUTER.COM
29 AugPersonal, Health Information of 1.2 Million Stolen in PurFoods Ransomware AttackPurFoods says the personal and protected health information of over 1.2 million individuals was stolen in a February 2023 ransomware attack. The post Personal, Health Information of 1.2 Million Stolen in PurFoods Ransomware Attack appeared first on SecurityWeek .SECURITYWEEK.COM
29 AugCompromised OpenCart Payment Module Steals Credit Card InformationAttackers are increasingly using backend PHP infections, making it more challenging to detect Magecart infections without access to the compromised website's backend code.SUCURI.NET
29 AugMom’s Meals Breached: Over 1.2 Million Consumers Data ExposedPurFoods, LLC, operating under the trade name Mom’s Meals, has announced the compromise of personal information affecting its clients and employees. The company acknowledged that its cybersecurity defenses had been compromised, allowing unauthorized access to a treasure tro…GBHACKERS.COM
29 AugUniversity of Michigan shuts down network after cyberattackThe University of Michigan has taken all of its systems and services offline to deal with a cybersecurity incident, causing a widespread impact on online services the night before classes started. [...]BLEEPINGCOMPUTER.COM
29 AugMom’s Meals says data breach affects 1.2 million customersMom’s Meals, a meal delivery service for people with chronic health conditions, has confirmed a data breach affecting more than 1.2 million individuals. In a data breach notice filed this week with Maine’s attorney general, Mom’s Meals parent company PurFoods co…TECHCRUNCH.COM
29 AugJapan’s Cybersecurity Agency Breached by Suspected Chinese Hackers: ReportSuspected Chinese hackers breached Japan’s cybersecurity agency and potentially accessed sensitive data stored on its networks for nine months before being discovered, it was reported on Tuesday.THERECORD.MEDIA
29 AugNew Android MMRat malware uses Protobuf protocol to steal your dataA novel Android banking malware named MMRat utilizes a rarely used communication method, protobuf data serialization, to more efficiently steal data from compromised devices. [...]BLEEPINGCOMPUTER.COM
29 AugUniversity of Michigan Shuts Down Network After CyberattackThe University of Michigan has taken all of its systems and services offline to deal with a cybersecurity incident, causing a widespread impact on online services the night before classes started.BLEEPINGCOMPUTER.COM
29 AugRansomware Attack Specialist Tied to Citrix NetScaler HacksMultiple Highly Automated Campaigns Have Dropped Persistent Web Shells, Experts Say Citrix NetScaler defenders are being warned to not just patch a critical flaw but also review logs from before mid-July for signs of compromise, since attackers - including "a known threat actor s…DATABREACHTODAY.CO.UK
🕵️ THREAT INTELLIGENCE 34[−]
29 AugAmazon Sec Engineer Interviewsubmitted by bOt to cybersecurity 1 points | 0 comments This is an automated archive. The original was posted on /r/cybersecurity by /u/DealerForward4322 on 2023-08-29 00:26:35+00:00. Any Amazon pen test security engineers out there that can provide some deets about the technical…ZEROBYTES.MONSTER
29 AugMicrosoft or google certificatesubmitted by bOt to cybersecurity 1 points | 0 comments This is an automated archive. The original was posted on /r/cybersecurity by /u/DonKhairallah on 2023-08-29 00:14:41+00:00. Hello all, I have around 2 years of experience as a SOC analyst but outside USA and Europe Obtained …ZEROBYTES.MONSTER
29 AugWhat tools would you recommend a startup to have good disaster recovery plan? Is there any automation tool for the same?submitted by bOt to cybersecurity 1 points | 0 comments This is an automated archive. The original was posted on /r/cybersecurity by /u/Smile_Open on 2023-08-29 00:03:03+00:00.ZEROBYTES.MONSTER
29 AugDetecting Deepfakes, building a tool and communitysubmitted by bOt to cybersecurity 1 points | 0 comments This is an automated archive. The original was posted on /r/cybersecurity by /u/BadAthMOFO on 2023-08-28 23:37:15+00:00. Hi y’all, I have started a project that I currently call DeepTrust , and I am trying to solve the probl…ZEROBYTES.MONSTER
29 AugAnalysis Toolssubmitted by bOt to cybersecurity 1 points | 0 comments This is an automated archive. The original was posted on /r/cybersecurity by /u/Dry_Environment_9254 on 2023-08-28 22:46:51+00:00. What’s everyone using to watch what executables, MSIs and malicious documents are doing in a …ZEROBYTES.MONSTER
29 AugSept 2023: Insider Threat Awareness Month - Unveiling Hidden Riskssubmitted by bOt to cybersecurity 1 points | 0 comments https://haydenjames.io/insider-threat-awareness-unveiling-hidden-risks/ This is an automated archive. The original was posted on /r/cybersecurity by /u/Unprotectedtxt on 2023-08-28 22:07:47+00:00.HAYDENJAMES.IO
29 AugIT leaders alarmed by generative AI’s SaaS security implicationsIT leaders are grappling with anxiety over the risks of generative AI despite continued confidence in their software-as-a-service (SaaS) security posture, according to Snow Software. 96% of respondents indicated they were still ‘confident or very confident’ in their organization’…HELPNETSECURITY.COM
29 AugISC Stormcast For Tuesday, August 29th, 2023 https://isc.sans.edu/podcastdetail/8636, (Tue, Aug 29th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
29 AugWhat makes a good ASM solution stand outIn this Help Net Security interview, Patrice Auffret, CTO at Onyphe, explains how the traditional perimeter-based security view is becoming obsolete. He suggests that organizations should redefine their attack surface concept and discusses proactive measures they can take to stre…HELPNETSECURITY.COM
29 AugWorking at Sophossubmitted by bOt to cybersecurity 1 points | 0 comments This is an automated archive. The original was posted on /r/cybersecurity by /u/Ready_Smile_4651 on 2023-08-29 01:57:17+00:00. Has anyone here worked at Sophos or is currently working at Sophos? If so what are your thoughts?…ZEROBYTES.MONSTER
29 AugLeaking File Contents with a Blind File Oracle in Flarumsubmitted by bOt to netsec 1 points | 0 comments https://blog.assetnote.io/2023/08/28/leaking-file-contents-with-a-blind-file-oracle-in-flarum/ This is an automated archive. The original was posted on /r/netsec by /u/Mempodipper on 2023-08-29 03:44:43+00:00.ASSETNOTE.IO
29 AugGUEST ESSAY: Where we stand on mitigating software risks associated with fly-by-wire jetlinersThe threat of bad actors hacking into airplane systems mid-flight has become a major concern for airlines and operators worldwide. Related: Pushing the fly-by-wire envelope This is especially true because systems are more interconnected and use more complex commercial software …LASTWATCHDOG.COM
29 AugFor the win? Offensive research contests on criminal forumsWe explore some of the entries in recent cybercrime research competitions, and what they say about threat actor innovation and prioritiesSOPHOS.COM
29 AugCisco partners with Nutanix to accelerate hybrid multicloud deploymentsCisco and Nutanix announced a global strategic partnership to accelerate hybrid multicloud deployments by offering complete hyperconverged solution for IT modernization and business transformation. IT organizations continue to face significant operational hurdles and urgent susta…HELPNETSECURITY.COM
29 AugMobile App Security Using No-Code Cyber Defense AutomationAppdome's Tom Tovar Describes How to Address the Challenges of Securing Mobile Apps How can you tackle mobile app security and solve user concerns about usability? No-code cyber defense automation can be used to achieve security outcomes in seconds, build desired protections and …DATABREACHTODAY.CO.UK
29 AugSwissbit introduces D1200 data center SSDSwissbit launched its latest PCIe SSD specifically designed for data center applications. The new D1200 SSD is optimized for workloads demanded by applications including databases, cloud computing, media streaming or artificial intelligence (AI). It combines outstanding performan…HELPNETSECURITY.COM
29 AugCiphertex strengthens data security with SecureNAS CX-160KSSD-XCiphertex Data Security introduces the new durable SecureNAS CX-160KSSD-X to contribute to the advancement of data security for national defense. The SecureNAS CX-160KSSD-X storage unit is powered by an Intel Xeon D processor (4, 8, or 16 Core) and supports up to sixteen hot-swap…HELPNETSECURITY.COM
29 AugTraining Tuesday - Discussions for certs, training and learning-at-homesubmitted by shellsharks to cybersecurity 2 points | 0 comments Weekly thread to discuss industry certifications, trainings and other courses/learning. Ask questions, share your experiences and help others!INFOSEC.PUB
29 AugCan a private internet co-exist with the internet we know?The security industry has always dreamed about an impenetrable internet where threats are neutralized and attackers cannot thrive. Many have tried to conceptualize this theory into reality, but for the time being, it remains a dream. But one company, Dark Cryptonite, has already …SECURITYINTELLIGENCE.COM
29 AugMeta Fights Sprawling Chinese ‘Spamouflage’ OperationMeta has purged thousands of Facebook accounts that were part of a widespread online Chinese spam operation trying to covertly boost China and criticize the West. The post Meta Fights Sprawling Chinese ‘Spamouflage’ Operation appeared first on SecurityWeek .SECURITYWEEK.COM
29 AugCyberheistNews Vol 13 #35 New KnowBe4 Callback Phishing Feature Boosts Your Users' Security AwarenessKNOWBE4.COM
29 AugChampionship Results: No Bank Breaking or Boat Rocking! - Steve Hunt - CSP 137Top-performing CISOs shared with me their hacks for creating a team atmosphere, getting excellent and consistent results, and creating buy-in from management for their budgets, projects, and big ideas. This discussion goes beyond risk management into the realm of performance exce…YOUTUBE.COM
29 AugThe Reality of Cyberinsurance in 2023If an organization decides to include cyberinsurance within its total cyber risk management posture, that cyberinsurance must be fully integrated with the organization’s cybersecurity posture. The post The Reality of Cyberinsurance in 2023 appeared first on SecurityWeek .SECURITYWEEK.COM
29 AugDid Microsoft Just Upend the Enterprise Browser Market?NEWS ANALYSIS: Redmond plants its feet firmly in the enterprise browser space, sending major ripples through Silicon Valley's bustling venture-backed startup ecosystem. The post Did Microsoft Just Upend the Enterprise Browser Market? appeared first on SecurityWeek .SECURITYWEEK.COM
29 AugUN Warns Hundreds of Thousands in Southeast Asia Roped Into Online ScamsA new report sheds light on cybercrime scams that have become a major issue in Asia, with many workers trapped in virtual slavery. The post UN Warns Hundreds of Thousands in Southeast Asia Roped Into Online Scams appeared first on SecurityWeek .SECURITYWEEK.COM
29 AugGrave flaws in BGP Error handlingsubmitted by L4s to secops 1 points | 0 comments https://blog.benjojo.co.uk/post/bgp-path-attributes-grave-error-handling Grave flaws in BGP Error handling::undefinedBENJOJO.CO.UK
29 AugDescope unveils third-party connectors for no-code app journey personalizationDescope has unveiled the availability of third-party connectors that enable app developers to create and customize entire user journeys using no-code tools. Available connectors include Google reCAPTCHA Enterprise, Traceable, Segment, HubSpot, Amazon Rekognition, Google Cloud Tra…HELPNETSECURITY.COM
29 AugMystery, Qakbot, Crates.io, VDP, NetScaler, Entra ID, SynthID, FreeBSD, Jason Wood - SWN #322Mystery, Qakbot, Crates.io, VDP, NetScaler, Entra ID, SynthID, FreeBSD, More News, and Jason Wood on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-322YOUTUBE.COM
29 AugNew ‘MMRat’ Android Trojan Targeting Users in Southeast AsiaThe newly identified MMRat Android trojan has been targeting users in Southeast Asia to remotely control devices and perform bank fraud. The post New ‘MMRat’ Android Trojan Targeting Users in Southeast Asia appeared first on SecurityWeek .SECURITYWEEK.COM
29 AugOpenAI Turns to Security to Sell ChatGPT EnterpriseChatGPT Enterprise is a corporate edition of ChatGPT that promises “enterprise-grade security” and a commitment not to use prompts and company data to train AI models. The post OpenAI Turns to Security to Sell ChatGPT Enterprise appeared first on SecurityWeek .SECURITYWEEK.COM
29 AugQakbot botnet disrupted, malware removed from 700,000+ victim computersThe Qakbot botnet has been crippled by the US Department of Justice (DOJ): 52 of its servers have been seized and the popular malware loader has been removed from over 700,000 victim computers around the world. “To disrupt the botnet, the FBI was able to redirect Qakbot bot…HELPNETSECURITY.COM
29 AugRecorded Future podcast 82 (crosspost)submitted by ashar to security_cpe 1 points | 0 comments https://infosec.exchange/@thezdi/110974586332780695 Back in May, a Russian-speaking cyber gang named Clop broke into MOVEit, a little-known file transfer program. They managed to steal data from some 60 million people (and …INFOSEC.EXCHANGE
29 AugVMware Patches Major Security Flaws in Network Monitoring ProductVWware patches critical flaws that allow hackers to bypass SSH authentication and gain access to the Aria Operations for Networks command line interface. The post VMware Patches Major Security Flaws in Network Monitoring Product appeared first on SecurityWeek .SECURITYWEEK.COM
29 AugData From The Qakbot Malware is Now Searchable in Have I Been Pwned, Courtesy of the FBIPresently sponsored by: Fastmail. Check out Masked Email, built with 1Password. One click gets you a unique email address for every online signup. Try it now! Today, the US Justice Department announced a multinational operation involving actions in the United States, France, Germ…TROYHUNT.COM
🌐 CYBER THREAT LANDSCAPE 5[−]
29 AugStealthy Android Malware MMRat Carries Out Bank Fraud Via Fake App StoresThe Trend Micro Mobile Application Reputation Service (MARS) team discovered a new, fully undetected Android banking trojan, dubbed MMRat, that has been targeting mobile users in Southeast Asia since late June 2023.TRENDMICRO.COM
29 AugDarkGate Malware Activity Spikes as Developer Rents Out Malware to AffiliatesA new malspam campaign has been observed deploying an off-the-shelf malware called DarkGate. "The current spike in DarkGate malware activity is plausible given the fact that the developer of the malware has recently started to rent out the malware to a limited number of affiliate…THEHACKERNEWS.COM
29 AugMeta Fights Sprawling Chinese ‘Spamouflage’ OperationThe network typically posted praise for China and its Xinjiang province and criticisms of the United States, Western foreign policies, and critics of the Chinese government including journalists and researchers, the Meta report says.SECURITYWEEK.COM
29 AugFBI operation tricked thousands of computers infected by Qakbot into uninstalling the malwareA U.S. government operation has dismantled the infrastructure of the notorious Qakbot malware, which officials say caused “hundreds of millions” of dollars of damage worldwide. In an announcement on Tuesday, the FBI said that it had successfully “disrupted and dismantled” the Qak…TECHCRUNCH.COM
29 AugDarkGate Malware Activity Spikes as Developer Rents Out Malware to Affiliates"The current spike in DarkGate malware activity is plausible given the fact that the developer of the malware has recently started to rent out the malware to a limited number of affiliates," Telekom Security said in a report published last week.THEHACKERNEWS.COM
📡 INFOSEC NEWS 25[−]
29 AugHow to Protect Your CI/CD PipelineContinuous integration and continuous delivery/deployment (CI/CD) has won over app developers, with enterprise cybersecurity teams on the hook to protect CI/CD pipelines. OWASP’s Top 10 CI/CD Security Risks clarify what to watch for.TRENDMICRO.COM
29 Aug4 Popular Cybersecurity Myths vs. FactsAny cybersecurity approach is only as strong as its underlying assumptions. What happens when those assumptions are wrong? Find out where confusion about cybersecurity facts can lead organizations astray.TRENDMICRO.COM
29 AugPhishing-as-a-Service Gets Smarter: Microsoft Sounds Alarm on AiTM AttacksMicrosoft is warning of an increase in adversary-in-the-middle (AiTM) phishing techniques, which are being propagated as part of the phishing-as-a-service (PhaaS) cybercrime model. In addition to an uptick in AiTM-capable PhaaS platforms, the tech giant noted that existing phishi…THEHACKERNEWS.COM
29 AugCyber Info-Sharing Guide for Healthcare Sector UpdatedPublic-private cybersecurity councils urged the healthcare industry to be more expansive in sharing signs of hacking, warning that traditional indicators aren't enough to defend against modern cybersecurity threats.BANKINFOSECURITY.COM
29 AugUpdate: Two Men Arrested Following Poland Railway HackingPolish police on Sunday arrested two men suspected of illegally hacking into the national railway’s communications network, which destabilized traffic in some areas of the country this weekend.SECURITYWEEK.COM
29 AugAttackers can Discover IP Addresses by Sending Links Over the Skype Mobile AppA security researcher discovered that it's possible to discover a target’s IP address by sending a link over the Skype mobile app. The researcher pointed out that the attack only requires the target to open the message.SECURITYAFFAIRS.COM
29 AugCorporate Boards Expand Cybersecurity Risk Oversight, Report FindsWith new Securities and Exchange Commission disclosure rules set to take effect in early September, a study from the EY Center for Board Matters shows director oversight of cybersecurity at Fortune 100 companies is rapidly evolving.CYBERSECURITYDIVE.COM
29 AugLive Webinar | Mitigating Organizational Risks of Using Generative AI: The Good, the Bad, and the UglyDATABREACHTODAY.CO.UK
29 AugJapan's JPCERT Warns of New 'MalDoc in PDF' Attack TechniqueJapan’s computer emergency response team (JPCERT) has recently observed a new attack technique, called ‘MalDoc in PDF’, that bypasses detection by embedding a malicious Word file into a PDF file.SECURITYAFFAIRS.COM
29 AugPrivacy Regulators Tell Social Media Companies to Fear the ScrapersSocial media companies and other businesses have an obligation to protect users’ publicly available information from data scrapers that gather it for unintended purposes, an international group of privacy regulators said last week.THERECORD.MEDIA
29 AugPhishing-as-a-Service Gets Smarter: Microsoft Sounds Alarm on AiTM AttacksMicrosoft is warning of an increase in adversary-in-the-middle (AiTM) phishing techniques, which are being propagated as part of the phishing-as-a-service (PhaaS) cybercrime model.THEHACKERNEWS.COM
29 AugGlobal Cybercrime Treaty Could be ‘Disastrous for Human Rights,’ NGOs WarnHuman rights organizations are sounding alarm about a United Nations cybercrime treaty being negotiated this week in New York, warning that the rules could expand government surveillance powers and give dictatorships further tools of repression.THERECORD.MEDIA
29 AugIT Leaders Alarmed by Generative Ai’s SAAS Security ImplicationsIT leaders are grappling with anxiety over the risks of generative AI despite continued confidence in their software-as-a-service (SaaS) security posture, according to Snow Software.HELPNETSECURITY.COM
29 AugGoogle is bringing generative AI to its security toolingToday at Google Cloud Next, the company announced several new generative AI enhancements to its security product line in an effort to make it easier to find information from a massive amount of security data by simply asking questions in plain language. Steph Hay, head of UX for …TECHCRUNCH.COM
29 AugWeb Control, Crime Patrol or Real Pawns in CybercrimeA group of young employees in Hyderabad ran a sophisticated scam using VOIP to target unsuspecting people in the U.S. and trick them into buying gift cards, which were then converted into cryptocurrency and Indian Rupees.THEHINDU.COM
29 AugAre QR codes dangerous? | Kaspersky official blogQR codes are not nearly as harmless as they may seem. Using a specific example, we show what the threat is, and how to avoid it.KASPERSKY.COM
29 AugGenshin Impact dev will sue Kaveh Hacks users and developersGenshin Impact developer miHoYohas responded to an in-game hacking situation that has caused problems recently in its player community, warning that they would take legal action against those responsible. [...]BLEEPINGCOMPUTER.COM
29 AugUS Spy Satellite Agency Isn't So Silent About New Silent Barker MissionPACKETSTORMSECURITY.COM
29 AugCybersecurity Experts Say The West Has Failed To Learn Lessons From UkrainePACKETSTORMSECURITY.COM
29 AugMicrosoft adds HSTS support to Exchange Server 2016 and 2019Microsoft announced today that Exchange Server 2016 and 2019 now come with support for HTTP Strict Transport Security (also known as HSTS). [...]BLEEPINGCOMPUTER.COM
29 AugMom’s Meals issues “Notice of Data Event”: What to know and what to doIt took six months for notifications to start, and we still don't know exactly what went down... but here's our advice on what to do.NAKEDSECURITY.SOPHOS.COM
29 AugTechCrunch Disrupt 2023 Startup Battlefield 200: AI and Security editionAfter months of vetting thousands of applications, the Startup Battlefield 200 (SB 200) cohort for TechCrunch Disrupt 2023 is complete. You do not want to miss this incredible, curated collection of early-stage startups you’ll find exhibiting on the expo floor. We want to highlig…TECHCRUNCH.COM
29 AugDiving into Starlink's User Terminal FirmwareThis blog post presents an overview of Starlink's User Terminal runtime internals, focusing on the communications that happen within the device and with user applications and some tools that can help further research on the same topic.QUARKSLAB.COM