🐛 COMMON VULNERABILITIES AND EXPOSURES 5[−]
30 AugCritical Vulnerability Alert: VMware Aria Operations Networks at Risk from Remote AttacksVMware has released software updates to correct two security vulnerabilities in Aria Operations for Networks that could be potentially exploited to bypass authentication and gain remote code execution. The most severe of the flaws is CVE-2023-34039 (CVSS score: 9.8), which relate…THEHACKERNEWS.COM
30 AugVMware fixes critical vulnerability in Aria Operations for Networks (CVE-2023-34039)VMware has patched one critical (CVE-2023-34039) and one high-severity vulnerability (CVE-2023-20890) in Aria Operations for Networks, its popular enterprise network monitoring tool. About the vulnerabilities (CVE-2023-34039, CVE-2023-20890) CVE-2023-34039 is a network bypass vul…HELPNETSECURITY.COM
30 AugAlert: Juniper Firewalls, Openfire, and Apache RocketMQ Under Attack from New ExploitsRecently disclosed security flaws impacting Juniper firewalls, Openfire, and Apache RocketMQ servers have come under active exploitation in the wild, according to multiple reports. The Shadowserver Foundation said that it's "seeing exploitation attempts from multiple IPs for Juni…THEHACKERNEWS.COM
30 AugJuniper Networks Releases Security Advisory for Junos OS and Junos OS EvolvedJuniper Networks has released a security advisory to address a vulnerability for Junos OS and Junos OS Evolved. A cyber threat actor could exploit this vulnerability to cause a denial-of-service condition. CISA encourages users and administrators to review Juniper’s Support Porta…CISA.GOV
30 AugChinese hackers deploy new malware to hinder Barracuda ESG remediation effortsA Chinese cyberespionage group hacked Barracuda Email Security Gateway (ESG) appliances through a zero-day vulnerability until May. They have now rushed to deploy new malware implants on victims’ devices once the attack was discovered and remediation efforts started. The group is…CSOONLINE.COM
⚠️ VULNERABILITY DISCLOSURE 39[−]
30 AugVelociraptor: Open-source digital forensics and incident responseVelociraptor is a sophisticated digital forensics and incident response tool designed to improve your insight into endpoint activities. Velociraptor enables you to conduct precise and rapid collection of digital forensic data across multiple endpoints simultaneously. Persistently…HELPNETSECURITY.COM
30 AugA closer look at the RFI on open-source software securityThe U.S. Office of the National Cyber Director (ONCD) released a request for information (RFI) entitled Open-Source Software Security: Areas of Long-Term Focus and Prioritization, which indicates that the U.S. Government’s effort to invest in open-source software and securi…HELPNETSECURITY.COM
30 AugIs the new OWASP API Top 10 helpful to defenders?The OWASP Foundation’s Top Ten lists have helped defenders focus their efforts with respect to specific technologies and the OWASP API (Application Programming Interface) Security Top 10 2023 is no exception. First drafted five years ago and updated this year, it aims to address …HELPNETSECURITY.COM
30 AugFBI Dismantles QakBot Malware, Frees 700,000 Computers, Seizes $8.6 MillionA coordinated law enforcement effort codenamed Operation Duck Hunt has felled QakBot, a notorious Windows malware family that's estimated to have compromised over 700,000 computers globally and facilitated financial fraud as well as ransomware. To that end, the U.S. Justice Depar…THEHACKERNEWS.COM
30 AugHackers Can Exploit Skype Vulnerability to Find User IP AddressHackers can now capture your IP address and expose your physical location by sending a Skype link, even if you don’t click it. An IP address, which stands for “Internet Protocol address,” is like a unique digital home address for your device on the internet. The…GBHACKERS.COM
30 AugHackers Abuse Azure AD Abandoned Reply URLs to Escalate PrivilegeRecent reports indicate that there has been a privilege escalation vulnerability discovered, which arises due to abandoned Active Directory URLs. Threat actors can use this flaw to gain illegal authorization codes that can be used against Microsoft Power Platform API to gain acce…GBHACKERS.COM
30 AugCritical Vulnerability in VMware Aria Operations Puts Networks at Risk of Remote AttacksThe vulnerabilities, which affect VMware Aria Operations Networks versions 6.2, 6.3, 6.4, 6.5.1, 6.6, 6.7, 6.8, 6.9, and 6.10, have been addressed in a series of patches released by VMware for each of the versions.THEHACKERNEWS.COM
30 AugHow CISOs can shift from application security to product securityWhether you call it shift-left security, baked-in security, or security-by-design, forward-thinking enterprises today understand that they need to make security a consideration throughout the entire lifecycle of not just individual applications but the business product that they …CSOONLINE.COM
30 AugDreambus Malware Exploits RocketMQ Flaw to Infect ServersThe researchers also observed the threat actor downloading a malicious bash script named ‘reketed’ from a Tor proxy service, which evaded detection from AV engines on VirusTotal.BLEEPINGCOMPUTER.COM
30 AugQakbot infrastructure dismantled in multinational cybercrime takedownThe United States FBI and the Justice Department have announced a multinational operation involving actions in the US, France, Germany, the Netherlands, the UK, Romania, and Latvia to disrupt the botnet and malware known as Qakbot, taking down its infrastructure. The action repre…CSOONLINE.COM
30 AugDreamBus Botnet Exploiting RocketMQ Vulnerability to Delivery Cryptocurrency MinerThe DreamBus botnet has resurfaced and it has been exploiting a recently patched Apache RocketMQ vulnerability to deliver a Monero miner. The post DreamBus Botnet Exploiting RocketMQ Vulnerability to Delivery Cryptocurrency Miner appeared first on SecurityWeek .SECURITYWEEK.COM
30 AugThe removal of Qakbot from infected computers is just the first stepThe Qakbot botnet has been disrupted by an international law enforcement operation that culminated last weekend, when infected computers started getting untethered from it by specially crafted FBI software. Arranging a widespread Qakbot removal The Qakbot administrators use a sys…HELPNETSECURITY.COM
30 AugBGP Flaw Can Be Exploited for Prolonged Internet OutagesSerious flaw affecting major BGP implementations can be exploited to cause prolonged internet outages, but several vendors have not patched it. The post BGP Flaw Can Be Exploited for Prolonged Internet Outages appeared first on SecurityWeek .SECURITYWEEK.COM
30 AugMalicious npm Packages Aim to Target Developers for Source Code TheftAn unknown threat actor is leveraging malicious npm packages to target developers with an aim to steal source code and configuration files from victim machines, a sign of how threats lurk consistently in open-source repositories. "The threat actor behind this campaign has been li…THEHACKERNEWS.COM
30 AugHackers Exploiting Juniper RCE Flaw Following PoC ReleaseThere were multiple vulnerabilities in the Juniper SRX and EX Series, which were reported previously. These vulnerabilities have a medium severity if they are separated. However, combining them together results in a pre-auth RCE, which is a critical vulnerability. Following their…GBHACKERS.COM
30 AugRecent Juniper Flaws Chained in Attacks Following PoC Exploit PublicationFour recent vulnerabilities in the J-Web component of Junos OS have started being chained in malicious attacks after PoC exploit code was published. The post Recent Juniper Flaws Chained in Attacks Following PoC Exploit Publication appeared first on SecurityWeek .SECURITYWEEK.COM
30 AugThe key to securing your cloud perimeterAs organizations transform how they conduct business--from embracing IT and OT to pursuing remote work initiatives--many are harnessing the cloud to advance their operations. And while the cloud undoubtedly offers businesses numerous benefits, it also expands an enterprise's atta…CSOONLINE.COM
30 AugTenable unveils web application and API scanning capabilities for Nessus ExpertTenable has unveiled web application and API scanning in Tenable Nessus Expert, new features that provide simple and comprehensive vulnerability scanning for modern web applications and APIs. Web application and API scanning in Nessus Expert are dynamic application security testi…HELPNETSECURITY.COM
30 AugMozilla Releases Security Updates for Firefox and Firefox ESRMozilla has released security updates to address vulnerabilities for Firefox 117, Firefox ESR 115.2, and Firefox ESR 102.5. A cyber threat actor can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the…CISA.GOV
30 AugExabeam and Google Cloud join forces to modernize security operationsExabeam announced it is expanding its partnership with Google Cloud in the development of generative AI models in its cloud-native New-Scale SIEM product portfolio. As a Google Cloud partner, the collaborative development process on Google Cloud generative AI products will accele…HELPNETSECURITY.COM
30 AugMalicious npm Packages Aim to Target Developers for Source Code TheftAn unknown threat actor is leveraging malicious npm packages to target developers with an aim to steal source code and configuration files from victim machines, a sign of how threats lurk consistently in open-source repositories.THEHACKERNEWS.COM
30 AugRecent Juniper Flaws Chained In Attacks Following PoC Exploit PublicationPACKETSTORMSECURITY.COM
30 AugHome Office / Small Business Hurricane Prep, (Mon, Aug 28th)With what is (or was by now?) hurricane Idalia crossing past my house today, I decided to write a quick summary of what I usually do in cases like this to prepare. This is for a home office or a small business, assuming you have the resources for a typical home. Unlike natur…ISC.SANS.EDU
30 AugHacking campaign bruteforces Cisco VPNs to breach networksHackers are targeting Cisco Adaptive Security Appliance (ASA) SSL VPNs in credential stuffing and brute-force attacks that take advantage of lapses in security defenses, such as not enforcing multi-factor authentication (MFA). [...]BLEEPINGCOMPUTER.COM
30 AugDarkGate Loader Delivered Through Stolen Email Threads to Lure VictimsThe research revealed high malspam activity of DarkGate malware distributed via phishing emails to the users either through MSI files or VBs script payloads. Darkgate malware has been active since 2018 and has the ability to download and execute files to memory, a Hidden Virtual …GBHACKERS.COM
30 AugEvaluating SOC-as-a-Service providers? Assess these 5 attributes.Today's security teams are under enormous pressure. Organizations continue to embrace digital transformation initiatives, expanding the digital attack surface that security teams are responsible for safeguarding. Environments are more complex and interconnected than ever, requiri…CSOONLINE.COM
30 AugVMware Releases Security Updates for Aria Operations for NetworksVMware has released security updates to address multiple vulnerabilities in Aria Operations for Networks. A cyber threat actor can exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review VMware Security Adviso…CISA.GOV
30 AugWhy Criminals Keep Reusing Leaked Ransomware BuildersBlame Police Crackdowns on Big Names, Hacker Thrift, Ransomware Grifters in Trouble What's behind the a profusion of reported attacks involving stolen or reused strains of ransomware? Blame a variety of factors, including law enforcement crackdowns, evolving ransomware business m…DATABREACHTODAY.CO.UK
30 AugGoogle Chrome Security Update: High-Severity Vulnerability PatchedGoogle has updated the Stable and Extended Stable channels for Mac, Linux, and Windows to version 116.0.5845.140/.141 to address a security issue in Chrome. One “high-severity” security patch is included in this version. This upgrade will roll out over the next days a…GBHACKERS.COM
30 AugHackers Can Exploit Windows Container Isolation Framework to Bypass Endpoint SecurityNew findings show that malicious actors could leverage a sneaky malware detection evasion technique and bypass endpoint security solutions by manipulating the Windows Container Isolation Framework. The findings were presented by Deep Instinct security researcher Daniel Avinoam at…THEHACKERNEWS.COM
30 AugCISA and FBI Publish Joint Advisory on QakBot InfrastructureToday, the Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) released a joint Cybersecurity Advisory (CSA), Identification and Disruption of QakBot Infrastructure , to help organizations detect and protect against newly identified Q…CISA.GOV
30 AugFrance's CNIL Calls For Cybersecurity RecommendationsRegulator Will Publish Guide for Organizations That Process Data on a Large Scale The French data regulator is calling on operators of large scale databases to shore up defenses against a slew of threats including nation-states and sophisticated hackers capable of exploiting the …DATABREACHTODAY.CO.UK
30 AugWhat's Behind Disturbing Breach Trends in Healthcare?The volume of major health data breaches is declining, but a disturbing trend is developing that reflects the vulnerability of critical vendors and the tenacity of cybercriminals, say John Delano, VP at Christus Health, and Mike Hamilton, CISO and co-founder of security firm Crit…DATABREACHTODAY.CO.UK
30 AugChinese law enforcement linked to largest covert influence operation ever discoveredsubmitted by c0mmando to netsec 3 points | 0 comments https://therecord.media/spamouflage-china-accused-largest-covert-influence-operation-metaTHERECORD.MEDIA
30 AugParamount discloses data breach following security incidentAmerican entertainment giant Paramount Global disclosed a data breach after its systems got hacked and attackers gained access to personally identifiable information (PII). [...]BLEEPINGCOMPUTER.COM
30 AugMultiple Vulnerabilities in VMware Aria Operations for Networks Could Allow for Remote Code ExecutionMultiple vulnerabilities have been discovered within VMware Aria Operations for Networks, the most severe of which could allow for remote code execution. VMware Aria Operations for Networks is a network monitoring tool that collects and analyzes metrics, APIs, configurations, met…CISECURITY.ORG
30 AugThreat-informed or Threat-owned? Classic Practices Will Probably Save You!So, if you are too busy to read our amazing (duh!) new blog “Revisiting Traditional Security Advice for Modern Threats” , here are the key ideas from it. At some point, a “pre-owned” (compromised before you ever saw it) email security appliance , firewall, or a piece of software …MEDIUM.COM
30 AugInfamous Chisel Malware Analysis ReportInfamous Chisel–A collection of components associated with Sandworm designed to enable remote access and exfiltrate information from Android phones. Executive Summary Infamous Chisel is a collection of components targeting Android devices. This malware is associated with Sandworm…CISA.GOV
📢 SECURITY ADVISORIES 3[−]
30 AugRising cyber incidents challenge healthcare organizationsHealthcare organizations are facing many cybersecurity challenges that require them to increasingly prioritize cybersecurity and compliance, according to Claroty. Threat actors are not only targeting IT systems, but have now set their sights on cyber-physical systems – from IoMT …HELPNETSECURITY.COM
30 AugComplyCube Field Redaction removes sensitive fields from documentsComplyCube enhanced its Document Checks solution with automated Field Redaction capabilities. This feature systematically masks sensitive Personal Identifiable Information (PII) fields, such as the Dutch BSN, to assist businesses with global data privacy regulations compliance wh…HELPNETSECURITY.COM
🔥 INCIDENT REPORTING 11[−]
30 AugCyber Security Today, August 30, 2023 - More ransomware and MOVEit attack numbers, and an attack on a Rust repositoryThis episode reports on QR codes being used by threat actors, statistics on ransomware and MOVEit hacks, and moreCYBERSECURITYTODAY.LIBSYN.COM
30 AugJapan’s cybersecurity agency admits it was hacked for monthsJapan’s National Center of Incident Readiness and Strategy for Cybersecurity (NISC), the agency responsible for the nation's defences against cyber attacks, has itself been hacked. Read more in my article on the Hot for Security blog.BITDEFENDER.COM
30 AugPay Our Ransom Instead of GDPR Fine, Cybercrime Gang Tells Its TargetsThe hackers behind Ransomed are probably linked to other data leak websites like BreachForums and Exposed, Flashpot said. Some of these sites have shut down due to money problems or poor management, the researchers said.THERECORD.MEDIA
30 AugCost of a data breach 2023: Financial industry impactsAccording to the IBM Cost of a Data Breach Report 2023, the global average cost of a data breach in 2023 was $4.45 million, 15% more than in 2020. In response, 51% of organizations plan to increase cybersecurity spending this year. For the financial industry, however, global stat…SECURITYINTELLIGENCE.COM
30 AugPurFood data breach exposes personal information of 1.2 million customersBoth health and financial information may have been accessed during the hack into PurFood’s systemsCSHUB.COM
30 AugMicrosoft Adds HSTS Support to Exchange Server 2016 and 2019This protects against man-in-the-middle attacks and prevents users from connecting through compromised channels. HSTS also eliminates the need for redirecting users from HTTP to HTTPS URLs.BLEEPINGCOMPUTER.COM
30 AugHealthcare Organizations Hit by Cyberattacks Last Year Reported Big Impact, CostsRoughly 78% of the healthcare organizations in North America, South America, the APAC region, and Europe experienced a cyberattack over the past year, according to a new report. The post Healthcare Organizations Hit by Cyberattacks Last Year Reported Big Impact, Costs appeared fi…SECURITYWEEK.COM
30 AugUS Aids Costa Rican Post-Hack Push for Robust SOC, Secure 5GUS Funds for Regional SOC, Use of Trusted 5G Providers Follows Big 2022 Cyberattack Costa Rica will build a national cybersecurity operations center with substantial U.S. backing following a crippling cyberattack last year while also committing to using only trusted 5G providers.…DATABREACHTODAY.CO.UK
30 AugWordPress migration add-on flaw could lead to data breachesAll-in-One WP Migration, a popular data migration plugin for WordPress sites that has 5 million active installations, suffers from unauthenticated access token manipulation that could allow attackers to access sensitive site information. [...]BLEEPINGCOMPUTER.COM
30 AugNew Android Banking Trojan Targets Southeast Asia RegionAndroid Banking Trojan Disguised As Dating or Government App Hackers are deploying a novel Android malware using an uncommon communication method to steal banking login data from compromised devices primarily in Southeast Asia. Users download the malware from phishing websites di…DATABREACHTODAY.CO.UK
30 AugOpen Redirect Flaws: The Newest Phishing TrickNo surprise: phishing attacks are on the rise, and a new technique is becoming increasingly popular: open redirect flaws. These flaws allow attackers to redirect victims to malicious websites, even if the link in the phishing email appears to be legitimate.KNOWBE4.COM
🕵️ THREAT INTELLIGENCE 34[−]
30 AugISC Stormcast For Wednesday, August 30th, 2023 https://isc.sans.edu/podcastdetail/8638, (Wed, Aug 30th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
30 AugThreat Actors Abuse Google Groups to Send Fake order NotificationsThreat actors continue to evolve their spam tactics by utilizing legitimate Google Groups to send Fake order messages to target multiple users. Fake order scams work by notifying victims about the purchase status or confirmation that originally was not placed by the r…GBHACKERS.COM
30 AugWhat is Static Network Address Translation?Static NAT is a type of NAT that maps one public IP address to one private IP address. Every time a device with a private IP address on your network tries to access the internet, its traffic will be routed through the NAT device and assigned the public IP address that is statical…GBHACKERS.COM
30 AugEarth Estries Targets Government, Tech for CyberespionageWe break down a new cyberespionage campaign deployed by a cybercriminal group we named Earth Estries. Analyzing the tactics, techniques, and procedures (TTPs) employed, we observed overlaps with the advanced persistent threat (APT) group FamousSparrow as Earth Estries targets gov…TRENDMICRO.COM
30 AugGoogle launches tool to identify AI-generated imagesGoogle is launching a beta version of SynthID, a tool that identifies and watermarks AI-generated images. The tool will initially be available to a limited number of customers that use Imagen, Google’s cloud-based AI model for generating images from text. Google SynthID pla…HELPNETSECURITY.COM
30 AugMeter collaborates with Cloudflare to launch DNS SecurityMeter announced DNS Security, built in partnership with Cloudflare. Meter DNS Security is now widely available for all Meter Network customers, expanding Meter’s existing NaaS offering and saving teams both time and money, while also improving overall network performance and secu…HELPNETSECURITY.COM
30 AugHow Quantum Computing Will Impact CybersecurityWhile quantum-based attacks are still in the future, organizations must think about how to defend data in transit when encryption no longer works. The post How Quantum Computing Will Impact Cybersecurity appeared first on SecurityWeek .SECURITYWEEK.COM
30 AugHigh-Severity Memory Corruption Vulnerabilities Patched in Firefox, ChromeMozilla and Google have released stable updates for the Firefox and Chrome browsers to address several memory corruption vulnerabilities. The post High-Severity Memory Corruption Vulnerabilities Patched in Firefox, Chrome appeared first on SecurityWeek .SECURITYWEEK.COM
30 AugFianu Labs Emerges From Stealth With $2 Million in Seed FundingFianu Labs has emerged from stealth mode with a software governance automation solution and $2 million in seed funding. The post Fianu Labs Emerges From Stealth With $2 Million in Seed Funding appeared first on SecurityWeek .SECURITYWEEK.COM
30 AugMixMode enhances Generative AI Platform to improve threat detectionMixMode has released its quarterly update for the Generative AI Platform. Continuing to innovate with new features that drive threat detection and response capabilities in large data environments, the latest updates include expanded cloud data ingestion capabilities, including su…HELPNETSECURITY.COM
30 AugWhat are You Working on Wednesdaysubmitted by shellsharks to cybersecurity 1 points | 0 comments Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.INFOSEC.PUB
30 AugDiving into Starlink's User Terminal Firmwaresubmitted by L4s to secops 1 points | 0 comments https://blog.quarkslab.com/starlink.html Diving into Starlink’s User Terminal Firmware::undefinedQUARKSLAB.COM
30 AugGitHub Enterprise Server Gets New Security CapabilitiesGitHub Enterprise Server 3.10 released with additional security capabilities, including support for custom deployment rules. The post GitHub Enterprise Server Gets New Security Capabilities appeared first on SecurityWeek .SECURITYWEEK.COM
30 AugHow to Prevent ChatGPT From Stealing Your Content & TrafficChatGPT and similar large language models (LLMs) have added further complexity to the ever-growing online threat landscape. Cybercriminals no longer need advanced coding skills to execute fraud and other damaging attacks against online businesses and customers, thanks to bots-as-…THEHACKERNEWS.COM
30 AugStealthy Android Malware Attacking Mobile Users Via Fake App StoresA recently discovered Android Trojan, dubbed “MMRat,” poses a serious threat to mobile banking security. Unlike other forms of malware, this Trojan is designed to evade detection from traditional antivirus software. The security experts at TrendMicro have identified t…GBHACKERS.COM
30 AugQuishing: QR Codes as PhishbaitResearchers at Trustwave are tracking an increase in the use of QR codes to spread phishing links.KNOWBE4.COM
30 AugNetskope Proactive DEM enables organizations to anticipate potential problemsNetskope launched Proactive Digital Experience Management (DEM) for SASE, elevating best practice from the current reactive monitoring tools to proactive user experience management. Proactive DEM provides experience management capabilities across the entire SASE architecture, inc…HELPNETSECURITY.COM
30 AugWhen Apps Go RogueInteresting story of an Apple Macintosh app that went rogue. Basically, it was a good app until one particular update…when it went bad. With more official macOS features added in 2021 that enabled the “Night Shift” dark mode, the NightOwl app was left forlorn an…SCHNEIER.COM
30 AugThrowback to the old dayssubmitted by Darkbug to cybersecurity 1 points | 0 comments https://lemmy.one/pictrs/image/d8b56fbb-20e5-46b7-9280-0bc202a8e014.jpeg Was digging through my draws and found these gems.LEMMY.ONE
30 AugTrojanized Signal and Telegram apps on Google Play delivered spywareTrojanized Signal and Telegram apps containing the BadBazaar spyware were uploaded onto Google Play and Samsung Galaxy Store by a Chinese APT hacking group known as GREF. [...]BLEEPINGCOMPUTER.COM
30 Aug‘Earth Estries’ Cyberespionage Group Targets Government, Tech SectorsEarth Estries, a cyberspy group possibly linked to China, has targeted governments and tech firms in the US, Germany, South Africa and Asia. The post ‘Earth Estries’ Cyberespionage Group Targets Government, Tech Sectors appeared first on SecurityWeek .SECURITYWEEK.COM
30 AugMMRat Android Trojan Executes Remote Financial Fraud Through Accessibility FeatureA previously undocumented Android banking trojan dubbed MMRat has been observed targeting mobile users in Southeast Asia since late June 2023 to remotely commandeer the devices and perform financial fraud. "The malware, named after its distinctive package name com.mm.user, can ca…THEHACKERNEWS.COM
30 AugEmail Authentication Protocols: SPF, DKIM, and DMARC – A Detailed GuideEmail communication is essential for personal and professional contact in the modern digital environment. Email is widely used, making it a perfect target for cybercriminals, leading to increased phishing attempts, spam, and email spoofing. Strong email security measures are beco…GBHACKERS.COM
30 AugBlack Hat Fireside Chat: How ‘enterprise browsers’ serve as a checkpoint to stop ChatGPT leakageFor a couple of decades now, the web browser has endured in workplace settings as the primary employee-to-Internet interface. It’s really just assumed to be a given that a browser built for consumers is an acceptable application for employees to … (more…)LASTWATCHDOG.COM
30 AugSailPoint to Buy Privileged Access Vendor Osirium for $8.3MM&A Will Help SailPoint Guard Privileged, Non-Privileged Identities on One Platform SailPoint has agreed to buy U.K.-based privileged access management vendor Osirium for $8.3 million to better protect privileged and non-privileged identities on a single platform. The deal wi…DATABREACHTODAY.CO.UK
30 AugNetwork technology giant Juniper warns users about denial-of-service bugssubmitted by c0mmando to netsec 1 points | 0 comments https://therecord.media/juniper-warns-of-denial-of-service-bugsTHERECORD.MEDIA
30 AugNetgear releases patches for two high-severity vulnerabilitiessubmitted by c0mmando to netsec 2 points | 0 comments https://therecord.media/netgear-releases-patches-for-two-bugsTHERECORD.MEDIA
30 AugFBI-led 'Operation Duck Hunt' takes down Qakbotsubmitted by c0mmando to netsec 1 points | 0 comments https://www.theregister.com/2023/08/29/duck_hunt_qakbot/THEREGISTER.COM
30 AugUnmasking Trickbot, One of the World’s Top Cybercrime Gangssubmitted by c0mmando to netsec 1 points | 0 comments https://www.wired.com/story/trickbot-trickleaks-bentley/WIRED.COM
30 AugFacebook Links Massive Disinformation Operation to China'Spamouflage' Controlled Thousands of Facebook Pages But Struggled for Engagement Facebook parent Meta unearthed a Chinese propaganda campaign active across dozens of social media sites in what the company calls the largest known cross-platform influence operation in the world. "…DATABREACHTODAY.CO.UK
30 AugGeorge Kurtz: Point Product Companies Are Being Left BehindCrowdStrike CEO Says Clients Spot 'Point Products Masquerading as Platform Stories' CrowdStrike CEO George Kurtz said point product companies "are quickly going the way of legacy antivirus" as rivals SentinelOne and BlackBerry reportedly hunt for buyers. The endpoint security mar…DATABREACHTODAY.CO.UK
30 AugCrowdStrike CEO: Point Product Vendors Are Being Left BehindGeorge Kurtz Says Clients Spot 'Point Products Masquerading as Platform Stories' CrowdStrike CEO George Kurtz said point product companies "are quickly going the way of legacy antivirus" as rivals SentinelOne and BlackBerry reportedly hunt for buyers. The endpoint security market…DATABREACHTODAY.CO.UK
30 AugPalo Alto Networks Empowers MSPs with Prisma SASE EnhancementsPrisma SASE is a scalable multi-tenant cloud management solution for MSPs to fast track their enterprise digital transformation with managed SASE services. The post Palo Alto Networks Empowers MSPs with Prisma SASE Enhancements appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
🌐 CYBER THREAT LANDSCAPE 3[−]
30 AugFBI Dismantles QakBot Malware, Frees 700,000 Computers, Seizes $8.6 MillionThe cross-border exercise involved the participation of France, Germany, Latvia, Romania, the Netherlands, the U.K., and the U.S., alongside technical assistance from cybersecurity company Zscaler.THEHACKERNEWS.COM
30 AugChina-Linked BadBazaar Android Spyware Targeting Signal and Telegram UsersCybersecurity researchers have discovered malicious Android apps for Signal and Telegram distributed via the Google Play Store and Samsung Galaxy Store that are engineered to deliver the BadBazaar spyware on infected devices. Slovakian company ESET attributed the campaign to a Ch…THEHACKERNEWS.COM
30 AugChina-Linked BadBazaar Android Spyware Targeting Signal and Telegram UsersCybersecurity researchers have discovered malicious Android apps for Signal and Telegram distributed via the Google Play Store and Samsung Galaxy Store that are engineered to deliver the BadBazaar spyware on infected devices.THEHACKERNEWS.COM
🎙️ PODCASTS 1[−]
30 AugTransatlantic Cable podcast, episode 314 | Kaspersky official blogIn episode 314 of the Kaspersky podcast, the team discuss stalkerware getting pwned, Lapsus found guilty and much more.KASPERSKY.COM
📡 INFOSEC NEWS 13[−]
30 AugMalDoc in PDF: New Malicious Attack Discovered by JPCERTJapan CERT has uncovered a novel attack technique named 'MalDoc in PDF' that involves embedding a malicious Word file into a PDF document to evade detection. While the file appears as a PDF, it can be opened in Word and execute malicious macros. JPCERT has shared detection detail…CYWARE.COM
30 AugAiTM Attacks Evolve: Warns MicrosoftMicrosoft is alerting about a rise in AiTM phishing methods within the PhaaS cybercrime model, enabling widespread large-scale phishing campaigns. The primary aim of these attacks is to steal session cookies, allowing malicious actors to gain entry to privileged systems without n…CYWARE.COM
30 AugWith Beijing’s greenlight, mobility unicorns Zeekr and WeRide inch closer to US IPOsSix months ago, China’s securities authority announced a set of new rules to facilitate overseas IPOs of Chinese companies, allowing Beijing to tighten its grip on businesses seeking to sell shares abroad. Since then, companies have committed themselves to meeting these new…TECHCRUNCH.COM
30 AugGenshin Impact Developer Will Sue Kaveh Hacks Users and DevelopersGenshin Impact developer miHoYohas responded to an in-game hacking situation that has caused problems recently in its player community, warning that they would take legal action against those responsible.BLEEPINGCOMPUTER.COM
30 AugRussians Impersonate Washington Post and Fox News With Anti-Ukraine StoriesThis operation, named Doppelganger, has persevered in its attempts to influence Western opinion despite numerous disruptions by Meta and “continuous scrutiny by platforms and researchers.”THERECORD.MEDIA
30 AugGitHub Enterprise Server Gets New Security CapabilitiesNow, teams using GitHub Actions can also create their own custom deployment protection rules, to ensure that only “the deployments that pass all quality, security, and manual approval requirements make it to production,” GitHub explained.SECURITYWEEK.COM
30 AugProtecting Amazon S3 Buckets from Malicious FilesAmazon S3 buckets are popular for file storage in the AWS platform. Their serverless element requires an alternative approach to traditional endpoint protection for detecting malicious files.SOPHOS.COM
30 AugVMware Aria vulnerable to critical SSH authentication bypass flawVMware Aria Operations for Networks (formerly vRealize Network Insight) is vulnerable to a critical severity authentication bypass flaw that could allow remote attackers to bypass SSH authentication and access private endpoints. [...]BLEEPINGCOMPUTER.COM
30 AugApple opens 2024 applications to get ‘security research’ iPhonesApple announced today that iOS security researchers can now apply for a Security Research Device (SRD) by the end of October. [...]BLEEPINGCOMPUTER.COM
30 AugWindows 11 browser change: Europe applauds, outrage everywhere elseMicrosoft will soon allow users in the European Union, as well as from Iceland, Liechtenstein, and Norway, to once again open all links in Windows using their default web browser rather than forcing the use of Microsoft Edge. [...]BLEEPINGCOMPUTER.COM