🚨 CISA KEV 2[−]
12 Sep KEVCISA Adds Recently Discovered Apple Zero-Days to Known Exploited Vulnerabilities CatalogThe Cybersecurity and Infrastructure Security Agency (CISA) added the security vulnerabilities chained in the zero-click iMessage exploit BLASTPASS to its Known Exploited Vulnerabilities Catalog.SECURITYAFFAIRS.COM
12 Sep KEVCISA Adds Two Known Vulnerabilities to CatalogCISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2023-36761 Microsoft Word Information Disclosure Vulnerability CVE-2023-36802 Microsoft Streaming Service Proxy Elevation of Privilege Vulnerabili…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 67[−]
12 Sep KEVGoogle Rushes to Patch Critical Chrome Vulnerability Exploited in the Wild - Update NowGoogle on Monday rolled out out-of-band security patches to address a critical security flaw in its Chrome web browser that it said has been exploited in the wild. Tracked as CVE-2023-4863, the issue has been described as a case of heap buffer overflow that resides in the WebP im…THEHACKERNEWS.COM
12 SepGoogle Patches Chrome Zero-Day Reported by Apple, Spyware HuntersGoogle has released a Chrome 116 security update to patch CVE-2023-4863, the fourth Chrome zero-day vulnerability documented in 2023. The post Google Patches Chrome Zero-Day Reported by Apple, Spyware Hunters appeared first on SecurityWeek .SECURITYWEEK.COM
12 SepGoogle Patches Chrome Zero-Day Reported by Apple, Spyware HuntersGoogle on Monday released an emergency Chrome 116 security update to patch the fourth zero-day vulnerability discovered in the browser in 2023. Tracked as CVE-2023-4863, it is a critical severity heap buffer overflow issue in the WebP component.SECURITYWEEK.COM
12 Sep KEVApple backports BLASTPASS zero-day fixes to older iPhonesApple released security updates for older iPhones to fix a zero-day vulnerability tracked as CVE-2023-41064 that was actively exploited to infect iOS devices with NSO's Pegasus spyware. [...]BLEEPINGCOMPUTER.COM
12 Sep KEVApple backports BLASTPASS zero-day fix to older iPhonesApple released security updates for older iPhones to fix a zero-day vulnerability tracked as CVE-2023-41064 that was actively exploited to infect iOS devices with NSO's Pegasus spyware. [...]BLEEPINGCOMPUTER.COM
12 SepCVE-2023-35355 Windows Cloud Files Mini Filter Driver Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 SepCVE-2023-38162 DHCP Server Service Denial of Service VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 SepCVE-2023-38161 Windows GDI Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 SepCVE-2023-38156 Azure HDInsight Apache Ambari Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 SepCVE-2023-38152 DHCP Server Service Information Disclosure VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 SepCVE-2023-38150 Windows Kernel Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 SepCVE-2023-38149 Windows TCP/IP Denial of Service VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 SepCVE-2023-38148 Internet Connection Sharing (ICS) Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 SepCVE-2023-38147 Windows Miracast Wireless Display Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 SepCVE-2023-38146 Windows Themes Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 SepCVE-2023-38144 Windows Common Log File System Driver Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 SepCVE-2023-38143 Windows Common Log File System Driver Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 SepCVE-2023-38142 Windows Kernel Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 SepCVE-2023-38141 Windows Kernel Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 SepCVE-2023-38140 Windows Kernel Information Disclosure VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 SepCVE-2023-38139 Windows Kernel Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 SepCVE-2023-36805 Windows MSHTML Platform Security Feature Bypass VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 SepCVE-2023-36804 Windows GDI Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 SepCVE-2023-36803 Windows Kernel Information Disclosure VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 SepCVE-2023-36802 Microsoft Streaming Service Proxy Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 SepCVE-2023-36801 DHCP Server Service Information Disclosure VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 SepCVE-2023-36767 Microsoft Office Security Feature Bypass VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 SepCVE-2023-36766 Microsoft Excel Information Disclosure VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 SepCVE-2023-36765 Microsoft Office Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 SepCVE-2023-36759 Visual Studio Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 SepCVE-2023-36758 Visual Studio Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 SepCVE-2023-36757 Microsoft Exchange Server Spoofing VulnerabilityInformation published. This CVE was addressed by updates that were released in August 2023, but the CVE was inadvertently omitted from the August 2023 Security Updates. Microsoft strongly recommends that customers running affected versions of Microsoft Exchange Server install the…MSRC.MICROSOFT.COM
12 SepCVE-2023-36756 Microsoft Exchange Server Remote Code Execution VulnerabilityInformation published. This CVE was addressed by updates that were released in August 2023, but the CVE was inadvertently omitted from the August 2023 Security Updates. Microsoft strongly recommends that customers running affected versions of Microsoft Exchange Server install the…MSRC.MICROSOFT.COM
12 SepCVE-2023-36745 Microsoft Exchange Server Remote Code Execution VulnerabilityInformation published. This CVE was addressed by updates that were released in August 2023, but the CVE was inadvertently omitted from the August 2023 Security Updates. Microsoft strongly recommends that customers running affected versions of Microsoft Exchange Server install the…MSRC.MICROSOFT.COM
12 SepCVE-2023-36744 Microsoft Exchange Server Remote Code Execution VulnerabilityInformation published. This CVE was addressed by updates that were released in August 2023, but the CVE was inadvertently omitted from the August 2023 Security Updates. Microsoft strongly recommends that customers running affected versions of Microsoft Exchange Server install the…MSRC.MICROSOFT.COM
12 SepCVE-2023-36742 Visual Studio Code Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 SepCVE-2023-36736 Microsoft Identity Linux Broker Arbitrary Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 SepCVE-2023-41764 Microsoft Office Spoofing VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 SepCVE-2022-41303 AutoDesk: CVE-2022-41303 use-after-free vulnerability in Autodesk® FBX® SDK 2020 or priorInformation published.MSRC.MICROSOFT.COM
12 SepCVE-2023-29332 Microsoft Azure Kubernetes Service Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 SepCVE-2023-33136 Azure DevOps Server Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 SepCVE-2023-36886 Microsoft Dynamics 365 (on-premises) Cross-site Scripting VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 SepCVE-2023-38164 Microsoft Dynamics 365 (on-premises) Cross-site Scripting VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 SepCVE-2023-38163 Windows Defender Attack Surface Reduction Security Feature BypassInformation published.MSRC.MICROSOFT.COM
12 SepCVE-2023-38160 Windows TCP/IP Information Disclosure VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 SepCVE-2023-38155 Azure DevOps Server and Team Foundation Server Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 SepCVE-2023-36800 Dynamics Finance and Operations Cross-site Scripting VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 SepCVE-2023-36799 .NET Core and Visual Studio Denial of Service VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 SepCVE-2023-36796 Visual Studio Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 SepCVE-2023-36794 Visual Studio Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 SepCVE-2023-36793 Visual Studio Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 SepCVE-2023-36792 Visual Studio Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 SepCVE-2023-36788 .NET Framework Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 SepCVE-2023-36777 Microsoft Exchange Server Information Disclosure VulnerabilityInformation published. This CVE was addressed by updates that were released in August 2023, but the CVE was inadvertently omitted from the August 2023 Security Updates. Microsoft strongly recommends that customers running affected versions of Microsoft Exchange Server install the…MSRC.MICROSOFT.COM
12 SepCVE-2023-36773 3D Builder Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 SepCVE-2023-36772 3D Builder Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 SepCVE-2023-36771 3D Builder Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 SepCVE-2023-36770 3D Builder Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 SepCVE-2023-36764 Microsoft SharePoint Server Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 SepCVE-2023-36763 Microsoft Outlook Information Disclosure VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 SepCVE-2023-36762 Microsoft Word Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 SepCVE-2023-36761 Microsoft Word Information Disclosure VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 SepCVE-2023-36760 3D Viewer Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 SepCVE-2023-39956 Electron: CVE-2023-39956 -Visual Studio Code Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 SepCVE-2023-36740 3D Viewer Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 SepCVE-2023-36739 3D Viewer Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 SepChromium: CVE-2023-4863 Heap buffer overflow in WebPThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
⚠️ VULNERABILITY DISCLOSURE 40[−]
12 SepThe global cybersecurity skills shortage: Still crazy after all these yearsI've been researching and writing about the global cybersecurity skills shortage since the early 2000s. Perhaps the world viewed me as "chicken little," but I saw back then that there were more jobs than people, and many employed security pros were lacking advanced and increasing…CSOONLINE.COM
12 SepNorth Korean hackers targeting vulnerability researchers with zero-day attacks, Google warnsState-sponsored hackers, backed by the regime in North Korea, are believed to be using zero-day exploits to target cybersecurity researchers working in the field of vulnerability research and development. Read more in my article on the Hot for Security blog.BITDEFENDER.COM
12 SepSecurity and privacy laws, regulations, and compliance: The complete guideThis directory includes laws, regulations and industry guidelines with significant security and privacy impact and requirements. Each entry includes a link to the full text of the law or regulation as well as information about what and who is covered. CSO updates this directory, …CSOONLINE.COM
12 SepNIST releases Cybersecurity Framework 2.0 draftOn February 12, 2014, the US National Institute of Standards and Technology (NIST) issued a landmark document , the Framework for Improving Critical Infrastructure Cybersecurity (CSF). Four years later, NIST issued the CSF 1.1 , which included updates on supply chain risk managem…CSOONLINE.COM
12 SepMGM Resorts Confirms ‘Cybersecurity Issue’, Shuts Down SystemsHospitality and entertainment giant MGM Resorts on Monday said a “cybersecurity issue” forced the shutdown of certain computer systems, including the websites for some of the biggest Las Vegas and New York properties.SECURITYWEEK.COM
12 SepCritical GitHub Vulnerability Exposes 4,000+ Repositories to Repojacking AttackA new vulnerability disclosed in GitHub could have exposed thousands of repositories at risk of repojacking attacks, new findings show. The flaw "could allow an attacker to exploit a race condition within GitHub's repository creation and username renaming operations," Checkmarx s…THEHACKERNEWS.COM
12 SepCode Intelligence unveils new LLM-powered software security testing solutionSecurity testing firm Code Intelligence has announced the release of CI Spark, a new large language model (LLM) powered solution for software security testing. CI Spark makes use of LLMs to automatically identify attack surfaces and to suggest test code, leveraging generative AI'…CSOONLINE.COM
12 SepICS Patch Tuesday: Critical CodeMeter Vulnerability Impacts Several Siemens ProductsICS Patch Tuesday: Siemens has released 7 new advisories and Schneider Electric has released 1 new advisory. The post ICS Patch Tuesday: Critical CodeMeter Vulnerability Impacts Several Siemens Products appeared first on SecurityWeek .SECURITYWEEK.COM
12 SepNew Sentra tool to help classify sensitive enterprise data using LLMsClassifying sensitive unstructured data like source codes or employee contracts will now be possible with the help of Sentra's classification engine, which will now utilize large language models (LLM). Cloud data security provider, Sentra, has announced that LLMs are now built di…CSOONLINE.COM
12 SepFBI Investigates Cyberattack That Forced Hinds County Government Offices to CloseThe ransomware attack was first reported on September 7 by Hinds County administrator Kenny Wayne Jones. Hinds County government offices were forced to close last Thursday and Friday due to employees not being able to access their computers.YAHOO.COM
12 SepMultiple Vulnerabilities in Notepad++ Could Allow for Arbitrary Code ExecutionMultiple vulnerabilities have been discovered in Notepad++, the most severe of which could result in arbitrary code execution. Notepad++ is a free and open-source text and source code editor for use with Microsoft Windows. Successful exploitation of the most severe of these vulne…CISECURITY.ORG
12 SepCISA Releases its Open Source Software Security RoadmapToday, CISA released an Open Source Software Security Roadmap to lay out—in alignment with the National Cybersecurity Strategy and the CISA Cybersecurity Strategic Plan —how we will partner with federal agencies, open source software (OSS) consumers, and the OSS community, to sec…CISA.GOV
12 SepCisco Secure Application brings app and security teams togetherCisco Secure Application, previously known as Security Insights for Cloud Native Application Observability, is now available on the vendor's Full-Stack Observability Platform, launched in June . Secure Application was designed to bring together applications and security teams acr…CSOONLINE.COM
12 SepCISA Releases Three Industrial Control Systems AdvisoriesCISA released three Industrial Control Systems (ICS) advisories on September 12, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-255-01 Hitachi Energy Lumada APM Edge ICSA-23-255-02 Fujitsu So…CISA.GOV
12 SepEmail campaigns leverage updated DBatLoader to deliver RATs, stealersIBM X-Force has identified new capabilities in DBatLoader malware samples delivered in recent email campaigns, signaling a heightened risk of infection from commodity malware families associated with DBatLoader activity. X-Force has observed nearly two dozen email campaigns since…SECURITYINTELLIGENCE.COM
12 SepBuilding a Scanner and a Community with Zed Attack Proxy - Simon Bennetts - ASW #254Zed Attack Proxy is an essential tool for web app pentesting. The project just recently moved from OWASP to the Secure Software Project. Hear about the challenges of running an OSS security project, why Simon got involved in the first place, and why successful projects are about …YOUTUBE.COM
12 SepAdobe Says Critical PDF Reader Zero-Day Being ExploitedAdobe raises an alarm for new in-the-wild zero-day attacks hitting users of its widely deployed Adobe Acrobat and Reader product. The post Adobe Says Critical PDF Reader Zero-Day Being Exploited appeared first on SecurityWeek .SECURITYWEEK.COM
12 SepNew WiKI-Eve Attack can Steal Numerical Passwords Over WiFiThe WiKI-Eve attack is designed to intercept WiFi signals during password entry, so it's a real-time attack that must be carried out while the target actively uses their smartphone and attempts to access a specific application.BLEEPINGCOMPUTER.COM
12 SepAdobe warns of critical Acrobat and Reader zero-day exploited in attacksAdobe has released security updates to patch a zero-day vulnerability in Acrobat and Reader tagged as exploited in attacks. [...]BLEEPINGCOMPUTER.COM
12 Sep KEVMicrosoft September 2023 Patch Tuesday fixes 2 zero-days, 59 flawsToday is Microsoft's September 2023 Patch Tuesday, with security updates for 59 flaws, including two actively exploited zero-day vulnerabilities. [...]BLEEPINGCOMPUTER.COM
12 SepAP Stylebook Data Breach Compromises Customer Personal InformationThe Associated Press (AP) has disclosed a data breach affecting the legacy AP Stylebook website that led to phishing attacks against impacted customers, BleepingComputer reports.KNOWBE4.COM
12 SepZero Day Summer: Microsoft Warns of Fresh New Software ExploitsMicrosoft’s struggles with zero-day exploits rolled into a new month with a fresh Patch Tuesday warning about malware attacks in the wild. The post Zero Day Summer: Microsoft Warns of Fresh New Software Exploits appeared first on SecurityWeek .SECURITYWEEK.COM
12 SepAdobe Releases Security Updates for Multiple ProductsAdobe has released security updates to address vulnerabilities affecting Adobe software. A cyber threat actor can exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Adobe Security Bulletins …CISA.GOV
12 SepFrom Terminal Output to Arbitrary Remote Code Executionsubmitted by solidsnail to security 1 points | 0 comments https://blog.solidsnail.com/posts/2023-08-28-iterm2-rce cross-posted from: infosec.pub/post/2466014 This is my first write-up, on a vulnerability I discovered in iTerm2 (RCE). Would love to hear opinions on this. I tried t…SOLIDSNAIL.COM
12 SepCritical Patches Issued for Microsoft Products, September 12, 2023Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, o…CISECURITY.ORG
12 SepIranian Hackers 'Ballistic Bobcat' Deploy New BackdoorHackers Likely Exploited ProxyLogon to Gain Access, Says Eset Hackers aligned with the Iranian state are targeting vulnerable Microsoft Exchange Servers to deploy a new malware backdoor that has already victimized over two dozen Israeli organizations as part of an ongoing espiona…DATABREACHTODAY.CO.UK
12 Sep KEVMozilla patches Firefox, Thunderbird against zero-day exploited in attacksMozilla released emergency security updates today to fix a critical zero-day vulnerability exploited in the wild, impacting its Firefox web browser and Thunderbird email client. [...]BLEEPINGCOMPUTER.COM
12 SepMicrosoft September 2023 Patch Tuesday, (Tue, Sep 12th)This month we got patches for 66 vulnerabilities. Of these, 5 are critical, and 2 are already being exploited, according to Microsoft.
ISC.SANS.EDU
12 SepApple Releases Security Updates for iOS and macOSApple has released security updates to address a vulnerability in multiple products. A cyber threat actor could exploit this vulnerability to take control of an affected device. CISA encourages users and administrators to review the following advisories and apply the necessary up…CISA.GOV
12 SepMicrosoft Releases September 2023 UpdatesMicrosoft has released updates to address multiple vulnerabilities in Microsoft software. A cyber threat actor can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s September 2023 Security U…CISA.GOV
12 SepAdobe, Apple, Google & Microsoft Patch 0-Day BugsMicrosoft today issued software updates to fix at least five dozen security holes in Windows and supported software, including patches for two zero-day vulnerabilities that are already being exploited. Also, Adobe, Google Chrome and Apple iOS users may have their own zero-day pat…KREBSONSECURITY.COM
12 Sep KEVGoogle Fixes Chrome Zero-Day Exploited in the WildChrome Bug Caused by Heap Buffer Overflow Issue in the WebP Image Format Google released a fix on Monday for a Chrome zero-day that allows an attacker to remotely target a vulnerable version of the browser. The bug is tracked as a heap buffer overflow in the WebP image format, wh…DATABREACHTODAY.CO.UK
12 SepMalware distributor Storm-0324 facilitates ransomware accessThe threat actor that Microsoft tracks as Storm-0324 is a financially motivated group known to gain initial access using email-based initial infection vectors and then hand off access to compromised networks to other threat actors. These handoffs frequently lead to ransomware dep…MICROSOFT.COM
12 SepData — The Lifeblood of Security and Detection EngineeringHear the discussion on data pipelining, operational assurance and monitoring the health of data sources – behind data ingestion and management of the SOC. The post Data — The Lifeblood of Security and Detection Engineering appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
12 Sep5 ways to secure external identitiesIf you stick with any movie through the end credits, you'll see not just the household names who act and direct, but the full scope of players who make a film. The scroll can seem endless: writers, CGI designers, location scouts, animal handlers, and the illustrious "best boy gri…CSOONLINE.COM
12 SepOperationalizing identity security in the public cloudAs enterprises increasingly migrate to the public cloud, identity and access management (IAM) inconsistencies across different cloud providers pose a significant hurdle. Effectively securing identities in this complex landscape has proven to be a challenge. Discussions with indus…CSOONLINE.COM
12 SepESET Research Podcast: Sextortion, digital usury and SQL brute-forceClosing intrusion vectors force cybercriminals to revisit old attack avenues, but also to look for new ways to attack their victimsWELIVESECURITY.COM
📋 SECURITY BULLETINS 1[−]
12 SepA 59-CVE Patch Tuesday with something for nearly everyoneA wide-ranging month includes four patches you may have applied in August, as well an item of particular end-user interestSOPHOS.COM
📢 SECURITY ADVISORIES 11[−]
12 SepCISA offers free security scans for public water utilitiesThe U.S. Cybersecurity & Infrastructure Security Agency (CISA) has announced it is offering free security scans for critical infrastructure facilities, such as water utilities, to help protect these crucial units from hacker attacks. [...]BLEEPINGCOMPUTER.COM
12 SepNSA, FBI, and CISA Release Cybersecurity Information Sheet on Deepfake ThreatsToday, the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and the Cybersecurity and Infrastructure Security Agency (CISA) released a Cybersecurity Information Sheet (CSI), Contextualizing Deepfake Threats to Organizations , which provides an overview o…CISA.GOV
12 SepIBM, Nvidia, Others Commit to Develop 'Trustworthy' AIWhite House Secures Eight Additional Commitments to AI Pledge Adobe, IBM, Nvidia, and five additional tech giants on Tuesday signed onto a White House-driven initiative for developing secure and trustworthy generative artificial intelligence models. The commitments, at least for …DATABREACHTODAY.CO.UK
12 SepUS Lawmakers Warned That AI Needs a 'Safety Brake'Legislative 'Blueprint' Provides Regulatory Road Map for AI As tech companies have jumped to incorporate AI in products, artificial intelligence with no human supervision runs the risk of catastrophe, warned two tech executives before a panel of U.S. senators who intend to introd…DATABREACHTODAY.CO.UK
🔥 INCIDENT REPORTING 19[−]
12 SepRansomware Attack Wipes Out Four Months of Sri Lankan Government Datasubmitted by throws_lemy to cybersecurity 2 points | 0 comments https://www.infosecurity-magazine.com/news/ransomware-sri-lanka-government/INFOSECURITY-MAGAZINE.COM
12 SepUpdate: FBI Blames North Korean Hackers for $41 Million Stake.com HeistThe incident occurred on September 4, when the Australian-Curaçaoan online platform Stake.com announced that hackers had stolen funds from its Ethereum (ETH) and Binance Smart Chain (BSC) hot wallets.SECURITYWEEK.COM
12 SepBeware of Fake Browser Updates that Install Malware on SystemsIn recent times, it’s been observed that fake malware-loaded browser updates are gaining rapid growth in the threat landscape. Rapid7 researchers recently identified a Fake Browser Update lure that tricks users into running malicious binaries, using a new loader to deploy t…GBHACKERS.COM
12 Sep'Redfly' hackers infiltrated power supplier's network for 6 monthsAn espionage threat group tracked as 'Redfly' hacked a national electricity grid organization in Asia and quietly maintained access to the breached network for six months. [...]BLEEPINGCOMPUTER.COM
12 SepRansomware Attack Wipes Out Four Months of Sri Lankan Government DataThe attack likely started on August 26, 2023, when a gov[dot]lk domain user said they had received suspicious links over the past few weeks and that someone may have clicked one.INFOSECURITY-MAGAZINE.COM
12 SepChinese Redfly Group Compromised a Nation's Critical Grid in 6-Month ShadowPad CampaignA threat actor called Redfly has been linked to a compromise of a national grid located in an unnamed Asian country for as long as six months earlier this year using a known malware referred to as ShadowPad. "The attackers managed to steal credentials and compromise multiple comp…THEHACKERNEWS.COM
12 SepSophisticated Phishing Campaign Deploying Agent Tesla, OriginBotnet, and RedLine ClipperA sophisticated phishing campaign is using a Microsoft Word document lure to distribute a trifecta of threats, namely Agent Tesla, OriginBotnet, and OriginBotnet, to gather a wide range of information from compromised Windows machines. "A phishing email delivers the Word document…THEHACKERNEWS.COM
12 SepAuthMind raises seed funding for its identity SecOps platformAuthMind, a Maryland-based startup that aims to help businesses protect themselves from identity-related cyberattacks, today announced that it has raised an $8.5 million seed round led by Ballistic Ventures, with strategic participation from IBM Ventures. The company was co-found…TECHCRUNCH.COM
12 SepCharming Kitten Introduces Sponsor BackdoorESET researchers have identified a series of cyberattacks by the Iranian Charming Kitten group using a new Sponsor backdoor. The campaign, named "Sponsoring Access," targeted 34 organizations in Brazil, Israel, and the UAE. Researchers recommend defenders promptly patch any inter…CYWARE.COM
12 SepOriginBotnet, RedLine Clipper, and AgentTesla Distributed Via Phishing EmailsA dark cloud of threats hovers over Windows users as security researchers uncovered a phishing campaign delivering Agent Tesla, OriginBotnet, and RedLine Clipper via maldocs. Attackers can extract a wide range of data from compromised systems, such as credentials, crypto wallet d…CYWARE.COM
12 SepBianLian Ransomware Gang Claims to Have Hit Save The ChildrenCybercrime crew BianLian claims to have broken into the IT systems of a top non-profit and stolen a ton of files, including what the miscreants claim is financial, health, and medical data.THEREGISTER.COM
12 SepSophisticated Phishing Campaign Deploying Agent Tesla, OriginBotnet, and RedLine ClipperA sophisticated phishing campaign is using a Microsoft Word document lure to distribute a trifecta of threats, namely Agent Tesla, OriginBotnet, and RedLine Clipper, to gather a wide range of information from compromised Windows machines.THEHACKERNEWS.COM
12 SepMicrosoft Dumps a Key, Grafana Logs a Key, URL Parsers Disagree, Old Bug in Ubuntu - ASW #254A key compromised from a crash dump (and the many, many lessons that followed), more examples of mishandling secrets, URL parsing mismatches show path traversal works well in Rust, an old Linux kernel bug shows how brittle code can be (even when it's heavily audited), an example …YOUTUBE.COM
12 SepRansomware Attacks Hit Record Level in UK, According To Neglected Official DataReported ransomware attacks on organizations in the UK reached record levels last year, when criminals compromised data on potentially over 5.3 million people from over 700 organizations, according to a dataset published by the ICO.THERECORD.MEDIA
12 SepMGM Resorts shuts down IT systems and slot machines go quiet following “cybersecurity incident”BITDEFENDER.COM
12 SepFeds Fine LA Health Plan $1.3M for 'Systemic' HIPAA Issues'Long-Standing HIPAA Deficiencies' Found in 2 Breaches Affecting Only 2,250 People Federal regulators have smacked a large California health plan with a $1.3 million fine to settle potential HIPAA violations for two relatively small breaches that affected about 2,250 individuals.…DATABREACHTODAY.CO.UK
12 SepRansomware access broker steals accounts via Microsoft Teams phishingMicrosoft says an initial access broker known for working with ransomware groups has recently switched to Microsoft Teams phishing attacks to breach corporate networks. [...]BLEEPINGCOMPUTER.COM
12 SepThe State of Security LeadershipIn this episode of CyberEd.io's podcast series "Cybersecurity Insights," Censys CEO Brad Brooks discusses the stresses a CISO experiences in trying to prevent cyberattacks and in dealing with those that do occur. Topics include breach disclosure and cybersecurity marketing to CIS…DATABREACHTODAY.CO.UK
🕵️ THREAT INTELLIGENCE 25[−]
12 SepBeware: MetaStealer Malware Targets Apple macOS in Recent AttacksA new information stealer malware called MetaStealer has set its sights on Apple macOS, making the latest in a growing list of stealer families focused on the operating system after Stealer, Pureland, Atomic Stealer, and Realst. "Threat actors are proactively targeting macOS busi…THEHACKERNEWS.COM
12 SepHacker Group Infrastructure That Uses Weaponized MS Word Docs UncoveredGamaredon, also known as Primitive Bear, Actinium, or Shuckworm, is a Russian Advanced Persistent Threat (APT) group active since at least 2013. It is a very aggressive threat group that employs prolonged attacks that are highly disguised and particularly aggressive. The gan…GBHACKERS.COM
12 SepSpies, Hackers, Informants: How China Snoops on the WestChina's cyber espionage activities, including hacking into rival nations' digital systems, pose a significant threat to the government and private sector of Western countries.SECURITYWEEK.COM
12 SepCars Have Terrible Data PrivacyA new Mozilla Foundation report concludes that cars, all of them, have terrible data privacy. All 25 car brands we researched earned our *Privacy Not Included warning label—making cars the official worst category of products for privacy that we have ever reviewed. ThereR…SCHNEIER.COM
12 SepISC Stormcast For Tuesday, September 12th, 2023 https://isc.sans.edu/podcastdetail/8654, (Tue, Sep 12th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
12 SepChina-Linked ‘Redfly’ Group Targeted Power GridSymantec warns that the Redfly APT appears to be focusing exclusively on targeting critical national infrastructure organizations. The post China-Linked ‘Redfly’ Group Targeted Power Grid appeared first on SecurityWeek .SECURITYWEEK.COM
12 SepFinding Your Way in Cloud SecurityThe next time you see CNAPP, CASB, WAAS, CSPM or many of the other phrases, it will be helpful to take a deep breath and realize enterprise security has never been a binary one or zero. The post Finding Your Way in Cloud Security appeared first on SecurityWeek .SECURITYWEEK.COM
12 SepCleafy Raises €10 Million for Online Banking Fraud Prevention PlatformReal-time online banking fraud prevention firm Cleafy has raised €10 million ($10.7 million) in a funding round led by United Ventures. The post Cleafy Raises €10 Million for Online Banking Fraud Prevention Platform appeared first on SecurityWeek .SECURITYWEEK.COM
12 SepCourt Convicts Portuguese Hacker in Football Leaks Trial and Gives Him a 4-Year Suspended SentencePortuguese hacker behind “Football Leaks” convicted by a Lisbon court of nine crimes and given a suspended prison sentence of four years. The post Court Convicts Portuguese Hacker in Football Leaks Trial and Gives Him a 4-Year Suspended Sentence appeared first on SecurityWeek .SECURITYWEEK.COM
12 SepDFIR Company Binalyze Raises $19 Million in Series A FundingEstonian DFIR company Binalyze has raised $19 million in a Series A funding round to grow and improve its product. The post DFIR Company Binalyze Raises $19 Million in Series A Funding appeared first on SecurityWeek .SECURITYWEEK.COM
12 SepCybercriminals Selling "Golden Tickets" to Phish Microsoft 365... $500,000 in Sales in 10 MonthsIn the movie, "Willy Wonka and the Chocolate Factory," kids unwrap chocolate bars in hopes of winning a golden ticket, giving the holder an inside tour of the sugar factory. The W3LL store is selling advanced phishing kits – a golden ticket for hacking Microsoft 365 accounts -- t…KNOWBE4.COM
12 SepPhishing Scammers are Using Artificial Intelligence To Create Perfect EmailsPhishing attacks have always been detected through broken English, but now generative artificial intelligence (AI) tools are eliminating all those red flags. OpenAI ChatGPT, for instance, can fix spelling mistakes, odd grammar, and other errors that are common in phishing emails.KNOWBE4.COM
12 SepCharming Kitten's New Backdoor 'Sponsor' Targets Brazil, Israel, and the UAEESET is tracking the cluster under the name Ballistic Bobcat. Victimology patterns suggest that the group primarily singles out education, government, and healthcare organizations, as well as human rights activists and journalists.THEHACKERNEWS.COM
12 SepTop 10 SaaS Security Checklist in 2023Software as a Service (SaaS) security refers to the measures and practices employed to protect SaaS solutions’ data, applications, and infrastructure. SaaS is a cloud computing model where software applications are hosted and delivered over the internet, rather than install…GBHACKERS.COM
12 SepAfter Microsoft and X, Hackers Launch DDoS Attack on TelegramThe hacker group Anonymous Sudan has launched a distributed denial-of-service (DDoS) attack against Telegram in retaliation to the messaging platform’s decision to suspend their primary account, threat intelligence firm SOCRadar reports.SECURITYWEEK.COM
12 SepVector Embeddings – Antidote to Psychotic LLMs and a Cure for Alert Fatigue?Vector embeddings – data stored in a vector database – can be used to minimize hallucinations from a GPT-style large language model AI system (such as ChatGPT) and perform automated triaging on anomaly alerts. The post Vector Embeddings – Antidote to Psychotic LLMs and a Cure for…SECURITYWEEK.COM
12 SepIranian Cyberspies Deployed New Backdoor to 34 OrganizationsIran-linked cyberespionage group Charming Kitten has infected at least 34 victims in Brazil, Israel, and UAE with a new backdoor. The post Iranian Cyberspies Deployed New Backdoor to 34 Organizations appeared first on SecurityWeek .SECURITYWEEK.COM
12 SepCollective Defense: The Importance of Partnerships in Cybersecurity - Jamil Farshchi - CSP 139With cybersecurity emerging as a board-level agenda item, collaboration is becoming increasingly high-stakes and multifaceted. Join us as we examine the opportunities and potential pitfalls of this new era, as well as the skills needed. This segment is sponsored by Google Chrome …YOUTUBE.COM
12 SepThousands of Code Packages Vulnerable to Repojacking AttacksDespite GitHub’s efforts to prevent repository hijacking, cybersecurity researchers continue finding new attack methods, and thousands of code packages and millions of users could be at risk. Repojacking is a repository hijacking method that involves renamed GitHub usernames. If …SECURITYWEEK.COM
12 SepNew Sponsor Malware Attacking Government & Healthcare OrganizationsThe Ballistic Bobcat is an Iran-aligned APT group, and initially, about two years ago, cybersecurity researchers at ESET tracked this threat group. Here below, we have mentioned all the other names of the Ballistic Bobcat APT group:- Recently, cybersecurity analysts at ESET found…GBHACKERS.COM
12 SepMopria, Cisco, Seimens , Word, DarkGate, AP Stylebook, More News, and Jason Wood - SWN #324Mopria, Cisco, Seimens and Schneider, Word, AP Stylebook, DarkGate, GitHub, Chrome, More News, and Jason Wood on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-324YOUTUBE.COM
12 SepIntel Capital Bets on Zenity for Low-Code/No-Code SecurityIsraeli security startup Zenity banks $16.5 million in new venture capital funding to work on ‘low-code/no-code’ security technology. The post Intel Capital Bets on Zenity for Low-Code/No-Code Security appeared first on SecurityWeek .SECURITYWEEK.COM
12 Sep3.5 TB of data stolen from Datadvance: NDAs, scripts, and contracts leakedsubmitted by L4s to secops 1 points | 0 comments https://deform.co/3-5-tb-of-data-stolen-from-datadvance-ndas-scripts-contracts-leaked/ 3.5 TB of data stolen from Datadvance: NDAs, scripts, and contracts leaked::Today, the telegram channel of the infamous darknet forum reported t…DEFORM.CO
🌐 CYBER THREAT LANDSCAPE 6[−]
12 SepChina Unleashes AI-Powered Image Generation For Influence OperationsIn particular, China-affiliated actors are employing AI-generated media to target politically divisive topics such as gun violence and disparaging US political figures and symbols.INFOSECURITY-MAGAZINE.COM
12 Sep7 Steps to Kickstart Your SaaS Security ProgramSaaS applications are the backbone of modern businesses, constituting a staggering 70% of total software usage. Applications like Box, Google Workplace, and Microsoft 365 are integral to daily operations. This widespread adoption has transformed them into potential breeding groun…THEHACKERNEWS.COM
12 SepWhite House mulls rating system to boost cybersecurity for critical infrastructureAt a recent summit, Anne Neuberger, deputy national security advisor for cyber and emerging technology, raised the possibility of a letter-grade rating that would hold key providers accountable for maintaining a certain level of cyber resilience.CYBERSECURITYDIVE.COM
12 SepNew Family of Obfuscated Go Info-stealers 'MetaStealer' Spread in Targeted AttacksUnlike other recent macOS malware, MetaStealer relies on social engineering tactics to persuade victims to launch malicious payloads, often disguised as legitimate files or software.SENTINELONE.COM
12 SepFree Download Manager site redirected Linux users to malware for yearsA reported Free Download Manager supply chain attack redirected Linux users to a malicious Debian package repository that installed information-stealing malware. [...]BLEEPINGCOMPUTER.COM
12 SepNew 'MetaStealer' malware targets Intel-based macOS systemsA new information stealer malware named 'MetaStealer' has appeared in the wild, stealing a wide variety of sensitive information from Intel-based macOS computers. [...]BLEEPINGCOMPUTER.COM
📡 INFOSEC NEWS 23[−]
12 SepAzure vs. AWS Developer Tools GuideAzure vs. AWS — which should you use for your DevOps environment? Discover the differences, similarities, and use cases to make an informed decision.TRENDMICRO.COM
12 SepEmail Forwarding Flaws Enable Attackers to Impersonate High-Profile DomainsSending an email with a forged address is easier than previously thought, due to flaws in the process that allows email forwarding, according to a research team led by computer scientists at the University of California San Diego.HELPNETSECURITY.COM
12 SepNew Quantum Random Number Generator Could Revolutionize EncryptionDigital information exchange can be safer, cheaper and more environmentally friendly with the help of a new type of random number generator for encryption developed at Linköping University.HELPNETSECURITY.COM
12 SepHow to manage subscription costs | Kaspersky official blogSubsCrab: A handy way to keep track of subscriptions and keep costs down.KASPERSKY.COM
12 SepPowerful Ethnic Militia in Myanmar Repatriates 1,200 Chinese Suspected of Involvement in CybercrimeOne of Myanmar’s biggest and most powerful ethnic minority militias has arrested and repatriated more than 1,200 Chinese nationals allegedly involved in criminal online scam operations, an official of the group said Saturday.SECURITYWEEK.COM
12 SepLive Webinar | Homegrown Security & Innovation: 4 Processes For Security to FlourishDATABREACHTODAY.CO.UK
12 SepLive Webinar | From Data to Disclosure: Decoding Cyber Risk Reporting for the SEC and BoardDATABREACHTODAY.CO.UK
12 SepGoogle Rolls Out Privacy Sandbox to Use Chrome Browsing History for AdsGoogle has started to roll out its new interest-based advertising platform called the Privacy Sandbox, shifting the tracking of user's interests from third-party cookies to the Chrome browser.BLEEPINGCOMPUTER.COM
12 SepVietnamese Hackers Deploy Python-Based Stealer via Facebook MessengerA new phishing attack is leveraging Facebook Messenger to propagate messages with malicious attachments from a "swarm of fake and hijacked personal accounts" with the ultimate goal of taking over the targets' accounts.THEHACKERNEWS.COM
12 SepUK Data Protection Regulator to Investigate Fertility App Security ConcernsThe regulator claimed that over half of women responding to a recent poll said that transparency over how their data is used (59%) and data security (57%) are bigger concerns when choosing an app than cost (55%) and ease of use (55%).INFOSECURITY-MAGAZINE.COM
12 SepHiddenLayer raises $50M for its AI-defending cybersecurity toolsHiddenLayer, a security startup focused on protecting AI systems from adversarial attacks, today announced that it raised $50 million in a funding round co-led by M12 and Moore Strategic Ventures with participation from Booz Allen Hamilton, IBM, Capital One and TenEleven. Bringin…TECHCRUNCH.COM
12 SepG2 Names Sophos a Leader for Endpoint Protection, EDR, XDR, Firewall, and MDRSophos is the only vendor rated a Leader across all five cybersecurity categories in G2’s Fall 2023 reports (September 2023)SOPHOS.COM
12 SepWhy Network Visibility Doesn’t Have to be so ComplicatedSmart devices offer numerous benefits to both homes and small businesses, but they also pose unique security risks that can fly under the radar. Learn from Firewalla on how consumers and small business owners can effectively secure their smart homes and workplaces with the help o…BLEEPINGCOMPUTER.COM
12 SepZenity strives to keep no code/low code apps secureSo many companies are using low code and no code tools these days to create apps and workflows. These tools are by design likely in the hands of non-technical end users, but the problem is that these folks might not know about basic rules around security and governance. Zenity, a…TECHCRUNCH.COM
12 SepCleafy Raises $10.7 Million for Online Banking Fraud Prevention PlatformOnline banking fraud detection and prevention firm Cleafy today announced that it has raised €10 million ($10.7 million) in its first funding round, which was led by United Ventures.SECURITYWEEK.COM
12 SepManaging Cyber Risk for CISOs Under PressureOverworked CISOs are struggling to deliver the cybersecurity results their organizations expect. Fortunately, there are concrete and practical ways they can make their lives easier—while managing cyber risk effectively.TRENDMICRO.COM
12 SepDFIR Company Binalyze Raises $19 Million in Series A FundingThe new funding round, which brings the total raised by Binalyze to $30.5 million, was led by Molten Ventures, with participation from Earlybird Digital East, OpenOcean, Cisco Investments, Citi Ventures, and Deutsche Bank Corporate Venture Capital.SECURITYWEEK.COM
12 SepWindows 11 KB5030219 cumulative update released with 24 fixes, changesMicrosoft has released the Windows 11 22H2 KB5030219 cumulative update to fix security vulnerabilities and introduce 24 changes, improvements, and bug fixes. [...]BLEEPINGCOMPUTER.COM
12 SepWindows 10 KB5030211 update released with 11 improvementsMicrosoft has released Windows 10 KB5030211 and KB5030214 cumulative updates for versions 22H2, 21H2, and 1809 to fix problems with the operating system. [...]BLEEPINGCOMPUTER.COM