🐛 COMMON VULNERABILITIES AND EXPOSURES 10[−]
20 Sep KEVTrend Micro Releases Urgent Fix for Actively Exploited Critical Security VulnerabilityCybersecurity company Trend Micro has released patches and hotfixes to address a critical security flaw in Apex One and Worry-Free Business Security solutions for Windows that has been actively exploited in real-world attacks. Tracked as CVE-2023-41179 (CVSS score: 9.1), it relat…THEHACKERNEWS.COM
20 SepKubernetes Vulnerability Allows RCE on Windows Endpoints (CVE-2023-3676)Three high-severity Kubernetes vulnerabilities (CVE-2023-3676, CVE-2023-3893, CVE-2023-3955) could allow attackers to execute code remotely and gain control over all Windows nodes in the Kubernetes cluster.HELPNETSECURITY.COM
20 SepAttacks on 5G Infrastructure From Users’ DevicesCrafted packets from cellular devices such as mobile phones can exploit faulty state machines in the 5G core to attack cellular infrastructure. Smart devices that critical industries such as defense, utilities, and the medical sectors use for their daily operations depend on the …TRENDMICRO.COM
20 SepGitLab Releases Urgent Security Patches for Critical VulnerabilityGitLab has shipped security patches to resolve a critical flaw that allows an attacker to run pipelines as another user. The issue, tracked as CVE-2023-5009 (CVSS score: 9.6), impacts all versions of GitLab Enterprise Edition (EE) starting from 13.12 and prior to 16.2.7 as well a…THEHACKERNEWS.COM
20 SepGitLab Releases Urgent Security Patches for Critical VulnerabilityThe issue, tracked as CVE-2023-5009 (CVSS score: 9.6), impacts all versions of GitLab Enterprise Edition (EE) starting from 13.12 and prior to 16.2.7 as well as from 16.3 and before 16.3.4.THEHACKERNEWS.COM
20 SepOver 80% of Juniper Firewalls Vulnerable to Unauthenticated Code ExecutionAt the end of August 2023, Juniper Networks released a security advisory mentioning the CVE-2023-36845 vulnerability affecting SRX and EX series firewalls. The vulnerability was categorized as a Medium (5.3) severity vulnerability. Following this, security researchers at wa…GBHACKERS.COM
20 SepFortinet FortiOS Flaw Let Attacker Execute Malicious JavaScript CodeRecent reports indicate that Fortinet FortiOS has been discovered with Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF) vulnerabilities, which threat actors can use for malicious purposes. These vulnerabilities have been given the CVE IDs CVE-2023-29183 and CVE-20…GBHACKERS.COM
20 SepCritical Security Flaws Exposed in Nagios XI Network Monitoring SoftwareMultiple security flaws have been disclosed in the Nagios XI network monitoring software that could result in privilege escalation and information disclosure. The four security vulnerabilities, tracked from CVE-2023-40931 through CVE-2023-40934, impact Nagios XI versions 5.11.1 a…THEHACKERNEWS.COM
20 SepNagios Monitoring Tool Vulnerabilities Let Attackers SQL QueriesNagios XI is a prominent and frequently used commercial monitoring system for IT infrastructure and network monitoring. Vulnerability Research Engineer Astrid Tedenbrant found four distinct vulnerabilities in Nagios XI (version 5.11.1 and below) while conducting routine res…GBHACKERS.COM
20 SepCritical Security Flaws Exposed in Nagios XI Network Monitoring SoftwareThe four security vulnerabilities, tracked as CVE-2023-40931 through CVE-2023-40934, impact Nagios XI versions 5.11.1 and lower. Following disclosure on August 4, They have been patched as of September 11, with the release of version 5.11.2.THEHACKERNEWS.COM
⚠️ VULNERABILITY DISCLOSURE 27[−]
20 SepMarvell disputes claim Cavium backdoored its chipssubmitted by c0mmando to netsec 1 points | 0 comments https://go.theregister.com/feed/www.theregister.com/2023/09/19/marvell_disputes_claim_that_cavium/ Cavium, a maker of semiconductors acquired in 2018 by Marvell, was allegedly identified in documents leaked in 2013 by Edward S…GO.THEREGISTER.COM
20 SepChinese APT Earth Lusca Adds SprySOCKs Backdoor to its ArsenalWhile monitoring a campaign by Earth Lusca, researchers stumbled across a Linux malware variant derived from the open-source Windows backdoor Trochilus. Named SprySOCKS, the malware is gaining traction for its agility and SOCKS implementation. The group is infamous for targe…CYWARE.COM
20 SepAMBERSQUID: Novel Cryptojacking Attack Leverages AWS ServicesCryptojacking is a malicious cyberattack in which an attacker stealthily utilizes a victim’s computer or device to mine cryptocurrencies such as Bitcoin or Monero without the victim’s knowledge or agreement. This usually entails infecting the victim’s PC with ma…GBHACKERS.COM
20 Sep4 steps for purple team successWith the threat landscape evolving faster than most can respond, understanding and embracing approaches such as purple teaming is becoming paramount. It goes beyond the mere cataloging of vulnerabilities, transcending traditional pen testing methods. By intertwining the best of b…CSOONLINE.COM
20 SepCyber Security Today, Sept. 20, 2023 - A new online card-skimming campaign, new WinServer backdoors and moreThis episode reports on the possiblity that thousands of internet-facing Juniper SRX firewalls and EX switches may be at risk from a new way to exploit a recently discovered vulnerability, and moreCYBERSECURITYTODAY.LIBSYN.COM
20 Sep KEVTrend Micro Releases Urgent Fix for Actively Exploited Critical Security VulnerabilityCybersecurity company Trend Micro has released patches and hotfixes to address a critical security flaw in Apex One and Worry-Free Business Security solutions for Windows that has been actively exploited in real-world attacks.THEHACKERNEWS.COM
20 SepRegulatory Activity Forces Compliance Leaders To Spend More on Grc ToolsWithout effective self-discovery, companies risk being subject to criminal prosecution, and officers and directors may be subject to shareholder derivative litigation for failing to fulfill their duty of oversight.HELPNETSECURITY.COM
20 SepDo You Really Trust Your Web Application Supply Chain?Well, you shouldn’t. It may already be hiding vulnerabilities. It's the modular nature of modern web applications that has made them so effective. They can call on dozens of third-party web components, JS frameworks, and open-source tools to deliver all the different functionalit…THEHACKERNEWS.COM
20 SepOn the Cybersecurity Jobs ShortageIn April, Cybersecurity Ventures reported on extreme cybersecurity job shortage: Global cybersecurity job vacancies grew by 350 percent, from one million openings in 2013 to 3.5 million in 2021, according to Cybersecurity Ventures . The number of unfilled jobs leveled off in 2022…SCHNEIER.COM
20 SepOnline Safety Bill passes final parliament debate, set to become UK lawThe Online Safety Bill has passed its final UK parliamentary debate and is now ready to become law. Despite widespread criticism and scrutiny from security and privacy leaders, as well as several amendments, this major milestone means the UK government is within touching distance…CSOONLINE.COM
20 SepNew Silent Skimmer Campaign Hits Payment Firms in APAC and NALA RegionsBlackBerry has uncovered a financially motivated campaign named Silent Skimmer, which targets vulnerable online payment businesses in the APAC and NALA regions. The attacker gains initial access by exploiting web server vulnerabilities and then deploys payment scraping mechanisms…CYWARE.COM
20 SepAtos Unify Vulnerabilities Could Allow Hackers to Backdoor SystemsAtos Unify product vulnerabilities could be exploited to cause disruption and reconfigure or backdoor the targeted system. The post Atos Unify Vulnerabilities Could Allow Hackers to Backdoor Systems appeared first on SecurityWeek .SECURITYWEEK.COM
20 SepGitLab Patches Critical Pipeline Execution VulnerabilityGitLab has released security updates to address a critical-severity vulnerability allowing an attacker to run pipelines as another user. The post GitLab Patches Critical Pipeline Execution Vulnerability appeared first on SecurityWeek .SECURITYWEEK.COM
20 SepSkyhawk Security ranks accuracy of LLM cyberthreat predictionsCloud security vendor Skyhawk has unveiled a new benchmark for evaluating the ability of generative AI large language models (LLMs) to identify and score cybersecurity threats within cloud logs and telemetries. The free resource analyzes the performance of ChatGPT, Google BARD, A…CSOONLINE.COM
20 SepFinnish Authorities Dismantle Notorious PIILOPUOTI Dark Web Drug MarketplaceFinnish law enforcement authorities have announced the takedown of PIILOPUOTI, a dark web marketplace that specialized in illegal narcotics trade since May 2022. "The site operated as a hidden service in the encrypted TOR network," the Finnish Customs (aka Tulli) said in a brief …THEHACKERNEWS.COM
20 SepFBI and CISA Release Advisory on Snatch RansomwareToday, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) released joint Cybersecurity Advisory (CSA) #StopRansomware: Snatch Ransomware , which provides indicators of compromise (IOCs) and tactics, techniques, and procedures…CISA.GOV
20 SepCrowdStrike to Buy AppSec Startup Bionic for Reported $350MCrowdStrike plans to purchase a Silicon Valley application security startup founded by two Israel Defense Forces veterans in a bid to expand risk visibility and protection across entire cloud computing environments.BANKINFOSECURITY.COM
20 SepFake WinRAR proof-of-concept exploit drops VenomRAT malwareA hacker is spreading a fake proof-of-concept (PoC) exploit for a recently fixed WinRAR vulnerability on GitHub, attempting to infect downloaders with the VenomRAT malware. [...]BLEEPINGCOMPUTER.COM
20 SepTor-Based Drug Marketplace Piilopuoti Shut Down by Law EnforcementFinnish authorities have seized the drugs marketplace Piilopuoti, which has been operating on the Tor network since May 2022. The post Tor-Based Drug Marketplace Piilopuoti Shut Down by Law Enforcement appeared first on SecurityWeek .SECURITYWEEK.COM
20 Sep KEVVenafi taps generative AI to streamline machine identity managementAs security professionals struggle with an overwhelming amount of machine identities owing to the shift to virtualization, Venafi is turning to generative AI to help them solve machine identity management problems faster and easier, via a natural language interface and automated …CSOONLINE.COM
20 SepUS cyber insurance claims spike amid ransomware, funds transfer fraud, BEC attacksThe frequency and severity of cyber insurance claims rose for businesses in the first half of 2023 amid ransomware, funds transfer fraud (FTF), and business email compromise (BEC) attacks. That's according to Coalition's 2023 Cyber Claims Report: Mid-year Update , which aggerates…CSOONLINE.COM
20 SepRCE in Tutanota Desktop: How a single email could compromise your machinesubmitted by L4s to secops 1 points | 0 comments https://www.sonarsource.com/blog/remote-code-execution-in-tutanota-desktop-due-to-code-flaw/ RCE in Tutanota Desktop: How a single email could compromise your machine::Our Research team discovered critical code vulnerabilities in P…SONARSOURCE.COM
20 SepInsider risks are getting increasingly costlyThe potential monetary losses from security incidents caused by insider activity -- purposeful or accidental -- is sharply on the rise, as businesses continue to misunderstand the threat they pose. According to a report released today by AI-based risk management technology provid…CSOONLINE.COM
20 SepFeds Warn Health Sector of Lazarus Group AttacksHHS: North Korean-Sponsored Group Is Exploiting Critical Zoho ManageEngine Flaw Federal authorities are warning of "significant risk" for potential attacks on healthcare and public health sector entities by the North Korean state-sponsored Lazarus Group involving exploitation of …DATABREACHTODAY.CO.UK
20 SepNews alert: Omdia finds risk-based vulnerability management set to encompass the VM marketLONDON, Sept. 18, 2023 – The first comparative research into the evolution of the vulnerability management market authored by Omdia has found risk-based vulnerability management (RVBM) is set to encompass the entire vulnerability management market by 2027. Omdia’s comprehensive m…LASTWATCHDOG.COM
20 SepMicrosoft 365 Defender demonstrates 100 percent protection coverage in the 2023 MITRE Engenuity ATT&CK® Evaluations: EnterpriseFor the fifth consecutive year, Microsoft 365 Defender demonstrated leading extended detection and response (XDR) capabilities in the independent MITRE Engenuity ATT&CK® Evaluations: Enterprise. The attack used during the test highlights the importance of a unified XDR plat…MICROSOFT.COM
📢 SECURITY ADVISORIES 12[−]
20 SepUK Minister Warns Meta Over End-to-End EncryptionBritain's interior minister warned Meta that out end-to-end encryption on its platforms must "not to come at a cost to our children's safety". The post UK Minister Warns Meta Over End-to-End Encryption appeared first on SecurityWeek .SECURITYWEEK.COM
20 SepHackers Are Using AI For Cyberattacks. How Can We Stop Them?The use of AI has greatly increased over the past few months, with programs like ChatGPT and Bing AI making the technology freely available to all. It has been used to create beautiful works of art and poetry and for more sinister purposes. Cybersecurity experts must be aware of …GBHACKERS.COM
20 SepAlcion, Which Provides Backup and Security Services to Enterprises, Raises $21MAlcion's platform offers backup-as-a-service, disaster recovery, anti-ransomware, anti-malware, and compliance tools for businesses with cloud-based workloads in Microsoft 365.TECHCRUNCH.COM
20 SepCISA, NFL, and Local Partners Conduct Cybersecurity Exercise in Preparation for Super Bowl LVIIICISA.GOV
20 SepIntel Trust Authority attestation services now in general availabilityIntel has announced the general availability of its first Trust Authority attestation services. The services are the result of the company's Project Amber initiative announced last year, and they are designed to support confidential computing deployments. Attestation services are…CSOONLINE.COM
20 SepDon't Let AI Frenzy Lead to Overlooking Security RisksSuccessful AI Implementation Requires a Secure Foundation, Attention to Regulations The private sector's frenzy to incorporate generative AI into products is leading companies to overlook basic security practices, a Google executive warned Tuesday. "Most people are still struggli…DATABREACHTODAY.CO.UK
20 SepUK Parliament Approves Online Safety BillCabinet Ministers Call on Facebook to Stop Rollout of Encrypted Messaging A day after the British Parliament approved a bill intended to eradicate child abuse content, cabinet officials called on social media giant Meta to halt a rollout of end-to-end encryption. Meta hasn't prov…DATABREACHTODAY.CO.UK
🔥 INCIDENT REPORTING 22[−]
20 SepBlackCat Ransomware Leveraging Remote Monitoring Tools to Encrypt Azure StorageBlackCat Ransomware variant Sphynx has been newly identified with additional features used for encrypting Azure Storage accounts. This Sphynx variant of BlackCat was first discovered in March and was upgraded in May, which added the Exmatter exfiltration tool. Another version of …GBHACKERS.COM
20 SepdBforums - 363,468 breached accountsIn July 2016, a data breach of the now defunct database forum "dBforums" appeared for sale alongside several others hacked from the parent company, Penton . The breach of the vBulletin based forum contained 363k unique email addresses alongside usernames, IP addresses, …HAVEIBEENPWNED.COM
20 SepAzure Storage Compromised in Latest BlackCat Ransomware AttackThe BlackCat ransomware group has been found using stolen Microsoft accounts and the Sphynx encryptor to encrypt Azure cloud storage. They gained access to a victim's Sophos Central account and encrypted their systems and Azure storage. Closely monitor and patch vulnerabilities i…CYWARE.COM
20 SepWhat a mess! Clorox warns of “material impact” to its financial results following cyberattackClorox, the household cleaning product manufacturer, has admitted that its financial results for the first quarter could see a "material impact" after hackers attacked its systems. Read more in my article on the Hot for Security blog.BITDEFENDER.COM
20 SepAraújo e Policastro Advogados Breach Claimed by 8BASE Ransomware GroupThe threat actors have boldly announced their intention to publish the compromised data on September 25, 2023. The Twitter handle @8BASEHOME, known as Birdy, took responsibility for the data breach.THECYBEREXPRESS.COM
20 SepFresh Wave of Malicious npm Packages Threaten Kubernetes Configs and SSH KeysCybersecurity researchers have discovered a fresh batch of malicious packages in the npm package registry that are designed to exfiltrate Kubernetes configurations and SSH keys from compromised machines to a remote server. Sonatype said it has discovered 14 different npm packages…THEHACKERNEWS.COM
20 SepSEC Cyber Disclosure Rules: What’s the Role of the CIO?The Securities and Exchange Commission introduced new requirements for disclosing material cybersecurity incidents on September 5, placing pressure on organizations to adopt robust reporting mechanisms.CYBERSECURITYDIVE.COM
20 SepHackers Targeted International Criminal Court’s Systems Last WeekAt present, there is no available information regarding the extent of the cyberattack's nature and impact on the ICC's systems or whether the perpetrators managed to access or exfiltrate any data or files from its network.BLEEPINGCOMPUTER.COM
20 SepData Breach Costs Rise, But Cybersecurity Pros Still Take RisksThe latest data from IBM shows that the average cost of a data breach has gone up by 2% to a whopping $4.45 million. You would think that in the cybersecurity industry, people would be all about safety and security, right? I mean, it's literally in the name.KNOWBE4.COM
20 SepCyberattack on Kansas Town Affects Email, Phone, Payment SystemsThe city’s incident response team “took proactive measures to protect city data and network systems” while also hiring forensic experts to “ fully understand the extent and implications” of the attack.THERECORD.MEDIA
20 SepMalicious NPM Packages Caught Exfiltrating Kubernetes Config, SSH KeysThe malicious software packages impersonate legitimate JavaScript libraries and components, but upon installation, they run obfuscated code to collect and siphon sensitive files.SONATYPE.COM
20 SepDHS Publishes New Recommendations on Cyber Incident ReportingDHS has published a new set of recommendations to help federal agencies better report cyber incidents and protect critical infrastructure. The post DHS Publishes New Recommendations on Cyber Incident Reporting appeared first on SecurityWeek .SECURITYWEEK.COM
20 SepDHS: Ransomware attackers headed for second most profitable yearRansomware attackers remain a major threat to the United States and are on pace to have their second most profitable year ever, the Department of Homeland Security said in an annual report.THERECORD.MEDIA
20 SepData Breach at Pizza Hut Australia Exposes Customer Information and Order DetailsIn an email to customers on Wednesday, Pizza Hut Australia’s chief executive, Phil Reed, said the company became aware in early September that there had been “unauthorised third party” access to some of the company’s data.THEGUARDIAN.COM
20 SepExpensive Investigations Drive Surging Data Breach CostsData breaches and their investigations are becoming extremely costly for the enterprise. Learn from Outpost24 below about what your business can do to reduce these costs. [...]BLEEPINGCOMPUTER.COM
20 SepBumblebee Malware Abuses WebDAV Protocol to Attack OrganizationsIn recent cybersecurity news, the notorious Bumblebee loader has made a resurgence in a new campaign, posing a significant threat to organizations’ digital security. This loader, often used as a stepping stone for ransomware attacks, had taken a pause but reemerged wi…GBHACKERS.COM
20 SepDonald Trump Jr. X account was hacked, spokesperson confirmsDonald Trump Jr.’s account on X (formerly Twitter) was hacked on Wednesday morning. The account published a post that falsely claimed that his father, former president Donald Trump, had passed away. “I’m sad to announce, my father Donald Trump has passed away,…TECHCRUNCH.COM
20 SepISMG Editors: London Summit - AI Tech and Incident ResponseAlso: The CISO's Role in AI Rollouts; Responding to Ransomware; Liability Concerns This week, ISMG editors covered the hot topics at ISMG's London Cybersecurity Summit 2023, including the technical landscape of AI, executive liability, incident response strategies in the face of …DATABREACHTODAY.CO.UK
20 SepTransUnion denies it was hacked, links leaked data to 3rd partyCredit reporting firm TransUnion has denied claims of a security breach after a threat actor known as USDoD leaked data allegedly stolen from the company's network. [...]BLEEPINGCOMPUTER.COM
20 SepTransatlantic Cable podcast, episode 316 | Kaspersky official blogEpisode 316 of the Kaspersky podcast looks at the recent Microsoft data breach, Casino ransomware attacks and a hacker that’s trolling the FBI.KASPERSKY.COM
🕵️ THREAT INTELLIGENCE 19[−]
20 SepISC Stormcast For Wednesday, September 20th, 2023 https://isc.sans.edu/podcastdetail/8666, (Wed, Sep 20th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
20 SepHackers Deployed never-before-seen Linux Malware Attacking Government EntitiesRecent reports indicate that threat actors have been using a new type of Linux-targeted backdoor that has never been seen before. This new backdoor has been named SprySOCKS, which uses the strings of Trochilus (Windows backdoor) and the new Socket Secure (SOCKS). However, this th…GBHACKERS.COM
20 SepSASE Firm Cato Networks Raises $238 Million at $3 Billion ValuationSASE company Cato Networks has raised $238 million in equity investment, bringing total funding to $773 million. The post SASE Firm Cato Networks Raises $238 Million at $3 Billion Valuation appeared first on SecurityWeek .SECURITYWEEK.COM
20 SepHackers Attacking Telecoms Servers With HTTPSnoop MalwareIn 2022, state-sponsored actors and advanced adversaries consistently targeted telecoms globally, making it a top sector in Talos IR cases. Telecom firms with critical infrastructure assets are prime targets due to their role in national networks and as potential gateways for adv…GBHACKERS.COM
20 SepCalifornia Law Restricting Companies’ Use of Information From Kids Online Is Halted by Federal JudgeA federal judge has halted implementation of a California data collection law intended to protect the privacy of minors The post California Law Restricting Companies’ Use of Information From Kids Online Is Halted by Federal Judge appeared first on SecurityWeek .SECURITYWEEK.COM
20 SepHow IBM secures the U.S. OpenMore than 15 million tennis fans around the world visited the US Open app and website this year, checking scores, poring over statistics and watching highlights from hundreds of matches over the two weeks of the tournament. To help develop this world-class digital experience, IBM…SECURITYINTELLIGENCE.COM
20 SepWhat are You Working on Wednesdaysubmitted by shellsharks to cybersecurity 2 points | 1 comments Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.INFOSEC.PUB
20 SepTikTok Impersonations of Elon Musk Scam Victims of Their BitcoinThere’s been a surge of Elon Musk-themed cryptocurrency scams on TikTok, BleepingComputer reports. The scammers inform the victims that they can claim their reward after spending a small amount of bitcoin (about $132) to activate their account.KNOWBE4.COM
20 SepStaying on Topic in an Off Topic WorldLearning how to keep discussions on-topic is an important skill for security professionals to learn, and it can allow them to continue to improve their security programs. The post Staying on Topic in an Off Topic World appeared first on SecurityWeek .SECURITYWEEK.COM
20 SepDiscern Security Emerges From Stealth Mode With $3 Million in FundingPolicy management cybersecurity startup Discern Security on Tuesday emerged from stealth mode with $3 million in funding. The post Discern Security Emerges From Stealth Mode With $3 Million in Funding appeared first on SecurityWeek .SECURITYWEEK.COM
20 SepChina Accuses the US of Hacking Huawei Servers Since 2009Huawei is known for its telecommunications equipment and consumer electronics, including smartphones, and the USA banned Huawei primarily due to national security concerns. As the Chinese government may utilize Huawei’s technology for spying, the U.S. government claimed tha…GBHACKERS.COM
20 SepIntel Launches New Attestation Service as Part of Trust Authority PortfolioIntel announces general availability of attestation service that is part of Trust Authority, a new portfolio of security software and services. The post Intel Launches New Attestation Service as Part of Trust Authority Portfolio appeared first on SecurityWeek .SECURITYWEEK.COM
20 SepBlack Hat Fireside Chat: Flexxon introduces hardened SSD drives as a last line defenseCreating ever smarter security software to defend embattled company networks pretty much sums up the cybersecurity industry. Related: The security role of semiconductors Cutting against the grain, Flexxon , a Singapore-based supplier of NAND memory drives and storage devices, arr…LASTWATCHDOG.COM
20 SepFinancially Motivated Hacks by Chinese-Speaking Actors SurgeThese Hackers May Equal or Surpass Threat Posed by Russian Hackers, Researchers Say Chinese-speaking hackers associated with criminal activity have redoubled efforts to target compatriots with malware to remotely control victim computers, pointing to a worrying surge in financial…DATABREACHTODAY.CO.UK
20 SepScam-as-a-Service Classiscam Expands Impersonation in Attacks to Include Over 250 BrandsNow entering its third year in business, the phishing platform, Classicam, represents the highest evolution of an “as a service” cybercrime, aiding more than 1000 attack groups worldwide.KNOWBE4.COM
20 SepUSPS Customers Become the Latest Target of the Chinese Smishing Group Called “Smishing Triad”A new SMS-based phishing attack uses a smishing kit-as-a-service to impersonate the U.S. Postal Service.KNOWBE4.COM
20 SepTighter Policies Mixed with Higher Costs Are Creating a Cyber Insurance GapNew data on the state of cyber insurance shows that it’s becoming more difficult to get a policy, and the organizations obtaining one share that circumstances could cause denial of claims.KNOWBE4.COM
20 SepWatchGuard Buys CyGlass to Bring NDR to Midmarket CustomersM&A Gives WatchGuard Clients More Visibility Into East-West Traffic, Cloud Activity WatchGuard purchased a Massachusetts company to extend network detection and response capabilities traditionally reserved for high-end enterprises to the midmarket through MSPs. The deal gives…DATABREACHTODAY.CO.UK
20 SepONLY Cortex Delivers 100% Protection and Detection in MITRE EngenuityMITRE Engenuity ATT&CK Evaluations have been released. This year, Cortex is the only vendor with 100% prevention and analytic detection. The post ONLY Cortex Delivers 100% Protection and Detection in MITRE Engenuity appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
🌐 CYBER THREAT LANDSCAPE 7[−]
20 SepFBI Director Urges Private Sector to Work With the Agency on Cyber ThreatsAt the annual mWISE 2023 conference on Monday, FBI Director Christopher Wray urged private sector organizations to help the agency by coming forward with information regarding malicious cyber activity.CYBERSECURITYDIVE.COM
20 SepCritical Business App Outages Cost $500,000 per Hour of DowntimeObservability’s adoption is on the rise and full-stack observability leads to better service-level metrics, such as fewer, shorter outages and lower outage costs, according to New Relic.HELPNETSECURITY.COM
20 SepSophisticated Phishing Campaign Targeting Chinese Users with ValleyRAT and Gh0st RATChinese-language speakers have been increasingly targeted as part of multiple email phishing campaigns that aim to distribute various malware families such as Sainbox RAT, Purple Fox, and a new trojan called ValleyRAT. "Campaigns include Chinese-language lures and malware typical…THEHACKERNEWS.COM
20 SepAtos Unify Vulnerabilities Could Allow Hackers to Backdoor SystemsThe flaws were found in the unified communications and collaboration solution by researchers at SEC Consult, an Austria-based cybersecurity consulting firm that is part of the Atos Group’s Eviden business.SECURITYWEEK.COM
20 SepFree Download Manager releases script to check for Linux malwareThe developers of Free Download Manager (FDM) have published a script to check if a Linux device was infected through a recently reported supply chain attack. [...]BLEEPINGCOMPUTER.COM
20 SepP2PInfect botnet activity surges 600x with stealthier malware variantsThe P2PInfect botnet worm is going through a period of highly elevated activity volumes starting in late August and then picking up again in September 2023. [...]BLEEPINGCOMPUTER.COM
📡 INFOSEC NEWS 16[−]
20 SepSignal Messenger Introduces PQXDH Quantum-Resistant EncryptionEncrypted messaging app Signal has announced an update to the Signal Protocol to add support for quantum resistance by upgrading the Extended Triple Diffie-Hellman (X3DH) specification to Post-Quantum Extended Diffie-Hellman (PQXDH). "With this upgrade, we are adding a layer of p…THEHACKERNEWS.COM
20 SepClaimants in Celsius Crypto Bankruptcy Targeted in Phishing AttackIn July 2022, crypto lender Celsius filed for bankruptcy and froze withdrawals from user accounts. Customers have since filed claims against the company, hoping to recover a portion of the funds.BLEEPINGCOMPUTER.COM
20 SepHiddenLayer Raises Hefty $50M Round for AI Security TechHiddenLayer, which emerged from stealth in July 2022 with $6 million in funding, said the latest financing was led by M12, Microsoft’s Venture Fund, and Moore Strategic Ventures.SECURITYWEEK.COM
20 SepLegit Security lands $40M to lock down apps and dev environmentsLegit Security, a cybersecurity company developing a platform to identify app vulnerabilities from code, has raised $40 million in a Series B funding round led by CRV with participation from Cyberstarts, Bessemer Venture Partners and TCV. Co-founder and CEO Roni Fuchs says that t…TECHCRUNCH.COM
20 SepSignal adds quantum-resistant encryption to its E2EE messaging protocolSignal has announced that it upgraded its end-to-end communication protocol to use quantum-resistant encryption keys to protect users from future attacks. [...]BLEEPINGCOMPUTER.COM
20 SepChinese-Language Speakers Targeted with Sainbox RAT, ValleyRAT, and Gh0stRATThe increase in activity suggests increased availability or ease of access to payloads and target lists, as well as potentially increased activity by Chinese-speaking cybercrime operators.PROOFPOINT.COM
20 SepThe Signal Protocol Used By 1+ Billion People Is Getting A Post-Quantum MakeoverPACKETSTORMSECURITY.COM
20 SepWhat's Normal? DNS TTL Values, (Wed, Sep 20th)I am trying to start a series of brief diaries about "what&#;x26;#;39;s normal." Analysts often only look at the network when they suspect something is wrong. But to find the anomaly, someone must first know what&#;x26;#;39;…ISC.SANS.EDU
20 SepMeta targeted for fresh UK gov’t warning against E2E encryption for Messenger, InstagramBuckle up for another encryption fight: Hot on the heels of securing parliament’s approval for its Online Safety Bill yesterday, the UK government is amping up pressure on Meta not to roll out end-to-end-encryption (E2EE) on Facebook Messenger and Instagram — unless i…TECHCRUNCH.COM
20 SepThe Urgent Need for Memory Safety in Software ProductsCybersecurity Technical Advisor Bob Lord stresses the importance of memory safety in making software safer by design.CISA.GOV
20 SepT-Mobile app glitch let users see other people's account infoT-Mobile customers today were able to see other people's account and billing information after logging into the company's official mobile application. [...]BLEEPINGCOMPUTER.COM
20 SepResults from the 2023 MITRE Engenuity ATT&CK Evaluations (Round 5: Turla)Our view on this round of ATT&CK Evaluations and how Sophos detected 99% of real-world threat activity.SOPHOS.COM
20 SepLive Webinar | Unlocking the 8 Key Human Cyber Risk Factors: Strengthening Security in Your OrganizationDATABREACHTODAY.CO.UK
20 SepWhy Palo Alto Is Eyeing Secure Browser Firm Talon for $600MTalon Is in Line for a 9-Figure Deal Just 29 Months After Emerging From Stealth Last year's winner of RSA Conference's prestigious Innovation Sandbox contest could soon be acquired by Palo Alto Networks, according to Calcalist. The platform security behemoth is in advanced negoti…DATABREACHTODAY.CO.UK