127Articles
10Categories
2023-09-21Date
🚨 CISA KEV 2[−]
21 Sep KEVKey findings from the CISA 2022 Top Routinely Exploited Vulnerabilities reportOne of the best ways to mitigate risk and insulate your organization from malicious actors is to understand where they're focusing their time and attention as well as leveraging recommended practices to avoid becoming a victim. The recently published CISA 2022 Top Routinely Explo…CSOONLINE.COM
21 Sep KEVCISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2023-41179 Trend Micro Apex One and Worry-Free Business Security Remote Code Execution Vulnerability These types of vulnerabilities are frequent att…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 5[−]
21 SepFake CVE-2023-40477 Proof of Concept Leads to VenomRATThreat actors are repurposing older proof of concept code to create fake PoCs for newly released vulnerabilities, aiming to compromise other miscreants rather than specifically targeting researchers.UNIT42.PALOALTONETWORKS.COM
21 SepTrend Micro Zero-day Vulnerability Let Attackers Run Arbitrary CodeIf you use Trend Micro Apex One, you should know that the third-party Antivirus uninstaller feature may have a security hole. This flaw could make it possible for random code to be run. Even though the National Vulnerability Database (NVD) hasn’t proven how bad the problem …GBHACKERS.COM
21 SepGitlab fixes bug that exploited internal policies to trigger hostile pipelinesGitlab has released two patched releases, 16.2.7 and 16.3.4 for the Enterprise (EE) and Community (CE) editions of the DevOps platform in response to a critical severity bug discovered through its HackerOne bug bounty program. Dubbed CVE_2023-5009, with a CVSS score of 9.6, the v…CSOONLINE.COM
21 SepISC Releases Security Advisories for BIND 9The Internet Systems Consortium (ISC) has released security advisories to address vulnerabilities affecting ISC’s Berkeley Internet Name Domain (BIND) 9. A malicious cyber actor could exploit these vulnerabilities to cause denial-of-service conditions. CISA encourages users and a…CISA.GOV
21 SepApple Patches Three New 0-Day Vulnerabilities Affecting iOS/iPadOS/watchOS/macOS, (Thu, Sep 21st)This update patches three already exploited vulnerabilities: (1) CVE-2023-41993 Remote code execution in WebKit. This could be used as an initial access vector (2) CVE-2023-41992 Privilege Escalation. A follow-up after the initial access was achieved via the first vul…ISC.SANS.EDU
⚠️ VULNERABILITY DISCLOSURE 27[−]
21 SepMGM Resorts Computers Back Up After 10 Days as Analysts Eye Effects of Casino CyberattacksMGM Resorts brought its computer systems back online on September 20th after ransomware disrupted operations for 10 days. The post MGM Resorts Computers Back Up After 10 Days as Analysts Eye Effects of Casino Cyberattacks appeared first on SecurityWeek .SECURITYWEEK.COM
21 SepBeware: Fake Exploit for WinRAR Vulnerability on GitHub Infects Users with VenomRATA malicious actor released a fake proof-of-concept (PoC) exploit for a recently disclosed WinRAR vulnerability on GitHub with an aim to infect users who downloaded the code with VenomRAT malware. "The fake PoC meant to exploit this WinRAR vulnerability was based on a publicly ava…THEHACKERNEWS.COM
21 SepAMBERSQUID Cryptojacking Operation: Unusual AWS Services Under AttackThe AMBERSQUID cryptojacking operation targets obscure AWS services like AWS Amplify, AWS Fargate, and Amazon SageMaker, effectively bypassing AWS's resource approval process to mine cryptocurrency covertly. If AMBERSQUID were to expand its scope to target all AWS regions, it cou…CYWARE.COM
21 SepUkrainian Hacker Suspected to be Behind "Free Download Manager" Malware AttackThe maintainers of Free Download Manager (FDM) have acknowledged a security incident dating back to 2020 that led to its website being used to distribute malicious Linux software. "It appears that a specific web page on our site was compromised by a Ukrainian hacker group, exploi…THEHACKERNEWS.COM
21 SepLLM Guard: Open-Source Toolkit for Securing Large Language ModelsThe open-source toolkit provides evaluators for inputs and outputs of LLMs, offering features such as sanitization, detection of harmful language, data leakage prevention, and protection against prompt injection and jailbreak attacks.HELPNETSECURITY.COM
21 SepThe Rise of the Malicious AppSecurity teams are familiar with threats emanating from third-party applications that employees add to improve their productivity. These apps are inherently designed to deliver functionality to users by connecting to a “hub” app, such as Salesforce, Google Workspace, or Microsoft…THEHACKERNEWS.COM
21 SepNew Revelations from the Snowden DocumentsJake Appelbaum’s PhD thesis contains several new revelations from the classified NSA documents provided to journalists by Edward Snowden. Nothing major, but a few more tidbits. Kind of amazing that that all happened ten years ago. At this point, those documents are more his…SCHNEIER.COM
21 SepCybercriminals Exploit the Moroccan Tragedy in New Scam CampaignThis blog entry details a scheme that exploits the recent Morocco earthquake by impersonating the domain name of a well-known humanitarian organization for financial fraud.TRENDMICRO.COM
21 SepNcurses & Bad Things, LVFS is NOT a Backdoor, Physical Proximity, & Oh, Fortinet! - PSW #799In the Security News: LVFS is not a backdoor, attackers are in physical proximity, when you need to re-cast risk, oh Fortinet, pre-installed backdoors again, deep down the rabbit hole, the buffer overflow is in your BIOS!, what is 345gs5662d34?, a cone is all you need, we are com…YOUTUBE.COM
21 SepDrupal Releases Security Advisory to Address Vulnerability in Drupal CoreDrupal has released a security advisory to address a vulnerability affecting multiple Drupal versions. A malicious cyber actor could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review Drupal security advisory SA-CO…CISA.GOV
21 SepUkrainian Hacker Suspected to be Behind "Free Download Manager" Malware AttackFDM said its investigation uncovered a vulnerability in a script on its site that the hackers exploited to tamper with the download page and lead the site visitors to the fake domain deb.fdmpkg[.]org hosting the malicious .deb file.THEHACKERNEWS.COM
21 SepMOVEit Transfer SQL Injection Let the Attacker Gain Unauthorized Access to the DatabaseMOVEit transfer service pack has been discovered with three vulnerabilities associated with SQL injections (2) and a Reflected Cross-Site Scripted (XSS). The severity for these vulnerabilities ranges between 6.1 (Medium) and 8.8 (High). Progress-owned MOVEit transfer was popularl…GBHACKERS.COM
21 SepProactive OT security requires visibility + preventionIdentifying what's on your network and detecting if any issues arise is important, but isn't it ideal to prevent an issue in the first place? Shadow OT can leave anyone suddenly put in charge of cybersecurity for industrial control systems (ICS) feeling overwhelmed. While visibil…CSOONLINE.COM
21 SepCISA Releases Six Industrial Control Systems AdvisoriesCISA released six Industrial Control Systems (ICS) advisories on September 21, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-264-01 Real Time Automation 460 Series ICSA-23-264-02 Siemens Spe…CISA.GOV
21 SepChina accuses US of cyberattacks, spying on Huaweisubmitted by c0mmando to netsec 1 points | 0 comments https://www.theregister.com/2023/09/20/huawei_china_claims/ The ongoing face-off between Washington and Beijing over technology and security issues has taken a new twist, with China accusing the US of hacking into the servers …THEREGISTER.COM
21 SepBalancing Budget and System Security: Approaches to Risk ToleranceOrganizations should prioritize revisiting their security readiness and up-leveling their cyber vulnerability and risk management programs by learning from data breaches and understanding the potential impact of compromised data.HELPNETSECURITY.COM
21 SepAtlassian Releases September Security BulletinAtlassian has released its security bulletin for September 2023 to address vulnerabilities in multiple products. A malicious cyber actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Atlassian…CISA.GOV
21 SepNavigating the Digital Frontier in Cybersecurity Awareness Month 2023ZTNA stands out as a solution that enables organizations to minimize their attack surface while ensuring the productivity and security of their remote workforce. The post Navigating the Digital Frontier in Cybersecurity Awareness Month 2023 appeared first on SecurityWeek .SECURITYWEEK.COM
21 SepScaling Rust Adoption Through TrainingPosted by Martin Geisler, Android team Android 14 is the third major Android release with Rust support. We are already seeing a number of benefits: Productivity: Developers quickly feel productive writing Rust . They report important indicators of development velocity, such as co…SECURITY.GOOGLEBLOG.COM
21 SepChina’s offensive cyber operations support “soft power” agenda in AfricaTargeted cyber intrusions against key industrial sectors in various African nations conspicuously align with China's broader soft power and technological agenda in the region, encompassing critical areas such as the telecommunication sector, financial institutions, and government…CSOONLINE.COM
21 SepApple emergency updates fix 3 new zero-days exploited in attacksApple released emergency security updates to patch three new zero-day vulnerabilities exploited in attacks targeting iPhone and Mac users, for a total of 16 zero-days patched this year. [...]BLEEPINGCOMPUTER.COM
21 SepUnmasking ransomware threat clusters: Why it matters to defendersCybersecurity analysts have typically dissected ransomware attacks in isolation, scrutinizing the tactics, techniques, and procedures (TTPs) unique to each incident. However, new Sophos research shows why it is critical for defenders to look beyond the surface as attacks executed…CSOONLINE.COM
21 SepDetection Engineering and SOC Scalability Challenges (Part 2)This blog series was written jointly with Amine Besson, Principal Cyber Engineer, Behemoth CyberDefence and one more anonymous collaborator. This post is our second installment in the “Threats into Detections — The DNA of Detection Engineering” series, where we explore the challe…MEDIUM.COM
21 Sep2024 Security Planning with Forrester - Merritt Maxim - ESW #332Forrester Research releases a few annual reoccurring cybersecurity reports, but one of the biggest that covers the most ground is the Security Risk Planning Guide, which was recently released for 2024. One of the report's 17 authors, and research director, Merritt Maxim, will wal…YOUTUBE.COM
21 SepA Vulnerability in Drupal Could Allow for Privilege EscalationA vulnerability has been discovered in Drupal that could allow for privilege escalation. Drupal is an open source content management platform supporting a variety of websites ranging from personal weblogs to large community-driven websites. Successful exploitation of this vulnera…CISECURITY.ORG
21 SepMeredith Whittaker reaffirms that Signal would leave UK if forced by privacy billOnstage at TechCrunch Disrupt 2023, Meredith Whittaker, the president of the Signal Foundation, which maintains the nonprofit Signal messaging app, reaffirmed that Signal would leave the U.K. if the country’s recently passed Online Safety Bill forced Signal to build “…TECHCRUNCH.COM
21 SepNews alert: MxD roundtable with White House officials highlights cybersecurity workforce needsChicago, Ill., Sept. 21, 2023 — MxD, the Digital Manufacturing and Cybersecurity Institute, today hosted a roundtable discussion with the White House Office of the National Cyber Director . Also in attendance were Access Living, The College of Lake County, … (more…)LASTWATCHDOG.COM
📋 SECURITY BULLETINS 1[−]
21 SepAtlassian Security Updates Patch High-Severity VulnerabilitiesAtlassian has released patches for multiple high-severity vulnerabilities in Jira, Confluence, Bitbucket, and Bamboo products. The post Atlassian Security Updates Patch High-Severity Vulnerabilities appeared first on SecurityWeek .SECURITYWEEK.COM
📢 SECURITY ADVISORIES 15[−]
21 SepWhite House Grapples With Harmonizing Thicket of Cybersecurity RulesRecently, the White House has begun streamlining the myriad of cybersecurity regulations and technical standards that corporations and critical infrastructure must follow.CYBERSCOOP.COM
21 SepCIO Accuses Penn State of Faking Cybersecurity CompliancePennsylvania State University (Penn State) is facing a lawsuit filed by a former chief information officer (CIO) who alleges that the university falsified government security compliance reports.THEREGISTER.COM
21 SepChina Accuses U.S. of Decade-Long Cyber Espionage Campaign Against Huawei ServersChina's Ministry of State Security (MSS) has accused the U.S. of breaking into Huawei's servers, stealing critical data, and implanting backdoors since 2009, amid mounting geopolitical tensions between the two countries. In a message posted on WeChat, the government authority sai…THEHACKERNEWS.COM
21 SepCritical Infrastructure Organizations Warned of Snatch Ransomware AttacksThe FBI and CISA are warning critical infrastructure organizations of ongoing Snatch ransomware attacks, which also involve data exfiltration. The post Critical Infrastructure Organizations Warned of Snatch Ransomware Attacks appeared first on SecurityWeek .SECURITYWEEK.COM
21 SepChina Accuses U.S. of Decade-Long Cyber Espionage Campaign Against Huawei ServersChina's Ministry of State Security (MSS) has accused the U.S. of breaking into Huawei's servers, stealing critical data, and implanting backdoors since 2009, amid mounting geopolitical tensions between the two countries.THEHACKERNEWS.COM
21 SepSnatch ransomware – what you need to knowThe FBI and US Cybersecurity and Infrastructure Security Agency (CISA) have issued a joint advisory warning organisations about a ransomware-as-a-service operation called "Snatch." Learn more about the threat in my article for the Tripwire State of Security blog.TRIPWIRE.COM
21 SepSingapore Police Warn of New Scam Campaign Spreading Android MalwareThe Singapore police, on Wednesday, issued an advisory about a new variant of Android malware scams, where scammers would initiate a factory reset on infected devices after the malware executes unauthorized transactions on the phone’s i-banking app.CHANNELNEWSASIA.COM
21 SepCryptohack Roundup: Private Key Compromise Led to CoinEx HitAlso: Mark Cuban Hot Wallet Hack; Crypto Regulation This week, hackers stole $70 million from CoinEx, FTX resumed online claims, Balancer suffered a breach, Celsius creditors are targets of phishing, nearly $900,000 was stolen from Mark Cuban's hot wallet, Malta prepares for cryp…DATABREACHTODAY.CO.UK
21 SepFeds Warn About Snatch RansomwareUS Agency Advisory Sheds Light on the Group's Activities The Snatch ransomware group is targeting a wide range of critical infrastructure sectors, including the defense industrial base, food and agriculture, and information technology sectors, according to a new alert issued by U…DATABREACHTODAY.CO.UK
🔥 INCIDENT REPORTING 24[−]
21 SepNetwork Device Supply Chain Security - Nate Warfield - BTS #13We dig into network devices/appliances, why they are still around, who is attacking them, and how. Just why are attackers using network devices in ransomware campaigns and how do we stop them? Tune-in to find out as Nate Warfield, Director of Threat Research and Intelligence at E…YOUTUBE.COM
21 SepT-Mobile App Glitch Exposes Other User’s Sensitive DataThe mobile application of T-Mobile has recently been a cause of concern among its customers due to issues concerning privacy. Users have reported accessing sensitive information belonging to other customers when logging into their own accounts.  This alarming situation has r…GBHACKERS.COM
21 SepUpdate: Transunion Denies it Was Hacked, Links Leaked Data to Third PartyThe investigation into the claims found that the information leaked by USDoD was likely obtained from another organization's systems, given that the data and its formatting are different than TransUnion's.BLEEPINGCOMPUTER.COM
21 SepCyber Group 'Gold Melody' Selling Compromised Access to Ransomware AttackersA financially motivated threat actor has been outed as an initial access broker (IAB) that sells access to compromised organizations for other adversaries to conduct follow-on attacks such as ransomware. SecureWorks Counter Threat Unit (CTU) has dubbed the e-crime group Gold Melo…THEHACKERNEWS.COM
21 SepCritical Infrastructure Organizations Warned of Snatch Ransomware AttacksPrior to ransomware deployment, the Snatch threat actors spend up to three months on victims’ networks, searching for valuable data to exfiltrate and identifying systems they can encrypt. They also attempt to disable security software.SECURITYWEEK.COM
21 SepMost organizations want security vendor consolidationCybersecurity is complicated, to say the least. Maintaining a strong security posture goes far beyond knowing about attack groups and their devious TTPs. Merely understanding, coordinating and unifying security tools can be challenging. We quickly passed through the “not if…SECURITYINTELLIGENCE.COM
21 SepInternational Criminal Court Reveals Security Breachsubmitted by throws_lemy to cybersecurity 2 points | 0 comments https://www.infosecurity-magazine.com/news/international-criminal-court/INFOSECURITY-MAGAZINE.COM
21 Sep'Gold Melody' Group Sells Access to Compromised Networks to Ransomware AttackersGOLD MELODY uses a variety of tools and techniques, including web shells, RATs, and tunneling tools, to facilitate their malicious activities within compromised environments.SECUREWORKS.COM
21 SepDHS Council Seeks to Simplify Cyber Incident Reporting RulesThe Department of Homeland Security delivered a 100-page report on Tuesday with recommendations on how to revamp the thicket of cyber incident reporting requirements faced by U.S. critical infrastructure operators.CYBERSCOOP.COM
21 SepGUEST ESSAY: Caring criminals — why some ransomware gangs now avoid targeting hospitalsRansomware is a significant threat to businesses worldwide. There are many gangs that work together to orchestrate increasingly damaging attacks. However, some of these groups follow codes of conduct that prevent them from purposefully targeting hospitals. Related: How Putin has …LASTWATCHDOG.COM
21 SepPizza Hut Australia warns 193,000 customers of a data breachPizza Hut Australia is sending data breach notifications to customers, warning that a cyberattack allowed hackers to access their personal information. [...]BLEEPINGCOMPUTER.COM
21 SepVanishing Act: The Secret Weapon Cybercriminals Use in Your InboxResearchers at Barracuda describe how attackers use legitimate email inbox rules to control compromised accounts and evade detection.KNOWBE4.COM
21 SepDonald Trump Jr’s hacked Twitter account announces his father has diedDonald Trump Jr may not have just inherited his famous father's name. He may also have inherited his bad password security.GRAHAMCLULEY.COM
21 SepInternational Criminal Court hacked amid Russia probesubmitted by c0mmando to netsec 2 points | 0 comments https://www.theregister.com/2023/09/20/icc_hack/ The International Criminal Court said crooks breached its IT systems last week, and that attack isn’t over yet, with the ICC saying the “cybersecurity incident” is still ongoing…THEREGISTER.COM
21 SepFeds Issue Snatch Ransomware WarningPACKETSTORMSECURITY.COM
21 SepTransUnion Denies Breach After Hacker Publishes Allegedly Stolen DataTransUnion denies suffering a breach after a hacker publishes 3GB of data allegedly stolen from the credit reporting firm. The post TransUnion Denies Breach After Hacker Publishes Allegedly Stolen Data appeared first on SecurityWeek .SECURITYWEEK.COM
21 SepApexSMS - 23,246,481 breached accountsIn May 2019, news broke of a massive SMS spam operation known as "ApexSMS" which was discovered after a MongoDB instance of the same name was found exposed without a password . The incident leaked over 80M records with 23M unique email addresses alongside names, phone n…HAVEIBEENPWNED.COM
21 SepNew SEC Rules Add Challenges in Uncertain Cyber Insurance Market[BUDGET AMMO] Jeremy King  is a partner at Olshan Frome Wolosky. He wrote an article for Bloomberg where he analyzed cyber risk management issues that companies should prioritize in response to new SEC reporting requirements for cybersecurity incidents and threats.KNOWBE4.COM
21 SepBreach Roundup: Effects of ISP Ransomware Attack in ColombiaAlso, Clorox Product Shortages; California Passes Data Broker Restrictions This week, Colombia grappled with the aftermath of a ransomware attack against IFX Networks, Clorox suffered product shortages, a glitch allowed T-Mobile users to access other users' data, California passe…DATABREACHTODAY.CO.UK
21 SepChinese Spies Infected Dozens of Networks With Thumb Drive MalwareWIRED just published an article that made me both disappointed and surprised at the same time. Security researchers found USB-based Sogu espionage malware spreading within African operations of European and US firms.KNOWBE4.COM
21 SepMaking tabletop exercises better! - Ryan Fried - ESW #332If you've ever played Dungeons & Dragons, you probably know that the quality of the experience depends on how prepared, experienced, and talented the Dungeon Master is. Today, we'll talk to InfoSec DM and practitioner extraordinaire Ryan Fried about some of the key elements that …YOUTUBE.COM
21 SepOhio Community College Data Theft Breach Affects Nearly 300KResearchers Say Breach Illustrates Why Schools Are Major Targets for Cybercriminals An Ohio community college is notifying 290,000 people of a data theft breach this spring that may have compromised their personal and health information. Security researchers say small schools suc…DATABREACHTODAY.CO.UK
21 SepCyberattack on Kansas town affects email, phone, payment systemssubmitted by throws_lemy to cybersecurity 1 points | 0 comments https://therecord.media/pittsburg-kansas-government-cyberattackTHERECORD.MEDIA
🕵️ THREAT INTELLIGENCE 22[−]
21 SepAI Attacks and LLM Security Matters - Nathan Hamiel - PSW #799Nathan comes on the show to discuss LLMs, such as ChatGPT, the issues we face today and in the future. Learn about prompt injection attacks, jailbreaking, LLMs for threat actors, and more! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://s…YOUTUBE.COM
21 SepISC Stormcast For Thursday, September 21st, 2023 https://isc.sans.edu/podcastdetail/8668, (Thu, Sep 21st)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
21 SepOmron Patches PLC, Engineering Software Flaws Discovered During ICS Malware AnalysisOmron has patched PLC and engineering software vulnerabilities discovered by Dragos during the analysis of ICS malware. The post Omron Patches PLC, Engineering Software Flaws Discovered During ICS Malware Analysis appeared first on SecurityWeek .SECURITYWEEK.COM
21 SepSystem Admin Pleads Guilty for Selling Pirated Business Phone Software LicensesFor taking part in a large international scheme to earn millions of dollars by selling pirated business telephone system software licenses, a computer system admin and his spouse pled guilty. Software licenses with a retail value of over $88 million are said to have been sol…GBHACKERS.COM
21 SepCar Cybersecurity Study Shows Drop in Critical Vulnerabilities Over Past DecadeAn automotive cybersecurity study shows that critical-risk vulnerabilities have decreased in the past decade. The post Car Cybersecurity Study Shows Drop in Critical Vulnerabilities Over Past Decade appeared first on SecurityWeek .SECURITYWEEK.COM
21 SepUK’s New Online Safety Law Adds to Crackdown on Big Tech CompaniesBritish lawmakers approved an ambitious but controversial new internet safety law with wide-ranging powers to crack down on digital and social media companies. The post UK’s New Online Safety Law Adds to Crackdown on Big Tech Companies appeared first on SecurityWeek .SECURITYWEEK.COM
21 SepIs QakBot Malware Officially Dead?Only a few malware families can claim to have persisted for nearly twenty years, and QakBot (also referred to as QBot) stands among them as one of the most enduring. Since its first appearance in 2008, it has been deployed in numerous attacks, causing significant financial losses…GBHACKERS.COM
21 SepSecurity Fest 2022 - Gothenburg, Sweden - 12 hours of videosubmitted by ashar to security_cpe 1 points | 0 comments https://youtube.com/playlist?list=PL0Jph6SmWIuOHPAuHLP6UD3nENl695bua&si=5OZyBye-AtVqNZL9 Security Fest 2022 playlist Speakers and talks from the Securityfest websiteYOUTUBE.COM
21 SepSecurityFest 2023 - Gothenburg, Sweden - 2 days, 15 hours of talkssubmitted by ashar to security_cpe 1 points | 0 comments https://youtube.com/playlist?list=PL0Jph6SmWIuMmZpl5NVjPQ_uDXHYw5Jii&si=IWHFsYcF3kalLuew SecurityFest 2023 playlist Speakers and talksYOUTUBE.COM
21 SepLUCR-3 Attacking Fortune 2000 Companies Using Victims’ Own Tools & AppsA new financially motivated threat group named “LUCR-3” has been discovered targeting organizations to steal intellectual property for extortion. This threat actor surpasses Scatter Spider, Oktapus, UNC3944, and Storm-0875. LUCR-3 is targeting Fortune 2000 companies in various se…GBHACKERS.COM
21 SepCisco to Bring XDR, SIEM Together With $28B Splunk PurchaseCisco-Splunk Deal Will Fuel Move from Detection, Response to Prediction, Prevention Cisco's proposed $28 billion buy of Splunk allows businesses to move from threat detection and response to threat prediction and prevention by combining XDR and SIEM. The deal bring together Cisco…DATABREACHTODAY.CO.UK
21 SepEncrypted email provider Proton has built its own CAPTCHA serviceProton, the Swiss company that develops privacy-focused online services such as email, has developed its very own CAPTCHA service to help discern between genuine login attempts and bots — and it touts the new system as the world’s first CAPTCHA that is “censorsh…TECHCRUNCH.COM
21 SepEvery Network Is Now an OT Network. Can Your Security Keep Up?Many previously isolated OT networks, like manufacturing, processing, distribution, and inventory management, have now been woven into larger IT networks. The post Every Network Is Now an OT Network. Can Your Security Keep Up? appeared first on SecurityWeek .SECURITYWEEK.COM
21 SepLegit Security Raises $40 Million in Series B FinancingLegit Security raises $40 million in a Series B funding round led by CRV to help organizations protect the software supply chain from attacks The post Legit Security Raises $40 Million in Series B Financing appeared first on SecurityWeek .SECURITYWEEK.COM
21 SepCisco to Acquire Splunk for $28 BillionCisco will boost its cybersecurity capabilities by shelling out $28 billion to buy Splunk, which Cisco says will drive the next generation of AI-enabled security and observability. The post Cisco to Acquire Splunk for $28 Billion appeared first on SecurityWeek .SECURITYWEEK.COM
21 SepNew ways to inject system CA certificates in Android 14submitted by L4s to secops 1 points | 0 comments https://httptoolkit.com/blog/android-14-install-system-ca-certificate/ New ways to inject system CA certificates in Android 14::A couple of weeks ago I published a post about changes in Android 14 that fundamentally break existing …HTTPTOOLKIT.COM
21 Sep‘Sandman’ hackers backdoor telcos with new LuaDream malwareA previously unknown threat actor dubbed 'Sandman' targets telecommunication service providers in the Middle East, Western Europe, and South Asia, using a modular info-stealing malware named 'LuaDream.' [...]BLEEPINGCOMPUTER.COM
21 SepNew ‘Sandman’ APT Group Hitting Telcos With Rare LuaJIT MalwareNew and mysterious APT Sandman spotted targeting telcos in Europe and Asia as part of a cyberespionage campaign. The post New ‘Sandman’ APT Group Hitting Telcos With Rare LuaJIT Malware appeared first on SecurityWeek .SECURITYWEEK.COM
21 SepDutch Police Warns Users of Credentials Leak Site400 Potential WeLeakInfo Patrons Warned of Legal Costs of Criminal Wrongdoing Hundreds of Dutch patrons of a now-defunct credential marketplace received warnings from national police in an attempt to prevent potential crimes using illicitly obtained personal identifiable informat…DATABREACHTODAY.CO.UK
21 SepMassive valuations and acquisitions - Cato, Cisco, Splunk & SentinelOne! - ESW #332This week we talk about finding, acquisitions and the state of the market. If you're interested in cybersecurity market discussion, this is the episode for you. We also discuss what makes a cybersecurity influencer. Visit https://www.securityweekly.com/esw for all the latest epis…YOUTUBE.COM
21 SepWhy Palo Alto Networks Was Named Google Cloud Partner of the YearGoogle Cloud has recognized our commitment by recently awarding Palo Alto Networks its 2023 Technology Partner of the Year for three important categories. The post Why Palo Alto Networks Was Named Google Cloud Partner of the Year appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
21 SepNew Microsoft security tools to protect families and businessesToday, Microsoft announced several major innovations to empower people across work and life and redefine how we live and work with AI. The post New Microsoft security tools to protect families and businesses appeared first on Microsoft Security Blog .MICROSOFT.COM
🌐 CYBER THREAT LANDSCAPE 4[−]
21 SepResearchers Witness 600X Increase in P2Pinfect Botnet TrafficThe developers of P2Pinfect are actively iterating on the malware's capabilities and expanding the botnet, as seen through frequent updates and a substantial increase in activity.CADOSECURITY.COM
21 SepOmron Patches PLC, Engineering Software Flaws Discovered During ICS Malware AnalysisJapanese electronics giant Omron recently patched programmable logic controller (PLC) and engineering software vulnerabilities that were discovered by industrial cybersecurity firm Dragos during the analysis of a sophisticated piece of malware.SECURITYWEEK.COM
21 SepResearchers Raise Red Flag on P2PInfect Malware with 600x Activity SurgeThe peer-to-peer (P2) worm known as P2PInfect has witnessed a surge in activity since late August 2023, witnessing a 600x jump between September 12 and 19, 2023. "This increase in P2PInfect traffic has coincided with a growing number of variants seen in the wild, suggesting that …THEHACKERNEWS.COM
21 SepGitHub launches passkey support into general availabilityGitHub is formally launching its passkeys security feature into general availability, two months after first debuting it in beta. Passkeys offer cloud-synced authentication using cryptographic key pairs, allowing users to sign-in to websites and apps with the same screen-lock PIN…TECHCRUNCH.COM
🎙️ PODCASTS 2[−]
21 SepSmashing Security podcast #340: Heated seats, car privacy, and Graham’s porn videoDo you know what data your car is collecting about you? Do you think it’s right for a car manufacturer to collect a subscription to keep your bottom warm? And just why has YouPorn sent an email to Graham about his sex video? All this and much much more is discussed in the latest …GRAHAMCLULEY.COM
21 SepReversing Windows Container, episode I: SiloThis article presents the internals of Windows Container.QUARKSLAB.COM
📡 INFOSEC NEWS 25[−]
21 SepAnother $40m Dispersed to Western Union Fraud VictimsThe new $40m tranche of money was forfeited by the Colorado-headquartered financial services giant to the Department of Justice (DoJ) to reimburse 25,000 victims in the US and abroad.INFOSECURITY-MAGAZINE.COM
21 SepAustralia to Build ‘Six Cyber Shields’ to Defend NationAustralia is rolling out a six-pillar cyber security strategy to safeguard its digital interests, covering education, technology safety, threat-sharing, infrastructure protection, infosec capability, and global coordination.THEREGISTER.COM
21 SepT-Mobile App Glitch Let Users See Other People’s Account InfoAccording to user reports on social media, the exposed information included customers' names, phone numbers, addresses, account balances, and credit card details like the expiration dates and the last four digits.BLEEPINGCOMPUTER.COM
21 SepMicrosoft SAS misconfiguration causes 38TB data leakThe data leaked included Microsoft Teams messages, passwords and private keysCSHUB.COM
21 SepUK Passes the Online Safety Bill — And No, It Doesn’t Ban End-to-End EncryptionThe UK's Online Safety Bill does not ban end-to-end encryption but includes provisions for messaging platforms to use accredited technology to identify specific types of content.THERECORD.MEDIA
21 SepWhat is the Fediverse, and how does it work? | Kaspersky official blogWhat the Fediverse is, how it works, which protocols are used, what services are available to users right now, and its prospects.KASPERSKY.COM
21 SepSolarium Commission Wants Action on Stalled Cybersecurity RecommendationsThree years since its release, nearly 70% of the congressionally mandated Solarium Commission’s 80 initial recommendations have been implemented or are close to it, a testament to the report’s influence.CYBERSCOOP.COM
21 SepCisco to acquire Splunk in $28B mega dealCisco has a reputation of building the company through acquisitions, but it tends to stay away from the really huge ones. That changed this morning when the company announced it was acquiring Splunk for $28 billion. With Splunk, it gets an observability platform that could fit ni…TECHCRUNCH.COM
21 SepCompanies Still Don’t Know How to Handle Generative AI RisksEnergized by the hype around generative AI, enterprises are aggressively pursuing practical applications of this new technology while remaining cautious about the risks, according to ISG.HELPNETSECURITY.COM
21 SepCyber Experts Urge House Committee to Avoid Federal ShutdownCybersecurity experts urged Congress to avoid a government shutdown on October 1 - the start of the new federal fiscal year - telling a House panel that a lapse would damage efforts to keep the nation secure.BANKINFOSECURITY.COM
21 SepNever Use Your Master Password as a Password on Other AccountsOne in three Americans now use password managers, up from one in five in 2022, according to an online poll by Security.org that quizzed 1,051 American adults on how they use passwords and password managers.HELPNETSECURITY.COM
21 SepCanada Blames Border Airport Check-in and Electronic Gate Outages on DDoS AttackThe Canada Border Services Agency (CBSA) confirmed to Recorded Future News that the connectivity issues that affected check-in kiosks and electronic gates at airports last week are the result of a distributed denial of service (DDoS) attack.THERECORD.MEDIA
21 SepCisco Acquiring Cybersecurity Company Splunk in Cash Deal Worth $28 BillionThe acquisition is one of Cisco’s largest, and continues an acquisition streak that has built out the company’s cybersecurity offerings. The company will finance the deal with a combination of cash and debt, Cisco CEO Chuck Robbins said.CNBC.COM
21 SepMicrosoft Copilot rolls out with Windows 11 22H2 update next weekMicrosoft will start rolling out its Copilot digital assistant to all customers next week, on September 26th, together with a host of new AI-powered capabilities as part of a new Windows 11 22H2 update. [...]BLEEPINGCOMPUTER.COM
21 SepDecoding Turla: Trend Micro's MITRE PerformanceThis year, the MITRE Engenuity ATT&CK evaluation tested cybersecurity vendors against simulated attack scenarios mimicking the adversary group “Turla.” Learn about Trend Micro's 100% successful protection performance.TRENDMICRO.COM
21 SepGitHub passkeys generally available for passwordless sign-insGitHub has made passkeys generally available across the platform today to secure accounts against phishing and allow passwordless logins for all users. [...]BLEEPINGCOMPUTER.COM
21 SepKindo aims to take the security stress out of AI workflowsRon Williams, co-founder and CEO of Kindo, knows a thing or two about cybersecurity, having previously led security teams at League of Legends developer Riot Games, shared scooter startup Bird and Alphabet-backed Clover Health. He is now bringing this expertise to the fast-moving…TECHCRUNCH.COM
21 SepJourney to the Cloud: Navigating the Transformation - Part 3Nikko Asset Management's Marcus Rameke on SaaS or PaaS vs. IaaS or On-Premises HCI In Part 3 of this three-part blog post, Nikko Asset Management's Marcus Rameke discusses why opting for SaaS or PaaS over IaaS is a sensible decision for most businesses, why cloud solutions are pr…DATABREACHTODAY.CO.UK
21 SepCanada Confirms DDoS Attack Disrupted Airport Arrival KiosksHow in the World Did Self-Proclaimed Hacktivists Hit System Tied to Border Control? A recent, brief disruption at Canadian airports is a reminder that Russia-aligned hacking groups' bark remains worse than their bite. Experts say these groups' impact largely remains minimal, whic…DATABREACHTODAY.CO.UK
21 SepForecasts of SIEM Death Premature - Just Ask Cisco, SplunkCisco's Planned $28B Purchase of Splunk Shows XDR and SIEM Can Run Side by Side It turns out SIEM isn't on life support after all. Cisco is providing 28 billion reasons to believe enterprises aren't scrapping the security operations center staple anytime soon, even though rivals …DATABREACHTODAY.CO.UK
21 SepOilRig’s Outer Space and Juicy Mix: Same ol’ rig, new drill pipesESET researchers document OilRig’s Outer Space and Juicy Mix campaigns, targeting Israeli organizations in 2021 and 2022WELIVESECURITY.COM
21 SepZero Trust Adoption: Tips to Win Over LeadershipImplementing Zero Trust can be difficult due to outdated systems, employee resistance, and cost. Yet, the benefits outweigh the challenges. It is key to use a platform that combines multiple security technologies to simplify IT and risk assessment, proper planning, and getting se…TRENDMICRO.COM