⚠️ VULNERABILITY DISCLOSURE 4[−]
23 SepChinese, North Korean Nation-State Groups Target Health DataFinancially motivated groups originating in North Korea and China "have all the sophistication of many other cybercriminal gangs but also have the resources - technological, financial and diplomatic - of a state behind them," HHS HC3 warned.BANKINFOSECURITY.COM
23 SepApple and Chrome Zero-Days Exploited to Hack Egyptian ex-MP with Predator SpywareThe three zero-day flaws addressed by Apple on September 21, 2023, were leveraged as part of an iPhone exploit chain in an attempt to deliver a spyware strain called Predator targeting former Egyptian member of parliament Ahmed Eltantawy between May and September 2023. "The targe…THEHACKERNEWS.COM
23 SepAir Canada discloses data breach of employee and 'certain records'Air Canada, the flag carrier and the largest airline of Canada, disclosed a cyber security incident this week in which hackers "briefly" obtained limited access to its internal systems. The incident resulted in the theft of a limited amount of personal information of some of its …BLEEPINGCOMPUTER.COM
23 SepNational Student Clearinghouse data breach impacts 890 schoolsU.S. educational nonprofit National Student Clearinghouse has disclosed a data breach affecting 890 schools using its services across the United States. [...]BLEEPINGCOMPUTER.COM
📢 SECURITY ADVISORIES 1[−]
23 Sep[YIKES] AI Now Enables Subliminal Image "Inception"Seen Christopher Nolan's movie Inception ? If you haven't, it's about a thief who is given the task of planting an idea into the mind of a CEO. The technology of implanting ideas is nothing new. Communist regimes were the very early countries developing mind control technologies.…KNOWBE4.COM
🔥 INCIDENT REPORTING 3[−]
23 SepCrypto Firm Nansen Asks Users to Reset Passwords After Vendor BreachNansen stopped the malicious activity shortly after the affected vendor informed them about the incident, but the ensuing investigation confirmed that user data was compromised.BLEEPINGCOMPUTER.COM
23 SepGovernment of Bermuda Links Cyberattack to Russian Hackers"The public is advised that the Government Is currently experiencing internet/email and phone service interruptions. All Departments are impacted," the Bermuda Government said.BLEEPINGCOMPUTER.COM
23 SepUpdate: Dallas Says Royal Ransomware Breached Its Network Using Stolen AccountRoyal gained access to the City's network using a stolen domain service account in early April and maintained access to the compromised systems between April 7 and May 4.BLEEPINGCOMPUTER.COM
🕵️ THREAT INTELLIGENCE 7[−]
23 SepDefeating Visual Studio Code embedded reverse shellsubmitted by L4s to secops 1 points | 0 comments https://ipfyx.fr/post/visual-studio-code-tunnel/ Defeating Visual Studio Code embedded reverse shell::Visual studio code tunnel Introduction Since July 2023, Microsoft is offering the perfect reverse shell, embedded inside Visual S…IPFYX.FR
23 SepChinese Spies Infected Dozens of Networks With Thumb Drive Malwaresubmitted by throws_lemy to cybersecurity 1 points | 0 comments https://www.wired.com/story/china-usb-sogu-malware/WIRED.COM
23 SepDeadglyph: New Advanced Backdoor with Distinctive Malware TacticsCybersecurity researchers have discovered a previously undocumented advanced backdoor dubbed Deadglyph employed by a threat actor known as Stealth Falcon as part of a cyber espionage campaign. "Deadglyph's architecture is unusual as it consists of cooperating components – one a n…THEHACKERNEWS.COM
23 SepEvasive Gelsemium hackers spotted in attack against Asian govtA stealthy advanced persistent threat (APT) tracked as Gelsemium was observed in attacks targeting a Southeast Asian government that spanned six months between 2022 and 2023. [...]BLEEPINGCOMPUTER.COM
23 SepScanning for Laravel - a PHP Framework for Web Artisants, (Sat, Sep 23rd)Today while reviewing my honeypot logs, I noticed an HTTP request for a directory this week I had not noticed before that included Laravel :
ISC.SANS.EDU
23 SepShould I glue my SIM card tray shut?submitted by darkstar to cybersecurity 2 points | 0 comments I know it’s an odd question, but where I live phones get stolen often. My phone doesn’t have the option for an eSim, which is a problem because 90% of the time when a thief steals a phone they take out the SIM card imme…SH.ITJUST.WORKS
23 SepNew stealthy and modular Deadglyph malware used in govt attacksA novel and sophisticated backdoor malware named 'Deadglyph' was seen used in a cyberespionage attack against a government agency in the Middle East. [...]BLEEPINGCOMPUTER.COM