matlock.ca // THREAT INTELLIGENCE

121Articles

9Categories

2023-09-28Date

🚨

CISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2023-14667 Red Hat JBoss RichFaces Framework Expression Language Injection Vulnerability These types of vulnerabilities are frequent attack vectors …

KEVCISA.GOV — Thu, 28 Sep 23 1

🐛

Vulnerability in popular ‘libwebp’ code more widespread than expected

THERECORD.MEDIA — 28 Sep 2023

🐛

Snowden Revelations, Cult of The Dead Cow Saves The Internet, & Stealing Your Pixels - PSW #800

YOUTUBE.COM — 2023-09-28

🐛

Update Chrome Now: Google Releases Patch for Actively Exploited Zero-Day Vulnerability

KEVTHEHACKERNEWS.COM — 28 Sep 2023

🐛

Actively Exploited Chrome Zero-day Patched: Update Now!

KEVGBHACKERS.COM — 28 Sep 2023

🐛

Researchers Release Details of New RCE Exploit Chain for SharePoint

DARKREADING.COM — 28 Sep 2023

🐛

Google Releases Patch for Actively Exploited Zero-Day Vulnerability in Chrome

KEVTHEHACKERNEWS.COM — 28 Sep 2023

🐛

Google Rushes to Patch New Zero-Day Exploited by Spyware Vendor

SECURITYWEEK.COM — 28 Sep 2023

⚠️

Cisco advisory: Reports about bad Actors Hiding in Router Firmware

SEC.CLOUDAPPS.CISCO.COM — 28 Sep 2023

⚠️

Firefox 118 Patches High-Severity Vulnerabilities

SECURITYWEEK.COM — 28 Sep 2023

⚠️

Threat Actors Exploit the Tensions Between Azerbaijan and Armenia

FORTINET.COM — 28 Sep 2023

⚠️

New Trojan ZenRAT masquerades as Bitwarden password manager

CSOONLINE.COM — 28 Sep 2023

⚠️

Network Flight Simulator: Open-Source Adversary Simulation Tool

HELPNETSECURITY.COM — 28 Sep 2023

⚠️

Simple Membership Plugin Flaws Expose WordPress Sites

INFOSECURITY-MAGAZINE.COM — 28 Sep 2023

⚠️

macOS 14 Sonoma Patches 60 Vulnerabilities

SECURITYWEEK.COM — 28 Sep 2023

⚠️

‘Snatch’ Ransom Group Exposes Visitor IP Addresses

KREBSONSECURITY.COM — 28 Sep 2023

⚠️

The Dark Side of Browser Isolation – and the Next Generation Browser Security Technologies

THEHACKERNEWS.COM — 28 Sep 2023

⚠️

Cisco Warns of IOS Software Zero-Day Exploitation Attempts

SECURITYWEEK.COM — 28 Sep 2023

⚠️

Russian Zero-Day Acquisition Firm Offers $20 Million for Android, iOS Exploits

SECURITYWEEK.COM — 28 Sep 2023

⚠️

[LIVE DEMO] Are Your Users Making Risky Security Mistakes? Deliver Real-Time Coaching in Response to Risky User Behavior with SecurityCoach

KNOWBE4.COM — 28 Sep 2023

⚠️

ZYXEL Buffer Overflow vulnerability Let Attacker Launch DoS Attack

GBHACKERS.COM — 28 Sep 2023

⚠️

China's BlackTech Hacking Group Exploited Routers to Target U.S. and Japanese Companies

THEHACKERNEWS.COM — 28 Sep 2023

⚠️

EchoMark releases watermarking solution to secure private communications, detect insider threats

CSOONLINE.COM — 28 Sep 2023

⚠️

Cisco urges admins to fix IOS software zero-day exploited in attacks

BLEEPINGCOMPUTER.COM — 28 Sep 2023

⚠️

Google patches zero-day exploited by commercial spyware vendor

TECHCRUNCH.COM — 28 Sep 2023

⚠️

CISA Releases Three Industrial Control Systems Advisories

CISA.GOV — Thu, 28 Sep 23 1

⚠️

Cisco Warns Of IOS Software Zero-Day Exploitation Attempts

PACKETSTORMSECURITY.COM — 28 Sep 2023

⚠️

Google Rushes To Patch New Zero-Day Exploited By Spyware Vendor

PACKETSTORMSECURITY.COM — 28 Sep 2023

⚠️

Apple Releases Security Updates for Multiple Products

CISA.GOV — Thu, 28 Sep 23 1

⚠️

Unraveling the CACTUS Ransomware Group’s Recent Exploits

THECYBEREXPRESS.COM — 28 Sep 2023

⚠️

Cisco Releases Security Advisories for Multiple Products

CISA.GOV — Thu, 28 Sep 23 1

⚠️

Vulnerability resolution enhanced by integrations

SECURITYINTELLIGENCE.COM — 28 Sep 2023

⚠️

Progress warns of maximum severity WS_FTP Server vulnerability

BLEEPINGCOMPUTER.COM — 28 Sep 2023

⚠️

Build for Detection Engineering, and Alerting Will Improve (Part 3)

MEDIUM.COM — 28 Sep 2023

⚠️

Chrome Patches 0-Day Exploited by Commercial Spyware Vendor

KEVDATABREACHTODAY.CO.UK — 2023-09-28

📢

Critical Cisco WAN Manager Vulnerabilities Let Attacker Conduct DoS Attack

GBHACKERS.COM — 28 Sep 2023

📢

Exploring the DORA: Key Takeaways from the New EU Financial Sector Risk Regulation

KNOWBE4.COM — 28 Sep 2023

📢

Google Chrome security advisory (AV23-588)

CYBER.GC.CA — 2023-09-28

📢

Mozilla security advisory (AV23-587)

CYBER.GC.CA — 2023-09-28

📢

Government Shutdown Could Bench 80% of CISA Staff

SECURITYWEEK.COM — 28 Sep 2023

📢

Companies are already feeling the pressure from upcoming US SEC cyber rules

CSOONLINE.COM — 28 Sep 2023

📢

CISA Rolls Dice on Public Service Campaign to Raise Cyber Awareness

CYBERSECURITYDIVE.COM — 28 Sep 2023

📢

White House Set to Publish AI Executive Order This Fall

DATABREACHTODAY.CO.UK — 2023-09-28

📢

CISA Kicks Off 20th Anniversary of Cybersecurity Awareness Month with New Public Awareness Campaign to Secure Our World

CISA.GOV — Thu, 28 Sep 23 1

📢

[Control systems] Rockwell automation security advisory (AV23-590)

CYBER.GC.CA — 2023-09-28

📢

NIST Unveils Newly Named Human-Centered Cybersecurity Program

NIST.GOV — 28 Sep 2023

🔥

CommonSpirit Details Financial Fallout of $160M Cyberattack

BANKINFOSECURITY.COM — 28 Sep 2023

🔥

Podcast #141: Uber CISO Trial Learnings for CISOs: In the CISO's Own Words - Joe Sullivan ex-Uber - 40 minutes

YOUTU.BE — 28 Sep 2023

🔥

Snatch Ransomware Group Leaked User’s Location and Internal Data

GBHACKERS.COM — 28 Sep 2023

🔥

Building Automation Giant Johnson Controls Hit by Dark Angels Ransomware Attack

BLEEPINGCOMPUTER.COM — 28 Sep 2023

🔥

Chinese Hackers Stole Emails From US State Department in Microsoft Breach, Senate Staffer Says

FINANCE.YAHOO.COM — 28 Sep 2023

🔥

DHS to Host Latin American Cyber Summit as Region Faces an Onslaught of Digital Attacks

THERECORD.MEDIA — 28 Sep 2023

🔥

How I got started: SIEM engineer

SECURITYINTELLIGENCE.COM — 28 Sep 2023

🔥

Amid MGM, Caesars Incidents, Attackers Focus on Luxury Hotels

DARKREADING.COM — 28 Sep 2023

🔥

Campbell Soup Says Summer Cyberattack Caused Limited Business Impact

CYBERSECURITYDIVE.COM — 28 Sep 2023

🔥

Swan Retail Cyberattack Woes Continue for Independent UK Retailers

DRAPERSONLINE.COM — 28 Sep 2023

🔥

Ransomware group demands $51 million from Johnson Controls after cyber attack

BITDEFENDER.COM — 28 Sep 2023

🔥

UK data regulator warns that data breaches put abuse victims’ lives at risk

CSOONLINE.COM — 28 Sep 2023

🔥

Cryptohack Roundup: $200M Mixin Network Hack

DATABREACHTODAY.CO.UK — 2023-09-28

🔥

Black Hat Fireside Chat: In a hyper connected world, effectively securing APIs is paramount

LASTWATCHDOG.COM — 28 Sep 2023

🔥

Chinese Hackers Stole Emails From US State Dept In MS Breach

PACKETSTORMSECURITY.COM — 28 Sep 2023

🔥

Misconfigured TeslaMate Instances Put Tesla Car Owners at Risk

SECURITYWEEK.COM — 28 Sep 2023

🔥

GitHub Repositories Hit by Password-Stealing Commits Disguised as Dependabot Contributions

THEHACKERNEWS.COM — 28 Sep 2023

🔥

FBI: Dual ransomware attack victims now get hit within 48 hours

BLEEPINGCOMPUTER.COM — 28 Sep 2023

🔥

Breach Roundup: Johnson Controls Suffers Ransomware Attack

DATABREACHTODAY.CO.UK — 2023-09-28

🔥

Infusion Firm Faces Lawsuit After Hackers Hit Parent Company

DATABREACHTODAY.CO.UK — 2023-09-28

🔥

Ransomware Now Considered a “Crisis” in the Financial Services Sector

KNOWBE4.COM — 28 Sep 2023

🔥

Pharma Industry Seeing Reduction in Data Breach Costs, But Still Have Much to Do

KNOWBE4.COM — 28 Sep 2023

🔥

Microsoft breach led to theft of 60,000 US State Dept emails

BLEEPINGCOMPUTER.COM — 28 Sep 2023

🔥

Study Reveals Conti Affiliates Money Laundering Practices

DATABREACHTODAY.CO.UK — 2023-09-28

🔥

Combating Ransomware Attacks: Insights from Unit 42 Incident Response

PALOALTONETWORKS.COM — 28 Sep 2023

🕵️

The Right Skills For The Job - Kayla Williams - PSW #800

YOUTUBE.COM — 2023-09-28

🕵️

ISC Stormcast For Thursday, September 28th, 2023 https://isc.sans.edu/podcastdetail/8678, (Thu, Sep 28th)

ISC.SANS.EDU — 28 Sep 2023

🕵️

BlackTech APT Hackers Break into Cisco Firmware to Attack the US and Japan

GBHACKERS.COM — 28 Sep 2023

🕵️

China-Linked Budworm Targeting Middle Eastern Telco and Asian Government Agencies

THEHACKERNEWS.COM — 28 Sep 2023

🕵️

Chinese State-Sponsored BlackTech Hackers Caught Hiding in Cisco Router Firmware

SECURITYWEEK.COM — 28 Sep 2023

🕵️

Sysdig Launches Realtime Attack Graph for Cloud Environments

SECURITYWEEK.COM — 28 Sep 2023

🕵️

Cannot Depend on Dependabot: Found Contributing Malicious Code

CYWARE.COM — 28 Sep 2023

🕵️

SpecterOps to use in-house approximation to test for global attack variations

CSOONLINE.COM — 28 Sep 2023

🕵️

[Cybersecurity Awareness Month] Frankenphisher – The Monster of Social Engineering Artificial Intelligence

KNOWBE4.COM — 28 Sep 2023

🕵️

[HEADS UP] If You're a LastPass User, You May be the Next Phishing Email Target

KNOWBE4.COM — 28 Sep 2023

🕵️

New Threat Actor Impersonates the Red Cross to Deliver Malware

KNOWBE4.COM — 28 Sep 2023

🕵️

Case Study: Blocking Botnet-Driven Low-Rate HTTP DDoS Attacks

GBHACKERS.COM — 28 Sep 2023

🕵️

Budworm hackers target telcos and govt orgs with custom malware

BLEEPINGCOMPUTER.COM — 28 Sep 2023

🕵️

Verisoul Raises $3.25 Million in Seed Funding to Detect Fake Users

SECURITYWEEK.COM — 28 Sep 2023

🕵️

Lumu Raises $30 Million for Threat Detection and Response Platform

SECURITYWEEK.COM — 28 Sep 2023

🕵️

Moving From Qualitative to Quantitative Cyber Risk Modeling

SECURITYWEEK.COM — 28 Sep 2023

🕵️

Russian Hackers Target Ukrainian Government Systems Involved in War Crimes Investigations

THERECORD.MEDIA — 28 Sep 2023

🕵️

Zero-Point Fonts in Phishing Emails

KNOWBE4.COM — 28 Sep 2023

🕵️

Cyber Insurance Claims Increased by 12% in First Half of 2023, Attacks More Frequent and Severe Than Ever

KNOWBE4.COM — 28 Sep 2023

🕵️

Progress Software Patches Critical Pre-Auth Flaws in WS_FTP Server Product

SECURITYWEEK.COM — 28 Sep 2023

🕵️

It’s Official – Generative AI Has Made Phishing Emails Foolproof

KNOWBE4.COM — 28 Sep 2023

🕵️

Threat Group UNC3944 Continues to See Success Using Text-Based Social Engineering

KNOWBE4.COM — 28 Sep 2023

🕵️

Facebook Messenger Becomes the Delivery Mechanism for Infostealer Malware Attack

KNOWBE4.COM — 28 Sep 2023

🕵️

[Heads Up] China Invests Billions in Huge Global Disinformation Campaign

KNOWBE4.COM — 28 Sep 2023

🕵️

SaaS Security in the Golden Age of SaaS - Yoni Shohet - ESW #333

YOUTUBE.COM — 2023-09-28

🕵️

Nord Security Raises $100M on $3B Valuation to Go After M&A

DATABREACHTODAY.CO.UK — 2023-09-28

🕵️

Security's Role in Edge Computing Today - Theresa Lanowitz, Chris Goettl - ESW #333

YOUTUBE.COM — 2023-09-28

🕵️

Join the new Microsoft Security experience at Microsoft Ignite 2023

MICROSOFT.COM — 28 Sep 2023

🌐

Fake Bitwarden Site Distributes Novel RAT Malware

PACKETSTORMSECURITY.COM — 28 Sep 2023

🌐

Bing Chat responses infiltrated by ads pushing malware

BLEEPINGCOMPUTER.COM — 28 Sep 2023

🎙️

Transatlantic Cable podcast, episode 316 | Kaspersky official blog

KASPERSKY.COM — 28 Sep 2023

📡

AWS Graviton Use Cases

TRENDMICRO.COM — 28 Sep 2023

📡

IPv4 Addresses in Little Endian Decimal Format, (Thu, Sep 28th)

ISC.SANS.EDU — 28 Sep 2023

📡

Gem Security Raises $23M for Its Cloud Security Platform

TECHCRUNCH.COM — 28 Sep 2023

📡

RICO Class-Action Data Privacy Lawsuit Filed Against H&R Block, Google, Meta

THERECORD.MEDIA — 28 Sep 2023

📡

KSOC says it’s tackling cloud-native security in a way that is Kubernetes-first

TECHCRUNCH.COM — 28 Sep 2023

📡

New Marvin Attack Impacts 25-Year-Old PKCS#1 v1.5 Padding Scheme for RSA Key Exchange

THEREGISTER.COM — 28 Sep 2023

📡

Cybersecurity firm Lumu raises $30M to detect network intrusions

TECHCRUNCH.COM — 28 Sep 2023

📡

Security researcher stopped at US border for investigating crypto scam

BLEEPINGCOMPUTER.COM — 28 Sep 2023

📡

Nexusflow raises $10.5 to build a conversational interface for security tools

TECHCRUNCH.COM — 28 Sep 2023

📡

How to Improve Cybersecurity Awareness and Training

TRENDMICRO.COM — 28 Sep 2023

📡

Cisco Catalyst SD-WAN Manager flaw allows remote server access

BLEEPINGCOMPUTER.COM — 28 Sep 2023

📡

Caesars Entertainment Faces Class Action Lawsuits Following Rewards Database Hack

CYBERSECURITYDIVE.COM — 28 Sep 2023

📡

SSH Keys Stolen by Stream of Malicious PyPI and npm Packages

BLEEPINGCOMPUTER.COM — 28 Sep 2023

📡

Right Wing Elon Scraps Tool To Report Electoral Fake News

PACKETSTORMSECURITY.COM — 28 Sep 2023

📡

After Failing At Privacy Again, Google Is Working To Keep Bard Chats Out Of Search

PACKETSTORMSECURITY.COM — 28 Sep 2023

📡

Millions of Files With Potentially Sensitive Information Exposed Online, Researchers Say

CYBERSCOOP.COM — 28 Sep 2023

📡

Are Developers Giving Enough Thought to Prompt Injection Threats When Building Code?

HELPNETSECURITY.COM — 28 Sep 2023

📡

Cyber Resilient 911 Symposium

CISA.GOV — Thu, 28 Sep 23 1

📡

Region 8 Invites You to Secure Our World

CISA.GOV — Thu, 28 Sep 23 1