121Articles
9Categories
2023-09-28Date
🚨 CISA KEV 1[−]
28 Sep KEVCISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2023-14667 Red Hat JBoss RichFaces Framework Expression Language Injection Vulnerability These types of vulnerabilities are frequent attack vectors …CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 7[−]
28 SepVulnerability in popular ‘libwebp’ code more widespread than expectedsubmitted by c0mmando to netsec 1 points | 0 comments https://therecord.media/libwebp-vulnerability-more-widespread-than-expected Cybersecurity experts are warning that the scope of a previously disclosed vulnerability affecting a variety of web applications is wider than what wa…THERECORD.MEDIA
28 SepSnowden Revelations, Cult of The Dead Cow Saves The Internet, & Stealing Your Pixels - PSW #800This week, First up its the Security News: libwebp or die: we unravel some of the details behind the webp vulnerability first fixed by Apple and Google, then, hopefully by everyone else, attackers can steal your pixels using your GPU, someone *cough* China *cough* has been hackin…YOUTUBE.COM
28 Sep KEVUpdate Chrome Now: Google Releases Patch for Actively Exploited Zero-Day VulnerabilityGoogle on Wednesday rolled out fixes to address a new actively exploited zero-day in the Chrome browser. Tracked as CVE-2023-5217, the high-severity vulnerability has been described as a heap-based buffer overflow in the VP8 compression format in libvpx, a free software video cod…THEHACKERNEWS.COM
28 Sep KEVActively Exploited Chrome Zero-day Patched: Update Now!Google has recently deployed updates to mitigate a newly discovered zero-day vulnerability in their Chrome browser, which is currently being actively exploited. Google has acknowledged its awareness of an exploit currently available for CVE-2023-5217, which has been observed to b…GBHACKERS.COM
28 SepResearchers Release Details of New RCE Exploit Chain for SharePointAttackers can exploit a couple of vulnerabilities, tracked as CVE-2023-29357 and CVE-2023-24955, to gain admin privileges, execute arbitrary code, and potentially cause denial of service attacks or compromise sensitive data.DARKREADING.COM
28 Sep KEVGoogle Releases Patch for Actively Exploited Zero-Day Vulnerability in ChromeTracked as CVE-2023-5217, the high-severity vulnerability has been described as a heap-based buffer overflow in the VP8 compression format in libvpx, a free software video codec library from Google and the Alliance for Open Media (AOMedia).THEHACKERNEWS.COM
28 SepGoogle Rushes to Patch New Zero-Day Exploited by Spyware VendorGoogle has rushed to patch a new Chrome zero-day vulnerability, tracked as CVE-2023-5217 and exploited by a spyware vendor. The post Google Rushes to Patch New Zero-Day Exploited by Spyware Vendor appeared first on SecurityWeek .SECURITYWEEK.COM
⚠️ VULNERABILITY DISCLOSURE 27[−]
28 SepCisco advisory: Reports about bad Actors Hiding in Router Firmwaresubmitted by L4s to secops 1 points | 0 comments https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-csa-cyber-report-sept-2023 Cisco advisory: Reports about bad Actors Hiding in Router Firmware::On September 27, 2023, the U.S. National Security…SEC.CLOUDAPPS.CISCO.COM
28 SepFirefox 118 Patches High-Severity VulnerabilitiesThe vulnerabilities in Firefox include out-of-bounds write issues, memory leaks, use-after-free conditions, and memory corruption, which could potentially allow attackers to execute arbitrary code or cause crashes.SECURITYWEEK.COM
28 SepThreat Actors Exploit the Tensions Between Azerbaijan and ArmeniaA spearphishing campaign targeting management teams associated with an Azerbaijanian company exploits the conflict between Azerbaijan and Armenia, using malware disguised as an infected memo to gather basic computer information from its targets.FORTINET.COM
28 SepNew Trojan ZenRAT masquerades as Bitwarden password managerResearchers have come across a new Trojan program dubbed ZenRAT that is being distributed as an installer for the popular Bitwarden password management application, as well as employing other tricks to deceive users. The Trojan has information-stealing capabilities and hasn’t bee…CSOONLINE.COM
28 SepNetwork Flight Simulator: Open-Source Adversary Simulation ToolThe tool simulates various malicious traffic patterns, including DNS tunneling, DGA traffic, and requests to known active C2 destinations, to quantify and measure the coverage of existing detection tools.HELPNETSECURITY.COM
28 SepSimple Membership Plugin Flaws Expose WordPress SitesTwo new security flaws in the popular Simple Membership plugin for WordPress, affecting versions 4.3.4 and below, have been identified, leading to potential privilege escalation issues.INFOSECURITY-MAGAZINE.COM
28 SepmacOS 14 Sonoma Patches 60 VulnerabilitiesWhile some of these vulnerabilities can be exploited remotely by getting the targeted user to access a specially crafted website, a majority require the presence of a malicious app on the targeted device.SECURITYWEEK.COM
28 Sep‘Snatch’ Ransom Group Exposes Visitor IP AddressesThe leaked data from Snatch's victim shaming site reveals that the group's darknet site attracts a significant number of visitors from Russia, potentially indicating their source of victims.KREBSONSECURITY.COM
28 SepThe Dark Side of Browser Isolation – and the Next Generation Browser Security TechnologiesThe landscape of browser security has undergone significant changes over the past decade. While Browser Isolation was once considered the gold standard for protecting against browser exploits and malware downloads, it has become increasingly inadequate and insecure in today's Saa…THEHACKERNEWS.COM
28 SepCisco Warns of IOS Software Zero-Day Exploitation AttemptsCisco has released patches for vulnerability in the GET VPN feature of IOS and IOS XE software that has been exploited in attacks. The post Cisco Warns of IOS Software Zero-Day Exploitation Attempts appeared first on SecurityWeek .SECURITYWEEK.COM
28 SepRussian Zero-Day Acquisition Firm Offers $20 Million for Android, iOS ExploitsRussian zero-day acquisition firm Operation Zero is now offering $20 million for full Android and iOS exploit chains. The post Russian Zero-Day Acquisition Firm Offers $20 Million for Android, iOS Exploits appeared first on SecurityWeek .SECURITYWEEK.COM
28 Sep[LIVE DEMO] Are Your Users Making Risky Security Mistakes? Deliver Real-Time Coaching in Response to Risky User Behavior with SecurityCoachDo you need an easy, automated way to provide real-time feedback the moment your users make risky mistakes to help reinforce the training campaigns you manage today?KNOWBE4.COM
28 SepZYXEL Buffer Overflow vulnerability Let Attacker Launch DoS AttackZYXEL has been discovered with a Buffer Overflow vulnerability on their ZYXEL-PMG2005-T20B device, which can result in a denial-of-service condition. This condition exists due to improper sanitization of user-supplied input on their HTTP request. Zyxel is a Taiwanese multinationa…GBHACKERS.COM
28 SepChina's BlackTech Hacking Group Exploited Routers to Target U.S. and Japanese CompaniesCybersecurity agencies from Japan and the U.S. have warned of attacks mounted by a state-backed hacking group from China to stealthily tamper with branch routers and use them as jumping-off points to access the networks of various companies in the two countries. The attacks have …THEHACKERNEWS.COM
28 SepEchoMark releases watermarking solution to secure private communications, detect insider threatsInformation protection software-as-a-service startup EchoMark has announced the public release of its AI-driven solution to secure private communications. The enterprise-grade software embeds forensic watermarking in emails and documents to pinpoint potential insider threats, int…CSOONLINE.COM
28 SepCisco urges admins to fix IOS software zero-day exploited in attacksCisco warned customers on Wednesday to patch a zero-day IOS and IOS XE software vulnerability targeted by attackers in the wild. [...]BLEEPINGCOMPUTER.COM
28 SepGoogle patches zero-day exploited by commercial spyware vendorGoogle has rushed to patch a zero-day vulnerability in Chrome that was exploited by a commercial spyware vendor. The vulnerability was reported to the Chrome team by Clement Lecigne of Google’s Threat Analysis Group (TAG) just two days before the patch was released. Google said i…TECHCRUNCH.COM
28 SepCISA Releases Three Industrial Control Systems AdvisoriesCISA released three Industrial Control Systems (ICS) advisories on September 28, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-271-01 Rockwell Automation PanelView 800 ICSA-23-271-02 DEXMA D…CISA.GOV
28 SepApple Releases Security Updates for Multiple ProductsApple has released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following advisories and apply the n…CISA.GOV
28 SepUnraveling the CACTUS Ransomware Group’s Recent ExploitsThe CACTUS ransomware group employs unique encryption techniques, including hiding the decryption key within a file named ntuser.dat, to evade detection by anti-virus software.THECYBEREXPRESS.COM
28 SepCisco Releases Security Advisories for Multiple ProductsCisco has released security advisories for vulnerabilities affecting multiple Cisco products. A remote cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following advisories…CISA.GOV
28 SepVulnerability resolution enhanced by integrationsWhy speed is of the essence in today’s cybersecurity landscape? How are you quickly achieving vulnerability resolution? Identifying vulnerabilities should be part of the daily process within an organization. It’s an important piece of maintaining an organization’…SECURITYINTELLIGENCE.COM
28 SepProgress warns of maximum severity WS_FTP Server vulnerabilityProgress, the maker of the MOVEit Transfer file-sharing platform recently exploited in widespread data theft attacks, warned customers to patch a maximum severity vulnerability in its WS_FTP Server software. [...]BLEEPINGCOMPUTER.COM
28 SepBuild for Detection Engineering, and Alerting Will Improve (Part 3)This blog series was written jointly with Amine Besson, Principal Cyber Engineer, Behemoth CyberDefence and one more anonymous collaborator. In this blog (#3 in the series), we will start to define and refine our detection engineering machinery to avoid the problems covered in Pa…MEDIUM.COM
28 Sep KEVChrome Patches 0-Day Exploited by Commercial Spyware VendorLimited Details Disclosed but Google said it is a Heap-based Buffer Overflow Bug Google rolled out an urgent Chrome browser security update to address a zero day actively exploited by a commercial spyware vendor. The high-severity bug is the fifth zero day patched by Chrome this …DATABREACHTODAY.CO.UK
📢 SECURITY ADVISORIES 11[−]
28 SepCritical Cisco WAN Manager Vulnerabilities Let Attacker Conduct DoS AttackCisco, a prominent player in the world of networking and cybersecurity, has issued a critical security advisory concerning multiple vulnerabilities in their Catalyst SD-WAN Manager, formerly known as Cisco SD-WAN vManage.  These vulnerabilities could potentially open doors f…GBHACKERS.COM
28 SepExploring the DORA: Key Takeaways from the New EU Financial Sector Risk RegulationWhen asked why he robbed banks, Willie Sutton, one of the first fugitives named to the U.S. FBI’s most wanted list, reportedly replied, “Because that’s where the money is.”  As any infosec professional working for a financial institution can tell you, loads of cybercriminals…KNOWBE4.COM
28 SepGovernment Shutdown Could Bench 80% of CISA StaffRoughly 80% of CISA staff will be sent home at the end of the week in case of a government shutdown. The post Government Shutdown Could Bench 80% of CISA Staff appeared first on SecurityWeek .SECURITYWEEK.COM
28 SepCompanies are already feeling the pressure from upcoming US SEC cyber rulesOn August 14, 2023, bleach and cleaning product giant Clorox filed a form 8-K with the Securities and Exchange Commission, notifying the financial regulator that it had experienced a cybersecurity incident that had disrupted the company’s business operations. A month later, the c…CSOONLINE.COM
28 SepCISA Rolls Dice on Public Service Campaign to Raise Cyber AwarenessThe Cybersecurity and Infrastructure Security Agency (CISA) has launched a national public service campaign called "Secure our World" to raise awareness of cybersecurity in local communities.CYBERSECURITYDIVE.COM
28 SepWhite House Set to Publish AI Executive Order This FallBiden Cites 'Profound Risks' As Well as Opportunities in Artificial Intelligence U.S. President Joe Biden says he expects to soon sign an executive order detailing how the United States can harness opportunities of artificial intelligence while protecting citizens from "profound"…DATABREACHTODAY.CO.UK
28 SepCISA Kicks Off 20th Anniversary of Cybersecurity Awareness Month with New Public Awareness Campaign to Secure Our WorldFor the 20th anniversary of Cybersecurity Awareness Month, CISA is highlighting different ways individuals and organizations can improve their cybersecurity habits to Secure Our World.CISA.GOV
28 SepNIST Unveils Newly Named Human-Centered Cybersecurity ProgramThe Human-Centered Cybersecurity program (formerly Usable Cybersecurity) is part of the Visualization and Usability Group at NIST. It was created in 2008, but we’ve known for quite some time that we needed to rename our program to better represent the broader scope of work we pro…NIST.GOV
🔥 INCIDENT REPORTING 25[−]
28 SepCommonSpirit Details Financial Fallout of $160M Cyberattacksubmitted by throws_lemy to cybersecurity 1 points | 0 comments https://www.bankinfosecurity.com/commonspirit-details-financial-fallout-160m-cyberattack-a-23158 Chicago-based CommonSpirit is still waiting to hear back on its insurance claim for an October 2022 ransomware attack, …BANKINFOSECURITY.COM
28 SepPodcast #141: Uber CISO Trial Learnings for CISOs: In the CISO's Own Words - Joe Sullivan ex-Uber - 40 minutessubmitted by ashar to security_cpe 1 points | 0 comments https://youtu.be/D5gGrIEKH1k?si=QZvts7cC6nr9j49v&t=66 In the Fall, 2016, Uber experienced a data breach, and the CISO faced the possibility of prison time for felony obstruction and misprision for failure to report the …YOUTU.BE
28 SepSnatch Ransomware Group Leaked User’s Location and Internal DataThe Snatch Ransomware group is considered dangerous due to its advanced techniques and ability to evade detection.  Security systems find it difficult to identify and stop such assaults since they use techniques like file encryption and memory injection to avoid detection. R…GBHACKERS.COM
28 SepBuilding Automation Giant Johnson Controls Hit by Dark Angels Ransomware AttackThe ransomware gang, known as Dark Angels, has demanded a $51 million ransom and claimed to have stolen over 27 TB of corporate data from the network of Johnson Controls.BLEEPINGCOMPUTER.COM
28 SepChinese Hackers Stole Emails From US State Department in Microsoft Breach, Senate Staffer SaysChinese hackers breached Microsoft's email platform and stole tens of thousands of emails from U.S. State Department accounts, including those of officials working on Indo-Pacific diplomacy efforts.FINANCE.YAHOO.COM
28 SepDHS to Host Latin American Cyber Summit as Region Faces an Onslaught of Digital AttacksThe conference will discuss topics such as protecting critical infrastructure, ransomware, and the U.S. national cyber strategy, aiming to establish a long-lasting relationship with the region on cyber issues.THERECORD.MEDIA
28 SepHow I got started: SIEM engineerAs careers in cybersecurity become increasingly more specialized, Security Information and Event Management (SIEM) engineers are playing a more prominent role. These professionals are like forensic specialists but are also on the front lines protecting sensitive information from …SECURITYINTELLIGENCE.COM
28 SepAmid MGM, Caesars Incidents, Attackers Focus on Luxury HotelsThe campaign targets luxury resorts and hotel chains, using reconnaissance emails and instant messages to trick employees into responding and downloading malicious files from trusted cloud domains.DARKREADING.COM
28 SepCampbell Soup Says Summer Cyberattack Caused Limited Business ImpactThe incident did not affect systems that connect with customers or suppliers, and the company is working with its insurer to make claims under its cyber insurance coverage.CYBERSECURITYDIVE.COM
28 SepSwan Retail Cyberattack Woes Continue for Independent UK RetailersThe attacks have caused significant problems for retailers, with issues such as inventory management and order fulfillment still not resolved. Retailers have reported glitches and loss of sales due to the cyberattack.DRAPERSONLINE.COM
28 SepRansomware group demands $51 million from Johnson Controls after cyber attackJohnson Controls, a multinational conglomerate that secures industrial control systems, security equipment, fire safety and air conditioning systems, has been hit by a massive cyber attack. Read more in my article on the Hot for Security blog.BITDEFENDER.COM
28 SepUK data regulator warns that data breaches put abuse victims’ lives at riskThe UK Information Commissioner's Office (ICO) has warned of the potential risks to life posed by data breaches exposing the personally identifiable information (PII) of domestic abuse victims. The data privacy regulator urged organizations handling the PII of domestic abuse vict…CSOONLINE.COM
28 SepCryptohack Roundup: $200M Mixin Network HackAlso: Web3 Lost $889M in Q3, Hackers Stole from HTX, Nansen, OpenSea This week: Mixin Network investigated a $200 million hack, Web3 lost $889 million to hacks, phishing scams and rug during the third quarter, hackers stole $8 million from HTX, Binance sought to dismiss the SEC w…DATABREACHTODAY.CO.UK
28 SepBlack Hat Fireside Chat: In a hyper connected world, effectively securing APIs is paramountAPIs. The glue of hyper connectivity; yet also the wellspring of risk. Related: The true scale of API breaches I had an enlightening discussion at Black Hat USA 2023 with Traceable.ai Chief Security Officer Richard Bird about how these snippets … (more…)LASTWATCHDOG.COM
28 SepMisconfigured TeslaMate Instances Put Tesla Car Owners at RiskImproper configuration of third-party software like TeslaMate can result in privacy breaches, compromising the owner's daily routine and posing risks such as planned robberies.SECURITYWEEK.COM
28 SepGitHub Repositories Hit by Password-Stealing Commits Disguised as Dependabot ContributionsA new malicious campaign has been observed hijacking GitHub accounts and committing malicious code disguised as Dependabot contributions with an aim to steal passwords from developers. "The malicious code exfiltrates the GitHub project's defined secrets to a malicious C2 server a…THEHACKERNEWS.COM
28 SepFBI: Dual ransomware attack victims now get hit within 48 hoursThe FBI has warned about a new trend in ransomware attacks where multiple strains are deployed on victims' networks to encrypt systems in under two days. [...]BLEEPINGCOMPUTER.COM
28 SepBreach Roundup: Johnson Controls Suffers Ransomware AttackAlso, New Malware Targets New Bitwarden Users This week: Johnson Controls suffers a ransomware attack, the Philippine state health insurance program struggles to recover from a ransomware and Air Canada reports a cyberattack. Also: an APT group uses the American Red Cross as bait…DATABREACHTODAY.CO.UK
28 SepInfusion Firm Faces Lawsuit After Hackers Hit Parent CompanyProposed Class Action Claim Against Amerita Linked to Larger PharMerica Breach Specialty infusion company Amerita is facing a proposed federal class action lawsuit in the wake of a March cyberattack on its parent company, PharMerica, which reported a breach affecting nearly 6 mil…DATABREACHTODAY.CO.UK
28 SepRansomware Now Considered a “Crisis” in the Financial Services SectorA recent panel discussion of banking CISOs and experts at the SIBOS conference focused on the current state of ransomware and what institutions should do to protect themselves.KNOWBE4.COM
28 SepPharma Industry Seeing Reduction in Data Breach Costs, But Still Have Much to DoInsights from IBM’s Cost of a Data Breach Report on the Pharmaceutical Industry shows that while the overall cost has improved, there are clear areas of risk that need to be addressed.KNOWBE4.COM
28 SepMicrosoft breach led to theft of 60,000 US State Dept emailsChinese hackers stole tens of thousands of emails from U.S. State Department accounts after breaching Microsoft's cloud-based Exchange email platform in May. [...]BLEEPINGCOMPUTER.COM
28 SepStudy Reveals Conti Affiliates Money Laundering PracticesAffiliates Relied on Less Complex, Trackable Methods, It Says Contrary to the popular notion that ransomware hackers are sophisticated launderers of their stolen money, research shows they use straightforward mechanisms to transfer their bitcoin - allowing researchers to follow t…DATABREACHTODAY.CO.UK
28 SepCombating Ransomware Attacks: Insights from Unit 42 Incident ResponseSam Rubin testified before two subcommittees of the U.S. House of Representatives Committee on Oversight and Accountability on combating ransomware attacks. The post Combating Ransomware Attacks: Insights from Unit 42 Incident Response appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
🕵️ THREAT INTELLIGENCE 28[−]
28 SepThe Right Skills For The Job - Kayla Williams - PSW #800Just what are the right skills to have or acquire to work in cybersecurity today? Kayla and the Security Weekly crew talk about it in this segment. We also touch on why we get burnt out and how to avoid it, all in anticipation for SOC Analyst Appreciation Day! This segment is spo…YOUTUBE.COM
28 SepISC Stormcast For Thursday, September 28th, 2023 https://isc.sans.edu/podcastdetail/8678, (Thu, Sep 28th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
28 SepBlackTech APT Hackers Break into Cisco Firmware to Attack the US and JapanSince 2010, a group of hackers known as BlackTech APT has been engaging in malicious activities. The targets of their attacks encompass a wide range of sectors, including governmental institutions, industrial facilities, technological infrastructure, media outlets, electronic sys…GBHACKERS.COM
28 SepChina-Linked Budworm Targeting Middle Eastern Telco and Asian Government AgenciesGovernment and telecom entities have been subjected to a new wave of attacks by a China-linked threat actor tracked as Budworm using an updated malware toolset. The intrusions, targeting a Middle Eastern telecommunications organization and an Asian government, took place in Augus…THEHACKERNEWS.COM
28 SepChinese State-Sponsored BlackTech Hackers Caught Hiding in Cisco Router FirmwareA Chinese state-sponsored APT called BlackTech has been caught hacking into network edge devices and using firmware implants to stay hidden and silently hop around the corporate networks of U.S. and Japanese multinational companies.SECURITYWEEK.COM
28 SepSysdig Launches Realtime Attack Graph for Cloud EnvironmentsSysdig enhanced its existing CNAPP offering with a cloud attack graph, risk prioritization, attack path analysis, a searchable inventory, and complete agentless scanning. The post Sysdig Launches Realtime Attack Graph for Cloud Environments appeared first on SecurityWeek .SECURITYWEEK.COM
28 SepCannot Depend on Dependabot: Found Contributing Malicious CodeThreat actors meticulously fabricated commit messages to mimic Dependabot's automated contributions to mask the malevolent activities they were indulging in. Between July 8 and July 11, an unidentified threat actor began compromising a multitude of GitHub repositories, affecting …CYWARE.COM
28 SepSpecterOps to use in-house approximation to test for global attack variationsWith threat actors constantly evolving tact, it is becoming quite clear that a certain attack can take numerous forms with a slight tweak in the underlying tooling. While an exhaustive test of security controls for detecting all these variations may not be possible, SpecterOps' n…CSOONLINE.COM
28 Sep[Cybersecurity Awareness Month] Frankenphisher – The Monster of Social Engineering Artificial IntelligenceImagine an artificial intelligence (AI) system developed by a mad scientist to leverage the full capabilities of Large-Language-Models (LLM).KNOWBE4.COM
28 Sep[HEADS UP] If You're a LastPass User, You May be the Next Phishing Email TargetCybercriminals are not holding back on LastPass users as a new phishing campaign has recently launched with the intent to steal your data.KNOWBE4.COM
28 SepNew Threat Actor Impersonates the Red Cross to Deliver MalwareResearchers at NSFOCUS are tracking a phishing campaign by a new threat actor called “AtlasCross” that’s impersonating the Red Cross in order to deliver malware.KNOWBE4.COM
28 SepCase Study: Blocking Botnet-Driven Low-Rate HTTP DDoS AttacksIndusface research on 1400+ websites recorded a significant surge in DDoS attacks and bot attacks during Q2, 2023, compared to Q1, 2023. We observed a 75% surge in DDoS attacks and a 48% increase in bot attacks. Moreover, recent trends in DDoS attacks indicate a significant evolu…GBHACKERS.COM
28 SepBudworm hackers target telcos and govt orgs with custom malwareA Chinese cyber-espionage hacking group tracked as Budworm has been observed targeting a telecommunication firm in the Middle East and a government entity in Asia using a new variant of its custom 'SysUpdate' backdoor. [...]BLEEPINGCOMPUTER.COM
28 SepVerisoul Raises $3.25 Million in Seed Funding to Detect Fake UsersVerisoul, a company that has developed a SaaS platform for detecting and blocking fake users, has raised $3.25 million in seed funding. The post Verisoul Raises $3.25 Million in Seed Funding to Detect Fake Users appeared first on SecurityWeek .SECURITYWEEK.COM
28 SepLumu Raises $30 Million for Threat Detection and Response PlatformIntrusion detection company Lumu has raised $30 million in a Series B funding round led by Forgepoint Capital. The post Lumu Raises $30 Million for Threat Detection and Response Platform appeared first on SecurityWeek .SECURITYWEEK.COM
28 SepMoving From Qualitative to Quantitative Cyber Risk ModelingMigrating to a quantitative cyber risk model of analysis allows for more accurate data, which leads to more informed decision-making. The post Moving From Qualitative to Quantitative Cyber Risk Modeling appeared first on SecurityWeek .SECURITYWEEK.COM
28 SepRussian Hackers Target Ukrainian Government Systems Involved in War Crimes InvestigationsUkrainian cybersecurity officials have reported that the recent espionage campaigns targeted entities involved in investigating war crimes, such as the prosecutor general's office and courts.THERECORD.MEDIA
28 SepZero-Point Fonts in Phishing EmailsAttackers are using zero-point fonts to make phishing emails appear as though they’ve been verified by security scanners, BleepingComputer reports.KNOWBE4.COM
28 SepCyber Insurance Claims Increased by 12% in First Half of 2023, Attacks More Frequent and Severe Than EverThe latest cyber claims report from Coalition , a digital risk insurance provider, finds a 12% increase in cyber insurance claims in the first half of 2023 over the second half of 2022, due to surging attack frequency and severity.KNOWBE4.COM
28 SepProgress Software Patches Critical Pre-Auth Flaws in WS_FTP Server ProductProgress Software ships patches for critical-severity flaws in its WS_FTP file transfer software and warns that a pre-authenticated attacker could wreak havoc on the underlying operating system. The post Progress Software Patches Critical Pre-Auth Flaws in WS_FTP Server Product a…SECURITYWEEK.COM
28 SepIt’s Official – Generative AI Has Made Phishing Emails FoolproofThe most basic use of tools like ChatGPT to script out professional-looking emails has all but eliminated improperly written content as an indicator of a potential phishing scam.KNOWBE4.COM
28 SepThreat Group UNC3944 Continues to See Success Using Text-Based Social EngineeringA new update on UNC3944 group's activities shows how they are evolving their focus squarely on SMiShing credential harvesting attacks that result in data theft/extortion attacks.KNOWBE4.COM
28 SepFacebook Messenger Becomes the Delivery Mechanism for Infostealer Malware AttackMillions of business accounts on Facebook are the target of a new malware attack, which is seeing a success rate of 1 out of 70, causing concern for the security of corporate credentials.KNOWBE4.COM
28 Sep[Heads Up] China Invests Billions in Huge Global Disinformation CampaignDustin Volz from the WSJ dropped a huge scoop today. This is rocket fuel infosec budget ammo I would send to my C-suite in a New York minute. They said: "Fake authors, bot armies and lawsuits are among the tactics Beijing employs to reshape the information landscape." Here are a …KNOWBE4.COM
28 SepSaaS Security in the Golden Age of SaaS - Yoni Shohet - ESW #333We ALL use SaaS. It has become ubiquitous in both our personal and professional lives. Somehow, the SaaS Security market has only recently began to emerge. Today's interview with Yoni Shohet, co-founder and CEO of Valence Security, aims to understand why it has taken so long for …YOUTUBE.COM
28 SepNord Security Raises $100M on $3B Valuation to Go After M&AVPN Service Behemoth Doubles Valuation In Just 17 Months Despite Economic Headwinds The maker of the world's most popular VPN service hauled in $100 million on a $3 billion valuation to accelerate growth through mergers and acquisitions. The Warburg Pincus-led investment will all…DATABREACHTODAY.CO.UK
28 SepSecurity's Role in Edge Computing Today - Theresa Lanowitz, Chris Goettl - ESW #333The concept of Edge computing has evolved over the years and now has a distinct role alongside public cloud. Theresa Lanowitz, from AT&T Cybersecurity, and Chris Goettl from Ivanti join us to discuss what edge computing means for the market and for cybersecurity. Specifically…YOUTUBE.COM
28 SepJoin the new Microsoft Security experience at Microsoft Ignite 2023Join Microsoft Security at Microsoft Ignite 2023 for the latest security insights, hands-on skilling, product innovations, in-person networking, and more. The post Join the new Microsoft Security experience at Microsoft Ignite 2023 appeared first on Microsoft Security Blog .MICROSOFT.COM
🌐 CYBER THREAT LANDSCAPE 2[−]
28 SepBing Chat responses infiltrated by ads pushing malwareMalicious advertisements are now being injected into Microsoft's AI-powered Bing Chat responses, promoting fake download sites that distribute malware. [...]BLEEPINGCOMPUTER.COM
🎙️ PODCASTS 1[−]
28 SepTransatlantic Cable podcast, episode 316 | Kaspersky official blogEpisode 317 takes a look at TEMU scams, JPEX scams and an AI powered backpackKASPERSKY.COM
📡 INFOSEC NEWS 19[−]
28 SepAWS Graviton Use CasesDiscover how AWS Graviton’s optimized processors help provide a superior price-performance ratio. Available for AWS-managed services, you’ll gain insight on strategies, use cases, and insight on how to get the most out of AWS Graviton.TRENDMICRO.COM
28 SepIPv4 Addresses in Little Endian Decimal Format, (Thu, Sep 28th)If you look at the XML EventData of Windows events like 1002 (DHCP error), you will see something like this: ISC.SANS.EDU
28 SepGem Security Raises $23M for Its Cloud Security PlatformThe cloud security company raised $23 million in a Series A funding round led by GGV Capital, with participation from IBM Ventures, Team8, and Silicon Valley CISO Investments.TECHCRUNCH.COM
28 SepRICO Class-Action Data Privacy Lawsuit Filed Against H&R Block, Google, MetaThe suit claims that the companies violated data privacy laws by sharing customer tax return data without adequate disclosure, potentially creating targeted advertising dossiers.THERECORD.MEDIA
28 SepKSOC says it’s tackling cloud-native security in a way that is Kubernetes-firstThe take-up of Kubernetes, a tool for managing containerized workloads, is only expected to increase as demand for cloud-native architectures and containerization continues. In terms of security, this can mean a boon or a major blind spot for them, according to Kubernetes Securit…TECHCRUNCH.COM
28 SepNew Marvin Attack Impacts 25-Year-Old PKCS#1 v1.5 Padding Scheme for RSA Key ExchangeThe encryption method, known as PKCS#1 v1.5 padding scheme, was previously thought to be immune to attacks, but a new paper reveals that many software implementations of the scheme are actually vulnerable.THEREGISTER.COM
28 SepCybersecurity firm Lumu raises $30M to detect network intrusionsRicardo Villadiego, Lumu’s founder and CEO, says that the new cash will be put toward growing Lumu’s sales team in the U.S., supporting its go-to-market strategy, and increasing the startup’s investments in R&D.TECHCRUNCH.COM
28 SepSecurity researcher stopped at US border for investigating crypto scamSecurity researcher Sam Curry describes a stressful situation he encountered upon his return to the U.S. when border officials and federal agents seized and searched his electronic devices. Curry was further served with a 'Grand Jury' subpoena that demanded him to appear in court…BLEEPINGCOMPUTER.COM
28 SepNexusflow raises $10.5 to build a conversational interface for security toolsNexusflow, a startup using generative AI to help companies make sense of cybersecurity data, today announced that it raised $10.5 million in a seed round led by Point72 Ventures with participation from Fusion Fund and several AI luminaries in Silicon Valley. The tranche, which va…TECHCRUNCH.COM
28 SepHow to Improve Cybersecurity Awareness and TrainingBill Malik, former Research Director at Gartner, discusses how to leverage the Capability Maturity Model to create an effective awareness program.TRENDMICRO.COM
28 SepCisco Catalyst SD-WAN Manager flaw allows remote server accessCisco is warning of five new Catalyst SD-WAN Manager products vulnerabilities with the most critical allowing unauthenticated remote access to the server. [...]BLEEPINGCOMPUTER.COM
28 SepCaesars Entertainment Faces Class Action Lawsuits Following Rewards Database HackAt least four separate plaintiffs allege the company was negligent for allowing their sensitive personal data to be stolen in a social engineering attack by criminal threat groups.CYBERSECURITYDIVE.COM
28 SepSSH Keys Stolen by Stream of Malicious PyPI and npm PackagesThe attackers utilized typosquatting and code modifications to trick developers into installing malicious packages and continuously refined their techniques to evade detection.BLEEPINGCOMPUTER.COM
28 SepMillions of Files With Potentially Sensitive Information Exposed Online, Researchers SayA recent analysis by Censys has uncovered about 314,000 internet-connected devices and web servers that are exposing millions of files, potentially containing sensitive data.CYBERSCOOP.COM
28 SepAre Developers Giving Enough Thought to Prompt Injection Threats When Building Code?Prompt injection attacks manipulate LLMs by introducing malicious commands into free text inputs, posing a significant threat to cybersecurity and potentially leading to unauthorized activities or data leaks.HELPNETSECURITY.COM