🚨 CISA KEV 2[−]
2 Oct KEVCISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2023-5217 Google Chrome libvpx Heap Buffer Overflow Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber act…CISA.GOV
2 Oct KEVNSA and CISA Red and Blue Teams Share Top Ten Cybersecurity MisconfigurationsA plea for network defenders and software manufacturers to fix common problems. EXECUTIVE SUMMARY The National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint cybersecurity advisory (CSA) to highlight the most common cybe…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 3[−]
2 OctOpenRefine's Zip Slip Vulnerability Could Let Attackers Execute Malicious CodeA high-severity security flaw has been disclosed in the open-source OpenRefine data cleanup and transformation tool that could result in arbitrary code execution on affected systems. Tracked as CVE-2023-37476 (CVSS score: 7.8), the vulnerability is a Zip Slip vulnerability that c…THEHACKERNEWS.COM
2 OctSix 0day exploits were filed against Exim by ZDI, including several RCE. After days of silence, Exim has filed this public detailsubmitted by L4s to secops 4 points | 0 comments https://www.exim.org/static/doc/security/CVE-2023-zdi.txt Six 0day exploits were filed against Exim by ZDI, including several RCE. After days of silence, Exim has filed this public detail::undefinedEXIM.ORG
2 OctMicrosoft’s Response to Open-Source Vulnerabilities - CVE-2023-4863 and CVE-2023-5217Microsoft is aware and has released patches associated with the two Open-Source Software security vulnerabilities, CVE-2023-4863 and CVE-2023-5217. Through our investigation, we found that these affect a subset of our products and as of today, we have addressed them in our produc…MSRC.MICROSOFT.COM
⚠️ VULNERABILITY DISCLOSURE 32[−]
2 Oct KEVAlert: Attackers Actively Exploiting WS_FTP VulnerabilitiesCybersecurity Officials Recommend Immediate Patching to Fix Serious Flaws Large enterprises, including government and educational organizations, are being warned to immediately update their WS_FTP Server, built by Progress Software, to fix serious flaws being actively exploited b…DATABREACHTODAY.CO.UK
2 OctBugs Found in Another Progress Software File Transfer AppExpert Warns of Maximum-Severity Flaw 'You Need to Patch Right Now!' Progress Software is again sending customers on a scramble to install emergency patches, this time for its secure FTP server software. The advisory comes months after hackers took advantage of a zero day in the …DATABREACHTODAY.CO.UK
2 OctUpdate: Mass Exploitation Attempts Against WS_FTP Have BegunProgress Software released fixes for eight vulnerabilities in WS_FTP, including one with a maximum severity score, but evidence of exploitation was discovered shortly after.THEREGISTER.COM
2 OctUpdate: Recently Patched TeamCity Vulnerability Exploited to Hack ServersIn-the-wild exploitation of a critical vulnerability in JetBrains’ TeamCity continuous integration and continuous deployment (CI/CD) server started just days after the availability of a patch was announced.SECURITYWEEK.COM
2 OctRussian Company Offers $20m For Non-NATO Mobile ExploitsThe Russian firm Operation Zero unveiled this increased payout on X (formerly Twitter) last week, aiming to attract top-tier researchers and developer teams to collaborate with their platform.INFOSECURITY-MAGAZINE.COM
2 OctUnpatched Exim Vulnerabilities Expose Many Mail Servers to AttacksPatches are being developed for serious Exim vulnerabilities that could expose many mail servers to attacks. The post Unpatched Exim Vulnerabilities Expose Many Mail Servers to Attacks appeared first on SecurityWeek .SECURITYWEEK.COM
2 OctRecently Patched TeamCity Vulnerability Exploited to Hack ServersIn-the-wild exploitation of a critical vulnerability in the TeamCity CI/CD server started shortly after a patch was released by developers. The post Recently Patched TeamCity Vulnerability Exploited to Hack Servers appeared first on SecurityWeek .SECURITYWEEK.COM
2 OctSilverfort Open Sources Lateral Movement Detection ToolSilverfort has released the source code for its lateral movement detection tool LATMA, to help identify and analyze intrusions. The post Silverfort Open Sources Lateral Movement Detection Tool appeared first on SecurityWeek .SECURITYWEEK.COM
2 OctA Vulnerability in EXIM Could Allow for Arbitrary Code ExecutionA vulnerability has been discovered in EXIM which could allow for arbitrary code execution. Exim is a mail transfer agent (MTA) for hosts that are running Unix or Unix-like operating systems. Successful exploitation of this vulnerability could allow for arbitrary code execution i…CISECURITY.ORG
2 OctKicking off NIST's Cybersecurity Awareness Month Celebration & Our Cybersecurity Awareness Month 2023 Blog SeriesOctober is always an exciting time for us as we celebrate Cybersecurity Awareness Month and some of NIST’s greatest accomplishments, resources, guidance, and latest news in the cybersecurity space. This year is a big one because 2023 marks the 20 th anniversary of this important …NIST.GOV
2 OctAPT34 Employs Weaponized Word Documents to Deploy New Malware StrainAPT34 is a secretive cyberespionage group specializing in Middle East targets, known for gathering sensitive intelligence via spear phishing and advanced infiltration methods. The sophistication and comprehensive resources of the APT34 group pose a major regional and global cyber…GBHACKERS.COM
2 OctBudworm APT Attacking Telecoms Org With New Custom ToolsAPT (Advanced Persistent Threat) actors are evolving at a rapid pace, continually enhancing their toolsets and tactics. They adapt quickly to security measures, leveraging advanced techniques, such as zero-day exploits, to remain undetected. Their ability to innovate and co…GBHACKERS.COM
2 OctCisco IOS Software Zero-day Exploited in AttacksCisco has issued fixes to address a vulnerability in the GET VPN feature of IOS and IOS XE software that has been exploited in attacks. A remote attacker who has administrative access to a group member or a key server can exploit this vulnerability to run arbitrary code or bring …GBHACKERS.COM
2 OctProgress Software Warns of Critical Vulnerability in WS_FTP ServerMultiple vulnerabilities have been discovered in Progress’s WS_FTP, which include .NET deserialization, directory traversal, reflected cross-site scripting (XSS), SQL injection, stored cross-site scripting, cross-site request forgery, and unauthenticated user enumeration vulnerab…GBHACKERS.COM
2 Oct KEVProgress, the company behind MOVEit, patches new actively exploited security flawsProgress Software, the company behind the recently hacked MOVEit file-transfer software, has released fixes for two more critical-rated vulnerabilities that are being exploited by attackers. In an advisory published last week, Progress warned of multiple vulnerabilities affecting…TECHCRUNCH.COM
2 OctIndia’s national logistics portal exposed sensitive personal data, trade recordsIndia’s state-owned logistics portal has fixed misconfigurations and vulnerabilities that exposed sensitive personal data and various state and private trade records. Called the National Logistics Portal-Marine, the website made the sensitive and private data public due to …TECHCRUNCH.COM
2 OctMultibillion-dollar cybersecurity training market fails to fix the supply-demand imbalanceThe cybersecurity skills gap issue may be further from being solved than expected despite the large amount of money being invested around the world to train professionals, according to a report by the Information Systems Audit and Control Association (ISACA). While the volume of …CSOONLINE.COM
2 Oct10 things you should know about navigating the dark webThe dark web refers to web pages that are not indexed by search engines. Under the cloak of anonymity, cybercriminals and threat actors can operate, selling an array of tools and services that can be used to wreak havoc on organizations. There's a lot for CISOs to come to grips w…CSOONLINE.COM
2 OctShadowSyndicate Cybercrime gang has used 7 ransomware families over the past yearA previously undocumented cybercrime group has built a collection of over 80 command-and-control (C2) servers for malware implants over the past two years. The gang, which researchers have now dubbed ShadowSyndicate, is believed to be either an initial access broker or an affilia…CSOONLINE.COM
2 OctHackers Steal User Database From European Telecommunications Standards BodyETSI has taken immediate action, involving France's cybersecurity agency, ANSSI, to investigate and fix the vulnerability that led to the attack and has strengthened its IT security procedures.THERECORD.MEDIA
2 OctHackers Bypass Cloudflare Firewall, and DDoS Protections using CloudflareCloudflare, a prominent cybersecurity vendor renowned for its web protection services, faces a security challenge that could expose its customers to unforeseen risks. A recent disclosure from Certitude highlights a vulnerability that could allow attackers to bypass certain protec…GBHACKERS.COM
2 OctLazarus Attack on Spanish Aerospace Company Started with Messages from Phony Meta RecruitersA recent attack on an undisclosed Spanish aerospace company all started with messages to the company's employees that appeared to be coming from Meta recruiters, via LinkedIn Messaging. ESET researchers uncovered the attack and attributed it to the Lazarus group, particularly a c…KNOWBE4.COM
2 Oct KEVArm warns of Mali GPU flaws likely exploited in targeted attacksArm in a security advisory today is warning of an actively exploited vulnerability affecting the widely-used Mali GPU drivers. [...]BLEEPINGCOMPUTER.COM
2 OctExploit available for critical WS_FTP bug exploited in attacksOver the weekend, security researchers released a proof-of-concept (PoC) exploit for a maximum severity vulnerability in Progress Software's WS_FTP Server file sharing solution. [...]BLEEPINGCOMPUTER.COM
2 OctLive Exploitation Underscores Urgency to Patch Critical WS-FTP Server FlawRapid7 says attackers are targeting a critical pre-authentication flaw in Progress Software’s WS_FTP server just days after disclosure. The post Live Exploitation Underscores Urgency to Patch Critical WS-FTP Server Flaw appeared first on SecurityWeek .SECURITYWEEK.COM
2 OctLogic Flaws Let Attackers Bypass Cloudflare's Firewall and DDoS ProtectionCloudflare has been found to have vulnerabilities in its Firewall and DDoS prevention system. Hackers can exploit these flaws by creating a free Cloudflare account and knowing the IP address of a targeted web server.HEIMDALSECURITY.COM
2 OctRansomware gangs now exploiting critical TeamCity RCE flawRansomware gangs are now targeting a recently patched critical vulnerability in JetBrains' TeamCity continuous integration and deployment server. [...]BLEEPINGCOMPUTER.COM
2 OctChertoff Group Arm to Buy Trustwave from Singtel for $205MMSSP, MDR Provider Lost Nearly 75% of Value During 8+ Years of Singtel Ownership The private equity arm of ex-Homeland Security Secretary Michael Chertoff's advisory firm agreed to purchase managed detection and response vendor Trustwave for $205 million. The deal will allow Sing…DATABREACHTODAY.CO.UK
2 OctExim patches three of six zero-day bugs disclosed last weekExim developers have released patches for three of the zero-days disclosed last week through Trend Micro's Zero Day Initiative (ZDI), one of them allowing unauthenticated attackers to gain remote code execution. [...]BLEEPINGCOMPUTER.COM
2 OctRoyal family’s website suffers Russia-linked cyberattackThe website of the British royal family was knocked offline by a distributed denial of service (DDoS) attack yesterday morning. Russian hacker group KillNet claimed responsibility for the attack, posting about it on their Telegram channel. The site was reportedly down for around …CSOONLINE.COM
📢 SECURITY ADVISORIES 7[−]
2 OctFinancial Crime Compliance Costs Exceed $206 BillionAI and advanced analytics are being employed by 72% of financial crime professionals to enhance compliance procedures, but challenges such as data quality and legacy systems persist, according to LexisNexis Risk Solutions.HELPNETSECURITY.COM
2 OctPhishing, Smishing Surge Targets USPSRecent weeks have witnessed a significant increase in cyberattacks targeting the US Postal Service (USPS), mainly through phishing and smishing campaigns, according to DomainTools researchers who shared their findings in an advisory last week.INFOSECURITY-MAGAZINE.COM
2 OctUK Privacy Regulator Orders End to Spreadsheet FOI ResponsesThe UK's data protection regulator issued an advisory notice to all public authorities in the wake of a hugely damaging leak at the Police Service of Northern Ireland (PSNI) last month.INFOSECURITY-MAGAZINE.COM
2 OctCISA Kicks Off Cybersecurity Awareness Month With New ProgramCISA has announced the Secure Our World cybersecurity awareness program, targeting both businesses and end users. The post CISA Kicks Off Cybersecurity Awareness Month With New Program appeared first on SecurityWeek .SECURITYWEEK.COM
2 OctAndroid Banking Trojan Zanubis Evolves to Target Peruvian UsersThe Android banking Trojan Zanubis has taken on a new guise, posing as the official app for the Peruvian governmental organization SUNAT (Superintendencia Nacional de Aduanas y de Administración Tributaria).INFOSECURITY-MAGAZINE.COM
2 OctEU Lawmaker Questions CSAM Proposal 'Conflicts of Interest'LIBE Committee Chair Seeks Clarifications from EU Home Affairs Minister The head of a key European Parliament committee said he's concerned about media reports suggesting that a proposal mandating that instant messenger apps scan for CSAM was crafted under the influence of an Ame…DATABREACHTODAY.CO.UK
2 OctPKD | NSA | WS_FTP | Exim | Sextortion | BunnyLoader | CISA | Jason Wood & more – SWN330This week, Doug Talks: PKD, NSA, WS_FTP, Exim, Sextortion, BunnyLoader, CISA , Jason Wood, and more on the Security Weekly News. →Full Show Notes: https://securityweekly.com/swn330 →Join the Security Weekly Discord Server: https://discord.gg/pqSwWm4 →Visit our website: https://ww…YOUTUBE.COM
🔥 INCIDENT REPORTING 12[−]
2 OctMotel One discloses data breach following ransomware attackThe Motel One Group has announced that it has been targeted by ransomware actors who managed to steal some customer data, including the details of 150 credit cards. [...]BLEEPINGCOMPUTER.COM
2 OctLUCR-3 aka Scattered Spider Getting SaaS-y in the CloudLUCR-3 is a financially motivated attacker that targets Fortune 2000 companies, using compromised credentials and leveraging SaaS applications to steal Intellectual Property for extortion.THEHACKERNEWS.COM
2 OctNew LostTrust Ransomware is a Likely Rebrand of the MetaEncryptor GangThe LostTrust encryptor disables various Windows services and appends the ".losttrustencoded" extension to encrypted files, with ransom demands ranging from $100,000 to millions.BLEEPINGCOMPUTER.COM
2 OctRansomware Attack Leads to Payroll Issues at 21 Pinal County School DistrictsEfforts are underway to restore access to data and distribute paychecks, with some school districts providing emergency loans and food assistance to affected staff members.ABC15.COM
2 OctJohnson Controls Ransomware Attack Could Impact DHSDHS is reportedly investigating the impact of the recent Johnson Controls ransomware attack on its systems and facilities. The post Johnson Controls Ransomware Attack Could Impact DHS appeared first on SecurityWeek .SECURITYWEEK.COM
2 OctThe top 9 cyber security incidents in September 2023The most impactful cyber attacks and data breaches from across the world in September 2023CSHUB.COM
2 OctHorse Isle - 27,786 breached accountsIn June 2020 then again in September that same year, Horse Isle "The Secrent Land of Horses" suffered a data breach . The incident exposed 28k unique email addresses along with names, usernames, IP addresses, genders, purchases and plain text passwords. The system also …HAVEIBEENPWNED.COM
2 OctEuropean Telecommunications Standards Institute Discloses Data BreachHackers stole a database containing the list of the European Telecommunications Standards Institute’s online users. The post European Telecommunications Standards Institute Discloses Data Breach appeared first on SecurityWeek .SECURITYWEEK.COM
2 OctMadPot: AWS Honeypot to Disrupt Threat ActorsIn the realm of cybersecurity, the battle against threat actors never stops. With its vast cloud infrastructure, Amazon Web Services (AWS) is at the forefront of this ongoing struggle. AWS employs a global network of sensors and advanced disruption tools daily to detect and thwar…GBHACKERS.COM
2 OctSome Prospect Medical Hospitals in Dire State, Post-AttackContinued Operation of 3 Connecticut Hospitals Now in Question An August cyberattack on a national hospital chain may make medical care in underserved areas of Connecticut even harder to obtain now that a would-be buyer said it's having second thoughts about going through with th…DATABREACHTODAY.CO.UK
2 OctEvolving Role of Browsers in Modern Enterprise | Enterprise News | ISW Executive Interviews - ESW334This week, we kick things off by discussing lessons learned from last year's top breaches. Then we discuss the enterprise news for the week. Finally, we air some of our executive interviews from InfoSec World 2023, with Ward Cobleigh, Product Line Manager at VIAVI Solutions, Reub…YOUTUBE.COM
🕵️ THREAT INTELLIGENCE 27[−]
2 OctHow Should Organizations Navigate the Risks and Opportunities of AI?As AI technology evolves rapidly, organizations need to stay vigilant, monitor the AI landscape, and adapt their cybersecurity programs to effectively defend against new threats posed by cybercriminals.HELPNETSECURITY.COM
2 OctAWS Using MadPot Decoy System to Disrupt APTs, BotnetsCloud computing giant AWS says an internal threat intel decoy system called MadPot has been used successfully to trap malicious activity, including nation-state-backed APTs like Volt Typhoon and Sandworm.SECURITYWEEK.COM
2 OctISC Stormcast For Monday, October 2nd, 2023 https://isc.sans.edu/podcastdetail/8682, (Mon, Oct 2nd)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
2 OctNew SMS Phishing Campaign Impersonating The US Postal ServiceDomainTools is tracking an increase in SMS phishing (or “smishing”) campaigns impersonating the US Postal Service (USPS). The text messages inform recipients that there’s a problem with their delivery address and they need to click on a link to resolve the issue.KNOWBE4.COM
2 OctMalicious HDMI Cables Steals Photos, Videos, and Location DataJohn Bumstead, who works for a company called 404Media that fixes and sells used electronics, found an iPhone-to-HDMI adapter that seemed normal at first. However, the app that came with it was tricky because it asked users to scan a QR code. This code leads to an ad-filled websi…GBHACKERS.COM
2 OctHackers Inject Malicious Ads into GPT-4 Powered Bing ChatIn February 2023, Microsoft unveiled its revolutionary AI-assisted search engine, Bing Chat, driven by OpenAI’s cutting-edge GPT-4 technology. This announcement marked a notable event in the world of online search, sparking both curiosity and speculation about the pot…GBHACKERS.COM
2 OctGUEST ESSAY: Has shielding and blocking electromagnetic energy become the new normal?Surrounded by the invisible hum of electromagnetic energy, we’ve harnessed its power to fuel our technological marvels for decades. Related: MSFT CEO calls for regulating facial recognition tech Tesla’s visionary insights from 1900 hinted at the potential, and today, …LASTWATCHDOG.COM
2 OctData never dies: The immortal battle of data privacyMore than two hundred years ago, Benjamin Franklin said there is nothing certain but death and taxes. If Franklin were alive today, he would add one more certainty to his list: your digital profile. Between the data compiled and stored by employers, private businesses, government…SECURITYINTELLIGENCE.COM
2 OctZanubis Android Banking Trojan Poses as Peruvian Government App to Target Userssubmitted by throws_lemy to cybersecurity 4 points | 0 comments https://thehackernews.com/2023/10/zanubis-android-banking-trojan-poses-as.html?m=1THEHACKERNEWS.COM
2 OctMentorship Monday - Discussions for career and learning!submitted by shellsharks to cybersecurity 1 points | 0 comments Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? …INFOSEC.PUB
2 OctFort Lauderdale, Florida, taken for $1.2M in email scam | StateScoopsubmitted by throws_lemy to cybersecurity 12 points | 0 comments https://statescoop.com/fort-lauderdale-florida-phishing-scam/STATESCOOP.COM
2 OctBsides Tallinn 2022 - 6 videossubmitted by ashar to security_cpe 1 points | 0 comments https://infosec.pub/pictrs/image/4762d532-c50d-4736-bdb3-b22b1e7e4129.png Agenda from the website Playlist Bsides Tallinn 2022INFOSEC.PUB
2 OctNorth Korean Lazarus targeted a Spanish aerospace companysubmitted by throws_lemy to cybersecurity 18 points | 0 comments https://securityaffairs.com/151771/apt/lazarus-targets-spanish-aerospace-firm.htmlSECURITYAFFAIRS.COM
2 OctNumber of Internet-Exposed ICS Drops Below 100,000: ReportThe number of internet-exposed ICS has dropped below 100,000, a significant decrease from the 140,000 in 2019. The post Number of Internet-Exposed ICS Drops Below 100,000: Report appeared first on SecurityWeek .SECURITYWEEK.COM
2 Octcloudgrep: cloudgrep is grep for cloud storagesubmitted by L4s to secops 1 points | 0 comments https://github.com/cado-security/cloudgrep cloudgrep: cloudgrep is grep for cloud storage::cloudgrep is grep for cloud storage. Contribute to cado-security/cloudgrep development by creating an account on GitHub.GITHUB.COM
2 OctLazarus Tricking Employees with Trojanized Coding ChallengesLazarus group has been recently discovered to have targeted an Aerospace company in Spain, which involved deploying several tools, including an undocumented backdoor named “LightlessCan.” Reports indicate that the threat actor gained access to the organization’s network las…GBHACKERS.COM
2 OctLightSpy APT Attacking WeChat Users to Steal Payment DataLightSpy malware, responsible for a watering hole attack conducted against iOS users in Hong Kong, has been discovered to be embedded with Android implant Core and its 14 related plugins from 20 active servers for attacking mobile users. LightSpy is a Mobile Advanced Persistent T…GBHACKERS.COM
2 OctNSA AI Security CenterThe NSA is starting a new artificial intelligence security center: The AI security center’s establishment follows an NSA study that identified securing AI models from theft and sabotage as a major national security challenge, especially as generative AI technologies emerge …SCHNEIER.COM
2 OctCybercriminals Using New ASMCrypt Malware Loader to Fly Under the RadarThreat actors are selling a new crypter and loader called ASMCrypt, which is an evolved version of the DoubleFinger loader. It allows them to build payloads for their campaigns by establishing contact with a backend service over the TOR network.THEHACKERNEWS.COM
2 OctRisk Management in the Cloud Starts with Identities | Leadership & Communications - BSW #322This week, we start things off with an interview with Eric Kedrosky, CISO at Sonrai Security, about Risk Management in the Cloud Starts with Identities. Then we follow up with our Leadership and Communications Articles for the week. Visit https://www.securityweekly.com/bsw for al…YOUTUBE.COM
2 OctMicrosoft Defender flags Tor Browser as a Trojan and removes it from the systemsubmitted by L4s to secops 1 points | 0 comments https://deform.co/microsoft-defender-flags-tor-browser-as-a-trojan-and-removes-it-from-the-system/ Microsoft Defender flags Tor Browser as a Trojan and removes it from the system::Windows users have recently begun mass-reporting th…DEFORM.CO
2 OctRisk Management in the Cloud Starts with Identities - Eric Kedrosky - BSW #322As we move more infrastructure into the cloud, the traditional concepts of risk start to change. It's no longer just about networks and servers, but also needs to address identities and not just human identities. Cloud infrastructure introduces additional identity types that need…YOUTUBE.COM
2 OctThe CISO Carousel's Effect While Struggling to Get Budgets and Feel Free to Disagree - BSW #322In the leadership and communications section, The CISO Carousel and its Effect on Enterprise Cybersecurity, CISOs are struggling to get cybersecurity budgets, Respectfully, I Disagree, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: htt…YOUTUBE.COM
2 OctNew Partner Compensation Model — Breakaway 1=5Since our earliest days as a company, partners have been foundational to our success. Together, we disrupted the firewall market and now we have the opportunity to redefine what it means to … The post New Partner Compensation Model — Breakaway 1=5 appeared first on Palo Alt…PALOALTONETWORKS.COM
2 OctCelebrate 20 years of Cybersecurity Awareness Month with Microsoft and let’s secure our world togetherIt’s Cybersecurity Awareness Month! Celebrate security with us and prioritize it year-round. Explore how Microsoft is continuously innovating and creating the #BeCybersmart kit to help you and your organization stay safe online. The post Celebrate 20 years of Cybersecurity Awaren…MICROSOFT.COM
2 OctMalware Trends | News - PSW8016:00pm ET - Anuj Soni 8:00pm ET - Security News This week, we start things off with and interview with Anuj Soni, Principal Threat Researcher at BlackBerry, to discuss Malware Trends. Then we discuss our security news for the week. →Full Show Notes: https://securityweekly.com/psw…YOUTUBE.COM
2 OctFeet | Google | Predator vs. Lemurs | Qakbot | Aaran Leyland & More! – SWN331This week, Doug Talks: Feet, Google, Apple, Predator vs. Lemurs, r77, Qualcomm, qakbot, deepfakes, , Aaran Leyland, and more on the Security Weekly News. →Full Show Notes: https://securityweekly.com/swn331 →Join the Security Weekly Discord Server: https://discord.gg/pqSwWm4 →Visi…YOUTUBE.COM
🌐 CYBER THREAT LANDSCAPE 5[−]
2 OctNational Logistics Portal Leaks Sensitive Data Related to Operations at Indian PortsThe publicly accessible AWS S3 buckets contained personal data, invoices, and internal documents, potentially disrupting trade and operations of India's ports and leading to significant ransom demands.SECURITYAFFAIRS.COM
2 OctBunnyLoader: New Malware-as-a-Service Threat Emerges in the Cybercrime UndergroundCybersecurity experts have discovered yet another malware-as-a-service (MaaS) threat called BunnyLoader that's being advertised for sale on the cybercrime underground. "BunnyLoader provides various functionalities such as downloading and executing a second-stage payload, stealing…THEHACKERNEWS.COM
2 OctZanubis Android Banking Trojan Poses as Peruvian Government App to Target UsersAn emerging Android banking trojan called Zanubis is now masquerading as a Peruvian government app to trick unsuspecting users into installing the malware. "Zanubis's main infection path is through impersonating legitimate Peruvian Android applications and then tricking the user …THEHACKERNEWS.COM
2 OctNew BunnyLoader threat emerges as a feature-rich malware-as-a-serviceSecurity researchers discovered a new malware-as-a-service (MaaS) named 'BunnyLoader' advertised on multiple hacker forums as a fileless loader that can steal and replace the contents of the system clipboard. [...]BLEEPINGCOMPUTER.COM
2 OctMicrosoft Defender no longer flags Tor Browser as malwareFor Windows users who frequently use the TorBrowser, there's been a pressing concern. Recent versions of the TorBrowser, specifically because of the tor.exe file it contained, were being flagged as potential threats by Windows Defender. [...]BLEEPINGCOMPUTER.COM
🎙️ PODCASTS 1[−]
2 OctCyber Security Today, Oct. 2, 2023 - Advice for creating a cybersecurity awareness programFor October Cyber Security Awareness Month this episode offers tips on how to build an effective awareness programCYBERSECURITYTODAY.LIBSYN.COM
📡 INFOSEC NEWS 14[−]
2 OctLive Webinar | Guide to Implementing SASE/SSE: 5 Things for Every CIO & CISO to KnowDATABREACHTODAY.CO.UK
2 OctFBI warns of surge in 'phantom hacker' scams impacting elderlyThe FBI issued a public service announcement warning of a significant increase in 'phantom hacker' scams targeting senior citizens across the United States. [...]BLEEPINGCOMPUTER.COM
2 OctUK Royal Family Website Taken Down by DDoS AttackAccording to reports, the official website of the UK’s royal family was taken offline by a DDoS attack on Sunday. The Royal.uk site was unavailable for around 90 minutes, starting at 10 am local time, according to The Independent.INFOSECURITY-MAGAZINE.COM
2 OctCybersecurity Budgets Show Moderate GrowthAccording to research from IANS and Artico Search, security budgets as a share of IT budgets are increasing, indicating a moderate impact on security spending compared to overall IT spending.HELPNETSECURITY.COM
2 OctNorway Wants Europe-Wide Ban on Facebook Behavioral AdsNorway is urging the European Data Protection Board (EDPB) to ban Meta (formerly Facebook) from harvesting user data for advertising purposes permanently and extend the ban across Europe.THEREGISTER.COM
2 OctAPIs: Unveiling the Silent Killer of Cyber Security Risk Across IndustriesIntroduction In today's interconnected digital ecosystem, Application Programming Interfaces (APIs) play a pivotal role in enabling seamless communication and data exchange between various software applications and systems. APIs act as bridges, facilitating the sharing of informa…THEHACKERNEWS.COM
2 OctLUCR-3: Scattered Spider Getting SaaS-y in the CloudLUCR-3 overlaps with groups such as Scattered Spider, Oktapus, UNC3944, and STORM-0875 and is a financially motivated attacker that leverages the Identity Provider (IDP) as initial access into an environment with the goal of stealing Intellectual Property (IP) for extortion. LUCR…THEHACKERNEWS.COM
2 OctSilent Skimmer: A Year-Long Web Skimming Campaign Targeting Online Payment BusinessesA financially motivated campaign has been targeting online payment businesses in the Asia Pacific, North America, and Latin America with web skimmers for more than a year. The BlackBerry Research and Intelligence Team is tracking the activity under the name Silent Skimmer, attrib…THEHACKERNEWS.COM
2 OctFriendly Reminder: ZIP Metadata is Not Encrypted, (Mon, Oct 2nd)ZIP archives store compressed files including their metadata (filesize, date/time, ...). When a contained file is password protected, the compressed data is encrypted, but the metadata is not.
ISC.SANS.EDU
2 OctCritical Vulnerabilities In Exim Threaten Over 250k Email Servers WorldwidePACKETSTORMSECURITY.COM
2 Oct"Phantom Hacker" Scams Target Senior Citizens and Result in Victims Losing their Life SavingsThe FBI warned about a new scam called the "Phantom Hacker" scam, which is specifically targeting senior citizens. It involves imposters posing as tech support, financial institutions, and government representatives to gain the trust of victims.IC3.GOV
2 OctDon’t Let Zombie Zoom Links Drag You DownMany organizations — including quite a few Fortune 500 firms — have exposed web links that allow anyone to initiate a Zoom video conference meeting as a valid employee. These company-specific Zoom links, which include a permanent user ID number and an embedded passcode, can work …KREBSONSECURITY.COM
2 OctIronNet, founded by former NSA director, shuts down and lays off staffIronNet, a once-promising cybersecurity startup founded by a former NSA director and funded by cyber and defense investors, has shuttered and laid off its remaining staff following its collapse. In a regulatory filing published Friday, IronNet’s president and chief financia…TECHCRUNCH.COM