matlock.ca // THREAT INTELLIGENCE

103Articles

9Categories

2023-10-04Date

🚨

CISA Adds Two Known Exploited Vulnerabilities to Catalog, Removes Five KEVsCISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation: CVE-2023-42793 Arm Mali GPU Kernel Driver Use-After-Free Vulnerability CVE-2023-28229 Microsoft Windows CNG Key Isolation Service Privilege Escalation…

KEVCISA.GOV — Wed, 04 Oct 23 1

🐛

Arm, Qualcomm warn GPU drivers are likely being exploited by hackers

THERECORD.MEDIA — 04 Oct 2023

🐛

Hackers seen exploiting bugs in browsers and popular file transfer tool

THERECORD.MEDIA — 04 Oct 2023

🐛

Qualcomm Releases Patch for Three New Zero-Days Under Active Exploitation

THEHACKERNEWS.COM — 04 Oct 2023

🐛

Looney Tunables: New Linux Flaw Enables Privilege Escalation on Major Distributions

THEHACKERNEWS.COM — 04 Oct 2023

🐛

New critical AI vulnerabilities in TorchServe put thousands of AI models at risk

CSOONLINE.COM — 04 Oct 2023

🐛

Severe Glibc Privilege Escalation Vulnerability Impacts Major Linux Distributions

SECURITYWEEK.COM — 04 Oct 2023

🐛

X.Org Hit By New Security Vulnerabilities - Two Date Back To 1988 With X11R2

PHORONIX.COM — 04 Oct 2023

🐛

Severity HIGH security problem to be announced with curl 8.4.0 on Oct 11 (CVE-2023-38545) · curl/curl · Discussion #12026

GITHUB.COM — 04 Oct 2023

🐛

PoC exploit for CVE-2023-4911 "Looney Tunables"

GITHUB.COM — 04 Oct 2023

🐛

Chromium: CVE-2023-5346 Type Confusion in V8

MSRC.MICROSOFT.COM — 04 Oct 2023

⚠️

Experts Discover Multiple Malicious npm Packages

CYWARE.COM — 04 Oct 2023

⚠️

New ‘Looney Tunables’ Linux Bug Gives Root Privileges on Major Distros

BLEEPINGCOMPUTER.COM — 04 Oct 2023

⚠️

Safe, Secure, Anonymous, and Other Misleading Claims

TROYHUNT.COM — 04 Oct 2023

⚠️

Qualcomm Patches 3 Zero-Days Reported by Google

SECURITYWEEK.COM — 04 Oct 2023

⚠️

ChatGPT “not a reliable” tool for detecting vulnerabilities in developed code

CSOONLINE.COM — 04 Oct 2023

⚠️

Microsoft Warns of Cyber Attacks Attempting to Breach Cloud via SQL Server Instance

THEHACKERNEWS.COM — 04 Oct 2023

⚠️

Rogue npm Package Deploys Open-Source Rootkit in New Supply Chain Attack

THEHACKERNEWS.COM — 04 Oct 2023

⚠️

Okta launches Cybersecurity Workforce Development Initiative

CSOONLINE.COM — 04 Oct 2023

⚠️

Dead Grandma Locket Request Tricks Bing Chat’s AI Into Solving Security Puzzle

ARSTECHNICA.COM — 04 Oct 2023

⚠️

Typosquatting Campaign Delivers R77 Rootkit Through Malicious JavaScript Package

REVERSINGLABS.COM — 04 Oct 2023

⚠️

Open-Source Intelligence (OSINT): Learn the Methods Bad Actors Use to Hack Your Organization

KNOWBE4.COM — 04 Oct 2023

⚠️

Qualcomm Patches 3 Zero Days Reported By Google

PACKETSTORMSECURITY.COM — 04 Oct 2023

⚠️

Sony Confirms Data Breach Impacting Thousands of US Employees

BLEEPINGCOMPUTER.COM — 04 Oct 2023

⚠️

Researchers Link DragonEgg Android Spyware to LightSpy iOS Surveillanceware

THEHACKERNEWS.COM — 04 Oct 2023

⚠️

Cisco fixes hard-coded root credentials in Emergency Responder

BLEEPINGCOMPUTER.COM — 04 Oct 2023

⚠️

Atlassian Ships Urgent Patch for Exploited Confluence Zero-Day

SECURITYWEEK.COM — 04 Oct 2023

⚠️

Atlassian patches critical Confluence zero-day exploited in attacks

BLEEPINGCOMPUTER.COM — 04 Oct 2023

⚠️

Apple emergency update fixes new zero-day used to hack iPhones

BLEEPINGCOMPUTER.COM — 04 Oct 2023

⚠️

Apple Warns of Newly Exploited iOS 17 Kernel Zero-Day

SECURITYWEEK.COM — 04 Oct 2023

⚠️

Apple fixes vulnerabilities in iOS and iPadOS., (Wed, Oct 4th)

ISC.SANS.EDU — 04 Oct 2023

⚠️

Microsoft won’t say if its products were exploited by spyware zero-days

TECHCRUNCH.COM — 04 Oct 2023

⚠️

Cyber Mavens Slam Europe's Cyber Resilience Act

DATABREACHTODAY.CO.UK — 2023-10-04

⚠️

Hundreds of malicious Python packages found stealing sensitive data

BLEEPINGCOMPUTER.COM — 04 Oct 2023

⚠️

Amazon Web Services Warns of TorchServe Flaws

DATABREACHTODAY.CO.UK — 2023-10-04

⚠️

Attackers Exploit SQL Server to Penetrate Azure Cloud

DATABREACHTODAY.CO.UK — 2023-10-04

📋

New Supermicro BMC Vulnerabilities Could Expose Many Servers to Remote Attacks

SECURITYWEEK.COM — 04 Oct 2023

📢

C-Suite Leaders to Boost Cybersecurity Compliance Amid SEC Disclosure Rule: Deloitte

CYBERSECURITYDIVE.COM — 04 Oct 2023

📢

NIST CSF (Cybersecurity Framework) 2.0 is just around the corner

SOPHOS.COM — 04 Oct 2023

📢

IBM security advisory (AV23-597)

CYBER.GC.CA — 2023-10-04

📢

Google Chrome security advisory (AV23-598)

CYBER.GC.CA — 2023-10-04

📢

CISA and NSA Release New Guidance on Identity and Access Management

CISA.GOV — Wed, 04 Oct 23 1

📢

Cisco security advisory (AV23-599)

CYBER.GC.CA — 2023-10-04

📢

Red Hat security advisory (AV23-600)

CYBER.GC.CA — 2023-10-04

📢

Apple security advisory (AV23-601)

CYBER.GC.CA — 2023-10-04

📢

Yesterday, Daniel J. Bernstein published a paper alleging that Kyber-512, an encryption algorithm selected as a NIST post-quantum contender, wasn't nearly as secure as its stewards say.

INFOSEC.PUB — 04 Oct 2023

🔥

NATO 'actively addressing' alleged cyberattack affecting some websites

THERECORD.MEDIA — 04 Oct 2023

🔥

LightSpy Spyware Evolves to Add New Plugins for Data Exfiltration

CYWARE.COM — 04 Oct 2023

🔥

Payment card details accessed in Motel One hack

CSHUB.COM — 04 Oct 2023

🔥

Ransomware Reinfections on the Rise From Improper Remediation

MALWAREBYTES.COM — 04 Oct 2023

🔥

Indiana Attorney General Sues Provider Over Violation of Consumer Protection, Privacy Laws

WVXU.ORG — 04 Oct 2023

🔥

Wisconsin County Dealing With Ransomware Attack on Public Health Department

THERECORD.MEDIA — 04 Oct 2023

🔥

Make these 5 changes to avoid becoming the next cybersecurity headline

TECHCRUNCH.COM — 04 Oct 2023

🔥

Sony confirms data breach impacting thousands in the U.S.

BLEEPINGCOMPUTER.COM — 04 Oct 2023

🔥

NATO Investigates Alleged Cyberattack Affecting Some Unclassified Websites

THERECORD.MEDIA — 04 Oct 2023

🔥

Lyca Mobile Services Significantly Disrupted by Cyberattack

SECURITYWEEK.COM — 04 Oct 2023

🔥

Mozilla Warns of Fake Thunderbird Downloads Delivering Ransomware

SECURITYWEEK.COM — 04 Oct 2023

🔥

Microsoft: Hackers target Azure cloud VMs via breached SQL servers

BLEEPINGCOMPUTER.COM — 04 Oct 2023

🔥

Lyca Mobile Suffers Disruptive Cyberattack; Investigates Ransomware Possibility

HACKREAD.COM — 04 Oct 2023

🔥

Arietis Health Announces MOVEit Data Breach Impacting Patients of NorthStar Anesthesia Facilities

JDSUPRA.COM — 04 Oct 2023

🔥

Researchers warn of 100,000 industrial control systems exposed online

BLEEPINGCOMPUTER.COM — 04 Oct 2023

🔥

Mozilla Warns of Fake Thunderbird Downloads Delivering Ransomware

SECURITYWEEK.COM — 04 Oct 2023

🔥

Lyca Mobile blames cyberattack for network disruption

TECHCRUNCH.COM — 04 Oct 2023

🔥

Firm Notifies Patients of 55 Health Practices Hit by MOVEit Hack

DATABREACHTODAY.CO.UK — 2023-10-04

🕵️

ISC Stormcast For Wednesday, October 4th, 2023 https://isc.sans.edu/podcastdetail/8686, (Wed, Oct 4th)

ISC.SANS.EDU — 04 Oct 2023

🕵️

Security at high speed - How Vipps secures their APIs - BSides Oslo 2023 - 45 minutes

INFOSEC.PUB — 04 Oct 2023

🕵️

What are You Working on Wednesday

INFOSEC.PUB — 04 Oct 2023

🕵️

Malicious Ads in Bing Chat

SCHNEIER.COM — 2023-10-04

🕵️

EvilProxy Phishing Attack Targets Indeed

CYWARE.COM — 04 Oct 2023

🕵️

Chinese APT41 Actors Target WeChat Users via Trojanized App Version

BANKINFOSECURITY.COM — 04 Oct 2023

🕵️

What to know about new generative AI tools for criminals

SECURITYINTELLIGENCE.COM — 04 Oct 2023

🕵️

Google, Yahoo Boosting Email Spam Protections

SECURITYWEEK.COM — 04 Oct 2023

🕵️

[Cybersecurity Awareness Month] Spoofy Steve's Business Email Compromise Scams You Need to Watch Out For

KNOWBE4.COM — 04 Oct 2023

🕵️

AI and ML: The Keys to Better Security Outcomes

PALOALTONETWORKS.COM — 04 Oct 2023

🕵️

Okta Buys Personal Password Manager Uno to Service Consumers

DATABREACHTODAY.CO.UK — 2023-10-04

🕵️

US FTC Keeping 'Close Watch' on Artificial Intelligence

DATABREACHTODAY.CO.UK — 2023-10-04

🕵️

North Korean Hackers Target South Korean Naval Shipyards

DATABREACHTODAY.CO.UK — 2023-10-04

🕵️

STEPS FORWARD Q&A: Will ‘proactive security’ engender a shift to risk-based network protection?

LASTWATCHDOG.COM — 04 Oct 2023

🕵️

Protecting The Federal Supply Chain - John Loucaides - BTS #14

YOUTUBE.COM — 2023-10-04

🕵️

Atos Taps Senior Accenture Exec to Run Eviden Security Group

DATABREACHTODAY.CO.UK — 2023-10-04

🕵️

X.Org Hit By New Security Vulnerabilities - Two Date Back To 1988 With X11R2 - Hack Liberty

LINKS.HACKLIBERTY.ORG — 04 Oct 2023

🌐

Cyber Security Today, Oct. 4, 2023 - Critical vulnerabilities found in Linux and TorchServe

CYBERSECURITYTODAY.LIBSYN.COM — 04 Oct 2023

🌐

EU Parliament Wants Journalists to Have Better Protections From Spyware

THERECORD.MEDIA — 04 Oct 2023

🌐

Predator Spyware Linked to Madagascar Government Ahead of Election

INFOSECURITY-MAGAZINE.COM — 04 Oct 2023

📡

ShellTorch Vulnerabilities Put Organizations at Risk of Server Takeover

THEREGISTER.COM — 04 Oct 2023

📡

Don’t Let Zombie Zoom Links Drag You Down

KREBSONSECURITY.COM — 04 Oct 2023

📡

Emergency alert on US phones and TVs today — Don’t worry, it’s just a test

BLEEPINGCOMPUTER.COM — 04 Oct 2023

📡

The Hacker Perspective on Generative AI and Cybersecurity

DATABREACHTODAY.CO.UK — 2023-10-04

📡

San Francisco Metropolitan Transportation Commission Leaves 26,000 Files Publicly Accessible

SECURITYAFFAIRS.COM — 04 Oct 2023

📡

Wing Disrupts the Market by Introducing Affordable SaaS Security

THEHACKERNEWS.COM — 04 Oct 2023

📡

Okta acquires a16z-backed password manager Uno to develop a personal tier

TECHCRUNCH.COM — 04 Oct 2023

📡

Okta plans to weave AI across its entire identity platform using multiple models

TECHCRUNCH.COM — 04 Oct 2023

📡

Yubico can now ship pre-registered security keys to its enterprise users

TECHCRUNCH.COM — 04 Oct 2023

📡

Dark Web Sale of FBI LEEP Classified Data Sparks Concerns Over National Security

THECYBEREXPRESS.COM — 04 Oct 2023

📡

Enhancing your application security program with continuous monitoring

BLEEPINGCOMPUTER.COM — 04 Oct 2023

📡

New Supermicro BMC Vulnerabilities Could Expose Many Servers To Remote Attacks

PACKETSTORMSECURITY.COM — 04 Oct 2023

📡

Rules Of Engagement Issued To Hacktivists After Chaos

PACKETSTORMSECURITY.COM — 04 Oct 2023

📡

TorchServe Flaws Means PyTorch Users Need An Urgent Upgrade

PACKETSTORMSECURITY.COM — 04 Oct 2023

📡

Northern Ireland Police Issue “Quishing” Email Warning

INFOSECURITY-MAGAZINE.COM — 04 Oct 2023

📡

What is SD-WAN? | Kaspersky official blog

KASPERSKY.COM — 04 Oct 2023

📡

Red Cross Tells Hacktivists: Stop Targeting Hospitals

DATABREACHTODAY.CO.UK — 2023-10-04

📡

What's Normal? Connection Sizes, (Wed, Oct 4th)

ISC.SANS.EDU — 04 Oct 2023

📡

Sophos Firewall v20: VPN Enhancements

SOPHOS.COM — 04 Oct 2023