🚨 CISA KEV 1[−]
5 Oct KEVCISA Adds Three Known Exploited Vulnerabilities to CatalogCISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation: CVE-2023-40044 Progress WS_FTP Server Deserialization of Untrusted Data Vulnerability CVE-2023-42824 Apple iOS and iPadOS Kernel Privilege Escalatio…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 12[−]
5 OctMake-me-root 'Looney Tunables' security hole on Linux needs your attentionsubmitted by c0mmando to netsec 1 points | 0 comments https://www.theregister.com/2023/10/04/linux_looney_tunables_bug/ Grab security updates for your Linux distributions: there’s a security hole that can be fairly easily exploited by rogue users, intruders, and malicious softwar…THEREGISTER.COM
5 OctCritical Atlassian Confluence bug under attack. Patch nowsubmitted by c0mmando to netsec 1 points | 0 comments https://go.theregister.com/feed/www.theregister.com/2023/10/04/critical_confluence_privilege_escalation_bug/ Atlassian today said miscreants have exploited a critical bug in on-premises instances of Confluence Server and Confl…GO.THEREGISTER.COM
5 Oct KEVApple Rolls Out Security Patches for Actively Exploited iOS Zero-Day FlawApple on Wednesday rolled out security patches to address a new zero-day flaw in iOS and iPadOS that it said has come under active exploitation in the wild. Tracked as CVE-2023-42824, the kernel vulnerability could be abused by a local attacker to elevate their privileges. The iP…THEHACKERNEWS.COM
5 Oct KEVAtlassian Confluence Hit by Newly Actively Exploited Zero-Day – Patch NowAtlassian has released fixes to contain an actively exploited critical zero-day flaw impacting publicly accessible Confluence Data Center and Server instances. The vulnerability, tracked as CVE-2023-22515, is remotely exploitable and allows external attackers to create unauthoriz…THEHACKERNEWS.COM
5 OctShellTorch Flaw Exposes Thousands of AI Servers to RCE AttacksShellTorch Serve is an open-source model-serving library developed by PyTorch that simplifies the deployment of machine learning models for inference in production environments. It provides a scalable and efficient way to serve PyTorch models, making integrating them into a…GBHACKERS.COM
5 OctLooney Tunables: Linux Vulnerability Lets Attackers Gain Root PrivilegesA buffer overflow issue has been disclosed in the GNU C Library’s dynamic loader ld.so, which might allow local attackers to acquire root privileges on vulnerable Linux systems. The Linux vulnerability is identified as “Looney Tunables” and tagged as CVE-2…GBHACKERS.COM
5 OctApple Warns of Newly Exploited iOS 17 Kernel Zero-DayApple has released a new patch to fix two serious vulnerabilities in its iOS platform, one of which has already been exploited as a zero-day. The exploited kernel vulnerability, CVE-2023-42824, allows for privilege escalation.SECURITYWEEK.COM
5 Oct KEVCISA Warns of Active Exploitation of JetBrains and Windows VulnerabilitiesThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added two security flaws to its Known Exploited Vulnerabilities (KEV) catalog due to active exploitation, while removing five bugs from the list due to lack of adequate evidence. The vulnerabilities new…THEHACKERNEWS.COM
5 OctCisco Releases Urgent Patch to Fix Critical Flaw in Emergency Responder SystemsCisco has released updates to address a critical security flaw impacting Emergency Responder that allows unauthenticated, remote attackers to sign into susceptible systems using hard-coded credentials. The vulnerability, tracked as CVE-2023-20101 (CVSS score: 9.8), is due to the …THEHACKERNEWS.COM
5 OctAtlassian Releases Security Advisory for Confluence Data Center and ServerAtlassian released a security advisory to address a vulnerability affecting Confluence Data Center and Confluence Server. A remote cyber threat actor could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review the fol…CISA.GOV
5 OctCisco warns of hard coded creds in Emergency Respondersubmitted by c0mmando to netsec 1 points | 0 comments https://www.theregister.com/2023/10/05/cisco_icritical_emergency/ Cisco has issued a security advisory about a vulnerability in its Emergency Responder software that would allow an unauthenticated remote attacker to log in to …THEREGISTER.COM
5 OctCisco fixes serious flaws in emergency responder and other productsCisco patched authentication, privilege escalation, and denial-of-service vulnerabilities this week in several of its products, including one that’s used for identifying the location of 9-1-1 emergency callers. The flaw in Cisco Emergency Responder is caused by the presence of de…CSOONLINE.COM
⚠️ VULNERABILITY DISCLOSURE 36[−]
5 OctMalware Trends - Anuj Soni - PSW #801Anuj joins us to discuss recent trends in malware. What are the malware authors up to lately? What are the latest techniques for reverse engineering malware? Learn about the latest tools and techniques from Anuj! Anuj is a Principal Threat Researcher at Blackberry, where he perfo…YOUTUBE.COM
5 OctFake Dead Grandma's, No Flipper Zero, Looney Tunables, & $20 Mil For Zero Days - PSW #801In the Security News: No Flipper Zero for you!, your glibc is hanging out and other Looney Tunables, and it vulnerable, for no reasons, other than the obvious ones, a Russian firm will pay $20m for Android or iPhone 0days, you do what you do and other Exim vulnerability stories, …YOUTUBE.COM
5 OctExploitation of Critical WS_FTP Server Flaw Spotted in the WildAs previously reported, Progress-owned WS_FTP was discovered with multiple vulnerabilities associated with cross-site scripting (XSS), SQL injection, cross-site request forgery, unauthenticated user enumeration, and a few others. Progress has warned their users about the WS_FTP v…GBHACKERS.COM
5 OctHackers Hijacking Microsoft SQL Servers to Compromise Azure EnvironmentsHackers frequently target Microsoft SQL servers because of their extensive use and possible weaknesses. These servers are a top target for hackers looking to make flat profits since these crooks exploit them to steal private information, start ransomware attacks, or obtain unauth…GBHACKERS.COM
5 OctComing from inside the building: dark web recruitment of malicious insidersThe road to a successful cyberattack often leads through an organization's employees, since they already have authenticated access (perhaps to highly sensitive data), and they have intimate knowledge of the organization, its people, processes, and technology. Sometimes, attackers…CSOONLINE.COM
5 OctCisco Fixes Hardcoded Root Credentials in Emergency ResponderThe vulnerability, which affects CER version 12.5(1)SU4, could be exploited to execute arbitrary commands as the root user. Admins are urged to update their vulnerable installations promptly, as there are no temporary workarounds available.BLEEPINGCOMPUTER.COM
5 OctWireshark 4.0.10 Released: What’s New!Wireshark, formerly known as Ethereal, is a widely used, free, and open-source network protocol analyzer that allows users to capture and inspect data packets on a computer network. This network analyzer tool is primarily used for the following purposes:- The widespread use of Wi…GBHACKERS.COM
5 OctWhy open-source software supply chain attacks have tripled in a yearThe number of incidents where malicious packages are uploaded to public component registries has exploded over the past year, showing that attackers increasingly favor this initial access tactic. According to data from software supply chain management company Sonatype, the number…CSOONLINE.COM
5 OctQakbot Attackers Remain Alive and Quacking, Researchers FindPhishing Campaign Pushing Knight Ransomware Continues Despite FBI Disruption What do "bank transfer request.lnk" and "URGENT-Invoice-27-August.docx.lnk" have in common? Both are the names of malicious files being sent as part of a phishing campaign attributed to the Qakbot botnet…DATABREACHTODAY.CO.UK
5 OctRomHack 2023 - Kim Zetter - Sun Stroke: How the SolarWinds hackers pulled off their ingenious attacksubmitted by ashar to security_cpe 1 points | 0 comments https://youtu.be/yNGt_xxbUGc?si=pmfQZTg6BYJvtAOT Kim Zetter Sun Stroke: How the SolarWinds hackers pulled off their ingenious operation and scorched the vulnerable underbelly of the software supply chain slides: In November…YOUTU.BE
5 OctGoogle, Yahoo announce new email authentication requirements for 2024Google and Yahoo have both announced new email authentication requirements that will come into force in 2024. From early next year, bulk Gmail and Yahoo Mail email senders will need to strongly authenticate their emails following well-established best practices such as DMARC, SPF…CSOONLINE.COM
5 OctLinux Foundation Announces OpenPubkey Open Source Cryptographic ProtocolThe Linux Foundation has announced OpenPubkey, an open source cryptographic protocol that should help boost supply chain security. The post Linux Foundation Announces OpenPubkey Open Source Cryptographic Protocol appeared first on SecurityWeek .SECURITYWEEK.COM
5 OctAddressing the People Problem in CybersecurityAddressing the people problem with effective approaches and tools for users and security practitioners will enable us to work smarter, and force attackers into a position where they must work harder. The post Addressing the People Problem in Cybersecurity appeared first on Securi…SECURITYWEEK.COM
5 OctQakBot Threat Actors Still in Action, Using Ransom Knight and Remcos RAT in Latest AttacksDespite the disruption to its infrastructure, the threat actors behind the QakBot malware have been linked to an ongoing phishing campaign since early August 2023 that led to the delivery of Ransom Knight (aka Cyclops) ransomware and Remcos RAT. This indicates that “the law enfor…THEHACKERNEWS.COM
5 OctMicrosoft Warns of Cyberattacks Attempting to Breach Cloud via SQL Server InstanceThe attackers exploited a SQL injection vulnerability in an application, allowing them to gain access and elevated permissions on a Microsoft SQL Server instance deployed in an Azure Virtual Machine.THEHACKERNEWS.COM
5 OctCyber Mavens Slam Europe's Cyber Resilience ActAccording to some experts, the proposed EU mandate for software publishers to disclose zero-day exploits within 24 hours risks compromising cybersecurity efforts by giving government agencies access to a real-time database of vulnerabilities.BANKINFOSECURITY.COM
5 OctCisco Releases Security Advisories for Multiple ProductsCisco released security advisories for vulnerabilities affecting multiple Cisco products. A remote cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following advisories and …CISA.GOV
5 Oct[FREE RESOURCES] Celebrate Cybersecurity Awareness Month This October with our Cyber-Monsters!Cyber threats can be scary, and for good reason.KNOWBE4.COM
5 OctZero-days for hacking WhatsApp are now worth millions of dollarsThanks to improvements in security mechanisms and mitigations, hacking cell phones — both running iOS and Android — has become an expensive endeavor. That’s why hacking techniques for apps like WhatsApp are now worth millions of dollars, TechCrunch has learned. Last week, a Russi…TECHCRUNCH.COM
5 OctLinux Foundation Announces OpenPubkey Open Source Cryptographic ProtocolPACKETSTORMSECURITY.COM
5 OctMicrosoft Office XSS Flaw Let Attackers Execute Arbitrary CodeA recently discovered vulnerability in Microsoft Office Word has raised concerns over the security of the popular productivity suite. This security flaw, classified as a Cross-Site Scripting (XSS) vulnerability, allows attackers to execute arbitrary JavaScript code within a…GBHACKERS.COM
5 OctHow digital threats from East Asia are increasing in breadth and effectivenessThe East Asian threat landscape is evolving rapidly, and emerging trends from affiliated threat groups have the potential to impact public and private entities across the globe. Chinese nation-state groups are conducting widespread cyber and influence operations (IO) , with a par…CSOONLINE.COM
5 OctCISA Releases Three Industrial Control Systems AdvisoriesCISA released three Industrial Control Systems (ICS) advisories on October 5, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-278-01 Hitachi Energy AFS65x, AFF66x, AFS67x, and AFR67x Series Pr…CISA.GOV
5 Oct KEVHackers Exploit Atlassian Confluence Zero-day Flaw to Create Admin AccountThe widely adopted Atlassian Confluence has been discovered with a zero-day vulnerability, which could allow threat actors to create an admin account on the Confluence servers and perform malicious activities. This particular issue has been reported by a lot of Atlassian customer…GBHACKERS.COM
5 OctNSA and CISA Release Advisory on Top Ten Cybersecurity MisconfigurationsToday, the National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) released a joint cybersecurity advisory (CSA), NSA and CISA Red and Blue Teams Share Top Ten Cybersecurity Misconfigurations , which provides the most common cybersecurity miscon…CISA.GOV
5 OctNew Gartner Forecast Shows Global Security and Risk Management Spending to Increase by 14% in 2024Gartner issued a press release that forecasted global security and risk management end-user spending to reach $188.1 billion, along with worldwide end-user spending on security and risk management projected to be $215 billion in 2024.KNOWBE4.COM
5 OctA Vulnerability in Atlassian Confluence Server and Data Center Could Allow for Privilege EscalationA vulnerability has been discovered in Atlassian Confluence Server and Data Center, which could allow for Privilege Escalation. Confluence is a collaboration tool that brings people, knowledge, and ideas together in a shared workspace. Successful exploitation of this vulnerabilit…CISECURITY.ORG
5 OctA Vulnerability in Cisco Emergency Responder Could Allow for Arbitrary Code ExecutionA vulnerability has been discovered in Cisco Emergency Responder that could allow for arbitrary code execution on a targeted host. Successful exploitation could allow an unauthenticated remote attacker to log in to the affected system using the root account and execute arbitrary …CISECURITY.ORG
5 OctExploit released for Linux flaw giving root on major distrosProof-of-concept exploits have already surfaced online for a high-severity flaw in GNU C Library's dynamic loader, allowing local attackers to gain root privileges on major Linux distributions. [...]BLEEPINGCOMPUTER.COM
5 OctExploits released for Linux flaw giving root on major distrosProof-of-concept exploits have already surfaced online for a high-severity flaw in GNU C Library's dynamic loader, allowing local attackers to gain root privileges on major Linux distributions. [...]BLEEPINGCOMPUTER.COM
5 OctBreach Roundup: Still Too Much ICS Exposed on the InternetAlso, Apple and Qualcomm Issue Emergency Patches This week, Bitsight found a lot of internet-exposed industrial control systems, Apple issued new patches, Sony confirmed a data breach, Google and Yahoo tackled spam, Qualcomm patched three zero-days, Cisco revealed zero-day exploi…DATABREACHTODAY.CO.UK
5 OctQakbot malware’s creators ride again, despite FBI takedownWhile the Qakbot banking Trojan was eradicated in August by a large-scale law enforcement operation, the people behind it are still active and pose a threat to users, researchers said today. According to a report from Cisco's Talos threat intelligence group, its experts can say w…CSOONLINE.COM
5 OctAttackers Exploiting Atlassian Confluence Software Zero-DayCritical Privilege Escalation Bug Helps Create Admin Accounts Hackers have weaponized a zero-day in a popular workspace collaboration tool to create administrator accounts and gain unrestricted access to their on-premises instances of the software, Atlassian's Confluence Data Cen…DATABREACHTODAY.CO.UK
5 OctMultiple Vulnerabilities in Progress WS_FTP Server Could Allow for Remote Command Execution.Multiple vulnerabilities in Progress WS_FTP Server have been discovered, the most severe of which could allow for remote command execution. Progress WS_FTP Server is used is to securely store, share and transfer information between systems, applications, groups and individuals. S…CISECURITY.ORG
5 OctNews alert: Massachusetts pumps $1.1 million into state college cybersecurity training programsWorcester, Mass., Oct. 5, 2023 – Today, the Healey-Driscoll Administration kicked off Cybersecurity Month in Massachusetts with the announcement of $1,136,911 in funding to develop a new cybersecurity training center at MassBay Community College and support the existing center at…LASTWATCHDOG.COM
📢 SECURITY ADVISORIES 9[−]
5 OctCISA, NSA Publish Guidance on IAM Challenges for Developers, VendorsNew US government guidance details the challenges that application developers and vendors face in identity and access management (IAM). The post CISA, NSA Publish Guidance on IAM Challenges for Developers, Vendors appeared first on SecurityWeek .SECURITYWEEK.COM
5 OctNSA and CISA reveal top 10 cybersecurity misconfigurationsThe National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) revealed today the top ten most common cybersecurity misconfigurations discovered by their red and blue teams in the networks of large organizations. [...]BLEEPINGCOMPUTER.COM
🔥 INCIDENT REPORTING 16[−]
5 Oct'Gay furry hackers' claim second NATO cyber-break-insubmitted by c0mmando to netsec 1 points | 0 comments https://www.theregister.com/2023/10/04/nato_data_attack/ NATO is “actively addressing” multiple IT security incidents after a hacktivist group claimed it once again breached some of the military alliance’s websites, this time …THEREGISTER.COM
5 OctMassive Surge in Cyber Attacks Targeting Real Estate and Utilities OrganizationsCyber attacks are becoming increasingly sophisticated as threat actors continuously evolve their tools and tactics. They leverage advanced technologies, use social engineering techniques, and collaborate in sophisticated cybercrime networks. The real estate and utilities in…GBHACKERS.COM
5 OctCritical Atlassian Confluence Bug Under Attack; Patch NowUpgrading alone will not remove attackers from compromised instances, and organizations must take steps to detect compromises, remove unauthorized admins, and assess any potential damage.THEREGISTER.COM
5 OctCyberattacks in Arizona, Missouri Limit Access to Community ServicesThe limited access to patient information systems and critical tools used by doctors due to cyberattacks can have detrimental effects on patient care, potentially costing lives.THERECORD.MEDIA
5 OctSony Confirms Data Stolen in Two Recent Hacker AttacksSony shares information on the impact of two recent unrelated hacker attacks carried out by known ransomware groups. The post Sony Confirms Data Stolen in Two Recent Hacker Attacks appeared first on SecurityWeek .SECURITYWEEK.COM
5 OctOrganizations grapple with detection and response despite rising security budgetsOnly about a fifth of cybersecurity leaders today are confident about their organization's cybersecurity approach, with only a half trusting the training they provide in-house, according to an EY study. The study that surveyed 500 cybersecurity leaders worldwide found them to be …CSOONLINE.COM
5 OctRed Cross Releases Wartime Hacktivist RulesWriting in the European Journal of International Law (EJIL), the ICRC warned that cyberattacks by civilians during wartime are causing disruption to non-military targets such as hospitals, pharmacies, and banks – impacting innocent civilians.INFOSECURITY-MAGAZINE.COM
5 OctLyca Mobile investigates customer data leak after cyberattackLyca Mobile has released a statement about an unexpected disruption on its network caused by a cyberattack that may have also compromised customer data. [...]BLEEPINGCOMPUTER.COM
5 OctPLAY Ransomware Group Added Six New Organizations to its Victim ListThe organizations targeted by PLAY include Roof Management, Security Instrument Corp, Filtration Control Ltd, Cinépolis Cinemas, CHARMANT Group, and Stavanger Municipality.THECYBEREXPRESS.COM
5 OctAmazon to make MFA mandatory for 'root' AWS accounts by mid-2024Amazon will require all privileged AWS (Amazon Web Services) accounts to use multi-factor authentication (MFA) for stronger protection against account hijacks leading to data breaches, starting in mid-2024. [...]BLEEPINGCOMPUTER.COM
5 OctJoe Sullivan: What's a Breach? 'It's a Complicated Question'The Question is Also One for the Legal Team to Own, Says Uber's Former CSO Trick question for CSOs: When does a security incident qualify as being a data breach? The answer is that it's "a very complicated question" best left to the legal team, said former Uber CSO Joe Sullivan, …DATABREACHTODAY.CO.UK
5 OctNew tool: le-hex-to-ip.py, (Thu, Oct 5th)So, this week it is my privilege to be TA-ing for Taz Wake for the beta run of his new class FOR577: Linux Incident Response and Threat Hunting . We were looking in the linux /proc filesystem and were noticing in the /proc//net/{tcp/udp/icmp/...} that the IP addresses w…ISC.SANS.EDU
5 OctBlackbaud Pays $49.5M to Settle With State AGs in Breach2020 Ransomware Incident Affected 13,000 Customers, Millions of Individuals Fundraising software powerhouse Blackbaud will pay $49.5 million to settle a multistate investigation into the company's data security practices and its response to a 2020 ransomware attack. The firm must…DATABREACHTODAY.CO.UK
5 OctHacked phone spyware shuts down… againA short-lived spyware operation called Oospy, which emerged earlier this year after its predecessor Spyhide was hacked, is no longer operational and has shut down. Oospy appeared online in late July as a rebrand of a phone monitoring app called Spyhide, which was facilitating the…TECHCRUNCH.COM
5 OctClorox Expects Double-Digit Sales Drop Following CyberattackBleach Manufacturing Giant Spent $25M Cleaning Up Huge Cyberattack in Initial Weeks Clorox said Wednesday an August cyberattack had caused a drop in the bleach manufacturing giant's sales and profits in the quarter ended Sept. 30. The company said organic sales will drop between …DATABREACHTODAY.CO.UK
5 OctLessons Learned from a Year of Cybersecurity Breaches - ESW #334In this segment, we'll explore some of the most useful lessons and interesting insights to come out of the last year's worth of breaches and data leaks! We'll explain why we will NOT be covering MGM in this segment. The breaches we will be covering include: - Microsoft AI Researc…YOUTUBE.COM
🕵️ THREAT INTELLIGENCE 29[−]
5 OctISC Stormcast For Thursday, October 5th, 2023 https://isc.sans.edu/podcastdetail/8688, (Thu, Oct 5th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
5 OctHackers are Abusing Dropbox to Steal Microsoft SharePoint CredentialsA growing cyber threat involving Dropbox has emerged, and it’s raising concerns across the cybersecurity landscape. In the initial two weeks of September, a staggering 5,440 of these attacks were detected, highlighting the alarming scale of this threat. Utilizing Drop…GBHACKERS.COM
5 OctOn Demand | Health Sector and Evolution of Complex Threats & What That Means for your SOCJoin us to learn from Cisco about what new, modern and sophisticated threats look like today, and how these complex threats make it harder to succeed at effective threat detection and responseDATABREACHTODAY.CO.UK
5 OctExposing Infection Techniques Across Supply Chains and CodebasesThis entry delves into threat actors' intricate methods to implant malicious payloads within seemingly legitimate applications and codebases.TRENDMICRO.COM
5 OctHundreds Download Malicious NPM Package Capable of Delivering RootkitThreat actor uses typosquatting to trick hundreds of users into downloading a malicious NPM package that delivers the r77 rootkit. The post Hundreds Download Malicious NPM Package Capable of Delivering Rootkit appeared first on SecurityWeek .SECURITYWEEK.COM
5 OctGuyana Governmental Entity Hit by DinodasRAT in Cyber Espionage AttackA governmental entity in Guyana has been targeted as part of a cyber espionage campaign dubbed Operation Jacana. The activity, which was detected by ESET in February 2023, entailed a spear-phishing attack that led to the deployment of a hitherto undocumented implant written in C+…THEHACKERNEWS.COM
5 OctDoes your security program suffer from piecemeal detection and response?Piecemeal Detection and Response (PDR) can manifest in various ways. The most common symptoms of PDR include: Multiple security information and event management (SIEM) tools (e.g., one on-premise and one in the cloud) Spending too much time or energy on integrating detection syst…SECURITYINTELLIGENCE.COM
5 OctRomHack Conference 2023 - 6 talkssubmitted by ashar to security_cpe 1 points | 0 comments https://romhack.io/romhack-conference-2023-agenda/ The RomHack Conference 2023 schedule with links to videos and slides RomHack Conference 2023 playlistROMHACK.IO
5 OctRomHack Conference 2022 - 6 talkssubmitted by ashar to security_cpe 1 points | 0 comments https://romhack.io/romhack-2022-conference/ RomHack Conference 2022 Schedule and videos RomHack Conference 2022 Youtube playlistROMHACK.IO
5 OctQakbot Hackers Continue to Push Malware After Takedown AttemptQakbot cybercriminals continue to push malware, which shows they are still operational after the recent takedown attempt. The post Qakbot Hackers Continue to Push Malware After Takedown Attempt appeared first on SecurityWeek .SECURITYWEEK.COM
5 OctSenior Executives Beware: The Rise of EvilProxy Phishing CampaignsMenlo Security warns that a social engineering campaign is using the EvilProxy phishing kit to target senior executives across a range of industries, including banking and financial services, insurance, property management and real estate, and manufacturing.KNOWBE4.COM
5 OctMalicious URLs In Phishing Emails: Hover, Click and Inspect AgainThe most often recommended piece of anti-phishing advice is for all users to “hover” over a URL link before clicking on it. It is great advice.KNOWBE4.COM
5 OctNorth Korean Hackers Target South Korean Naval ShipyardsSouth Korea's National Intelligence Service said it is notifying shipbuilders of threats to their systems and networks and advising major shipyards to conduct independent security audits to plug security holes in digital infrastructure.BANKINFOSECURITY.COM
5 OctRed Cross Publishes Rules of Engagement for Hacktivists During WarICRC is telling hacktivists involved in conflict during war to avoid targeting civilian objectives and hospitals, or making threats of violence. The post Red Cross Publishes Rules of Engagement for Hacktivists During War appeared first on SecurityWeek .SECURITYWEEK.COM
5 OctBlackBerry to Separate Cybersecurity, IoT Businesses In 2024Subsidiary IPO Will Split High-Growth IoT Unit From Low-Growth Cybersecurity Unit BlackBerry will split its $418 million cybersecurity business and $206 million IoT business into separate, independently-operated entities following a strategic review that lasted five months. The s…DATABREACHTODAY.CO.UK
5 OctTop 7 REST API Security Strategies to Secure Your EndpointsIn today’s REST API-driven landscape, most APIs are REST-based and widely utilized by web applications. These APIs are like versatile tools for sending and receiving information online. However, their widespread use exposes them to various security threats and challenges. W…GBHACKERS.COM
5 OctSHARED INTEL Q&A: My thoughts and opinions about cyber threats — as discussed with OneRepEditor’s note: I recently had the chance to participate in a discussion about the overall state of privacy and cybersecurity with Erin Kapczynski, OneRep’s senior vice president of B2B marketing. OneRep provides a consumer service that scrubs your personal information…LASTWATCHDOG.COM
5 OctThe Time Is Now to Secure the FuturePalo Alto Networks is excited to kick off the 2023-2024 Secure the Future competition and encourage all interested students to apply before October 13. The post The Time Is Now to Secure the Future appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
5 OctOperation Jacana Targets Governmental Entity in Guyana with DinodasRATWhile the specific APT group behind the campaign could not be identified, there is medium confidence that it is a China-aligned threat group based on the use of a variant of Korplug, which is commonly associated with such groups.WELIVESECURITY.COM
5 OctGitHub Improves Secret Scanning Feature With Expanded Token Validity ChecksGitHub beefs up its secret scanning feature, now allowing users to check the validity of exposed credentials for major cloud services. The post GitHub Improves Secret Scanning Feature With Expanded Token Validity Checks appeared first on SecurityWeek .SECURITYWEEK.COM
5 OctBlackBerry to Split Cybersecurity, IoT Business UnitsBlackBerry plans to split its cybersecurity and IOT (Internet of Things) businesses and pursue an IPO for the IOT unit early next year. The post BlackBerry to Split Cybersecurity, IoT Business Units appeared first on SecurityWeek .SECURITYWEEK.COM
5 OctCryptohack Roundup: FTX Hacker Moves Funds, SBF Trial BeginsAlso: Crypto Q3 Losses; China Companies Use Digital Assets to Distribute Drugs This week, the FTX hacker moved more than $100 million of funds as the trial of the company's former CEO begins; crypto losses in the third quarter of this year were $685.5 million; and the DOJ said th…DATABREACHTODAY.CO.UK
5 Oct‘War has no rules’: Hacktivists scorn Red Cross’ new guidelinessubmitted by c0mmando to netsec 1 points | 0 comments https://therecord.media/hacktivists-respond-to-red-cross-rules-with-ridicule This week, the Red Cross issued ethical guidelines for civilian hackers involved in armed conflicts, sparking ridicule from hacktivists in Ukraine an…THERECORD.MEDIA
5 OctCisco Plugs Gaping Hole in Emergency Responder SoftwareCisco warns that unauthenticated, remote attackers can log into devices using root account, which has default, static credentials that cannot be changed or deleted. The post Cisco Plugs Gaping Hole in Emergency Responder Software appeared first on SecurityWeek .SECURITYWEEK.COM
5 OctChina-linked cyberspies backdoor semiconductor firms with Cobalt StrikeHackers engaging in cyber espionage have targeted Chinese-speaking semiconductor companies with TSMC-themed lures that infect them with Cobalt Strike beacons. [...]BLEEPINGCOMPUTER.COM
5 Oct[New Report] Over Half of Phishing Emails Use ObfuscationA new report shows staggering phishing trends using obfuscation techniques that should make any organization feel worried.KNOWBE4.COM
5 OctHospital Lobbyists Press Senator on Online Tracking LimitsSen. Bill Cassidy Considering Sector Feedback on Recent RFI America's largest hospital lobbying group says Congress should pressure health regulators into retracting a warning that online trackers embedded into patient portals could violate medical privacy law. Sen. Bill Cassidy,…DATABREACHTODAY.CO.UK
5 OctOperation Jacana: Foundling hobbits in GuyanaESET researchers discovered a cyberespionage campaign against a governmental entity in GuyanaWELIVESECURITY.COM
5 OctNews alert: Kovrr report reveals exposure and cost of material cyber threats — across industriesTel Aviv, Israel, Oct. 5, 2023 — Kovrr , the leading global provider of cyber risk quantification (CRQ) solutions, announces the release of its new Fortune 1000 Cyber Risk Report, shedding light on the complex and ever-evolving cyber risk landscape … (more…)LASTWATCHDOG.COM
🌐 CYBER THREAT LANDSCAPE 7[−]
5 OctAnalysis and Config Extraction of Lu0Bot, a Node.js Malware with Considerable CapabilitiesNowadays, more malware developers are using unconventional programming languages to bypass advanced detection systems. The Node.js malware Lu0Bot is a testament to this trend. By targeting a platform-agnostic runtime environment common in modern web apps and employing multi-layer…THEHACKERNEWS.COM
5 OctGoldDigger Android Trojan Targets Banking Apps in Asia Pacific CountriesA new Android banking trojan named GoldDigger has been found targeting several financial applications with an aim to siphon victims' funds and backdoor infected devices. "The malware targets more than 50 Vietnamese banking, e-wallet and crypto wallet applications," Group-IB said.…THEHACKERNEWS.COM
5 OctQakbot hackers are still spamming victims despite FBI takedownThe hackers behind Qakbot, a notorious malware operation that was recently “dismantled” by the FBI, are still active and continue to target new victims, researchers say. The FBI announced in August that it had successfully “disrupted and dismantled” the infrastructure of the long…TECHCRUNCH.COM
5 OctBanned Applications Used as a Lure to Target Russian UsersCyble identifies a phishing campaign targeting Russians with fake sites for ExpressVPN, WeChat, and Skype. Criminals aim to deliver a RMS, gain initial access, and deploy malware. Researchers cite that TA505 might be behind this campaign. It is recommended to implement applicatio…CYWARE.COM
5 OctAWS Kicks off Cloud Race to Mandate MFA by DefaultThe move towards MFA by default aligns with the push for secure-by-default tactics recommended by cyber authorities and highlights the shared responsibility model in cloud security.CYBERSECURITYDIVE.COM
5 OctNew GoldDigger Android Trojan Drains Victim Bank AccountsThe GoldDigger trojan has been active since at least June 2023 and is currently targeting users of over 50 Vietnamese banking apps, as well as e-wallets and crypto-wallets.INFOSECURITY-MAGAZINE.COM
5 OctTransatlantic Cable podcast, episode 318 | Kaspersky official blog318 of the Kaspersky podcast looks at NFTs, deepfakes, ICS reports and Sony hacks.KASPERSKY.COM
🎙️ PODCASTS 1[−]
5 OctSmashing Security podcast #342: Royal family attacked, keyless car theft, and a deepfake Tom HanksIs a deepfake Tom Hanks better than the real thing? Who has been attacking the British Royal Family’s website, and why? And how can you protect your vehicle from the spate of keyless car thefts? All this and much much more is discussed in the latest edition of the “Smashing Secur…GRAHAMCLULEY.COM
📡 INFOSEC NEWS 23[−]
5 OctOkta Buys Personal Password Manager Uno to Service ConsumersOkta has acquired password manager Uno to enter the consumer identity market. Uno, founded by a former Google engineer, is known for its design-centric and user-friendly password management tools.BANKINFOSECURITY.COM
5 OctNew Supermicro BMC Vulnerabilities Could Expose Many Servers to Remote AttacksSupermicro has released updates to address multiple vulnerabilities in Baseboard Management Controllers (BMC) IPMI firmware that could allow remote attackers to gain root access to the system.SECURITYWEEK.COM
5 OctGoogle and Yahoo Say They Will Crack Down on Spam With New MeasuresYahoo will implement rules requiring all bulk senders to use robust email authentication, while also pushing for one-click unsubscribe options. Google will require bulk senders to validate their identities and strongly authenticate their emails.THERECORD.MEDIA
5 OctLive Webinar | Guide to Implementing SASE/SSE: 5 Things for Every CIO & CISO to KnowDATABREACHTODAY.CO.UK
5 OctPolitical Disinformation and AIElections around the world are facing an evolving threat from foreign actors, one that involves artificial intelligence. Countries trying to influence each other’s elections entered a new era in 2016, when the Russians launched a series of social media disinformation campai…SCHNEIER.COM
5 OctLive Webinar | Demystifying SASE: Do's, Don'ts and Key Insights from Early AdoptersDATABREACHTODAY.CO.UK
5 OctCoalition to give NGOs free access to cybersecurity services to protect against attacksThe CyberPeace Institute, in collaboration with other organizations, will establish a portal to provide free training and support to help NGOs in the Netherlands enhance their cybersecurity resilience.THERECORD.MEDIA
5 OctAttacker Deployed Hundreds of Rogue Python Packages with 75,000 Downloads to Steal Sensitive DataThe malicious packages aim to steal sensitive data from systems, applications, browsers, and users. They also target cryptocurrency users by redirecting transactions to the attacker's account.CHECKMARX.COM
5 OctAdvancing generative AI exploration safely and securelyGuardrails for testing and learning are essential to accelerating exploration while minimizing security risks.TECHCRUNCH.COM
5 OctScammers Impersonate Companies to Steal Cryptocurrency From Job SeekersDubbed “WebWyrm” by CloudSEK, the operation has already targeted more than 100,000 individuals across over 50 countries by impersonating over 1000 companies across 10 industries. It has already potentially netted the scammers over $100m.INFOSECURITY-MAGAZINE.COM
5 OctA Cybersecurity Risk Assessment Guide for LeadersCybersecurity risk assessment provides the continuous asset detection, analysis, prioritization, and risk scoring needed to keep pace with a continuously growing digital attack surface.TRENDMICRO.COM
5 OctStream-Jacking Attacks on YouTube Steal From Victims via Cryptocurrency ScamsAttackers redirect victims to scams that involve QR codes and phishing websites promising to double their cryptocurrency investments, often using deep fake videos of Elon Musk to add credibility.BITDEFENDER.COM
5 OctThreats in Cloud Top List of Executive Cyber Concerns, Pwc FindsDespite the focus on cloud security, many organizations still have risk management lapses, such as not addressing disaster recovery and backup with their cloud service provider.CYBERSECURITYDIVE.COM
5 OctGlobal CRM Provider Exposed Millions of Clients’ Files OnlineReally Simple Systems exposed a non-password-protected database with over 3 million records, including highly sensitive customer information such as medical records and tax documents.SECURITYAFFAIRS.COM
5 OctWhy Stream-Jacking is Taking Over YouTube: A Comprehensive AnalysisStream-jacking attacks on YouTube are increasing, targeting popular channels to spread deceptive content. Cybercriminals hijack these channels, often impersonating famous figures or brands like Elon Musk and Tesla, promoting scams like crypto doubling. Viewers should be caut…CYWARE.COM
5 OctIs iOS really more secure than Android? | Kaspersky official blogWhich is better for corporate mobile communications security-wise: iPhone or Android device?KASPERSKY.COM
5 OctMicrosoft releases new, faster Teams app for Windows and Mac PCsA new, redesigned, and faster Microsoft Teams application is generally available for all Windows and macOS users starting today. [...]BLEEPINGCOMPUTER.COM
5 OctMicrosoft officially removes Cortana for Windows 11 InsidersMicrosoft finally removed the Cortana standalone app from Windows 11 in the latest preview build for Insiders in the Canary Channel. [...]BLEEPINGCOMPUTER.COM
5 OctCybersecurity Awareness Month 2023: Elevating Security TogetherAs the 20th anniversary of Cybersecurity Awareness Month begins, I find myself reflecting on the strides made since its inception. The journey to enhance and improve cybersecurity is ongoing and extends beyond October. It’s not merely a technological challenge; it is fundamentall…MSRC.MICROSOFT.COM