116Articles
9Categories
2023-10-12Date
🚨 CISA KEV 2[−]
12 Oct KEVAdobe, Cisco IOS, Skype, WordPad, and HTTP/2 Rapid Reset Flaws Actively Exploited: CISA WarnsThe US cybersecurity organization CISA has updated its Known Exploited Vulnerabilities catalog to include five new security flaws that are currently being actively exploited. This means that attackers are using these vulnerabilities to gain unauthorized access to computer systems…GBHACKERS.COM
12 Oct KEVCISA Releases New Resources Identifying Known Exploited Vulnerabilities and Misconfigurations Linked to RansomwareToday, as part of the Ransomware Vulnerability Warning Pilot (RVWP) , CISA launched two new resources for combating ransomware campaigns: A “Known to be Used in Ransomware Campaigns” column in the KEV Catalog that identifies KEVs associated with ransomware campaigns. A “Misconfig…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 6[−]
12 OctTwo High-Risk Security Flaws Discovered in Curl Library - New Patches ReleasedPatches have been released for two security flaws impacting the Curl data transfer library, the most severe of which could potentially result in code execution. The list of vulnerabilities is as follows - CVE-2023-38545 (CVSS score: 7.5) - SOCKS5 heap-based buffer overflow vulner…THEHACKERNEWS.COM
12 OctSEC to investigate Progress Software over mass MOVEit hackProgress Software could be staring at fresh litigations over the explosive zero-day found in its file transfer service, MOVEit, which affected millions of end users globally. The latest probe comes from the US Security and Exchange Commission (SEC), which is seeking information r…CSOONLINE.COM
12 OctHyped up curl vulnerability falls short of expectationscurl 8.4.0 has been released to patch and release details on a hyped up high-severity security vulnerability (CVE-2023-38546), easing week-long concerns regarding the flaw's severity. [...]BLEEPINGCOMPUTER.COM
12 OctApple Releases iOS 16 Update to Patch Exploited VulnerabilityApple has released iOS 16.7.1 and iPadOS 16.7.1 to patch CVE-2023-42824, a kernel vulnerability that has been exploited in attacks. The post Apple Releases iOS 16 Update to Patch Exploited Vulnerability appeared first on SecurityWeek .SECURITYWEEK.COM
12 Oct KEVHigh severity flaw patched in widely used curl toolThe developers of the curl open-source software application and library have released patches for two vulnerabilities in the widely used command-line tool. One of the flaws is rated with high severity and could potentially be exploited by rogue servers to execute malicious code o…CSOONLINE.COM
12 OctCVE-2022-41113 Windows Win32 Kernel Subsystem Elevation of Privilege VulnerabilityIn the Security Updates table corrected the Article and Download links for Windows Server 2022 and Windows Server 2022 (Server Core installation). This is an informational change only.MSRC.MICROSOFT.COM
⚠️ VULNERABILITY DISCLOSURE 24[−]
12 OctGoogle Chrome Use-after-free in Site Isolation Let Remote Attackers Exploit Heap CorruptionThe latest stable version of Google Chrome (version 118.0.5993.70) has been released for Mac and Linux. In contrast, the Windows version has been updated to 118.0.5993.70/.71. This update includes patching almost 20 vulnerabilities, ensuring improved security for users. In additi…GBHACKERS.COM
12 OctThe source code of the 2020 variant of HelloKitty ransomware was leaked on cybercrime forumsubmitted by throws_lemy to cybersecurity 5 points | 0 comments https://securityaffairs.com/152182/malware/hellokitty-ransomware-source-code-leaked.htmlSECURITYAFFAIRS.COM
12 OctMicrosoft Defender Thwarts Large-Scale Akira Ransomware AttackMicrosoft on Wednesday said that a user containment feature in Microsoft Defender for Endpoint helped thwart a "large-scale remote encryption attempt" made by Akira ransomware actors targeting an unknown industrial organization in early June 2023. The tech giant's threat intellig…THEHACKERNEWS.COM
12 OctUnpatched Vulnerabilities Expose Yifan Industrial Routers to AttacksIndustrial routers made by Chinese company Yifan are affected by several critical vulnerabilities that can expose organizations to attacks. The post Unpatched Vulnerabilities Expose Yifan Industrial Routers to Attacks appeared first on SecurityWeek .SECURITYWEEK.COM
12 OctCritical SOCKS5 Vulnerability in cURL Puts Enterprise Systems at RiskOrganizations using cURL and libcurl are urged to apply the patches in cURL 8.4.0 to mitigate the vulnerability that potentially impacts all software projects relying on libcurl.SECURITYWEEK.COM
12 OctLakera launches to protect large language models from malicious promptsLarge language models (LLMs) are the driving force behind the burgeoning generative AI movement, capable of interpreting and creating human-language texts from simple prompts — this could be anything from summarizing a document to writing poem to answering a question using …TECHCRUNCH.COM
12 OctHow scammers are exploiting X Premium (Twitter Blue) | Kaspersky official blogBy paying for X Premium (Twitter Blue) subscriptions, fraudsters get blue checkmarks of verified X accounts and use them to scam users out of money.KASPERSKY.COM
12 Oct KEVMicrosoft Patches 2 Actively Exploited BugsPACKETSTORMSECURITY.COM
12 Oct1-Click RCE On GNOME Via libcuePACKETSTORMSECURITY.COM
12 OctCISA Releases Nineteen Industrial Control Systems AdvisoriesCISA released nineteen Industrial Control Systems (ICS) advisories on October 12, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-285-01 Siemens SIMATIC CP products ICSA-23-285-02 Siemens SCAL…CISA.GOV
12 OctGetting Started With Reverse Engineering Hardware - PSW #802Resources we mentioned: * The Hardware Hackers Handbook is a great start * Do a badge challenge: https://www.cyberark.com/resources/threat-research-blog/an-introduction-to-hardware-hacking * Take some classes * Do some Arduino stuff: https://www.arduino.cc/ * Take free courses on…YOUTUBE.COM
12 OctZero-Day Attacks Exploit 'Rapid Reset' Weakness in HTTP/2Web Servers Need Patching; Google, Amazon, Cloudflare See Massive DDoS Attacks Attackers have been actively exploiting vulnerabilities in the HTTP/2 protocol via so-called rapid request attacks, which Amazon Web Services, Cloudflare and Google report have led to record-breaking d…DATABREACHTODAY.CO.UK
12 OctBeware of Bogus Roborock Retailers: The Perils of Misleading URLs in E-CommerceRoborock's online storefronts have been used for cybercrime schemes in the past, and it seems attackers are continuing to create fake online shops. After all, the Chinese-originated robot vacuum cleaner brand only sells through resellers in Germany.KNOWBE4.COM
12 OctAndroid TVs (Malware Included), Patch Netscaler, Fixing Legacy Auth, & GNOME Bugs! - PSW #802In the Security News: Windows 11 tries to fix legacy authentication, Rapid resets and the world’s largest DDoS attack, we finally get to see the cURL vulnerability, and its pretty ugly, turns out Android TV boxes with pre-installed malware are a hot topic, patch your Netscaler, r…YOUTUBE.COM
12 OctApple fixes iOS Kernel zero-day vulnerability on older iPhonesApple has published security updates for older iPhones and iPads to backport patches released one week ago, addressing two zero-day vulnerabilities exploited in attacks. [...]BLEEPINGCOMPUTER.COM
12 OctSEC Investigating Progress Software Over MOVEit HackProgress Software confirms the SEC has launched its own investigation into costly ransomware zero-days in the MOVEit file transfer software. The post SEC Investigating Progress Software Over MOVEit Hack appeared first on SecurityWeek .SECURITYWEEK.COM
12 OctHow to Banish Heroes from Your SOC?This blog was born from two parents: my never-finished blog on why relying on heroism in a Security Operations Center (SOC) is bad and Phil Venables “superb+” blog titles “Delivering Security at Scale: From Artisanal to Industrial.” BTW, what is heroism? Isn’t that a good thing ?…MEDIUM.COM
12 OctRansomware attacks now target unpatched WS_FTP serversInternet-exposed WS_FTP servers unpatched against a maximum severity vulnerability are now targeted in ransomware attacks. [...]BLEEPINGCOMPUTER.COM
12 OctWhat does it mean for AI to be trustworthy? - Pamela Gupta - ESW #335The world of AI is exploding, as excitement about generative AI creates a gold rush. We've already seen a huge number of new GenAI-based startups, products, and features flooding the market and we'll see a lot more emerge over the next few years. Generative AI will transform how …YOUTUBE.COM
12 OctISMG Editors: How Crypto Helped Finance Hamas' AttacksAlso: North Korean Cryptocurrency Activity, Ex-FTX CEO Sam Bankman-Fried Trial In the latest weekly update, Ari Redbord, head of Legal and Government Affairs at TRM Labs, joined ISMG editors to discuss how Hamas is using crypto to finance operations, the latest illicit activities…DATABREACHTODAY.CO.UK
12 OctFBI shares AvosLocker ransomware technical details, defense tipsThe U.S. government has updated the list of tools AvosLocker ransomware affiliates use in attacks to include open-source utilities along with custom PowerShell, and batch scripts. [...]BLEEPINGCOMPUTER.COM
12 OctUS SEC Probes MOVEit HackProgress Software Says Investigation Is Fact-Finding Inquiry The zero day that fueled a mass attack on Progress Software's MOVEit file transfer software is now the vulnerability fueling a flotilla of attorneys, the company disclosed in a regulatory filing listing pending litigati…DATABREACHTODAY.CO.UK
📢 SECURITY ADVISORIES 13[−]
12 OctResearchers Uncover Malware Posing as WordPress Caching PluginCybersecurity researchers have shed light on a new sophisticated strain of malware that masquerades a WordPress plugin to stealthily create administrator accounts and remotely control a compromised site. "Complete with a professional looking opening comment implying it is a cachi…THEHACKERNEWS.COM
12 OctBounty to Recover NIST’s Elliptic Curve SeedsThis is a fun challenge: The NIST elliptic curves that power much of modern cryptography were generated in the late ’90s by hashing seeds provided by the NSA. How were the seeds generated? Rumor has it that they are in turn hashes of English sentences, but the person who pi…SCHNEIER.COM
12 Oct'Stayin’ Alive' Campaign Targets Telecom Companies and Government Ministries in AsiaThe main tool used in the campaign is a backdoor called CurKeep, which collects information about infected machines and allows remote control. The campaign also utilizes other loaders and downloaders, all connected to the same infrastructure.RESEARCH.CHECKPOINT.COM
12 OctStayin’ Alive Hacking Teleco & Government Organizations to Deploy BackdoorThreat actors target telecoms and government ministries because they house valuable data and infrastructure.  Telecoms hold sensitive communication records and can disrupt essential services, while government ministries contain classified information, making them attractive …GBHACKERS.COM
12 OctGenerative AI is scaring CISOs – but adoption isn’t slowing downThe march of generative AI isn't short on negative consequences, and CISOs are particularly concerned about the downfalls of an AI-powered world, according to a study released this week by IBM. Generative AI is expected to create a wide range of new cyberattacks over the next six…CSOONLINE.COM
12 OctCISA Exec: 'We've Been Lucky In the Cyber Realm' With IsraelCISA's Brandon Wales Warns of Disruptive Chinese Attacks on Critical Infrastructure A top U.S. cybersecurity official said Israel has avoided significant cyberattacks since Hamas' invasion Saturday but said that wouldn't necessarily be America's experience should armed conflict b…DATABREACHTODAY.CO.UK
🔥 INCIDENT REPORTING 17[−]
12 OctHow to Prevent Ransomware as a Service (RaaS) AttacksExplore key insights on how ransomware as a service (RaaS) operators work and how to prevent ransomware attacks.TRENDMICRO.COM
12 OctSimpson Manufacturing Shuts Down IT Systems After CyberattackThe building materials producer experienced a cybersecurity incident that has caused disruptions in its operations and is expected to continue, leading to a pause in business operations.BLEEPINGCOMPUTER.COM
12 OctThreat Actor Deploys Athena Agent in Advanced Spear Phishing AttackThe Athena Agent, part of the Mythic C2 framework, is a cross-platform tool with diverse functionalities, making it highly valuable for threat actors seeking to gain control over compromised systems.THECYBEREXPRESS.COM
12 OctKnight Ransomware Group Takes Responsibility for Cyberattack on India's National Health MissionThe Knight ransomware group has openly claimed responsibility for the recent cyberattack on India's National Health Mission. The group shared screenshots of the attack on their dark web site.THECYBEREXPRESS.COM
12 OctSimpson Manufacturing Takes Systems Offline Following CyberattackSimpson Manufacturing is experiencing disruptions after taking IT systems offline following a cyberattack. The post Simpson Manufacturing Takes Systems Offline Following Cyberattack appeared first on SecurityWeek .SECURITYWEEK.COM
12 OctShadow PC warns of data breach as hacker tries to sell gamers' infoShadow PC, a provider of high-end cloud computing services, is warning customers of a data breach that exposed customers' private information, as a threat actor claims to be selling the stolen data for over 500,000 customers. [...]BLEEPINGCOMPUTER.COM
12 Oct“Human-Operated” Ransomware Attacks Double in the Last YearAs attackers leave little-to-no traces of their attack patterns, more ransomware groups are shifting from automated attacks to manual attacks.KNOWBE4.COM
12 OctNew Cyber Attack Techniques Will Not Replace Old-School Social EngineeringEven though there are new attack types for cybercriminals, they are still leveraging old-school attack vectors. Why? Because they still work.KNOWBE4.COM
12 OctMultiple Cybercrime Groups Join in on the Israel-Hamas ConflictAmid the Israeli-Palestinian conflict, cybercriminals from both sides have turned to cyberattacks in the form of distributed DDoS and also targeting bugs in ICS and SCADA systems. Several Israeli and Palestine organizations have left their Modbus, a SCADA communications protocol,…CYWARE.COM
12 OctMost CISOs Confront Ransomware — and Pay RansomsAccording to a survey by Splunk, 9 out of 10 CISOs reported experiencing a major cyberattack in the past year, with almost half stating that their organizations were hit by multiple disruptive cyberattacks.CYBERSECURITYDIVE.COM
12 OctNew WordPress Backdoor Creates Rogue Admin Account to Hijack WebsitesThe malware has various functions, including user creation, content replacement, and plugin control, allowing attackers to remotely control and monetize compromised sites.BLEEPINGCOMPUTER.COM
12 OctBackdoor Malware Found on WordPress Website Disguised as Legitimate PluginA backdoor deployed on a compromised WordPress website poses as a legitimate plugin to hide its presence. The post Backdoor Malware Found on WordPress Website Disguised as Legitimate Plugin appeared first on SecurityWeek .SECURITYWEEK.COM
12 OctCloud gaming firm Shadow says hackers stole customers’ personal dataFrench technology company Shadow has confirmed a data breach involving customers’ personal information. The Paris-headquartered startup, which offers gaming through its cloud-based PC service, said in an email to customers this week that hackers had accessed their personal …TECHCRUNCH.COM
12 OctShadow PC Warns of Data Breach as Hacker Tries to Sell Gamers’ InformationThe breach occurred due to a social engineering attack targeting an employee, resulting in the theft of customer data including names, email addresses, billing addresses, and credit card expiration dates.BLEEPINGCOMPUTER.COM
12 OctUpdate: BianLian Extortion Group Claims Recent Air Canada BreachWhile Air Canada previously stated that the breach only involved limited personal information, the hackers now say they have accessed much more extensive data, amounting to 210GB.BLEEPINGCOMPUTER.COM
12 OctBreach Roundup: Google Phases out PasswordsAlso: Microsoft Will Bid VBSript Goodbye and A Novel Magecart Attack This week: Google began phasing out passwords, Microsoft will bid VBSript goodbye, payment card information exposed in Air Europa hack, Magecart attack uses sneaky 404 page tactic, U.S. voter registration data s…DATABREACHTODAY.CO.UK
12 Oct13 Most Dangerous Cyber Attacks and How to Avoid ThemToday’s cyber adversaries are not mere amateurs but professional criminals aiming to steal data. As per the findings of Check Point Research, there was a record surge in weekly cyber attacks in Q4 2021, with over 900 attacks per organization. RiskIQ estimated that cybercrim…GBHACKERS.COM
🕵️ THREAT INTELLIGENCE 27[−]
12 OctMalicious Nuget Packages Found Delivering SeroXen RATsubmitted by expertmadman to cybersecurity 1 points | 0 comments https://blog.phylum.io/phylum-discovers-seroxen-rat-in-typosquatted-nuget-package/PHYLUM.IO
12 OctISC Stormcast For Thursday, October 12th, 2023 https://isc.sans.edu/podcastdetail/8698, (Thu, Oct 12th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
12 OctWhy Zero Trust Delivers Even More Resilience Than You ThinkZTNA simplifies operational costs by centralizing policy controls and adapting to changing conditions, reducing the need for expensive and challenging-to-maintain traditional network security measures.HELPNETSECURITY.COM
12 OctMicrosoft to Kill off VBScript in Windows to Block Malware DeliveryThe discontinuation of Internet Explorer, which came bundled with VBScript, eliminates a prevalent infection vector used by threat actors to distribute malware on Windows systems.BLEEPINGCOMPUTER.COM
12 OctSYN Ventures Announces $75 Million Seed Fund for US Cybersecurity FirmsVenture capital firm SYN Ventures announces first closing of $75 million cybersecurity seed fund for US cybersecurity companies. The post SYN Ventures Announces $75 Million Seed Fund for US Cybersecurity Firms appeared first on SecurityWeek .SECURITYWEEK.COM
12 OctJunos OS Flaw Allows Attackers to Flood System and Expose Sensitive DataThree new vulnerabilities have been discovered in Junos OS: password disclosure, MAC address validation bypass, and Time-of-check Time-of-use (TOCTOU) Race Condition. The severity of these vulnerabilities ranges between 5.3 (Medium) to 6.1 (Medium). Juniper Networks has released …GBHACKERS.COM
12 OctHackers on WordPress Websites Hacking Spree with Balada Malwaresubmitted by throws_lemy to cybersecurity 2 points | 0 comments https://www.hackread.com/hackers-wordpress-websites-hacking-balada-malware/HACKREAD.COM
12 OctCISO Pay Increases Are Slowing – a Look Behind the FiguresHow much do CISOs make? Survey provides compensation trends for Chief Information Security Officers, but don't take surveys at full face value. The post CISO Pay Increases Are Slowing – a Look Behind the Figures appeared first on SecurityWeek .SECURITYWEEK.COM
12 OctShellBot Uses Hex IPs to Evade Detection in Attacks on Linux SSH ServersThe threat actors behind ShellBot are leveraging IP addresses transformed into its hexadecimal notation to infiltrate poorly managed Linux SSH servers and deploy the DDoS malware. "The overall flow remains the same, but the download URL used by the threat actor to install ShellBo…THEHACKERNEWS.COM
12 OctHarvested Credentials Are Put Up for Sale Monthly on the Dark Web at a Rate of 10,000 a MonthCredential harvesting has become a business in and of itself within the cybercrime economy. New insight from Microsoft details the types of attacks your organization should watch out for.KNOWBE4.COM
12 OctBusiness Email Compromise Attempts Skyrocket in the Last YearThreat actors launched 156,000 business email compromise (BEC) attempts per day between April 2022 and April 2023, according to Microsoft’s latest Digital Defense Report. While most of these attempts go unanswered, criminals can receive massive payouts when they succeed.KNOWBE4.COM
12 Oct[INFOGRAPHIC] KnowBe4’s SecurityCoach: Top 10 IntegrationsReal-time security coaching helps improve your organization’s security culture by enabling real-time coaching of your users in response to risky security behaviors. KNOWBE4.COM
12 OctShellBot DDoS Malware Attacking Poorly Managed Linux SSH ServersIn a recent discovery by the AhnLab Security Emergency Response Center (ASEC), a change in the distribution method of the ShellBot malware has been identified.  This malware targets poorly managed Linux SSH servers, and while its modus operandi remains consistent, there̵…GBHACKERS.COM
12 OctHow I got started: Attack surface managementAs the threat landscape multiplies in sophistication and complexity, new roles in cybersecurity are presenting themselves more frequently than ever before. For example, attack surface management. These cybersecurity professionals are responsible for identifying, mapping and secur…SECURITYINTELLIGENCE.COM
12 OctA Leader in the IDC MarketScape: Worldwide SD-WAN InfrastructurePalo Alto Networks has garnered recognition as a Leader in the latest IDC MarketScape: Worldwide SD-WAN Infrastructure 2023 Vendor Assessment. The post A Leader in the IDC MarketScape: Worldwide SD-WAN Infrastructure appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
12 OctA place to share vulnerable docker containerssubmitted by adzsx to cybersecurity 2 points | 0 comments I’m thinking of something like vulnhub , but for docker containers. I know about the official docker hub but on there I have to search to may find 1 or 2 from 6 years ago.INFOSEC.PUB
12 OctLinkedIn Smart Links Abused in Phishing Campaign Targeting Microsoft AccountsA recently observed phishing campaign targeting Microsoft accounts is using LinkedIn smart links to bypass defenses. The post LinkedIn Smart Links Abused in Phishing Campaign Targeting Microsoft Accounts appeared first on SecurityWeek .SECURITYWEEK.COM
12 OctSmashing security podcast 343: Four-legged girlfriends, LoveGPT, and a military intelligence failure - 44 minutessubmitted by ashar to security_cpe 2 points | 0 comments https://www.smashingsecurity.com/343-four-legged-girlfriends-lovegpt-and-a-military-intelligence-failure/ Dream girlfriends, AI love scams, and an alleged spy who is said to have made a series of blunders. All this and much…SMASHINGSECURITY.COM
12 OctHow to detect Wi-Fi deauthentication attack and even receive notification on your smartphonesubmitted by L4s to secops 1 points | 0 comments https://www.mobile-hacker.com/2023/10/12/detect-wi-fi-deauthentication-attack-using-esp8266-and-receive-notification-on-smartphone/ How to detect Wi-Fi deauthentication attack and even receive notification on your smartphone::A Wi-…MOBILE-HACKER.COM
12 OctQBinDiff: A modular diffing toolkitThis blog post presents an overview of QBinDiff , the Quarkslab binary diffing tool officially released today. It describes its core principles and shows how it works on binaries as well as on general graph matching problems unrelated to IT security.QUARKSLAB.COM
12 OctGRCon23 - Streamed live on 5 Sept 2023 - 7 hourssubmitted by ashar to security_cpe 1 points | 0 comments https://www.youtube.com/live/LzkIl8sTvRY?si=ZdCfh1DaQc8IV3SW&t=946YOUTUBE.COM
12 OctNew Research: Phishing Remains the Most Popular Technique for Bad ActorsA report from Trustwave notes that phishing remains one of the most popular and effective techniques for attackers to gain access to organizations.KNOWBE4.COM
12 OctNews alert: Nerds On Site develops ‘SME Edge’ solution for small- and mid-sized enterprisesToronto, Ontario – October 12, 2023 – Nerds On Site Inc. (CSE: NERD), a cybersecurity and mobile IT solutions company servicing the small and medium enterprise (SME) marketplace in Canada and the U.S., has developed SME Edge , a complete … (more…)LASTWATCHDOG.COM
12 OctHow this year’s Black Hat NOC leveraged AI to defend the eventThis year's Black Hat USA conference saw more than 907M threat events detected in real time, according to data collected by Palo Alto Networks. This is a staggering number that shows just how attractive the event is to threat actors – and artificial intelligence (AI) was a key dr…CSOONLINE.COM
12 OctCryptohack Roundup: Crackdown on Hamas CryptoAlso: FTX Trial, Voyager Capital Settles With US FTC and Money Laundering and Hacks This week: Crackdown on Hamas cryptocurrency accounts, more revelations from the trial of Sam Bankman-Fried and Voyager Capital settles with the U.S. FTC but former CEO Stephen Ehrlich does not. A…DATABREACHTODAY.CO.UK
12 OctGetting Real with AI, Ending Point Solutions, InfoSec Burnout - Mike Campfield, Nathan... - ESW #335There's a lot of talk about AI, especially with the rise of apps like ChatGPT. Despite there being a huge amount of hype, there are legitimately practical applications for leveraging AI concepts in meaningful ways to improve the efficiency and effectiveness of your cybersecurity …YOUTUBE.COM
12 Oct KEVWeaponizing Asset Intelligence, App Sec at ISW - Kevin Johnson, Brian Contos, Stacy Ko... - ESW #335As long as there are profits to be made, cybercriminals will continue to monetize enterprise assets—whether they be devices, applications, data, or users. It only takes one weak or unknown asset to compromise an entire organization. Brian will discuss why enterprises need to move…YOUTUBE.COM
🌐 CYBER THREAT LANDSCAPE 7[−]
12 OctResearchers Uncover Ongoing Attacks Targeting Asian Governments and Telecom GiantsHigh-profile government and telecom entities in Asia have been targeted as part of an ongoing campaign since 2021 that's designed to deploy basic backdoors and loaders for delivering next-stage malware. Cybersecurity company Check Point is tracking the activity under the name Sta…THEHACKERNEWS.COM
12 OctCyber Investments Aim to Paint Broader View of Digital Threats, Official SaysThe federal government is investing in the infrastructure to improve collaboration and data sharing with the private sector in order to strengthen the nation's digital infrastructure against cyber threats.NEXTGOV.COM
12 OctDarkGate Opens Organizations for Attack via Skype, TeamsWe detail an ongoing campaign abusing messaging platforms Skype and Teams to distribute the DarkGate malware to targeted organizations. We also discovered that once DarkGate is installed on the victim’s system, additional payloads were introduced to the environment.TRENDMICRO.COM
12 OctEndpoint Malware Attacks Decline as Campaigns Spread WiderAs per a recent report by WatchGuard, in Q2 2023, 95% of malware is delivered through encrypted connections, highlighting the importance of inspecting SSL/TLS traffic to detect hidden threats.HELPNETSECURITY.COM
12 OctMalicious NuGet Package Targeting .NET Developers with SeroXen RATA malicious package hosted on the NuGet package manager for the .NET Framework has been found to deliver a remote access trojan called SeroXen RAT. The package, named Pathoschild.Stardew.Mod.Build.Config and published by a user named Disti, is a typosquat of a legitimate package …THEHACKERNEWS.COM
12 OctToddyCat hackers use 'disposable' malware to target Asian telecomsA newly discovered campaign dubbed "Stayin' Alive" has been targeting government organizations and telecommunication service providers across Asia since 2021, using a wide variety of "disposable" malware to evade detection. [...]BLEEPINGCOMPUTER.COM
12 OctMalicious Solana, Kucoin packages infect NuGet devs with SeroXen RATMalicious NuGet packages appearing to have over 2 million downloads impersonate crypto wallets, crypto exchange, and Discord libraries to infect developers with the SeroXen remote access trojan. [...]BLEEPINGCOMPUTER.COM
🎙️ PODCASTS 1[−]
12 OctTransatlantic Cable podcast, episode 319 | Kaspersky official blogEpisode 319 takes a look at Sony hit by CLOP, NATO data leak and 23andMe data leaked onlineKASPERSKY.COM
📡 INFOSEC NEWS 19[−]
12 OctHalf of CISOs Now Report to CEO as Influence GrowsAccording to a Splunk report, nearly half (47%) of global CISOs now report to their CEO, and the vast majority (78%) are backed by a board-level cybersecurity committee, signaling the growing influence of cyber risk management in organizations.INFOSECURITY-MAGAZINE.COM
12 OctAnonGhost Hackers Send Fake Nuclear Attack Warning via Israeli Red Alert AppThe hackers found a way to spam users of the app and claimed their attack left users' phones disconnected from the internet and broken. While the hack caused concern, it is unlikely that it actually damaged users' devices.BITDEFENDER.COM
12 OctD-Link WiFi Range Extender Vulnerable to Command Injection AttacksOwners of the D-Link DAP-X1860 extender should limit manual network scans, be cautious of sudden disconnections, and consider isolating IoT devices and range extenders from sensitive devices.BLEEPINGCOMPUTER.COM
12 OctSavvy Israel-Linked Hacking Group Reemerges Amid Gaza FightingThe reemergence of the hacking group Predatory Sparrow, believed to have links to the Israeli government, highlights the potential role of cyber operations in the ongoing conflict between Israel and Hamas.CYBERSCOOP.COM
12 OctLinkedIn Smart Links Fuel Credential Phishing CampaignThis recent phishing campaign targeted various industries, with the finance sector being the primary target, and highlights the importance of employee training to combat phishing attacks.COFENSE.COM
12 OctHow to Guard Your Data from Exposure in ChatGPTChatGPT has transformed the way businesses generate textual content, which can potentially result in a quantum leap in productivity. However, Generative AI innovation also introduces a new dimension of data exposure risk, when employees inadvertently type or paste sensitive busin…THEHACKERNEWS.COM
12 OctR2R Stomping – Are You Ready to Run?ReadyToRun (R2R) stomping is a new method that allows for hidden implanted code in .NET binaries, altering the original intermediate language (IL) code and prioritizing pre-compiled native code for execution.RESEARCH.CHECKPOINT.COM
12 OctEuropean Police Hackathon Hunts Down TraffickersThe three-day operation took place in the Dutch municipality of Apeldoorn, with officers from all 22 EU member states and four “third countries” taking part, alongside representatives from Interpol, the European Labour Authority, and others.INFOSECURITY-MAGAZINE.COM
12 OctResearchers Discover SeroXen RAT in Typosquatted NuGet PackageThe package contains a malicious install script that executes covertly during installation, downloading an obfuscated batch script that ultimately constructs and executes a PowerShell script.PHYLUM.IO
12 OctSYN Ventures Announces $75 Million Seed Fund for US Cybersecurity FirmsThe venture capital firm, led by former Fortune 500 CISOs and security executives, plans to focus on the seed stage to help early-stage companies develop next-generation cyber solutions and find product-market fit faster.SECURITYWEEK.COM
12 OctIntroducing the Microsoft AI Bug Bounty Program featuring the AI-powered Bing experienceToday at BlueHat we announced the new Microsoft AI bug bounty program with awards up to $15,000. This new bounty program features the AI-powered Bing experience as the first in scope product. The following products and integrations are eligible for bounty awards: AI-powered Bing …MSRC.MICROSOFT.COM
12 OctNew Microsoft bug bounty program focuses on AI-powered BingMicrosoft announced a new AI bounty program focused on the AI-driven Bing experience, with rewards reaching $15,000. [...]BLEEPINGCOMPUTER.COM
12 OctPhishing Campaigns Affecting Italy Witness a SurgeThe Italian Postal Police and CERT-AgID have recently reported numerous phishing campaigns impersonating popular brands such as Poste Italiane, Intesa Sanpaolo, and Zimbra.SECURITYAFFAIRS.COM
12 OctCould Middle Eastern Cyberwarfare Spill Into Health Sector?The violent surprise attack on Israel by Hamas and the region's escalating war spotlights the critical importance of situational awareness, and especially for healthcare organizations that rely on medical or tech products from Israeli technology firms, said Denise Anderson, presi…DATABREACHTODAY.CO.UK
12 OctFake Account Creation Bots – Part 2Part two of a series investigating how automation is used to create fake accounts for fraud, disinformation, scams, and account takeover.F5.COM
12 OctFake Account Creation Bots – Part 2Part two of a series investigating how automation is used to create fake accounts for fraud, disinformation, scams, and account takeover.F5.COM
12 OctFake Account Creation Bots – Part 2Part two of a series investigating how automation is used to create fake accounts for fraud, disinformation, scams, and account takeover.F5.COM