🐛 COMMON VULNERABILITIES AND EXPOSURES 11[−]
18 OctRecent NetScaler Vulnerability Exploited as Zero-Day Since AugustMandiant says the recently patched Citrix NetScaler vulnerability CVE-2023-4966 had been exploited as zero-day since August. The post Recent NetScaler Vulnerability Exploited as Zero-Day Since August appeared first on SecurityWeek .SECURITYWEEK.COM
18 OctTens of Thousands of Cisco Devices Hacked via Zero-Day VulnerabilityTens of thousands of Cisco devices have reportedly been hacked via the exploitation of the zero-day vulnerability CVE-2023-20198. The post Tens of Thousands of Cisco Devices Hacked via Zero-Day Vulnerability appeared first on SecurityWeek .SECURITYWEEK.COM
18 Oct KEVRecently patched Citrix NetScaler bug exploited as zero-day since AugustA critical vulnerability tracked as CVE-2023-4966 in Citrix NetScaler ADC/Gateway devices has been actively exploited as a zero-day since late August, security researchers announced. [...]BLEEPINGCOMPUTER.COM
18 OctCritical Citrix NetScaler Flaw Exploited to Target from Government, Tech FirmsCitrix is warning of exploitation of a recently disclosed critical security flaw in NetScaler ADC and Gateway appliances that could result in exposure of sensitive information. Tracked as CVE-2023-4966 (CVSS score: 9.4), the vulnerability impacts the following supported versions …THEHACKERNEWS.COM
18 OctRussia and China-backed hackers are exploiting WinRAR zero-day bugGoogle security researchers say they have found evidence that government-backed hackers linked to Russia and China are exploiting a since-patched vulnerability in WinRAR, the popular shareware archiving tool for Windows. The WinRAR vulnerability, first discovered by cybersecurity…TECHCRUNCH.COM
18 Oct KEVCritical Citrix NetScaler Flaw Exploited to Target from Government, Tech FirmsA critical security flaw in Citrix NetScaler ADC and Gateway appliances (CVE-2023-4966) is being actively exploited, potentially allowing hijacking of authenticated sessions and bypassing multi-factor authentication.THEHACKERNEWS.COM
18 OctMultiple North Korean threat actors exploiting the TeamCity CVE-2023-42793 vulnerabilitysubmitted by L4s to secops 1 points | 0 comments https://www.microsoft.com/en-us/security/blog/2023/10/18/multiple-north-korean-threat-actors-exploiting-the-teamcity-cve-2023-42793-vulnerability/ Multiple North Korean threat actors exploiting the TeamCity CVE-2023-42793 vulnerabi…MICROSOFT.COM
18 OctNorth Korean hackers exploit critical TeamCity flaw to breach networksMicrosoft says that the North Korean Lazarus and Andariel hacking groups are exploiting the CVE-2023-42793 flaw in TeamCity servers to deploy backdoor malware, likely to conduct software supply chain attacks. [...]BLEEPINGCOMPUTER.COM
18 OctSensor Intel Series: Top CVEs in September 2023We added another signature (for CVE-2020-0618) and we take a look at a cred stuffing attack from last month. One formerly prevalent CVE has disappeared entirely, and we investigate why that happened.F5.COM
18 OctSensor Intel Series: Top CVEs in September 2023We added another signature (for CVE-2020-0618) and we take a look at a cred stuffing attack from last month. One formerly prevalent CVE has disappeared entirely, and we investigate why that happened.F5.COM
⚠️ VULNERABILITY DISCLOSURE 32[−]
18 OctCyber Security Today, Oct. 18, 2023 - Patch this Cisco vulnerability nowThis episode reports on another warning to patch Confluence servers and a WordPress plugin, an advanced threat actor leveraging Discord, and moreCYBERSECURITYTODAY.LIBSYN.COM
18 OctUsers of Telegram, AWS, and Alibaba Cloud Targeted in Latest Supply Chain AttackAttackers are using Starjacking and Typosquatting techniques to inject malicious code into open-source projects, compromising developers' systems and stealing sensitive data.CHECKMARX.COM
18 OctOpenSSF Launches Malicious Packages RepositoryThe Malicious Packages Repository, which has already collected over 15,000 reports, provides a centralized database for shared intelligence, enabling early detection and prevention of malicious code in open-source projects.HACKREAD.COM
18 OctNew Admin Takeover Vulnerability Exposed in Synology's DiskStation ManagerThe vulnerability stems from the use of the insecure randomness of the JavaScript Math.random() method, which can be exploited to predict and access restricted functionality.THEHACKERNEWS.COM
18 OctTetrisPhantom: Cyber Espionage via Secure USBs Targets APAC GovernmentsGovernment entities in the Asia-Pacific (APAC) region are the target of a long-running cyber espionage campaign dubbed TetrisPhantom. "The attacker covertly spied on and harvested sensitive data from APAC government entities by exploiting a particular type of secure USB drive, pr…THEHACKERNEWS.COM
18 OctNew Admin Takeover Vulnerability Exposed in Synology's DiskStation ManagerA medium-severity flaw has been discovered in Synology's DiskStation Manager (DSM) that could be exploited to decipher an administrator's password and remotely hijack the account. "Under some rare conditions, an attacker could leak enough information to restore the seed of the ps…THEHACKERNEWS.COM
18 OctRussian Hackers Bypass EDR to Deliver a Weaponized TeamViewer ComponentTeamViewer’s popularity and remote access capabilities make it an attractive target for those seeking to compromise systems for their gain. Threat actors target TeamViewer for their illicit purposes because it is a widely used remote desktop software with potential security…GBHACKERS.COM
18 OctHow to respond to false breach claimsWith cyberattacks continually rising, cyber criminals will take advantage of current events or previous breaches and claim they have infiltrated a business when they have not. Organizations should plan for false breach claims and must be ready to follow the necessary steps to con…CSOONLINE.COM
18 OctHackers Deliver Weaponized Notepad++ Via Google AdsCybercriminals are known to exploit malicious advertising techniques for targeting the widely-used Notepad++ text editor for Windows. This could lead to the dissemination of ransomware and malware. In these malvertising efforts, threat actors take advantage of Google advertisemen…GBHACKERS.COM
18 OctFederal Agencies are Falling Behind on Meeting Key Privacy Goal Set Five Years AgoThe slow progress in implementing privacy requirements and the lack of resources and guidance for emerging technologies pose significant challenges for the government in addressing privacy risks.CYBERSCOOP.COM
18 OctUnraveling Real-Life Attack Paths – Key Lessons LearnedIn the ever-evolving landscape of cybersecurity, attackers are always searching for vulnerabilities and exploits within organizational environments. They don't just target single weaknesses; they're on the hunt for combinations of exposures and attack methods that can lead them t…THEHACKERNEWS.COM
18 OctDarwinium brings digital security and fraud prevention to the perimeterBack in 2018, LexisNexis acquired the digital identity platform ThreadMetrix for just under $820 million in cash. In 2021, ThreadMetrix co-founders Reed Taussig and Alisdair Faulkner returned to the world of startups when, together with a number of ex-ThreadMetrix engineers and e…TECHCRUNCH.COM
18 OctMost organizations globally have implemented zero trustThe percentage of organizations worldwide that have implemented a zero-trust initiative has almost tripled in the past three years going from 24% in 2021 to 61% in 2023, according to data from Okta's 2023 State of Zero Trust report. Companies with between 5,000 and 9,999 employee…CSOONLINE.COM
18 OctPhishing emails are more believable than ever. Here’s what to do about it.Phishing isn’t new. This social engineering tactic has existed in the attack toolbox for decades, with threat actors posing as trusted contacts and then targeting unsuspecting victims through email or text messages to steal sensitive data. There are plenty of data points that ill…CSOONLINE.COM
18 OctThe Fake Browser Update Scam Gets a MakeoverOne of the oldest malware tricks in the book -- hacked websites claiming visitors need to update their Web browser before they can view any content -- has roared back to life in the past few months. New research shows the attackers behind one such scheme have developed an ingenio…KREBSONSECURITY.COM
18 OctAim The Intel Function on Detection Engineering (Part 4)This blog series was written jointly with Amine Besson, Principal Cyber Engineer, Behemoth CyberDefence and one more anonymous collaborator. In this blog (#4 in the series), we will start to talk about the elephant in the room: how intel becomes detections (and, no, it is not tri…MEDIUM.COM
18 OctQubitstrike Targets Jupyter Notebooks with Cryptomining and Rootkit CampaignThe threat actor behind Qubitstrike, likely from Tunisia, employs sophisticated techniques to evade detection and exploit cloud services, with the potential for carrying out various attacks on compromised systems.THEHACKERNEWS.COM
18 OctNation-State Hackers Exploiting WinRAR, Google WarnsWhile RARLabs Patched Flaw, 'Many Users' Don't Appear to Have Updated the Software Nation-state hackers are targeting a vulnerability in WinRAR, a popular Windows utility for archiving files, warns Google’s Threat Analysis Group, which said it has seen "government-backed hacking …DATABREACHTODAY.CO.UK
18 OctGoogle links WinRAR exploitation to multiple state hacking groupsGoogle says multiple state-backed hacking groups are gaining arbitrary code execution on targets' systems by exploiting a high-severity vulnerability in WinRAR, a compression software with over 500 million users. [...]BLEEPINGCOMPUTER.COM
18 OctSynology NAS System Flaw Let Attackers Remotely Hijack the Admin AccountSynology DiskStation Manager (DSM) powers Synology NAS systems, offering remote file access and management. The DSM OS includes two default Linux users: ‘admin’ and ‘guest’ (usually disabled). A Synology NAS system flaw allowed attackers to hijack the admi…GBHACKERS.COM
18 OctGetting RCE In Chrome With Incomplete Object Initialization In The Maglev CompilerPACKETSTORMSECURITY.COM
18 OctMATA malware framework exploits EDR in attacks on defense firmsAn updated version of the MATA backdoor framework was spotted in attacks between August 2022 and May 2023, targeting oil and gas firms and the defense industry in Eastern Europe. [...]BLEEPINGCOMPUTER.COM
18 OctGoogle links WinRAR exploitation to Russian, Chinese state hackersGoogle says that several state-backed hacking groups have joined ongoing attacks exploiting a high-severity vulnerability in WinRAR, a compression software used by over 500 million users, aiming to gain arbitrary code execution on targets' systems. [...]BLEEPINGCOMPUTER.COM
18 OctCISA, NSA, FBI, and MS-ISAC Release Phishing Prevention GuidanceToday, the Cybersecurity Infrastructure and Security Agency (CISA), the National Security Agency (NSA), the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released a joint guide, Phishing Guidance: Stopping the Attack …CISA.GOV
18 OctThree Months After Patch, Gov-Backed Actors Exploiting WinRAR FlawGoogle says it is still catching government-backed groups linked to China and Russia launching WinRAR exploits in targeted attacks. The post Three Months After Patch, Gov-Backed Actors Exploiting WinRAR Flaw appeared first on SecurityWeek .SECURITYWEEK.COM
18 OctMeet the Cyber Mercenary who can Overthrow a Government – Chris Rock – PSW #803→Watch LIVE: https://securityweekly.com/live →Subscribe to our podcasts: https://securityweekly.com/subscribe →Join our community Discord: https://securityweekly.com/discord #shorts #shortsvideo #PSW #cybersecurity #podcast #securityweekly #Cybersecurity #InformationSecurityYOUTUBE.COM
18 OctReverse Engineering BMCs and Other Firmware - Vladyslav Babkin - BTS #15Vlad is part of the Eclypsium research team and has discovered several flaws in BMC ecosystems. He comes on the show to talk about his journey and cover the details behind BMC vulnerabilities and attacks. Segment Resources: https://forum.defcon.org/node/245714 https://eclypsium.c…YOUTUBE.COM
18 OctPrevalent introduces Alfred, a generative AI butler for risk managementA large language model (LLM) AI assistant designed to work like a website chatbot and help users with third-party risk management tasks is now available from TPRM vendor Prevalent. The idea behind the new tool, dubbed Alfred, is to guide users through common risk assessment and m…CSOONLINE.COM
18 OctNorth Korean Hackers Exploiting Critical Flaw in DevOps ToolPyongyang Hackers Exploiting Critical TeamCity Server Bug North Korean nation-state threat actors are exploiting a critical remote code execution vulnerability affecting multiple versions of a DevSecOps tool - a high-risk development, especially in light of Pyongyang hackers' rec…DATABREACHTODAY.CO.UK
18 OctTenable, Vulcan Cyber Lead Vulnerability Management RankingsQualys, Rapid7 Depart Forrester's Leaderboard as Data Ingestion Takes Center Stage Tenable held steady atop Forrester's vulnerability risk management rankings while Vulcan Cyber broke into the leaders category and Rapid7 and Qualys tumbled from the leaderboard. The way vendors de…DATABREACHTODAY.CO.UK
18 OctEnhanced Google Play Protect real-time scanning for app installsPosted by Steve Kafka, Group Product Manager and Roman Kirillov, Senior Engineering Manager Mobile devices have supercharged our modern lives, helping us do everything from purchasing goods in store and paying bills online to storing financial data, health records, passwords and …SECURITY.GOOGLEBLOG.COM
📋 SECURITY BULLETINS 2[−]
18 OctMultiple SonicWall Vulnerabilities Resulted in a Firewall CrashMultiple vulnerabilities were detected in the SonicOS Management web interface and the SSLVPN portal, resulting in a firewall crash. In a security alert that was just released by SonicWall, 9 vulnerabilities were patched. Organizations utilizing older SonicOS firmware releases ar…GBHACKERS.COM
18 OctOracle Patch Tuesday, October 2023 Security Update ReviewOracle has released its fourth quarterly edition of Critical Patch Update, which contains a group of patches for 387 security vulnerabilities. Some of the vulnerabilities addressed in this update impact more than one product. These patches address vulnerabilities in Oracle code a…QUALYS.COM
📢 SECURITY ADVISORIES 10[−]
18 OctChilean Government Warns of Black Basta Ransomware Attacks After Customs IncidentThe country's Computer Security Incident Response Team (CSIRT) confirmed the attack and urged all government agencies to take preventive measures, such as protecting backup copies of systems and limiting administrative permissions.THERECORD.MEDIA
18 OctAuditBoard adds new AI and analytics capabilities for risk and complianceCloud-based audit and compliance management firm, AuditBoard, has launched AuditBoard AI -- a tool that promises to bring together generative AI , machine learning, and natural language processing to provide automated intelligent suggestions for audit, risk, and compliance progra…CSOONLINE.COM
18 OctUnderstanding Saudi Arabia’s personal data protection lawYou may be familiar with data protection laws like HIPAA, GDPR and CCPA. But did you know that other foreign countries are also introducing comprehensive regulations? To address escalating data protection challenges, the Personal Data Protection Law (PDPL) was implemented in Saud…SECURITYINTELLIGENCE.COM
18 OctDelete-Your-Data Laws Have a Perennial Problem: Data Brokers Who Fail to RegisterThe number of registered data brokers in states with operative registries does not accurately reflect the size and reach of the industry, raising concerns about non-compliance.THERECORD.MEDIA
18 OctReport: Over 40,000 Admin Portal Accounts Use ‘admin’ as a PasswordIT administrators are putting enterprise networks at risk by using weak passwords, including default passwords, leaving them vulnerable to cyberattacks, as per a new report by Outpost24.BLEEPINGCOMPUTER.COM
18 OctCybersecurity Awareness Month 2023 Blog Series | Updating SoftwareIt’s week three in our Cybersecurity Awareness Month blog series! This week, we interviewed NIST’s Michael Ogata (Computer Scientist) and Paul Watrobski (IT Security Specialist) about the importance of updating software. This week’s Cybersecurity Awareness Month theme is ‘updatin…NIST.GOV
18 OctUS House Panel: AI Regulation Begins With PrivacyHouse Committee Told to Relaunch Data Privacy Effort Launched Last Year The U.S. needs to pass federal legislation to establish a national framework of standards and a rules of the road for AI, but first passing federal data privacy legislation is an essential foundational part o…DATABREACHTODAY.CO.UK
🔥 INCIDENT REPORTING 18[−]
18 OctD-Link Confirms Data Breach: Employee Falls Victim to Phishing AttackTaiwanese networking equipment manufacturer D-Link has confirmed a data breach that led to the exposure of what it said is "low-sensitivity and semi-public information." "The data was confirmed not from the cloud but likely originated from an old D-View 6 system, which reached it…THEHACKERNEWS.COM
18 OctAIDS Alabama Takes Swift Action After Massive Data BreachAIDS Alabama has confirmed a data breach that occurred between October 2021 and August 2022. Sensitive personal information such as names, addresses, Social Security numbers, medical diagnoses, and more were compromised.THECYBEREXPRESS.COM
18 OctUpdate: IBM Says 631K Affected in Johnson & Johnson Database BreachTwo federal class action lawsuits have been filed against IBM and Johnson & Johnson, alleging negligence in protecting sensitive health information and seeking financial damages and improved data security practices.BANKINFOSECURITY.COM
18 OctZygon helps startups avoid data breaches from SaaS providersLast week, cloud computing company Shadow confirmed a data breach involving customers’ personal information. The hacker claims to have access to the data of more than 530,000 customers. According to an email from Shadow CEO Eric Sèle, the hacker managed to download this data from…TECHCRUNCH.COM
18 OctD-Link confirms data breach, but downplayed the impactsubmitted by throws_lemy to cybersecurity 9 points | 0 comments https://securityaffairs.com/152631/hacking/d-link-confirmed-data-breach.htmlSECURITYAFFAIRS.COM
18 OctPrisma Cloud: Darwin Release Introduces Code-to-Cloud IntelligencePrisma Cloud delivers full cloud security to address risks throughout the application lifecycle and prevent breaches with innovations in the latest release. The post Prisma Cloud: Darwin Release Introduces Code-to-Cloud Intelligence appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
18 OctSpyware is being spread via fake natural disaster alertsThe malware, which can exfiltrate login credentials and other personal information, is directly targeting Android usersCSHUB.COM
18 OctQubitstrike attacks rootkit Jupyter Linux servers to steal credentialsHackers are scanning for internet-exposed Jupyter Notebooks to breach servers and deploy a cocktail of malware consisting of a Linux rootkit, crypto miners, and password-stealing scripts. [...]BLEEPINGCOMPUTER.COM
18 OctQubitstrike Targets Jupyter Notebooks with Crypto Mining and Rootkit CampaignA threat actor, presumably from Tunisia, has been linked to a new campaign targeting exposed Jupyter Notebooks in a two-fold attempt to illicitly mine cryptocurrency and breach cloud environments. Dubbed Qubitstrike by Cado, the intrusion set utilizes Telegram API to exfiltrate c…THEHACKERNEWS.COM
18 OctPasswordless authentication startup SecureW2 raises $80M from Insight PartnersPasswordless authentication offers a host of advantages over traditional pins, passphrases and passcodes. Surveys around the web show that compromised passwords cause an estimated 81% of all breaches and that the average person reuses passwords up to 14 times, giving hackers acce…TECHCRUNCH.COM
18 OctClearFake Enters the Fake Browser Update Arena to Deliver MalwareSEKOIA identified a threat called ClearFake that uses compromised WordPress sites to distribute malicious fake browser updates. This threat is likely operated by the same group behind SocGholish. It is to be noted that SocGholish operators had successfully leveraged this techniqu…CYWARE.COM
18 OctD-Link Confirms Data Breach: Employee Falls Victim to Phishing AttackThe breach occurred through an old D-View 6 system that reached its end of life in 2015. The compromised data was used for registration purposes and does not contain user IDs or financial information.THEHACKERNEWS.COM
18 OctLost and Stolen Devices: A Gateway to Data Breaches and LeaksBy implementing strong security practices,, organizations can significantly reduce the risks associated with lost and stolen computers and safeguard their sensitive information. The post Lost and Stolen Devices: A Gateway to Data Breaches and Leaks appeared first on SecurityWeek …SECURITYWEEK.COM
18 OctD-Link Says Hacker Exaggerated Data Breach ClaimsHacker claims to have breached D-Link’s network in Taiwan and is offering to sell stolen data, but the company says the claims are exaggerated. The post D-Link Says Hacker Exaggerated Data Breach Claims appeared first on SecurityWeek .SECURITYWEEK.COM
18 Oct[Cybersecurity Awareness Month] How To Stop the Ransomwolf Attacks: Similarities to the Werewolves TerrorsImagine a monstrous entity emerging from the shadows to prey on vulnerable organizations, leaving havoc in its wake. No, we are not talking about ghoulish and scary creatures of the night. We are discussing the modern menace of ransomware attacks—specifically, an infamous threat …KNOWBE4.COM
18 OctUkrainian Hacktivists Claim Trigona Ransomware TakedownData From Trigona's Servers Exfiltrated and Wiped Out, Reads a Note on Leak Site Pro-Ukrainian hackers claimed responsibility for wiping the servers of the Trigona ransomware gang, a recently formed group that may have links to the Russian cybercriminal underground. "'Terrible Ru…DATABREACHTODAY.CO.UK
18 OctUkrainian activists hack Trigona ransomware gang, wipe serversA group of cyber activists under the Ukrainian Cyber Alliance banner has hacked the servers of the Trigona ransomware gang and wiped them clean after copying all the information available. [...]BLEEPINGCOMPUTER.COM
🕵️ THREAT INTELLIGENCE 21[−]
18 OctSynology Replaces Weak PRNG in its NAS Devices, Shuts Down Account Takeoversubmitted by L4s to secops 1 points | 0 comments https://claroty.com/team82/research/synology-nas-dsm-account-takeover-when-random-is-not-secure Synology Replaces Weak PRNG in its NAS Devices, Shuts Down Account Takeover::undefinedCLAROTY.COM
18 OctISC Stormcast For Wednesday, October 18th, 2023 https://isc.sans.edu/podcastdetail/8706, (Wed, Oct 18th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
18 OctCybersecurity M&A Roundup for First Half of October 2023More than a dozen cybersecurity-related M&A deals were announced in the first half of October 2023. The post Cybersecurity M&A Roundup for First Half of October 2023 appeared first on SecurityWeek .SECURITYWEEK.COM
18 OctAnalysis of Intellexa’s Predator SpywareAmnesty International has published a comprehensive analysis of the Predator government spyware products. These technologies used to be the exclusive purview of organizations like the NSA. Now they’re available to every country on the planet—democratic, nondemocratic,…SCHNEIER.COM
18 OctHackers Switching from Weaponized Office Documents to CHM & LNK FilesMalware distribution methods have changed significantly in the cyber threat landscape. Data analysis shows that Microsoft Office document files are no longer the preferred medium for delivering malware. Cybercriminals are using more complex and elusive methods, such as alte…GBHACKERS.COM
18 OctWhat are You Working on Wednesdaysubmitted by shellsharks to cybersecurity 3 points | 0 comments Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.INFOSEC.PUB
18 OctFraud Prevention Firm Fingerprint Raises $33 MillionFingerprint has raised $33 million in a Series C funding round to expand presence into the enterprise market. The post Fraud Prevention Firm Fingerprint Raises $33 Million appeared first on SecurityWeek .SECURITYWEEK.COM
18 OctOracle Patches 185 Vulnerabilities With October 2023 CPUOracle on Tuesday released 387 new security patches that address 185 vulnerabilities in its code and third-party components. The post Oracle Patches 185 Vulnerabilities With October 2023 CPU appeared first on SecurityWeek .SECURITYWEEK.COM
18 OctDEEP TECH NEWS: How ‘attribute-based encryption’ preserves privacy at a fined-grained levelThe ubiquity of smart surveillance systems has contributed greatly to public safety. Related: Monetizing data lakes Image capture devices embedded far and wide in public spaces help deter crime as well as aid first responders — but they also stir … (more…)LASTWATCHDOG.COM
18 OctDarwinium Raises $18 Million for Edge-based Fraud Prevention TechSince launching in 2021, Darwinium has raised $26 million to build a bot and fraud prevention platform running on the perimeter edge. The post Darwinium Raises $18 Million for Edge-based Fraud Prevention Tech appeared first on SecurityWeek .SECURITYWEEK.COM
18 OctFormer Navy IT Manager Sentenced to Prison for Hacking, Selling PIIFormer Navy IT manager Marquis Hooper was sentenced to prison for stealing PII and selling it on the dark web. The post Former Navy IT Manager Sentenced to Prison for Hacking, Selling PII appeared first on SecurityWeek .SECURITYWEEK.COM
18 OctBSidesCLT 2023 - Bsides Charlotte - 11 talkssubmitted by ashar to security_cpe 1 points | 0 comments https://infosec.pub/pictrs/image/6842928e-22fa-4679-9cca-f09609b0d87b.png Schedule on the website Bsides Charlotte - 11 talks on YouTubeINFOSEC.PUB
18 OctFive Eyes Intelligence Chiefs Warn of ‘Sharp Rise’ in Commercial EspionageThe intelligence alliance emphasizes the importance of adopting security measures to protect staff and information in order to safeguard competitive advantage and shape the future of emerging technologies.THERECORD.MEDIA
18 OctLazarus Group Targeting Defense Experts with Fake Interviews via Trojanized VNC AppsThe North Korea-linked Lazarus Group (aka Hidden Cobra or TEMP.Hermit) has been observed using trojanized versions of Virtual Network Computing (VNC) apps as lures to target the defense industry and nuclear engineers as part of a long-running campaign known as Operation Dream Job…THEHACKERNEWS.COM
18 OctThe single-packet attack: making remote race-conditions 'local'submitted by L4s to secops 1 points | 0 comments https://portswigger.net/research/the-single-packet-attack-making-remote-race-conditions-local The single-packet attack: making remote race-conditions ‘local’::The single-packet attack is a new technique for triggering web race cond…PORTSWIGGER.NET
18 OctArctic Wolf CEO on Why His Company Is Buying a SOAR VendorCEO Nick Schneider Says Revelstoke Buy Will Bring More Automation, AI Capabilities Arctic Wolf last week announced plans to buy SOAR platform provider Revelstoke in a move to boost Arctic Wolf's automated response capabilities and lay the groundwork for "deeply embedded" AI and m…DATABREACHTODAY.CO.UK
18 OctPhishing Attacks Surge By 173% In Q3, 2023; Malware Threats Soar By 110%A new report from Vade Secure has found that phishing attacks rose by 173% in the third quarter of 2023, while malware threats have increased by 110%.KNOWBE4.COM
18 OctSocial engineering – ITSAP.00.166Social engineering attacks occur when a threat actor uses social connection and manipulation to pressure users into providing sensitive details.CYBER.GC.CA
18 OctFinland Charges Psychotherapy Hacker With ExtortionFinland charged a hacker, accused of the theft of tens of thousands of records from psychotherapy patients, with over 21,000 counts of extortion. The post Finland Charges Psychotherapy Hacker With Extortion appeared first on SecurityWeek .SECURITYWEEK.COM
18 OctExpanding audit logging and retention within Microsoft Purview for increased security visibilitySince our announcement in July 2023, we have made significant efforts to enhance the access of Microsoft Purview's audit logging. This ongoing work expands accessibility and flexibility to cloud security logs. Read about the additional updates coming to Microsoft Purview Audit in…MICROSOFT.COM
🌐 CYBER THREAT LANDSCAPE 9[−]
18 OctFBI warns of extortion groups targeting plastic surgery officesThe FBI warns that cybercriminals are using spoofed emails and phone numbers to target plastic surgery offices across the United States for extortion in phishing attacks that spread malware. [...]BLEEPINGCOMPUTER.COM
18 OctMalicious Version of RedAlert Rocket Alert App Used to Spy on IsraelHackers are targeting Israeli Android users by distributing a malicious version of the popular RedAlert – Rocket Alerts app, which acts as spyware and collects sensitive data from victims. To tackle the current threat, Android users are advised to avoid using internet URLs or thi…CYWARE.COM
18 OctBLOODALCHEMY Provides Backdoor to Southeast Asian Nations' SecretsSecurity researchers have discovered a backdoor called BLOODALCHEMY that is part of the REF5961 intrusion set, believed to be linked to a group with ties to China, targeting governments and organizations in the ASEAN region.THEREGISTER.COM
18 OctReport: Only a Third of Organizations Prepared to Comply with NIS2 DirectiveJust 34% of organizations in the UK, France, and Germany are prepared for the EU's updated Network and Information Security Directive (NIS2), according to a survey by cybersecurity firm Sailpoint.INFOSECURITY-MAGAZINE.COM
18 OctAmazon Adds Passkey Support as New Passwordless Login OptionAmazon has added passkey support as a passwordless login option, offering better protection against malware and phishing attacks. Passkeys make it easier for users to log in without the need for password managers or memorizing passwords.BLEEPINGCOMPUTER.COM
18 OctELITEWOLF: NSA's Repository of Signatures and Analytics to Secure OT EnvironmentsThe NSA has released a new tool called ELITEWOLF to help defend critical infrastructure against cyber threats. It is a repository of Intrusion Detection Signatures and Analytics that can detect potentially malicious activity in OT environments.HELPNETSECURITY.COM
18 OctSingle Sign On and the Cybercrime EcosystemOne of the trends driving an increase is the compromise of enterprise single sign on (SSO) applications are info-stealer malware attacks. Learn more from Flare about this cybercrime ecosystem. [...]BLEEPINGCOMPUTER.COM
18 OctPlastic surgeries warned by the FBI that they are being targeted by cybercriminalsPlastic surgeries have been warned that they are being targeted by cybercriminals plotting to steal sensitive data - ncluding patients' medical records and photographs - that will be later used for extortion. Read more in my article on the Tripwire State of Security blog.TRIPWIRE.COM
18 OctGoogle Play Protect adds real-time scanning to fight Android malwareGoogle has announced new, real-time scanning features for Google Play Protect that make it harder for malicious apps employing polymorphism to evade detection. [...]BLEEPINGCOMPUTER.COM
🎙️ PODCASTS 2[−]
18 OctPayment Fraud: What It Is and How to Fight ItIn this episode of CyberEd.io's podcast series "Cybersecurity Unplugged," Alex Zeltcer of nSure.ai discusses how fraudsters access your payment information, how industrialized payment fraud attacks operate, and how nSure.ai uses discriminative AI to identify these attacks and cut…DATABREACHTODAY.CO.UK
18 OctSmashing Security podcast #344: What’s cooking at Booking.com? And a podcast built by AIHow hunting for an aubergine could be all it takes for you to hand your credit card details over to a scammer, and just how good is a podcast entirely built by AI? All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Gr…GRAHAMCLULEY.COM
📡 INFOSEC NEWS 18[−]
18 OctHiding in Hex, (Wed, Oct 18th)There are a variety of attacks seen from DShield honeypots [1]. Most of the time these commands are human readable. but every now and again they are obfuscated using base64 or hex encoding. A quick look for commands containing the "/x" delimiter give a lot of results en…ISC.SANS.EDU
18 OctTwitter testing annual subscriptions for tweeting and retweetingTwitter, now renamed X, is testing new $1 annual subscriptions to provide unverified accounts access to core features like tweeting and retweeting. [...]BLEEPINGCOMPUTER.COM
18 OctMicrosoft disables bad spam rule flagging all sent emails as junkMicrosoft has disabled a bad anti-spam rule flooding Microsoft 365 admins' inboxes with blind carbon copies (BCC) of outbound emails mistakenly flagged as spam. [...]BLEEPINGCOMPUTER.COM
18 OctProve Identity Nabs $40M to Expand in Mobile-Based Authentication TechProve Identity, the smartphone-based identity verification startup formerly known as Payfone, has raised $40 million in funding co-led by MassMutual Ventures and Capital One Ventures.TECHCRUNCH.COM
18 OctMalvertising Campaign Uses Fake Notepad++ Ads on GoogleThe campaign involves malicious ads that redirect users to a fake Notepad++ website, where a system fingerprinting process takes place. If the user passes the checks, they are assigned a unique ID and given a time-sensitive download link.MALWAREBYTES.COM
18 OctFBI Warns of Extortion Groups Targeting Plastic Surgery OfficesThe FBI has issued a warning about cybercriminals targeting plastic surgery offices through phishing attacks. These attackers gain access to the networks and steal sensitive data, including personal information and medical records.BLEEPINGCOMPUTER.COM
18 OctSophos AI team to present at CAMLISThe conference on machine learning in cybersecurity is key to open exchange of research and knowledge.SOPHOS.COM
18 OctSpies on wheels: how carmakers collect and then resell information | Kaspersky official blogModern cars spy on their owners — and they’re very easy to hack. How to protect yourself and your vehicle?KASPERSKY.COM
18 OctFraud Prevention Firm Fingerprint Raises $33 MillionThe fraud prevention provider's $33 million Series C funding round brings the total raised by the company to $77 million. The new investment round was led by Nexus Venture Partners, with additional funding from Uncorrelated Ventures.SECURITYWEEK.COM
18 OctOracle Patches 185 Vulnerabilities With October 2023 CPUOracle has released 387 new security patches to address vulnerabilities in its own code and third-party components, with over 40 patches addressing critical severity flaws.SECURITYWEEK.COM
18 OctHacker leaks millions more 23andMe user records on cybercrime forumThe same hacker who leaked a trove of user data stolen from the genetic testing company 23andMe two weeks ago has now leaked millions of new user records. On Tuesday, a hacker who goes by Golem published a new dataset of 23andMe user information containing records of four million…TECHCRUNCH.COM
18 OctHacker leaks millions of new 23andMe genetic data profilesA hacker has leaked an additional 4.1 million stolen 23andMe genetic data profiles for people in Great Britain and Germany on a hacking forum. [...]BLEEPINGCOMPUTER.COM
18 OctEx-Navy IT head gets 5 years for selling people’s data on darkwebMarquis Hooper, a former U.S. Navy IT manager, has received a sentence of five years and five months in prison for illegally obtaining US citizens' personally identifiable information (PII) and selling it on the dark web. [...]BLEEPINGCOMPUTER.COM
18 OctBetter safe than sorry: 10 tips to build an effective business backup strategyHow robust backup practices can help drive resilience and improve cyber-hygiene in your companyWELIVESECURITY.COM