🐛 COMMON VULNERABILITIES AND EXPOSURES 10[−]
25 OctAlert: PoC Exploits Released for Citrix and VMware VulnerabilitiesVirtualization services provider VMware has alerted customers to the existence of a proof-of-concept (PoC) exploit for a recently patched security flaw in Aria Operations for Logs. Tracked as CVE-2023-34051 (CVSS score: 8.1), the high-severity vulnerability relates to a case of a…THEHACKERNEWS.COM
25 OctCitrix Urges NetScaler ADC, Gateway Customers to PatchCitrix is urging its customers to upgrade to the latest versions of NetScaler ADC and NetScaler Gateway due to reports of targeted attacks and session hijacking. The company released patches to address a critical vulnerability, CVE-2023-4966.CYBERSECURITYDIVE.COM
25 OctAct Now: VMware Releases Patch for Critical vCenter Server RCE VulnerabilityVMware has released security updates to address a critical flaw in the vCenter Server that could result in remote code execution on affected systems. The issue, tracked as CVE-2023-34048 (CVSS score: 9.8), has been described as an out-of-bounds write vulnerability in the implemen…THEHACKERNEWS.COM
25 OctCitrix Bleed exploit lets hackers hijack NetScaler accountsA proof-of-concept (PoC) exploit is released for the 'Citrix Bleed' vulnerability, tracked as CVE-2023-4966, that allows attackers to retrieve authentication session cookies from vulnerable Citrix NetScaler ADC and NetScaler Gateway appliances. [...]BLEEPINGCOMPUTER.COM
25 OctWinter Vivern Exploits Zero-Day Vulnerability in Roundcube Webmail ServersThe vulnerability, assigned CVE-2023-5631, allowed attackers to execute arbitrary JavaScript code in the context of a Roundcube user's browser window through a specially crafted email.WELIVESECURITY.COM
25 OctSporadic scans for "server-info.action", possibly looking for Confluence Server and Data Center Vulnerability CVE-2023-22515, (Wed, Oct 25th)I noticed many scans for "/server-info.action" showing up in our "First Seen URLs" report. This URL didn&#;x26;#;39;t ring a bell at first but may be associated with CVE-2023-22515, a recent vulnerability in Confluence Server and Data Center.
ISC.SANS.EDU
25 OctVMware Releases Patch for Critical vCenter Server RCE VulnerabilityVMware has released security updates to address a critical vulnerability in their vCenter Server software. The flaw, known as CVE-2023-34048, allows for remote code execution and is of critical severity (CVSS score: 9.8).THEHACKERNEWS.COM
25 OctCitrix urges immediate patching of critically vulnerable product linesCitrix has urged customers of NetScaler ADC and NetScaler Gateway to install updated versions of the networking products to prevent active exploitation of vulnerabilities that could lead to information disclosure and DoS attacks. NetScaler ADC (Application Delivery Controller) an…CSOONLINE.COM
25 OctApple Patches Everything. Releases iOS 17.1, MacOS 14.1 and updates for older versions fixing exploited vulnerability, (Wed, Oct 25th)Apple released iOS, iPadOS, macOS, tvOS, and Safari updates today. The iOS/macOS updates go back two "generations". This is particularly important for iOS 15, which now receives a patch for CVE-2023-32434, a vulnerability already exploited against earlier versions of iOS. This is…ISC.SANS.EDU
25 OctCisco IOS XE CVE-2023-20198 and CVE-2023-20273: WebUI Internals, Patch Diffs, and Theory Craftingsubmitted by L4s to secops 1 points | 0 comments https://www.horizon3.ai/cisco-ios-xe-cve-2023-20198-theory-crafting/ Cisco IOS XE CVE-2023-20198 and CVE-2023-20273: WebUI Internals, Patch Diffs, and Theory Crafting::Cisco IOS XE CVE-2023-20198 technical deep-dive, WebUI internal…HORIZON3.AI
⚠️ VULNERABILITY DISCLOSURE 24[−]
25 OctAndroid Malware Masquerades as Chrome Browser Reads SMS & Intercepts EmailsThreat actors primarily target remote access and control of victims’ devices by employing deceptive tactics. They often create fake apps or pose as legitimate ones to trick users into downloading malicious software, compromising the targeted devices’ security and priv…GBHACKERS.COM
25 OctHow much cybersecurity expertise does a board need?Reporting regulations across the world are shifting and increasing the focus on the board of directors and their knowledge to deal with and respond to cybersecurity threats. To meet such regulations and improve the board's expertise, organizations should look to recruit board dir…CSOONLINE.COM
25 OctVMware fixes critical code execution flaw in vCenter ServerVMware issued security updates to fix a critical vCenter Server vulnerability that can be exploited to gain remote code execution attacks on vulnerable servers. [...]BLEEPINGCOMPUTER.COM
25 Oct6 most common types of software supply chain attacks explainedSoftware supply chain incidents have been making headlines recently. Despite similarities among these security incidents, not all supply chain attacks are created equal. What is a software supply chain attack? The umbrella term " software supply chain attack " covers any instance…CSOONLINE.COM
25 OctDefending Federal Networks Requires More Than Money, CSIS Study FindsAdditional resources and funding, along with harmonized authorities and improved coordination, are necessary to enhance the cybersecurity measures of federal executive agencies.CYBERSCOOP.COM
25 OctFrench Basketball Team ASVEL Confirms Data Breach After Ransomware AttackASVEL has reported the incident to the national data protection authority and law enforcement authorities, while also assessing the potential impact on third parties, including fans who made purchases on the club's official website.BLEEPINGCOMPUTER.COM
25 OctCensys Lands New Cash to Grow Its Threat-Detecting Cybersecurity ServiceCensys aims to offer customers insights into the historical and real-time status of their data, enabling them to identify how long their data has been vulnerable and what changes have made it exploitable.TECHCRUNCH.COM
25 OctCost of a data breach: The evolving role of law enforcementIf someone broke into your company’s office to steal your valuable assets, your first step would be to contact law enforcement. But would your reaction be the same if someone broke into your company’s network and accessed your most valuable assets through a data breac…SECURITYINTELLIGENCE.COM
25 OctCyber Operations Linked to Israel-Hamas Fighting Gain MomentumThe escalating reliance on information operations by these groups aims to influence the global perception of the conflict, with strategic campaigns designed to manipulate social media platforms and influence media outlets.CYBERSCOOP.COM
25 OctRussian hackers exploit Roundcube zero-day to steal govt emailsThe Winter Vivern Russian hacking group has been exploiting a Roundcube Webmail zero-day since at least October 11 to attack European government entities and think tanks. [...]BLEEPINGCOMPUTER.COM
25 OctVMware vCenter Flaw So Critical, Patches Released for End-of-Life ProductsVMware described the bug as an out-of-bounds write issue in its implementation of the DCE/RPC protocol. CVSS severity score of 9.8/10. The post VMware vCenter Flaw So Critical, Patches Released for End-of-Life Products appeared first on SecurityWeek .SECURITYWEEK.COM
25 OctEuropean govt email servers hacked using Roundcube zero-dayThe Winter Vivern Russian hacking group has been exploiting a Roundcube Webmail zero-day since at least October 11 to attack European government entities and think tanks. [...]BLEEPINGCOMPUTER.COM
25 OctNation State Hackers Exploiting Zero-Day in Roundcube Webmail SoftwareThe threat actor known as Winter Vivern has been observed exploiting a zero-day flaw in Roundcube webmail software on October 11, 2023, to harvest email messages from victims' accounts. "Winter Vivern has stepped up its operations by using a zero-day vulnerability in Roundcube," …THEHACKERNEWS.COM
25 OctCritical OAuth Flaws Uncovered in Grammarly, Vidio, and Bukalapak PlatformsCritical security flaws have been disclosed in the Open Authorization (OAuth) implementation of popular online services such as Grammarly, Vidio, and Bukalapak, building upon previous shortcomings uncovered in Booking[.]com and Expo. The weaknesses, now addressed by the respectiv…THEHACKERNEWS.COM
25 OctDefending Against Advanced Threats, Part 1In the second episode of Threat Vector, Kristopher Russo, senior threat researcher at Unit 42, and David Moulton, discuss the threat landscape and take a deeper dive into the intricate workings of Muddled Libra (related to Scattered Spider and Scatter Swine). This formidable thre…CSOONLINE.COM
25 OctDefending Against Advanced Threats, Part 2In the second part of our deep dive into Muddled Libra’s tactics, Threat Vector welcomes Stephanie Regan, a senior consultant with Unit 42 with a law enforcement background. Regan and David Moulton, discuss the challenges Muddled Libra and other threat groups pose. Threat actors …CSOONLINE.COM
25 OctRussian Hackers Caught Exploiting Roundcube Webmail Zero-DayRussian APT Winter Vivern exploits a zero-day in the Roundcube webmail server in attacks targeting European governments. The post Russian Hackers Caught Exploiting Roundcube Webmail Zero-Day appeared first on SecurityWeek .SECURITYWEEK.COM
25 OctMozilla Releases Security Advisories for Multiple ProductsMozilla has released security updates to address vulnerabilities in Firefox ESR 115.4 and Firefox 119. A cyber threat actor could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Mozilla security advisories Fi…CISA.GOV
25 OctOver 9,500 Bank of Canton Customers May Have had Personal Information Exposed Due to Vendor BreachThe breach was caused by a vulnerability in Fiserv's MOVEit managed file transfer application. Fiserv has patched the vulnerability, and the bank is monitoring for unusual activity.YAHOO.COM
25 OctCanada Accuses China of 'Spamoflauge' OnslaughtCampaign Comprised of Deep Fake Videos and More Than 15,000 Disinformation Posts Canada accused China of running a social media disinformation campaign aimed at members of Parliament and Prime Minister Justin Trudeau. Global Affairs Canada attributed the campaign to an operation …DATABREACHTODAY.CO.UK
25 Oct12M Patient Medical Records, Other Data Found Exposed on WebResearcher Says Indian Testing Firm Redcliffe Labs Quickly Fixed the Exposure An unsecured database of an India-based medical laboratory recently exposed more than 12 million test results, other patient records and development files for the company's mobile health app, according …DATABREACHTODAY.CO.UK
25 OctApple Ships Major iOS, macOS Security UpdatesApple patches dozens of serious security flaws in its macOS and iOS platforms, warning that hackers could launch code execution exploits. The post Apple Ships Major iOS, macOS Security Updates appeared first on SecurityWeek .SECURITYWEEK.COM
25 OctVSCode Vulnerabilities – Thomas Chauchefoin, Paul Gerste – PSW #804Sonar Vulnerability Researchers Thomas Chauchefoin and Paul Gerste conducted research on the security of Visual Studio Code — the most popular code editor out there — which was presented at DEF CON 31 in August. The pair uncovered a few ways for attackers to gain code execution o…YOUTUBE.COM
25 OctWinter Vivern exploits zero-day vulnerability in Roundcube Webmail serversESET Research recommends updating Roundcube Webmail to the latest available version as soon as possibleWELIVESECURITY.COM
📋 SECURITY BULLETINS 1[−]
25 OctCyber Security Today, Oct. 25, 2023 - Ransomware attacks hit a record in September, and moreThis episode reports on a security update warning from VMware, the discovery of a new ransomware strain and moreCYBERSECURITYTODAY.LIBSYN.COM
📢 SECURITY ADVISORIES 13[−]
25 OctReport: Only a Fraction of Risk Leaders are Prepared for GenAI ThreatsNew research by Riskonnect highlights a significant gap in AI risk management, with only 17% of risk and compliance leaders formally training their organizations on the risks of generative AI.HELPNETSECURITY.COM
25 OctCybersecurity Regulations for Passenger and Freight Railroads Renewed by TSAThe TSA directives require operators to test their cybersecurity incident response plans annually, submit updated cybersecurity assessment plans, and report on the effectiveness of their efforts.THERECORD.MEDIA
25 OctNews alert: Flexxon welcomes distinguished industry veteran Ravi Agarwal to its advisory boardSingapore, Oct. 25, 2023 – Hardware cybersecurity solutions pioneer Flexxon (the “Company”) today announced the appointment of ex-Intel and Microsoft executive Mr Ravi Agarwal to its advisory board. An industry veteran with over three decades of experience, Mr Agarwal will ……LASTWATCHDOG.COM
25 OctAI’s Impact on CybersecurityIn our inaugural episode, Michael "Siko" Sikorski, CTO and VP of Engineering and Threat Intelligence at Unit 42 answers that question and speaks to the profound influence of artificial intelligence in an interview with David Moulton, Director of thought leadership for Unit 42. Wh…CSOONLINE.COM
25 OctCISA Working on Updated National Cyber Incident Response PlanThe updated plan will involve collaboration with industry stakeholders, government agencies, and critical infrastructure organizations, recognizing the private sector's role as the first responder to many cyber incidents.THERECORD.MEDIA
25 OctFBI Warns of North Korean Social Engineering Tactics and Recruitment/Hiring of IT WorkersThe U.S. Federal Bureau of Investigation (FBI) and South Korea’s Ministry of Foreign Affairs have issued an advisory offering guidance to “the international community, the private sector, and the public to better understand and guard against the inadvertent recruitment, hiring, a…KNOWBE4.COM
25 OctRising Global Tensions Could Portend Destructive HacksCISA's Goldstein Says Critical Infrastructure Should 'Remain on Heightened Alert' U.S. government agencies and private sector organizations should “remain on heightened alert” for disruptive cyberattacks targeting critical infrastructure amid a series of escalating global conflic…DATABREACHTODAY.CO.UK
25 OctEU Lawmakers Press Johansson on CSAM Proposal DraftingYlva Johansson Says Proposal CSAM Proposal Was 'Drafted Under My Direct Guidance' A top European official pushed back against accusations she let American and British organizations influence a proposal requiring messenger apps to scan for child sexual abuse material. "The proposa…DATABREACHTODAY.CO.UK
🔥 INCIDENT REPORTING 19[−]
25 Oct5 southwestern Ontario hospitals hit by cyberattack, patient appointments to be rescheduledsubmitted by throws_lemy to cybersecurity 1 points | 1 comments https://www.cbc.ca/news/canada/windsor/windsor-hospital-system-1.7005158 Online services such as patient records and email have been down since Monday morning at five southwestern Ontario hospitals following a cybera…CBC.CA
25 OctReport: September was a Record Month for Ransomware Attacks in 2023Ransomware activity reached an all-time high in September, with 514 attacks recorded. The previous record was in March 2023, but this new surge was led by different threat groups. LockBit 3.0, LostTrust, and BlackCat were the top attackers.BLEEPINGCOMPUTER.COM
25 OctAlleged Covert Wiretap on Russian Messaging Service Blown by Expired TLS CertificateThe wiretap is believed to have lasted up to 6 months, allowing the attacker to execute actions on compromised accounts without the need for passwords, potentially altering messages and accessing unencrypted data.THERECORD.MEDIA
25 OctUS Energy Firm Shares How Akira Ransomware Hacked its SystemsThe Akira ransomware gang breached BHI Energy's network through a stolen VPN credential and stole a significant amount of data, including the personal information of employees.BLEEPINGCOMPUTER.COM
25 OctSamsung Galaxy S23 Hacked Twice on First Day of Pwn2Own 2023 in TorontoResearchers also targeted other devices such as smartphones, printers, smart speakers, and surveillance cameras, demonstrating the wide range of potential targets for hackers.BLEEPINGCOMPUTER.COM
25 OctThe Rise of S3 Ransomware: How to Identify and Combat ItIn today's digital landscape, around 60% of corporate data now resides in the cloud, with Amazon S3 standing as the backbone of data storage for many major corporations. Despite S3 being a secure service from a reputable provider, its pivotal role in handling vast amounts of sens…THEHACKERNEWS.COM
25 Oct[Cybersecurity Awareness Month] Mindful Defense: Enchantments Against Spear Phishing By Breachatrix le PhishIn the mystical realm of cyberspace, where digital forests hold secrets and virtual owls deliver messages, we find ourselves in a constant dance between magic and deception. Today, join me as we unveil the secrets of spear phishing .KNOWBE4.COM
25 OctBracing for AI-Enabled Ransomware and Cyber Extortion AttacksRansomware groups are likely to leverage AI-enabled tools, such as chatbots and voice cloning, to enhance their social engineering tactics and technical skills, posing a greater threat to public and private organizations.HELPNETSECURITY.COM
25 OctRansomware isn’t going away – the problem is only getting worseRansomware incidents continue to grow at an alarming pace, targeting the enterprise and governments worldwide. Learn more from Specops Software on how ransomware gangs gain initial access to networks and how to protect against attacks. [...]BLEEPINGCOMPUTER.COM
25 OctSamsung Galaxy S23 Hacked at Pwn2Own Toronto 2023Pwn2Own is a highly significant and influential annual hacking competition in the cybersecurity community. It serves as a platform for top researchers and hackers to demonstrate vulnerabilities in popular software and operating systems. The event plays a crucial role in identifyi…GBHACKERS.COM
25 OctCoinFlip Data Breach Exposes Personal Information of Over 36,000 CustomersThe breach, which occurred on August 7, 2023, was discovered a day later and the cybercriminals were removed from CoinFlip's systems with the assistance of their IT team.THECYBEREXPRESS.COM
25 OctHackers Earn $400k on First Day at Pwn2Own Toronto 2023NAS devices, printers, IP cameras, speakers, and mobile phones were hacked on the first day at Pwn2Own Toronto 2023. The post Hackers Earn $400k on First Day at Pwn2Own Toronto 2023 appeared first on SecurityWeek .SECURITYWEEK.COM
25 OctSeiko says ransomware attack exposed sensitive customer dataJapanese watchmaker Seiko has confirmed it suffered a Black Cat ransomware attack earlier this year, warning that the incident has led to a data breach, exposing sensitive customer, partner, and personnel information. [...]BLEEPINGCOMPUTER.COM
25 OctAlleged Airbnb Data Breach Allegedly Exposes 1.2 Million User RecordsThis breach raises concerns about the security and privacy of Airbnb's user base, as the stolen data can be used for malicious purposes such as identity theft and phishing.THECYBEREXPRESS.COM
25 OctDeep Instinct goes deeper with ‘preventive’ storage protectionCybersecurity firm Deep Instinct is applying its machine-learning secret sauce to the storage realm, with the release of Deep Instinct Prevention for Storage this week. DPS, as the company brands its new product, is designed to offer the same granular protection that Deep Instinc…CSOONLINE.COM
25 OctChilean telecom giant GTD hit by the Rorschach ransomware gangChile's Grupo GTD warns that a cyberattack has impacted its Infrastructure as a Service (IaaS) platform, disrupting online services. [...]BLEEPINGCOMPUTER.COM
25 OctSamsung Galaxy S23 hacked two more times at Pwn2Own TorontoSecurity researchers hacked the Samsung Galaxy S23 smartphone two more times on the second day of the Pwn2Own 2023 hacking competition in Toronto, Canada. [...]BLEEPINGCOMPUTER.COM
25 OctMeet Octo Tempest, 'Most Dangerous Financial' HackersOcto Tempest Hacked Las Vegas, Twilio and Hooked Up With BlackCat A financially motivated hacking group is becoming more aggressive, leading Microsoft to dub it "one of the most dangerous financial criminal groups." Octo Tempest is the rare English-speaking affiliate of Russian-s…DATABREACHTODAY.CO.UK
🕵️ THREAT INTELLIGENCE 29[−]
25 OctISC Stormcast For Wednesday, October 25th, 2023 https://isc.sans.edu/podcastdetail/8716, (Wed, Oct 25th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
25 OctWhat are You Working on Wednesdaysubmitted by shellsharks to cybersecurity 1 points | 1 comments Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.INFOSEC.PUB
25 OctROOTCON 17 - Tagaytay City, Philippinessubmitted by ashar to security_cpe 1 points | 0 comments https://infosec.pub/pictrs/image/9f5d33a7-701c-4ca5-b39a-1c6fe2feead3.png ROOTCON 17 Theme: (Surveillance, Technology and Privacy) September 27, 28, 29, 2023 Taal Vista Hotel, Tagaytay City Presentation decks and speaker pr…INFOSEC.PUB
25 OctMalvertising Campaign Targets Brazil's PIX Payment System with GoPIX MalwareThe popularity of Brazil's PIX instant payment system has made it a lucrative target for threat actors looking to generate illicit profits using a new malware called GoPIX. Kaspersky, which has been tracking the active campaign since December 2022, said the attacks are pulled off…THEHACKERNEWS.COM
25 OctMicrosoft is Soft-Launching Security CopilotMicrosoft has announced an early access program for its LLM-based security chatbot assistant: Security Copilot. I am curious whether this thing is actually useful.SCHNEIER.COM
25 OctJoint Industry statement of support for Consumer IoT Security PrinciplesDavid Kleidermacher, VP Engineering, Android Security & Privacy and DSPA Security & Privacy, and Eugene Liderman, Director, Android Security Strategy Last week at Singapore International Cyber Week and the ETSI Security Conference s, the international community gathered t…SECURITY.GOOGLEBLOG.COM
25 OctSloot Digital Coding System - CoRecursive Podcastsubmitted by ashar to security_cpe 1 points | 0 comments https://infosec.pub/pictrs/image/251b371c-0813-4654-bde5-b27e47c9a13d.png CORECURSIVE #093 Sloot Digital Coding System Lost Compression System or Cautionary Tale?INFOSEC.PUB
25 Octcrosspost: Darknet Diaries: True stories from the dark side of the Internet - Infosec.Pubsubmitted by ashar to security_cpe 2 points | 0 comments https://infosec.pub/post/4089932INFOSEC.PUB
25 OctNCSAM Theme: Securing Our WorldIt is the 20th anniversary of Cybersecurity Awareness Month – artificial intelligence and the reliance on cloud networks are no longer enough. The post NCSAM Theme: Securing Our World appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
25 OctThe Cybersecurity Resilience Quotient: Measuring Security EffectivenessThe Cybersecurity Resilience Quotient empowers organizations to assess their security posture comprehensively, considering asset exposure, vulnerabilities, and criticality alongside process and network architecture and disaster recovery plans. The post The Cybersecurity Resilienc…SECURITYWEEK.COM
25 OctCritical Infrastructure Stakeholders Gather for Day 2 of SecurityWeek’s 2023 ICS Cybersecurity ConferenceSecurityWeek’s 2023 ICS Cybersecurity Conference continues in Atlanta, as hundreds of industrial cybersecurity stakeholders gather for Day 2 of the annual industrial cybersecurity conference. The post Critical Infrastructure Stakeholders Gather for Day 2 of SecurityWeek’s 2…SECURITYWEEK.COM
25 OctKeyfactor Earns $1.3B Valuation After Sale of Minority StakeWith the investment from Sixth Street Growth, Keyfactor aims to continue its trajectory of hypergrowth, leveraging their experience, financial prowess, and strategic network to empower the company in the next chapter of its development.BANKINFOSECURITY.COM
25 OctConsumer IoT Security Labels: Transparency Push IntensifiesVendors Want 'Clear, Consistent and Actionable Information' for Device Security Essential, real-time security information about every Internet of Things device should be clearly communicated to consumers before and after purchase, a consortium of technology vendors says in a list…DATABREACHTODAY.CO.UK
25 OctNew Project Analyzes and Catalogs Vendor Support for Secure PLC CodingA new project aims to make it easier for PLC programmers to implement secure coding practices by cataloging useful files and functions from each vendor. The post New Project Analyzes and Catalogs Vendor Support for Secure PLC Coding appeared first on SecurityWeek .SECURITYWEEK.COM
25 OctCensys Banks $75M for Attack Surface Management TechnologyMichigan startup raises $75 million in new funding as venture capital investors bet big on attack surface management technologies. The post Censys Banks $75M for Attack Surface Management Technology appeared first on SecurityWeek .SECURITYWEEK.COM
25 OctMandiant Intelligence Chief Raises Alarm Over China’s ‘Volt Typhoon’ Hackers in US Critical InfrastructureMandiant's Chief analyst urges critical infrastructure defenders to work on finding and removing traces of Volt Typhoon, a Chinese government-backed hacking team caught in a series of eyebrow-raising attacks against targets in Guam and the United States. The post Mandiant Intelli…SECURITYWEEK.COM
25 OctGoatse, Okta, Cisco, Ducktail, 0Auth, China, Spain, More News and Aaran Leyland. – SWN #336→ Watch Live at 12pm ET: http://securityweekly.com/live →Subscribe to our podcasts: https://securityweekly.com/subscribe →Join our community Discord: https://securityweekly.com/discord #shorts #shortvideo #SecurityWeekly #Cybersecurity #InformationSecurityYOUTUBE.COM
25 OctKazakhstan-Associated Yorotrooper Disguises Origin of Attacks as AzerbaijanThe threat actor attempts to disguise their origin by hosting infrastructure in Azerbaijan and using the Azerbaijani language in their operations, despite not being fluent in Azerbaijani.TALOSINTELLIGENCE.COM
25 OctProofpoint to Get 3rd CEO Since 2022 as Ashan Willy DepartsRemi Thomas to Become Interim CEO After Joining Proofpoint as CFO in February 2023 Proofpoint will have its third CEO since March 2022 after tapping recently-hired CFO Remi Thomas to become its interim top leader. The company selected Thomas to replace Ashan Willy, who started as…DATABREACHTODAY.CO.UK
25 OctOcto Tempest crosses boundaries to facilitate extortion, encryption, and destructionMicrosoft has been tracking activity related to the financially motivated threat actor Octo Tempest, whose evolving campaigns represent a growing concern for many organizations across multiple industries. The post Octo Tempest crosses boundaries to facilitate extortion, encryptio…MICROSOFT.COM
25 OctTop insights and best practices from the new Microsoft Data Security Index reportMicrosoft surveyed 800 cybersecurity professionals to gather their insights on data security. Read on for the top findings on data security strategies—and the value of a comprehensive cybersecurity solution. The post Top insights and best practices from the new Microsoft Data Sec…MICROSOFT.COM
25 OctClamAV 1.2.1, 1.1.3, 1.0.4, 0.103.11 patch versions publishedsubmitted by mwguy to securitynews 3 points | 0 comments https://blog.clamav.net/2023/10/clamav-121-113-104-010311-patch.htmlCLAMAV.NET
25 OctFirefox, Chrome Updates Patch High-Severity VulnerabilitiesFirefox and Chrome updates released this week resolve multiple high-severity memory safety vulnerabilities. The post Firefox, Chrome Updates Patch High-Severity Vulnerabilities appeared first on SecurityWeek .SECURITYWEEK.COM
25 OctSvchost triagesubmitted by L4s to secops 1 points | 0 comments https://newtonpaul.com/svchost-analysis-and-internet-sharing-triage/ Svchost triage::Svchost.exe and internet sharing service analysis. The triage of a host making DNS beacons to known C2s of an infostealer.NEWTONPAUL.COM
25 OctPhish Perfect: How ChatGPT Can Help Criminals Get ThereAI Generated Phishing Still Cannot Beat Humans, But Not for Long: IBM ChatGPT can craft almost perfect phishing emails in five minutes, nearly beating a social engineering team with decades of experience, the results of a "nail-biting" experiment by IBM showed. The "humans emerge…DATABREACHTODAY.CO.UK
25 Oct‘YoroTrooper’ Espionage Group Linked to KazakhstanCisco links the espionage-focused ‘YoroTrooper’ threat actor to Kazakhstan. The post ‘YoroTrooper’ Espionage Group Linked to Kazakhstan appeared first on SecurityWeek .SECURITYWEEK.COM
25 OctNews alert: DataPivot delivers innovative data backup, recovery services to healthcare sectorNorth Andover, Mass., Oct.25, 2023— DataPivot Technologies , a prominent provider of Data Center, Cloud and Data Protection Solutions, understands that healthcare providers today are scrambling to solve complex clinical, operational and patient data backup & recovery challeng…LASTWATCHDOG.COM
25 OctAustralia Focuses on Threat of Chinese Attack on Solar PowerNew Standards to Target Security of Connected Rooftop Systems, Solar Inverters The Australian government is close to introducing standards to shore up the security of the down under country's fast-growing solar market amid reports that Chinese state-sponsored hackers might target…DATABREACHTODAY.CO.UK
25 OctAdlumin Raises $70M, to Debut RMM, Cloud Configuration ToolsSeries B Funding Will Allow Security Operations Vendor to Pursue Product-Led Growth A mid-market security operations vendor founded by a ex-Marine Corps officer closed its Series B funding round to pursue a product-led growth strategy. Washington D.C.-based Adlumin will use the $…DATABREACHTODAY.CO.UK
🌐 CYBER THREAT LANDSCAPE 2[−]
25 OctHackers Backdoor Russian State, Industrial Organizations for Data TheftRussian state organizations and industrial sectors have been targeted with a custom Go-based backdoor. The backdoor, distributed through phishing emails, steals data, including passwords from popular web browsers and the Thunderbird email client.BLEEPINGCOMPUTER.COM
25 OctUkrainian Cyber Officials Warn of Surge in SmokeLoader Attacks on Financial, Government EntitiesSmokeloader malware is a highly complex tool that can perform various malicious functions, such as stealing credentials and executing DDoS attacks, with prices ranging from $400 to $1,650 depending on the package.THERECORD.MEDIA
🎙️ PODCASTS 1[−]
25 OctTransatlantic Cable podcast, episode 321 | Kaspersky official blogEpisode 321 looks at Okta, 1Password, Microsoft AI and Google IP blockingKASPERSKY.COM
📡 INFOSEC NEWS 21[−]
25 OctAdlumin Snags $70M to Boost Security for Mid-Market FirmsThe round was led by SYN Ventures, with participation from First In Ventures, Washington Harbour Partners, and BankTech Ventures. This brings Adlumin's total funding to $83 million and solidifies its position in the security operations and MDR space.SECURITYWEEK.COM
25 OctHow Passkeys are Changing the Face of AuthenticationPasskeys are digital credentials that can only be used by authorized users and require biometric or unique factor authentication. Tech giants like Apple, Google, and Microsoft have embraced passkeys in their products.HELPNETSECURITY.COM
25 OctReport: GenAI Can Save Phishers Two Days of WorkAlthough humans currently outperform AI in terms of click rates and detection, the advancing sophistication of AI suggests it may eventually surpass human capabilities in the phishing industry.INFOSECURITY-MAGAZINE.COM
25 OctSophos Firewall v20: Active Threat ResponseStart taking advantage of all the great new features in SFOS v20 today.SOPHOS.COM
25 OctSophos Endpoint continues to be recognized by analysts, independent testers and customersUsers and industry experts commend Sophos Endpoint’s superior prevention capabilities and lower TCOSOPHOS.COM
25 OctWhite House Official Says New Global Initiatives Will Include Information Sharing, Ransom Payment TrackingThe White House aims to establish a global norm against paying ransoms to cybercriminals and may seek a UN process or an international partnership to achieve this objective.THERECORD.MEDIA
25 OctCybercriminals Run Malicious Ads via FacebookCriminals are hijacking business accounts on Facebook and running their own advertising campaigns, causing financial damage and reputational harm to legitimate account holders.GDATASOFTWARE.COM
25 OctFlaws In O-Auth's Social Sign-In Could Have Put Billions Of Users At RiskPACKETSTORMSECURITY.COM
25 OctVMware vCenter Flaw So Critical, Patches Released For End-Of-Life ProductsPACKETSTORMSECURITY.COM
25 OctAccenture Expands Cybersecurity Services Capabilities in Latin America With Acquisition of MNEMO MexicoMNEMO Mexico's expertise in advanced cyber defense, generative AI-powered cyber intelligence, and a 24/7 security operations center will enhance Accenture's capabilities in helping organizations build cyber-resilient businesses.DARKREADING.COM
25 OctUS security remains paramount in the continued rise of AI, according to Treasury Department secretaryAs investments grow globally, there’s still a concern stateside for security and making sure the U.S. protects its businesses. © 2023 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
25 OctNew England Biolabs Exposes Sensitive Data via Environment FilesThe two exposed environment files contained sensitive information such as database credentials, SMTP server login details, and payment processing information, according to Cybernews researchers.SECURITYAFFAIRS.COM
25 OctHow it feels to be a victim of deepfake pornographyHelen Mort is an award-winning poet and author. She's also an unwitting victim of deepfake pornography. She didn't know until someone directed her towards sexually-explicit deepfake images on a porn site. Images which had her own face edited onto another woman's body.GRAHAMCLULEY.COM
25 OctWindows 11 to let admins mandate SMB encryption for outbound connectionsWindows 11 will let admins mandate SMB client encryption for all outbound connections, starting with today's Windows 11 Insider Preview Build 25982 rolling out to Insiders in the Canary Channel. [...]BLEEPINGCOMPUTER.COM
25 OctFlipper Zero can now spam Android, Windows users with Bluetooth alertsA custom Flipper Zero firmware called 'Xtreme' has added a new feature to perform Bluetooth spam attacks on Android and Windows devices. [...]BLEEPINGCOMPUTER.COM
25 OctMicrosoft tests Windows 11 encrypted DNS server auto-discoveryMicrosoft is testing support for the Discovery of Network-designated Resolvers (DNR) internet standard, which enables automated client-side discovery of encrypted DNS servers on local area networks. [...]BLEEPINGCOMPUTER.COM
25 OctEU commissioner sidesteps MEPs’ questions about CSAM proposal microtargetingThe European Union’s home affairs commissioner, Ylva Johansson, has confirmed the Commission is investigating whether or not it broke recently updated digital governance rules when her department ran a microtargeted political ad campaign aiming to drive support for a contro…TECHCRUNCH.COM