🚨 CISA KEV 1[−]
26 Oct KEVCISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2023-5631 Roundcube Webmail Persistent Cross-Site Scripting (XSS) Vulnerability These types of vulnerabilities are frequent attack vectors for malic…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 12[−]
26 OctVSCode Vulnerabilities - Thomas Chauchefoin, Paul Gerste - PSW #804Sonar Vulnerability Researchers Thomas Chauchefoin and Paul Gerste conducted research on the security of Visual Studio Code — the most popular code editor out there — which was presented at DEF CON 31 in August. The pair uncovered a few ways for attackers to gain code execution o…YOUTUBE.COM
26 OctCritical Flaw in NextGen's Mirth Connect Could Expose Healthcare DataUsers of Mirth Connect, an open-source data integration platform from NextGen HealthCare, are being urged to update to the latest version following the discovery of an unauthenticated remote code execution vulnerability. Tracked as CVE-2023-43208, the vulnerability has been addre…THEHACKERNEWS.COM
26 OctCitrix Bleed: PoC Released for Citrix NetScaler Zero-Day VulnerabilityTwo vulnerabilities were disclosed by Citrix, which were CVE-2023-4966 and CVE-2023-4967, with critical and high severities, respectively. Of these two, CVE-2023-4966 has been released with a publicly available PoC. This vulnerability is associated with a sensitive information di…GBHACKERS.COM
26 OctCritical Flaw in NextGen's Mirth Connect Could Expose Healthcare DataThe vulnerability (CVE-2023-43208) is a patch bypass for a critical remote command execution vulnerability (CVE-2023-37679), and all instances of Mirth Connect are susceptible to it.THEHACKERNEWS.COM
26 OctFirefox Memory Corruption Flaw Let Attacker Execute Arbitrary CodeMozilla Firefox 119 was released with updates for 11 vulnerabilities, including three issues of high severity, seven issues of moderate severity, and one issue of low severity. Particularly, the browser update also fixes several memory safety flaws that are classified as CVE…GBHACKERS.COM
26 OctAdventures in Validating IPv4 Addresses, (Thu, Oct 26th)It should be pretty easy to validate an IP address. IPv4 addresses are 32-bit unsigned integers, and IPv6 addresses are 128-bit unsigned integers. Things get "interesting" when developers attempt to validate IP addresses as a string. There have been a few interesting vulnerabilit…ISC.SANS.EDU
26 OctVMware Releases Security Advisory for vCenter ServerVMware released a security advisory for a vulnerability (CVE-2023-34048) affecting the VMware vCenter Server and (CVE-2023-34056) affecting [VMware Cloud Foundation]. A remote cyber actor could exploit these vulnerabilities to obtain information or take control of an affected sys…CISA.GOV
26 OctCritical Mirth Connect Vulnerability Could Expose Sensitive Healthcare DataMirth Connect versions prior to 4.4.1 are vulnerable to CVE-2023-43208, a bypass for an RCE vulnerability. The post Critical Mirth Connect Vulnerability Could Expose Sensitive Healthcare Data appeared first on SecurityWeek .SECURITYWEEK.COM
26 OctCVE-2023-46747: Pre-Auth Remote Code Execution in F5-BIGIP via AJP Request Smugglingsubmitted by L4s to secops 1 points | 0 comments https://www.praetorian.com/blog/refresh-compromising-f5-big-ip-with-request-smuggling-cve-2023-46747/ CVE-2023-46747: Pre-Auth Remote Code Execution in F5-BIGIP via AJP Request Smuggling::Our team identified a request smuggling vul…PRAETORIAN.COM
26 OctCVE-2021-31192 Windows Media Foundation Core Remote Code Execution VulnerabilityUpdated one or more CVSS scores for the affected products. This is an informational change only.MSRC.MICROSOFT.COM
26 OctCVE-2021-31205 Windows SMB Client Security Feature Bypass VulnerabilityUpdated one or more CVSS scores for the affected products. This is an informational change only.MSRC.MICROSOFT.COM
26 OctCVE-2021-31207 Microsoft Exchange Server Security Feature Bypass VulnerabilityAdded an FAQ. This is an information change only.MSRC.MICROSOFT.COM
⚠️ VULNERABILITY DISCLOSURE 30[−]
26 OctPro-Russia group exploits Roundcube zero-day in attacks on European government emailssubmitted by throws_lemy to cybersecurity 1 points | 0 comments https://www.theregister.com/2023/10/25/prorussia_group_exploits_roundcube_zeroday/THEREGISTER.COM
26 OctBusinesses face “silent infiltration” of generative AI as use spirals out of controlBusiness leaders appear to have lost control over the deployment, oversight, and purpose of generative AI within their organizations, new research from Kaspersky suggests. That's despite just 28% of organizations expressly permitting the use of generative AI, with even fewer (10%…CSOONLINE.COM
26 OctCopilot is ready for takeoff: Microsoft rolls out artificial intelligence for WindowsAI is coming to desktops everywhere -- is your security team ready for it? Beginning with its October security updates, Microsoft has begun a staged rollout of built-in artificial intelligence in the form of Copilot for Windows. But before leaping to integrate Copilot into your s…CSOONLINE.COM
26 OctSpain Arrests 34 Cybercriminals Who Stole Data of 4 Million PeopleLaw enforcement officials have successfully apprehended a notorious criminal organization responsible for perpetrating computer scams and stealing sensitive data belonging to more than four million individuals. Law enforcement officials arrested a criminal organization consisting…GBHACKERS.COM
26 OctIndian National Arrested for Stealing $150,000 via Computer HackingA cybercriminal from India was taken into custody for utilizing computer hacking to steal a sum of $150,000 from an elderly woman. A computer hacker is an individual with exceptional proficiency in computer technology, who is highly skilled in discovering and exploiting vulnerabi…GBHACKERS.COM
26 OctTeleport’s new offering to help reduce attack response timesCloud infrastructure and access management firm Teleport announced that it is adding a new identity governance and security offering to its identity-native infrastructure access management platform, which is designed to protect enterprises from privileged access cyberattacks. Tel…CSOONLINE.COM
26 OctGoogle adds generative AI threats to its bug bounty programGoogle has expanded its vulnerability rewards program (VRP) to include attack scenarios specific to generative AI. In an announcement shared with TechCrunch ahead of publication, Google said: “We believe expanding the VRP will incentivize research around AI safety and security an…TECHCRUNCH.COM
26 OctThe Danger of Forgotten Pixels on Websites: A New Case StudyWhile cyberattacks on websites receive much attention, there are often unaddressed risks that can lead to businesses facing lawsuits and privacy violations even in the absence of hacking incidents. A new case study highlights one of these more common cases. Download the full case…THEHACKERNEWS.COM
26 OctIncreasing transparency in AI securityMihai Maruseac, Sarah Meiklejohn, Mark Lodato, Google Open Source Security Team (GOSST) New AI innovations and applications are reaching consumers and businesses on an almost-daily basis. Building AI securely is a paramount concern, and we believe that Google’s Secure AI Framewor…SECURITY.GOOGLEBLOG.COM
26 OctGoogle’s reward criteria for reporting bugs in AI productsEduardo Vela, Jan Keller and Ryan Rinaldi, Google Engineering In September, we shared how we are implementing the voluntary AI commitments that we and others in industry made at the White House in July. One of the most important developments involves expanding our existing …SECURITY.GOOGLEBLOG.COM
26 OctWinter Vivern APT Resurfaces to Target European EntitiesThe Winter Vivern espionage group targeted European government entities and a think tank using a zero-day vulnerability in Roundcube Webmail, enabling email exfiltration with minimal interaction. The payload used in the campaign worked even on fully patched Roundcube instances.&n…CYWARE.COM
26 OctMicrosoft Warns as Scattered Spider Expands from SIM Swaps to RansomwareThe prolific threat actor known as Scattered Spider has been observed impersonating newly hired employees in targeted firms as a ploy to blend into normal on-hire processes and takeover accounts and breach organizations across the world. Microsoft, which disclosed the activities …THEHACKERNEWS.COM
26 OctRecord-Breaking 100 Million RPS DDoS Attack Exploits HTTP/2 Rapid Reset FlawCloudflare on Thursday said it mitigated thousands of hyper-volumetric HTTP distributed denial-of-service (DDoS) attacks that exploited a recently disclosed flaw called HTTP/2 Rapid Reset, 89 of which exceeded 100 million requests per second (RPS). "The campaign contributed to an…THEHACKERNEWS.COM
26 OctCISA Releases Nine Industrial Control Systems AdvisoriesCISA released nine Industrial Control Systems (ICS) advisories on October 26, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-299-01 Dingtian DT-R002 ICSA-23-299-02 Centralite Pearl Thermostat…CISA.GOV
26 OctApple Ships Major iOS, macOS Security UpdatesThe updates cover fixes for a range of components including Contacts, WebKit, and kernel, among others, and aim to fix code execution flaws and privilege escalation issues.SECURITYWEEK.COM
26 OctHuman-Crafted Phishing Emails Only Three Percent More Successful Than AI-Generated Ones, According To IBMRed teamers at IBM X-Force warn that AI-generated phishing emails are nearly as convincing as human-crafted ones, and can be created in a fraction of the time. The researchers tricked ChatGPT into quickly crafting a phishing lure, then tested the lure against real employees.KNOWBE4.COM
26 OctCitrix Bleed Exploit Lets Hackers Hijack Netscaler AccountsThe vulnerability arises from an unauthenticated buffer-related flaw in Citrix devices, which can be exploited to gain unrestricted access to the appliances and potentially hijack user accounts.BLEEPINGCOMPUTER.COM
26 OctNine Vulnerabilities Found in VPN Software, Including One Critical RCE IssueCisco Talos has disclosed multiple vulnerabilities in popular VPN software, including a critical heap-based buffer overflow vulnerability, posing a significant risk to users' connections and allowing for arbitrary code execution.TALOSINTELLIGENCE.COM
26 OctCISA, HHS Release Cybersecurity Healthcare ToolkitCISA and the HHS have released resources for healthcare and public health organizations to improve their security. The post CISA, HHS Release Cybersecurity Healthcare Toolkit appeared first on SecurityWeek .SECURITYWEEK.COM
26 OctiLeakage Attack Exploits Safari to Steal Sensitive Data From Macs, iPhonesNew iLeakage side-channel speculative execution attack exploits Safari to steal sensitive information from Macs and iPhones. The post iLeakage Attack Exploits Safari to Steal Sensitive Data From Macs, iPhones appeared first on SecurityWeek .SECURITYWEEK.COM
26 OctCelebrating Cybersecurity Awareness Month with KnowBe4: Insights from Our Valued CustomersTo celebrate Cybersecurity Awareness Month this year, KnowBe4 customers from various industries and backgrounds are sharing their innovative and exciting approaches to promote cybersecurity awareness and empower their employees from our resource kit . In this blog post, we'll div…KNOWBE4.COM
26 OctApple Releases Security Advisories for Multiple ProductsApple has released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected device. CISA encourages users and administrators to review the following advisories and apply the n…CISA.GOV
26 Oct KEVFirefox, Chrome Updates Patch High-Severity VulnerabilitiesThe updates patch multiple flaws, including an insufficient activation-delay bug in Firefox and a use-after-free issue in Chrome, but there is no evidence of these vulnerabilities being exploited in the wild.SECURITYWEEK.COM
26 OctUK Prime Minister announces world’s first AI Safety InstitutePrime Minister Rishi Sunak has announced that the United Kingdom will establish the world's first AI Safety Institute to examine, evaluate, and test new types of artificial intelligence (AI). Sunak made the announcement during a speech at The Royal Society reflecting on a global …CSOONLINE.COM
26 OctCISA, HHS, and HSCC Jointly Release Cybersecurity Toolkit For Healthcare SectorThe Cybersecurity Toolkit for Healthcare and Public Health provides valuable resources and guidance to help healthcare organizations enhance their security posture and reduce the risk of cyberattacks.INFOSECURITY-MAGAZINE.COM
26 OctiLeakage: New Safari Exploit Impacts Apple iPhones and Macs with A and M-Series CPUsA group of academics has devised a novel side-channel attack dubbed iLeakage that exploits a weakness in the A- and M-series CPUs running on Apple iOS, iPadOS, and macOS devices, enabling the extraction of sensitive information from the Safari web browser. "An attacker can induce…THEHACKERNEWS.COM
26 OctThe Evolving Role of the Browser in the Modern Enterprise World – ESW #337The Evolving Role of the Browser in the Modern Enterprise World – Noriko Bouffard, Marco Genovese – ESW #337 In the age of remote and hybrid work, employees now spend the majority of their time in the browser or in virtual meetings, the browser is playing an increasingly importan…YOUTUBE.COM
26 OctBreach Roundup: Winter Vivern Hunting For EmailsAlso, Cloudflare Records Surge in HTTP DDoS Attacks This week: espionage group exploits a zero-day in Roundcube Webmail, Cloudflare records a surge in HTTP DDoS attacks, ZScaler detects a spike in IoT hacks, the International Criminal Court says its cyber incident was espionage a…DATABREACHTODAY.CO.UK
26 OctProof of Concept: Overcoming Open Source Code Security RisksDXC Technology, Aquia CISOs on Challenges, Best Practices of Managing Code Bases In the latest "Proof of Concept," DXC Technology IT CISO and CyberEdBoard member Mike Baker and Chris Hughes, co-founder and CISO of Aquia, join ISMG editors to discuss benefits, challenges and misco…DATABREACHTODAY.CO.UK
26 OctThe Evolving Role of the Browser in the Modern Enterprise World - Noriko Bouffard, Mar... - ESW #337In the age of remote and hybrid work, employees are now spending most of their time in the browser or virtual meetings, making the browser an increasingly important part of an enterprise's security strategy. According to Gartner, “By 2030, enterprise browsers will be the core pla…YOUTUBE.COM
📢 SECURITY ADVISORIES 9[−]
26 OctCISA Issues Request for Comment on Software Identification Ecosystem Analysis White PaperCISA.GOV
26 OctAmazon Rolls Out Independent Cloud for Europe to Address Stricter Privacy StandardsAmazon is rolling out an independent cloud for Europe as it looks to address strict regulations that companies and those in the public sector face in the European Union. The post Amazon Rolls Out Independent Cloud for Europe to Address Stricter Privacy Standards appeared first on…SECURITYWEEK.COM
26 OctWhite House Teases New AI Executive OrderBiden Administration Is Set to Release AI Systems Guidance for Federal Agencies A Biden administration executive order on artificial intelligence on deck for release next week will result in governmentwide standards for agencies already using the emerging technology, a top White …DATABREACHTODAY.CO.UK
🔥 INCIDENT REPORTING 26[−]
26 OctUpdate: Grammarly Says It Corrected Sign-in Vulnerabilities After Alert From Cyber ResearchersThe vulnerabilities could have allowed attackers to leak credentials and take over user accounts. No Grammarly accounts were compromised, and the company thanked the researchers for reporting the issue.THERECORD.MEDIA
26 OctCybercriminals Leak Patient Pictures in Low Blow Bid to Win RansomA newly emerged ransomware gang, Hunters International, is resorting to morally questionable tactics by leaking patients' pre-operation pictures in order to hasten ransom negotiations.THEREGISTER.COM
26 OctSEIKO Cyber Attack: Customers Personal Data ExposedSEIKO Group Corporation (SGC) has announced that they suffered a cyber attack that exposed customer data. The attack lasted for several months and was ransomware that accessed SEIKO’s servers without permission. The attack was discovered on July 28, 2023, and SEIKO im…GBHACKERS.COM
26 OctASVEL basketball club slam dunked by NoEscape ransomware gang, data stolenA high profile French basketball team has fallen victim to the NoEscape ransomware-as-a-service group, who claim to have stolen 32 GB of data including sensitive personal information about the club's star players. Read more in my article on the Hot for Security blog.BITDEFENDER.COM
26 OctMeet Rhysida, a New Ransomware Strain That Deletes ItselfThe Rhysida ransomware-as-a-service (RaaS) operation has targeted Brazil's popular PIX payment system since December 2022, using a unique self-deletion mechanism and compatibility with older versions of Windows.DARKREADING.COM
26 OctAmbulances diverted after New York hospitals hit by cyber attackIt's all too easy sometimes to imagine that a cyber attack is confined to the digital world, and that - although disruptive - it may not have serious consequences in real life. Maybe the attack which happened last week in New York will make you think differently. Read more in my …BITDEFENDER.COM
26 OctChilean Telecom Giant GTD Suffers Disruptive Attacks Affecting its Infrastructure-as-a-Service PlatformThe attack, confirmed to be a ransomware attack by Chile's CSIRT, involved the Rorschach ransomware variant and utilized DLL sideloading vulnerabilities in legitimate software executables to load the malicious DLL.BLEEPINGCOMPUTER.COM
26 OctWhy cybersecurity training isn’t working (and how to fix it)Early to a meeting, an employee decides to check direct messages on their favorite social network. Uh, oh. A message from the social network’s security team says their account has been hacked. They’ll need to click on the link to reset their password. You know the res…SECURITYINTELLIGENCE.COM
26 OctDUCKTAIL Malware Employs LinkedIn Messages to Execute AttacksLinkedIn messages were used as a way to launch identity theft attacks in a malicious campaign that Cluster25 detected. They send messages from hacked accounts with PDF files that look like job offers. But these files have links to dangerous websites that can steal your data…GBHACKERS.COM
26 OctRedcliffe Labs Database with Over 12 Million Patient Records ExposedThe diagnostic service left 7 terabytes of sensitive data vulnerable, including medical diagnostic scans, test results, patient information, and even the names of attending doctors.THECYBEREXPRESS.COM
26 OctSeiko Discloses Data Breach Resulting From BlackCat Ransomware AttackSeiko Group Corporation (SGC) has confirmed a data breach that occurred in July 2023. The breach resulted in unauthorized access to 60,000 records, including customer data, contact details, employment applicant information, and personnel details.INFOSECURITY-MAGAZINE.COM
26 OctJapanese Watchmaking Giant Seiko Confirms Personal Data Stolen in Ransomware AttackJapanese watchmaking giant Seiko has confirmed that personal information was stolen in a recent ransomware attack. The post Japanese Watchmaking Giant Seiko Confirms Personal Data Stolen in Ransomware Attack appeared first on SecurityWeek .SECURITYWEEK.COM
26 OctThe Rise and Tactics of Octo Tempest: A Cyber Threat AnalysisOcto Tempest, a financially motivated threat group known for extensive social engineering campaigns and SIM-swapping techniques, has become a major concern for businesses worldwide. It has been affiliated with ALPHV/BlackCat and began deploying ransomware payloads as well. Given …CYWARE.COM
26 OctKey Learnings from “Big Game” Ransomware CampaignsThere are key steps every organization should take to leverage threat and event data across the lifecycle of a cyber incident. The post Key Learnings from “Big Game” Ransomware Campaigns appeared first on SecurityWeek .SECURITYWEEK.COM
26 OctKansas Court System Down Nearly 2 Weeks in ‘Security Incident’ That Has Hallmarks of RansomwareKansas is calling a massive computer outage that’s kept most of the state’s courts offline for 2 weeks a “security incident” and experts say it's likely ransomware. The post Kansas Court System Down Nearly 2 Weeks in ‘Security Incident’ That Has Hallmarks of Ransomwar…SECURITYWEEK.COM
26 OctFrance says Russian state hackers breached numerous critical networksThe Russian APT28 hacking group (aka 'Strontium' or 'Fancy Bear') has been targeting government entities, businesses, universities, research institutes, and think tanks in France since the second half of 2021. [...]BLEEPINGCOMPUTER.COM
26 OctHackers Earn $350k on Second Day at Pwn2Own Toronto 2023Smart speakers, printers, routers, NAS devices, and mobile phones were hacked on the second day at Pwn2Own Toronto 2023. The post Hackers Earn $350k on Second Day at Pwn2Own Toronto 2023 appeared first on SecurityWeek .SECURITYWEEK.COM
26 OctCryptohack Roundup: Defense Calls Sam Bankman-FriedAlso: FinCEN Wants to Track Mixer Funds, Warns Against Hamas' Crypto Use This week: Sam Bankman-Fried says he'll testify, FinCEN proposed recording crypto transactions involving mixers, a financial investigation firm used NFTs to track stolen funds, Atomic Wallet froze $2 million…DATABREACHTODAY.CO.UK
26 OctWhat Is Operational Risk and Why Should You Care? Assessing SEC Rule Readiness for OT and IoTThe newly released SEC cyber incident disclosure rules have raised concerns about whether public companies are prepared to fully define operational risk and disclose material business risk from cyber incidents.HELPNETSECURITY.COM
26 OctCyber Fail: Can You Trust Hallucinating Chatbots?Experts Tackle AI Growing Pains, Deepfakes, Ransomware Fails and More Welcome to Cyber Fail – ISMG's roundup of all that's broken in the world of cybersecurity - where our experts uncover fails so we can strengthen our defenses. Today, we take on deepfakes, hallucinating chatbots…DATABREACHTODAY.CO.UK
26 OctKnown Ransomware Attack Volume Breaks Monthly Record, AgainRansomware Groups Listed 514 Victims in Total on Their Data Leak Sites Last Month The volume of known ransomware attacks surged last month to record-breaking levels, with groups collectively listing 514 victims on their data-leak sites, security researchers report. In the lead: l…DATABREACHTODAY.CO.UK
26 OctMicrosoft: Octo Tempest one of the most dangerous financial hacking groupsMicrosoft has published a detailed profile of a native English-speaking threat actor with advanced social engineering capabilities it tracks as Octo Tempest, that targets companies in data extortion and ransomware attacks. [...]BLEEPINGCOMPUTER.COM
26 OctCybersecurity Unicorns Are Back, the Okta Breach Is Bad, & Don’t Invest in Startups - ESW #337This week, we discuss Island's raise, unicorn status, and what that means for both the enterprise browser market and the cybersecurity market in general. We discuss Censys and the state of the external attack surface management market, or what they're trying to call, "exposure ma…YOUTUBE.COM
26 OctMicrosoft: Octo Tempest is one of the most dangerous financial hacking groupsMicrosoft has published a detailed profile of a native English-speaking threat actor with advanced social engineering capabilities it tracks as Octo Tempest, that targets companies in data extortion and ransomware attacks. [...]BLEEPINGCOMPUTER.COM
26 OctAn integrated incident response solution with Microsoft and PwCMicrosoft Incident Response and PwC have announced a new global alliance to expand their joint Incident Response and Recovery capability. In this partnership, Microsoft IR will begin the initial containment and investigation of a cyber incident, while PwC will work on securely re…MICROSOFT.COM
🕵️ THREAT INTELLIGENCE 25[−]
26 OctISC Stormcast For Thursday, October 26th, 2023 https://isc.sans.edu/podcastdetail/8718, (Thu, Oct 26th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
26 OctShenanigans and more - PSW #804We officially welcome Bill Swearingen to our expert panel of PSW hosts, and discuss the news including hacking shenanigans, QNAP, recovering crypto currency, Android malware, and more! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://secur…YOUTUBE.COM
26 OctNew Undetected Python-Based Info-stealer Offered Via Dedicated WebsiteAkira is an information stealer malware that was found in March 2023. This malware can steal sensitive information, including saved credentials and payment card details, usernames, system ID, hardware details, installed software, and network configurations. Once this information …GBHACKERS.COM
26 OctIranian Group Tortoiseshell Launches New Wave of IMAPLoader Malware AttacksThe Iranian threat actor known as Tortoiseshell has been attributed to a new wave of watering hole attacks that are designed to deploy a malware dubbed IMAPLoader. "IMAPLoader is a .NET malware that has the ability to fingerprint victim systems using native Windows utilities and …THEHACKERNEWS.COM
26 OctYoroTrooper: Researchers Warn of Kazakhstan's Stealthy Cyber Espionage GroupA relatively new threat actor known as YoroTrooper is likely made of operators originating from Kazakhstan. The assessment, which comes from Cisco Talos, is based on their fluency in Kazakh and Russian, use of Tenge to pay for operating infrastructure, and very limited targeting …THEHACKERNEWS.COM
26 OctAuthorities Seize 17 North Korean Hacker Websites Used for ScammingThe U.S. Government just took down 17 hackers’ websites from the Democratic People’s Republic of Korea (DPRK). These hackers were using these sites to cheat businesses in the U.S. and abroad. It’s great to see that action is being taken to protect companies from…GBHACKERS.COM
26 OctNew NSA Information from (and About) SnowdenInteresting article about the Snowden documents, including comments from former Guardian editor Ewen MacAskill MacAskill, who shared the Pulitzer Prize for Public Service with Glenn Greenwald and Laura Poitras for their journalistic work on the Snowden files, retired from The Gua…SCHNEIER.COM
26 Oct[Live Demo] Ridiculously Easy Security Awareness Training and PhishingOld-school awareness training does not hack it anymore. Your email filters have an average 7-10% failure rate; you need a strong human firewall as your last line of defense.KNOWBE4.COM
26 OctGoogle AI Security Plan: Bug Bounty, Supply Chain SafetyGoogle Makes Announcements on New Bug Reporting Guidelines, Supply Chain Security Security researchers with novel ways to make Google artificial intelligence models leak sensitive training data or otherwise misbehave can submit their findings to the internet giant's bug bounty pr…DATABREACHTODAY.CO.UK
26 OctCloudflare sees surge in hyper-volumetric HTTP DDoS attacksThe number of hyper-volumetric HTTP DDoS (distributed denial of service) attacks recorded in the third quarter of 2023 surpasses every precedent, indicating that the field has entered a new chapter. [...]BLEEPINGCOMPUTER.COM
26 OctMonetization of Partner Led Managed Services ModelThe NextWave MSSP Path has transformed, enhancing an MSSPs’ profitability with investments across the services lifecycle, related to offer development. The post Monetization of Partner Led Managed Services Model appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
26 OctOcto Tempest Attacking Organizations to Steal Financial DataMicrosoft has been closely monitoring the Octo Tempest, a significant financial threat organization. This threat group employs various strategies and TTPs for worldwide extortion, making it one of the most sophisticated financial threat groups. Octo Tempest, a native English-spea…GBHACKERS.COM
26 OctMandiant Intelligence Chief Raises Alarms Over China's Volt Typhoon Hackers In US Critical InfrastructurePACKETSTORMSECURITY.COM
26 OctGoogle Announces Bug Bounty Program and Other Initiatives to Secure AIGoogle announces a bug bounty program and other initiatives for increasing the safety and security of AI. The post Google Announces Bug Bounty Program and Other Initiatives to Secure AI appeared first on SecurityWeek .SECURITYWEEK.COM
26 OctWeapons Systems Provide Valuable Lessons for ICS/OT SecurityCybersecurity techniques and penetration testing used in the field of weapons systems can provide valuable lessons for ICS/OT security. The post Weapons Systems Provide Valuable Lessons for ICS/OT Security appeared first on SecurityWeek .SECURITYWEEK.COM
26 OctDay 3 of SecurityWeek’s 2023 ICS Cybersecurity Conference — Challenges and SolutionsSecurityWeek’s 2023 ICS Cybersecurity Conference continues in Atlanta, with challenges and solutions the focus of Day 3. The post Day 3 of SecurityWeek’s 2023 ICS Cybersecurity Conference — Challenges and Solutions appeared first on SecurityWeek .SECURITYWEEK.COM
26 OctThe Role of AI in Email Security and How Real-Time Threat Intelligence Can Supercharge Your SOC TeamIn response to improved email security measures, cybercriminals have pivoted to more advanced attack methods, namely artificial intelligence (AI), that bypass existing protections. But security defenders are also using AI in remarkable new ways to fortify their networks.KNOWBE4.COM
26 OctUK Parliament Probes Critical Infrastructure CybersecurityNew Inquiry Invites Ideas on Protecting the Power Grid, Finance, Other Sectors The U.K. Parliament is calling on experts to provide information on improving critical infrastructure cybersecurity amid mounting concerns that internet-connected systems underpinning functions such as…DATABREACHTODAY.CO.UK
26 OctAI Security Firm Cranium Raises $25 MillionAI cybersecurity firm Cranium has raised $25 million in Series A funding, which brings the total investment in the company to $32 million. The post AI Security Firm Cranium Raises $25 Million appeared first on SecurityWeek .SECURITYWEEK.COM
26 OctThreat Hunting: Detecting Browser Credential Stealing [T1555.003]submitted by L4s to secops 1 points | 0 comments https://fourcore.io/blogs/threat-hunting-browser-credential-stealing Threat Hunting: Detecting Browser Credential Stealing [T1555.003]::Adversaries can steal credentials, cookies and other private data from browsers using various t…FOURCORE.IO
26 OctUS Senator Quizzes 23andMe Over Credential-Stuffing HackCongressional Scrutiny, Lawsuits Target Genetics Testing Firm's Privacy Practices Genetics testing firm 23andme is facing intensifying scrutiny in the wake of a credential stuffing hack that leaked genetic ancestry information of potentially millions of customers. That includes a…DATABREACHTODAY.CO.UK
26 OctRockwell Forges Gen AI Pact With Microsoft, Buys Cyber FirmRockwell, Microsoft Envision AI Helping Engineers, Factory Workers Increase Speed Unveiling a vision of factory workers using AI chatbots to control the assembly line, fix production issues and develop code, Rockwell Automation plans to buy an industrial cybersecurity vendor and …DATABREACHTODAY.CO.UK
26 OctAlternative Approaches to Startup Funding - The Syndicate Group - Chad Cardenas - ESW #337In this interview, we talk to Chad Cardenas about why he created The Syndicate Group, which operates very differently from the typical VC firm with LPs and a collective fund to draw from. We'll discuss how the investor/startup relationship differs, and what the advantages of this…YOUTUBE.COM
26 OctESET APT Activity Report Q2–Q3 2023An overview of the activities of selected APT groups investigated and analyzed by ESET Research in Q2 and Q3 2023WELIVESECURITY.COM
🌐 CYBER THREAT LANDSCAPE 6[−]
26 OctUnmasking Vacum Stealer: The Malware Plotting Cryptocurrency PlunderVacum Stealer is a dangerous malware that can transfer cryptocurrency from users' wallets without requiring any additional confirmation, posing a significant risk to unsuspecting individuals.THECYBEREXPRESS.COM
26 OctFakeUpdateRU Chrome Update Infection Spreads Trojan MalwareThe malware overwrites the main index.php file of websites, affecting both WordPress and other CMS platforms. The fake update page looks exactly like the official Google Chrome download page.SUCURI.NET
26 OctIranian Group Tortoiseshell Launches New Wave of IMAPLoader Malware AttacksThe attacks primarily target the maritime, shipping, and logistics sectors in the Mediterranean region, with high-value targets being subjected to the deployment of IMAPLoader.THEHACKERNEWS.COM
26 OctOcto Tempest aka 0ktapus has Become 'One of the Most Dangerous Financial' Hacker GroupsThe group gains initial access through social engineering tactics, including impersonating victims and using fake login portals, to target a wide range of industries for extortion.HEALTHCAREINFOSECURITY.COM
26 OctStripedFly malware framework infects 1 million Windows, Linux hostsA sophisticated cross-platform malware platform named StripedFly flew under the radar of cybersecurity researchers for five years, infecting over a million Windows and Linux systems during that time. [...]BLEEPINGCOMPUTER.COM
26 OctPhony Corsair job vacancy targets LinkedIn users with DarkGate malwareA Vietnamese cybercrime gang is being blamed for a malware campaign that has seen bogus adverts posted on LinkedIn, pretending to be related to jobs at computer memory and gaming accessories firm Corsair. Read more in my article on the Tripwire State of Security blog.TRIPWIRE.COM
🎙️ PODCASTS 1[−]
26 OctSmashing Security podcast #345: Cyber sloppiness, and why does Google really want to hide your IP address?Ahoy! There's trouble in the South China Seas as Filipino organisations fail to secure their systems, we take a close look at Google IP protection, and we take a look at just how so much genetic profile data leaked out of 23andMe. All this and much much more is discussed in the l…GRAHAMCLULEY.COM
📡 INFOSEC NEWS 16[−]
26 OctStrategic Tips to Optimize Cybersecurity ConsolidationSay goodbye to security silos. Organizations are eager to take advantage of cybersecurity consolidation and make their security environments more manageable. Evolving incrementally and adopting a platform that supports third-party integrations are key to reducing cybersecurity co…TRENDMICRO.COM
26 OctServicenow Quietly Fixes Eight-Year-Old Data Exposure FlawServiceNow has fixed a flaw that allowed unauthenticated attackers to steal sensitive data. The flaw was highlighted by security researcher Aaron Costello, who found that the default configurations of ServiceNow's widgets exposed personal data.THEREGISTER.COM
26 OctNew iLeakage attack steals emails, passwords from Apple SafariAcademic researchers created a new speculative side-channel attack they named iLeakage that works on all recent Apple devices and can extract sensitive information from the Safari web browser. [...]BLEEPINGCOMPUTER.COM
26 OctWorkflow of a zkSync Era transaction: from generation to finalizationThis blog post presents the entire workflow of a transaction executed on zkSync Era. zkSync Era is a Zk Rollup Layer 2 blockchain that executes transactions and proves its execution on the Ethereum blockchain using Zero-Knowledge proofs.QUARKSLAB.COM
26 OctServiceNow Quietly Addresses Unauthenticated Data Exposure Flaw From 2015PACKETSTORMSECURITY.COM
26 OctCan you use emojis in passwords? | Kaspersky official blogThe pros and cons of using smileys, emojis, and emoticons in passwords.KASPERSKY.COM
26 OctUK Parliament Opens Inquiry into Cyber-ResilienceThe Science, Innovation and Technology Committee will oversee the inquiry, alarmed at the proliferation of state and non-state actors using offensive cyber capabilities against UK organizations.INFOSECURITY-MAGAZINE.COM
26 OctAustralia Focuses on Threat of Chinese Attack on Solar PowerThe Australian government is introducing standards to address the cybersecurity vulnerabilities of internet-connected solar inverters amid concerns of potential Chinese state-sponsored hacking.BANKINFOSECURITY.COM
26 OctNew iLeakage Attack Steals Emails, Passwords From Apple SafariThis attack bypasses standard side-channel protections implemented by browser vendors and can retrieve data from Safari, as well as other browsers like Firefox, Tor, and Edge on iOS.BLEEPINGCOMPUTER.COM
26 OctNigerian Police dismantle cybercrime recruitment, mentoring hubThe Nigerian Police Form has arrested six suspects and dismantled a mentoring hub linked to cybercrime activities, including business email compromise, romance, and investment scams. [...]BLEEPINGCOMPUTER.COM
26 OctUK: Purchase Scams Surge as Fraud Losses Hit $703mOnline platforms, mobile phone networks, and social media are commonly used by scammers to target victims and initiate APP fraud, emphasizing the importance of collaboration across sectors to fight against fraud.INFOSECURITY-MAGAZINE.COM
26 OctAndroid adware apps on Google Play amass two million installsSeveral malicious Google Play Android apps installed over 2 million times push intrusive ads to users while concealing their presence on the infected devices. [...]BLEEPINGCOMPUTER.COM
26 OctWindows 10 KB5031445 preview update fixes ctfmon.exe memory leak, 9 issuesMicrosoft has released the optional KB5031445 Preview cumulative update for Windows 10 22H2 with nine improvements or fixes, including a fix for a memory leak in ctfmon.exe. [...]BLEEPINGCOMPUTER.COM