🐛 COMMON VULNERABILITIES AND EXPOSURES 10[−]
1 NovAlert: F5 Warns of Active Attacks Exploiting BIG-IP VulnerabilityF5 is warning of active abuse of a critical security flaw in BIG-IP less than a week after its public disclosure that could result in the execution of arbitrary system commands as part of an exploit chain. Tracked as CVE-2023-46747 (CVSS score: 9.8), the vulnerability allows an u…THEHACKERNEWS.COM
1 NovAtlassian Urged Customers to Fix Critical Confluence Security Flaw Right Away!Atlassian has been reported with a critical vulnerability in their Confluence Software, which several organizations have widely adopted. The CVE for this vulnerability has been assigned as CVE-2023-22518, and the severity has been given as 9.1 (Critical). Atlassian has addressed …GBHACKERS.COM
1 NovUpdate: F5 Warns of Active Attacks Exploiting BIG-IP VulnerabilityF5 has issued a warning about active exploitation of a critical security flaw in its BIG-IP software. The vulnerability, known as CVE-2023-46747, allows attackers to execute arbitrary system commands.THEHACKERNEWS.COM
1 NovF5 Warns of Active Attacks Targeting BIG-IP SQL injection vulnerabilityF5 Networks has issued a security alert about a severe vulnerability in its BIG-IP Configuration utility, identified as CVE-2023-46748. This vulnerability is an authenticated SQL injection flaw that allows attackers with network access to execute arbitrary system commands.&…GBHACKERS.COM
1 NovCitrixBleed Vulnerability Widely Exploited, Primarily by a Ransomware GangAt the end of October, AssetNote released a proof-of-concept for the CVE-2023–4966 associated with sensitive information disclosure for Citrix Netscaler ADC devices and was given a severity rating of 9.4 (Critical). After the release of PoC, there seems to be a mass exploitation …GBHACKERS.COM
1 NovMass Exploitation of ‘Citrix Bleed’ Vulnerability UnderwayMultiple threat actors are exploiting CVE-2023-4966, aka Citrix Bleed, a critical vulnerability in NetScaler ADC and Gateway. The post Mass Exploitation of ‘Citrix Bleed’ Vulnerability Underway appeared first on SecurityWeek .SECURITYWEEK.COM
1 NovCISA Updates Guidance for Addressing Cisco IOS XE Web UI VulnerabilitiesToday, CISA updated its guidance addressing two vulnerabilities, CVE-2023-20198 and CVE-2023-20273 , affecting Cisco’s Internetworking Operating System (IOS) XE Software Web User Interface (UI). The guidance now notes that Cisco has fixed these vulnerabilities for the 17.3 Cisco …CISA.GOV
1 NovHackers use Citrix Bleed flaw in attacks on govt networks worldwideThreat actors are leveraging the 'Citrix Bleed' vulnerability, tracked as CVE-2023-4966, to target government, technical, and legal organizations in the Americas, Europe, Africa, and the Asia-Pacific region. [...]BLEEPINGCOMPUTER.COM
1 NovNew CVSS 4.0 vulnerability severity rating standard releasedThe Forum of Incident Response and Security Teams (FIRST) has officially released CVSS v4.0, the next generation of its Common Vulnerability Scoring System standard, eight years after CVSS v3.0, the previous major version. [...]BLEEPINGCOMPUTER.COM
1 NovOfficial release of CVSS v4.0submitted by L4s to secops 1 points | 0 comments https://infosec.exchange/@firstdotorg/111336457504674343 Official release of CVSS v4.0::Attached: 1 image The CVSS Special Interest Group is proud to announce the official release of CVSS v4.0. This latest release marks a significa…INFOSEC.EXCHANGE
⚠️ VULNERABILITY DISCLOSURE 21[−]
1 NovPalo Alto Networks to Acquire Cloud Security Start-Up Dig SecurityThe acquisition will integrate Dig's capabilities into Palo Alto's Prisma Cloud platform. Financial details were not disclosed, but reports suggest the deal is valued at $400 million.SECURITYWEEK.COM
1 Nov7 best practices for enterprise attack surface managementMore cloud computing solutions, remote and work-from-home systems and internet-connected devices increase risk from an expanded attack surface. As surveys predict the enterprise attack surface will continue to increase, the best way to reduce the number of vulnerabilities is to e…CSOONLINE.COM
1 NovCyber Security Today, Nov. 1, 2023 - Atlassian warns admins to patch Confluence servers, GitHub being raided for AWS credentials and moreThis episode reports on a huge haul of US government workers email addresses stolen in a MOVEit hack, malware in the NuGet open source code respository and moreCYBERSECURITYTODAY.LIBSYN.COM
1 NovCryptojackers Use IAM Credential Within Five Minutes of DiscoveryEleKtra-Leak, an ongoing cryptojacking campaign, exploits exposed IAM credentials on GitHub to mine Monero. The attackers are said to have used each stolen credential within five minutes of its discovery. The payloads are delivered via a Google Drive URL, another widely used appl…CYWARE.COM
1 NovHackers Weaponize HWP Documents to Attack National Defense and Press SectorsHWP documents are primarily associated with the Hangul Word Processor software used in South Korea. Hackers may opt for HWP documents to target National Defense and Press Sectors because they exploit vulnerabilities in this specific file format and software, which may not b…GBHACKERS.COM
1 NovBackSlash’s new ASPM combines existing AppSec with context-based risk prioritizationApplication code security provider BackSlash has announced a new application security posture management (ASPM) platform to combine its existing application security (AppSec) capabilities with a few new ones. The new platform will pack BackSlash's existing AppSec solutions includ…CSOONLINE.COM
1 NovHackers Deliver Malicious DLL Files Chained With Legitimate EXE FilesHackers opt for DLL hijacking as a technique to exploit vulnerable applications because it allows them to load malicious code by tricking a legitimate application into loading a malicious DLL. This can give them unauthorized access and control over a system or application, enabli…GBHACKERS.COM
1 NovUS to Set Up New AI Safety InstituteUK-US Will Partner on Monitoring Advanced AI Before Its Release The U.S. government will set up a dedicated artificial intelligence safety institute to lead cooperation among the public and private sectors to develop secure AI systems, said Secretary of Commerce Gina Raimondo. Ra…DATABREACHTODAY.CO.UK
1 NovHackers exploit recent F5 BIG-IP flaws in stealthy attacksF5 is warning BIG-IP admins that devices are being breached by "skilled" hackers exploiting two recently disclosed vulnerabilities to erase signs of their access and achieve stealthy code execution. [...]BLEEPINGCOMPUTER.COM
1 NovLayerX Enterprise Browser Security Extension – Secure the Modern WorkspaceLayerX has developed a secure enterprise browser extension that delivers comprehensive visibility, monitoring, and granular policy enforcement on every event within a browsing session. Learn more about this cybersecurity platform from LayerxSecurity. [...]BLEEPINGCOMPUTER.COM
1 NovSearchlight Cyber partners with the Innocent Lives Foundation to catch child predatorsDark web intelligence company Searchlight Cyber has announced a partnership with the Innocent Lives Foundation (ILF) to assist in the non-profit organization's efforts to catch, identify, and bring to justice anonymous child predators. The ILF is using Searchlight's dark web inve…CSOONLINE.COM
1 NovDozens of Kernel Drivers Allow Attackers to Alter Firmware, Escalate PrivilegesVMware’s Threat Analysis Unit finds 34 new vulnerable kernel drivers that can be exploited to alter or erase firmware and escalate privileges. The post Dozens of Kernel Drivers Allow Attackers to Alter Firmware, Escalate Privileges appeared first on SecurityWeek .SECURITYWEEK.COM
1 NovCritical phpFox RCE Vulnerability Risked Social Networkssubmitted by L4s to secops 1 points | 0 comments https://latesthackingnews.com/2023/10/30/critical-phpfox-rce-vulnerability-risked-social-networks/ Critical phpFox RCE Vulnerability Risked Social Networks::All phpFox users must update to the version 4.8.14 to receive the fix for …LATESTHACKINGNEWS.COM
1 NovSplunk Lays Off Another 7% of Workers Amid Purchase by CiscoSecond Round of Layoffs Comes 9 Months After Splunk Eliminated 325 Workers Globally Splunk has executed its second round of layoffs since February, axing 7% of its workforce weeks after Cisco announced plans for a $28 billion acquisition. Splunk will reduce its 8,000-person staff…DATABREACHTODAY.CO.UK
1 NovDozens of Kernel Drivers Allow Attackers to Alter Firmware, Escalate PrivilegesVMware Carbon Black's Threat Analysis Unit (TAU) has discovered numerous previously unknown vulnerable kernel drivers that could be exploited by hackers to modify firmware or gain elevated privileges.SECURITYWEEK.COM
1 NovMozi Botnet Likely Killed by Its CreatorsThe recent shutdown of the Mozi botnet is believed to have been carried out by its creators, possibly forced by Chinese authorities. The post Mozi Botnet Likely Killed by Its Creators appeared first on SecurityWeek .SECURITYWEEK.COM
1 Nov3,000 Apache ActiveMQ servers vulnerable to RCE attacks exposed onlineOver three thousand internet-exposed Apache ActiveMQ servers are vulnerable to a recently disclosed critical remote code execution (RCE) vulnerability. [...]BLEEPINGCOMPUTER.COM
1 NovUEFI and The Digital Supply Chain - Dick Wilkins - BTS #16Learn about the evolution of UEFI, various aspects of supply chain security surrounding UEFI, and the interactions between links in the supply chain that ultimately end up delivering you a computer or server. Segment Resources: https://uefi.org/sites/default/files/resources/What%…YOUTUBE.COM
1 NovFrameworks for DE-Friendly CTI (Part 5)This blog series was written jointly with Amine Besson, Principal Cyber Engineer, Behemoth CyberDefence and one more anonymous collaborator. In this blog (#5 in the series), we will build a quick “framework-lite” for making CTI to DE flows better. Detection Engineering is Painful…MEDIUM.COM
1 NovFSB arrests Russian hackers working for Ukrainian cyber forcesRussia's security agency published a press release on Tuesday saying that its officers detained two hackers who either assisted or joined Ukraine's hackers in cyber operations. [...]BLEEPINGCOMPUTER.COM
1 NovMalicious package campaign on NuGet abuses MSBuild integrationsAttackers are constantly coming up with new ways to deploy rogue packages on public registries for different programming languages with the goal of executing malware code when those packages are imported and used in projects. The latest example is an attack campaign recently dete…CSOONLINE.COM
📢 SECURITY ADVISORIES 13[−]
1 NovTop-Level Domain .US Harbors Prolific Malicious Link Shortening ServiceThe .US domain has been plagued by phishing activity and illicit content, with thousands of malicious link shortener domains registered, despite regulations aimed at verifying the identity and location of registrants.KREBSONSECURITY.COM
1 NovHealthcare's Ransomware Attackers Are Addicted to EncryptionExtortionist Crypto-Locking Hackers Keep Hitting Healthcare Sector, Experts Report Once ransomware hackers get inside a healthcare sector organization's systems, three out of four attackers will also maliciously encrypt data, says security firm Sophos. Attackers successfully encr…DATABREACHTODAY.CO.UK
1 NovIranian Cyber Espionage Group Targets Financial and Government Sectors in Middle EastA threat actor affiliated with Iran's Ministry of Intelligence and Security (MOIS) has been observed waging a sophisticated cyber espionage campaign targeting financial, government, military, and telecommunications sectors in the Middle East for at least a year. Israeli cybersecu…THEHACKERNEWS.COM
1 Nov28 countries reach landmark agreement on “safe and responsible” AI developmentA collection of almost 30 countries that includes the US and China, along with the European Union (EU), have reached a world-first agreement at Bletchley Park establishing a shared understanding of the opportunities and risks posed by frontier AI. The agreement also recognizes th…CSOONLINE.COM
1 NovBritish Library Knocked Offline by Cyberattack During the WeekendThe library is working with the UK's National Cyber Security Centre (NCSC) and cybersecurity specialists to investigate the incident, but the nature of the attack and how the systems were breached are still unknown.BLEEPINGCOMPUTER.COM
1 NovAtlassian urges customers to take ‘immediate action’ to protect against data-loss security bugAustralian software giant Atlassian has warned of a critical security flaw that could lead to “significant data loss” for customers, just weeks after state-backed hackers targeted its products. In an advisory this week, the company urged customers to patch against the flaw …TECHCRUNCH.COM
1 NovUserSec Takes Credit for Gatwick Cyberattack Post DDoS Assault on Manchester AirportThe attacks were likely DDoS attacks, disrupting websites but not impacting airport operations or flights. The UK's NCSC is investigating the attacks, while Gatwick Airport officials are also dealing with spoofed Twitter accounts in their name.THECYBEREXPRESS.COM
1 NovWhy CISOs Should Pay Attention to SolarWinds SEC AllegationsAttorney Discusses Impact of Charges Against CISO Tim Brown in Wake of 2020 Breach The fallout from the SEC's charges of fraud and internal control failures against SolarWinds and its CISO has implications for the industry. Cordery Compliance attorney Jonathan Armstrong advises s…DATABREACHTODAY.CO.UK
🔥 INCIDENT REPORTING 16[−]
1 NovThe Wiki-Slack Cyberattack Analysis by eSentire’s Threat Response…submitted by throws_lemy to cybersecurity 1 points | 0 comments https://www.esentire.com/blog/the-wiki-slack-attackESENTIRE.COM
1 NovData-bouncing - New Exfil and C2 Techniquesubmitted by L4s to secops 1 points | 0 comments https://thecontractor.io/data-bouncing/ Data-bouncing - New Exfil and C2 Technique::Data-Bouncing - The art of indirect exfiltration.THECONTRACTOR.IO
1 NovTA571 Delivers Forked IcedID Loader VariantThe use of the Forked IcedID variant, which removes banking functionality and focuses on payload delivery, highlights a shift in malware tactics toward prioritizing ransomware delivery.PROOFPOINT.COM
1 NovThe Dangers of Dual Ransomware AttacksRecovery efforts should prioritize patching vulnerabilities, removing malicious artifacts, and strengthening protective and detective controls to enhance cyber resilience and reduce the risk of follow-up attacks.HELPNETSECURITY.COM
1 NovWiHD Video Torrent Community Leak Exposes Details of All Torrent UsersPrivate torrent trackers like WiHD, known for their exclusivity, can still suffer from data breaches, highlighting the importance of robust security measures in protecting user data.SECURITYAFFAIRS.COM
1 NovCompanies Scramble to Integrate Immediate Recovery Into Ransomware PlansOver one-third of companies lack a comprehensive ransomware strategy, highlighting the need for a holistic approach that prioritizes both prevention and recovery, according to a survey by Zerto.HELPNETSECURITY.COM
1 NovPro-Ukrainian Hacker Groups Claim to Breach Russia's National Card Payment SystemThe targeted system, Mir, is a homegrown alternative to international payment brands and has seen increased usage in Russia following the country's invasion of Ukraine and the departure of international payment services.THERECORD.MEDIA
1 NovReport: Cyberattacks Cause Revenue Losses in 42% Of Small BusinessesEmployee and consumer data continue to be the most affected categories in data breaches, leading to negative impacts such as lost revenue, customer trust, and employee turnover.HELPNETSECURITY.COM
1 NovWorld's Largest Hardware Retail Cooperative Hit by CyberattackAce Hardware is currently experiencing a cyberattack that has disrupted its IT systems. While in-store payment systems and credit card processing are unaffected, online services such as placing orders are currently unavailable.THEREGISTER.COM
1 NovFBI ‘Keeping a Close Eye’ on Iranian Hackers as Israel-Hamas War IntensifiesThe FBI Director Christopher Wray warned that cyberattacks against the US by Iran and non-state actors could escalate if the conflict intensifies. He stated that Iran has a history of targeting American interests and critical infrastructure.THERECORD.MEDIA
1 NovWhat is data security posture management?Do you know where all your organization’s data resides across your hybrid cloud environment? Is it appropriately protected? How sure are you? 30%? 50%? It may not be enough. The Cost of a Data Breach Report 2023 revealed that 82% of breaches involved data in the cloud, and …SECURITYINTELLIGENCE.COM
1 NovWith its exit from Russia complete, Group-IB plans its US expansionIn just a few weeks, Group-IB will be celebrating its twentieth birthday. It’s a momentous occasion for the controversy-marred threat intelligence company, which helps organizations and governments investigate cyberattacks and online fraud. And Group-IB is planning to celebrate i…TECHCRUNCH.COM
1 NovFour Dozen Countries Declare They Won’t Pay Ransomware RansomsThe United States and 48 other countries, along with the European Union and Interpol, are set to pledge this week that they will no longer pay ransoms as part of ransomware attacks.CYBERSCOOP.COM
1 NovPublic Exposure of Data Breaches is Becoming InevitableThe number of cyber breaches becoming public is increasing, with companies facing financial and reputational consequences and being more likely to pay ransoms for stolen data.HELPNETSECURITY.COM
1 NovToronto Public Library outages caused by Black Basta ransomware attackThe Toronto Public Library is experiencing ongoing technical outages due to a Black Basta ransomware attack. [...]BLEEPINGCOMPUTER.COM
1 NovRansomware Attack on Mental Health Provider Affects 172,000Deer Oaks Behavioral Health Says Incident Contained to 'Single Segment' of Network Texas-based mental healthcare provider Deer Oaks Behavioral Health is notifying nearly 172,000 patients that their information was potentially compromised in a ransomware incident, even though the …DATABREACHTODAY.CO.UK
🕵️ THREAT INTELLIGENCE 26[−]
1 NovISC Stormcast For Wednesday, November 1st, 2023 https://isc.sans.edu/podcastdetail/8726, (Wed, Nov 1st)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
1 NovMalware Dropped Through a ZPAQ Archive, (Wed, Nov 1st)Did you ever seen ZPAQ archives? This morning, my honeypot captured a phishing attempt which lured the potential victim to open a "ZPAQ" archive. This is not a common file format. This could be used by the attacker to bypass classic security controles. What Wikiepadia says a…ISC.SANS.EDU
1 NovTurla APT Uses Fresh Variant of Kazuar Backdoor to Target Ukrainian Defense SectorThe latest variant of Kazuar features significant improvements in code structure and functionality, including comprehensive system profiling, credential theft, an extended set of commands, and enhanced task automation.UNIT42.PALOALTONETWORKS.COM
1 NovHackers Abuse NuGet Packages to Deliver SeroXen RATThe NuGet package manager, which .NET developers widely use, has been under attack by a series of malicious activities, according to a report by cybersecurity firm ReversingLabs. The report, which follows previous investigations on npm, PyPI, and RubyGems ecosystems, shows that N…GBHACKERS.COM
1 NovNorth Korean Hackers Tageting Crypto Experts with KANDYKORN macOS MalwareState-sponsored threat actors from the Democratic People's Republic of Korea (DPRK) have been found targeting blockchain engineers of an unnamed crypto exchange platform via Discord with a novel macOS malware dubbed KANDYKORN. Elastic Security Labs said the activity, traced back …THEHACKERNEWS.COM
1 NovCutting-Edge AI Raises Fears About Risks to Humanity. Are Tech and Political Leaders Doing Enough?Many people are raising the alarm about AI’s as-yet-unknown dangers and calling for safeguards to protect people from its existential threats. The post Cutting-Edge AI Raises Fears About Risks to Humanity. Are Tech and Political Leaders Doing Enough? appeared first on SecurityWee…SECURITYWEEK.COM
1 NovSIEM and Log Management Provider Graylog Raises $39 MillionGraylog secured $39 million in funding to accelerate product development and scale its go-to-market operations. The post SIEM and Log Management Provider Graylog Raises $39 Million appeared first on SecurityWeek .SECURITYWEEK.COM
1 NovFormer British Cyberespionage Agency Employee Gets Life in Prison for Stabbing an American SpyFormer British cyberespionage agency employee was sentenced in a London court for attempted murder, will have to serve at least 13 years in prison. The post Former British Cyberespionage Agency Employee Gets Life in Prison for Stabbing an American Spy appeared first on SecurityWe…SECURITYWEEK.COM
1 NovWhat are You Working on Wednesdaysubmitted by shellsharks to cybersecurity 1 points | 0 comments Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.INFOSEC.PUB
1 NovMITRE Releases ATT&CK v14 With Improvements to Detections, ICS, MobileMITRE announces the release of ATT&CK v14, which brings enhancements related to detections, ICS, and mobile. The post MITRE Releases ATT&CK v14 With Improvements to Detections, ICS, Mobile appeared first on SecurityWeek .SECURITYWEEK.COM
1 NovDPI: Still Effective for the Modern SOC?There has been an ongoing debate in the security industry over the last decade or so about whether or not deep packet inspection (DPI) is dead. The post DPI: Still Effective for the Modern SOC? appeared first on SecurityWeek .SECURITYWEEK.COM
1 NovMalicious NuGet Packages Abuse MSBuild Integrations for Code ExecutionThreat actors are constantly publishing malicious NuGet packages to automatically execute code on developers’ machines. The post Malicious NuGet Packages Abuse MSBuild Integrations for Code Execution appeared first on SecurityWeek .SECURITYWEEK.COM
1 NovNorth Korean Hackers Target Crypto Experts with KANDYKORN macOS MalwareThe attackers impersonate blockchain engineers on Discord, using social engineering tactics to trick victims into downloading and executing a ZIP archive containing malicious code.THEHACKERNEWS.COM
1 NovIranian Cyber Spies Use ‘LionTail’ Malware in Latest AttacksCheck Point reports that an Iranian APT has been observed using a new malware framework in targeted attacks in the Middle East. The post Iranian Cyber Spies Use ‘LionTail’ Malware in Latest Attacks appeared first on SecurityWeek .SECURITYWEEK.COM
1 NovChrome 119 Patches 15 VulnerabilitiesChrome 119 is rolling out to Linux, macOS, and Windows users with patches for 15 vulnerabilities. The post Chrome 119 Patches 15 Vulnerabilities appeared first on SecurityWeek .SECURITYWEEK.COM
1 NovSupply Chain Startup Chainguard Scores $61 Million Series BWashington startup Chainguard banks $61 million in new financing as investors make hefty wagers on software supply chain security companies. The post Supply Chain Startup Chainguard Scores $61 Million Series B appeared first on SecurityWeek .SECURITYWEEK.COM
1 NovResearchers Expose Prolific Puma's Underground Link Shortening ServiceA threat actor known as Prolific Puma has been maintaining a low profile and operating an underground link shortening service that's offered to other threat actors for at least over the past four years. Prolific Puma creates "domain names with an RDGA [registered domain generatio…THEHACKERNEWS.COM
1 NovInsights From Israel: Chen Shmilo, 8200 Alumni AssociationCEO on Resilience and Supporting War Against Terrorist Groups When asked what has changed most since Oct. 7, Chen Shmilo, CEO of Israel's 8200 Alumni Association, said "trust." Trust in leadership has changed, but trust in society and its power to be resilient has been renewed, h…DATABREACHTODAY.CO.UK
1 NovEnsuring Privacy in AI Systems Is Critical, VP Harris SaysKamala Harris Says Now Is the Moment to Lay Groundwork for the Future of AI U.S. Vice President Kamala Harris called on artificial intelligence developers to ensure consumer privacy and security. "History will show that this was the moment when we had the opportunity to lay the g…DATABREACHTODAY.CO.UK
1 NovNews alert: AdviserCyber launches to help ‘RIAs’ meet SEC’s cybersecurity infrastructure rulesPhoenix, Ariz. — Nov. 1, 2023 — AdviserCyber , a cybersecurity service provider for Registered Investment Advisers (RIAs) with $500M to $3B Assets Under Management (AUM) who must comply with the Securities and Exchange Commission (SEC) cybersecurity requirements, announced its …LASTWATCHDOG.COM
1 NovCountries at a UK Summit Pledge to Tackle AI’s Potentially ‘Catastrophic’ RisksDelegates from 28 nations agreed to work together to contain the potentially “catastrophic” risks posed by galloping advances in artificial intelligence. The post Countries at a UK Summit Pledge to Tackle AI’s Potentially ‘Catastrophic’ Risks appeared first on SecurityWeek .SECURITYWEEK.COM
1 NovTrustworthy AI for National Security – Kathleen Fisher – PSW #805AI/ML is providing significant benefits in a wide range of application domains but also provides adversaries with a new attack surface. Learn about DARPA's efforts to help evaluate AI/ML and work towards a trust model that will allow us to use these valuable tools safely. →Watch …YOUTUBE.COM
1 NovAI Doom Not Imminent, Say Officials at UK SummitAI Systems Don't Yet Pose Risk of Loss of Control, Say Attendees As day one of the U.K. AI Safety Summit draws to an end, attendees said fears over losing control over AI systems is a future worry, although they appeared to agree that securing AI is a pressing topic for today. Th…DATABREACHTODAY.CO.UK
1 NovExterro Acquires Startup Divebell to Analyze Structured DataDivebell Buy Will Help Exterro Handle Structured Data Without Big Ingestion Woes Exterro has purchased a data discovery vendor led by a GE and Symantec veteran to help organizations detect, measure and remediate risk around structured data. The deal will allow Exterro customers t…DATABREACHTODAY.CO.UK
1 NovDHS Says National Security at Risk as Key Authorities ExpireDHS Secretary Alejandro Mayorkas Urges Congress to Reauthorize Key Security Powers. U.S. Department of Homeland Security Secretary Alejandro Mayorkas urged Congress to take action to prevent loss of critical authorities for the Cybersecurity and Infrastructure Security Agency, wa…DATABREACHTODAY.CO.UK
1 NovStarting your journey to become quantum-safeThanks to our extensive experience in quantum engineering and expertise as a service and security provider, we can serve as a trusted partner to navigate this process across industry and government. The post Starting your journey to become quantum-safe appeared first on Microsoft…MICROSOFT.COM
🌐 CYBER THREAT LANDSCAPE 15[−]
1 NovIranian Threat Group Scarred Manticore Snoops on Entities From Albania to the Middle EastThe campaign, which targets high-profile organizations in the Middle East, has been using the LIONTAIL malware framework installed on Windows servers. LIONTAIL uses Windows HTTP stack driver HTTP.sys to load memory-resident payloads.RESEARCH.CHECKPOINT.COM
1 NovApplying ATT&CK Methodology to Hardware and FirmwareThe rise of hardware- and firmware-related attacks and supply chain threats has fundamentally changed the cybersecurity landscape, requiring a deeper understanding of these areas in the context of the MITRE ATT&CK framework.ECLYPSIUM.COM
1 NovTurla Updates Kazuar Backdoor with Advanced Anti-Analysis to Evade DetectionThe Russia-linked hacking crew known as Turla has been observed using an updated version of a known second-stage backdoor referred to as Kazuar. The new findings come from Palo Alto Networks Unit 42, which is tracking the adversary under its constellation-themed moniker Pensive U…THEHACKERNEWS.COM
1 NovSecurity researchers observed ‘deliberate’ takedown of notorious Mozi botnetSecurity researchers say they have observed what they believe is a takedown of the notorious Mozi botnet that infiltrated more than a million Internet of Things devices worldwide. In research shared with TechCrunch ahead of publication on Tuesday, researchers at cybersecurity com…TECHCRUNCH.COM
1 NovMalware 'Meal Kits' Serve Up No-Fuss RAT AttacksThe Parallax RAT has seen a significant increase in usage, particularly through infected DLLs in seemingly legitimate invoices, making it harder for users to detect the attack.DARKREADING.COM
1 NovSamsung Galaxy Gets New Auto Blocker Anti-Malware FeatureAuto Blocker prevents the installation of risky apps downloaded from outside the official app stores to protect users from malware and spyware. It also blocks unauthorized commands and software installations via the USB port.BLEEPINGCOMPUTER.COM
1 NovLatest RAT Attack Surge Bypasses Microsoft’s XLL BlockMicrosoft's block on Visual Basic for Applications (VBA) macros has led attackers to experiment with different file types, with XLL files now being used as a means to distribute malware.THEREGISTER.COM
1 NovMozi malware botnet goes dark after mysterious use of kill-switchMozi malware botnet activity faded away in August after a mysterious unknown party sent a payload on September 27, 2023, that triggered a kill switch to deactivate all bots. [...]BLEEPINGCOMPUTER.COM
1 NovWho killed Mozi? Finally putting the IoT zombie botnet in its graveHow ESET Research found a kill switch that had been used to take down one of the most prolific botnets out thereWELIVESECURITY.COM
1 Nov2023 Identity Threat Report: Executive SummaryWelcome to the fun-size version of our 2023 Identity Threat Report! If you only have 5 minutes to spare this is the place to start - and you can always download the full PDF for later.F5.COM
1 Nov2023 Identity Threat Report: The UnpatchablesWe are excited to announce a new report covering threats to digital identities. This report goes into detail on credential stuffing, phishing, and multifactor authentication bypass techniques.F5.COM
1 Nov2023 Identity Threat Report: Executive SummaryWelcome to the fun-size version of our 2023 Identity Threat Report! If you only have 5 minutes to spare this is the place to start - and you can always download the full PDF for later.F5.COM
1 Nov2023 Identity Threat Report: The UnpatchablesWe are excited to announce a new report covering threats to digital identities. This report goes into detail on credential stuffing, phishing, and multifactor authentication bypass techniques.F5.COM
1 Nov2023 Identity Threat Report: Executive SummaryWelcome to the fun-size version of our 2023 Identity Threat Report! If you only have 5 minutes to spare this is the place to start - and you can always download the full PDF for later.F5.COM
1 Nov2023 Identity Threat Report: The UnpatchablesWe are excited to announce a new report covering threats to digital identities. This report goes into detail on credential stuffing, phishing, and multifactor authentication bypass techniques.F5.COM
📡 INFOSEC NEWS 9[−]
1 NovHands on Review: LayerX's Enterprise Browser Security ExtensionThe browser has become the main work interface in modern enterprises. It’s where employees create and interact with data, and how they access organizational and external SaaS and web apps. As a result, the browser is extensively targeted by adversaries. They seek to steal the dat…THEHACKERNEWS.COM
1 NovLawmakers say Costco’s decision to continue selling banned China surveillance tech is ‘puzzling’Two U.S. lawmakers have asked retail giant Costco why it continues to sell surveillance equipment made by Lorex, despite warnings of cybersecurity risks and links to human rights abuses. The bipartisan letter dated October 31, sent by Rep. Christopher Smith (R-NJ, 4th) and Sen. J…TECHCRUNCH.COM
1 NovMyths and reality of our Cyber Immune OS | Kaspersky official blogWe debunk some of the false claims hindering the implementation of Cyber Immune products based on our KasperskyOS.KASPERSKY.COM
1 NovLog Analysis and Security Firm Graylog Raises $9M in Equity, $30M in DebtGraylog has raised $39 million in its Series C funding round co-led by Silver Lake Waterman, Piper Sandler Merchant Banking, and Harbert Growth Partners. It includes $9 million in equity and $30 million in a "flex debt" facility.TECHCRUNCH.COM
1 NovChrome 119 Patches 15 VulnerabilitiesOut of the 15 vulnerabilities patched, 13 of which were reported by external researchers. Three of the bugs are rated as high severity, while the remaining ones are medium and low severity.SECURITYWEEK.COM
1 NovMicrosoft: Windows Copilot makes desktop icons jump between displaysMicrosoft says a new known issue is causing desktop icons to behave erratically on systems with multiple displays when using the Windows Copilot AI-powered digital assistant. [...]BLEEPINGCOMPUTER.COM
1 NovChainguard Raises $61M in Series B FundingThe Kirkland, Washington-based security company raised $61 million in Series B funding. The round was led by Spark Capital, with participation from existing investors Sequoia Capital, Amplify Partners, The Chainsmoker's Mantis VC, and Banana Capital.FINSMES.COM
1 NovResearcher Claims to Crack RSA-2048 With Quantum ComputerAs Ed Gerck Readies Research Paper, Security Experts Say They Want to See Proof A scientist claims to have developed an inexpensive system for using quantum computing to crack RSA, which is the world's most commonly used public key algorithm. If true, this would be a breakthrough…DATABREACHTODAY.CO.UK
1 NovMeta faces EU ban on Facebook, Instagram targeted advertisingThe European Data Protection Board has extended the temporary ban on targeted advertising on Facebook and Instagram, imposed by the Norwegian Data Protection Authority (DPA) in July. [...]BLEEPINGCOMPUTER.COM