103Articles
9Categories
2023-11-02Date
🚨 CISA KEV 1[−]
2 Nov KEVCISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2023-4 6604 Apache ActiveMQ Deserialization of Untrusted Data Vulnerability These types of vulnerabilities are frequent attack vectors for malicious…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 5[−]
2 NovFIRST Announces CVSS 4.0 - New Vulnerability Scoring SystemThe Forum of Incident Response and Security Teams (FIRST) has officially announced CVSS v4.0, the next generation of the Common Vulnerability Scoring System standard, more than eight years after the release of CVSS v3.0 in June 2015. "This latest version of CVSS 4.0 seeks to prov…THEHACKERNEWS.COM
2 Nov3,000 Apache ActiveMQ Servers Vulnerable to RCE Attacks Exposed OnlineThe flaw, known as CVE-2023-46604, allows attackers to execute arbitrary shell commands by exploiting the serialized class types in the OpenWire protocol. The issue affects several versions of Apache ActiveMQ, but patches have been released.BLEEPINGCOMPUTER.COM
2 NovCisco AnyConnect SSL VPN Flaw Let Remote Attacker Launch DoS AttackA vulnerability of medium severity, identified as CVE-2023-20042, with a CVSS score of 6.8, was found in the AnyConnect SSL VPN feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defence (FTD) Software.  This vulnerability could potentiall…GBHACKERS.COM
2 NovAtlassian Releases Security Advisory for Confluence Data Center and ServerAtlassian released a security advisory to address a vulnerability (CVE-2023-22518) affecting Confluence Data Center and Server. A cyber actor could exploit this vulnerability to obtain sensitive information. CISA encourages users and administrators to review CVE-2023-22518 - Impr…CISA.GOV
2 NovHelloKitty ransomware deployed via critical Apache ActiveMQ flawAttackers have begun exploiting a critical remote code execution vulnerability patched last week in Apache ActiveMQ to deploy ransomware in enterprise networks. Users are urged to upgrade the software as soon as possible. “Beginning Friday, October 27, Rapid7 Managed Detection an…CSOONLINE.COM
⚠️ VULNERABILITY DISCLOSURE 28[−]
2 NovTrustworthy AI for National Security - Kathleen Fisher - PSW #805AI/ML is providing significant benefits in a wide range of application domains but also provides adversaries with a new attack surface. Learn about DARPA's efforts to help evaluate AI/ML and work towards a trust model that will allow us to use these valuable tools safely. Segment…YOUTUBE.COM
2 NovWhy public/private cooperation is the best bet to protect people on the internetIn Silicon Valley startup culture, "cookie licking" is a derogatory phrase. A cookie licker stakes a claim to a project in a way that prevents anyone else from having it, despite not having the ability to immediately execute on the project. The licker wants to save the delicious …CSOONLINE.COM
2 NovUncovering Prolific Puma, Massive Domain Generator & URL ShortenerHackers can exploit Massive Domain Generator and URL Shortener services by creating large numbers of deceptive or malicious domains and using URL shorteners to hide the true destination of links.  This can be used for the following illicit purposes:-  Recently, cybersec…GBHACKERS.COM
2 NovUpdate: Toronto Public Library Outages Caused by Black Basta Ransomware AttackThe library has stated that there is no evidence of compromised personal information, and they are actively working with cybersecurity experts and law enforcement to investigate the incident.BLEEPINGCOMPUTER.COM
2 NovWhat is phishing? Examples, types, and techniquesPhishing definition Phishing is a type of cyberattack that uses disguised email as a weapon. Variations of phishing use text messages, voicemail, or QR codes. These attacks use social engineering techniques to trick the email recipient into believing that the message is something…CSOONLINE.COM
2 NovIran's MuddyWater Targets Israel in New Spear-Phishing Cyber CampaignThe Iranian nation-state actor known as MuddyWater has been linked to a new spear-phishing campaign targeting two Israeli entities to ultimately deploy a legitimate remote administration tool from N-able called Advanced Monitoring Agent. Cybersecurity firm Deep Instinct, which di…THEHACKERNEWS.COM
2 NovResearchers Find 34 Windows Drivers Vulnerable to Full Device TakeoverAs many as 34 unique vulnerable Windows Driver Model (WDM) and Windows Driver Frameworks (WDF) drivers could be exploited by non-privileged threat actors to gain full control of the devices and execute arbitrary code on the underlying systems. "By exploiting the drivers, an attac…THEHACKERNEWS.COM
2 NovHelloKitty Ransomware Group Exploiting Apache ActiveMQ VulnerabilityCybersecurity researchers are warning of suspected exploitation of a recently disclosed critical security flaw in the Apache ActiveMQ open-source message broker service that could result in remote code execution. "In both instances, the adversary attempted to deploy ransomware bi…THEHACKERNEWS.COM
2 NovHackers Attacking Blockchain Engineers with Novel macOS MalwareThe frequency of hackers exploiting macOS flaws varies over time, but Apple continuously releases security updates to patch vulnerabilities.  While macOS is generally considered more secure than some other operating systems but, it is not immune to exploitation, and hackers …GBHACKERS.COM
2 NovOver 630,000 US Defense Officials’ Emails Breached in Attack on WestatThe attack targeted a data firm called Westat, used by the Office of Personnel Management (OPM) for surveys. The hackers exploited a vulnerability in the MOVEit Transfer software developed by Ipswitch INC.HACKREAD.COM
2 NovGovernments should not pay ransoms, International Counter Ransomware Initiative members agreeThe members of the International Counter Ransomware Initiative (CRI) have agreement a joint policy statement declaring that member governments should not pay ransoms demanded by cybercriminal groups. The agreement was announced during the third CRI summit in Washington, D.C this …CSOONLINE.COM
2 NovFIRST Announces CVSS 4.0 - New Vulnerability Scoring SystemThe new version addresses criticisms of previous versions by including metrics for safety, automation, recovery, value density, vulnerability response effort, and provider urgency.THEHACKERNEWS.COM
2 NovYour end-users are reusing passwords – that’s a big problemPassword reuse is a difficult vulnerability for IT teams to get full visibility over. Learn more from Specops Software on how to mitigate the risk of compromised credentials. [...]BLEEPINGCOMPUTER.COM
2 NovInvestigate User-Reported Emails with Ease Through the Powerful Combination of CrowdStrike Falcon Sandbox and KnowBe4 PhishER PlusThe never-ending deluge of phishing emails, malware and ransomware threats can leave incident response and security operation teams (SOC) looking for faster ways to analyze user-reported malicious emails without risking their environments. Manually-triaging every email and being …KNOWBE4.COM
2 NovCISA Releases Six Industrial Control Systems AdvisoriesCISA released six Industrial Control Systems (ICS) advisories on November 2, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-306-01 Red Lion Crimson ICSA-23-306-02 Mitsubishi Electric MELSEC i…CISA.GOV
2 NovSource Code Revealed, Resume Prompt Injection, iPhones Be Updating, & Florida Man - PSW #805In the Security News: If an exploit falls in the forest do I still need to patch?, Reflections on trusting trust: the source code revealed, prompt injection in your resume, iPhones be updating, a deep dive into vulnerable kernel drivers and wiping SPI flash, cheap to exploit soft…YOUTUBE.COM
2 NovHelloKitty ransomware now exploiting Apache ActiveMQ flaw in attacksA remote code execution (RCE) flaw impacting Apache ActiveMQ has been under active exploitation by threat actors who use HelloKitty ransomware payloads. [...]BLEEPINGCOMPUTER.COM
2 NovCryptohack Roundup: Sam Bankman-Fried TestifiesAlso: More Crypto Regulation Is Coming in the UK Every week, ISMG rounds up cybersecurity incidents in digital assets. This week, Sam Bankman-Fried testified in his U.S. criminal trial, the United Kingdom issued further crypto regulation, U.S. federal law enforcement arrested Saf…DATABREACHTODAY.CO.UK
2 NovGoogle Cybersecurity Action Team Threat Horizons Report #8 Is Out!This is my completely informal, uncertified, unreviewed and otherwise completely unofficial blog inspired by my reading of our eighth Threat Horizons Report ( full version ) that we just released ( the official blog for #1 report , my unofficial blogs for #2 , #3 , #4 , #5 , #6 a…MEDIUM.COM
2 NovMicrosoft pledges cybersecurity overhaul to protect products and servicesMicrosoft has announced the launch of the Secure Future Initiative (SFI) to improve the built-in security of its products and platforms to better protect customers against escalating cybersecurity threats. The new initiative will bring together "every part of Microsoft" to advanc…CSOONLINE.COM
2 NovFree and open-source approach to Domain Monitoring.submitted by L4s to secops 1 points | 0 comments https://guardyourdomain.com/blog/foss-domain-monitoring/ Free and open-source approach to Domain Monitoring.::We guard your domain, so you have peace of mind. Threat Visibility Platform.GUARDYOURDOMAIN.COM
2 NovChainguard Raises $61M to Protect More Open-Source SoftwareStartup Can Secure 80% of Open-Source Software Existing Customers Run in Enterprise A software supply chain security startup led by a longtime Google Cloud engineer closed a Series B round to help protect more open-source software. Seattle-area Chainguard said it can secure appro…DATABREACHTODAY.CO.UK
2 NovResearchers Discover 117 Vulnerabilities in Microsoft 365 Apps via the SketchUp 3D LibraryBy developing a SketchUp fuzzing harness and using a dumb file format fuzzer, 20 unique vulnerabilities, including use-after-free and stack buffer overflow, were discovered in just one month.ZSCALER.COM
2 NovBoeing systems hit in reported Lockbit cyberattackAerospace and defense giant Boeing on Thursday confirmed that it had suffered a cyber incident affecting its parts and distribution business, and the infamous Lockbit ransomware group is reported to be behind the attack. According to a Boeing spokesperson, the company is taking p…CSOONLINE.COM
2 NovAtlassian warns of exploit for Confluence data wiping bug, get patchingAtlassian warned admins that a public exploit is now available for a critical Confluence security flaw that can be used in data destruction attacks targeting Internet-exposed and unpatched instances. [...]BLEEPINGCOMPUTER.COM
2 NovHAR files, Okta breach, EO on AI, Ransomware, Solarwinds CISO charged, and Bagels! - ESW #338Oh, the HARror! Sanitizing HAR files is not as easy as some might lead you to believe. CISA funds Cyber.org for K-12 cyber education and ORNL creates a Center for AI Security Research (CAISER). Cloudflare creates a tool out of spite, and CISA creates a tool you shouldn't use in p…YOUTUBE.COM
2 NovData Chaos MUST be Curbed, but how? - Jackie McGuire - ESW #338There is little to no organization of data within companies in 2023. We're all guilty of this at some level. The download folders and desktops on our personal machines are a mess. File servers, and cloud storage services are a mess. In Microsoft's recent data leak, AI researchers…YOUTUBE.COM
2 NovMore ways for users to identify independently security tested apps on Google PlayPosted by Nataliya Stanetsky, Android Security and Privacy Team Keeping Google Play safe for users and developers remains a top priority for Google. As users increasingly prioritize their digital privacy and security, we continue to invest in our Data Safety section and transpare…SECURITY.GOOGLEBLOG.COM
📢 SECURITY ADVISORIES 6[−]
2 NovMainframes are Around to Stay, It’s Time to Protect ThemWhile many organizations still run core business applications on the mainframe, the changing digital landscape and stricter data regulations highlight the need for stronger security practices.HELPNETSECURITY.COM
🔥 INCIDENT REPORTING 31[−]
2 NovSmashing Security podcast #346: How hackers are breaching Booking.com, and the untrustworthy reviewsWorkers wonder if their colleagues are actually AI, and we take a deeper look into the curious scams going on via Booking.com. All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.GRAHAMCLULEY.COM
2 NovUpdate: Dallas County ‘Interrupted’ Data Exfiltration, Prevented Encryption After AttackDallas County in Texas has provided an update on a ransomware attack that was reported earlier this week. The county was able to stop the hackers before they could encrypt files or systems.THERECORD.MEDIA
2 NovUpdate: Boeing Admits Cyberattack on Parts and Distribution Business“We are aware of a cyber incident impacting elements of our parts and distribution business,” Boeing told The Register. At the time of writing, the company’s parts and distribution website was “down due to technical issues.”THEREGISTER.COM
2 NovHealthcare's Ransomware Attackers are Addicted to EncryptionAccording to a report by security firm Sophos, 75% of ransomware attacks on healthcare organizations involve the malicious encryption of data. This reflects the increasing skill level of hackers in the healthcare sector.HEALTHCAREINFOSECURITY.COM
2 NovRed Sift adds protection against phishing, BEC, and brand abuseDigital resilience provider, Red Sift is adding four new capabilities -- Brand Trust, OnDMARC, ASM, and Certificates -- designed to help organizations proactively address cybersecurity risks. The Red Sift platform uses APIs to collect and process large amounts of threat intellige…CSOONLINE.COM
2 NovMassive Ransomware Attack Hinders Services in 70 German MunicipalitiesMultiple cities and districts in western Germany have been paralyzed by a ransomware attack. The attack encrypted the servers of the local municipal service provider Südwestfalen IT, affecting over 70 municipalities.THERECORD.MEDIA
2 NovRansomware Attacks Set to Break Records in 2023Ransomware attacks are increasing at a record-breaking pace, with the frequency of attacks in Q3 2023 up 11% from the previous quarter and 95% from the previous year, according to Corvus Insurance.HELPNETSECURITY.COM
2 NovRansomware Attack on Texas Mental Healthcare Provider Affects 172,000 PatientsThe attack was quickly detected and contained within one segment of the network. The compromised information may include names, addresses, birthdates, Social Security numbers, diagnosis codes, insurance information, and treatment service types.BANKINFOSECURITY.COM
2 NovBoeing confirms ‘cyber incident’ after ransomware gang claims data theftAerospace giant Boeing has confirmed that it is dealing with a “cyber incident,” days after the company was listed on the leak site of the LockBit ransomware gang. In a statement given to TechCrunch, Boeing spokesperson Jim Prolux confirmed that attackers had targeted “elements o…TECHCRUNCH.COM
2 NovDo government sanctions against ransomware groups work?Earlier this year, the U.S. government imposed sanctions against Russian national Mikhail Matveev, an FBI most-wanted cybercriminal, who authorities accuse of being a “prolific ransomware affiliate” involved in cyberattacks in the United States and overseas. Authorities say Matve…TECHCRUNCH.COM
2 NovOkta data breach exposed personal information of employeesOkta is warning nearly 5,000 employees that the company was impacted by a data breach that exposed personal information. [...]BLEEPINGCOMPUTER.COM
2 NovSmall Businesses are Experiencing More Cyber AttacksAs large organizations realize the likelihood of cyber attacks and improve their cyber readiness, small businesses are seeing increases not experienced by their larger counterparts.KNOWBE4.COM
2 NovOkta hit by third-party data breach exposing employee informationOkta is warning nearly 5,000 current and former employees that their personal information was exposed after a third-party vendor was breached. [...]BLEEPINGCOMPUTER.COM
2 NovWhy Storage And Backup Are Cybersecurity’s Weakest Links? – Top 5 ReasonsA lot of money is being spent to protect the enterprise against intrusion. Ransomware protection is currently in the spotlight – and with good reason. But organizations also invest heavily in technologies such as Zero Trust Network Access (ZTNA), Secure Access Service Edge (SASE)…GBHACKERS.COM
2 NovBoeing confirms cyberattack amid LockBit ransomware claimsAerospace giant Boeing is investigating a cyberattack that impacted its parts and distribution business after the LockBit ransomware gang claimed that they breached the company's network and stole data. [...]BLEEPINGCOMPUTER.COM
2 NovBoeing Reports 'Cyber Incident'; Ransomware Group Claims HitAerospace Giant Says Elements of Parts and Distribution Business Are Affected Boeing has confirmed suffering a "cyber incident" affecting its parts and distribution business days after the notorious LockBit ransomware group claimed to have breached systems at the world's biggest …DATABREACHTODAY.CO.UK
2 NovMedical Research Executive Hit in SIM-Swapping Attack by ALPHV GangRansomware gang Alphv, also known as BlackCat, claims to have stolen data from Advarra, a firm that assists with medical trials. The criminals gained access to an executive's accounts by SIM swapping their cellphone number.THEREGISTER.COM
2 NovCalifornia Community College Río Hondo Dealing With Cybersecurity IncidentRío Hondo College in Southern California experienced a cybersecurity incident that disrupted campus functions and financial aid disbursements, potentially indicating a ransomware attack.THERECORD.MEDIA
2 NovMortgage lender giant Mr. Cooper hit by cyberattack impacting IT systemsU.S. mortgage lending giant Mr. Cooper was breached in a cyberattack that caused the company to shut down IT systems, including access to their online payment portal. [...]BLEEPINGCOMPUTER.COM
2 NovMortgage and loan giant Mr. Cooper blames cyberattack for ongoing outageMortgage and loan giant Mr. Cooper says a “cybersecurity incident” earlier this week was the cause of an ongoing outage, adding that the company is “working to resolve the issue.” The Texas-based company said in a statement on its website that on October 3…TECHCRUNCH.COM
2 NovMajor Mexican Airport Confirms Experts are Working to Address CyberattackQuerétaro Intercontinental Airport in Mexico has experienced a cyberattack, with an employee downloading a file containing malware, but the airport's operational security was not compromised and the attack has been contained and isolated.THERECORD.MEDIA
2 NovGlobal Government Coalition Launching New Ransomware EffortsInternational Counter Ransomware Initiative Announces First Joint Policy Statement. A U.S.-led global coalition against ransomware endorsed a joint policy statement declaring that member governments should not pay ransoms. The International Counter Ransomware Initiative, now ente…DATABREACHTODAY.CO.UK
2 NovMortgage giant Mr. Cooper hit by cyberattack impacting IT systemsU.S. mortgage lending giant Mr. Cooper was breached in a cyberattack that caused the company to shut down IT systems, including access to their online payment portal. [...]BLEEPINGCOMPUTER.COM
2 NovMedical Firm Reaches $100,000 Settlement With HHS Over 2017 Ransomware AttackThe company failed to adequately protect electronic protected health information, violated HIPAA laws, and lacked sufficient monitoring and policies to prevent and address cyberattacks.THERECORD.MEDIA
2 NovBlackCat ransomware claims breach of healthcare giant Henry ScheinThe BlackCat (ALPHV) ransomware gang claims it breached the network of healthcare giant Henry Schein and stole dozens of terabytes of data, including payroll data and shareholder information. [...]BLEEPINGCOMPUTER.COM
2 NovRussian Reshipping Service ‘SWAT USA Drop’ ExposedOne of the largest cybercrime services for laundering stolen merchandise was hacked recently, exposing its internal operations, finances and organizational structure. Here’s a closer look at the Russia-based SWAT USA Drop Service, which currently employs more than 1,200 people ac…KREBSONSECURITY.COM
2 NovBreach Roundup: Canada Bans WeChat and Kaspersky AppsAlso: Iranian State Hackers Stalk Middle Eastern Governments This week, Canada banned WeChat and Kaspersky apps, REvil members faced trial in a Russian military court, the British Library experienced an IT outage, Iranian state-backed hackers targeted Middle East governments and …DATABREACHTODAY.CO.UK
2 Nov5 Ontario Hospitals Still Reeling From Ransomware AttackHospitals Can't Access Patient EHRs, Crime Group Says it Has Records of 5.6 Million Five regional hospitals in Ontario still have no access to patients' electronic health records and other critical data nearly two weeks after an attack on their shared IT services provider. Ransom…DATABREACHTODAY.CO.UK
2 NovAce Hardware says 1,202 devices were hit during cyberattackAce Hardware confirmed that a cyberattack is preventing local stores and customers from placing orders as the company works to restore 196 servers. [...]BLEEPINGCOMPUTER.COM
2 NovSecurity Researchers from Salt-Security explain in a super detailed post how they did account takeover on Grammarly.com, Booking.com, Expo.io, Codecademy.com, Vidio.com, Bukalapak.com, and 100+ Oth...submitted by L4s to secops 1 points | 0 comments https://salt.security/blog/oh-auth-abusing-oauth-to-take-over-millions-of-accounts Security Researchers from Salt-Security explain in a super detailed post how they did account takeover on Grammarly.com, Booking.com, Expo.io, Codec…SALT.SECURITY
2 NovAnnouncing Microsoft Secure Future Initiative to advance security engineering​Today Microsoft’s Vice Chair and President Brad Smith shared insight on the global cybersecurity landscape and introduced our Secure Future Initiative. These engineering advances counter current digital threats, such as cyberattacks on identity systems. Read more about this init…MICROSOFT.COM
🕵️ THREAT INTELLIGENCE 19[−]
2 NovISC Stormcast For Thursday, November 2nd, 2023 https://isc.sans.edu/podcastdetail/8728, (Thu, Nov 2nd)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
2 NovSpyware in IndiaApple has warned leaders of the opposition government in India that their phones are being spied on: Multiple top leaders of India’s opposition parties and several journalists have received a notification from Apple, saying that “Apple believes you are being targeted by sta…SCHNEIER.COM
2 NovTop 3 Cyber Threats That Attack Banks in 2023 – Counter Them With Any.Run SandboxBank robbers of today are nothing like their counterparts of the past. Modern-day Bonnie and Clyde operate remotely, carrying out their operations from hundreds of miles away, simply using their laptops. On top of that, every year, the barrier of entry for aspiring criminals is g…GBHACKERS.COM
2 NovThreat Actors Deploy Malvertising Campaigns to Hijack Facebook Users’ AccountsThe attackers use hijacked Facebook accounts and create multiple profiles featuring photos of young women to entice users to click on infected links. Clicking on the ads downloads a malicious file that steals browser cookies and passwords.BITDEFENDER.COM
2 NovDefense in depth: Layering your security coverageThe more valuable a possession, the more steps you take to protect it. A home, for example, is protected by the lock systems on doors and windows, but the valuable or sensitive items that a criminal might steal are stored with even more security — in a locked filing cabinet…SECURITYINTELLIGENCE.COM
2 NovCybersecurity Expert: AI Lends Phishing Plausibility for Bad ActorsCybersecurity experts expect to see threat actors increasingly make use of AI tools to craft convincing social engineering attacks, according to Eric Geller at the Messenger.KNOWBE4.COM
2 NovHEXACON 2022 - 17 videossubmitted by ashar to security_cpe 1 points | 0 comments https://infosec.pub/pictrs/image/3d44374c-159c-45e0-ad9a-726403c8adc5.png HEXACON 2022 playlist Hexacon 2022 schedule from the websiteINFOSEC.PUB
2 NovQuick Tip For Artificially Inflated PE Files, (Thu, Nov 2nd)In his diary entry " Size Matters for Many Security Controls ", Xavier talks about a PE file that has been artificially inflated in size (to 1GB) by appending NUL bytes (0x00) to its end. ISC.SANS.EDU
2 NovNavigating the Complex Threat Landscape — Key Takeaways for CISOs"Navigating the Evolving Threat Landscape: Resilient Cybersecurity Tactics for CISOs" provides an overview of 18 months of attacker trends. The post Navigating the Complex Threat Landscape — Key Takeaways for CISOs appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
2 NovVERTICAL ESW #338 Live Stream PromoSegment 1: Quarterly Market Review with a VC: Strategic Cyber Ventures – Hank Thomas – ESW #338 In this segment, we discuss the current state of the market recovery with Hank Thomas, founder of Strategic Cyber Ventures. Segment 2: Data Chaos MUST be Curbed, but how? – Jackie McGu…YOUTUBE.COM
2 NovNew macOS 'KandyKorn' malware targets cryptocurrency engineersA new macOS malware dubbed 'KandyKorn' has been spotted in a campaign attributed to the North Korean Lazarus hacking group, targeting blockchain engineers of a cryptocurrency exchange platform. [...]BLEEPINGCOMPUTER.COM
2 NovQuarterly Market Review with a VC: Strategic Cyber Ventures - Hank Thomas - ESW #338In this segment, we discuss the current state of the market recovery with Hank Thomas, founder of Strategic Cyber Ventures. We've got market questions, like: - What has changed in the last year? - Are IPOs coming back any time soon? - How large is the cybersecurity death pool? - …YOUTUBE.COM
2 Novi got caught with something I didnt dosubmitted by omnissiah to cybersecurity 1 points | 0 comments Al activate my doomsday usb deviceINFOSEC.PUB
2 NovUK AI Summit: Aspirations, Benefits and a Lack of 'Doom'The Model Will Be Replicated in France and South Korea The U.K. summit on artificial intelligence was a venue for officials to tout their AI aspirations and for participants to stress benefits of the emerging technology. Participants lauded the U.K. government for bringing togeth…DATABREACHTODAY.CO.UK
2 NovAccenture Buys Innotec Security to Expand Footprint in SpainInnotec Deal Will Allow Accenture to Support Global Companies With Spanish Presence Accenture acquired one of Spain's most prominent cybersecurity service providers to better support multinational companies with a presence in the country. The consulting giant said its buy of Madr…DATABREACHTODAY.CO.UK
2 NovSenate Vets Biden Pick to Serve as National Cyber DirectorHarry Coker to Become Second-Ever Permanent National Cyber Director If Confirmed. Harry Coker, the former executive director of the National Security Agency, told lawmakers he will take a "whole of government" approach to bolstering national cybersecurity if confirmed to serve as…DATABREACHTODAY.CO.UK
2 NovFortinet Invests In SASE, SecOps Amid Network Security SlumpFortinet's Stock Falls to Lowest Price Since January As Product Revenue Declines Fortinet plans to shift its R&D and go-to-market investments to the faster-growing SASE and security operations segments as growth slows in the network security market. The company expects "more …DATABREACHTODAY.CO.UK
2 NovAfter Major Cloud Hacks, Microsoft Unveils ‘Secure Future Initiative’In response to a spate of embarrassing hacks, Redmond pushes ‘Secure Future Initiative’ promising faster cloud patches, better management of identity signing keys and products with a higher default security bar. The post After Major Cloud Hacks, Microsoft Unveils ‘Secure Future I…SECURITYWEEK.COM
2 NovXage Targets New Markets with $20 Million InvestmentSilicon Valley startup snags $20 million in new capital and announced plans to expand beyond traditional IT environments. The post Xage Targets New Markets with $20 Million Investment appeared first on SecurityWeek .SECURITYWEEK.COM
🌐 CYBER THREAT LANDSCAPE 4[−]
2 NovMozi Botnet Put in its Grave Using Kill SwitchThe activation of the kill switch disabled various system services, replaced the original malware, and maintained persistence, suggesting a deliberate dismantling of the botnet.WELIVESECURITY.COM
2 NovWhen generative AI cyberthreats arrive, Wraithwatch will be ready and waitingGenerative AI is pervading just about every industry already, whether we like it or not, and cybersecurity is no exception. The possibility of AI-accelerated malware development and autonomous attacks should alarm any sysadmin even at this early stage. Wraithwatch is a new securi…TECHCRUNCH.COM
2 NovIran's MuddyWater Targets Israel in New Spear-Phishing Cyber CampaignMuddyWater's tactics have evolved over time, with the group now utilizing a new file-sharing service called Storyblok and a new command-and-control framework called MuddyC2Go.THEHACKERNEWS.COM
2 NovMysterious Kill Switch Disrupts Mozi IoT Botnet OperationsThe unexpected drop in malicious activity connected with the Mozi botnet in August 2023 was due to a kill switch that was distributed to the bots. "First, the drop manifested in India on August 8," ESET said in an analysis published this week. "A week later, on August 16, the sam…THEHACKERNEWS.COM
🎙️ PODCASTS 1[−]
2 NovTransatlantic Cable podcast, episode 322 | Kaspersky official blogExploring SBS ad opt-outs, emoji passwords, Meta's ad-free subscription, and AI conversations on the latest in tech – Episode 322 of the Transatlantic Cable Podcast.KASPERSKY.COM
📡 INFOSEC NEWS 8[−]
2 NovProbe of School Surveillance Software Finds Privacy Abuses, Inaccurate ResultsThe investigation by the Electronic Frontier Foundation (EFF) found that innocent content related to education, therapy, and LGBTQ+ issues was consistently flagged as potentially harmful, leading to a "stunning invasion of privacy."THERECORD.MEDIA
2 NovSaaS Security is Now Accessible and Affordable to AllThis new product offers SaaS discovery and risk assessment coupled with a free user access review in a unique “freemium” model Securing employees' SaaS usage is becoming increasingly crucial for most cloud-based organizations. While numerous tools are available to address this ne…THEHACKERNEWS.COM
2 NovXage Security raises $20M more to expand its security platformWhile the number of cybersecurity funding deals reached a high point in 2022, that doesn’t mean that the sector’s tapped out — far from it. According to Statista, there were 148 deals in Q2 2023 worth a combined $1.6 billion. And — at least anecdotally …TECHCRUNCH.COM
2 NovRansomedVC Gang Up for Sale as Cyber Cops Make Owner SweatThe RansomedVC group, which recently claimed responsibility for several high-profile attacks, is now up for sale. The owner, citing personal reasons and a desire to avoid monitoring by federal agencies, is offering a 20% discount to a trusted buyer.THEREGISTER.COM
2 NovMicrosoft pledges to bolster security as part of ‘Secure Future’ initiativeMicrosoft announced today the 'Secure Future Initiative,' pledging to improve the built-in security of its products and platforms to better protect customers against escalating cybersecurity threats. [...]BLEEPINGCOMPUTER.COM
2 NovCloudflare Dashboard and APIs down after data center power outageAn ongoing Cloudflare outage has taken down many of its products, including the company's dashboard and related application programming interfaces (APIs) customers use to manage and read service configurations. [...]BLEEPINGCOMPUTER.COM