81Articles
9Categories
2023-11-08Date
🚨 CISA KEV 1[−]
8 Nov KEVCISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2023- 2 9552 Service Location Protocol (SLP) Denial-of-Service Vulnerability These types of vulnerabilities are frequent attack vectors for maliciou…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 1[−]
8 NovConfluence flaw severity raised amid mass exploitationsubmitted by c0mmando to netsec 1 points | 1 comments https://www.theregister.com/2023/11/08/atlassian_confluence_flaw_upgraded/ Atlassian reassessed the severity rating of the recent improper authorization vulnerability in Confluence Data Center and Server, raising the CVSS scor…THEREGISTER.COM
⚠️ VULNERABILITY DISCLOSURE 21[−]
8 NovWhen a vulnerability disclosure doesn't go how you expect.submitted by L4s to secops 1 points | 0 comments https://projectblack.io/blog/a-tale-of-2-vulnerability-disclosures/ When a vulnerability disclosure doesn’t go how you expect.::You’re out for a stroll and spot a house with its front door wide open. Out of concern, you try to info…PROJECTBLACK.IO
8 NovQNAP OS Command Injection Vulnerability Let Attackers Execute Malicious CommandsTwo critical OS command injection flaws have been discovered in multiple QNAP products, which include QTS, Multimedia Console, Media Streaming add-on, QuTS Hero, and QuTScloud. These vulnerabilities existed in the QTS operating system and applications on network-attached storage …GBHACKERS.COM
8 NovIranian APT Hackers Attacking Education & Tech Sectors to Steal Sensitive DataCybersecurity researchers link attackers to the Iranian-backed APT group “Agonizing Serpens,” which has upgraded its capabilities and uses various tools to bypass security measures. Hackers target and steal sensitive data for various reasons, including: They may sell …GBHACKERS.COM
8 NovGUEST ESSAY: The many channels law enforcement pursues to mitigate cyber threatsThroughout 2023, we’ve witnessed numerous significant cyber incidents. One of the largest this year was the MOVEit breach, which impacted various state motor vehicle organizations and exposed driver’s license information for nearly 9.5 million individuals. Related: Th…LASTWATCHDOG.COM
8 NovUpdate: Dallas County Reviewing Data Leaked by Ransomware GangThe gang has posted allegedly stolen data and threatened to release more if there is no reaction. The county is investigating the incident and working with law enforcement and cybersecurity experts.THERECORD.MEDIA
8 NovKubescape 3.0 Elevates Open-Source Kubernetes SecurityThe platform provides comprehensive visibility into the security posture of all images in a cluster, prioritizing remediation efforts and highlighting high-risk workloads.HELPNETSECURITY.COM
8 NovOutdated Cryptographic Protocols Put Vast Amounts of Network Traffic at RiskA recent study by Quantum Xchange reveals that a large percentage of network traffic has encryption flaws due to the use of older protocols like TLS 1.0 and SSL v3 and is unencrypted, posing a significant risk to businesses.HELPNETSECURITY.COM
8 NovMarina Bay Sands Discloses Data Breach Impacting 665k CustomersSingapore’s Marina Bay Sands luxury resort has disclosed a data breach impacting the information of 665,000 customers. The post Marina Bay Sands Discloses Data Breach Impacting 665k Customers appeared first on SecurityWeek .SECURITYWEEK.COM
8 NovUS launches “Shields Ready” campaign to secure critical infrastructureThe US Department of Homeland Security (DHS), the Cybersecurity and Infrastructure Security Agency (CISA), and the Federal Emergency Management Agency (FEMA) have announced the launch of the " Shields Ready " campaign to promote critical national infrastructure (CNI) security and…CSOONLINE.COM
8 NovGenerative AI could erode customer trust, half of business leaders sayOver two-thirds of businesses leaders say their company needs to improve security and compliance measures with a quarter rating their organization's security and compliance strategy as reactive. That's according to the Vanta State of Trust Report which surveyed the behaviors and …CSOONLINE.COM
8 NovCyber attackers and defenders are racing to up their AI gameArtificial intelligence’s power and fast evolution are rapidly altering the cybersecurity landscape in ways that pose opportunities and challenges to cybersecurity defenders. As popular AI tools such as ChatGPT and, more recently, even more robust generative AI systems become mai…CSOONLINE.COM
8 NovEvolving the App Defense AlliancePosted by Nataliya Stanetsky, Android Security and Privacy Team The App Defense Alliance (ADA), an industry-leading collaboration launched by Google in 2019 dedicated to ensuring the safety of the app ecosystem, is taking a major step forward. We are proud to announce that the Ap…SECURITY.GOOGLEBLOG.COM
8 NovA nasty Python package continues a trend of targeting developerssubmitted by c0mmando to netsec 1 points | 0 comments https://therecord.media/python-package-checkmarx-python-developers Sometimes when malicious hackers meddle with open-source software development, the target isn’t the software — it’s the developers themselves. Researchers at c…THERECORD.MEDIA
8 Nov50 Shades of Vulnerabilities: Uncovering Flaws in Open-Source Vulnerability Disclosuressubmitted by L4s to secops 1 points | 0 comments https://blog.aquasec.com/50-shades-of-vulnerabilities-uncovering-flaws-in-open-source-vulnerability-disclosures 50 Shades of Vulnerabilities: Uncovering Flaws in Open-Source Vulnerability Disclosures::Nautilus researchers evaluated…AQUASEC.COM
8 NovGenerative AI to fuel stronger phishing campaigns, information operations at scale in 2024The signs an average person uses to tell whether an email is legitimate or a scam by checking for misspellings, grammar errors, and lack of cultural context will be harder to spot in 2024. Attackers will continue to use generative AI and large language models (LLM) in phishing, S…CSOONLINE.COM
8 NovRoyal Mail Jeopardizes Users With Open Redirect Flaw“The vulnerability can be exploited by attackers to trick users into visiting malicious websites or phishing pages by disguising the malicious URL as a legitimate one,” Cybernews researchers explained.SECURITYAFFAIRS.COM
8 NovNew Phishing Campaign Abusing .top DomainsA phishing campaign is exploiting a large number of .top domains, according to researchers from WhoisXML API. In an article for CircleID, the researchers analyzed a phishing operation first uncovered by security researcher Dancho Danchev.KNOWBE4.COM
8 NovCerber Ransomware Operators Exploit Latest Atlassian BugAnalysts Suggest Cerber Ransomware Is a Conti Derivative Ransomware hackers have seized on an exploit of a recently disclosed zero-day vulnerability in Atlassian Confluence instances days after the company urged its customers to patch immediately. Atlassian on Monday elevated the…DATABREACHTODAY.CO.UK
8 NovSumo Logic discloses security breach, advises API key resetsSecurity and data analytics company Sumo Logic disclosed a security breach after discovering that its AWS (Amazon Web Services) account was compromised last week. [...]BLEEPINGCOMPUTER.COM
8 NovNY AG Hits Radiology Group With $450K Fine in SonicWall HackAttackers Exploited Unpatched Flaw, Affecting Nearly 93,000 New Yorkers New York state regulators have smacked one of the nation's largest physician-owned radiology groups with a $450,000 settlement in the aftermath of a 2021 data exfiltration incident that compromised sensitive …DATABREACHTODAY.CO.UK
8 NovInsights from Microsoft Security Copilot early adoptersIn our preview of Microsoft Security Copilot, research data shows customers can save up to 40 percent of their security analysts’ time on foundational tasks and increase efficiency up to and above 60 percent. The post Insights from Microsoft Security Copilot early adopters appear…MICROSOFT.COM
📢 SECURITY ADVISORIES 5[−]
8 NovKeep it secret, keep it safe: the essential role of cybersecurity in document managementAs document management continues its long transition from physical filing cabinets to digital databases and the cloud, the potential for cyber threats increases with every step and every migration. As such, it’s critical that organizations understand and address the connection be…CSOONLINE.COM
8 NovProtecto Joins Cadre of Startups in AI Data Protection SpaceSilicon Valley startup is pitching APIs to help organizations protect data and ensure compliance throughout the AI deployment lifecycle. The post Protecto Joins Cadre of Startups in AI Data Protection Space appeared first on SecurityWeek .SECURITYWEEK.COM
8 NovWomen sue plastic surgery after hack saw their naked photos posted onlinePhotos of naked patients and medical records have been posted online by extortionists who hacked a Las Vegas plastic surgery, driving victims to file a lawsuit claiming not enough care was taken to protect their private information. Read more in my article on the Hot for Security…BITDEFENDER.COM
8 NovDOJ to Launch Emerging Tech Board, Ensure Ethical Use of AIBoard to Set Ethical Framework for DOJ Use of Facial Recognition, Other AI Tools Deputy Attorney General Lisa Monaco announced Wednesday that the Justice Department will appoint a new board to advise top officials on the "ethical, lawful use of AI" following a White House executi…DATABREACHTODAY.CO.UK
🔥 INCIDENT REPORTING 20[−]
8 NovExperts Expose Farnetwork's Ransomware-as-a-Service Business ModelCybersecurity researchers have unmasked a prolific threat actor known as farnetwork, who has been linked to five different ransomware-as-a-service (RaaS) programs over the past four years in various capacities. Singapore-headquartered Group-IB, which attempted to infiltrate a pri…THEHACKERNEWS.COM
8 NovRussian-speaking threat actor "farnetwork" linked to 5 ransomware gangsThe operator of the Nokoyawa ransomware-as-a-service (RaaS), a threat actor known as 'farnetwork', built experience over the years by helping the JSWORM, Nefilim, Karma, and Nemty affiliate programs with malware development and operation management. [...]BLEEPINGCOMPUTER.COM
8 NovCancer treatments cancelled after Canadian hospitals hit by ransomware attackA ransomware attack impacting five hospitals in southwestern Ontario, Canada, has seen hackers gain access to a database containing 5.6 million patient visits, and the social insurance numbers of over 1400 employees. Read more in my article on the Hot for Security blog.BITDEFENDER.COM
8 NovData Breach at Singapore's Marina Bay Sands Affects 665,000 CustomersAccording to a statement published by the resort, the incident occurred on October 19-20 and involved unauthorized third-party access to its non-casino customers’ loyalty program membership data.INFOSECURITY-MAGAZINE.COM
8 NovFBI Highlights Emerging Initial Access Methods Used by Ransomware GroupsFBI warns that ransomware operators continue to abuse third-party vendors and services as an attack vector. The post FBI Highlights Emerging Initial Access Methods Used by Ransomware Groups appeared first on SecurityWeek .SECURITYWEEK.COM
8 NovShared IT Service Provider Says Ransomware Data Breach Affects 267,000 PatientsThe hackers responsible for the attack, known as the DAIXIN Team, have gradually leaked samples of the stolen patient data and expressed interest in selling it to data brokers.BLEEPINGCOMPUTER.COM
8 NovExperts Expose Farnetwork's Ransomware-as-a-Service Business ModelFarnetwork has been linked to the development and management of various ransomware strains, including JSWORM, Nefilim, Karma, Nemty, and their own program based on the Nokoyawa ransomware.THEHACKERNEWS.COM
8 NovBeware, Developers: BlazeStealer Malware Discovered in Python Packages on PyPIA new set of malicious Python packages has slithered their way to the Python Package Index (PyPI) repository with the ultimate aim of stealing sensitive information from compromised developer systems. The packages masquerade as seemingly innocuous obfuscation tools, but harbor a …THEHACKERNEWS.COM
8 NovData security tools make data loss prevention more efficientAs businesses navigate the complexities of modern-day cybersecurity initiatives, data loss prevention (DLP) software is the frontline defense against potential data breaches and exfiltration. DLP solutions allow organizations to detect, react to and prevent data leakage or misuse…SECURITYINTELLIGENCE.COM
8 NovHacker Leaks 35 Million Scraped LinkedIn User RecordsThe contents of the leaked database on BreachForums, as observed by Hackread.com, include publicly available information from LinkedIn profiles, containing full names and profile bios.HACKREAD.COM
8 NovSumo Logic Urges Users to Change Credentials Due to Security BreachCloud monitoring and SIEM firm Sumo Logic is urging users to rotate credentials following the discovery of a security breach. The post Sumo Logic Urges Users to Change Credentials Due to Security Breach appeared first on SecurityWeek .SECURITYWEEK.COM
8 NovResearchers Uncover Undetectable Crypto Mining Technique on Azure AutomationCybersecurity researchers have developed what's the first fully undetectable cloud-based cryptocurrency miner leveraging the Microsoft Azure Automation service without racking up any charges. Cybersecurity company SafeBreach said it discovered three different methods to run the m…THEHACKERNEWS.COM
8 NovJapan Aviation Electronics Says Servers Accessed During CyberattackOn Monday evening, the maker of electronics and aerospace products replaced its website with a static message indicating some of its servers were accessed by hackers last Thursday.THERECORD.MEDIA
8 NovFBI: Ransomware gangs hack casinos via 3rd party gaming vendorsThe Federal Bureau of Investigation is warning that ransomware threat actors are targeting casino servers and use legitimate system management tools to increase their permissions on the network. [...]BLEEPINGCOMPUTER.COM
8 NovIdentifying Group Policy attacksA threat hunt looks at three attacker changes to a compromised Active Directory, and explains how to both understand and overcome themSOPHOS.COM
8 NovSumo Logic Urges Users to Change Credentials Due to Security BreachThe company revealed on Tuesday that a “potential security incident” discovered on November 3 involved unauthorized access to a Sumo Logic AWS account through the use of compromised credentials.SECURITYWEEK.COM
8 Nov10 most dangerous mistakes when setting up a corporate network | Kaspersky official blogWe discuss what processes and settings could make you the next victim of a cyberattack — and how to prevent problems.KASPERSKY.COM
8 NovRockwell Takes on Cyber Challenges in Industrial FacilitiesRockwell Looks to Mitigate Cyber Risk Posed by External Hard Drives, PLC Targeting Heavy reliance on legacy systems by the manufacturing organizations have led to cyberattacks becoming more frequent, complex and nuanced over the past two years. Rockwell Automation has sought to b…DATABREACHTODAY.CO.UK
8 NovMedical Transcription Hack Affects 1.2 Million ChicagoansCook County Health Says It Is Among the Vendor's 'Many' Clients Affected by Hack A major healthcare provider in Chicago that targets underserved populations is notifying 1.2 million patients that their information was compromised in a data theft incident at a medical transcriptio…DATABREACHTODAY.CO.UK
8 NovSumo Logic urges customers to reset API keys following security breachSumo Logic, a U.S.-based cloud data analytics and log analysis company, is urging users to reset API keys after discovering a security breach. In a security notice published this week, Sumo Logic confirmed it had discovered evidence of a potential security incident on November 3.…TECHCRUNCH.COM
🕵️ THREAT INTELLIGENCE 15[−]
8 NovUS govt sanctioned a Russian woman for laundering virtual currency on behalf of threat actorssubmitted by throws_lemy to cybersecurity 1 points | 0 comments https://securityaffairs.com/153649/breaking-news/russian-woman-virtual-currency-money-laundering.htmlSECURITYAFFAIRS.COM
8 NovISC Stormcast For Wednesday, November 8th, 2023 https://isc.sans.edu/podcastdetail/8736, (Wed, Nov 8th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
8 NovDropper Service Bypassing Android Security Restrictions to Install MalwareThreatFabric warns of a dropper service bypassing recent Android security restrictions to install spyware and banking trojans. The post Dropper Service Bypassing Android Security Restrictions to Install Malware appeared first on SecurityWeek .SECURITYWEEK.COM
8 NovDecoupling for SecurityThis is an excerpt from a longer paper. You can read the whole thing (complete with sidebars and illustrations) here . Our message is simple: it is possible to get the best of both worlds. We can and should get the benefits of the cloud while taking security back into our own han…SCHNEIER.COM
8 NovWhat are You Working on Wednesdaysubmitted by shellsharks to cybersecurity 1 points | 0 comments Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.INFOSEC.PUB
8 NovOutmatch Adversaries with PAN-OS 11.1 Cosmos & Strata Cloud ManagerPAN-OS 11.1 Cosmos is the next evolution of network security, making it easier for customers to optimally manage and operate network security estate. The post Outmatch Adversaries with PAN-OS 11.1 Cosmos & Strata Cloud Manager appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
8 NovTesting the Limits of Firewall Performance and FlexibilityFive new ML-Powered Next-Generation Firewalls, including the industry’s first firewall to exceed 1.5 Tbps, bring industry-leading performance and security. The post Testing the Limits of Firewall Performance and Flexibility appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
8 NovChinese APTs Targeting Cambodian GovernmentBy monitoring telemetry associated with two prominent Chinese APT groups, researchers observed network connections predominately originating from Cambodia, including inbound connections originating from at least 24 Cambodian government organizations.UNIT42.PALOALTONETWORKS.COM
8 NovOffense Intended: How Adversarial Emulation Went From State Secret To Board Bullet PointOffensive Security does not focus on discreet attacks, singular actors, or Indicators of compromise, but understands the entirety of both sides of the battlefield. The post Offense Intended: How Adversarial Emulation Went From State Secret To Board Bullet Point appeared first on …SECURITYWEEK.COM
8 NovBlazeStealer Malware Discovered in Python Packages on PyPI Targets DevelopersThe malware runs a Discord bot and enables the threat actor to harvest a wide range of information, including passwords from web browsers and screenshots, execute arbitrary commands, encrypt files, and deactivate Microsoft Defender on the host.THEHACKERNEWS.COM
8 NovGitHub Enhances Security Capabilities With AIGitHub adds AI-powered security features to help developers identify and address code vulnerabilities faster. The post GitHub Enhances Security Capabilities With AI appeared first on SecurityWeek .SECURITYWEEK.COM
8 NovDHS Launches New Critical Infrastructure Security and Resilience CampaignDHS launches Shields Ready, a new campaign promoting security and resilience for critical infrastructure organizations. The post DHS Launches New Critical Infrastructure Security and Resilience Campaign appeared first on SecurityWeek .SECURITYWEEK.COM
8 NovEU Cyber Resilience Act May Cause Bottlenecks, Companies SayDigital Europe Says Third-Party Assessments Could Ensnare Supply Chains Heads of major European tech companies are calling on trading bloc lawmakers to revise a proposed cybersecurity law, which they argue will create bottlenecks that disrupt the supply chain. "We risk creating a…DATABREACHTODAY.CO.UK
8 NovHow Microsoft, Rockwell Deploy AI for Faster, Cleaner DesignMicrosoft Boosts Productivity, Accelerates Learning, Drives Collaboration With AI Microsoft spent the past year testing how generative AI can boost productivity, accelerate learning curves and drive collaboration for itself, its partners and its customers. Microsoft infuses gener…DATABREACHTODAY.CO.UK
8 NovTesting AI Before It Comes To Get You – Austin Carson – PSW #806Austin Carson, CEO of SeedAI, spends the majority of his time thinking about ways to abuse LLMs, the impact of the attacks, and the effects on society. He brings a truly unique perspective to the way to use, attack, and verify output from #AI LLM models. Whether you are just lear…YOUTUBE.COM
🌐 CYBER THREAT LANDSCAPE 2[−]
8 NovNew BlueNoroff Malware Variant Targets Cryptocurrency ExchangesThe malware is believed to be a late stage in a multi-stage attack delivered via social engineering, targeting companies in the cryptocurrency industry or those closely associated with it.INFOSECURITY-MAGAZINE.COM
8 NovCyber Security Today, Nov. 8, 2023 - Personal data on US military members is easily bought from data brokers, and moreThis episode reports on a university investigation into data brokers, new malware and how hackers could have gotten into medical softwareCYBERSECURITYTODAY.LIBSYN.COM
🎙️ PODCASTS 1[−]
8 NovProtocol Isolation: The Key to Secure OT EnvironmentsThis podcast addresses the challenges of implementing Protocol Isolation and provides practical solutions for securing your OT network.DATABREACHTODAY.CO.UK
📡 INFOSEC NEWS 15[−]
8 NovExample of Phishing Campaign Project File, (Wed, Nov 8th)We all have a love and hate relation with emails. When newcomers on the Internet starts to get emails, they are so happy but their feeling changes quickly. Then, they hope to reduce the flood of emails received daily... Good luck! Of course, tools have been developed to orga…ISC.SANS.EDU
8 NovWebinar: Kickstarting Your SaaS Security Strategy & ProgramSaaS applications make up 70% of total company software usage, and as businesses increase their reliance on SaaS apps, they also increase their reliance on those applications being secure. These SaaS apps store an incredibly large volume of data so safeguarding the organization's…THEHACKERNEWS.COM
8 NovVisa Launches Cybersecurity Training ProgramVisa has launched a payments learning program to address the shortage of skilled cybersecurity professionals and create a diverse talent pipeline in response to the White House's call for more pathways in cybersecurity.CYBERSECURITYDIVE.COM
8 NovGuide: How vCISOs, MSPs and MSSPs Can Keep their Customers Safe from Gen AI RisksDownload the free guide, "It's a Generative AI World: How vCISOs, MSPs and MSSPs Can Keep their Customers Safe from Gen AI Risks." ChatGPT now boasts anywhere from 1.5 to 2 billion visits per month. Countless sales, marketing, HR, IT executive, technical support, operations, fina…THEHACKERNEWS.COM
8 NovMaking iPhones and iPads crash with a Flipper ZeroWant to crash someone's iPhone or iPad? Turns out it's not that tricky, if you have a Flipper Zero.GRAHAMCLULEY.COM
8 NovGoogle-led App Defense Alliance joins Linux Foundation, with Meta and Microsoft joining tooThe App Defense Alliance (ADA) an initiative set up by Google back in 2019 to combat malicious Android apps infiltrating the Play app store, has formally joined the Joint Development Foundation (JDF), a Linux Foundation project focused on helping organizations working on technica…TECHCRUNCH.COM
8 NovChatGPT down after major outage impacting OpenAI systemsOpenAI's AI-powered ChatGPT large language model-based chatbot is down because of a major ongoing outage that also took down the company's Application Programming Interface (API). [...]BLEEPINGCOMPUTER.COM
8 NovWhatsApp now lets users hide their location during callsWhatsApp is rolling out a new privacy feature that helps Android and iOS users hide their location during calls by relaying the connection through WhatsApp servers. [...]BLEEPINGCOMPUTER.COM
8 NovWhatsApp Introduces New Privacy Feature to Protect IP Address in CallsMeta-owned WhatsApp is officially rolling out a new privacy feature in its messaging service called "Protect IP Address in Calls" that masks users' IP addresses to other parties by relaying the calls through its servers. "Calls are end-to-end encrypted, so even if a call is relay…THEHACKERNEWS.COM
8 NovCybersecurity at a Crossroads: New Implications on Business RiskDuring our 2023 Qualys Security Conference (QSC) taking place in Orlando, Florida, November 6-9, 2023, I unveiled an exciting new milestone for the company – the release of our new Qualys Enterprise TruRisk Platform, marking a seismic shift for the future of Qualys as a leader in…QUALYS.COM
8 NovRussian state-owned Sberbank hit by 1 million RPS DDoS attackRussian financial organization Sberbank states in a press release that two weeks ago it faced the most powerful distributed denial of service (DDoS) attack in recent history. [...]BLEEPINGCOMPUTER.COM
8 NovChatGPT back online after major OpenAI systems outageOpenAI's AI-powered ChatGPT large language model-based chatbot is down because of a major ongoing outage that also took down the company's Application Programming Interface (API). [...]BLEEPINGCOMPUTER.COM
8 NovMicrosoft drops SMB1 firewall rules in new Windows 11 buildWindows 11 will no longer add SMB1 Windows Defender Firewall rules when creating new SMB shares starting with today's Canary Channel Insider Preview Build 25992 build. [...]BLEEPINGCOMPUTER.COM
8 NovSignal tests usernames that keep your phone number privateSignal is now testing public usernames that allow users to conceal the phone numbers linked to their accounts while communicating with others. [...]BLEEPINGCOMPUTER.COM