83Articles
9Categories
2023-11-10Date
🐛 COMMON VULNERABILITIES AND EXPOSURES 3[−]
10 NovCerber Ransomware Exploits Atlassian Confluence Vulnerability CVE-2023-22518We encountered the Cerber ransomware exploiting the Atlassian Confluence vulnerability CVE-2023-22518 in its operations.TRENDMICRO.COM
10 NovHackers Actively Exploiting Big-IP and Citrix VulnerabilitiesExperts issued security alerts concerning the ongoing exploitation of Big-IP (CVE-2023-46747, CVE-2023-46748) and Citrix (CVE-2023-4966) vulnerabilities. The publicly available Proof of Concepts (POCs) for these vulnerabilities were rapidly circulated in cybercrime forums. Over 2…GBHACKERS.COM
⚠️ VULNERABILITY DISCLOSURE 17[−]
10 NovRussian State-Owned Sberbank Hit by 1 Million RPS DDoS AttackThe attack generated one million requests per second (RPS), four times larger than any previous attack on the bank. Sberbank believes that new, highly skilled hackers are targeting major Russian resources.BLEEPINGCOMPUTER.COM
10 NovHackers Exploiting Confluence Flaw to Deploy RansomwareHackers actively target Confluence flaws because it is a widely used collaboration and documentation platform, making it a valuable target for gaining unauthorized access to sensitive information or spreading malware. Exploiting vulnerabilities in Confluence can lead to:-  T…GBHACKERS.COM
10 NovNew Gootloader Malware Abuses RDP to Spread RapidlyHackers target Remote Desktop Protocol (RDP) via malware because it provides them with remote access to a victim’s computer or network, allowing them to:- Cybersecurity researchers at IBM X-Force affirmed recently that in place of conventional frameworks like CobaltStrike, …GBHACKERS.COM
10 NovNY AG Hits Radiology Group With $450K Fine in SonicWall HackThe breach was a result of the group failing to apply a firmware patch to fix a zero-day vulnerability in their SonicWall firewall, highlighting the importance of promptly updating and securing computer hardware and systems.BANKINFOSECURITY.COM
10 NovAlert: 'Effluence' Backdoor Persists Despite Patching Atlassian Confluence ServersCybersecurity researchers have discovered a stealthy backdoor named Effluence that's deployed following the successful exploitation of a recently disclosed security flaw in Atlassian Confluence Data Center and Server. "The malware acts as a persistent backdoor and is not remediat…THEHACKERNEWS.COM
10 NovBuffer Overflow Flaws in Trusted Platform Modules Allow Malicious CommandsTrusted Computing Group’s Trust Platform Module 2.0 reference library specification has been discovered with two buffer overflow vulnerabilities that threat actors can exploit to access read-only sensitive data or overwrite normally protected data, which is only available to the …GBHACKERS.COM
10 NovUS Government Issues Guidance on SBOM ConsumptionCISA, NSA, and ODNI issue new guidance on managing open source software and SBOMs to maintain awareness on software security. The post US Government Issues Guidance on SBOM Consumption appeared first on SecurityWeek .SECURITYWEEK.COM
10 NovWorld’s biggest bank hit by ransomware, forced to trade via USB stickThe US trading arm of the Industrial and Commercial Bank of China (ICBC) has been hit by a ransomware attack that reportedly forced it to handle trades via messengers carrying USB thumb drives across Manhattan. Read more in my article on the Hot for Security blog.BITDEFENDER.COM
10 NovSysAid IT Service Software 0-day Exploited to Deploy Cl0p RansomwareSysAid On-Prem software has been reported with a 0-day vulnerability determined during an incident response investigation. According to Microsoft, attackers are exploiting this zero-day vulnerability to infiltrate corporate servers, with the aim of stealing sensitive data and dep…GBHACKERS.COM
10 NovMaine Government Says Data Breach Affects 1.3 Million ResidentsThe government of Maine has confirmed that over a million state residents had their personal information stolen in a data breach by a Russia-linked ransomware gang that exploited a vulnerability in the MOVEit file transfer system.TECHCRUNCH.COM
10 NovIntel Sued Over ‘Downfall’ CPU VulnerabilityA class action lawsuit has been filed against Intel over its handling of CPU speculative execution vulnerabilities, with a focus on Downfall. The post Intel Sued Over ‘Downfall’ CPU Vulnerability appeared first on SecurityWeek .SECURITYWEEK.COM
10 NovMaine govt notifies 1.3 million people of MOVEit data breachThe State of Maine has announced that its systems were breached after threat actors exploited a vulnerability in the MOVEit file transfer tool and accessed personal information of about 1.3 million, which is close to the state's entire population. [...]BLEEPINGCOMPUTER.COM
10 NovIndustrial and Commercial Bank of China Dealing With LockBit Ransomware AttackICBC informed clients that a cybersecurity issue would require them to reroute trades and temporarily stop accepting orders. The attack highlights the vulnerability of critical infrastructure providers, such as the financial sector.THERECORD.MEDIA
10 NovUS Treasuries Trading Affected by Ransomware HackThe LockBit Ransomware Operation May Have Exploited Citrix Bleed A ransomware attack affecting the New York financial services subsidiary of the Industrial and Commercial Bank of China resulted in disruptions to the U.S. Treasury market. Close observers of the criminal undergroun…DATABREACHTODAY.CO.UK
10 NovMortgage giant Mr. Cooper says customer data exposed in breachMr. Cooper, the largest home loan servicer in the United States, says it found evidence of customer data exposed during a cyberattack disclosed last week, on October 31. [...]BLEEPINGCOMPUTER.COM
10 NovCyberattack Forces San Diego Hospital to Divert PatientsTri-City Medical Center Is Latest Regional Entity Facing Disruption to Patient Care A San Diego public hospital is diverting ambulances and patients to other facilities as it is dealing with a cyberattack this week. The medical center is the latest on a growing list of regional h…DATABREACHTODAY.CO.UK
10 NovCISA's New SBOM Guidance Faces Implementation ChallengesMany Organizations Lack Resources to Develop Adequate SBOM Consumption Processes The U.S. Cybersecurity and Infrastructure Security Agency published guidance that offers best practices in developing consumption processes for software bills of materials, but experts told ISMG the …DATABREACHTODAY.CO.UK
📋 SECURITY BULLETINS 1[−]
10 NovMicrosoft extends Windows Server 2012 ESUs to October 2026Microsoft provides three more years of Windows Server 2012 Extended Security Updates (ESUs) until October 2026, allowing administrators more time to upgrade or migrate to Azure. [...]BLEEPINGCOMPUTER.COM
📢 SECURITY ADVISORIES 11[−]
10 NovUK Shoppers Lost Over $13 Million to Fraud Last Festive SeasonWhile AI tools make fraud campaigns more convincing, users can still protect themselves by being cautious of phishing emails, recognizing warning signs, and following online shopping guidance provided by the NCSC.INFOSECURITY-MAGAZINE.COM
10 NovSentinelOne to Acquire Cybersecurity Consulting Firm Krebs Stamos GroupCybersecurity company SentinelOne is acquiring advisory firm Krebs Stamos Group to create a new entity called PinnacleOne Strategic Advisory Group, with Christopher Krebs and Alex Stamos taking on key positions.THERECORD.MEDIA
10 NovFrance, UK Seek Greater Regulation of Commercial SpywareFrance and the UK are calling for greater regulation of commercial surveillance software in the wake of recent Pegasus and Predator spyware scandals. The post France, UK Seek Greater Regulation of Commercial Spyware appeared first on SecurityWeek .SECURITYWEEK.COM
10 NovWhat Does the Latest SEC Charges Against Solarwinds’ CISO Means for CISOs Everywhere?In this blog, we'll take a look at the well-known Sunburst attack of 2018 and how the specific charges stemming from this attack will impact Chief Information Security Officers (CISOs) moving forward.KNOWBE4.COM
10 NovCavelo Raises CA$5 Million for Attack Surface Management PlatformCavelo has raised CA$5 million (~US$3.6 million USD) to help organizations comply with data protection regulations. The post Cavelo Raises CA$5 Million for Attack Surface Management Platform appeared first on SecurityWeek .SECURITYWEEK.COM
10 NovIn Other News: EU Government Surveillance, Rewards for Iranian Hackers, Evolution of Chinese SpyingNoteworthy stories that might have slipped under the radar: EU regulation enables government surveillance, US offering rewards for Iranian hackers, evolution of Chinese spying. The post In Other News: EU Government Surveillance, Rewards for Iranian Hackers, Evolution of Chinese S…SECURITYWEEK.COM
10 Nov[HEADS UP] FBI Warns About Callback PhishingIn a recent official advisory , the FBI warned about the threat of callback phishing (among other threats). Below is the relevant excerpt.KNOWBE4.COM
10 NovSentinelOne Buys High-Profile Consultancy Krebs Stamos GroupSecurity Firm Adds Chris Krebs, Alex Stamos to C-Suite to Take On Geopolitical Risk SentinelOne purchased a boutique consultancy established by two of the world's most famous security minds and launched its own strategic risk analysis and advisory group. SentinelOne will add inau…DATABREACHTODAY.CO.UK
10 NovRevised European Identity Regulation Close to Becoming LawCybersecurity Concerns Persist Over the Revised eIDAS Web Certificate Mandate European Union lawmakers and trading bloc governments reached a provisional agreement on a revised identity framework intended to digitize access to key public services for the majority of Europeans by …DATABREACHTODAY.CO.UK
10 NovISMG Editors: Latest Updates on AI Tech, RegulationsAlso: Key Takeaways From UK AI Summit; Security Insights From India In the latest weekly update, editors at Information Security Media Group discuss the shaping of responsible artificial intelligence governance, major takeaways from the U.K. AI Summit, and an overview of the main…DATABREACHTODAY.CO.UK
🔥 INCIDENT REPORTING 18[−]
10 NovChess - 827,620 breached accountsIn November 2023, over 800k user records were scraped from the Chess website and posted to a popular hacking forum . The data included email address, name, username and the geographic location of the user.HAVEIBEENPWNED.COM
10 NovSecurity Tips and Devices for Digital Nomadssubmitted by c0mmando to netsec 0 points | 0 comments https://web.archive.org/web/20231010234237/https://officercia.mirror.xyz/GX0LvoKDcC12ACXzhT3F_3PVRSfEyhE8cJYMZnoia9U cross-posted from: links.hackliberty.org/post/347993 As a digital nomad, it’s essential to put strong securit…WEB.ARCHIVE.ORG
10 NovFBI Highlights Emerging Initial Access Methods Used by Ransomware GroupsOrganizations should implement security measures such as regular backups, vendor security reviews, strong user account security, and network monitoring to mitigate the risk of ransomware attacks.SECURITYWEEK.COM
10 NovRansomed.vc Gang Claims to Shut Down After Six Affiliates Allegedly ArrestedThe group initially threatened victims with European data breach fines but later offered to sell the entire operation, including domain names, breached company access, and databases.THERECORD.MEDIA
10 NovMGM Resorts Anticipates No Further Disruptions From September CyberattackMGM Resorts is investing $40 million in IT upgrades next year and is facing multiple class-action lawsuits and potential financial losses from legal proceedings related to the attack.CYBERSECURITYDIVE.COM
10 NovNATO Allies Express Support for Collective Response to CyberattacksGermany's National Security Strategy envisions the establishment of a dedicated entity for offensive cyber operations, although it rejects the use of hack-backs as a means of cyber defense.THERECORD.MEDIA
10 NovRussian Hackers Hijacked Power Station Circuit Breakers Using LotL TechniqueIn a recent and alarming development, the notorious Russia-linked threat actor Sandworm executed a sophisticated cyber-physical attack targeting a critical infrastructure organization in Ukraine.  The incident, responded to by cybersecurity firm Mandiant, unfolded as a multi…GBHACKERS.COM
10 NovKyocera AVX Says Ransomware Attack Impacted 39,000 IndividualsThe LockBit ransomware gang claimed responsibility for the breach and leaked stolen data, including passport scans and financial documents, potentially exposing proprietary designs and patented information.BLEEPINGCOMPUTER.COM
10 Nov1.3 Million Maine Residents Impacted by MOVEit HackThe State of Maine says the personal information of 1.3 million individuals was compromised in the MOVEit attack. The post 1.3 Million Maine Residents Impacted by MOVEit Hack appeared first on SecurityWeek .SECURITYWEEK.COM
10 NovRansomware Attack on China’s Biggest Bank Disrupts Treasury Market Trades, Reports SayA ransomware attack on China’s biggest bank, the Industrial and Commercial Bank of China Financial Services, disrupts Treasury market trades. The post Ransomware Attack on China’s Biggest Bank Disrupts Treasury Market Trades, Reports Say appeared first on SecurityWeek .SECURITYWEEK.COM
10 NovRussian Hackers Sandworm Cause Power Outage in Ukraine Amidst Missile StrikesThe notorious Russian hackers known as Sandworm targeted an electrical substation in Ukraine last year, causing a brief power outage in October 2022. The findings come from Google's Mandiant, which described the hack as a "multi-event cyber attack" leveraging a novel technique fo…THEHACKERNEWS.COM
10 NovPotential Data Breach at Chess.com, 800K User Records May Be CompromisedThe leaked data includes critical details such as email addresses, names, usernames, and geographic locations, posing a considerable threat as it is now accessible on the dark web.THECYBEREXPRESS.COM
10 NovMcLaren Health Care says data breach impacted 2.2 million peopleMcLaren Health Care (McLaren) is notifying nearly 2.2 million people of a data breach that occurred between late July and August this year, exposing sensitive personal information. [...]BLEEPINGCOMPUTER.COM
10 NovThe Rise of Ransomware in Healthcare: What IT Leaders Need to KnowRansomware attacks are rapidly becoming the weapon of choice, making up over half of all attacks in the healthcare industry. Learn more from Specops Software on securing your organization from these attacks. [...]BLEEPINGCOMPUTER.COM
10 NovHive Ransomware Resurfaces as Hunters International, Researchers ClaimHunters International focuses on data exfiltration rather than encryption and primarily targets victims in the United States, the UK, Germany, and Namibia, including hospitals.HACKREAD.COM
10 NovRansomed.vc gang claims to shut down after six affiliates allegedly arrestedsubmitted by c0mmando to netsec 1 points | 0 comments https://therecord.media/ransomedvc-claims-shutdown-for-sale A ransomware gang that has claimed attacks on Sony, a Hawaiʻi state government website and a supplier to Colonial Pipeline says it is shutting down after six of its a…THERECORD.MEDIA
10 NovState of Maine Confirms Impact in Global MOVEit CyberattackApproximately 1.3 Million Maine Residents Affected in Sweeping Cyberattack Nearly the entire population of Maine has been affected in a global cyberattack the Russian ransomware gang Clop launched earlier this year that targeted Progress Software's popular MOVEit file transfer se…DATABREACHTODAY.CO.UK
10 NovHackers breach healthcare orgs via ScreenConnect remote accessSecurity researchers are warning that hackers have been are targeting multiple healthcare organizations in the U.S. by abusing the ScreenConnect remote access tool. [...]BLEEPINGCOMPUTER.COM
🕵️ THREAT INTELLIGENCE 19[−]
10 NovPalo Alto buys Talon, the changing world of security exits, 6 Qs to ask your CISO - ESW #339During the news today, we went deep down the rabbithole of discussing security product efficacy. Adrian still doesn't believe in enterprise browsers beyond Google Chrome, but can't deny that Talon got a pretty favorable exit considering the state of the market. We see the first m…YOUTUBE.COM
10 NovRouters Targeted for Gafgyt Botnet [Guest Diary], (Thu, Nov 9th)[This is a Guest Diary by Austin Long, an ISC intern as part of the SANS.edu BACS program] ISC.SANS.EDU
10 NovISC Stormcast For Friday, November 10th, 2023 https://isc.sans.edu/podcastdetail/8740, (Fri, Nov 10th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
10 NovDarknet Diaries podcast 139: D3f4ult - 78 minutessubmitted by ashar to security_cpe 1 points | 0 comments https://infosec.pub/pictrs/image/1641bddb-7589-4b99-935e-22f2aa01453c.png Darknet Diaries podcast 139: D3f4ult This is the story of D3f4ult (twitter.com/_d3f4ult) from CWA. He was a hacktivist, upset with the state of the w…INFOSEC.PUB
10 NovWhatsApp New Privacy Feature Let Users Hide Location During CallsWhatsApp has begun to roll out the ‘Protect IP Address in Calls’ feature, which conceals your IP address during calls. Upon using this feature, all your calls will be relayed through WhatsApp’s servers, protecting your IP address and preventing other callers fro…GBHACKERS.COM
10 NovIran-Linked Imperial Kitten Cyber Group Targeting Middle East's Tech SectorsA group with links to Iran targeted transportation, logistics, and technology sectors in the Middle East, including Israel, in October 2023 amid a surge in Iranian cyber activity since the onset of the Israel-Hamas war. The attacks have been attributed by CrowdStrike to a threat …THEHACKERNEWS.COM
10 NovTaming The Wild West Of LLMs, Nazneen Rajani - The AI Conference 2023submitted by ashar to security_cpe 1 points | 0 comments https://infosec.pub/pictrs/image/0fc95320-34c5-4114-a83d-561ac52341fb.png Taming The Wild West Of LLMs, Nazneen Rajani, Hugging Face The AI Conference 2023 , 54 talksINFOSEC.PUB
10 NovBlueNoroff Hackers Attacking Apple Users with New macOS MalwareA new malware variant is distributed by BlueNordoff APT group, a financially motivated threat group targeting cryptocurrency exchanges, venture capital firms, and banks. This new campaign has similar characteristics to their RustBucket campaign. BlueNoroff was first discovered in…GBHACKERS.COM
10 NovThreat Actors Leverage File-Sharing Service and Reverse Proxies for Credential HarvestingThe use of a reverse proxy in this phishing campaign allows the attackers to bypass multi-factor authentication (MFA) and gain access to victims' Microsoft 365 accounts, leading to further distribution of phishing emails.TRENDMICRO.COM
10 NovThe Privacy Disaster of Modern Smart CarsArticle based on a Mozilla report .SCHNEIER.COM
10 NovImperial Kitten APT Claws at Israeli Organizations with Multiyear Spy EffortAn Iranian hacking group known as Charming Kitten targeted organizations in Israel's transportation, logistics, and technology sectors last month. This increase in Iranian cyber activity coincided with the start of Israel's war with Hamas.DARKREADING.COM
10 Nov[INFOGRAPHIC] Original Research: Cybersecurity Challenges Faced by European Infosec LeadersCybersecurity threats continue to put European organisations of all sizes at risk. Infosec leaders face multi-pronged challenges, from mitigating the threats themselves to managing the budget for vital  cybersecurity training. To investigate this issue further, KnowBe4 commi…KNOWBE4.COM
10 NovSapphire Sleet Hackers Attacking Linkedin Users Based on their ExpertiseIn a recent development, cybersecurity experts have identified a significant shift in the tactics employed by Sapphire Sleet, a notorious threat actor known for cryptocurrency theft through social engineering. Microsoft’s threat intelligence team has been closely monitoring…GBHACKERS.COM
10 Nov'BlazeStealer' Python Malware Allows Complete Takeover of Developer Machinessubmitted by IllNess to securitynews 1 points | 0 comments https://www.darkreading.com/application-security/-blazestealer-python-malware-complete-takeover-developerDARKREADING.COM
10 NovAOL's 92M records database leak in 2003 - A Retroactive Examinationsubmitted by L4s to secops 1 points | 0 comments https://g.livejournal.com/18862.html AOL’s 92M records database leak in 2003 - A Retroactive Examination::Author : pad, x.com/123456 Introducing eGod – Internet Entrepreneur, Reformed Spam Cartel I recently chatted with my friend J…G.LIVEJOURNAL.COM
10 NovFakes, SysAid, Sumo, farnetwork, CPU-Z, Google, Chat-GPT, Aaran Leyland, and More - SWN #341Fakes, Sysaid, Sumo, farnetwork, CPU-Z, Google, Chat-GPT, Aaran Leyland, and More News on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-341YOUTUBE.COM
10 NovMicrosoft: BlueNoroff hackers plan new crypto-theft attacksMicrosoft warns that the BlueNoroff North Korean hacking group is setting up new attack infrastructure for upcoming social engineering campaigns on LinkedIn. [...]BLEEPINGCOMPUTER.COM
10 NovFriday Squid Blogging: The History and Morality of US Squid ConsumptionReally interesting article . As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here .SCHNEIER.COM
10 NovCyber threat intelligence: Getting on the front foot against adversariesBy collecting, analyzing and contextualizing information about possible cyberthreats, including the most advanced ones, threat intelligence offers a critical method to identify, assess and mitigate cyber riskWELIVESECURITY.COM
🌐 CYBER THREAT LANDSCAPE 6[−]
10 NovStealthy Kamran Spyware Targeting Urdu-speaking Users in Gilgit-BaltistanUrdu-speaking readers of a regional news website that caters to the Gilgit-Baltistan region have likely emerged as a target of a watering hole attack designed to deliver a previously undocumented Android spyware dubbed Kamran. The campaign, ESET has discovered, leverages Hunza Ne…THEHACKERNEWS.COM
10 NovRisk Ledger Raises $7.65 Million for Supply Chain Security SolutionThe London-based company offers a collaborative platform that helps organizations identify and mitigate supply chain security risks in real time. The funding will be used to advance product development and deepen partnerships in key industries.SECURITYWEEK.COM
10 NovWhatsApp Introduces New Privacy Feature to Protect IP Address in CallsThe privacy feature builds upon previous measures such as "Silence Unknown Callers" to protect users from unwanted contact and minimize the risk of zero-click attacks and spyware.THEHACKERNEWS.COM
10 NovGoogle Ads Push Malicious CPU-Z App From Fake Windows News SiteWhen users click on the ad, they are redirected to a fake Windows news site, where they are prompted to download a digitally signed CPU-Z installer. This installer contains a malicious PowerShell script known as the 'FakeBat' malware loader.BLEEPINGCOMPUTER.COM
10 NovSpyware disguised as a news app – Week in security with Tony AnscombeThe Urdu version of the Hunza News website offers readers the option to download an Android app – little do they know that the app is actually spywareWELIVESECURITY.COM
🎙️ PODCASTS 1[−]
10 NovCyber Security Today, Week in Review for the week ending Friday, Nov. 10,. 2023This episode features discussion on Okta explanation of a hack, Cloudflare's explanation of a power outage and moreCYBERSECURITYTODAY.LIBSYN.COM
📡 INFOSEC NEWS 7[−]
10 NovGitHub Enhances Security Capabilities With AIGitHub is leveraging AI to enhance its secret scanning program, allowing code maintainers to create custom patterns for detecting organization-specific secrets and improving scanning accuracy.SECURITYWEEK.COM
10 NovThe New 80/20 Rule for SecOps: Customize Where it Matters, Automate the RestThere is a seemingly never-ending quest to find the right security tools that offer the right capabilities for your organization. SOC teams tend to spend about a third of their day on events that don’t pose any threat to their organization, and this has accelerated the adoption o…THEHACKERNEWS.COM
10 NovPredator AI ChatGPT Integration Poses Risk to Cloud ServicesThe hacking tool is distributed through Telegram channels linked to hacking communities and focuses on facilitating web application attacks on commonly used technologies.INFOSECURITY-MAGAZINE.COM
10 NovEU Cyber Resilience Act May Cause Bottlenecks, Companies SayConcerns have been raised about the provision in the act that requires software developers to report vulnerabilities within 24 hours, as it may overwhelm cyber agencies and pose security risks.BANKINFOSECURITY.COM
10 NovSignal Tests Usernames That Keep Your Phone Number PrivateSignal is testing a new feature that allows users to conceal their phone numbers by using public usernames. The feature is currently being tested in a separate staging environment and users can access it by installing pre-beta builds.BLEEPINGCOMPUTER.COM
10 NovHow to lock your screen quickly and easily on Windows and macOS | Kaspersky official blogA few screen-lock methods to quickly and conveniently protect valuable information on your computer against prying eyes.KASPERSKY.COM
10 NovDolly.com Pays Ransom, Attackers Release Data AnywayThe attackers gained access to sensitive company and customer data, including high-level account logins, credit card information, customer addresses, and more, posing a significant risk to Dolly.com and its users.SECURITYAFFAIRS.COM