194Articles
9Categories
2023-11-14Date
🚨 CISA KEV 2[−]
14 Nov KEVCISA Adds Three Known Exploited Vulnerabilities to CatalogCISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2023-36033 Microsoft Windows Desktop Window Manager (DWM) Core Library Privilege Escalation Vulnerability CVE-2023-36025 Microsoft Windows Smart…CISA.GOV
14 Nov KEV#StopRansomware: Rhysida RansomwareSUMMARY Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders detailing various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically ob…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 64[−]
14 NovCVE Watcher: Hunting Down CVEs Before the Patch Dropssubmitted by L4s to secops 1 points | 0 comments https://github.com/Aqua-Nautilus/CVE-Half-Day-Watcher CVE Watcher: Hunting Down CVEs Before the Patch Drops::Contribute to Aqua-Nautilus/CVE-Half-Day-Watcher development by creating an account on GitHub.GITHUB.COM
14 NovCVE-2021-1730 Microsoft Exchange Server Spoofing VulnerabilityUpdated FAQ information. This is an informational change only.MSRC.MICROSOFT.COM
14 NovCVE-2023-36705 Windows Installer Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
14 NovCVE-2023-36560 ASP.NET Security Feature Bypass VulnerabilityInformation published.MSRC.MICROSOFT.COM
14 NovCVE-2023-36427 Windows Hyper-V Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
14 NovCVE-2023-36413 Microsoft Office Security Feature Bypass VulnerabilityInformation published.MSRC.MICROSOFT.COM
14 NovCVE-2023-36558 ASP.NET Core - Security Feature Bypass VulnerabilityInformation published.MSRC.MICROSOFT.COM
14 NovCVE-2023-36408 Windows Hyper-V Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
14 NovCVE-2023-36407 Windows Hyper-V Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
14 NovCVE-2023-36406 Windows Hyper-V Information Disclosure VulnerabilityInformation published.MSRC.MICROSOFT.COM
14 NovCVE-2023-36405 Windows Kernel Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
14 NovCVE-2023-36404 Windows Kernel Information Disclosure VulnerabilityInformation published.MSRC.MICROSOFT.COM
14 NovCVE-2023-36403 Windows Kernel Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
14 NovCVE-2023-36399 Windows Storage Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
14 NovCVE-2023-36398 Windows NTFS Information Disclosure VulnerabilityInformation published.MSRC.MICROSOFT.COM
14 NovCVE-2023-36392 DHCP Server Service Denial of Service VulnerabilityInformation published.MSRC.MICROSOFT.COM
14 NovCVE-2023-36046 Windows Authentication Denial of Service VulnerabilityInformation published.MSRC.MICROSOFT.COM
14 NovCVE-2023-24023 Mitre: CVE-2023-24023 Bluetooth VulnerabilityInformation published.MSRC.MICROSOFT.COM
14 NovCVE-2023-36050 Microsoft Exchange Server Spoofing VulnerabilityInformation published.MSRC.MICROSOFT.COM
14 NovCVE-2023-36039 Microsoft Exchange Server Spoofing VulnerabilityInformation published.MSRC.MICROSOFT.COM
14 NovCVE-2023-36041 Microsoft Excel Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
14 NovCVE-2023-36042 Visual Studio Denial of Service VulnerabilityInformation published.MSRC.MICROSOFT.COM
14 NovCVE-2023-36037 Microsoft Excel Security Feature Bypass VulnerabilityInformation published.MSRC.MICROSOFT.COM
14 NovCVE-2023-36038 ASP.NET Core Denial of Service VulnerabilityInformation published.MSRC.MICROSOFT.COM
14 NovCVE-2023-36035 Microsoft Exchange Server Spoofing VulnerabilityInformation published.MSRC.MICROSOFT.COM
14 NovCVE-2023-36030 Microsoft Dynamics 365 Sales Spoofing VulnerabilityInformation published.MSRC.MICROSOFT.COM
14 NovLockBit ransomware exploits Citrix Bleed in attacks, 10K servers exposedThe Lockbit ransomware attacks use publicly available exploits for the Citrix Bleed vulnerability (CVE-2023-4966) to breach the systems of large organizations, steal data, and encrypt files. [...]BLEEPINGCOMPUTER.COM
14 Nov KEVMicrosoft Warns of Critical Bugs Being Exploited in the WildPatch Tuesday: Redmond’s security response team flags two vulnerabilities -- CVE-2023-36033 and CVE-2023-36036 -- already being exploited in the wild. The post Microsoft Warns of Critical Bugs Being Exploited in the Wild appeared first on SecurityWeek .SECURITYWEEK.COM
14 NovFortinet Releases Security Updates for FortiClient and FortiGateFortinet has released security advisories addressing vulnerabilities in FortiClient and FortiGate. Cyber threat actors may exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Fortinet securi…CISA.GOV
14 NovVMware Releases Security Update for Cloud Director ApplianceVMware has released a security advisory addressing a vulnerability in VMWare Cloud Director Appliance. Cyber threat actors may exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review the following VMware security adviso…CISA.GOV
⚠️ VULNERABILITY DISCLOSURE 42[−]
14 NovACSC and CISA launch step-by-step business continuity instructions for SMBsBusiness Continuity in a Box, a set of instructions to help organizations to maintain or re-establish basic operations during or after a cyber incident, has been published by the Australian Signals Directorate's Australian Cyber Security Centre (ASD's ACSC) and the US Cybersecuri…CSOONLINE.COM
14 Nov KEVCISA Sets a Deadline - Patch Juniper Junos OS Flaws Before November 17The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has given a November 17, 2023, deadline for federal agencies and organizations to apply mitigations to secure against a number of security flaws in Juniper Junos OS that came to light in August. The agency on Monday…THEHACKERNEWS.COM
14 NovCISA Sets a Deadline - Patch Juniper Junos OS Flaws Before November 17Juniper Networks confirmed that successful exploitation of the vulnerabilities can lead to pre-authenticated remote code execution, and recommends disabling J-Web or limiting access to trusted hosts as a workaround.THEHACKERNEWS.COM
14 NovHackers Selling Exploits for Critical Vulnerabilities on the Dark WebDark forums and Telegram channels have become great places for threat actors to sell critical vulnerabilities and exploits. These vulnerabilities and exploits were associated with the Elevation of Privilege, Authentication Bypass, SQL Injection, and Remote Code Execution in produ…GBHACKERS.COM
14 NovAvito - 2,721,835 breached accountsIn November 2022, the Moroccan e-commerce service Avito suffered a data breach that exposed the personal information of 2.7M customers . The data included name, email, phone, IP address and geographic location.HAVEIBEENPWNED.COM
14 NovOpen Source Security Podcast Episode 401 - Security skills shortage -submitted by ashar to security_cpe 1 points | 0 comments https://infosec.pub/pictrs/image/b6a2e67b-8989-4dbe-8fe8-d1832fcf6245.png Open Source Security Podcast Episode 401 - Security skills shortage - We’ve tried nothing and the same thing keeps happening. Josh and Kurt talk abou…INFOSEC.PUB
14 NovPassive SSH Server Private Key Leakage is Real but LimitedCertain devices' SSH connections can be snooped on, allowing attackers to impersonate the equipment and observe users' login details and activities. The vulnerability is caused by errors in signature generation.THEREGISTER.COM
14 NovAs perimeter defenses fall, the identify-first approach steps into the breachBy nearly all accounts, security leaders are increasingly shifting their focus from perimeter defenses such as the long-relied-upon firewall in favor of embracing a zero-trust approach. That, in turn, has put the need for strong identity programs front and center, and more specif…CSOONLINE.COM
14 NovPython Malware Poses DDoS Threat via Docker API MisconfigurationAttackers exploit misconfigurations to deploy a malicious Docker container with Python malware. This malware functions as a DDoS bot agent and carries out various attack methods.INFOSECURITY-MAGAZINE.COM
14 Nov22 Energy Firms Hacked in Largest Coordinated Attack on Denmark’s Critical InfrastructureDenmark’s SektorCERT association shares details on a coordinated attack against the country’s energy sector. The post 22 Energy Firms Hacked in Largest Coordinated Attack on Denmark’s Critical Infrastructure appeared first on SecurityWeek .SECURITYWEEK.COM
14 NovAlert: OracleIV DDoS Botnet Targets Public Docker Engine APIs to Hijack ContainersPublicly-accessible Docker Engine API instances are being targeted by threat actors as part of a campaign designed to co-opt the machines into a distributed denial-of-service (DDoS) botnet dubbed OracleIV. "Attackers are exploiting this misconfiguration to deliver a malicious Doc…THEHACKERNEWS.COM
14 NovEthereum Feature Abused to Steal $60 Million From 99,000 VictimsMalicious actors have been exploiting Ethereum's 'Create2' function to bypass wallet security alerts and steal millions of dollars worth of cryptocurrency from unsuspecting victims.BLEEPINGCOMPUTER.COM
14 NovRedefine IR with the Unit 42 Incident Response Retainer for No CostPalo Alto Networks is introducing a no-cost Unit 42 Incident Response Retainer that reinforces our dedication to being the cybersecurity partner of choice. The post Redefine IR with the Unit 42 Incident Response Retainer for No Cost appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
14 NovHackers Exploiting Create2 to Bypass Wallet Security AlertsRecently, hackers have used the Ethereum network’s CREATE2 opcode to bypass wallet security alarms in certain wallets.  Using Create2’s pre-calculation feature, the Drainers can produce unique addresses for every malicious signature. After the victim signs t…GBHACKERS.COM
14 NovNothing new, still broken, insecure by default since then: Python's e-mail libraries and certificate verification and how it affected open source projectssubmitted by L4s to secops 1 points | 0 comments https://www.pentagrid.ch/en/blog/python-mail-libraries-certificate-verification/ Nothing new, still broken, insecure by default since then: Python’s e-mail libraries and certificate verification and how it affected open source proj…PENTAGRID.CH
14 NovDenmark Hit With Largest Cyberattack on Record by Exploiting Firewall VulnerabilitiesHackers linked to the Russian GRU targeted Danish critical infrastructure, exploiting vulnerabilities in Zyxel firewalls and demonstrating meticulous planning and coordination.BANKINFOSECURITY.COM
14 Nov[Holiday Resource Kit] The Holiday Season is Here. How Are You Staying Cyber Safe?It's the busiest time of year for everyone, especially cybercriminals. They know surges in online shopping, holiday travel and time constraints can make it easier to catch users off their guard with relevant schemes. This makes one of the busiest times of year one of the most imp…KNOWBE4.COM
14 NovBuilding a People-Centric Security Program - Cathy Olsen - CSP #148In security, we can get buried in the tools, standards, issues and risks. But an effective security program is built upon people, process, and technology. Let's talk about how you can approach your security program in a way that is focused on the people who use and manage your co…YOUTUBE.COM
14 NovCode-to-cloud: Achieving complete cloud securityIn the last decade, the technology industry experienced a massive shift toward the cloud where every company no matter the industry developed and deployed cloud-native applications. This pace shows no sign of stopping; we have an app economy - now bolstered by AI-led developments…CSOONLINE.COM
14 Nov"In a first, cryptographic keys protecting SSH connections stolen in new attack"submitted by indepndnt to cybersecurity 1 points | 0 comments https://arstechnica.com/security/2023/11/hackers-can-steal-ssh-cryptographic-keys-in-new-cutting-edge-attack/ I read most of this article trying to determine if I was impacted, so to save you the trouble: The researche…ARSTECHNICA.COM
14 NovCISA Releases Two Industrial Control Systems AdvisoriesCISA released two Industrial Control Systems (ICS) advisories on November 14, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-318-01 AVEVA Operations Control Logger ICSA-23-318-02 Rockwell Aut…CISA.GOV
14 NovFuzzing Strategies, Responding to CISA's Open Source Security RFI, 35 Year Old Worm - ASW #263CNCF's releases a handbook on fuzzing, OpenSSF and OWASP respond to CISA's Open Source Software Security RFI, 14 years of Go, lessons for today from an internet worm from 35 years ago, and more! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: htt…YOUTUBE.COM
14 NovCISA Releases Roadmap for Artificial Intelligence AdoptionToday, CISA released its Roadmap for Artificial Intelligence —in alignment with White House Executive Order 14110: Safe, Secure, And Trustworthy Development and Use of Artificial Intelligence —to outline a comprehensive set of actions CISA will take along five lines of effort: Re…CISA.GOV
14 NovMicrosoft guidance regarding credentials leaked to GitHub Actions Logs through Azure CLISummary Summary The Microsoft Security Response Center (MSRC) was made aware of a vulnerability where Azure Command-Line Interface (CLI) could expose sensitive information, including credentials, through GitHub Actions logs. The researcher, from Palo Alto’s Prisma Cloud, found th…MSRC.MICROSOFT.COM
14 NovMicrosoft fixes critical Azure CLI flaw that leaked credentials in logsMicrosoft has fixed a critical security vulnerability that could let attackers steal credentials from GitHub Actions or Azure DevOps logs created using Azure CLI (short for Azure command-line interface). [...]BLEEPINGCOMPUTER.COM
14 NovRoyal Ransomware Rebrands as BlackSuit - Warn FBI and CISAThe Royal ransomware gang, now known as BlackSuit, has undergone a strategic rebranding, unveiled in a joint advisory by CISA and the FBI. This shift, observed since November 2022, involves advanced encryption methods and sophisticated attack vectors, emphasizing the exploitation…CYWARE.COM
14 NovMicrosoft November 2023 Patch Tuesday fixes 5 zero-days, 58 flawsToday is Microsoft's November 2023 Patch Tuesday, which includes security updates for a total of 58 flaws and five zero-day vulnerabilities. [...]BLEEPINGCOMPUTER.COM
14 NovMicrosoft Patch Tuesday November 2023, (Tue, Nov 14th)Today, Microsoft released patches for 64 different vulnerabilities in Microsoft products, 14 vulnerabilities in Chromium affecting Microsoft Edge, and five vulnerabilities affecting Microsoft&#;x26;#;39;s Linux distribution, Mariner. Three of these vul…ISC.SANS.EDU
14 Nov1 Out of Every 34 Organizations Worldwide Have Experienced an Attempted Ransomware AttackWith organizations globally experiencing an increase in attempted ransomware attacks year over year, new data shows how the global average isn’t even the worst news.KNOWBE4.COM
14 NovCritical Patches Issued for Microsoft Products, November 14, 2023Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, o…CISECURITY.ORG
14 NovResearchers Uncover Info-Stealing Campaign Targeting Gaming CommunityA targeted campaign against the gaming community exploits Discord channels and fake download sites to distribute types of information-stealing malware. Multiple information stealer families, including BBy Stealer, Nova Sentinel, Doenerium, and Epsilon Stealer, were identified. To…CYWARE.COM
14 NovMisconfigured Docker API endpoints allow attackers to deliver DDoS botnet agentA new attack campaign deploys malicious container images on cloud servers by exploiting insecure Docker Engine API endpoints. The malicious image contains a distributed denial-of-service (DDoS) botnet implant written in Python. “Once a valid endpoint is discovered, it's trivial t…CSOONLINE.COM
14 NovHackers are exploiting ‘CitrixBleed’ bug in the latest wave of mass cyberattacksSecurity researchers say hackers are mass-exploiting a critical-rated vulnerability in Citrix NetScaler systems to launch crippling cyberattacks against big-name organizations worldwide. These cyberattacks have so far included aerospace giant Boeing; the world’s biggest ban…TECHCRUNCH.COM
14 NovNew CacheWarp AMD CPU attack lets hackers gain root in Linux VMsA new software-based fault injection attack, CacheWarp, can let threat actors hack into AMD SEV-protected virtual machines by targeting memory writes to escalate privileges and gain remote code execution. [...]BLEEPINGCOMPUTER.COM
14 NovMicrosoft Releases October 2023 Security UpdatesMicrosoft has released updates addressing multiple vulnerabilities in Microsoft software. A cyber threat actor can exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s November 2023 Security Up…CISA.GOV
14 NovAdobe Releases Security Updates for Multiple ProductsAdobe has released security updates to address vulnerabilities affecting multiple Adobe products. A cyber threat actor could exploit some of these vulnerabilities to take control of affected system. CISA encourages users and administrators to review the following advisories and a…CISA.GOV
14 NovCritical Authentication Bypass Flaw in VMware Cloud Director ApplianceVMware flaw carries a CVSS severity-score of 9.8/10 and can be exploited to bypass login restrictions when authenticating on certain ports. The post Critical Authentication Bypass Flaw in VMware Cloud Director Appliance appeared first on SecurityWeek .SECURITYWEEK.COM
14 NovVMWare discloses critical VCD Appliance auth bypass with no patchVMware disclosed a critical and unpatched authentication bypass vulnerability affecting Cloud Director appliance deployments. [...]BLEEPINGCOMPUTER.COM
14 NovMicrosoft Patch Tuesday, November 2023 EditionMicrosoft today released updates to fix more than five dozen security holes in its Windows operating systems and related software, including three "zero day" vulnerabilities that Microsoft warns are already being exploited in active attacks.KREBSONSECURITY.COM
14 NovNew Reptar CPU flaw impacts Intel desktop and server systemsIntel has fixed a high-severity CPU vulnerability in its modern desktop, server, mobile, and embedded CPUs, including the latest Alder Lake, Raptor Lake, and Sapphire Rapids microarchitectures. [...]BLEEPINGCOMPUTER.COM
14 NovWP Fastest Cache plugin bug exposes 600K WordPress sites to attacksThe WordPress plugin WP Fastest Cache is vulnerable to an SQL injection vulnerability that could allow unauthenticated attackers to read the contents of the site's database. [...]BLEEPINGCOMPUTER.COM
📋 SECURITY BULLETINS 3[−]
14 NovICS Patch Tuesday: 90 Vulnerabilities Addressed by Siemens and Schneider ElectricSiemens and Schneider Electric’s Patch Tuesday advisories for November 2023 address 90 vulnerabilities affecting their products. The post ICS Patch Tuesday: 90 Vulnerabilities Addressed by Siemens and Schneider Electric appeared first on SecurityWeek .SECURITYWEEK.COM
14 NovWindows 11 KB5032190 update enables Moment 4 features for everyoneMicrosoft has released the KB5032190 cumulative update to fix security vulnerabilities in Windows 11. This is the first Patch Tuesday update with access to Windows 11 Moment 4 features, provided you turn on the "Get latest updates" toggle. [...]BLEEPINGCOMPUTER.COM
14 NovAdobe Patch Tuesday: Critical Bugs in Acrobat, Reader, ColdFusionAdobe patches 72 security bugs and calls special attention to code-execution defects in the widely deployed Acrobat and Reader software. The post Adobe Patch Tuesday: Critical Bugs in Acrobat, Reader, ColdFusion appeared first on SecurityWeek .SECURITYWEEK.COM
📢 SECURITY ADVISORIES 17[−]
14 NovRoyal Ransomware Possibly Rebranding After Targeting 350 Organizations WorldwideCISA says Royal ransomware has targeted 350 organizations to date, demanding over $275 million in ransoms. The post Royal Ransomware Possibly Rebranding After Targeting 350 Organizations Worldwide appeared first on SecurityWeek .SECURITYWEEK.COM
14 NovNew CISA AI Road Map Charts Course for Responsible AdoptionAgency Aims to Take a Leadership Role in Government Adoption of Responsible AI The U.S. Cybersecurity and Infrastructure Security Agency has released a road map for artificial intelligence after an October executive order tasked the Department of Homeland Security with assisting …DATABREACHTODAY.CO.UK
14 Nov1touch.io Snags Ex-Bugcrowd CEO Ashish Gupta to Add ProductsGupta to Form Workflows for Data Discovery, Classification, Privacy and Compliance 1touch.io tapped longtime Bugcrowd leader Ashish Gupta as its next CEO to help the data intelligence startup address proactive use cases around data-enabled processes. Gupta will continue building …DATABREACHTODAY.CO.UK
🔥 INCIDENT REPORTING 18[−]
14 NovLockbit Ransomware Cripples Australian Ports, Chinese Banksubmitted by Ultra_Unlimited to securitynews 1 points | 0 comments https://www.ultra-unlimited.com/blog/lockbit-ransomware-cripples-australia-ports-chinese-bankULTRA-UNLIMITED.COM
14 NovAgainst the Clock: Cyber Incident Response PlanConventional wisdom says most organizations will experience a cybersecurity breach at some point—if they haven’t already. That makes having a ready-to-launch incident response process crucial when an attack is detected, as this fictionalized scenario shows.TRENDMICRO.COM
14 NovUpskill to Combat the Ransomware Threatsubmitted by Ultra_Unlimited to cybersecurity 1 points | 0 comments https://www.ultra-unlimited.com/blog/upskill-to-combat-the-ransomware-threatULTRA-UNLIMITED.COM
14 NovUpdate: Henry Schein Says Customer Data Breached in Cyber IncidentCustomer bank accounts and credit card numbers may have been affected, as well as the bank account information of some suppliers. The incident primarily affected the company's dental and medical distribution operations in North America and Europe.CYBERSECURITYDIVE.COM
14 NovDragos Says No Evidence of Breach After Ransomware Gang Claims Hack via Third PartyThis is not the first time false claims have been made against Dragos by ransomware groups. In May, Dragos confirmed a limited data breach, but the extortion scheme failed.SECURITYWEEK.COM
14 NovUS Agencies Warn Royal Ransomware Gang May Rebrand as ‘BlackSuit’There are indications that Royal may be preparing for a re-branding effort and/or a spinoff variant. Blacksuit ransomware shares a number of identified coding characteristics similar to Royal.CISA.GOV
14 NovRansomware Attack on Ohio City Impacts Multiple ServicesThe ransomware attack on the city of Huber Heights, Ohio, affected various city divisions but not public safety services. City services are expected to be down for at least a week, and residents are advised to check the city website for updates.THERECORD.MEDIA
14 NovThe Importance of Continuous Security Monitoring for a Robust Cybersecurity StrategyIn 2023, the global average cost of a data breach reached $4.45 million. Beyond the immediate financial loss, there are long-term consequences like diminished customer trust, weakened brand value, and derailed business operations. In a world where the frequency and cost of data b…THEHACKERNEWS.COM
14 NovDP World Cyberattack Blocks Thousands of Containers in Australian PortsDP World is working to restore normal operations and investigate the possibility of data access and theft, engaging with cybersecurity experts and the Office of the Australian Information Commissioner.BLEEPINGCOMPUTER.COM
14 NovThe evolution of ransomware: Lessons for the futureRansomware has been part of the cyber crime ecosystem since the late 1980s and remains a major threat in the cyber landscape today. Evolving ransomware attacks are becoming increasingly more sophisticated as threat actors leverage vulnerabilities, social engineering and insider t…SECURITYINTELLIGENCE.COM
14 NovCanadian Banking Tech Giant Moneris Says It Prevented Ransomware AttackThe Medusa ransomware gang demanded a $6 million ransom, but Moneris stated that its security team stopped access to critical data and no ransom request was made. The company didn't disclose when the breach was attempted or whether it paid a ransom.THERECORD.MEDIA
14 NovVietnamese Hackers Using New Delphi-Powered Malware to Target Indian MarketersThe attackers utilize deceptive tactics, such as sending archive files disguised as PDFs, to trick victims into launching malicious executables and gain unauthorized access to their accounts.THEHACKERNEWS.COM
14 NovLockBit hackers publish 43GB of stolen Boeing data following cyber attackAerospace giant refused to give in to ransom demands following a cyber attack late last monthCSHUB.COM
14 NovPharmacy provider Truepill data breach hits 2.3 million customersPostmeds, doing business as 'Truepill,' is sending notifications of a data breach informing recipients that threat actors accessed their sensitive personal information. [...]BLEEPINGCOMPUTER.COM
14 NovUK Cybersecurity Center Says ‘Deepfakes’ and Other AI Tools Pose a Threat to the Next ElectionBritain’s cybersecurity agency said that artificial intelligence poses a threat to the country’s next election, and cyberattacks by hostile countries and their proxies are getting harder to track. The post UK Cybersecurity Center Says ‘Deepfakes’ and Other AI Tools Pose a Threat …SECURITYWEEK.COM
14 NovTruepill Mail-Order Pharmacy Hack Affects Nearly 2.4 Million6 Data Breach Have Been Filed Against the Company in the Past Week A virtual pharmacy and mail-order prescription drug firm is notifying about 2.36 million patients of a hacking incident that compromised their sensitive information. In the past week, attorneys have filed at least…DATABREACHTODAY.CO.UK
14 NovUK NSCS Highlights Risks to Critical InfrastructureAgency Underscores Risks From Ransomware, State-Aligned Hacking, China and AI The risk of critical infrastructure hacking in the United Kingdom likely grew in the last year, says the national cybersecurity agency, citing a slew of high-profile ransomware attacks. Russia's invasio…DATABREACHTODAY.CO.UK
🕵️ THREAT INTELLIGENCE 26[−]
14 NovISC Stormcast For Tuesday, November 14th, 2023 https://isc.sans.edu/podcastdetail/8744, (Tue, Nov 14th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
14 NovVietnamese Hackers Using New Delphi-Powered Malware to Target Indian MarketersThe Vietnamese threat actors behind the Ducktail stealer malware have been linked to a new campaign that ran between March and early October 2023, targeting marketing professionals in India with an aim to hijack Facebook business accounts. "An important feature that sets it apart…THEHACKERNEWS.COM
14 NovHacking CI/CD Pipelines: Some Use Cases For Hacking CI/CD Orchestrators - Mauricio Cano - WASP Netherlands - 36 minutessubmitted by ashar to security_cpe 1 points | 0 comments https://infosec.pub/pictrs/image/89e469e9-5588-401f-b437-fb398a2cc208.png Hacking CI/CD Pipelines: Some Use Cases For Hacking CI/CD Orchestrators - Mauricio Cano - OWASP Netherlands Abstract: In this talk, we will discuss t…INFOSEC.PUB
14 NovNew Campaign Targets Middle East Governments with IronWind MalwareGovernment entities in the Middle East are the target of new phishing campaigns that are designed to deliver a new initial access downloader dubbed IronWind. The activity, detected between July and October 2023, has been attributed by Proofpoint to a threat actor it tracks under …THEHACKERNEWS.COM
14 NovHow .tk Became a TLD for ScammersSad story of Tokelau, and how its top-level domain “became the unwitting host to the dark underworld by providing a never-ending supply of domain names that could be weaponized against internet users. Scammers began using .tk websites to do everything from harvesting passwo…SCHNEIER.COM
14 NovPyPI Packages Found to Expose Thousands of SecretsGitGuardian discovered roughly 4,000 secrets in nearly 3,000 PyPI packages, including Azure, AWS, and GitHub keys. The post PyPI Packages Found to Expose Thousands of Secrets appeared first on SecurityWeek .SECURITYWEEK.COM
14 NovHacker Conversations: Chris Wysopal, AKA Weld PondChris Wysopal is the founder and CTO of Veracode. Two decades ago, he was better known as Weld Pond, a member of the hacker collective L0pht Heavy Industries. The post Hacker Conversations: Chris Wysopal, AKA Weld Pond appeared first on SecurityWeek .SECURITYWEEK.COM
14 NovGoogle Suing Cybercriminals Who Delivered Malware via Fake Bard DownloadsGoogle files a lawsuit against cybercriminals who delivered account-hijacking malware by offering fake Bard AI downloads. The post Google Suing Cybercriminals Who Delivered Malware via Fake Bard Downloads appeared first on SecurityWeek .SECURITYWEEK.COM
14 NovWebinar Today: Using Governance and Privilege to Gain Control Over Third-Party AccessLearn how to create more trust in your third party relationships by adding sustainable processes and tools that enable you to control access. The post Webinar Today: Using Governance and Privilege to Gain Control Over Third-Party Access appeared first on SecurityWeek .SECURITYWEEK.COM
14 NovTop 10 API Security Threats for Q3 2023New report provides a detailed look into the ever-changing threats targeting APIs. The post Top 10 API Security Threats for Q3 2023 appeared first on SecurityWeek .SECURITYWEEK.COM
14 NovTraining Tuesday - Discussions for certs, training and learning-at-homesubmitted by shellsharks to cybersecurity 1 points | 0 comments Weekly thread to discuss industry certifications, trainings and other courses/learning. Ask questions, share your experiences and help others!INFOSEC.PUB
14 NovLogShield: A New Framework that Detects the APT Attack PatternsThere have been several cases of GPT model-based detection for various attacks from system logs. However, there has been no dedicated framework for detecting APTs as they use a low and slow approach to compromise the systems. Security researchers have recently unveiled a cutting-…GBHACKERS.COM
14 NovRadiant Snags $15 Million for AI-Powered SOC TechnologyRadiant Security gets $15 million in new financing as investors double down on early stage companies experimenting with AI technology. The post Radiant Snags $15 Million for AI-Powered SOC Technology appeared first on SecurityWeek .SECURITYWEEK.COM
14 NovWhat Does PCI DSS 4.0 Mean for API?Payment Card Industry Data Security Standard or PCI DSS 4.0 was released in May 2022 by the PCI Security Standards Council (PCI SSC). After using PCI DSS 3.2.1 for several years, PCI DSS 4.0 is the latest security standard version designed to protect credit cards, ensuring their …GBHACKERS.COM
14 NovMeet the Unique New "Hacking" Group: AlphaLockA Russian hacking group known as AlphaLock is launching a "pentest" marketplace and training platform to empower a new generation of threat actors. Learn more from Flare about the new hacking group. [...]BLEEPINGCOMPUTER.COM
14 NovMySQL Servers, Docker Hosts Infected With DDoS MalwareResearchers warn attackers are targeting MySQL servers and Docker hosts to plant malware capable of launching distributed DDoS attacks. The post MySQL Servers, Docker Hosts Infected With DDoS Malware appeared first on SecurityWeek .SECURITYWEEK.COM
14 NovCybertruck, Solarwinds, Bitcoin, Docker, Ducktail, Experian, More News and Jason Wood – SWN #342Cybertruck, Solarwinds, #Bitcoin, Docker, Ducktail, #Experian, More News and Jason Wood, on this edition of the Security Weekly News. →Watch Live Here: https://securityweekly.com/live →Subscribe to our podcasts: https://securityweekly.com/subscribe →Join our community Discord: ht…YOUTUBE.COM
14 NovHow 2023 Changed Application Security and What’s to Come in 2024 - Karl Triebes - ASW #263In the rapidly evolving landscape of application security, 2023 brought significant changes with the rise of generative AI tools and an increase in automated threats. In this discussion, Karl Triebes takes a deep dive into the major trends of the past year, examining their impact…YOUTUBE.COM
14 NovUpcoming Speaking EngagementsThis is a current list of where and when I am scheduled to speak: I’m speaking at the AI Summit New York on December 6, 2023. The list is maintained on this page .SCHNEIER.COM
14 NovCybertruck, Solarwinds, Bitcoin, Docker, Ducktail, Experian, More News and Jason Wood - SWN #342Cybertruck, Solarwinds, Bitcoin, Docker, Ducktail, Experian, More News and Jason Wood, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-342 00:00 - Security Weekly News 02…YOUTUBE.COM
14 NovProtected Virtual Machines Exposed to New ‘CacheWarp’ AMD CPU AttackCacheWarp is a new attack method affecting a security feature present in AMD processors that can pose a risk to virtual machines. The post Protected Virtual Machines Exposed to New ‘CacheWarp’ AMD CPU Attack appeared first on SecurityWeek .SECURITYWEEK.COM
14 NovZip Raises $7.7 Million to Expand SMB Cybersecurity BusinessNew York City and Washington DC-based startup Zip Security raised $7.7 million seed financing led by General Catalyst, co-led by Human Capital, and with participation from Box Group. The post Zip Raises $7.7 Million to Expand SMB Cybersecurity Business appeared first on SecurityW…SECURITYWEEK.COM
14 NovOnline Scammer Poses as Skype, Swindles Victims Through Cryptocurrency ScamResearchers at SlowMist describe a phishing campaign that’s distributing a phony version of Skype in order to steal cryptocurrency, Cointelegraph reports. The malicious app was likely developed by Chinese cybercriminals.KNOWBE4.COM
14 NovNews alert: 1touch.io names former Bugcrowd chief Ashish Gupta as CEO and PresidentNew York, New York, Nov. 14, 2023 — 1touch.io , a pioneer in sensitive data intelligence, today announced Ashish Gupta as its new Chief Executive Officer and President. Gupta will also join the 1touch.io Board of Directors. Previously, he served … (more…)LASTWATCHDOG.COM
14 NovNews alert: Vaultinum rolls out ‘Timestamping’ solution to enhance promotional price transparencyLondon, 14 Nov. 2023 – Vaultinum , a leading provider of technology due diligence and audit solutions announced today the launch of a certified Timestamping offer, enabling the creation of traceable digital proofs. Among other uses, Vaultinum’s Timestamping solution w…LASTWATCHDOG.COM
🌐 CYBER THREAT LANDSCAPE 5[−]
14 NovA Closer Look at ChatGPT's Role in Automated Malware CreationThis blog entry explores the effectiveness of ChatGPT's safety measures, the potential for AI technologies to be misused by criminal actors, and the limitations of current AI models.TRENDMICRO.COM
14 NovUpdate: Israel Warns of BiBi Wiper Attacks Targeting Linux and WindowsThe data wiping malware overwrites files, deletes system snapshots, and disables recovery options, making data recovery difficult and rendering affected systems unusable.BLEEPINGCOMPUTER.COM
14 NovRegion 3 in ActionKeep up with Region 3 as they work together with stakeholders across the critical infrastructure sectors!CISA.GOV
14 NovOn Point: Bridging the Gap Between TSPs and Tech ProvidersHow TSPs' Cybersecurity Demands Affect Telecommunications Technology Providers In today's hyper-connected world, telecommunication service providers play a pivotal role in ensuring seamless communication, data transfer and collaboration for businesses. But the evolving threat lan…DATABREACHTODAY.CO.UK
14 NovIPStorm botnet with 23,000 proxies for malicious traffic dismantledThe U.S. Department of Justive announced today that Federal Bureau of Investigation took down the network and infrastructure of a botnet proxy service called IPStorm. [...]BLEEPINGCOMPUTER.COM
📡 INFOSEC NEWS 17[−]
14 NovNoticing command and control channels by reviewing DNS protocols, (Mon, Nov 13th)Malicious software pieces installed in computers call home. Some of them can be noticed because they perform DNS lookup and some of them initiates connection without DNS lookup. For this last option, this is abnormal and can be noticed by any Network Detection and Response (NDR) …ISC.SANS.EDU
14 NovCrooks Leverage Google Quiz Messages as Part of Crypto ScamA recent cryptocurrency scam used Google Forms quizzes to direct recipients to a fake website, where they were instructed to pay an "exchange fee" in Bitcoin to claim a large sum of money.THERECORD.MEDIA
14 NovIntel Faces 'Downfall' Bug LawsuitThe complaint alleges that Intel knew about the faulty instructions that led to the recent "Downfall" bug years before it released a fix. The lawsuit raises questions about whether Intel's negligence could be considered a legal offense.DARKREADING.COM
14 NovThe Song Remains the Same: The 2023 Active Adversary Report for Security PractitionersThe remarkable decline in attacker dwell time is now well-documented, but what does that mean for those doing the hands-on work of infosecurity?SOPHOS.COM
14 NovNew Active Adversary Defense capabilities with Sophos Firewall, Sophos XDR, and Sophos NDRNew capabilities to further enable organizations to defend against active adversaries.SOPHOS.COM
14 NovCI/CD Risks: Protecting Your Software Development PipelinesHave you heard about Dependabot? If not, just ask any developer around you, and they'll likely rave about how it has revolutionized the tedious task of checking and updating outdated dependencies in software projects. Dependabot not only takes care of the checks for you, but also…THEHACKERNEWS.COM
14 NovTA402 Uses Complex IronWind Infection Chains to Target Middle East-Based Government EntitiesTA402 has recently employed a new initial access downloader called IronWind, using various infection chains and delivery methods such as Dropbox links, XLL and RAR file attachments, in order to evade detection.PROOFPOINT.COM
14 NovWindows 10 KB5032189 update released with 11 improvementsMicrosoft has released the KB5032189 cumulative update for Windows 10 21H2 and Windows 10 22H2, which contains eleven fixes for various issues. [...]BLEEPINGCOMPUTER.COM
14 Nov100 Quarters of Profitability: Insights from a TrenderLearn what 100 straight quarters of profitability means to a Trender who has been here for every one of them.TRENDMICRO.COM
14 NovWhere Cybersecurity Starts in Region 2On the Ground and Under the Sea: Where Cybersecurity Starts in Region 2CISA.GOV
14 NovLevel up! These games will make learning about cybersecurity funDiscover six games that will provide valuable knowledge while turning learning about digital security into an enjoyable and rewarding adventureWELIVESECURITY.COM