🚨 CISA KEV 1[−]
15 Nov KEVScattered SpiderSUMMARY The Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint Cybersecurity Advisory (CSA) in response to recent activity by Scattered Spider threat actors against the commercial facilities sectors and subse…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 9[−]
15 NovCacheWarp Attack: New Vulnerability in AMD SEV Exposes Encrypted VMsA group of academics has disclosed a new "software fault attack" on AMD's Secure Encrypted Virtualization (SEV) technology that could be potentially exploited by threat actors to infiltrate encrypted virtual machines (VMs) and even perform privilege escalation. The attack has bee…THEHACKERNEWS.COM
15 NovUrgent: VMware Warns of Unpatched Critical Cloud Director VulnerabilityVMware is warning of a critical and unpatched security flaw in Cloud Director that could be exploited by a malicious actor to get around authentication protections. Tracked as CVE-2023-34060 (CVSS score: 9.8), the vulnerability impacts instances that have been upgraded to version…THEHACKERNEWS.COM
15 NovReptar: New Intel CPU Vulnerability Impacts Multi-Tenant Virtualized EnvironmentsIntel has released fixes to close out a high-severity flaw codenamed Reptar that impacts its desktop, mobile, and server CPUs. Tracked as CVE-2023-23583 (CVSS score: 8.8), the issue has the potential to "allow escalation of privilege and/or information disclosure and/or denial of…THEHACKERNEWS.COM
15 NovWP Fastest Cache Plugin Bug Exposes 600K WordPress Sites to AttacksThe SQL injection vulnerability, tracked as CVE-2023-6063 and with a high-severity score of 8.6, can be exploited by manipulating a cookie value to execute unauthorized SQL queries. Over 600,000 websites are still running the vulnerable plugin.BLEEPINGCOMPUTER.COM
15 NovVMware Discloses Critical VCD Appliance Authentication Bypass With No PatchVMware has disclosed a critical authentication bypass vulnerability (CVE-2023-34060) affecting its Cloud Director appliance deployments. The flaw only affects upgraded versions of the VCD Appliance 10.5.BLEEPINGCOMPUTER.COM
15 NovNew Intel CPU Vulnerability ‘Reptar’ Can Allow DoS Attacks, Privilege EscalationA new Intel CPU vulnerability tracked as Reptar and CVE-2023-23583 can be exploited for DoS attacks and possibly privilege escalation. The post New Intel CPU Vulnerability ‘Reptar’ Can Allow DoS Attacks, Privilege Escalation appeared first on SecurityWeek .SECURITYWEEK.COM
15 NovNew PoC Exploit for Apache ActiveMQ Flaw Could Let Attackers Fly Under the RadarCybersecurity researchers have demonstrated a new technique that exploits a critical security flaw in Apache ActiveMQ to achieve arbitrary code execution in memory. Tracked as CVE-2023-46604 (CVSS score: 10.0), the vulnerability is a remote code execution bug that could permit a …THEHACKERNEWS.COM
15 NovCISA, FBI, and MS-ISAC Release Advisory on Rhysida RansomwareToday, the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released a joint Cybersecurity Advisory (CSA), #StopRansomware: Rhysida Ransomware , to disseminate…CISA.GOV
15 NovIntel patches high-severity CPU privilege escalation flawIntel has released microcode updates for several generations of mobile, desktop, and server CPUs to fix a vulnerability that can be exploited to trigger at the very least a denial-of-service condition, but potentially privilege escalation and information disclosure. The flaw can …CSOONLINE.COM
⚠️ VULNERABILITY DISCLOSURE 27[−]
15 NovAlert: Microsoft Releases Patch Updates for 5 New Zero-Day VulnerabilitiesMicrosoft has released fixes to address 63 security bugs in its software for the month of November 2023, including three vulnerabilities that have come under active exploitation in the wild. Of the 63 flaws, three are rated Critical, 56 are rated Important, and four are rated Mod…THEHACKERNEWS.COM
15 NovGUEST ESSAY: An assessment of how ‘Gen-AI’ has begun to transform DevSecOpsCombining DevSecOps with Generative Artificial Intelligence (Gen-AI) holds the potential to transform both software development and cybersecurity protocols. Related: The primacy of DevSecOps Through harnessing the power of Generative AI, enterprises can usher in a new era of DevS…LASTWATCHDOG.COM
15 NovUnderstanding OWASP’s Bill of Material Maturity Model: Not all SBOMs are created equalThe exponential growth of software supply chain attacks has triggered an industrywide push for increased transparency around the provenance and content of the programs and code that are brought into today's systems. One artifact playing a critical role in that increased transpare…CSOONLINE.COM
15 NovGoogle warns of surge in generative AI-enhanced attacks, zero-day exploit use in...Generative AI will be used to enhance social engineering with more zero-day vulnerabilities employed by nation-state attackers and cyber crime groupsCSHUB.COM
15 NovAcuity - 14,055,729 breached accountsIn mid-2020, a 437GB corpus of data attributed to an entity named "Acuity" was created and later extensively distributed . However, the source could not be confidently verified as any known companies named Acuity. The data totalled over 14M unique email addresses with e…HAVEIBEENPWNED.COM
15 Nov KEVMicrosoft Releases Patch Updates for Five New Zero-Day VulnerabilitiesThe three actively exploited zero-day vulnerabilities, including a Windows SmartScreen bypass and privilege escalation flaws, emphasize the need for users to exercise caution when interacting with internet shortcuts and hyperlinks.THEHACKERNEWS.COM
15 NovNew Reptar CPU Flaw Impacts Intel Desktop and Server SystemsGoogle researchers independently discovered the vulnerability and identified "very strange behavior" related to how redundant prefixes are interpreted by the CPU, leading to potential security bypasses.BLEEPINGCOMPUTER.COM
15 NovMillions of Cryptocurrency Wallets Found Affected by Randstorm FlawMillions of browser-based cryptocurrency wallets face a potential $1 billion theft risk due to the Randstorm vulnerability in Bitcoin JS 0.13, affecting wallets created between 2011 and 2015. Notable affected vendors include Blockchain.com, Bitgo, and BitPay, prompting recommenda…CYWARE.COM
15 NovCryptocurrency Wallets Might be Vulnerable to ‘Randstorm’ Flaw in Bitcoin JavaScript LibraryThe vulnerability, known as "Randstorm," is a result of programming mistakes and weaknesses in random number generation in the BitcoinJS library, making Bitcoin private keys more vulnerable to attacks.TECHTARGET.COM
15 NovSAP Patches Critical Vulnerability in Business One ProductSAP released a hotfix for a critical-severity improper access control vulnerability in Business One product installation. The post SAP Patches Critical Vulnerability in Business One Product appeared first on SecurityWeek .SECURITYWEEK.COM
15 Nov KEVAnother Bunch Of Fixes For Microsoft Security Bugs Exploited In The WildPACKETSTORMSECURITY.COM
15 NovReptar: an Intel Ice Lake CPU vulnerability, by Tavis Ormandysubmitted by L4s to secops 1 points | 0 comments https://lock.cmpxchg8b.com/reptar.html Reptar: an Intel Ice Lake CPU vulnerability, by Tavis Ormandy::undefinedLOCK.CMPXCHG8B.COM
15 NovSecurity of AMD's Trusted Execution Environment Undone by Cache MeddlingResearchers have discovered a vulnerability named CacheWarp in AMD's SEV trusted execution environment, which can lead to arbitrary code execution, exposure of sensitive data, or privilege escalation within a guest VM.THEREGISTER.COM
15 NovFor top cybersecurity talent, companies pay over $500,000: ReportCISOs have a huge amount to consider when trying to align their plans with those of the broader organization, if they hope to hang on to their top talent. To keep pace, according to a survey released today by security analysis firm IANS and headhunting firm Artico, recommend keep…CSOONLINE.COM
15 NovMicrosoft Patches Sensitive Information Disclosure Vulnerability in Azure CLIMicrosoft provided guidance on an Azure CLI bug leading to the exposure of sensitive information through GitHub Actions logs. The post Microsoft Patches Sensitive Information Disclosure Vulnerability in Azure CLI appeared first on SecurityWeek .SECURITYWEEK.COM
15 NovFile-Transfer Services, Rich With Sensitive Data, are Under AttackCompliance requirements drive the use of these services, making them attractive targets for ransomware groups looking to exploit the systems used for sending sensitive data.CYBERSECURITYDIVE.COM
15 NovWhat is a zero-click exploit? | Kaspersky official blogZero-click exploits are attacks that don’t require any active user actions. We explain why they’re dangerous and how to defend against them.KASPERSKY.COM
15 NovNew ASD Cyber Threats Report Shows A Cybercrime Incident Is Reported in Australia Every Six MinutesThe annual Cyber Threat Report by the Australian Signals Directorate (ASD) was released this week, containing insights that every Australian business and citizen should read. The ASD received 94,000 reports of cybercrimes over the past year, 23 percent more than the previous fina…KNOWBE4.COM
15 NovNew SSH VulnerabilityThis is interesting : For the first time, researchers have demonstrated that a large portion of cryptographic keys used to protect data in computer-to-server SSH traffic are vulnerable to complete compromise when naturally occurring computational errors occur while the connection…SCHNEIER.COM
15 NovCongress Looks Beyond Voluntary Commitments on Global AI UseLawmakers Explore Punishments for Foreign Adversaries in Violation of AI Guardrails A Senate committee discussed potential sanctions and enforcement measures to ensure governments around the world obey international norms for artificial intelligence systems, after State Departmen…DATABREACHTODAY.CO.UK
15 NovProtecting The Digital Supply Chain - Yuriy Bulygin - BTS #17Dr. Yuriy Bulygin is the CEO and founder of Eclypsium, the digital supply chain security company. Prior to Eclypsium, Yuriy was Chief Threat Researcher at Intel Corporation. He is also the creator of CHIPSEC, the popular open-source firmware and hardware supply chain security ass…YOUTUBE.COM
15 Nov3 Layers of App Security to Keep Hackers Out, Let Customers In – Aviad Mizrachi – PSW #807Attackers pursue the shortest path to achieve their goals in your app. With a tri-layered security architecture, you can force hackers to crawl through a triathlon in your app. What’s in the three layers, to detect attacks sooner, slow attackers down, and stop them fast? Let’s ta…YOUTUBE.COM
15 NovEuropean Telecom Body to Open-Source Radio Encryption SystemETSI Will Publicize Its Encrypted Protocol TETRA Used in Radio Systems The European telecom standards body behind a widely used radio encryption system will soon open-source its encryption protocols. The European Telecommunications Standards Institute on Tuesday said it will soon…DATABREACHTODAY.CO.UK
15 NovNikesh Arora on Why Palo Alto Networks Is Buying Talon, DigM&A Will Help Palo Alto Broaden Cloud Security Portfolio, Protect Unmanaged Devices Palo Alto will spent nearly $670 million buying Talon and Dig to broaden its cloud security portfolio and protect unmanaged devices without impacting usability. Purchasing Tel Aviv, Israel-bas…DATABREACHTODAY.CO.UK
15 NovRansomware gang files SEC complaint over victim’s undisclosed breachThe ALPHV/BlackCat ransomware operation has taken extortion to a new level by filing a U.S. Securities and Exchange Commission complaint against one of their alleged victims for not complying with the four-day rule to disclose a cyberattack. [...]BLEEPINGCOMPUTER.COM
📋 SECURITY BULLETINS 1[−]
15 NovChipmaker Patch Tuesday: Intel, AMD Address Over 130 VulnerabilitiesIntel and AMD have informed their customers about a total of more than 130 vulnerabilities found in their products. The post Chipmaker Patch Tuesday: Intel, AMD Address Over 130 Vulnerabilities appeared first on SecurityWeek .SECURITYWEEK.COM
📢 SECURITY ADVISORIES 10[−]
15 NovEU Formalizes Cybersecurity Support for UkraineThe new agreement was signed by the EU security agency ENISA, Ukraine’s National Cybersecurity Coordination Center (NCCC), and the Administration of the State Service of Special Communications and Information Protection of Ukraine (SSSCIP).INFOSECURITY-MAGAZINE.COM
15 NovAzerbaijan Agencies Sign Cyber-Partner DealsThe agreement, which focuses on information security, was made between the State Service for Special Communication and Information Security of Azerbaijan and the Turkmenistan agency of Transport and Communications.DARKREADING.COM
15 NovNCSC: UK Facing “Enduring and Significant” Cyber ThreatThe UK’s critical infrastructure (CNI) providers face a persistent and critical threat from emboldened state-backed and aligned actors, a leading UK cybersecurity agency has warned. The NCSC issued the warning in its Annual Review 2023.INFOSECURITY-MAGAZINE.COM
15 NovCISA Outlines AI-Related Cybersecurity EffortsCISA details its efforts to promote the use of AI in cybersecurity and guide critical infrastructure in adopting AI. The post CISA Outlines AI-Related Cybersecurity Efforts appeared first on SecurityWeek .SECURITYWEEK.COM
15 NovFBI and CISA warn of opportunistic Rhysida ransomware attacksThe FBI and CISA warned today of Rhysida ransomware gang's opportunistic attacks targeting organizations across multiple industry sectors. [...]BLEEPINGCOMPUTER.COM
15 NovUS says Royal ransomware gang plans ‘Blacksuit’ rebrandThe U.S. government says Royal, one of the most active ransomware gangs in recent years, is preparing to rebrand or spinoff with a new name, Blacksuit. In an update this week to a previously published joint advisory about the Royal ransomware gang, the FBI and U.S. cybersecurity …TECHCRUNCH.COM
🔥 INCIDENT REPORTING 19[−]
15 NovMY TAKE: Sophos X-Ops advances internal, external threat intelligence sharing to the next levelThreat intelligence sharing has come a long way since Valentine’s Day 2015. Related: How ‘Internet Access Brokers’ fuel ransomware I happened to be in the audience at Stanford University when President Obama took to the stage to issue an executive … (more…)LASTWATCHDOG.COM
15 NovAcuity Who? Attempts and Failures to Attribute 437GB of Breached DataPresently sponsored by: Identity theft isn’t cheap. Secure your family with Aura the #1 rated proactive protection that helps keep you safe online. Get started. Allegedly, Acuity had a data breach. That's the context that accompanied a massive trove of data that was sent to …TROYHUNT.COM
15 NovCyber Security Today, Nov. 15, 2023 - A new ransomware gang emerges, a patching failure was behind a co-ordinated cyber attack on Denmark, and moreThis episode reports on the latest ransomware news, why a sophisticated attack on Denmark's critical infrastructure providers was so effective, and moreCYBERSECURITYTODAY.LIBSYN.COM
15 NovThree Ways Varonis Helps You Fight Insider ThreatsWhat do basketball teams, government agencies, and car manufacturers have in common? Each one has been breached, having confidential, proprietary, or private information stolen and exposed by insiders. In each case, the motivations and methods varied, but the risk remained the sa…THEHACKERNEWS.COM
15 NovSystemBC, a SWISS KNIFE Proxy Malware, Used by Numerous Ransomware GroupsSystemBC (aka Coroxy or DroxiDat) is a multifunctional malware known as Proxy, Bot, Backdoor, and RAT, adapting to attackers’ needs. Since 2018, this multifunctional malware has been active, and it remains popular in underground markets, with consistent annual inciden…GBHACKERS.COM
15 NovIPStorm Botnet With 23,000 Proxies for Malicious Traffic DismantledThe IPStorm botnet evolved since 2019, targeting Windows, Linux, Mac, and Android devices, using the InterPlanetary File System (IPFS) network to hide its activities and offering access to thousands of compromised systems for a high price.BLEEPINGCOMPUTER.COM
15 NovTruepill Mail-Order Pharmacy Hack Affects Nearly 2.4 Million PeopleThe breach, which occurred between August 30 and September 1, resulted in the unauthorized access of files containing patient names, medication type, demographic information, and prescribing physician names.BANKINFOSECURITY.COM
15 NovInfo Stealers Thrive in Hot Market for Stolen DataBrowser data, especially website credentials, remains the most frequently stolen information by info stealers, followed by cryptocurrency wallet credentials and chat app credentials.HEALTHCAREINFOSECURITY.COM
15 NovDigital pharmacy startup Truepill says hackers accessed sensitive data of 2.3 million patientsTruepill, a digital health startup that provides pharmacy fulfillment services for healthcare organizations, has confirmed that hackers accessed the personal data of more than 2.3 million patients. In a data breach notice published on its website, the company says Postmeds, the p…TECHCRUNCH.COM
15 NovRackspace Records $5M in Expenses Related to 2022 Ransomware AttackThe attack disrupted email access for customers, leading to the discontinuation of the Hosted Exchange product. Rackspace expects to receive $5.4 million in insurance reimbursement, but the timing may differ from expense recognition.CYBERSECURITYDIVE.COM
15 NovCyber Espionage Operation on Embassies Linked to Russia’s Cozy Bear HackersThe Cozy Bear APT utilized a legitimate tool called Ngrok to obfuscate their activities and communicate with compromised systems, making detection and attribution more challenging.THERECORD.MEDIA
15 NovPJ&A says cyberattack exposed data of nearly 9 million patientsPJ&A (Perry Johnson & Associates) is warning that a cyberattack in March 2023 exposed the personal information of almost nine million patients. [...]BLEEPINGCOMPUTER.COM
15 NovCyberattack on North Carolina County Allowed Hackers to Access DataAlthough the nature of the attack was not specified, the county's IT staff discovered irregularities in their system and called in external cybersecurity experts to investigate and secure their servers.THERECORD.MEDIA
15 NovNY Governor Wants New Cybersecurity Rules for Hospitals After Multiple AttacksNew York Governor Kathy Hochul has proposed new cybersecurity rules for hospitals in the state to establish robust cybersecurity programs, assess risks, and implement protective measures to combat the rising threat of cyberattacks.THERECORD.MEDIA
15 NovToronto Public Library confirms data stolen in ransomware attackThe Toronto Public Library (TPL) confirmed that the personal information of employees, customers, volunteers, and donors was stolen from a compromised file server during an October ransomware attack. [...]BLEEPINGCOMPUTER.COM
15 Nov9 million patients had data stolen after US medical transcription firm hackedClose to nine million patients had highly sensitive personal and health information stolen during a cyberattack on a U.S. medical transcription service earlier this year, representing one of the worst medical related data breaches in recent times. The medical transcription compan…TECHCRUNCH.COM
15 NovMedical Transcriber's Hack Breach Affects at Least 9 MillionNorthwell Health Among Perry Johnson & Associates' Healthcare Clients Affected The number of healthcare organizations and patients affected by a recent data theft at medical transcription firm Perry Johnson & Associates is expanding: The company now says the breach affected the s…DATABREACHTODAY.CO.UK
15 NovSamsung hit by new data breach impacting UK store customersSamsung Electronics is notifying some of its customers of a data breach that exposed their personal information to an unauthorized individual. [...]BLEEPINGCOMPUTER.COM
15 NovFBI Says Enhanced Partnerships Help Combat Ransomware SurgeBureau Touts ‘All-Time High’ Public-Private Coordination Despite Rise in Attacks FBI officials said Wednesday that the federal government is preventing advanced ransomware attacks targeting a range of institutions with the help of new information-sharing and victim engagement ini…DATABREACHTODAY.CO.UK
🕵️ THREAT INTELLIGENCE 18[−]
15 NovSASE Converge ‘23 Showcases the Potential and Impact of AI-Powered SASEToday at SASE Converge ‘23, we’re showcasing innovations helping shape the future of SASE and network security. The post SASE Converge ‘23 Showcases the Potential and Impact of AI-Powered SASE appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
15 NovISC Stormcast For Wednesday, November 15th, 2023 https://isc.sans.edu/podcastdetail/8746, (Wed, Nov 15th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
15 NovState-Backed Hackers a Threat to Australia, Agency WarnsThe AUKUS partnership, with its focus on nuclear submarines and other advanced military capabilities, is likely a target for state actors looking to steal intellectual property. The post State-Backed Hackers a Threat to Australia, Agency Warns appeared first on SecurityWeek .SECURITYWEEK.COM
15 NovWhat are You Working on Wednesdaysubmitted by shellsharks to cybersecurity 1 points | 0 comments Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.INFOSEC.PUB
15 NovAddressing the State of AI’s Impact on Cyber Disinformation/MisinformationBy embracing a strategy that combines technological advancements with critical thinking skills, collaboration, and a culture of continuous learning, organizations can safeguard against AI's disruptive effects. The post Addressing the State of AI’s Impact on Cyber Disinformation/M…SECURITYWEEK.COM
15 NovRADICL Adds $9 Million in Funding to Fortify Cyber Defenses of SMBs in Defense Industrial BaseRADICL, a cybersecurity startup specializing in providing threat protection to SMBs, secured an additional $9 million in early-stage funding, adding to $3 million that the company had raised previously. The post RADICL Adds $9 Million in Funding to Fortify Cyber Defenses of SMBs …SECURITYWEEK.COM
15 NovDdostf DDoS Malware Attacking MySQL Servers in Windows EnvironmentsResearchers found that vulnerable MySQL servers are being deployed with the Ddostf DDoS bot, which is capable of launching Distributed Denial of Service (DDoS) attacks. Ddostf, which was first identified around 2016, is well-known for supporting both Windows and Linux platfo…GBHACKERS.COM
15 NovUS Announces IPStorm Botnet Takedown and Its Creator’s Guilty PleaUS government announces the takedown of the IPStorm proxy service botnet and the guilty plea of its creator, a Russian/Moldovan national. The post US Announces IPStorm Botnet Takedown and Its Creator’s Guilty Plea appeared first on SecurityWeek .SECURITYWEEK.COM
15 NovPentesting vs. Pentesting as a Service: Which is better?In today’s quickly evolving cybersecurity landscape, organizations constantly seek the most effective ways to secure their digital assets. Penetration testing (pentesting) has emerged as a leading solution for identifying potential system vulnerabilities while closing secur…SECURITYINTELLIGENCE.COM
15 NovSAINTCON 2023 - Utah, USA - 27 videossubmitted by ashar to security_cpe 1 points | 0 comments https://infosec.pub/pictrs/image/ac0c9846-c586-4214-958a-bddaa3fba251.png SAINTCON 2023 playlist SAINTCON 2023 SpeakersINFOSEC.PUB
15 NovApplication Security Startup Aikido Security Raises €5 MillionAikido Security has raised €5 million (~$5.4 million) in seed funding for an all-in-one application security platform. The post Application Security Startup Aikido Security Raises €5 Million appeared first on SecurityWeek .SECURITYWEEK.COM
15 NovHackers Abuse Google Forms to Bypass Anti-spam FiltersCybersecurity researchers at Talos have discovered that spammers are taking advantage of Google Forms quizzes to disseminate various types of online scams to unsuspecting victims. Since Google’s servers are where the emails are coming from, it could be simpler for them to g…GBHACKERS.COM
15 NovData Security Firm ALTR Banks $25M Series CFlorida late-state startup ALTR gets another cash infusion to expand markets for data security technologies. The post Data Security Firm ALTR Banks $25M Series C appeared first on SecurityWeek .SECURITYWEEK.COM
15 NovAI-Manipulated Media Through Deepfakes and Voice Clones: Their Potential for DeceptionResearchers at Pindrop have published a report looking at consumer interactions with AI-generated deepfakes and voice clones.KNOWBE4.COM
15 NovIt’s Official: Scams Via Email and Text are Inescapable as Nearly Every American Receives Fake Messages DailyNew findings show that the overwhelming majority of people have to sort through scam messages and texts.KNOWBE4.COM
15 NovDefining Cybersecurity with Eugene Spafford - Computerphile [25:49]submitted by Crul to cybersecurity 1 points | 0 comments https://www.youtube.com/watch?v=olgGZmkkooU From the video description: Legendary cyber-security expert Professor Gene Spafford joins us to try to define what cyber-security even is! “Spaf” as he’s known, is a faculty membe…YOUTUBE.COM
15 NovEU's LIBE Rejects Mass Content Scanning in CSAM ProposalCommittee Amends Bill to State It Doesn't Prohibit or Weaken End-to-End Encryption A key European parliamentary committee on Tuesday voted to carve off encrypted communications from a legislative proposal directing online providers to diminish the risk of child sexual abuse mater…DATABREACHTODAY.CO.UK
15 NovMicrosoft unveils expansion of AI for security and security for AI at Microsoft IgniteThe new era of AI is here. At Microsoft Ignite, we will be announcing new cybersecurity capabilities to help you thrive in this new age. Explore our big announcements. The post Microsoft unveils expansion of AI for security and security for AI at Microsoft Ignite appeared first o…MICROSOFT.COM
🌐 CYBER THREAT LANDSCAPE 7[−]
15 NovRedline Dropped Through MSIX Package, (Wed, Nov 15th)The MSIX package file format has been in the light for a few weeks. The GHOSTPULSE[1] malware has been identified to bypass many security controls delivered through an MSIX package. Like many operating systems, Windows can install applications by executing an executable…ISC.SANS.EDU
15 NovMySQL Servers, Docker Hosts Infected With DDoS MalwareThe attackers upload a malicious DLL as a User-Defined Function library, allowing them to execute commands and deploy the Ddostf malware. The malware collects system information and waits for commands to launch DDoS attacks.SECURITYWEEK.COM
15 NovUK faces “enduring and significant” cyber threats to critical infrastructure, sa...UK must accelerate work to keep pace with the evolving CNI threat landscapeCSHUB.COM
15 NovU.S. Takes Down IPStorm Botnet, Russian-Moldovan Mastermind Pleads GuiltyThe U.S. government on Tuesday announced the takedown of the IPStorm botnet proxy network and its infrastructure, as the Russian and Moldovan national behind the operation pleaded guilty. "The botnet infrastructure had infected Windows systems then further expanded to infect Linu…THEHACKERNEWS.COM
15 NovAmazon brings its home robot to businessesIn an acknowledgement that cracking the home robotics market is hard, Amazon is bringing its Astro robot to a decidedly more corporate audience. The company today announced Astro for Business, which repurposes Astro as a security robot for small- and medium-sized business custome…TECHCRUNCH.COM
15 NovGoogle Suing Cybercriminals Who Delivered Malware via Fake Bard DownloadsGoogle is taking legal action against cybercriminals who used fake websites to deliver malware and gain control of social media accounts through a scam involving its chat-based AI tool, Bard.SECURITYWEEK.COM
📡 INFOSEC NEWS 12[−]
15 NovMicrosoft Fixes Critical Azure CLI Flaw That Leaked Credentials in LogsUsers are advised to avoid exposing Azure CLI output in logs, regularly rotate keys and secrets, and review best practices for securing Azure Pipelines and GitHub Actions to prevent accidental exposure of sensitive information.BLEEPINGCOMPUTER.COM
15 NovFBI Takes Heat From Industry For Not Making Arrests In MGM-Caesars CasesPACKETSTORMSECURITY.COM
15 NovFraud researchers impersonated on X to push crypto-stealing sitesMultiple fake accounts impersonating cryptocurrency scam investigators and blockchain security companies are promoting phishing pages to drain wallets in an ongoing campaign on X (former Twitter). [...]BLEEPINGCOMPUTER.COM
15 NovThe OWASP Top 10: What They Are and How to Test ThemThis article takes a deep dive into the OWASP Top 10 and advises on how to test your web applications for susceptibility to these security risks. [...]BLEEPINGCOMPUTER.COM
15 NovCyble Raises $6.2M; Expands Series B to $30.2MThe round, which brought the total amount to $30.2M, was led by Summit Peak Ventures (US) and King River Capital (US), with participation from Care Super (Australia) and BlackBird Ventures (Australasia), along with other investors.FINSMES.COM
15 NovNew Russian Hacking Group Pretends to be a Pentesting Training OrganizationAlphaLock's business model represents a new and sophisticated approach to cybercrime, creating a pipeline of trained hackers and monetizing their services through an affiliate program.BLEEPINGCOMPUTER.COM
15 NovCredit Card Skimming on the Rise for the Holiday Shopping SeasonA credit card skimming campaign called Kritec has recently picked up in activity, compromising numerous online stores and stealing credit card information from unsuspecting shoppers.MALWAREBYTES.COM
15 NovPython Package Index Faces Security Crisis With Validated LeaksSecurity researchers have discovered a total of 3938 unique secrets on PyPI, the official third-party package management system for the Python community, across all projects, with 768 of them validated as authentic.INFOSECURITY-MAGAZINE.COM
15 NovCitrix Hypervisor gets hotfix for new Reptar Intel CPU flawCitrix has released hotfixes for two vulnerabilities impacting Citrix Hypervisor, one of them being the "Reptar" high-severity flaw that affects Intel CPUs for desktop and server systems. [...]BLEEPINGCOMPUTER.COM
15 NovFraudsters make $50,000 a day by spoofing crypto researchersMultiple fake accounts impersonating cryptocurrency scam investigators and blockchain security companies are promoting phishing pages to drain wallets in an ongoing campaign on X (former Twitter). [...]BLEEPINGCOMPUTER.COM
15 NovMicrosoft fixes Windows Server VMs broken by October updatesMicrosoft fixed a known issue causing blue screens and boot failures in Windows Server 2022 virtual machines (VMs) deployed on VMware ESXi hosts. [...]BLEEPINGCOMPUTER.COM
15 NovVulcan Cyber, which scans software for security vulnerabilities, lands $55M cash infusionVulcan Cyber, a company developing software to help enterprises detect vulnerabilities in their software stack, today announced that it raised $55 million in equity financing led by Maor Investments and Ten Eleven Ventures with participation from Dawn Capital and Wipro Ventures. …TECHCRUNCH.COM