68Articles
9Categories
2023-11-16Date
🚨 CISA KEV 1[−]
16 Nov KEVCISA Adds Three Known Exploited Vulnerabilities to CatalogCISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2023-36584 Microsoft Windows Mark of the Web (MOTW) Security Feature Bypass Vulnerability CVE-2023-1671 Sophos Web Appliance Command Injection V…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 9[−]
16 NovLeaving Authentication Credentials in Public CodeInteresting article about a surprisingly common vulnerability: programmers leaving authentication credentials and other secrets in publicly accessible software code: Researchers from security firm GitGuardian this week reported finding almost 4,000 unique secrets stashed inside a…SCHNEIER.COM
16 NovZero-Day Flaw in Zimbra Email Software Exploited by Four Hacker GroupsA zero-day flaw in the Zimbra Collaboration email software was exploited by four different groups in real-world attacks to pilfer email data, user credentials, and authentication tokens. "Most of this activity occurred after the initial fix became public on GitHub," Google Threat…THEHACKERNEWS.COM
16 NovCitrix Releases Security Updates for Citrix HypervisorCitrix has released security updates addressing vulnerabilities in Citrix Hypervisor 8.2 CU1 LTSR. A cyber threat actor could exploit these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Citrix Hypervisor Security Bulleti…CISA.GOV
16 NovChromium: CVE-2023-5997 Use after free in Garbage CollectionThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
16 NovChromium: CVE-2023-6112 Use after free in NavigationThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
16 NovCVE-2023-36026 Microsoft Edge (Chromium-based) Spoofing VulnerabilityInformation published.MSRC.MICROSOFT.COM
16 NovManageEngine Information Disclosure Flaw Exposes Encryption KeysManageEngine, one of the most widely used IT infrastructure management platforms that offers more than 60 Enterprise IT management tools, has been discovered with an Information Disclosure vulnerability which is tracked as CVE-2023-6105. This vulnerability affects multiple Manage…GBHACKERS.COM
16 NovCrushFTP - CVE-2023-43177 - Unauthenticated Root-Level RCE Chainsubmitted by L4s to secops 1 points | 0 comments https://convergetp.com/2023/11/16/crushftp-zero-day-cve-2023-43177-discovered/ CrushFTP - CVE-2023-43177 - Unauthenticated Root-Level RCE Chain::Zero-day vulnerabilities chain in CrushFTP (CVE-20-23-43177) uncovered by Converge Red…CONVERGETP.COM
⚠️ VULNERABILITY DISCLOSURE 16[−]
16 NovVeterans play a crucial role in filling the cybersecurity skills gapWhile the veteran unemployment rate may be at a historic low , the transition from the military to civilian life isn’t without its challenges. For starters, ex-military members often need help translating their skills gained in the armed forces to non-military roles, and many nee…CSOONLINE.COM
16 Nov3 Layers of App Security to Keep Hackers Out, Let Customers In - Aviad Mizrachi - PSW #807Attackers pursue the shortest path to achieve their goals in your app. With a tri-layered security architecture, you can force hackers to crawl through a triathlon in your app. What’s in the three layers, to detect attacks sooner, slow attackers down, and stop them fast? Let’s ta…YOUTUBE.COM
16 NovSSH Under Attack, IoT Routers, BLE Spam, & Patching a House of Cards - PSW #807In the Security News: SSH under attack, IoT routers have vulnerabilities, the BLE Spam attacks still work against iPhones, there is a longer story behind BLE spam, and Larry is one of the stars, denial of pleasure via BLE, vulnerability disclosure and your blob is showing, the ha…YOUTUBE.COM
16 NovRussian Hackers Launch 'Largest Ever Cyber Attack' on Danish Critical InfrastructureRussian threat actors have been possibly linked to what's been described as the "largest cyber attack against Danish critical infrastructure," in which 22 companies associated with the operation of the country's energy sector were targeted in May 2023. "22 simultaneous, successfu…THEHACKERNEWS.COM
16 NovHow US SEC legal actions put CISOs at risk and what to do about itWith the US Securities and Exchange Commission (SEC) having taken legal action against CISOs at both SolarWinds and Uber , security executives feel the pressure to be absolutely precise when writing up security incidents that the company has decided are material. Things get trick…CSOONLINE.COM
16 NovFortinet warns of critical command injection bug in FortiSIEMFortinet is alerting customers of a critical OS command injection vulnerability in FortiSIEM report server that could be exploited by remote, unauthenticated attackers to execute commands through specially crafted API requests. [...]BLEEPINGCOMPUTER.COM
16 NovExperts Uncover DarkCasino: New Emerging APT Threat Exploiting WinRAR FlawA hacking group that leveraged a recently disclosed security flaw in the WinRAR software as a zero-day has now been categorized as an entirely new advanced persistent threat (APT). Cybersecurity company NSFOCUS has described DarkCasino as an "economically motivated" actor that fi…THEHACKERNEWS.COM
16 NovHow to Automate the Hardest Parts of Employee OffboardingAccording to recent research on employee offboarding, 70% of IT professionals say they’ve experienced the negative effects of incomplete IT offboarding, whether in the form of a security incident tied to an account that wasn't deprovisioned, a surprise bill for resources that are…THEHACKERNEWS.COM
16 NovHackers Could Exploit Google Workspace and Cloud Platform for Ransomware AttacksA set of novel attack methods has been demonstrated against Google Workspace and the Google Cloud Platform that could be potentially leveraged by threat actors to conduct ransomware, data exfiltration, and password recovery attacks. "Starting from a single compromised machine, th…THEHACKERNEWS.COM
16 NovCISA Requests Comment on Draft Secure Software Development Attestation FormCISA has opened a 30-day Federal Register notice to receive public comment on the draft Secure Software Development Attestation Form . CISA developed this form in coordination with the Office of Management and Budget. With the Secure Software Development Attestation Form , federa…CISA.GOV
16 NovCISA Releases Fourteen Industrial Control Systems AdvisoriesCISA released fourteen Industrial Control Systems (ICS) advisories on November 16, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-320-01 Red Lion Sixnet RTUs ICSA-23-320-02 Hitachi Energy MAC…CISA.GOV
16 NovBeware! Hackers Can Now Exploit a Security Flaw in Zoom ClientThe popular video messaging platform Zoom has discovered multiple vulnerabilities affecting Zoom Clients. These vulnerabilities might allow an unauthorized user to carry out denial-of-service, privilege escalation, and information disclosure attacks. To receive the most recent se…GBHACKERS.COM
16 NovPalestine-aligned cyberespionage actor shifts infection chain tacticsResearchers warn that a cyberespionage actor that targets government entities in the Middle East and North Africa and is generally aligned with Palestinian interests has changed its infection chain tactics three times in recent months. The group is known for targeting a very smal…CSOONLINE.COM
16 NovTop cybersecurity product news of the weekWiz brings native AI security capabilities to its CNAPP November 16: CNAPP vendor Wiz has introduced Wiz for AI Security, which adds native AI security capabilities to its cloud-native application protection platform. It has four main components: AI Security Posture Management (A…CSOONLINE.COM
16 NovFive Lessons Learned From Okta’s Customer Support System Breach - ESW #340We regularly cover significant breaches on this podcast, but it is rare that we have enough information about a major breach to cover in enough detail to devote an entire segment to. Today, we dive into lessons learned from the breach of Okta's customer support system that target…YOUTUBE.COM
16 NovExploring the Intersection of Security for Edge Computing and Endpoint - Theresa Lanow... - ESW #340Once again, Theresa Lanowitz joins us to discuss Edge Computing, but with a twist this time, as Mani Keerthi Nagotu from SentinelOne joins us as well! As a field CISO, Mani knows all too well the struggles security leaders are going through, given the current market and threat la…YOUTUBE.COM
📢 SECURITY ADVISORIES 7[−]
16 NovFBI shares tactics of notorious Scattered Spider hacker collectiveThe Federal Bureau of Investigation and the Cybersecurity and Infrastructure Security Agency released an advisory about the evasive threat actor tracked as Scattered Spider, a loosely knit hacking collective that now collaborates with the ALPHV/BlackCat Russian ransomware operati…BLEEPINGCOMPUTER.COM
16 NovCISA and FBI Issue Warning About Rhysida Ransomware Double Extortion AttacksThe threat actors behind the Rhysida ransomware engage in opportunistic attacks targeting organizations spanning various industry sectors. The advisory comes courtesy of the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), a…THEHACKERNEWS.COM
16 NovFBI and CISA Release Advisory on Scattered Spider GroupToday, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) released a joint Cybersecurity Advisory (CSA) on Scattered Spider —a cybercriminal group targeting commercial facilities sectors and subsectors. The advisory provides …CISA.GOV
16 NovBlackCat Ransomware's New SEC Reporting Tactic: Turn Regulations Against VictimsMan Bites Dog: In an unusual twist in cybercrime, the ransomware group BlackCat/ALPHV is manipulating the SEC's new 4-day rule on cyber incident reporting to increase pressure on their victims. This latest maneuver highlights a sophisticated understanding of regulatory impacts in…KNOWBE4.COM
16 NovWireshark 4.2.0 Released: What’s New!Wireshark, a leading network packet analyzer, has released version 4.2.0, which brings bug fixes, protocol updates, major API changes, codec support, and several new features. It is still a widely used and popular tool for network protocol analysis. Network administrators and sec…GBHACKERS.COM
16 NovNew security startups, Stamos and Krebs go to SentinelOne, NY takes cyber seriously - ESW #340Finally, in the enterprise security news, 1. Lots of new security startups with early stage funding 2. SentinelOne picks up Chris Krebs and Alex Stamos’s consulting firm 3. PE firm picks up ActiveState - a company I haven’t thought about since I last downloaded ActiveState Perl 1…YOUTUBE.COM
🔥 INCIDENT REPORTING 13[−]
16 NovRansomware group breaches company, reports them to SEC for failure to disclosesubmitted by L4s to secops 1 points | 0 comments https://www.databreaches.net/alphv-files-an-sec-complaint-against-meridianlink-for-not-disclosing-a-breach-to-the-sec/ Ransomware group breaches company, reports them to SEC for failure to disclose::undefinedDATABREACHES.NET
16 NovLong Beach, California turns off IT systems after cyberattackThe City of Long Beach in California is warning that they suffered a cyberattack on Tuesday that has led them to shut down portions of their IT network to prevent the attack's spread. [...]BLEEPINGCOMPUTER.COM
16 NovToyota confirms breach after Medusa ransomware threatens to leak dataToyota Financial Services (TFS) has confirmed that it detected unauthorized access on some of its systems in Europe and Africa after Medusa ransomware claimed an attack on the company. [...]BLEEPINGCOMPUTER.COM
16 NovAlleged Extortioner of Psychotherapy Patients Faces TrialProsecutors in Finland this week commenced their criminal trial against Julius Kivimäki, a 26-year-old Finnish man charged with extorting a once popular and now-bankrupt online psychotherapy practice and thousands of its patients. In a 2,200-page report, Finnish authorities laid …KREBSONSECURITY.COM
16 NovSamsung Hacked: Customers Personal Information ExposedSamsung Electronics (U.K.) Limited has announced a cybersecurity incident, corroborating the exposure of customer data that originated in July 2019. The disclosure comes as the tech behemoth contends with the repercussions of illicit access to personal information. Sequence of th…GBHACKERS.COM
16 NovSamsung says hackers accessed customer data during year-long breachSamsung has admitted that hackers accessed the personal data of U.K.-based customers during a year-long breach of its systems. In a statement to TechCrunch, Samsung spokesperson Chelsea Simpson, representing the company via a third-party agency, said Samsung was “recently alerted…TECHCRUNCH.COM
16 NovCrowdStrike’s new Falcon Go delivers AI security to SMBsCybersecurity provider CrowdStrike has released a version of its Falcon platform, called Falcon Go, that’s aimed at small and medium size (SMB) businesses and designed to provide a one-stop, frictionless security product that lets AI do the work instead of IT staff. Falcon Go is …CSOONLINE.COM
16 NovTransatlantic Cable podcast, episode 324 | Kaspersky official blogEpisode 324 of the Kaspersky podcast looks at Meta and Google in the docks, more on deepfakes & port operator pulls internet after a cyberattack.KASPERSKY.COM
16 NovExploring the Intersection of Security & Endpoint | 5 Lessons From Okta’s CSS Breach| News - ESW340This week, we kick things off with an interview with Theresa Lanowitz, Head of Cybersecurity Evangelism at AT&T Cybersecurity, about Exploring the Intersection of Security for Edge Computing and Endpoint. Then, we talk about Five Lessons Learned From Okta’s Customer Support S…YOUTUBE.COM
16 NovExploring the Intersection of Security for Edge Computing & Endpoint – ESW #340Segment 1: Exploring the Intersection of Security for Edge Computing and Endpoint with Theresa Lanowitz, Mani Keerthi Nagothu – ESW #340 Segment 2: Five Lessons Learned From Okta’s Customer Support System Breach with Adrian Sanabria. →Watch Live Here: https://securityweekly.com/l…YOUTUBE.COM
🕵️ THREAT INTELLIGENCE 7[−]
16 NovISC Stormcast For Thursday, November 16th, 2023 https://isc.sans.edu/podcastdetail/8748, (Thu, Nov 16th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
16 NovTA402 Group using Weaponized XLL and RAR Files to Deliver MalwareResearchers have discovered a new phishing campaign that targets Middle Eastern and North African Government Entities to deliver a new initial access downloader termed “IronWind.” This downloader is followed by additional payload stages, which downloads a shellcode. M…GBHACKERS.COM
16 NovFTC’s Voice Cloning ChallengeThe Federal Trade Commission is running a competition “to foster breakthrough ideas on preventing, monitoring, and evaluating malicious voice cloning.”SCHNEIER.COM
16 NovHow to Help "Frequent Clickers" Become More MindfulWithin our organizations, there are those employees who consistently exhibit mindfulness, avoiding every phishing attempt. Yet, there are also those users who, despite repeated education efforts, habitually fall prey to phishing emails and simulations, neglecting the tell-tale si…KNOWBE4.COM
16 NovSimply Cyber Con 2023 - 29 videossubmitted by ashar to security_cpe 2 points | 0 comments https://infosec.pub/pictrs/image/51015952-bf38-4c4f-a3b4-2746d82433b6.png Simply Cyber Con 2023 playlist Simply Cyber Con 2023 speakerINFOSEC.PUB
16 NovQuantum and Post-Quantum Crypto. Lecture by Les Bell of mq.edu.au - 1 hoursubmitted by ashar to security_cpe 2 points | 0 comments https://infosec.pub/pictrs/image/056d49dd-e869-4d5b-9f0f-449bfca6aabe.png Quantum and Post-Quantum Crypto by Les Bell A high-level overview of quantum cryptology, covering basic quantum mechanics, quantum computing, quantum…INFOSEC.PUB
16 NovNews alert: Bridewell sees democratized cybercrime, regulatory lag, smart malware coming in 2024Houston, Texas, USA – 16 Nov. 2023 – Given the sharpening complexity of cyber threats, our digital and physical infrastructure faces mounting challenges. In the past year alone, we’ve seen cybercriminals refine their arsenal with sophisticated tools aimed squarely at ……LASTWATCHDOG.COM
🌐 CYBER THREAT LANDSCAPE 5[−]
16 NovMySQL servers targeted by 'Ddostf' DDoS-as-a-Service botnetMySQL servers are being targeted by the 'Ddostf' malware botnet to enslave them for a DDoS-as-a-Service platform whose firepower is rented to other cybercriminals. [...]BLEEPINGCOMPUTER.COM
16 NovHow DDoS attacks are taking down even the largest tech companiesDDoS attacks are increasingly taking down even the largest tech companies. Learn more Specops Software on these types of attacks and how you can protect your devices from being recruited into botnets. [...]BLEEPINGCOMPUTER.COM
16 NovChildren’s tablet has malware and exposes kids’ data, researcher findsIn May this year, Alexis Hancock’s daughter got a children’s tablet for her birthday. Being a security researcher, Hancock was immediately worried. “I looked at it kind of sideways because I’ve never heard of Dragon Touch,” Hancock told TechCrunch, referring to the tablet’s…TECHCRUNCH.COM
16 NovWhatsApp spyware modifications in Telegram | Kaspersky official blogSpyware-infected WhatsApp modifications being distributed through Telegram channels and WhatsApp mod sites.KASPERSKY.COM
🎙️ PODCASTS 1[−]
16 NovSmashing Security podcast #348: Hacking for chimp change, and AI chatbot birthdayWho's more incompetent - the cryptocurrency exchanges or some of the people who hack them? Plus a closer look at the reliability of AI chatbots. All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Car…GRAHAMCLULEY.COM
📡 INFOSEC NEWS 9[−]
16 NovA November rain of patches from MicrosoftA collection of 57 CVEs for twelve product families is literally only half of the story this monthSOPHOS.COM
16 NovMicrosoft confirms Copilot AI assistant coming to Windows 10Microsoft will roll out the Copilot AI-powered assistant to Windows 10 systems enrolled in the Insider Program over the coming months. [...]BLEEPINGCOMPUTER.COM
16 NovBeyond -n: Optimizing tcpdump performance, (Thu, Nov 16th)If you ever had to acquire packets from a network, you probably used tcpdump. Other tools (Wireshark, dumpcap, snort...) can do the same thing, but none is as widely used as tcpdump. tcpdump is simple to use, fast, and universally available (and free!). ISC.SANS.EDU
16 NovCybersecurity investor Ballistic Ventures seeks $300M for new fundBallistic Ventures, a venture capital firm dedicated to funding and incubating cybersecurity startups, is looking to raise as much as $300 million for a new fund, according to a regulatory filing. The San Francisco-based VC firm Wednesday filed with the U.S. Securities and Exchan…TECHCRUNCH.COM
16 NovIs your LinkedIn profile revealing too much?How much contact and personal information do you give away in your LinkedIn profile and who can see it? Here’s why less may be more.WELIVESECURITY.COM
16 NovIs your LinkedIn profile revealing too much?How much contact and personal information do you give away in your LinkedIn profile and who can see it? Here’s why less may be more.WELIVESECURITY.COM