79Articles
9Categories
2023-11-17Date
🚨 CISA KEV 2[−]
17 Nov KEVCISA Warns of Attacks Exploiting Sophos Web Appliance VulnerabilityCISA adds Sophos, Oracle and Microsoft product security holes to its Known Exploited Vulnerabilities (KEV) catalog. The post CISA Warns of Attacks Exploiting Sophos Web Appliance Vulnerability appeared first on SecurityWeek .SECURITYWEEK.COM
17 Nov KEVCISA Adds Three Security Flaws with Active Exploitation to KEV CatalogThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added three security flaws to its Known Exploited Vulnerabilities (KEV) catalog based on evidence of active exploitation in the wild. The vulnerabilities are as follows - CVE-2023-36584 (CVSS score: 5.4)…THEHACKERNEWS.COM
🐛 COMMON VULNERABILITIES AND EXPOSURES 3[−]
17 NovGoogle: Hackers exploited Zimbra zero-day in attacks on govt orgsHackers leveraged a medium-severity security issue now identified as CVE-2023-37580 since June 29, nearly a month before the vendor addressed it in version 8.8.15 Patch 41of the software on July 25. [...]BLEEPINGCOMPUTER.COM
17 NovIntel patches high-severity vulnerability affecting central processing unitssubmitted by c0mmando to netsec 6 points | 0 comments https://therecord.media/intel-patches-vulnerability-affecting-cpus The U.S. chip manufacturer Intel has patched a high-severity vulnerability affecting central processing units (CPUs) in its desktop, mobile and server products…THERECORD.MEDIA
17 NovZimbra 0-day used to target international government organizationssubmitted by c0mmando to netsec 4 points | 0 comments https://blog.google/threat-analysis-group/zimbra-0-day-used-to-target-international-government-organizations/ In June 2023, Google’s Threat Analysis Group (TAG) discovered an in-the-wild 0-day exploit targeting Zimbra Collabor…BLOG.GOOGLE
⚠️ VULNERABILITY DISCLOSURE 27[−]
17 NovFriday Squid Blogging: Unpatched Vulnerabilities in the Squid Caching ProxyIn a rare squid/security post, here’s an article about unpatched vulnerabilities in the Squid caching proxy. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here .SCHNEIER.COM
17 NovRansomware Gang Files SEC ComplaintA ransomware gang, annoyed at not being paid, filed an SEC complaint against its victim for not disclosing its security breach within the required four days. This is over the top, but is just another example of the extreme pressure ransomware gangs put on companies after seizing …SCHNEIER.COM
17 NovA Vulnerability in Fortinet FortiSIEM Could Allow for Remote Code ExecutionA vulnerability has been discovered in Fortinet FortiSIEM, which could allow for remote code execution. Successful exploitation of this vulnerability could allow for remote code execution in the context of the affected service account. Depending on the privileges associated with …CISECURITY.ORG
17 NovThe Week in Ransomware - November 17th 2023 - Citrix in the CrosshairsRansomware gangs target exposed Citrix Netscaler devices using a publicly available exploit to breach large organizations, steal data, and encrypt files. [...]BLEEPINGCOMPUTER.COM
17 Nov KEVCISA warns of actively exploited Windows, Sophos, and Oracle bugsThe U.S. Cybersecurity & Infrastructure Security Agency has added to its catalog of known exploited vulnerabilities (KEV) three security issues that affect Microsoft devices, a Sophos product, and an enterprise solution from Oracle. [...]BLEEPINGCOMPUTER.COM
17 NovCybercriminals Exploit Gaza Crisis With Fake CharityThe attackers posed as a group soliciting donations for children in Palestine, using emotionally charged language and news articles to manipulate recipients. They requested cryptocurrency donations and employed tactics to conceal their identity.INFOSECURITY-MAGAZINE.COM
17 NovSEC Aims to Avoid Cyber Disclosure Rule 'Compliance Burdens'The rule includes exceptions for cases where public disclosure of a cyber incident could pose significant risks to public safety or national security, allowing companies to work with law enforcement agencies to address secret cybersecurity events.BANKINFOSECURITY.COM
17 NovToyota Recovering From Cyberattack on its Financial Services DivisionThe company has taken certain systems offline to investigate the unauthorized activity and reduce risk. Toyota is working with law enforcement and gradually bringing systems back online.THERECORD.MEDIA
17 NovOver a Dozen Exploitable Vulnerabilities Found in AI/ML ToolsBug hunters uncover over a dozen exploitable vulnerabilities in tools used to build chatbots and other types of AI/ML models. The post Over a Dozen Exploitable Vulnerabilities Found in AI/ML Tools appeared first on SecurityWeek .SECURITYWEEK.COM
17 NovCitrixBleed Vulnerability Exploitation Suspected in Toyota Ransomware AttackToyota Financial Services has been hit by a ransomware attack that may have involved exploitation of the CitrixBleed vulnerability. The post CitrixBleed Vulnerability Exploitation Suspected in Toyota Ransomware Attack appeared first on SecurityWeek .SECURITYWEEK.COM
17 NovCyber attack forces Toyota Financial Services systems offlineToyota Financial Services identified unauthorized activity on its systemsCSHUB.COM
17 NovBlackCat/APLHV ransomware gang files SEC complaint over victim’s “undisclosed” d...BlackCat/APLHV claimed that alleged victim MeridianLink has failed to comply with a new four-day cyber attack reporting ruleCSHUB.COM
17 NovFCC Enforces Stronger Rules to Protect Customers Against SIM Swapping AttacksThe U.S. Federal Communications Commission (FCC) is adopting new rules that aim to protect consumers from cell phone account scams that make it possible for malicious actors to orchestrate SIM-swapping attacks and port-out fraud. “The rules will help protect consumers from scamme…THEHACKERNEWS.COM
17 NovCISA Releases The Mitigation Guide: Healthcare and Public Health (HPH) SectorToday, CISA released the Mitigation Guide: Healthcare and Public Health (HPH) Secto r as a supplemental companion to the HPH Cyber Risk Summary, published July 19, 2023. This guide provides defensive mitigation strategy recommendations and best practices to combat pervasive cyber…CISA.GOV
17 NovJuniper Releases Security Advisory for Juniper Secure AnalyticsJuniper released a security advisory to address multiple vulnerabilities affecting Juniper Secure Analytics. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Juniper advis…CISA.GOV
17 Nov KEVKnowBe4 Integrates With Cisco Duo To Streamline Secure Sign InsSocial engineering remains one of the top attack vectors that cybercriminals use to execute malicious acts. KnowBe4’s security awareness training and simulated phishing platform allows workforces to make smarter decisions, strengthen an organization’s security culture and human r…KNOWBE4.COM
17 NovJohnny Jet's $3,000 Podcast Scam Nightmare – Unveiling the Elaborate Con that Hijacked his Facebook KingdomTravel influencer Johnny Jet has disclosed that he fell victim to a scam that caused him to lose access to his Facebook account, which has tens of thousands of followers. The scammers began by contacting him and asking if he would be a guest on their podcast.KNOWBE4.COM
17 NovFortiSIEM Injection Flaw: Let Attackers Execute Malicious CommandsFortinet notifies users of a critical OS command injection vulnerability in the FortiSIEM report server that might enable an unauthenticated, remote attacker to execute malicious commands via crafted API requests. FortiSIEM is Fortinet’s security information and event manag…GBHACKERS.COM
17 NovRansomware Gang Files an SEC Complaint for Victim Not Disclosing Data BreachAlphv Ransomware gang filed an SEC complaint against MeridianLink for not disclosing a data breach. BlackCat, also known as ALPHV, BlackCat operates on the ransomware as a service (RaaS) model, with developers offering the malware for use by affiliates and taking a percentage of …GBHACKERS.COM
17 NovRansomware gang files SEC complaint against company that refused to negotiateThe BlackCat ransomware gang has begun abusing upcoming US Securities and Exchange Commission (SEC) cyber incident reporting rules to put pressure on organizations that refuse to negotiate ransom payments. The attackers filed an SEC complaint against one victim already, in a move…CSOONLINE.COM
17 NovCloud Security Alliance announces new zero-trust security credentialThe Cloud Security Alliance (CSA) raised the curtain Wednesday on a new credential and training materials to enable security professionals to build the knowledge they will need to implement and manage a zero-trust strategy in their organizations. "From industrial control systems …CSOONLINE.COM
17 NovCISA, FBI warn of Scattered Spider expertise with social engineering, SIM swappingsubmitted by c0mmando to netsec 1 points | 0 comments https://therecord.media/cisa-fbi-warn-of-scattered-spider-cybercrime-group The leading cybersecurity officials in the U.S. published a stark warning on Thursday about a group of hackers who have disrupted some of the largest c…THERECORD.MEDIA
17 NovFBI takes down IPStorm malware botnet as hacker behind it pleads guiltysubmitted by c0mmando to netsec 11 points | 0 comments https://therecord.media/fbi-takes-down-ipstorm-malware-botnet The FBI dismantled the IPStorm botnet proxy network and its infrastructure this week following a September plea deal with the hacker behind the operation. The Just…THERECORD.MEDIA
17 NovNearly two dozen Danish energy companies hacked through firewall bug in Maysubmitted by c0mmando to netsec 13 points | 0 comments https://therecord.media/danish-energy-companies-hacked-firewall-bug Denmark’s critical infrastructure experienced the largest cyberattack in the country’s history this spring, with 22 energy companies breached in just a few d…THERECORD.MEDIA
17 NovSafeguarding ports from the rising tide of cyberthreats – Week in security with Tony AnscombeAn attack against a port operator that ultimately hobbled some 40 percent of Australia’s import and export capacity highlights the kinds of supply chain shocks that a successful cyberattack can causeWELIVESECURITY.COM
📋 SECURITY BULLETINS 1[−]
17 NovReflecting on 20 years of Patch TuesdayThis year is a landmark moment for Microsoft as we observe the 20th anniversary of Patch Tuesday updates, an initiative that has become a cornerstone of the IT world’s approach to cybersecurity. Originating from the Trustworthy Computing memo by Bill Gates in 2002, our unwavering…MSRC.MICROSOFT.COM
📢 SECURITY ADVISORIES 2[−]
17 NovThreat Intel: To Share or Not to Share is Not the QuestionRegulatory compliance and upcoming regulations, such as the Digital Operational Resilience Act, are driving the need for organizations to engage in threat intelligence sharing.SECURITYWEEK.COM
17 NovU.S. Cybersecurity Agencies Warn of Scattered Spider's Gen Z Cybercrime EcosystemU.S. cybersecurity and intelligence agencies have released a joint advisory about a cybercriminal group known as Scattered Spider that's known to employ sophisticated phishing tactics to infiltrate targets. "Scattered Spider threat actors typically engage in data theft for extort…THEHACKERNEWS.COM
🔥 INCIDENT REPORTING 18[−]
17 NovCyber Security Today, Week in Review for week ending Friday, Nov. 17, 2023This episode features a discussion on lessons learned from a huge cyber attack in Denmark, and moreCYBERSECURITYTODAY.LIBSYN.COM
17 NovCyber Security Today, Nov. 17, 2023 - A company's slip may have led to a hack, free AI and incident response advice, and moreThis episode reports on claims by a threat actor that they used a former employee's still active credentials for a data theft, and moreCYBERSECURITYTODAY.LIBSYN.COM
17 NovYamaha Motor confirms ransomware attack on Philippines subsidiaryYamaha Motor's Philippines motorcycle manufacturing subsidiary was hit by a ransomware attack last month, resulting in the theft and leak of some employees' personal information. [...]BLEEPINGCOMPUTER.COM
17 NovBritish Library: Ongoing outage caused by ransomware attackThe British Library confirmed that a ransomware attack is behind a major outage that is still affecting services across several locations. [...]BLEEPINGCOMPUTER.COM
17 Nov‘Sex Life Data’ Stolen From UK Government Among Record Number of Ransomware AttacksUp to 10,000 people's data on their sex lives was stolen in a ransomware attack on a British government department. It is unclear why the government was holding this data.THERECORD.MEDIA
17 NovFTC Targets Telecom Provider for Inmates After Massive Data BreachThe proposed order by the FTC requires Global Tel*Link to implement a comprehensive data security program, notify customers of future breaches, and minimize the data it collects and retains, among other measures, to prevent further incidents.THERECORD.MEDIA
17 NovIn Other News: Major Law Firm Hacked, Chinese Bank Pays Ransom, PyPI Security AuditNoteworthy stories that might have slipped under the radar: top law firm hacked, Chinese bank pays ransom, and PyPI conducts first security audit. The post In Other News: Major Law Firm Hacked, Chinese Bank Pays Ransom, PyPI Security Audit appeared first on SecurityWeek .SECURITYWEEK.COM
17 NovBeware: Malicious Google Ads Trick WinSCP Users into Installing MalwareThreat actors are leveraging manipulated search results and bogus Google ads that trick users who are looking to download legitimate software such as WinSCP into installing malware instead. Cybersecurity company Securonix is tracking the ongoing activity under the name SEO#LURKER…THEHACKERNEWS.COM
17 Nov20+ Companies Hacked in Massive Cyber Attack on Critical InfrastructureIn an alarming development, Denmark faced its most extensive cyber attack in May 2023, targeting crucial components of its energy infrastructure.  A total of 22 companies fell victim to a meticulously coordinated attack, breaching their industrial control systems and prompti…GBHACKERS.COM
17 NovToyota Financial Hack Claimed by Medusa RansomwareThe biggest manufacturer of automobiles, Toyota, has discovered unauthorized activity on systems in a few of its Europe & African services. The ‘Medusa ransomware gang allegedly took data from Toyota Financial Services.’ The group offered the business ten days to provid…GBHACKERS.COM
17 NovALPHV/BlackCat Take Extortion PublicLearn more about ALPHV filing a complaint with the Security and Exchange Commission (SEC) against their victim, which appears to be an attempt to influence MeridianLink to pay the ransom sooner than later.TRENDMICRO.COM
17 NovUnderstanding the Kaspersky Compromise Assessment ServiceKaspersky SOC experts explain the differences among compromise assessment, incident response, penetration testing, and MDRKASPERSKY.COM
17 NovCashwarp vs. Reptar, Rackspace, BlackCat, Bots, Aaran Leyland and More - SWN #343Cashwarp vs. Reptar, Rackspace, BlackCat, Intel, AMD, Bots and more bots, Aaran Leyland, and More News on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-343YOUTUBE.COM
17 NovCashwarp vs. Reptar, Rackspace, BlackCat, Bots, Aaran Leyland and More – SWN #343Cashwarp vs. Reptar, Rackspace, BlackCat, Intel, AMD, Bots and more bots, Aaran Leyland, and More News on the Security Weekly News. →Watch Live: https://securityweekly.com/live →Subscribe to our podcasts: https://securityweekly.com/subscribe →Join our community Discord: https://s…YOUTUBE.COM
17 NovThe Extortion Economy — How Lockbit is Fueling a Global Ransomware Crisissubmitted by Ultra_Unlimited to cybersecurity 3 points | 0 comments https://www.ultra-unlimited.com/blog/the-extortion-economyULTRA-UNLIMITED.COM
17 NovA deep dive into Phobos ransomware, recently deployed by 8Base groupsubmitted by c0mmando to netsec 1 points | 0 comments https://blog.talosintelligence.com/deep-dive-into-phobos-ransomware/ Cisco Talos has recently observed an increase in activity conducted by 8Base, a ransomware group that uses a variant of the Phobos ransomware and other publi…TALOSINTELLIGENCE.COM
17 NovIsraeli private eye gets 80-month sentence for global hack-for-hire schemesubmitted by c0mmando to netsec 4 points | 0 comments https://therecord.media/israeli-aviram-azari-sentenced-hacker-for-hire An Israeli private investigator was sentenced in the Southern District of New York to nearly seven years in federal prison on Thursday on charges that he o…THERECORD.MEDIA
🕵️ THREAT INTELLIGENCE 17[−]
17 Nov2 Environmentalists Who Were Targeted by a Hacking Network Say the Public Is the Real VictimTwo environmentalists told a judge that the public was the real victim of a global computer hacking campaign that targeted those fighting big oil companies to get the truth out about global warming. The post 2 Environmentalists Who Were Targeted by a Hacking Network Say the Publi…SECURITYWEEK.COM
17 NovUS Teen Pleads Guilty to Credential Stuffing Attack on Fantasy Sports WebsiteWisconsin teenager Joseph Garrison has admitted in court to launching a credential stuffing attack on a betting website. The post US Teen Pleads Guilty to Credential Stuffing Attack on Fantasy Sports Website appeared first on SecurityWeek .SECURITYWEEK.COM
17 NovFCC Tightens Telco Rules to Combat SIM-SwappingUnder the new rules, wireless carriers are required to notify customers of any SIM transfer requests, a measure designed to thwart fraudulent attempts by cybercriminals. The post FCC Tightens Telco Rules to Combat SIM-Swapping appeared first on SecurityWeek .SECURITYWEEK.COM
17 NovResearchers Dive Into Activities of Indian Hack-for-Hire Firm AppinResearchers uncover the activities of Appin, a hack-for-hire Indian firm involved in espionage, surveillance, and disruptive attacks. The post Researchers Dive Into Activities of Indian Hack-for-Hire Firm Appin appeared first on SecurityWeek .SECURITYWEEK.COM
17 NovKey GOP Lawmaker Calls for Renewal of Surveillance Tool as He Proposes Changes to Protect PrivacyThe Republican chairman of the House Intelligence Committee has called for the renewal of a key US government surveillance tool as he proposed a series of changes aimed at safeguarding privacy. The post Key GOP Lawmaker Calls for Renewal of Surveillance Tool as He Proposes Change…SECURITYWEEK.COM
17 NovIsraeli Man Who Made $5M From Hacking Scheme Sentenced to Prison in USAviram Azari, an Israeli man who made nearly $5 million from a hacking scheme, has been sentenced to 80 months in prison in the US. The post Israeli Man Who Made $5M From Hacking Scheme Sentenced to Prison in US appeared first on SecurityWeek .SECURITYWEEK.COM
17 NovWeekly Update 374Presently sponsored by: Identity theft isn’t cheap. Secure your family with Aura the #1 rated proactive protection that helps keep you safe online. Get started. Think about it like this: in 2015, we all lost our proverbial minds at the idea of the Kazakhstan government mandating …TROYHUNT.COM
17 NovDiscover 2023's Cloud Security Strategies in Our Upcoming Webinar - Secure Your SpotIn 2023, the cloud isn't just a technology—it's a battleground. Zenbleed, Kubernetes attacks, and sophisticated APTs are just the tip of the iceberg in the cloud security warzone. In collaboration with the esteemed experts from Lacework Labs, The Hacker News proudly presents an e…THEHACKERNEWS.COM
17 Nov27 Malicious PyPI Packages with Thousands of Downloads Found Targeting IT ExpertsAn unknown threat actor has been observed publishing typosquat packages to the Python Package Index (PyPI) repository for nearly six months with an aim to deliver malware capable of gaining persistence, stealing sensitive data, and accessing cryptocurrency wallets for financial g…THEHACKERNEWS.COM
17 NovPhishing page with trivial anti-analysis features, (Fri, Nov 17th)Anti-analysis features in phishing pages – especially in those, which threat actors send out as e-mail attachments – are nothing new[ 1 , 2 ]. Nevertheless, sometimes the way that these mechanisms are implemented may still leave…ISC.SANS.EDU
17 NovISC Stormcast For Friday, November 17th, 2023 https://isc.sans.edu/podcastdetail/8750, (Fri, Nov 17th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
17 NovQR Code Phishing Attacks SurgingThe massive uptick in QR Code phishing is an indicator that scammers are seeing success in taking victims from the initial attack medium to one under the attacker’s control.KNOWBE4.COM
17 Nov[Keynote Announcement] See Rachel Tobac at KB4-CON 2024!We can’t keep this a secret any longer! Rachel Tobac will be joining us live at KB4-CON 2024, happening in Orlando, Florida March 4-6. She’s an ethical hacker and three time winner of DEF CON's Social Engineering Capture the Flag contest.KNOWBE4.COM
17 NovHacker Receives 18-Month Prison for Running Dark Web ForumIn a momentous development in cybersecurity, Thomas Kennedy McCormick, alias “fubar,” a resident of Cambridge, Massachusetts, has been sentenced to 18 months imprisonment for masterminding a racketeering conspiracy within the infamous Darkode hacking forum. The intric…GBHACKERS.COM
17 NovHardwear.io USA 2023 - 14 videossubmitted by ashar to security_cpe 1 points | 0 comments https://infosec.pub/pictrs/image/5b0b394f-491e-48d3-82c6-a2261fed4260.png Hardwear.io was conceptualized to provide the hardware & security community with a platform exclusively focusing on discussing & solving hard…INFOSEC.PUB
17 NovWTF website certificates chain of trust...submitted by Rick_C137 to security -6 points | 9 comments Hi, If you don’t know how work the chain of trust for the http S You might want to watch this video invidious.privacydev.net/watch?v=qXLD2UHq2vk ( if you know a better one I’m all ears ) So in my point of view this system …PROGRAMMING.DEV
17 NovDIALStranger: my research about DIAL protocol vulnerabilities is public after 4 yearssubmitted by L4s to secops 6 points | 0 comments https://github.com/yunuscadirci/DIALStranger DIALStranger: my research about DIAL protocol vulnerabilities is public after 4 years::details about DIAL protocol vulnerabilities . Contribute to yunuscadirci/DIALStranger development b…GITHUB.COM
🌐 CYBER THREAT LANDSCAPE 1[−]
📡 INFOSEC NEWS 8[−]
17 NovEmail Security Best Practices for Phishing PreventionTrend Micro Research reported a 29% growth in phishing attacks blocked and detected in 2022. Explore the latest phishing trends and email security best practices to enhance your email security and reduce cyber risk.TRENDMICRO.COM
17 NovBots Target Retailers for Black Friday BargainsDid automation targeting retail companies rise towards Black Friday 2022?F5.COM
17 NovBloomberg Crypto X account snafu leads to Discord phishing attackThe official Twitter account for Bloomberg Crypto was used earlier today to redirect users to a deceptive website that stole Discord credentials in a phishing attack. [...]BLEEPINGCOMPUTER.COM
17 NovBangladesh's NTMC Exposed Database Containing Personal Information to Open WebThe National Telecommunication Monitoring Centre in Bangladesh exposed a database containing extensive personal information, including names, phone numbers, and passport details.THEFINANCIALEXPRESS.COM.BD
17 Nov27 Malicious PyPI Packages with Thousands of Downloads Found Targeting IT ExpertsThese malicious packages have been downloaded thousands of times, mainly from the U.S., China, France, and other countries. The attacker used steganography to hide a malicious payload within an innocent-looking image fileTHEHACKERNEWS.COM
17 NovBots Target Retailers for Black Friday BargainsDid automation targeting retail companies rise towards Black Friday 2022?F5.COM
17 NovBots Target Retailers for Black Friday BargainsDid automation targeting retail companies rise towards Black Friday 2022?F5.COM