🚨 CISA KEV 2[−]
21 Nov KEV#StopRansomware: LockBit 3.0 Ransomware Affiliates Exploit CVE 2023-4966 Citrix Bleed VulnerabilitySUMMARY Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically …CISA.GOV
21 Nov KEVCISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2023-4911 GNU C Library Buffer Overflow Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 3[−]
21 NovEmail Security Flaw Found in the WildGoogle’s Threat Analysis Group announced a zero-day against the Zimbra Collaboration email server that has been used against governments around the world. TAG has observed four different groups exploiting the same bug to steal email data, user credentials, and authenticatio…SCHNEIER.COM
21 NovMAR-10478915-1.v1 Citrix BleedNotification This report is provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained herein. The DHS does not endorse any commercial product or service referenced in…CISA.GOV
21 NovCISA, FBI, MS-ISAC, and ASD’s ACSC Release Advisory on LockBit Affiliates Exploiting Citrix BleedToday, the Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), Multi-State Information Sharing & Analysis Center (MS-ISAC), and Australian Signals Directorate’s Australian Cyber Security Center (ASD’s ACSC) released a joint Cybersecurit…CISA.GOV
⚠️ VULNERABILITY DISCLOSURE 13[−]
21 NovTop 10 tips to protect your privacy and safety during the online shopping season and beyondDigital pick pockets are ready to pounce so use these Sophos security practices on Cyber Monday – and every other day too.SOPHOS.COM
21 NovHacktivists breach U.S. nuclear research lab, steal employee dataThe Idaho National Laboratory (INL) confirms they suffered a cyberattack after 'SiegedSec' hacktivists leaked stolen human resources data online. [...]BLEEPINGCOMPUTER.COM
21 NovHow Multi-Stage Phishing Attacks Exploit QRs, CAPTCHAs, and SteganographyPhishing attacks are steadily becoming more sophisticated, with cybercriminals investing in new ways of deceiving victims into revealing sensitive information or installing malicious software. One of the latest trends in phishing is the use of QR codes, CAPTCHAs, and steganograph…THEHACKERNEWS.COM
21 NovKinsing Hackers Exploit Apache ActiveMQ Vulnerability to Deploy Linux RootkitsThe Kinsing threat actors are actively exploiting a critical security flaw in vulnerable Apache ActiveMQ servers to infect Linux systems with cryptocurrency miners and rootkits. "Once Kinsing infects a system, it deploys a cryptocurrency mining script that exploits the host's res…THEHACKERNEWS.COM
21 NovCISA Releases Five Industrial Control Systems AdvisoriesCISA released five Industrial Control Systems (ICS) advisories on November 21, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-325-01 WAGO PFC200 Series ICSA-23-325-02 Fuji Electric Tellus Lit…CISA.GOV
21 NovAT&T’s mysterious MSSP spinoff could have upsides for its security consulting businessTelecom giant AT&T’s move to say adieu to a significant wing of its managed security services provider unit is essentially a bid to allow the team’s consulting services to grow, according to industry analysts. The newly independent group, announced by AT&T last week, will…CSOONLINE.COM
21 NovMOVEit carnage continues with over 2600 organizations and 77M people impacted so farAbout 2,620 organizations and 77.2 million people have been impacted by the hacking of file transfer service MOVEit since May earlier this year, according to New Zealand-based cybersecurity firm Emsisoft . Russian-linked ransomware group Clop had claimed responsibility for the at…CSOONLINE.COM
21 NovThe alarming rise of quishing is a red flag for CISOsQR codes have become a useful tool in the arsenal of bad actors looking to penetrate barriers to access because they're easy to incorporate into attacks, difficult to detect and prevent, and good at fooling users into giving up credentials. Fortunately, there are effective steps …CSOONLINE.COM
21 NovThe SSO tax is killing trust in the security industryWe hate asking an organization we are helping secure to pay the single sign-on (SSO) tax. For those not familiar with the phrase, it refers to the license upgrade fee that many cloud software applications charge for unlocking the functionality needed to integrate with an SSO prov…CSOONLINE.COM
21 NovAll in One CISO: There Is Nothing We Can't Do - Jessica Hoffman - CSP #149As a CISO, the opportunities we must positively cultivate the cybersecurity landscape for our organizations are endless. From driving projects to implementing innovative technologies to strengthening basic cybersecurity hygiene, reshaping the organization's culture, protecting fr…YOUTUBE.COM
21 NovBeyond the AWS Security Maturity Roadmap - fwd:cloudsec - Rami McCarthy - 28 minutessubmitted by ashar to security_cpe 2 points | 0 comments https://infosec.pub/pictrs/image/c131f2fb-b032-47b2-8fa6-af94838b8f00.png Scott (Piper)’s AWS Security Maturity Roadmap is the definitive resource for cloud-native companies to build a security program and posture in AWS. I…INFOSEC.PUB
21 NovOMGCICD - Attacking GitLab CI/CD via Shared Runnerssubmitted by L4s to secops 2 points | 0 comments https://pulsesecurity.co.nz/articles/OMGCICD-gitlab OMGCICD - Attacking GitLab CI/CD via Shared Runners::This article discusses compromising shared CI/CD runner infrastructure, and how an attacker can escalate their privileges from…PULSESECURITY.CO.NZ
21 NovMOVEit victim count latest: 2.6K+ orgs, 77M+ peoplesubmitted by c0mmando to netsec 8 points | 2 comments https://www.theregister.com/2023/11/20/moveit_victim_77m_medical/ According to security shop Emsisoft, 2,620 organizations and more than 77 million individuals have been impacted to date, with millions in the past week alone h…THEREGISTER.COM
📢 SECURITY ADVISORIES 2[−]
21 NovCISA Offering Free Cybersecurity Services to Non-Federal Critical Infrastructure EntitiesNew CISA pilot program brings cutting-edge cybersecurity services to critical infrastructure entities that need support. The post CISA Offering Free Cybersecurity Services to Non-Federal Critical Infrastructure Entities appeared first on SecurityWeek .SECURITYWEEK.COM
21 NovNews alert: Qualys unveils ‘Enterprise TruRisk Platform’ to help businesses eliminate cyber risksFoster City, Calif., Nov. 21, 2023 — Qualys , a cloud-based IT, security and compliance solutions leader, unveiled its forward-looking vision of the Qualys Enterprise TruRisk Platform on Nov. 8. The announcement was made by president and CEO, Sumedh Thakar … (more…)LASTWATCHDOG.COM
🔥 INCIDENT REPORTING 9[−]
21 NovAuto parts giant AutoZone warns of MOVEit data breachAutoZone is warning tens of thousands of its customers that it suffered a data breach as part of the Clop MOVEit file transfer attacks. [...]BLEEPINGCOMPUTER.COM
21 NovPlay Ransomware Goes Commercial - Now Offered as a Service to CybercriminalsThe ransomware strain known as Play is now being offered to other threat actors "as a service," new evidence unearthed by Adlumin has revealed. "The unusual lack of even small variations between attacks suggests that they are being carried out by affiliates who have purchased the…THEHACKERNEWS.COM
21 NovMustang Panda Hackers Targets Philippines Government Amid South China Sea TensionsThe China-linked Mustang Panda actor has been linked to a cyber attack targeting a Philippines government entity amid rising tensions between the two countries over the disputed South China Sea. Palo Alto Networks Unit 42 attributed the adversarial collective to three campaigns i…THEHACKERNEWS.COM
21 NovCompromised Bloomberg Crypto Channel Phishes for Thousands of Discord Users' Login DetailsScammers are using a compromised X (formerly Twitter) account belonging to Bloomberg Crypto to send users to a phishing site designed to steal Discord credentials, BleepingComputer reports.KNOWBE4.COM
21 Nov73% of Organizations Affected by Ransomware Attacks Globally in 2023, According to StatistaI recently wrote about how 1 in 34 organizations globally has experienced an attempted ransomware attack. But that statistic doesn’t provide enough context around the impact felt by the organizations that do business in one form or another with those that are attacked. &nbs…KNOWBE4.COM
21 NovFormer Infosec COO Pleads Guilty for Hacking HospitalsFormer COO of the Atlanta-based cybersecurity company Securolytics, Vikas Singla, launched a series of cyberattacks on the non-profit healthcare organization Gwinnett Medical Center (GMC), which has locations in Lawrenceville and Duluth, Georgia. GMC suffered a financial loss of …GBHACKERS.COM
21 NovGreater Paris wastewater agency dealing with cyberattacksubmitted by c0mmando to netsec 12 points | 0 comments https://therecord.media/paris-wastewater-agency-hit-cyberattack The organization that manages wastewater for nine million people in and around Paris was hit with a cyberattack on Friday. Service public de l’assainissement fra…THERECORD.MEDIA
🕵️ THREAT INTELLIGENCE 10[−]
21 NovLLM Security Startup Lasso Emerges From Stealth ModeLasso Security raises $6 million in seed funding to tackle cyber threats to secure generative AI and large language model algorithms. The post LLM Security Startup Lasso Emerges From Stealth Mode appeared first on SecurityWeek .SECURITYWEEK.COM
21 NovCyberheistNews Vol 13 #47 [Heads Up] FBI Warning: How Callback Phishing Makes It Past All Your FiltersKNOWBE4.COM
21 NovNew Phishing Attack Hijacks Email Thread to Inject Malicious URLResearchers discovered a new campaign delivering DarkGate and PikaBot that employs strategies similar to those employed in QakBot phishing attempts. This operation sends out a large number of emails to a variety of industries, and because the malware transmitted has loader capabi…GBHACKERS.COM
21 NovTravel Security - SDL - SWN VaultRuss runs the show solo with the absence of Dr. Doug to talk about Travel Security! He explains different aspects such as Personal Security, Asset Security, and Digital Security! Traveling is a lot of fun, but also requires a lot of responsibility. Don't be intimidated, use commo…YOUTUBE.COM
21 NovTraining Tuesday - Discussions for certs, training and learning-at-homesubmitted by shellsharks to cybersecurity 4 points | 2 comments Weekly thread to discuss industry certifications, trainings and other courses/learning. Ask questions, share your experiences and help others!INFOSEC.PUB
21 NovWICCON Security Conference 2023 - 14 videossubmitted by ashar to security_cpe 1 points | 0 comments https://infosec.pub/pictrs/image/7c162882-e4ab-4dac-a41d-02373f4540f5.png WICCON 2023 playlist 14 videos Schedule from website WICCON RECOGNIZES AND SHOWCASES WOMEN’S SUCCESS IN THE CYBERSECURITY FIELD. WE WANT TO INSPIRE T…INFOSEC.PUB
21 Novfwd:cloudsec 2023 - 34 videossubmitted by ashar to security_cpe 3 points | 0 comments https://infosec.pub/pictrs/image/2941e3a8-a2b3-4248-8ac0-e8af24d29143.png fwd:cloudsec is a non-profit conference on cloud security. June 12-13, 2023 in Anaheim, CA Playlist Abstracts and Speaker bios #CPE #InfosecINFOSEC.PUB
21 NovThe Ticking Supply Chain Attack Bomb of Exposed Kubernetes Secretssubmitted by L4s to secops 1 points | 1 comments https://blog.aquasec.com/the-ticking-supply-chain-attack-bomb-of-exposed-kubernetes-secrets The Ticking Supply Chain Attack Bomb of Exposed Kubernetes Secrets::Aqua Nautilus researchers found exposed Kubernetes secrets that pose a …AQUASEC.COM
21 NovMicrosoft named a Leader in 2023 Gartner® Magic Quadrant™ for Access Management for the 7th yearMicrosoft recognized for the seventh straight year as a Leader in 2023 Gartner® Magic Quadrant™ for Access Management. The post Microsoft named a Leader in 2023 Gartner® Magic Quadrant™ for Access Management for the 7th year appeared first on Microsoft Security Blog .MICROSOFT.COM
21 NovSocial engineering attacks lure Indian users to install Android banking trojansMicrosoft has observed ongoing activity from mobile banking trojan campaigns targeting users in India with social media messages and malicious applications designed to impersonate legitimate organizations and steal users’ information for financial fraud scams. The post Social eng…MICROSOFT.COM
🌐 CYBER THREAT LANDSCAPE 4[−]
21 NovMalware dev says they can revive expired Google auth cookiesThe Lumma information-stealer malware (aka 'LummaC2') is promoting a new feature that allegedly allows cybercriminals to restore expired Google cookies, which can be used to hijack Google accounts. [...]BLEEPINGCOMPUTER.COM
21 NovNew Agent Tesla Malware Variant Using ZPAQ Compression in Email AttacksA new variant of the Agent Tesla malware has been observed delivered via a lure file with the ZPAQ compression format to harvest data from several email clients and nearly 40 web browsers. "ZPAQ is a file compression format that offers a better compression ratio and journaling fu…THEHACKERNEWS.COM
21 NovMalicious Apps Disguised as Banks and Government Agencies Targeting Indian Android UsersAndroid smartphone users in India are the target of a new malware campaign that employs social engineering lures to install fraudulent apps that are capable of harvesting sensitive data. “Using social media platforms like WhatsApp and Telegram, attackers are sending messages desi…THEHACKERNEWS.COM
📡 INFOSEC NEWS 7[−]
21 NovMicrosoft now rolling out Copilot to Windows 10 devicesMicrosoft is now rolling out the Copilot AI assistant to eligible non-managed systems enrolled in the Windows Insider program and running Windows 10 22H2 Home and Pro editions. [...]BLEEPINGCOMPUTER.COM
21 NovMicrosoft launches Defender Bounty Program with $20,000 rewardsMicrosoft has unveiled a new bug bounty program aimed at the Microsoft Defender security platform, with rewards between $500 and $20,000. [...]BLEEPINGCOMPUTER.COM
21 Nov3 skills could make or break your cybersecurity career in the generative AI eraWhile many employers emphasize problem-solving skills in job descriptions, the ability to think outside the box is imperative in cybersecurity. © 2023 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
21 NovAccelerating Security Risk ManagementIn response to the expanding attack surface, Mike Milner, Trend Micro VP of Cloud Technology, explores the role security risk management plays in this new era of cybersecurity and how IT leaders are accelerating innovation.TRENDMICRO.COM
21 NovIntroducing the Microsoft Defender Bounty ProgramWe are excited to announce the new Microsoft Defender Bounty Program with awards of up to $20,000 USD. The Microsoft Defender brand encompasses a variety of products and services designed to enhance the security of the Microsoft customer experience. The Microsoft Defender Bounty …MSRC.MICROSOFT.COM
21 NovFuel for thought: Can a driverless car get arrested?What happens when problems caused by autonomous vehicles are not the result of errors, but the result of purposeful attacks?WELIVESECURITY.COM