98Articles
7Categories
2023-11-28Date
🐛 COMMON VULNERABILITIES AND EXPOSURES 4[−]
28 NovHackers start exploiting critical ownCloud flaw, patch nowHackers are exploiting a critical ownCloud vulnerability tracked as CVE-2023-49103 that exposes admin passwords, mail server credentials, and license keys in containerized deployments. [...]BLEEPINGCOMPUTER.COM
28 NovCritical Vulnerability Found in Ray AI FrameworkCVE-2023-48023 is rooted in the fact that, in its default configuration, Ray does not enforce authentication, and does not appear to support any type of authorization model.SECURITYWEEK.COM
⚠️ VULNERABILITY DISCLOSURE 33[−]
28 NovHow a digital design firm navigated its SOC 2 auditIn today’s rapidly evolving digital landscape, artificial intelligence (AI) is a driving force behind innovation. However, AI's true potential hinges not only on technological prowess but also on the insight and foresight of designers and strategists. These professionals ensure t…CSOONLINE.COM
28 NovPolice dismantle ransomware group behind attacks in 71 countriesIn cooperation with Europol and Eurojust, law enforcement agencies from seven nations have arrested in Ukraine the core members of a ransomware group linked to attacks against organizations in 71 countries. [...]BLEEPINGCOMPUTER.COM
28 NovArdent Hospitals Diverting Patients Following Ransomware AttackRansomware attack forces Ardent hospitals to shut down systems, impacting clinical and financial operations. The post Ardent Hospitals Diverting Patients Following Ransomware Attack appeared first on SecurityWeek .SECURITYWEEK.COM
28 NovStop Identity Attacks: Discover the Key to Early Threat DetectionIdentity and Access Management (IAM) systems are a staple to ensure only authorized individuals or entities have access to specific resources in order to protect sensitive information and secure business assets. But did you know that today over 80% of attacks now involve identity…THEHACKERNEWS.COM
28 NovHackers Can Exploit 'Forced Authentication' to Steal Windows NTLM TokensCybersecurity researchers have discovered a case of "forced authentication" that could be exploited to leak a Windows user's NT LAN Manager (NTLM) tokens by tricking a victim into opening a specially crafted Microsoft Access file. The attack takes advantage of a legitimate featur…THEHACKERNEWS.COM
28 NovHow Hackers Phish for Your Users' Credentials and Sell ThemAccount credentials, a popular initial access vector, have become a valuable commodity in cybercrime. As a result, a single set of stolen credentials can put your organization’s entire network at risk. According to the 2023 Verizon Data Breach Investigation Report, external parti…THEHACKERNEWS.COM
28 NovKey Cybercriminals Behind Notorious Ransomware Families Arrested in UkraineA coordinated law enforcement operation has led to the arrest of key individuals in Ukraine who are alleged to be a part of several ransomware schemes. "On 21 November, 30 properties were searched in the regions of Kyiv, Cherkasy, Rivne, and Vinnytsia, resulting in the arrest of …THEHACKERNEWS.COM
28 NovAbusing Microsoft Access "Linked Table" Feature to Perform NTLM Forced Authentication AttacksAn attacker can set up a server that they control, listening on port 80, and put its IP address in the above “server alias” field. Then they can send the database file, including the linked table, to the victim.RESEARCH.CHECKPOINT.COM
28 NovNorth Korean hackers mix code from proven malware campaigns to avoid detectionNorth Korean threat actors behind two major macOS-targeting malware strains of 2023 -- RustBucket and KandyKorn -- have been found mixing the elements of these disparate attacks to evade detection, according to a SentinelOne study. The new technique leverages the RustBucket dropp…CSOONLINE.COM
28 NovDesign Flaw in Google Workspace Could Let Attackers Gain Unauthorized AccessCybersecurity researchers have detailed a "severe design flaw" in Google Workspace's domain-wide delegation (DWD) feature that could be exploited by threat actors to facilitate privilege escalation and obtain unauthorized access to Workspace APIs without super admin privileges. "…THEHACKERNEWS.COM
28 NovCritical Vulnerability Found in Ray AI FrameworkA critical issue in open source AI framework Ray could provide attackers with operating system access to all nodes. The post Critical Vulnerability Found in Ray AI Framework appeared first on SecurityWeek .SECURITYWEEK.COM
28 NovChinese Hackers Stolen Chip Designs from Major Dutch Semiconductor CompanyHackers target chips to exploit vulnerabilities in hardware, enabling unauthorized access to systems or extracting sensitive data. The Norwegian news agency NRC reported that a Chinese-linked hacker group, a Dutch semiconductor giant, recently breached the NXP’s network. Ma…GBHACKERS.COM
28 NovHackers Behind High-Profile Ransomware Attacks on 71 Countries ArrestedHackers launched ransomware attacks to extort money from the following two entities by encrypting their data and demanding a ransom payment for its release:- Here, cryptocurrency payments’ financial motivation and relative anonymity make them an attractive method for hacker…GBHACKERS.COM
28 NovEuropol arrest hackers allegedly behind string of ransomware attacksEuropol and its international law enforcement partners have arrested five individuals who authorities accuse of involvement in a string of ransomware attacks affecting more than 1,800 victims worldwide. The arrested individuals, which include the criminal gang’s ringleader, 32, a…TECHCRUNCH.COM
28 NovExploitation of Critical ownCloud Vulnerability BeginsThreat actors have started exploiting a critical ownCloud vulnerability leading to sensitive information disclosure. The post Exploitation of Critical ownCloud Vulnerability Begins appeared first on SecurityWeek .SECURITYWEEK.COM
28 NovPalo Alto Networks Advises U.S. Government on AI and CybersecurityTestimony before the Energy and Commerce Committee in the House of Representatives on the critical role of artificial intelligence (AI) in cybersecurity defense. The post Palo Alto Networks Advises U.S. Government on AI and Cybersecurity appeared first on Palo Alto Networks Blog …PALOALTONETWORKS.COM
28 NovDeleFriend: Severe Design Flaw in Domain-Wide Delegation Could Leave Google Workspace Vulnerable to TakeoverThe vulnerability is rooted in the fact that a domain delegation configuration is determined by the service account resource identifier (OAuth ID), and not the specific private keys associated with the service account identity object.HUNTERS.SECURITY
28 NovCISA Releases Four Industrial Control Systems AdvisoriesCISA released four Industrial Control Systems (ICS) advisories on November 28, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-331-01 Delta Electronics InfraSuite Device Master ICSA-23-331-02 …CISA.GOV
28 NovDesign Flaw in Domain-Wide Delegation Could Leave Google Workspace Vulnerable to Takeover – HuntersBOSTON, MASS. and TEL AVIV, ISRAEL, November 28, 2023 – A severe design flaw in Google Workspace’s domain-wide delegation feature discovered by threat hunting experts from Hunters’ Team Axon, can allow attackers to misuse existing delegations, enabling privilege escal…GBHACKERS.COM
28 NovNews alert: Hunters’ Team Axon discloses severe privilege escalation flaw in Google WorkspaceBoston, Mass. and Tel Aviv, Israel, Nov. 28, 2023 –A severe design flaw in Google Workspace’s domain-wide delegation feature discovered by threat hunting experts from Hunters’ Team Axon , can allow attackers to misuse existing delegations, enabling privilege escalatio…LASTWATCHDOG.COM
28 NovMapping Access - and Attack - Paths in Active DirectoryA directory service should be a "source of truth," said Justin Kohler, vice president of products at Spector Ops. But when users are overprivileged or misconfigurations occur, that creates attack hubs. Kohler discusses BloodHound, a solution he says is like Google Maps for Active…DATABREACHTODAY.CO.UK
28 NovFuzzer-V: New project for Fuzzing Hyper-V VSP's using Intel Processor Trace (IPT) for code coverage guided fuzzing, built upon WinAFL, winipt, HAFL1, and Microsoft’s IPT.sys.submitted by L4s to secops 1 points | 0 comments https://www.cyberark.com/resources/threat-research-blog/fuzzer-v Fuzzer-V: New project for Fuzzing Hyper-V VSP’s using Intel Processor Trace (IPT) for code coverage guided fuzzing, built upon WinAFL, winipt, HAFL1, and Microsoft’s …CYBERARK.COM
28 NovCritics of Serbia’s government targeted with ‘military-grade spyware’The Serbians had been targeted about a minute apart from each other on or about 16 August 2023. Researchers discovered traces of the attempted attack, which sought to take advantage of a possible vulnerability in iPhone’s HomeKit application.THEGUARDIAN.COM
28 NovGoTitan Botnet - Ongoing Exploitation on Apache ActiveMQThe attacker initiates a connection to ActiveMQ through the OpenWire protocol, typically on port 61616. By transmitting a crafted packet, the attacker triggers the system to unmarshal a class under their control.FORTINET.COM
28 NovStarting with Appsec -- Is It More of a Position or a Process? - ASW #264This year we've talked about vulns, clouds, breaches, presentations, and all the variations of Dev, Sec, and Ops. As we end the year, let's talk about starting things -- like starting an appsec program or an appsec career. But is there still a need for an appsec team? Or has it t…YOUTUBE.COM
28 NovGoogle Chrome emergency update fixes 5th zero-day exploited in 2023Google has fixed the fifth Chrome zero-day vulnerability this year in an emergency security update released today to counter ongoing exploitation in attacks. [...]BLEEPINGCOMPUTER.COM
28 NovGoogle Chrome emergency update fixes 6th zero-day exploited in 2023Google has fixed the sixth Chrome zero-day vulnerability this year in an emergency security update released today to counter ongoing exploitation in attacks. [...]BLEEPINGCOMPUTER.COM
28 NovThanksgiving Day Attack on Ardent Health Serving LeftoversDid Ransomware Attack on Regional Hospital Chain Involve a Citrix Bleed Exploit? Patient services - including emergency care and telehealth appointments - are still affected at dozens of hospitals and other care facilities in several states operated by Ardent Health Services as t…DATABREACHTODAY.CO.UK
28 NovGenerative AI Technology Leads AWS Agenda at re:Invent 2023CEO Adam Selipsky Unveils AI Assistant, Projects With Salesforce, NVIDIA, Anthropic In an effort to upstage Microsoft in the AI space, AWS CEO Adam Selipsky invited NVIDIA CEO Jensen Huang and Dario Amodei, co-founder of Anthropic, to share the stage at AWS re:Invent 2023. Selips…DATABREACHTODAY.CO.UK
28 NovExploitation of Unitronics PLCs used in Water and Wastewater SystemsCISA is responding to active exploitation of Unitronics programmable logic controllers (PLCs) used in the Water and Wastewater Systems (WWS) Sector . Cyber threat actors are targeting PLCs associated with WWS facilities, including an identified Unitronics PLC, at a U.S. water fac…CISA.GOV
28 NovForrester names Microsoft Intune a Leader in the 2023 Forrester Wave™ for Unified Endpoint ManagementThe Forrester Wave™: Unified Endpoint Management, Q4 2023 report recognizes Intune as a leader. Find out how it helps secure systems and simplify management, reduces costs, and frees up resources for creativity and innovation. The post Forrester names Microsoft Intune a Leader in…MICROSOFT.COM
28 NovNews alert: AppDirect poll reveals company leaders losing sleep over cyber risks, complianceSan Francisco, Calif., Nov. 28, 2023 – AppDirect , the world’s leading B2B subscription commerce platform, today released key findings from its IT Business Leaders 2024 Outlook Report . The study, conducted by independent research firm Propeller Insights, dives into ……LASTWATCHDOG.COM
📢 SECURITY ADVISORIES 4[−]
28 NovTransform Your Data Security Posture – Learn from SoFi's DSPM SuccessAs cloud technology evolves, so does the challenge of securing sensitive data. In a world where data duplication and sprawl are common, organizations face increased risks of non-compliance and unauthorized data breaches. Sentra's DSPM (Data Security Posture Management) emerges as…THEHACKERNEWS.COM
28 NovAmazon’s AWS Control Tower aims to help secure your data’s bordersAmazon's AWS Control Tower system, designed to let users more easily manage complicated cloud environments with multiple accounts and wide arrays of services, now has 65 new controls and rule sets aimed at managing digital sovereignty concerns. The new controls, which the company…CSOONLINE.COM
28 NovIranian Hacking Group Attacks Pennsylvania Water AuthorityCISA Investigating Iranian Hacking Group Attack on Pennsylvania Water Authority The U.S. Cybersecurity and Infrastructure Security Agency is investigating a cyberattack from an Iranian hacking group known as "Cyber Av3ngers" that targeted a small municipal water authority in Penn…DATABREACHTODAY.CO.UK
🔥 INCIDENT REPORTING 15[−]
28 NovWhat a Failed Attack Against ColdFusion Revealed About Ransomware Tools and TacticsFollowing the trail of telemetry left behind, the Sophos researchers found the attackers had left directory listings enabled on the web server hosting their repository of tools. This enabled the researchers to explore the materials.SCMAGAZINE.COM
28 NovPolice Bust Suspected Ransomware Group Ringleader in Ukraine5 Suspects Arrested; Group Tied to Ransomware Attacks Against 1,800 Victims Police have arrested a group of criminals in Ukraine, including their alleged ringleader, who they suspect launched ransomware attacks against organizations across 71 countries, amassing at least 1,800 vi…DATABREACHTODAY.CO.UK
28 NovSlovenia's Largest Power Provider HSE Hit by Ransomware AttackReportedly, the ransomware operators breached HSE by stealing passwords for HSE's systems from an unprotected cloud storage instance. So far, the organization has not received a ransom demand but stated that it might be too early for this.BLEEPINGCOMPUTER.COM
28 NovEthyrial: Echoes of Yore hacked! 17,000 game accounts "lost"All 17,000 user accounts and characters have been lost in this hack. BUT We will personally, manually restore every item, level, title, pet, etc. that was lost during this event when the servers are back up.BITDEFENDER.COM
28 NovPolice Dismantle Major Ukrainian Ransomware OperationPolice from several countries have dismantled a major Ukraine-based ransomware operation and arrested its alleged ringleader. The post Police Dismantle Major Ukrainian Ransomware Operation appeared first on SecurityWeek .SECURITYWEEK.COM
28 NovID Theft Service Resold Access to USInfoSearch DataOne of the cybercrime underground's more active sellers of Social Security numbers, background and credit reports has been pulling data from hacked accounts at the U.S. consumer data broker USinfoSearch, KrebsOnSecurity has learned.KREBSONSECURITY.COM
28 NovHospital Chain Hit With Ransomware AttackArdent proactively took its network offline, suspending all user access. Some facilities are rescheduling non-emergent, elective procedures and diverting some emergency room patients to other area hospitals until systems are back online.HEALTHCAREINFOSECURITY.COM
28 NovDP World confirms data stolen in cyberattack, no ransomware usedInternational logistics giant DP World has confirmed that data was stolen during a cyber attack that disrupted its operations in Australia earlier this month. However, no ransomware payloads or encryption was used in the attack. [...]BLEEPINGCOMPUTER.COM
28 NovHackers Spent Over Two Years Stealing Secrets of Chipmaker NXPThe breach wasn’t uncovered until Chimera intruders were detected in a separate company network that connected to compromised NXP systems on several occasions. Details of the breach remained a closely guarded secret until now.ARSTECHNICA.COM
28 NovHealthcare Giant Henry Schein Hit Twice by BlackCatThe BlackCat ransomware gang added Henry Schein to its dark web leak site, saying it breached the company's network and allegedly stole 35 terabytes of sensitive data. It re-encrypted the company's devices after negotiations faltered.BLEEPINGCOMPUTER.COM
28 NovQilin ransomware claims attack on automotive giant YanfengThe Qilin ransomware group has claimed responsibility for a cyber attack on Yanfeng Automotive Interiors (Yanfeng), one of the world's largest automotive parts suppliers. [...]BLEEPINGCOMPUTER.COM
28 NovDP World Says Australian Employee Data Stolen in AttackStevedore Says No Ransomware Found in Attack That Disrupted Australian Shipping A cyber incident that incapacitated four major Australian ports for days also resulted in the theft by hackers of employee data, the port operator said Tuesday. Hackers obtained personal information o…DATABREACHTODAY.CO.UK
28 NovLockBit claims cyberattack on India’s national aerospace labThe notorious ransomware gang LockBit has claimed responsibility for a cyberattack targeting India’s state-owned aerospace research lab. On Wednesday, LockBit added the National Aerospace Laboratories (NAL) to its dark web leak site, which ransomware gangs use to extort vic…TECHCRUNCH.COM
28 NovApparent GE Hack Raises National Security ConcernsProminent Threat Actor Advertises Access to GE's Military Projects General Electric says it is aware of claims made by "a bad actor" about gaining unauthorized access to its sensitive data and taking "appropriate measures to help protect the integrity of our systems" after a hack…DATABREACHTODAY.CO.UK
🕵️ THREAT INTELLIGENCE 23[−]
28 NovISC Stormcast For Tuesday, November 28th, 2023 https://isc.sans.edu/podcastdetail/8754, (Tue, Nov 28th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
28 NovN. Korean Hackers 'Mixing' macOS Malware Tactics to Evade DetectionThe North Korean threat actors behind macOS malware strains such as RustBucket and KANDYKORN have been observed "mixing and matching" different elements of the two disparate attack chains, leveraging RustBucket droppers to deliver KANDYKORN. The findings come from cybersecurity f…THEHACKERNEWS.COM
28 NovLarge Language Models and The End of Programming - CS50 Tech Talk with Dr. Matt Welsh - 1 hoursubmitted by ashar to security_cpe 1 points | 0 comments https://infosec.pub/pictrs/image/d18b1f66-91c9-4683-bbd6-0be005ac7e2b.png Large Language Models and The End of Programming - CS50 Tech Talk with Dr. Matt Welsh The field of Computer Science is headed for a major upheaval wi…INFOSEC.PUB
28 NovGoogle Drive Users Files Suddenly Disappeared, Tech Gaint InvestigatingIn a perplexing turn of events, a notable cohort of Google Drive users is grappling with the disappearance of files from their accounts. Reports indicate that some users have experienced the loss of crucial data, with instances of up to six months’ worth of work vanishing w…GBHACKERS.COM
28 NovCybercriminals can’t agree on GPTsDespite concern over illicit applications of ChatGPT and similar models, Sophos X-Ops’ exploration of cybercrime forums suggests many threat actors are still skeptical – and wrestling with the same issues and problems as the rest of usSOPHOS.COM
28 NovBroadcom Completes the $61 Billion Acquisition of VMwareBroadcom Inc., a multinational semiconductor manufacturing company headquartered in San Jose, CA, has announced the successful acquisition of VMware in a $61 billion deal. VMware is a top supplier of multi-cloud services for all apps, providing digital innovation with organi…GBHACKERS.COM
28 NovMy Top 7 Cybersecurity Reflections for 2024The digital landscape is evolving at an exponential rate, and with it, the cybersecurity challenges we face.KNOWBE4.COM
28 NovEngineering your GRC program w/ Charles Nwatu from Netflix | S1E2 - 51 minutessubmitted by ashar to security_cpe 1 points | 0 comments https://infosec.pub/pictrs/image/2650d3ea-10f1-45ef-b7d4-fb5c8c7d87df.png Engineering your GRC program w/ Charles Nwatu from Netflix | S1E2 Charles will give us an overview of how GRC can benefit from an engineering mindset…INFOSEC.PUB
28 NovUnified endpoint management for purpose-based devicesAs purpose-built devices become increasingly common, the challenges associated with their unique management and security needs are becoming clear. What are purpose-built devices? Most fall under the category of rugged IoT devices typically used outside of an office environment an…SECURITYINTELLIGENCE.COM
28 NovLos Angeles SIM Swapper Sentenced to 8 Years in PrisonAmir Golshan of Los Angeles was sentenced to 96 months in prison for perpetrating multiple cybercrime schemes. The post Los Angeles SIM Swapper Sentenced to 8 Years in Prison appeared first on SecurityWeek .SECURITYWEEK.COM
28 NovAmazon One Enterprise Enables Palm-Based Access to Physical Locations, Digital AssetsAWS announces Amazon One Enterprise, a palm-based identity service that enables users to easily access physical locations and digital assets. The post Amazon One Enterprise Enables Palm-Based Access to Physical Locations, Digital Assets appeared first on SecurityWeek .SECURITYWEEK.COM
28 NovDo You Really Want to Be a CISO? - Spencer Mott - CSP #150Reaching the level of CISO in a large corporation requires time and determined application as well as aptitude and very specific professional and personal attributes. It's the role against which many security professionals set their career sights without really knowing what they'…YOUTUBE.COM
28 NovChimera, Aliquippa, FNF, Lazarus, DARPA, Namedrop, Google, Aaran Leyland, and More – SWN #344#Chimera, Aliquippa, FNF, Lazarus, #DARPA, Ransom Payments, Namedrop, #Google, Aaran Leyland, and more are on this edition of the Security Weekly News. →Watch Live: https://securityweekly.com/live →Subscribe to our podcasts: https://securityweekly.com/subscribe →Join our communit…YOUTUBE.COM
28 NovThe Final Training Tuesday - Discussions for certs, training and learning-at-homesubmitted by shellsharks to cybersecurity 1 points | 0 comments (Final) Weekly thread to discuss industry certifications, trainings and other courses/learning. Ask questions, share your experiences and help others! NOTE: I’ve decided to sunset this weekly thread. Doesn’t seem lik…INFOSEC.PUB
28 NovUsers Fall for Smishing Attacks 6-10 Times More Than Email-Based AttacksWith organizations heavily focusing on protecting the corporate endpoint, cybercriminals are switching focus onto mobile devices where users are more prone to fall for their social engineering tactics.KNOWBE4.COM
28 NovWho Knew Neanderthals were so High-Tech?Researchers at ESET describe various types of scams launched by users of Telekopye, a telegram bot that assists in crafting social engineering attacks.KNOWBE4.COM
28 NovProofpoint Snags Former VMware President Sumit Dhawan as CEODhawan Is Proofpoint's 3rd CEO Since March 2022; Interim Leader Thomas Back as CFO Proofpoint landed top VMware lieutenant Sumit Dhawan as its new chief executive just days after the cloud and virtualization giant was acquired by Broadcom. The Silicon Valley-based email security …DATABREACHTODAY.CO.UK
28 NovChimera, Aliquippa, FNF, Lazarus, DARPA, Namedrop, Google, Aaran Leyland, and More - SWN #344Chimera, Aliquippa, FNF, Lazarus, DARPA, Ransom Payments, Namedrop, Google, Aaran Leyland, and more are on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-344YOUTUBE.COM
28 NovRandstorm, Nothing Chats, Platform Engineering, PyPI Security Audit - ASW #264Weak randomness in old JavaScript crypto, lack of encryption in purported end-to-end encryption, a platform engineering maturity model, PyPI's first security audit, vision for a Rust specification, and more! Visit https://www.securityweekly.com/asw for all the latest episodes! Sh…YOUTUBE.COM
28 NovDigital Car Keys Are ComingSoon we will be able to unlock and start our cars from our phones . Let’s hope people are thinking about security.SCHNEIER.COM
28 NovSecond Front Raises $40M to Support More Classified NetworksSeries B Funding Will Help Second Front Pursue US Civilian, International Business A vendor focused on fast-tracking government access to commercial software closed its Series B funding round to support more classified and regulated environments. The $40 million will allow Second…DATABREACHTODAY.CO.UK
28 NovCrowdStrike SIEM Demand Rises Amid Cisco-Splunk, Legacy WoesLogScale Reaches $100M ARR As EY Builds 150-Person Practice Around CrowdStrike SIEM Discontent with legacy SIEM offerings and Cisco's proposed acquisition of Splunk has driven "a significant and pronounced increase in interest" in CrowdStrike's SIEM offering. It hit the $100 mill…DATABREACHTODAY.CO.UK
🌐 CYBER THREAT LANDSCAPE 6[−]
28 NovSecuring the software supply chain webinarJoin me, and the experts from JFrog, for a discussion about software supply chain security on December 5 2023.GRAHAMCLULEY.COM
28 NovRisePro Malware Analysis: New Version's C2 CommunicationRisePro, an information-stealing malware, was first detected by cybersecurity firms Flashpoint and Sekoia. It is distributed through fake crack sites operated by the PrivateLoader pay-per-install (PPI) malware distribution service.ANY.RUN
28 NovSMBs Face Surge in "Malware Free" AttacksNotably, 64% of identity-focused attacks SMBs faced in Q3 2023 involved malicious forwarding or other inbox rules, while 24% were associated with logons from unusual or suspicious locations.HELPNETSECURITY.COM
28 NovDPRK Crypto Theft | macOS RustBucket Droppers Pivot to Deliver KandyKorn PayloadsIt begins with a Discord user downloading a malicious Python application, Cross-Platform Bridges.zip. Initially, links to the malware were sent to targets via direct message with the malware hosted on Google Drive.SENTINELONE.COM
28 NovIMPERIAL KITTEN Deploys Novel Malware FamiliesBetween early 2022 and 2023, CrowdStrike Intelligence observed IMPERIAL KITTEN conduct SWC operations with a focus on targeting organizations in the transportation, logistics, and technology sectors.CROWDSTRIKE.COM
📡 INFOSEC NEWS 13[−]
28 Nov'Serial Cybercriminal and Scammer' Jailed for 8 YearsBetween April 2019 and February 2023, Golshan defrauded "hundreds" of people via various online scams and digital account thefts, according to prosecutors. Over the nearly four-year period, he stole about $740,000 from more than 500 people.THEREGISTER.COM
28 NovAWS brings Amazon One palm-scanning authentication to the enterpriseAmazon’s cloud computing subsidiary AWS (Amazon Web Services) has lifted the lid on a new palm-scanning identity service that allows companies to authenticate people when entering physical premises. Amazon One Enterprise, as the service is called, builds on the company̵…TECHCRUNCH.COM
28 NovHow Hackers Phish for Your Users' Credentials and Sell ThemAs phishing and social engineering techniques become more sophisticated and the tools become more readily available, credential theft should become a top security concern for all organizations if it already isn't one.THEHACKERNEWS.COM
28 NoviOS 17 NameDrop privacy scare: What you need to knowWarnings are spreading on social media about NameDrop, a new way for iPhone users to quickly share their contact information with others. Should you be worried, and what should you do about it? Read more in my article on the Hot for Security blog.BITDEFENDER.COM
28 NovUpdate: Daixin Team Claimed the Hack of North Texas Municipal Water DistrictThe Daixin Team group added NTMWD to the list of victims on its Tor leak site. The gang claims to have stolen a huge amount of sensitive data from the company and threatens to publish it.SECURITYAFFAIRS.COM
28 NovMicrosoft shares temp fix for Outlook crashes when sending emailsToday, Microsoft shared a temporary fix for a known issue causing Outlook Desktop to crash when sending emails from Outlook.com accounts. [...]BLEEPINGCOMPUTER.COM
28 NovHow to protect corporate routers and firewalls against hacking | Kaspersky official blogWhy hackers go for routers and firewalls, and what role the device firmware plays in this.KASPERSKY.COM
28 NovNew BLUFFS attack lets attackers hijack Bluetooth connectionsResearchers at Eurecom have developed six new attacks collectively named 'BLUFFS' that can break the secrecy of Bluetooth sessions, allowing for device impersonation and man-in-the-middle (MitM) attacks. [...]BLEEPINGCOMPUTER.COM
28 NovRetail at risk: Top threats facing retailers this holiday seasonWhile it may be too late to introduce wholesale changes to your security policies, it doesn’t hurt to take a fresh look at where the biggest threats are and which best practices can help neutralize themWELIVESECURITY.COM