🐛 COMMON VULNERABILITIES AND EXPOSURES 4[−]
8 DecNew Bluetooth AttackNew attack breaks forward secrecy in Bluetooth. Three news articles : BLUFFS is a series of exploits targeting Bluetooth, aiming to break Bluetooth sessions’ forward and future secrecy, compromising the confidentiality of past and future communications between devices. This…SCHNEIER.COM
8 DecPrivilege elevation exploits used in over 50% of insider attacksElevation of privilege flaws are the most common vulnerability leveraged by corporate insiders when conducting unauthorized activities on networks, whether for malicious purposes or by downloading risky tools in a dangerous manner. [...]BLEEPINGCOMPUTER.COM
8 DecAtlassian Releases Security Advisories for Multiple ProductsAtlassian has released security updates to address vulnerabilities affecting multiple Atlassian products. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following adviso…CISA.GOV
8 DecLogoFAIL attack can inject malware in the firmware of many computersResearchers have devised an attack that exploits serious vulnerabilities in UEFI firmware used by many computer manufacturers to deploy stealthy rootkits that execute in the early stages of the boot-up process beyond the visibility of endpoint security products. The attack involv…CSOONLINE.COM
⚠️ VULNERABILITY DISCLOSURE 17[−]
8 DecALPHV ransomware site outage rumored to be caused by law enforcementA law enforcement operation is rumored to be behind an outage affecting ALPHV ransomware gang's websites over the last 30 hours. [...]BLEEPINGCOMPUTER.COM
8 DecAmazon sues REKK fraud gang that stole millions in illicit refundsAmazon's Customer Protection and Enforcement team has taken legal action against an underground store refund scheme that has resulted in the theft of millions of dollars worth of products from Amazon's online platforms. [...]BLEEPINGCOMPUTER.COM
8 DecFCC Partners With Four States on Privacy and Data Protection EnforcementBy collaborating with state enforcers, the FCC can enhance its investigative efforts, share information, and leverage tools to address consumer harms more effectively in the realm of privacy and cybersecurity.THERECORD.MEDIA
8 DecRussian Military Hackers Target NATO Fast Reaction CorpsRussian APT28 hackers, also known as Fancy Bear, exploited a Microsoft Outlook zero-day vulnerability to target European NATO member countries, including a NATO Rapid Deployable Corps.BLEEPINGCOMPUTER.COM
8 DecHacking the Human Mind: Exploiting Vulnerabilities in the 'First Line of Cyber Defense'Understanding human vulnerabilities and the ways in which attackers manipulate emotions and fundamental traits is crucial for identifying and responding to cybersecurity threats.THEHACKERNEWS.COM
8 DecWordPress 6.4.2 Patches Remote Code Execution VulnerabilityWordPress 6.4.2 patches a flaw that could be chained with another vulnerability to execute arbitrary code. The post WordPress 6.4.2 Patches Remote Code Execution Vulnerability appeared first on SecurityWeek .SECURITYWEEK.COM
8 DecRussian APT Used Zero-Click Outlook ExploitRussian threat actor APT28 has been exploiting a no-interaction Outlook vulnerability in attacks against 14 countries. The post Russian APT Used Zero-Click Outlook Exploit appeared first on SecurityWeek .SECURITYWEEK.COM
8 DecWeekly Update 377Presently sponsored by: Get insights into malware’s behavior with ANY.RUN: instant results, live VM interaction, fresh IOCs, and configs without limit. 10 years later... 🤯 Seriously, how did this thing turn into this?! It was the humblest of beginning with absolutely no e…TROYHUNT.COM
8 DecWordPress Releases Update 6.4.2 to Address Critical Remote Attack VulnerabilityWordPress has released version 6.4.2 with a patch for a critical security flaw that could be exploited by threat actors by combining it with another bug to execute arbitrary PHP code on vulnerable sites. "A remote code execution vulnerability that is not directly exploitable in c…THEHACKERNEWS.COM
8 DecWTH is Modern SOC, Part 1In recent weeks, coincidentally, I’ve had several conversations that reminded me about the confusion related to “modern SOC.” Some of them were public ( example and example ), while others private. One particular person went on a quest through several “leading” companies’ securit…MEDIUM.COM
8 DecExploitation Methods Used by PlugX Malware Revealed by Splunk ResearchPlugX malware is sophisticated in evasion, as it uses the following techniques to avoid detection by antivirus programs, making it challenging for security measures to identify and mitigate its presence:- That’s why PlugX malware stands out as a challenging and evasive malw…GBHACKERS.COM
8 DecTA422 Hackers Attack Organizations Using Outlook & WinRAR VulnerabilitiesHackers exploit Outlook and WinRAR vulnerabilities because these widely used software programs are lucrative targets. Outlook vulnerabilities offer:- WinRAR vulnerabilities provide an entry point to manipulate compressed files, potentially executing malicious code on a vict…GBHACKERS.COM
8 DecGoogle expands minimum security guidelines for third-party vendorsGoogle has upgraded its recommended minimum requirements for securing third-party applications, offering more guidance on managing external bug researchers and lowering the costs for accessing basic security features by baking them into applications by design. Google launched its…CSOONLINE.COM
8 DecVulnerability Management and Disclosure - PSW #809I like how ChatGPT describes this segment: "Picture a dimly lit room filled with the nostalgic hum of old computers and the subtle clinking of ice in glasses as our hosts delve into the intricacies of vulnerability management. These battle-hardened experts peel back the layers of…YOUTUBE.COM
8 DecLessons from 10 years running the first cyber-exclusive investment firm - Bob Ackerman - ESW #342Bob Ackerman argues that, from an investment perspective, cybersecurity is like life sciences - a complex, nuanced field that is difficult field to invest in part-time. So his firm, Allegis Cyber, became one of the first to focus exclusively on investing in cyber startups. In thi…YOUTUBE.COM
📢 SECURITY ADVISORIES 2[−]
8 DecProvenRun Raises $16.2M in Series A FundingThe round was led by Tikehau Capital, through its new vintage of Brienne, its flagship private equity cybersecurity strategy with the French Ministry of Defence’s Definvest fund, managed by Bpifrance.FINSMES.COM
8 DecPhishing Defense: Train Often to Avoid the BaitSurveys, unfortunately, show that the vast majority of organizations do little to no security awareness training . The average organization, if it does security awareness training, does it once annually, likely as part of a compliance program.KNOWBE4.COM
🔥 INCIDENT REPORTING 16[−]
8 DecCyber Security Today, Week in Review for Friday, Dec. 8, 2023This episode features discussion on cyber attacks against OT networks, the discovery of exposed servers with medical images and why outdated Microsoft Exchange servers are still aliveCYBERSECURITYTODAY.LIBSYN.COM
8 DecCyber Security Today, Ransomware is increasingly impacting OT systems, and moreThis episode reports on how hackers break into AWS cloud instances, fake anti-Ukraine online ads using photos of celebrities, and moreCYBERSECURITYTODAY.LIBSYN.COM
8 DecNorton Healthcare discloses data breach after May ransomware attackKentucky health system Norton Healthcare has confirmed that a ransomware attack in May exposed personal information belonging to patients, employees, and dependents. [...]BLEEPINGCOMPUTER.COM
8 DecUpdate: Records Reveal New Information About Sweetwater Union High School District Data BreachNew records obtained through a public records request reveal that over 22,000 people were affected by a data breach at the Sweetwater Union High School District in California.10NEWS.COM
8 Dec23andMe Updates User Agreement to Prevent Data Breach LawsuitsExperts suggest that the updated Terms of Use may not protect 23andMe from lawsuits, as it could be challenging to prove that users were given reasonable notice to opt out of the new terms.BLEEPINGCOMPUTER.COM
8 DecShoe Retailer Aldo Says LockBit Posting Is Related to System at Franchise PartnerThe affected data was limited to information related to the franchise partner's operations in a specific overseas territory and did not include any financial or payment card information.THERECORD.MEDIA
8 DecRansomware, Vendor Hacks Push Breach Number to Record HighData breaches in the U.S. have reached an all-time high, with 2.6 billion personal records compromised in the past two years, driven by aggressive ransomware attacks and breaches targeting third-party vendors.BANKINFOSECURITY.COM
8 DecCyberattack on Irish Utility Cuts Off Water Supply for Two DaysHackers launched a cyberattack on an Irish water utility, causing disruption and leaving people without water for two days. The post Cyberattack on Irish Utility Cuts Off Water Supply for Two Days appeared first on SecurityWeek .SECURITYWEEK.COM
8 DecIOTW: HTC confirms cyber attack as BlackCat ransomware gang teases stolen dataBlackCat/ALPHV ransomware group leaked photos of what appears to be stolen passports, contact lists, emails and confidential documentsCSHUB.COM
8 DecN. Korea's Kimsuky Targeting South Korean Research Institutes with Backdoor AttacksThe North Korean threat actor known as Kimsuky has been observed targeting research institutes in South Korea as part of a spear-phishing campaign with the ultimate goal of distributing backdoors on compromised systems. "The threat actor ultimately uses a backdoor to st…THEHACKERNEWS.COM
8 DecRansomware-as-a-Service: The Growing Threat You Can't IgnoreRansomware attacks have become a significant and pervasive threat in the ever-evolving realm of cybersecurity. Among the various iterations of ransomware, one trend that has gained prominence is Ransomware-as-a-Service (RaaS). This alarming development has transformed the cy…THEHACKERNEWS.COM
8 DecCyber Attacks and Data Breaches Cited as the Number One Business Risk for OrganizationsEven when looking at the various kinds of risks to business, cyber attacks still remain the biggest problem. But new data shows there may be a lesson to be learned to minimize losses.KNOWBE4.COM
8 DecEx-Uber CSO Joe Sullivan on why he ‘had to get over’ shock of data breach convictionBefore joining Uber as chief security officer in 2015, Joe Sullivan served for two years as a federal prosecutor with the United States Department of Justice, where he specialized in computer hacking and IP issues. He worked on a number of high-profile cases, from the first case …TECHCRUNCH.COM
8 DecMovie Forums - 39,914 breached accountsIn December 2022, the Movie Forums website suffered a data breach that affected 40k users. The breach exposed email and IP addresses, usernames, dates of birth and passwords stored as easily crackable salted MD5 hashes. The data was subsequently posted a popular clear web hacking…HAVEIBEENPWNED.COM
8 DecBlack Hat Europe 2023: The past could return to haunt youLegacy protocols in the healthcare industry present dangers that can make hospitals extremely vulnerable to cyberattacks.WELIVESECURITY.COM
🕵️ THREAT INTELLIGENCE 18[−]
8 DecFriday Squid Blogging: Influencer Accidentally Posts Restaurant Table QR Ordering CodeAnother rare security + squid story : The woman—who has only been identified by her surname, Wang—was having a meal with friends at a hotpot restaurant in Kunming, a city in southwest China. When everyone’s selections arrived at the table, she posted a photo of the sp…SCHNEIER.COM
8 DecOpal Security Scores $22M Investment for IAM TechnologySan Francisco startup gets fresh capital from Battery Ventures to compete in the crowded identity and access management space. The post Opal Security Scores $22M Investment for IAM Technology appeared first on SecurityWeek .SECURITYWEEK.COM
8 DecIn Other News: Fake Lockdown Mode, New Linux RAT, AI Jailbreak, Country’s DNS HijackedNoteworthy stories that might have slipped under the radar: fake Lockdown Mode, a new Linux RAT, jailbreaking AI, and an entire country’s DNS hijacked. The post In Other News: Fake Lockdown Mode, New Linux RAT, AI Jailbreak, Country’s DNS Hijacked appeared first on Security…SECURITYWEEK.COM
8 DecProvenRun Banks €15 Million for Secure Connected Vehicle SoftwareFrench startup ProvenRun raises €15 million investment to build secure software for connected vehicles and IoT devices. The post ProvenRun Banks €15 Million for Secure Connected Vehicle Software appeared first on SecurityWeek .SECURITYWEEK.COM
8 DecUS, UK Announce Charges and Sanctions Against Two Russian HackersThe US and UK announce charges and sanctions against two hackers working with Russia’s FSB security service. The post US, UK Announce Charges and Sanctions Against Two Russian Hackers appeared first on SecurityWeek .SECURITYWEEK.COM
8 DecAndroid, Linux, Apple Devices Exposed to Bluetooth Keystroke Injection AttacksA Bluetooth authentication bypass allows attackers to connect to vulnerable Android, Linux, and Apple devices and inject keystrokes. The post Android, Linux, Apple Devices Exposed to Bluetooth Keystroke Injection Attacks appeared first on SecurityWeek .SECURITYWEEK.COM
8 DecMeta Makes End-to-End Encryption a Default on Facebook MessengerEnd-to-End encryption in Facebook Messenger means that no one other than the sender and the recipient — not even Meta — can decipher people’s messages. The post Meta Makes End-to-End Encryption a Default on Facebook Messenger appeared first on SecurityWeek .SECURITYWEEK.COM
8 DecISC Stormcast For Friday, December 8th, 2023 https://isc.sans.edu/podcastdetail/8770, (Fri, Dec 8th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
8 Dec5Ghoul: Impacts, Implications and Next Steps, (Thu, Dec 7th)The introduction of 5G networks has brought increased quality-of-life upgrades such as increased network speeds, the ability to handle concurrent users/network congestion and improved secure communication protocols compared to 4G technology. These benefits are expected to assist …ISC.SANS.EDU
8 DecNearly Every CIO Identifies at Least One Cyber Threat as a Risk to their BusinessWhen 97% of CIOs all see things the same way, it’s probably a sign to take the risk of cyber threats seriously – a problem new data shows is only going to get worse in the next five years.KNOWBE4.COM
8 DecHoliday News Edition Featuring Special Guests - PSW #809In the Security News: If we still can’t change default passwords, we all lose, The Flipper Zero, NO CVE FOR YOU, New tools that are not new at all, The BIOS logo attack vector, a $15 router that has secrets, turns out AI is stupid, and SLAM, dun dun ot, Spectre based on linear ad…YOUTUBE.COM
8 DecQ*, Unitronics, SLAM, Bluetooth, Cold Fusion, Google Drive, Aaran Leyland, and More - SWN #347Q*, Water Wars, Unitronics, SLAM, Bluetooth, Cold Fusion, Google Drive, Push notifications, Aaran Leyland, and More News on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-347YOUTUBE.COM
8 DecCarbon Black's Solo Venture, Cybersecurity in Space, Rethinking Human Error, & More! - ESW #342This week in the enterprise news, we explore the harsh realities of the startup world with a look at recent failures and shutdowns, investigating the factors leading to these setbacks. Meanwhile, Carbon Black makes headlines by breaking away from VMware in what seems like a dives…YOUTUBE.COM
8 DecQ*, Unitronics, SLAM, Bluetooth, Cold Fusion, Google Drive, Aaran Leyland, and More – SWN #347Join us live at 12pm ET as we discuss Q*, Water Wars, Unitronics, SLAM, Bluetooth, Cold Fusion, #GoogleDrive, Push notifications, Aaran Leyland, and More News on the Security Weekly News. →Watch Live Here: securityweekly.com/live →Subscribe to our podcasts: https://securityweekly…YOUTUBE.COM
8 DecHardware Hacking - PSW #809The Security Weekly crew dives into a discussion on the latest hardware hacking techniques, including the hardware/software/firmware used to conduct various tests and create neat projects. You may be trying to hack a specific device. You may be creating a device to accomplish a s…YOUTUBE.COM
8 DecCan someone explain user namespaces and risks to me?submitted by Pantherina to cybersecurity 11 points | 0 comments I am reading a lot about this currently. Basically: podman, flatpak, some Browsers use user namespaces to isolate activities from the main system they are widely used as a security measurement on Linux Flatpak uses t…INFOSEC.PUB
8 DecRussian cyberops fact sheet (UK gov)submitted by L4s to secops 5 points | 1 comments https://www.gov.uk/government/publications/russias-fsb-malign-cyber-activity-factsheet/russias-fsb-malign-activity-factsheet Russian cyberops fact sheet (UK gov)::undefinedGOV.UK
8 DecSpoofing DNS records by abusing Microsoft DHCP serversubmitted by L4s to secops 4 points | 0 comments https://www.akamai.com/blog/security-research/spoofing-dns-by-abusing-dhcp Spoofing DNS records by abusing Microsoft DHCP server::undefinedAKAMAI.COM
🌐 CYBER THREAT LANDSCAPE 1[−]
8 DecMac Users Beware: New Trojan-Proxy Malware Spreading via Pirated SoftwareUnauthorized websites distributing trojanized versions of cracked software have been found to infect Apple macOS users with a new Trojan-Proxy malware. "Attackers can use this type of malware to gain money by building a proxy server network or to perform criminal acts o…THEHACKERNEWS.COM
🎙️ PODCASTS 1[−]
8 DecTransatlantic Cable podcast, episode 327 | Kaspersky official blogEpisode 327of the Kaspersky podcast looks at hackers targeting travellers, UK government stiffens adult content laws & an interview with Vidit Gujrathi, chess Grand Master on technology and chess.KASPERSKY.COM
📡 INFOSEC NEWS 17[−]
8 DecFake Account Creation Bots – Part 4The fourth and final part of a series investigating how automation is used to create fake accounts for fraud, disinformation, scams, and account takeover.F5.COM
8 DecGoogle shares “fix” for deleted Google Drive filesGoogle says it identified and fixed a bug causing customer files added to Google Drive after April-May 2023 to disappear. However, the fix isn't working for all affected users. [...]BLEEPINGCOMPUTER.COM
8 DecMicrosoft: Outlook email sending issues for users with lots of foldersMicrosoft has acknowledged a new issue affecting Outlook for Microsoft 365 users and causing email-sending problems for those with too many nested folders. [...]BLEEPINGCOMPUTER.COM
8 DecNew 5Ghoul attack impacts 5G phones with Qualcomm, MediaTek chipsA new set of vulnerabilities in 5G modems by Qualcomm and MediaTek, collectively called "5Ghoul," impact 710 5G smartphone models from Google partners (Android) and Apple, routers, and USB modems. [...]BLEEPINGCOMPUTER.COM
8 DecNovel 'DDSpoof' Attacks Abuse Microsoft DHCP Servers to Spoof DNS RecordsThe default configuration of Microsoft Dynamic Host Configuration Protocol (DHCP) servers leaves a significant number of organizations vulnerable to these attacks, making them accessible to a wide range of attackers.THEREGISTER.COM
8 DecRussian FSB accused of spear-phishing campaign against UK, US and alliesStar Blizzard has targeted academia, defense, governmental organizations and politicians with spear phishing campaignsCSHUB.COM
8 DecAlmost half of businesses plan to cut cyber security headcountCyber security decision-makers and practitioners plan to reduce headcounts in response to budget headwindsCSHUB.COM
8 DecNew 5G Modem Flaws Affect iOS Devices and Android Models from Major BrandsA collection of security flaws in the firmware implementation of 5G mobile network modems from major chipset vendors such as MediaTek and Qualcomm impact USB and IoT modems as well as hundreds of smartphone models running Android and iOS. Of the 14 flaws – collectively called&nbs…THEHACKERNEWS.COM
8 DecFounder of Bitzlato Cryptocurrency Exchange Pleads Guilty in Money-Laundering SchemeThe Russian founder of the now-defunct Bitzlato cryptocurrency exchange has pleaded guilty, nearly 11 months after he was arrested in Miami earlier this year. Anatoly Legkodymov (aka Anatolii Legkodymov, Gandalf, and Tolik), according to the U.S. Justice Department, adm…THEHACKERNEWS.COM
8 DecUK and US expose Russian hacking plot intended to influence UK’s 2019 elections and spread disinformationTwo men have been charged with hacking into computer networks in the United States, UK, other NATO countries, and Ukraine, on behalf of the Russian government. Read more in my article on the Hot for Security blog.BITDEFENDER.COM
8 DecWeb Security Expands into Secure Service Edge (SSE)Trend has been securing web access for over a decade with forward-looking innovation and a global footprint to support our customer’s security strategy. We are committed to our customers’ journey of transforming their current security posture, aligning with Zero Trust principles,…TRENDMICRO.COM
8 DecIs macOS as secure as its users think? | Kaspersky official blogHow safe are Macs? We discuss current threats to macOS users and debunk the myth that Macs are immune to viruses.KASPERSKY.COM
8 DecSurge in deceptive loan apps – Week in security with Tony AnscombeESET Research reveals details about a growth in the number of deceptive loan apps on Android, their origins and modus operandiWELIVESECURITY.COM
8 DecFake Account Creation Bots – Part 4The fourth and final part of a series investigating how automation is used to create fake accounts for fraud, disinformation, scams, and account takeover.F5.COM
8 DecFake Account Creation Bots – Part 4The fourth and final part of a series investigating how automation is used to create fake accounts for fraud, disinformation, scams, and account takeover.F5.COM