🐛 COMMON VULNERABILITIES AND EXPOSURES 41[−]
12 DecNew Critical RCE Vulnerability Discovered in Apache Struts 2 - Patch NowApache has released a security advisory warning of a critical security flaw in the Struts 2 open-source web application framework that could result in remote code execution. Tracked as CVE-2023-50164, the vulnerability is rooted in a flawed "file upload logic" that…THEHACKERNEWS.COM
12 Dec50K WordPress Sites Exposed to RCE Attacks by Critical Bug in Backup PluginThe vulnerability, tracked as CVE-2023-6553, can be exploited by unauthenticated attackers without user interaction. Although a patch has been released, almost 50,000 WordPress websites still remain vulnerable to this critical security flaw.BLEEPINGCOMPUTER.COM
12 DecSophos backports RCE fix after attacks on unsupported firewallsSophos was forced to backport a security update for CVE-2022-3236 for end-of-life (EOL) firewall firmware versions after discovering hackers actively exploiting the flaw in attacks. [...]BLEEPINGCOMPUTER.COM
12 DecHardening cellular basebands in AndroidPosted by Ivan Lozano and Roger Piqueras Jover Android’s defense-in-depth strategy applies not only to the Android OS running on the Application Processor (AP) but also the firmware that runs on devices. We particularly prioritize hardening the cellular baseband given its unique …SECURITY.GOOGLEBLOG.COM
12 DecCVE-2023-36696 Windows Cloud Files Mini Filter Driver Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 DecCVE-2023-36391 Local Security Authority Subsystem Service Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 DecCVE-2023-36020 Microsoft Dynamics 365 (on-premises) Cross-site Scripting VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 DecCVE-2023-36009 Microsoft Word Information Disclosure VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 DecCVE-2023-36011 Win32k Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 DecCVE-2023-20588 AMD: CVE-2023-20588 AMD Speculative Leaks Security NoticeInformation published.MSRC.MICROSOFT.COM
12 DecCVE-2023-35625 Azure Machine Learning Compute Instance for SDK Users Information Disclosure VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 DecCVE-2023-21740 Windows Media Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 DecCVE-2023-36019 Microsoft Power Platform Connector Spoofing VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 DecCVE-2023-36010 Microsoft Defender Denial of Service VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 DecCVE-2023-36012 DHCP Server Service Information Disclosure VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 DecCVE-2023-36003 XAML Diagnostics Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 DecCVE-2023-36004 Windows DPAPI (Data Protection Application Programming Interface) Spoofing VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 DecCVE-2023-36005 Windows Telephony Server Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 DecCVE-2023-36006 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 DecCVE-2023-35638 DHCP Server Service Denial of Service VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 DecCVE-2023-35639 Microsoft ODBC Driver Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 DecCVE-2023-35641 Internet Connection Sharing (ICS) Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 DecCVE-2023-35642 Internet Connection Sharing (ICS) Denial of Service VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 DecCVE-2023-35643 DHCP Server Service Information Disclosure VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 DecCVE-2023-35644 Windows Sysmain Service Elevation of PrivilegeInformation published.MSRC.MICROSOFT.COM
12 DecCVE-2023-35628 Windows MSHTML Platform Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 DecCVE-2023-35629 Microsoft USBHUB 3.0 Device Driver Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 DecCVE-2023-35630 Internet Connection Sharing (ICS) Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 DecCVE-2023-35631 Win32k Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 DecCVE-2023-35632 Windows Ancillary Function Driver for WinSock Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 DecCVE-2023-35633 Windows Kernel Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 DecCVE-2023-35634 Windows Bluetooth Driver Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 DecCVE-2023-35635 Windows Kernel Denial of Service VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 DecCVE-2023-35636 Microsoft Outlook Information Disclosure VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 DecCVE-2023-35619 Microsoft Outlook for Mac Spoofing VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 DecCVE-2023-35621 Microsoft Dynamics 365 Finance and Operations Denial of Service VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 DecCVE-2023-35624 Azure Connected Machine Agent Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 Dec KEVAtlassian patches critical remote code execution vulnerabilities in multiple productsAtlassian has released urgent patches for several of its products to fix remote code execution and denial-of-service vulnerabilities. Flaws in Atlassian products have been exploited by hackers before, including shortly after a patch was released or even before a fix was available…CSOONLINE.COM
12 DecThe Apache Software Foundation Updates Struts 2The Apache Software Foundation has released security updates to address a vulnerability (CVE-2023-50164) in Struts 2. A remote attacker could exploit this vulnerability to take control of an affected system. Users and administrators are encouraged to review the Apache Security Bu…CISA.GOV
12 DecRussian Foreign Intelligence Service (SVR) Exploiting JetBrains TeamCity CVE GloballySUMMARY The U.S. Federal Bureau of Investigation (FBI), U.S. Cybersecurity & Infrastructure Security Agency (CISA), U.S. National Security Agency (NSA), Polish Military Counterintelligence Service (SKW), CERT Polska (CERT.PL), and the UK’s National Cyber Security Centre (NCSC) as…CISA.GOV
⚠️ VULNERABILITY DISCLOSURE 37[−]
12 DecLazarus Group Using Log4j Exploits to Deploy Remote Access Trojans - RedPacket Securitysubmitted by Lanky_Pomegranate530 to cybersecurity 1 points | 0 comments https://www.redpacketsecurity.com/lazarus-group-using-log-j-exploits-to-deploy-remote-access-trojans/REDPACKETSECURITY.COM
12 DecWorld's First CISO Dies as SEC Turns Up Enforcement on Cybersecurity - BSW #331In the leadership and communications section, Steve Katz, World's First CISO, Dies in Hospice Care, Top CISO Communities to Join in 2024, Workplace Culture 101: How to Create Positivity at Work, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show …YOUTUBE.COM
12 DecThe Impact of the New SEC Regulations on Cybersecurity - BSW #331Materiality, Disclosure, and Evidence... New terms for cybersecurity professionals to understand under the new SEC Regulations for Cybersecurity. And the Solarwinds indictment is just the beginning. Join the BSW crew as they tackle each of these new terms in preparation for SEC e…YOUTUBE.COM
12 DecApple Releases Security Updates to Patch Critical iOS and macOS Security FlawsApple on Monday released security patches for iOS, iPadOS, macOS, tvOS, watchOS, and Safari web browser to address multiple security flaws, in addition to backporting fixes for two recently disclosed zero-days to older devices. This includes updates for 12 security…THEHACKERNEWS.COM
12 DecKubescape Open-Source Project Adds Vulnerability Exploitability eXchange (VEX) SupportKubescape, an open-source project, has become the first to generate Vulnerability Exploitability eXchange (VEX) documents. VEX is a standard that helps share information about vulnerabilities and their potential for exploitation.HELPNETSECURITY.COM
12 DecApple Releases Security Updates to Patch Critical iOS and macOS Security FlawsApple has released security patches for various devices and software, including iOS, iPadOS, macOS, tvOS, watchOS, and Safari. These patches address multiple security flaws, including two recently disclosed zero-day vulnerabilities.THEHACKERNEWS.COM
12 DecWordPress Plugin Flaw Exposes 90K+ Websites to Hack AttackOver 90,000 websites are currently at risk due to a vulnerability found in the WordPress Backup Migration Plugin. This vulnerability has enabled unauthenticated remote code execution, making it possible for potential attackers to gain access to these websites. A group of research…GBHACKERS.COM
12 DecSyzGPT: When the fuzzer meets the LLMsubmitted by L4s to secops 1 points | 0 comments https://albocoder.github.io/fuzzing/exploitation/linux%20kernel/hacking/ai/gpt/llm/2023/11/27/GPT-syzkaller.html SyzGPT: When the fuzzer meets the LLM::undefinedALBOCODER.GITHUB.IO
12 Dec KEVThe SEC action against SolarWinds highlights how tough it can get for CISOsThere's no question that a career as a top security leader is rewarding and something to aspire to. But before you consider taking that career path, there are some lessons to be learned from a recent case that shows just how tough a job it can be. You've gotten the education, pai…CSOONLINE.COM
12 DecDEF CON 23 (2015) - Chris Domas - Repsych: Psychological Warfare in Reverse Engineeringsubmitted by ashar to security_cpe 1 points | 0 comments https://infosec.pub/pictrs/image/6372603c-5c79-4395-8146-9f546993d850.png HT What’s the best conference talk you’ve ever seen? DEF CON 23 - Chris Domas - Repsych: Psychological Warfare in Reverse Engineering 25 Dec 2015 You…INFOSEC.PUB
12 DecThe Art of Code by Dylan Beattie (2022)submitted by ashar to security_cpe 1 points | 0 comments https://infosec.pub/pictrs/image/d6da6fd0-5d40-47d5-aebe-2e2e64548b99.png The Art of Code by Dylan Beattie (2022) Software and technology has changed every aspect of the world we live in. At one extreme are the ‘mission cri…INFOSEC.PUB
12 DecSnyk unveils new ASPM offering to help DevSecOps manage cloud application risksDeveloper security solution provider, Snyk, has launched an application security posture management (ASPM) offering, dubbed Snyk AppRisk, to help application security (AppSec) teams monitor and manage their cybersecurity programs better. The offering will feature a workbench, whi…CSOONLINE.COM
12 DecGamers Warned of Potential CS2 Exploit That can Reveal IP AddressesThe exploit, which is an XSS vulnerability, allows players to display GIFs using HTML code blocks in-game. This poses a potential security threat to players, as the exploit can access player IP addresses and potentially execute code on their PCs.HACKREAD.COM
12 DecICS Patch Tuesday: Electromagnetic Fault Injection, Critical Redis VulnerabilityICS Patch Tuesday: Siemens and Schneider Electric address dozens of vulnerabilities affecting their industrial products. The post ICS Patch Tuesday: Electromagnetic Fault Injection, Critical Redis Vulnerability appeared first on SecurityWeek .SECURITYWEEK.COM
12 DecAir Force Disciplines 15 as IG Finds That Security Failures Led to Massive Classified Documents LeakAir Force disciplines 15 personnel as the inspector general finds that security failures led to massive classified documents leak. The post Air Force Disciplines 15 as IG Finds That Security Failures Led to Massive Classified Documents Leak appeared first on SecurityWeek .SECURITYWEEK.COM
12 DecCISA Releases SCuBA Google Workspace Secure Configuration Baselines for Public CommentToday, CISA released the draft Secure Cloud Business Applications (SCuBA) Google Workspace (GWS) Secure Configuration Baselines and the associated assessment tool ScubaGoggles for public comment. The draft baselines offer minimum viable security configurations for nine GWS servic…CISA.GOV
12 DecFlaws in Backup Migration and Elementor WordPress Plugins Allow Remote Code ExecutionCritical remote code execution flaws in Backup Migration and Elementor plugins expose WordPress sites to attacks. The post Flaws in Backup Migration and Elementor WordPress Plugins Allow Remote Code Execution appeared first on SecurityWeek .SECURITYWEEK.COM
12 DecOver 1,450 pfSense servers exposed to RCE attacks via bug chainRoughly 1,450 pfSense instances exposed online are vulnerable to command injection and cross-site scripting flaws that, if chained, could enable attackers to perform remote code execution on the appliance. [...]BLEEPINGCOMPUTER.COM
12 DecRussian APT28 Hackers Targeting 13 Nations in Ongoing Cyber Espionage CampaignThe Russian nation-state threat actor known as APT28 has been observed making use of lures related to the ongoing Israel-Hamas war to facilitate the delivery of a custom backdoor called HeadLace. IBM X-Force is tracking the adversary under the name ITG05, which is also …THEHACKERNEWS.COM
12 DecOver 1,450 pfSense Servers Exposed to RCE Attacks via Bug ChainAround 1,450 instances of pfSense, an open-source firewall and router software, are vulnerable to command injection and cross-site scripting flaws. These flaws, if exploited together, could allow attackers to execute remote code on the system.BLEEPINGCOMPUTER.COM
12 DecCISA Releases Two Industrial Control Systems AdvisoriesCISA released two Industrial Control Systems (ICS) advisories on December 12, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-346-01 Schneider Electric Easy UPS Online Monitoring Software ICSA…CISA.GOV
12 DecRussia Weaponizes Israel-Hamas Conflict in Targeted Phishing AttackResearchers at IBM X-Force are tracking a phishing campaign that’s using themes related to the Israel-Hamas war to deliver Headlace, a backdoor exclusively used by the suspected Russian state-sponsored threat actor ITG05. ITG05 has overlaps with groups tied to Russia’s GRU, inclu…KNOWBE4.COM
12 DecUkraine’s intelligence claims cyberattack on Russia’s state tax servicesubmitted by c0mmando to netsec 4 points | 0 comments https://therecord.media/ukraine-intelligence-claims-attack-on-russia-tax-service Ukraine’s defense intelligence directorate (GUR) said it infected thousands of servers belonging to Russia’s state tax service with malware, and …THERECORD.MEDIA
12 DecThe ABCs of RFCs - Heather Flanagan - ASW #266We have a lot of questions about standards. How do standards emerge? How do standards encourage adoption? How do they stay relevant as development patterns change and security threats evolve? We have standards for web appsec (HTML, HTTP), all sorts of protocols, and all sorts of …YOUTUBE.COM
12 DecApple Releases Security Updates for Multiple ProductsApple has released security updates for Safari, iOS and iPadOS, Sonoma, Ventura, and Monterey to address multiple vulnerabilities. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to re…CISA.GOV
12 DecMicrosoft December 2023 Patch Tuesday fixes 34 flaws, 1 zero-dayToday is Microsoft's December 2023 Patch Tuesday, which includes security updates for a total of 34 flaws and one previously disclosed, unpatched vulnerability in AMD CPUs. [...]BLEEPINGCOMPUTER.COM
12 DecSAP Patches Critical Vulnerability in Business Technology PlatformSAP patches multiple vulnerabilities in the Business Technology Platform, including a critical elevation of privilege bug. The post SAP Patches Critical Vulnerability in Business Technology Platform appeared first on SecurityWeek .SECURITYWEEK.COM
12 DecMicrosoft Patch Tuesday December 2023, (Tue, Dec 12th)Microsoft had a rather light patch Tuesday for us today. Today&#;x26;#;39;s set includes 4 critical, 30 important, and one moderate vulnerability. In addition, Microsoft included five Chromium patches that are part of Edge. Only one vulnerability was m…ISC.SANS.EDU
12 DecMicrosoft Patch Tuesday: Critical Spoofing and Remote Code Execution FlawsMicrosoft warns of critical spoofing and remote code execution bugs in the Windows MSHTML Platform and Microsoft Power Platform Connector. The post Microsoft Patch Tuesday: Critical Spoofing and Remote Code Execution Flaws appeared first on SecurityWeek .SECURITYWEEK.COM
12 DecFCC reminds mobile phone carriers they must do more to prevent SIM swapssubmitted by c0mmando to netsec 1 points | 0 comments https://therecord.media/fcc-sim-swapping-reminder-telecoms-consumer-protection The Federal Communications Commission is warning mobile phone service providers to ensure they are shielding customers from cybercriminals who use …THERECORD.MEDIA
12 DecMicrosoft Patch Tuesday, December 2023 EditionThe final Patch Tuesday of 2023 is upon us, with Microsoft Corp. today releasing fixes for a relatively small number of security holes in its Windows operating systems and other software. Even more unusual, there are no known "zero-day" threats targeting any of the vulnerabilitie…KREBSONSECURITY.COM
12 DecAdobe Releases Security Updates for Multiple ProductsAdobe has released security updates to address multiple vulnerabilities in Adobe software. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Adobe Security Bulle…CISA.GOV
12 DecMicrosoft Releases Security Updates for Multiple ProductsMicrosoft has released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s December Security Update…CISA.GOV
12 DecLazarus Exploits Log4Shell to Deploy Telegram-Based MalwareNorth Korean Hackers Deploy Novel Malware Families North Korean hacking group Lazarus Group is exploiting Log4Shell to target manufacturing, agriculture and physical security sectors, resulting in the deployment of a tailored implant on compromised systems. The attack campaign ta…DATABREACHTODAY.CO.UK
12 DecA Vulnerability in the Backup Migration Plugin for WordPress Could Allow for Remote Code ExecutionA vulnerability has been discovered in the Backup Migration Plugin for WordPress, which could allow for remote code execution. The Backup Migration Plugin helps admins automate site backups to local storage or a Google Drive account. Successful exploitation could allow for remote…CISECURITY.ORG
12 DecCritical Patches Issued for Microsoft Products, December 12, 2023Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, o…CISECURITY.ORG
12 DecMultiple Vulnerabilities in Atlassian Products Could Allow for Remote Code ExecutionMultiple vulnerabilities have been discovered in Atlassian products which could allow for remote code execution. Confluence is a collaboration tool that brings people, knowledge, and ideas together in a shared workspace. Successful exploitation of these vulnerabilities could allo…CISECURITY.ORG
📋 SECURITY BULLETINS 2[−]
12 DecAdobe Patches 207 Security Bugs in Mega Patch Tuesday BundleAdobe warned users on both Windows and macOS systems about exposure to code execution, memory leaks and denial-of-service security issues. The post Adobe Patches 207 Security Bugs in Mega Patch Tuesday Bundle appeared first on SecurityWeek .SECURITYWEEK.COM
12 DecFrom Microsoft to you, 33 packagesThe lightest December Patch Tuesday in years still brings a few lumps of coal for infosec stockingsSOPHOS.COM
📢 SECURITY ADVISORIES 14[−]
12 DecA Note on progress…NIST’s Digital Identity Guidelines.In August 2023 the Digital Identity Guidelines team hosted a two-day workshop to provide a public update on the status of revision 4. As part of that session, we committed to providing further information on the status of each volume going forward. In fulfillment of this commitme…NIST.GOV
12 DecCISA Seeks Public Comment on Newly Developed Secure Configuration Baselines for Google WorkspaceCISA.GOV
12 DecWhy Financial Institutions Are Adopting the CRI ProfileFinancial regulators have updated regulations to address data protection, data security, cyber hygiene, third-party risk and operational resilience. The post Why Financial Institutions Are Adopting the CRI Profile appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
12 DecRumble Fights Off Unprecedented Cyberattack, Likely An Attempt To Censor Creators, CEO Sayssubmitted by c0mmando to netsec 1 points | 0 comments https://reclaimthenet.org/rumble-fights-off-unprecedented-cyberattack-likely-an-attempt-to-censor-creators-ceo-says The video hosting platform Rumble, known for advocating free speech, just experienced a severe cyber attack. T…RECLAIMTHENET.ORG
12 DecAddressing Privacy and Data-Sharing Hurdles in Healthcare AIWorkarounds for Advancing AI in Administrative and Clinical Uses AI holds tremendous promise for both the administrative and clinical sides of healthcare, but obstacles still remain. One of the major hurdles is tied to patient privacy and the sharing of vast amounts of data neede…DATABREACHTODAY.CO.UK
12 DecStrengthening identity protection in the face of highly sophisticated attacksGet the latest information on our engineering advancements and continued commitments to secure identities as part of the Secure Future Initiative. The post Strengthening identity protection in the face of highly sophisticated attacks appeared first on Microsoft Security Blog .TECHCOMMUNITY.MICROSOFT.COM
🔥 INCIDENT REPORTING 24[−]
12 DecInflateVids - 13,405 breached accountsIn December 2023, the inflatable and balloon fetish videos website InflateVids suffered a data breach . The incident exposed over 13k unique email addresses alongside usernames, IP addresses, genders and SHA-1 password hashes.HAVEIBEENPWNED.COM
12 DecA Gigantic New ICBM Will Take US Nuclear Missiles Out of the Cold War-Era but Add 21st-Century RisksNew "Sentinel" nuclear missiles will need to be well protected from cyberattacks, while its technology will have to cope with frigid winter temperatures where the silos are located. The post A Gigantic New ICBM Will Take US Nuclear Missiles Out of the Cold War-Era but Add 21st-Ce…SECURITYWEEK.COM
12 DecLockBit Ransomware Group Alleges LivaNova PLC Data BreachLivaNova has not yet issued an official statement or response regarding the breach, and cybersecurity experts are closely monitoring the situation for further developments.THECYBEREXPRESS.COM
12 DecHHS Agrees to $480,000 Settlement With Louisiana Medical Group Over Data BreachThis settlement marks the first resolution by HHS involving a phishing attack that violated the Health Insurance Portability and Accountability Act (HIPAA), highlighting the need for healthcare organizations to prioritize cybersecurity measures.THERECORD.MEDIA
12 DecGreece Plans National Cybersecurity Authority to Combat Rising Hacker ThreatsThe National Cybersecurity Authority will coordinate and implement policies and measures to enhance Greece's cybersecurity ecosystem and effectively prevent and manage cyberattacks.THECYBEREXPRESS.COM
12 DecUpdate: Henry Schein Says 29K People Affected in September CyberattackHenry Schein has notified Maine's attorney general that the personal information of over 29,000 people may have been accessed in a cyber incident in September. The hackers obtained names, financial account information, and security codes.CYBERSECURITYDIVE.COM
12 DecWhite House Wants to Set Minimum Cyber Standards for Hospitals, HealthcareThe White House plans to collaborate with the Department of Health and Human Services to establish minimum cybersecurity standards to protect the healthcare sector from ransomware and other cyber threats.CYBERSECURITYDIVE.COM
12 DecTV Service in UAE Hacked to Show Alleged Atrocities in PalestineViewers saw a message from the hackers and then a fake news broadcast featuring AI-generated news anchor showing alleged atrocities committed by Israel. The incident is still being investigated, and it is unclear who is responsible.THERECORD.MEDIA
12 DecToyota Germany Confirms Personal Information Stolen in Ransomware AttackToyota Germany is informing customers that their personal data has been stolen in a ransomware attack last month. The post Toyota Germany Confirms Personal Information Stolen in Ransomware Attack appeared first on SecurityWeek .SECURITYWEEK.COM
12 DecFBI Issues Guidance for Delaying SEC-Required Data Breach DisclosureThe FBI has issued guidance for SEC data breach reporting requirements and how disclosures can be delayed. The post FBI Issues Guidance for Delaying SEC-Required Data Breach Disclosure appeared first on SecurityWeek .SECURITYWEEK.COM
12 DecToyota Financial Services Discloses Data Breach Affecting German CustomersToyota Financial Services (TFS) has suffered a data breach, exposing sensitive personal and financial data. The breach affected German customers, with threat actors gaining access to names, addresses, contract information, and bank account details.SECURITYAFFAIRS.COM
12 DecNearly 130,000 Affected by Ransomware Attack on Cold Storage Company AmericoldThe cyberattack resulted in the leak of sensitive data, including names, addresses, Social Security numbers, financial account information, and employment-related health insurance and medical information.THERECORD.MEDIA
12 DecNon-Human Access is the Path of Least Resistance: A 2023 Recap2023 has seen its fair share of cyber attacks, however there’s one attack vector that proves to be more prominent than others - non-human access. With 11 high-profile attacks in 13 months and an ever-growing ungoverned attack surface, non-human identities are the new pe…THEHACKERNEWS.COM
12 DecToyota Ransomware Attack Exposes Customers Personal DataToyota Financial Services (TFS) notifies customers after a data breach that exposed personal and sensitive financial information. In a limited number of locations, including Toyota Kreditbank GmbH in Germany, Toyota Financial Services Europe & Africa has discovered unauthoriz…GBHACKERS.COM
12 DecUkraine's largest mobile carrier Kyivstar down following cyberattackKyivstar, Ukraine's largest telecommunications service provider serving over 25 million mobile and home internet subscribers, has suffered a cyberattack impacting mobile and data services. [...]BLEEPINGCOMPUTER.COM
12 DecUkraine’s largest mobile operator Kyivstar downed by ‘powerful’ cyberattackUkraine’s largest telecommunications operator Kyivstar says it has been hit by a “powerful” cyberattack that has disrupted phone and internet services for millions of people across the country. In a Facebook post confirming the incident on Tuesday, Kyivstar wrote that the c…TECHCRUNCH.COM
12 DecBitcoin ATM company Coin Cloud got hacked. Even its new owners don’t know howIn November, the cybersecurity collective vx-underground wrote on X, formerly Twitter, that unknown hackers were claiming to have breached Coin Cloud, a bankrupt Bitcoin ATM company. According to vx-underground, the hackers claimed to have stolen 70,000 pictures of customers take…TECHCRUNCH.COM
12 DecTop Ukrainian Mobile Operator Kyivstar Hit by CyberattackUkrainian President Volodymyr Zelenskyy Is in Washington Ukrainian telecom operator Kyivstar was the target of a cyberattack that knocked internet access and mobile communications offline on the same day Ukrainian President Volodymyr Zelenskyy is in Washington to boost the case f…DATABREACHTODAY.CO.UK
12 DecNorthern Ireland's Police Service to Revamp CybersecurityIndependent Review Issues 37 Recommendations to Police Service of Northern Ireland Following an information security breach rated as the worst in U.K. policing history, which exposed all serving Northern Ireland police officers' personal details online, officials have promised to…DATABREACHTODAY.CO.UK
12 DecUkrainian military says it hacked Russia's federal tax agencyThe Ukrainian government's military intelligence service says it hacked the Russian Federal Taxation Service (FNS), wiping the agency's database and backup copies. [...]BLEEPINGCOMPUTER.COM
12 DecCyberattack Cripples Ukraine’s Largest Telcom OperatorKyivstar, the largest mobile network operator in Ukraine, was hit by a massive cyberattack on Tuesday, disrupting mobile and internet communications for millions of citizens. The post Cyberattack Cripples Ukraine’s Largest Telcom Operator appeared first on SecurityWeek .SECURITYWEEK.COM
12 DecUK Downplays Ransomware Threat at Its Peril, Says CommitteeParliamentary Committee Says UK Must Be More Aggressive A U.K. parliamentary committee investigating ransomware threats recommended a more aggressive stance against threat actors and said the government should consider making incident reporting mandatory and provide government su…DATABREACHTODAY.CO.UK
🕵️ THREAT INTELLIGENCE 21[−]
12 DecISC Stormcast For Tuesday, December 12th, 2023 https://isc.sans.edu/podcastdetail/8774, (Tue, Dec 12th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
12 DecWhat is CloudSecOps? – A Complete Security Operations Guide – 2024Cloud security is becoming a central part of any organization’s cybersecurity strategy. However, in most organizations, the teams managing cloud operations work separately from those that manage security. CloudSecOps is setting out to change that. CloudSecOps is about integrating…GBHACKERS.COM
12 DecShaping our children's education in computing" by Simon Peyton Jones (2018)submitted by ashar to security_cpe 1 points | 0 comments https://infosec.pub/pictrs/image/8eb1f31f-e3e5-45ff-bdf2-7d4b424c5834.png Shaping our children’s education in computing" by Simon Peyton Jones Few things matter more to us than the education we give our children, to eq…INFOSEC.PUB
12 DecBret Victor The Future of Programming (2013)submitted by ashar to security_cpe 1 points | 0 comments https://infosec.pub/pictrs/image/c5de62bb-1365-4fa0-924f-b99e66d7fa0d.png “The most dangerous thought you can have as a creative person is to think you know what you’re doing.” Presented at Dropbox’s DBX conference on July …INFOSEC.PUB
12 DecNew Windows/Linux Firmware AttackInteresting attack based on malicious pre-OS logo images : LogoFAIL is a constellation of two dozen newly discovered vulnerabilities that have lurked for years, if not decades, in Unified Extensible Firmware Interfaces responsible for booting modern devices that run Windows or Li…SCHNEIER.COM
12 DecJames Powell: So you want to be a Python expert? | PyData Seattle 2017submitted by ashar to security_cpe 1 points | 0 comments https://infosec.pub/pictrs/image/700d4fcc-a68b-4790-a883-dfe030711018.png James Powell: So you want to be a Python expert? | PyData Seattle 2017 HT What’s the best conference talk you’ve ever seen?INFOSEC.PUB
12 DecNew malware is using direct emails to hunt the head-huntersTA4557, a threat actor tracked since 2018 to be sending job-themed email threats, has started a new technique of targeting recruiters with direct emails that ultimately lead to malware delivery, according to Proofpoint. The threat actor known for using More_eggs downloader as the…CSOONLINE.COM
12 DecSandman Cyberespionage Group Linked to ChinaA recent emergence on the threat landscape, the Sandman APT appears linked to a Chinese hacking group. The post Sandman Cyberespionage Group Linked to China appeared first on SecurityWeek .SECURITYWEEK.COM
12 DecCyberheistNews Vol 13 #50 [Heads Up] Don't Be Fooled by This Sneaky Disney+ Phishing ScamKNOWBE4.COM
12 DecIs there really an Information Security Jobs Crisis? - Ben Rothke - CSP #152Are there really millions of open information security jobs available? Or is much of the numbers hyped up? Join us as we discuss these numbers , boot camps, regional differences, and where these job openings come from. This segment is sponsored by Saviynt. Visit https://cisostori…YOUTUBE.COM
12 DecThreat Actor TA4557 Targets Recruiters With MalwareThe threat actor uses techniques such as sending URLs to fake resume websites or attachments containing instructions to visit the website, leading to the download of malicious files.INFOSECURITY-MAGAZINE.COM
12 DecCybertruck, Viagra, Struts, Atlassian, Log4Shell, Pharmacies, Jason Wood, and More – SWN #348Join us at 12pm ET as we discuss Cybertruck, Viagra, Struts, Atlassian, Log4Shell, Pharmacies, Security Clearances, Naughty Bots, Jason Wood, and more on this edition of the Security Weekly News. →Watch Live Here: securityweekly.com/live →Subscribe to our podcasts: https://securi…YOUTUBE.COM
12 DecRussian APT28 Hackers Targeting 13 Nations in Ongoing Cyber Espionage CampaignThe Russian APT28 threat actor, also known as ITG05, is using authentic documents related to the Israel-Hamas war as lures to deliver a custom backdoor called HeadLace against targeted entities in 13 countries, primarily in Europe.THEHACKERNEWS.COM
12 DecApple Sets Trap to Catch iMessage ImpersonatorsNew iMessage Contact Key Verification feature in Apple's iOS and macOS platforms help catch impersonators on its iMessage service. The post Apple Sets Trap to Catch iMessage Impersonators appeared first on SecurityWeek .SECURITYWEEK.COM
12 DecWho's Calling? Spam, Scams and Wasted TimeFirst ever insight into those annoying spam calls provides enlightening detail into how many calls are there, where are they coming from, and how much time is wasted dealing with them.KNOWBE4.COM
12 DecUnwrapping the Threat: AI-Powered Phishing Attacks Take Center Stage in 2023 HolidaysAs the holiday season approaches, so does the annual surge in online shopping and holiday package tracking. Unfortunately, this joyous time has also become a prime hunting ground for cybercriminals.KNOWBE4.COM
12 DecNews alert: Detectify’s EASM research reveals top overlooked vulnerabilities from 2023Stockhom, Sweden & Boston, Mass., Dec. 12, 2023 – Detectify , the External Attack Surface Management platform powered by elite ethical hackers, has today released its “ State of EASM 2023 ” report. The research incorporates insights from Detectify’s customer … (mo…LASTWATCHDOG.COM
12 DecCybertruck, Viagra, Struts, Atlassian, Log4Shell, Pharmacies, Jason Wood, and More - SWN #348Cybertruck, Viagra, Struts, Atlassian, Log4Shell, Pharmacies, Security Clearances, Naughty Bots, Jason Wood, and more on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-348YOUTUBE.COM
12 DecPrompt Injection Scanners, Better AI Jailbreaks, Purple Llama, Linux Kernel Security - ASW #266Benchmarking prompt injection scanners, using generative AI to jailbreak generative AI, Meta's benchmark for LLM risks, tapping a protocol to hack Magic the Gathering, and more! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweek…YOUTUBE.COM
12 DecMicrosoft: OAuth apps used to automate BEC and cryptomining attacksMicrosoft warns that financially-motivated threat actors are using OAuth applications to automate BEC and phishing attacks, push spam, and deploy VMs for cryptomining. [...]BLEEPINGCOMPUTER.COM
12 DecThreat actors misuse OAuth applications to automate financially driven attacksMicrosoft Threat Intelligence presents cases of threat actors misusing OAuth applications as automation tools in financially motivated attacks. The post Threat actors misuse OAuth applications to automate financially driven attacks appeared first on Microsoft Security Blog .MICROSOFT.COM
🌐 CYBER THREAT LANDSCAPE 3[−]
12 DecNew MrAnon Stealer Malware Targeting German Users via Booking-Themed ScamA phishing campaign has been observed delivering an information stealer malware called MrAnon Stealer to unsuspecting victims via seemingly benign booking-themed PDF lures. "This malware is a Python-based information stealer compressed with cx-Freeze to evade detection,…THEHACKERNEWS.COM
12 DecKelvin Security cybercrime gang suspect seized by Spanish policeA malicious hacking group, thought to have been operating since at least 2013, may have suffered a significant blow after the arrest of a suspected leading member by Spanish police late last week. Read more in my article on the Tripwire State of Security blog.TRIPWIRE.COM
12 DecUnveiling the Cyber Threats to Healthcare: Beyond the MythsLet's begin with a thought-provoking question: among a credit card number, a social security number, and an Electronic Health Record (EHR), which commands the highest price on a dark web forum? Surprisingly, it's the EHR, and the difference is stark: according to a&nbs…THEHACKERNEWS.COM
📡 INFOSEC NEWS 19[−]
12 DecAmazon Sues REKK Fraud Gang That Stole Millions in Illicit RefundsAmazon has taken legal action against an underground refund scheme called REKK, involving an international fraudulent organization and former Amazon employees, resulting in the theft of millions of dollars worth of products.BLEEPINGCOMPUTER.COM
12 DecUK Police Return $10 Million in Bitcoin Stolen by Chronically-Ill Bed-Bound ThiefPolice in Lancashire, UK have returned around £8 million ($10 million) worth of bitcoin to a man whose cryptocurrency was stolen in 2017. Four people involved in the hack were sentenced earlier this year.THERECORD.MEDIA
12 DecLeader of Russian Hacktivist Group Killnet ‘Retires,’ Appoints New HeadKillmilk, the leader of the pro-Russia hacktivist group Killnet, has announced his retirement. Killmilk, whose alleged identity was recently uncovered as Nikolai Serafimov, cited the toll of Russia's war in Ukraine as the reason for his departure.THERECORD.MEDIA
12 DecCybercriminals Continue Targeting Open Remote Access ProductsAccording to WatchGuard, cybercriminals are still primarily targeting open remote access products and using legitimate remote access tools to hide their malicious activities.HELPNETSECURITY.COM
12 DecSecurity Automation Gains Traction, Prompting a “Shift Everywhere” PhilosophyAccording to Synopsys, the use of automated security technology is on the rise, as organizations increasingly embrace the "shift everywhere" philosophy to improve the effectiveness and reduce the cost of security activities.HELPNETSECURITY.COM
12 DecLong-Running Clearview AI Class Action Biometric Privacy Case SettlesClearview AI has reached a settlement in a class-action privacy lawsuit, which alleged that the company violated Illinois' Biometric Information Privacy Act (BIPA) by using online images without consent for its facial recognition technology.THERECORD.MEDIA
12 DecFake LinkedIn Profiles Target Saudi Workers for Information Leakage and Financial FraudResearchers have discovered nearly a thousand fake profiles created with the intention of reaching out to companies in the Middle East. These profiles, often difficult to distinguish from real ones, have been successful in their campaigns.DARKREADING.COM
12 DecCloud engineer gets 2 years for wiping ex-employer’s code reposMiklos Daniel Brody, a cloud engineer, was sentenced to two years in prison and a restitution of $529,000 for wiping the code repositories of his former employer in retaliation for being fired by the company. [...]BLEEPINGCOMPUTER.COM
12 DecPractitioner guidance for securing Microsoft Active Directory services in your organization - ITSP.60.100CYBER.GC.CA
12 DecHow criminals disguise URLs | Kaspersky official blogMethods used by attackers to redirect victims to malicious and phishing sites from seemingly safe URLs.KASPERSKY.COM
12 DecWindows 10 KB5033372 update released with Copilot for everyone, 20 changesMicrosoft has released the KB5033372 cumulative update for Windows 10 21H2 and Windows 10 22H2, which includes Copilot for Windows and nineteen other changes to the operating system. [...]BLEEPINGCOMPUTER.COM
12 DecWindows 11 update KB5033375 released with upgraded Copilot AI-assistantMicrosoft has released the KB5033375 update for Windows 11 versions 23H2 and 22H2 to fix security vulnerabilities, upgrade Copilot for Windows, and make 36 changes and fixes [...]BLEEPINGCOMPUTER.COM
12 DecHow the EU Cyber Resilience Act Impacts ManufacturersEU's Cyber Resilience Act urges vendors to embrace security-by-design, establishing standards in global tech protocols.TRENDMICRO.COM
12 DecWindows 11 KB5033375 update released with upgraded Copilot AI-assistantMicrosoft has released the KB5033375 update for Windows 11 versions 23H2 and 22H2 to fix security vulnerabilities, upgrade Copilot for Windows, and make 36 changes and fixes [...]BLEEPINGCOMPUTER.COM
12 DecAvira antivirus causes Windows computers to freeze after bootSince Friday, Windows users have reported problems with the operating system freezing shortly after booting, an issue linked to a faulty update for Avira's security software. [...]BLEEPINGCOMPUTER.COM
12 DecA pernicious potpourri of Python packages in PyPIThe past year has seen over 10,000 downloads of malicious packages hosted on the official Python package repositoryWELIVESECURITY.COM