98Articles
8Categories
2023-12-13Date
🐛 COMMON VULNERABILITIES AND EXPOSURES 5[−]
13 Dec KEVSophos Backports Fix for CVE-2022-3236 for EOL Firewall FirmwareSophos has backported the patch for CVE-2022-3236 to end-of-life (EOL) firewall firmware versions due to ongoing attacks exploiting the vulnerability. The code injection vulnerability is being actively exploited by threat actors to target South Asia.SECURITYAFFAIRS.COM
13 DecHackers are exploiting critical Apache Struts flaw using public PoCHackers are attempting to leverage a recently fixed critical vulnerability (CVE-2023-50164) in Apache Struts that leads to remote code execution, in attacks that rely on publicly available proof-of-concept exploit code. [...]BLEEPINGCOMPUTER.COM
13 DecCISA and Partners Release Advisory on Russian SVR-affiliated Cyber Actors Exploiting CVE-2023-42793Today, CISA—along with the U.S. Federal Bureau of Investigation (FBI), National Security Agency (NSA), Polish Military Counterintelligence Service (SKW), CERT Polska (CERT.PL), and the UK’s National Cyber Security Centre (NCSC)—released a joint Cybersecurity Advisory (CSA), Russi…CISA.GOV
13 DecCVE-2023-21751 Azure DevOps Server Spoofing VulnerabilityInformation published. This CVE was addressed by updates that were released in December 2023, but the CVE was inadvertently omitted from the December 2023 Security Updates. Microsoft strongly recommends that customers running affected versions of Azure DevOps Server install the D…MSRC.MICROSOFT.COM
13 DecEnhancing Cyber Resilience: Insights from the CISA Healthcare and Public Health Sector Risk and Vulnerability AssessmentSUMMARY In January 2023, the Cybersecurity and Infrastructure Security Agency (CISA) conducted a Risk and Vulnerability Assessment (RVA) at the request of a Healthcare and Public Health (HPH) sector organization to identify vulnerabilities and areas for improvement. An RVA is a t…CISA.GOV
⚠️ VULNERABILITY DISCLOSURE 23[−]
13 DecRhysida Ransomware Attacking Government & IT Industries WorldwideHackers use ransomware to encrypt victims’ files and demand payment (usually in cryptocurrency) for the decryption key.  This malicious tactic allows them to extort money from the following entities by exploiting vulnerabilities in their digital systems:- In May 2023, …GBHACKERS.COM
13 Dec KEVSophos Patches EOL Firewalls Against Exploited VulnerabilitySophos has patched EOL Firewall versions against a critical flaw exploited in the wild, after identifying a new exploit. The post Sophos Patches EOL Firewalls Against Exploited Vulnerability appeared first on SecurityWeek .SECURITYWEEK.COM
13 DecOperation Blacksmith: Lazarus Group Exploits Log4j Flaws to Deploy RATsThe Lazarus APT group, in Operation Blacksmith, exploits the Log4Shell vulnerability to deploy new malware threats, focusing on global manufacturing, agricultural, and physical security sectors. The campaign is believed to have been active since March. Organizations are suggested…CYWARE.COM
13 DecSystemic Security Failures Aided US Air Force Discord LeakerAs a result of the investigation, disciplinary action has been taken against 15 Air National Guard leaders, including the removal of commanders, and the USAF has implemented reforms to strengthen classified data access standards.THEREGISTER.COM
13 DecMicrosoft Warns of Hackers Exploiting OAuth for Cryptocurrency Mining and PhishingMicrosoft has warned that adversaries are using OAuth applications as an automation tool to deploy virtual machines (VMs) for cryptocurrency mining and launch phishing attacks. "Threat actors compromise user accounts to create, modify, and grant high privileges to OAuth applicati…THEHACKERNEWS.COM
13 DecSurveillance by the US Postal ServiceThis is not about mass surveillance of mail , this is about sorts of targeted surveillance the US Postal Inspection Service uses to catch mail thieves : To track down an alleged mail thief, a US postal inspector used license plate reader technology, GPS data collected by a rental…SCHNEIER.COM
13 DecAI dominates cybersecurity megatrends for 2024: ReportAI has topped the list of emerging trends that are likely to impact the enterprise security segment in 2024, according to a study by the security industry association (SIA). The research that surveyed hundreds of security industry business leaders, including several volunteers an…CSOONLINE.COM
13 Dec1,450+ pfSense Servers Vulnerable to Remote Code Execution Attacks via Exploit ChainResearchers discovered two vulnerabilities in pfSense CE related to Cross-Site Scripting (XSS) and Command Injection that allow an attacker to execute arbitrary commands on a pfSense appliance. An attacker with RCE capabilities can control the firewall, monitor traffic on the loc…GBHACKERS.COM
13 DecMicrosoft’s 2023 Final Patch: 34 Vulnerabilities Including Critical 0-Day FixedMicrosoft has released their patches for December 2023 as part of their Patch Tuesday. In this release, they have patched more than 34 vulnerabilities and one zero-day. Among the 34 vulnerabilities patched, there were 4 Critical severity vulnerabilities and 30 were termed as Impo…GBHACKERS.COM
13 DecHow the EU AI Act regulates artificial intelligence: What it means for cybersecurityOn December 8, 2023, after more than 36 hours of negotiations, European Union lawmakers agreed on the details of a new law to regulate artificial intelligence. The document, dubbed the AI Act, is one of the first attempts in the world to establish a comprehensive set of rules for…CSOONLINE.COM
13 DecUK government vulnerable to ‘catastrophic ransomware’ attack: ReportThe UK government is at risk of a "catastrophic ransomware attack" that can potentially bring the country to a "standstill," warned a new parliamentary committee report . "A major ransomware attack could have a devastating impact on UK citizens and the economy, and undoubtedly re…CSOONLINE.COM
13 DecSophos Firewall Code Injection Flaw: Let Attackers Execute Remote CodeA critical security flaw has been discovered in the Sophos Firewall User Portal and Webadmin, allowing hackers to execute malicious code remotely. The vulnerability enables attackers to inject harmful code into the software, which if exploited, can result in a complete takeover o…GBHACKERS.COM
13 DecCongress Finds Pharmacies Give Patient Records to Law Enforcement Without WarrantsA congressional review found that major pharmacy chains do not require a warrant before sharing customers' records with law enforcement, raising concerns about the privacy of Americans' pharmaceutical information.THERECORD.MEDIA
13 DecBest practices for cloud configuration securityCloud computing has become an integral part of IT infrastructure for businesses of all sizes, providing on-demand access to a wide range of services and resources. The evolution of cloud computing has been driven by the need for more efficient, scalable and cost-effective ways to…SECURITYINTELLIGENCE.COM
13 DecBazaCall Phishing Scammers Now Leveraging Google Forms for DeceptionThe threat actors behind the BazaCall call back phishing attacks have been observed leveraging Google Forms to lend the scheme a veneer of credibility. The method is an "attempt to elevate the perceived authenticity of the initial malicious emails," cybersecurity firm A…THEHACKERNEWS.COM
13 DecZero Networks Raises $20 Million Series B to Prevent Attackers From Spreading in Corporate NetworksThe funding round was led by U.S. Venture Partners (USVP), and included strategic investor Dmitri Alperovitch, co-founder and former CTO of CrowdStrike, as well as existing investors Venrock, CyberArk, F2 Capital, and Pico Venture Partners.CALCALISTECH.COM
13 DecApple will no longer give police users’ push notification data without a warrantApple said it will no longer give over records of users’ push notifications to law enforcement unless the company receives a valid judge’s order. In its law enforcement guidelines updated this week, Apple said law enforcement and government agencies can now obtain pus…TECHCRUNCH.COM
13 DecCISA: Russian hackers target TeamCity servers since SeptemberCISA and partner cybersecurity agencies and intelligence services warned that the APT29 hacking group linked to Russia's Foreign Intelligence Service (SVR) has been targeting unpatched TeamCity servers in widespread attacks since September 2023. [...]BLEEPINGCOMPUTER.COM
13 DecLawmakers Urge HHS to Shield Pharmacy Records From PoliceRegulators Advised to Protect Patients From 'Warrantless' Requests on Prescriptions Three members of Congress are urging the Department of Health and Human Services to improve HIPAA privacy protections around pharmacy information. The request comes after the lawmakers asked major…DATABREACHTODAY.CO.UK
13 DecMicrosoft Warns of OAuth Attacks Tied to CryptominingMicrosoft Details OAuth Tactics, Says Losses Reached Up to $1.5M Per Victim Hackers are exploiting OAuth applications to compromise user accounts, manipulate and confer elevated privileges, and set up cryptomining operations, which has cost some organizations up to $1.5 million i…DATABREACHTODAY.CO.UK
13 DecCISA Warns of Russian Hackers Targeting JetBrains SoftwareAdvisory Says Russian Hackers Have Been Exploiting Popular Software Since September The Cybersecurity and Infrastructure Security Agency released an advisory Wednesday warning that a Russian military intelligence unit has been actively exploiting a widely used software product si…DATABREACHTODAY.CO.UK
13 DecFCC Approves Major Updates to Data Breach Notification RulesNew FCC Disclosure Rules Cover All Personal Information of Telecom Customers The FCC approved new guidelines that note how data breaches "have only grown in frequency and severity" since the commission adopted its privacy protection policies 16 years ago. The new rules aim to pro…DATABREACHTODAY.CO.UK
📋 SECURITY BULLETINS 4[−]
13 DecMicrosoft's Final 2023 Patch Tuesday: 33 Flaws Fixed, Including 4 CriticalMicrosoft released its final set of Patch Tuesday updates for 2023, closing out 33 flaws in its software, making it one of the lightest releases in recent years. Of the 33 shortcomings, four are rated Critical and 29 are rated Important in severity. The fixes are in add…THEHACKERNEWS.COM
13 DecMicrosoft's Final 2023 Patch Tuesday Fixes 33 Flaws, Including Four Critical OnesMicrosoft has released its final set of Patch Tuesday updates for 2023, addressing 33 flaws in its software. This release is considered one of the lightest in recent years, with four critical vulnerabilities and 29 important ones.THEHACKERNEWS.COM
13 DecChrome 120 Update Patches High-Severity VulnerabilitiesA Chrome 120 security update resolves nine vulnerabilities, including five high-severity flaws reported externally. The post Chrome 120 Update Patches High-Severity Vulnerabilities appeared first on SecurityWeek .SECURITYWEEK.COM
📢 SECURITY ADVISORIES 8[−]
13 DecUK Downplays Ransomware Threat at Its Peril, Says Parliamentary CommitteeA parliamentary committee warned that a coordinated attack could cause severe damage to public services and criticized the Home Office for not prioritizing the issue. They also call for more funding for the NCA and the NCSC.BANKINFOSECURITY.COM
13 DecUK Ministry of Defence Fined $440K for Afghan Evacuation Data BreachThe UK's Ministry of Defence has been fined £350,000 ($440,000) by the ICO for failing to protect the personal information of Afghans who worked with the British government and sought relocation after the Taliban took control of Afghanistan.THERECORD.MEDIA
13 DecHow To Fight Long-Game Social EngineeringCISA sent out a warning about a Russian advanced persistent threat (APT) called Star Blizzard  warning about their long-game social engineering tactics.KNOWBE4.COM
13 DecCISA Seeks Public Opinion on Google Workspace Secure Configuration BaselinesCISA is asking for public opinion on SCuBA secure configuration baselines for nine Google Workspace services. The post CISA Seeks Public Opinion on Google Workspace Secure Configuration Baselines appeared first on SecurityWeek .SECURITYWEEK.COM
13 DecHarry Coker to Serve as Second National Cyber DirectorSenate Confirms Career Naval Officer, Former Head of NSA to Serve in Critical Role Harry Coker is now the second permanent national cyber director after the Senate voted 59-40 to confirm President Joe Biden’s pick to lead the Office of the National Cyber Director. In his new role…DATABREACHTODAY.CO.UK
🔥 INCIDENT REPORTING 17[−]
13 DecLW ROUNDTABLE: Cybersecurity takeaways of 2023 — and what’s ahead in 2024 ( part 1)A look back at the cybersecurity landscape in 2023 rings all-too familiar: cyber threats rapidly evolved and scaled up , just as they have, year-to-year, for the past 20 years. Related: Adopting an assume-breach mindset With that in mind, Last … (more…)LASTWATCHDOG.COM
13 DecUpdate: Widespread Security Flaws Blamed for PSNI Data BreachAn independent review found that the breach was a result of multiple factors and highlighted the organization's lack of a data protection strategy. It also noted that the PSNI had not fully implemented the 2018 Data Protection Act.INFOSECURITY-MAGAZINE.COM
13 DecCyber Security Today, Dec. 13, 2023 - Mystery surrounds the outage at a ransomware gang's site, and moreThis episode reports on a new phishing scam aimed at job recruiters, and moreCYBERSECURITYTODAY.LIBSYN.COM
13 DecMajor Cyber Attack Paralyzes Kyivstar - Ukraine's Largest Telecom OperatorUkraine's biggest telecom operator Kyivstar has become the victim of a cyber attack, disrupting customer access to mobile and internet services. "The cyberattack on Ukraine's #Kyivstar telecoms operator has impacted all regions of the country with high impact to th…THEHACKERNEWS.COM
13 DecLargest Ukrainian Telecom Operator Kyivstar Hit by CyberattackThe Ukrainian telecom operator Kyivstar was targeted in a cyberattack, causing internet and mobile communications to go offline, potentially linked to Russian state hackers.BANKINFOSECURITY.COM
13 DecPress and pressure: Ransomware gangs and the mediaSophos X-Ops explores the symbiotic – but often uneasy – relationship between ransomware gangs and the media, and how threat actors are increasingly seeking to wrest control of the narrativeSOPHOS.COM
13 DecUkraine’s Intelligence Claims Destructive Cyberattack on Russia’s State Tax ServiceThe attack on Russia's tax system has reportedly paralyzed the Federal Tax Service, with the internet connection between its central office and regional branches being disrupted, potentially causing long-term damage.THERECORD.MEDIA
13 DecDubai’s Largest Taxi App DTC Exposes Data on Over 220,000 PeopleThe leaked data included personal information such as email addresses, phone numbers, and bank details. It also included driver information such as driving license numbers and work permit numbers.SECURITYAFFAIRS.COM
13 DecGuardz collects $18M to expand its AI-based security platform for SMBsThanks to advances in AI, small and medium businesses have become a significant target in the world of cybercrime, accounting for roughly half of all breaches worldwide by some estimates. Now, one of the companies building security tools for SMBs has raised a round of funding to …TECHCRUNCH.COM
13 DecUpdate: Ransomware Group Publishes Stolen Medical DataThe effects of a November ransomware attack against Oceanside, California’s Tri-City Medical Center were contained more than two weeks ago, but now those behind the cyber incident are publishing stolen data on the dark web.GOVTECH.COM
13 DecNew cybercrime market 'OLVX' gains popularity among hackersA new cybercrime marketplace, OLVX, has emerged and is quickly gaining new customers looking to purchase tools to conduct online fraud and cyberattacks. [...]BLEEPINGCOMPUTER.COM
13 DecNew Underground Market Comes Online Just inTime for the HolidaysThe OLVX marketplace operates on the clear web and has gained popularity in recent months. It offers various products and services, including phish kits, remote desktop connections, cPanel credentials, webshells, and stolen data.ZEROFOX.COM
13 DecRansomware Groups' Latest Tactic: Weaponized Marketing'Oxygen of Publicity' Helps Intimidate Victims and Recruit Affiliates, Experts Warn Seeking to maximize profits no matter the cost, ransomware groups have been bolstering their technical prowess and psychological shakedowns with a fresh strategy: attempting to control the narrati…DATABREACHTODAY.CO.UK
13 DecLockBit ransomware now poaching BlackCat, NoEscape affiliatesThe LockBit ransomware operation is now recruiting affiliates and developers from the BlackCat/ALPHV and NoEscape after recent disruptions and exit scams. [...]BLEEPINGCOMPUTER.COM
13 DecFrench police arrests Russian suspect linked to Hive ransomwareFrench authorities arrested a Russian national in Paris for allegedly helping the Hive ransomware gang with laundering their victims' ransom payments. [...]BLEEPINGCOMPUTER.COM
13 DecUkraine Fingers Russian Military Hackers for Kyivstar OutageTelecom Operator Slowly Restores Voice Service Ukraine's domestic security agency on Wednesday fingered Russian military hackers as being responsible for hacking Kyivstar, in a statement acknowledging damage to the telecom operator's digital infrastructure. Ukraine's top telecom …DATABREACHTODAY.CO.UK
🕵️ THREAT INTELLIGENCE 25[−]
13 DecISC Stormcast For Wednesday, December 13th, 2023 https://isc.sans.edu/podcastdetail/8776, (Wed, Dec 13th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
13 DecCredential Harvesting with PowerShell and SpecterInsightsubmitted by L4s to secops 1 points | 0 comments https://practicalsecurityanalytics.com/credential-harvesting-with-powershell-and-specterinsight/ Credential Harvesting with PowerShell and SpecterInsight::Overview Credential harvesting, also known as credential theft or credential…PRACTICALSECURITYANALYTICS.COM
13 DecHarry Coker Confirmed as National Cyber DirectorUS Senate confirms former CIA and NSA senior executive Harry Coker as next National Cyber Director in the White House ONCD. The post Harry Coker Confirmed as National Cyber Director appeared first on SecurityWeek .SECURITYWEEK.COM
13 DecHow to Analyze Malware’s Network Traffic in A SandboxMalware analysis encompasses a broad range of activities, including examining the malware's network traffic. To be effective at it, it's crucial to understand the common challenges and how to overcome them. Here are three prevalent issues you may encounter and the tools you'll ne…THEHACKERNEWS.COM
13 DecQuishing: New Sophisticated Phishing Attacks on the RisePhishing, a persistent cyberthreat, has evolved with the times. Once a symbol of convenience, QR codes are now being weaponized by attackers through Quishing. This alarming trend demands attention, as it exposes both individuals and organizations to significant risks. Interpol…GBHACKERS.COM
13 DecCloud Engineer Sentenced for Deleting Ex-employer’s Code Repos & LogsSan Francisco resident Miklos Daniel Brody, 38, took revenge on his former employer, a bank, by hacking valuable computer code and damaging the bank’s cloud system. And the Cloud Engineer Sentenced. After stealing information from and purposefully damaging a protected compu…GBHACKERS.COM
13 DecZero Networks Raises $20 Million to Secure Access to Enterprise AssetsCybersecurity startup Zero Networks has raised $20 million in a Series B funding round led by US Venture Partners. The post Zero Networks Raises $20 Million to Secure Access to Enterprise Assets appeared first on SecurityWeek .SECURITYWEEK.COM
13 DecAI and Everything Else - Benedict Evans | Slush 2023submitted by ashar to security_cpe 2 points | 0 comments https://infosec.pub/pictrs/image/93a681af-a6ba-454a-b0bd-7ac4bd967412.png AI and Everything Else - Benedict Evans | Slush 2023 For two decades, Benedict Evans has been cutting through the noise to figure out what’s really u…INFOSEC.PUB
13 DecCybertrucks | Viagra | Struts | Atlassian | Log4Shell | Pharmacies | Jason Wood & More! – SWN348This week Doug talks: Cybertruck, Viagra, Struts, Atlassian, Log4Shell, Pharmacies, Jason Wood and more on the Security Weekly News! →Full Show Notes: https://securityweekly.com/swn348 →Join the Security Weekly Discord Server: https://discord.gg/pqSwWm4 →Visit our website: https:…YOUTUBE.COM
13 Dec2023 Fraud Highlights: Check Fraud, Scams, Account TakeoverJack Henry's Rene Perez on How to Tackle Check Fraud as Tactics Change Check fraud, scams and account takeovers dominated the fraud landscape in 2023. Banks and other financial institutions are expected to continue to struggle with account takeovers as fraudsters have changed the…DATABREACHTODAY.CO.UK
13 DecApple Testing New Stolen Device Protection Feature for iPhonesApple is testing a new security feature that should limit what iPhone thieves can do with a stolen phone, even if they have the passcode. The post Apple Testing New Stolen Device Protection Feature for iPhones appeared first on SecurityWeek .SECURITYWEEK.COM
13 DecMITRE Unveils EMB3D Threat Model for Embedded Devices Used in Critical InfrastructureMITRE and partners unveil EMB3D, a new threat model designed for critical infrastructure embedded devices. The post MITRE Unveils EMB3D Threat Model for Embedded Devices Used in Critical Infrastructure appeared first on SecurityWeek .SECURITYWEEK.COM
13 DecWhat are You Working on Wednesdaysubmitted by shellsharks to cybersecurity 1 points | 0 comments Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.INFOSEC.PUB
13 DecChinese APT Volt Typhoon Linked to Unkillable SOHO Router BotnetMalware hunters have set eyes on an impossible to kill botnet packed with end-of-life SOHO routers and connects it to a Chinese APT targeting US critical infrastructure. The post Chinese APT Volt Typhoon Linked to Unkillable SOHO Router Botnet appeared first on SecurityWeek .SECURITYWEEK.COM
13 DecPhishing Remains the Most Common Attack Technique, With Malicious URL Use Increasing 144%Analysis of nearly a year’s worth of emails brings insight into exactly what kinds of malicious content are being used, who’s being impersonated, and who’s being targeted.KNOWBE4.COM
13 DecUndercover Threat: North Korean Operatives Infiltrate U.S. Companies Through Job PlatformsResearchers at Nisos warn that North Korean threat actors are impersonating skilled job seekers in order to obtain remote employment at US companies.KNOWBE4.COM
13 DecCongressional Watchdog Finds Gaps in US Federal AI EffortsAgencies Plan More than 1,200 AI Use Cases Major government agencies in the United States intend to apply artificial intelligence, but the majority of planned use cases are still at the planning stage, a congressional watchdog said. Missing from those efforts is governmentwide gu…DATABREACHTODAY.CO.UK
13 DecNmap Peek - View your Nmap files in VSCodesubmitted by L4s to secops 1 points | 0 comments https://marketplace.visualstudio.com/items?itemName=marduc812.nmap-peek Nmap Peek - View your Nmap files in VSCode::Extension for Visual Studio Code - View your nmap output inside VS Code, in a nice clean GUIMARKETPLACE.VISUALSTUDIO.COM
13 DecNew AI Safety Initiative Aims to Set Responsible Standards for Artificial IntelligenceMajor software vendors sign on to a new security initiative to create trusted best practices for artificial intelligence deployments. The post New AI Safety Initiative Aims to Set Responsible Standards for Artificial Intelligence appeared first on SecurityWeek .SECURITYWEEK.COM
13 DecNetwork Device Supply Chains and Lateral Movement - BTS #20In this edition of Below The Surface, we discuss Network Device Supply Chains and Lateral Movement , with Joe Hall, Head of Security Services at Nile. This segment is sponsored by Eclypsium. Visit https://securityweekly.com/eclypsium to learn more about them! →Full Show Notes: ht…YOUTUBE.COM
13 DecA Year in Review on Offensive Security, Defensive Landscapes, and Global Implications -... - BTS #19In this episode, we delve into the dynamic world of supply chain security, recapping the significant developments of the past year. Join us as we explore the evolution of offensive security, defensive landscapes, and the key actors shaping the cybersecurity landscape. Our feature…YOUTUBE.COM
13 DecUK in No Rush to Legislate AI, Technology Secretary SaysGovernment Currently Focused on Assessing AI Risks, Fostering Innovation The U.K. government is in no rush to legislate artificial intelligence, Secretary of State for Science, Innovation and Technology Michelle Donelan said on Wednesday, warning that a hard regulatory approach t…DATABREACHTODAY.CO.UK
13 DecStealthy KV-botnet hijacks SOHO routers and VPN devicesThe Chinese state-sponsored APT hacking group known as Volt Typhoon (Bronze Silhouette) has been linked to a sophisticated botnet named 'KV-botnet' since at least 2022 to attack SOHO routers in high-value targets. [...]BLEEPINGCOMPUTER.COM
13 DecEmbracing AI with guest Alex Sharpe, Managing Director at Sharpe42 PSW #810Join us as we discuss Embracing AI with guest Alex Sharpe, Managing Director at Sharpe42. Mr. Sharpe is a long-time (+30 years) Cybersecurity, Governance, and Digital Transformation expert with real-world operational experience. Mr. Sharpe has run business units and has influence…YOUTUBE.COM
13 DecSanta | SEC | Google | Qakbot | VMWARE | AI | Turing | Voight-Kampff |Jason Wood & More! – SWN350This week Doug talks: Santa, SEC, Google, Qakbot, VMWARE, AI, Turing, Voight-Kampff, Jason Wood, and more are on this edition of the Security Weekly News. →Full Show Notes: https://securityweekly.com/swn350 →Join the Security Weekly Discord Server: https://discord.gg/pqSwWm4 →Vis…YOUTUBE.COM
🌐 CYBER THREAT LANDSCAPE 3[−]
13 DecCloud Engineer Wreaks Havoc on Bank’s Network After FiringThe engineer deployed malware, deleted code repositories, and emailed himself proprietary bank code in retaliation for being fired, impersonating a coworker in the process.THEREGISTER.COM
13 DecMalicious Python Script with a TCL/TK GUI, (Wed, Dec 13th)One essential behavior of malware is to remain "stealthy" and perform nasty activities below the radar. But sometimes, it can be attractive to interact with the victim to make it&#;x26;#;xc2;&#;x26;#;xa0;more confident and u…ISC.SANS.EDU
13 DecCluster of Malicious Python Packages in PyPI Discovered Distributing MalwareESET Research has discovered a cluster of malicious Python packages in PyPI, the official Python package repository. These packages target both Windows and Linux systems and deliver a custom backdoor.WELIVESECURITY.COM
📡 INFOSEC NEWS 13[−]
13 DecOAuth Apps Used to Automate BEC and Cryptomining AttacksAttackers target user accounts without robust authentication measures, creating new OAuth apps with high privileges to ensure continued access and hide their malicious activities.BLEEPINGCOMPUTER.COM
13 DecFrom the Northern Lights to Freediving: Sophos’ Wellbeing DayDecember 1 saw everyone at Sophos have a ‘Wellbeing Day off’.SOPHOS.COM
13 DecDonorView Exposes One Million Records for Unknown Time FrameThe exposed information included donor names, addresses, payment methods, and even sensitive data about children associated with the organizations, posing a potential risk for phishing attacks and fraudulent donation requests.THEREGISTER.COM
13 DecFCC Reminds Mobile Phone Carriers They Must do More to Prevent SIM SwapsThe FCC has updated its rules to require carriers to better verify customers' identities before making any changes to their accounts. The agency also emphasized the importance of quickly notifying customers of any account changes.THERECORD.MEDIA
13 DecGoogle Using Clang Sanitizers to Protect Android Against Cellular Baseband VulnerabilitiesGoogle is highlighting the role played by Clang sanitizers in hardening the security of the cellular baseband in the Android operating system and preventing specific kinds of vulnerabilities. This comprises Integer Overflow Sanitizer (IntSan) and BoundsSanitiz…THEHACKERNEWS.COM
13 DecApple introduces protection to prevent thieves from getting your passwordsApple introduced new security settings with the iOS 17.3 developer beta on Tuesday to prevent thieves from entering your passcode to get your info including account passwords. Apple will likely roll out the final version of iOS 17.3 in a few weeks. The new protections include the…TECHCRUNCH.COM
13 DecInvoices for delivery of non-existent correspondence | Kaspersky official blogAttackers bill companies for delivering non-existent postal items during the holiday season.KASPERSKY.COM
13 DecBazarCall attacks abuse Google Forms to legitimize phishing emailsA new wave of BazarCall attacks uses Google Forms to generate and send payment receipts to victims, attempting to make the phishing attempt appear more legitimate. [...]BLEEPINGCOMPUTER.COM
13 DecMicrosoft seizes domains used to sell fraudulent Outlook accountsMicrosoft's Digital Crimes Unit seized multiple domains used by a Vietnam-based cybercrime group (Storm-1152) that registered over 750 million fraudulent accounts and raked in millions of dollars by selling them online to other cybercriminals. [...]BLEEPINGCOMPUTER.COM
13 DecDelivering trust with DNS securityCan DNS protection technology transform consumers’ worries about cybercrime with a trust-based approach?WELIVESECURITY.COM
13 DecMicrosoft disrupts cybercrime gang behind 750 million fraudulent accountsMicrosoft's Digital Crimes Unit seized multiple domains used by a Vietnam-based cybercrime group (Storm-1152) that registered over 750 million fraudulent accounts and raked in millions of dollars by selling them online to other cybercriminals. [...]BLEEPINGCOMPUTER.COM