113Articles
7Categories
2023-12-14Date
🐛 COMMON VULNERABILITIES AND EXPOSURES 4[−]
14 DecRussian Hackers Exploiting JetBrain Vulnerability to Hack ServersThe Federal Bureau of Investigation (FBI), the National Security Agency (NSA), and other co-authoring agencies have issued a warning that Russian Foreign Intelligence Service (SVR) cyber actors are widely exploiting CVE-2023-42793, aiming their attacks at servers that host JetBra…GBHACKERS.COM
14 DecLazarus APT attack campaign shows Log4Shell exploitation remains popularDespite receiving a patch two years ago, the Log4Shell vulnerability remains a popular attack vector even for sophisticated threat actors. An example is a recently documented attack campaign against companies from several industries by the North Korean state-run Lazarus APT group…CSOONLINE.COM
14 DecSiemens SINUMERIKAs of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Serv…CISA.GOV
14 DecCryptohack Roundup: Hack Attacks Plummet in 2023Also: Changpeng Zhao to Remain in the US; Vulnerability in Bitcoin Core This week: 2023 hacking statistics, order for ex-Binance chief to stay in U.S., a $25M crypto AI scam indictment, a $2.7M OKX hack, a Bitcoin security flaw in the NVD, a Uranium hacker's laundering scheme, ND…DATABREACHTODAY.CO.UK
⚠️ VULNERABILITY DISCLOSURE 25[−]
14 DecThink tank report labels NSO, Lazarus 'cyber mercenaries'submitted by c0mmando to netsec 1 points | 1 comments https://www.theregister.com/2023/12/13/cyber_mercenary_orf_report/ Cybercrime gangs like the notorious Lazarus group and spyware vendors like Israel’s NSO should be considered cyber mercenaries – and become the subject of a co…THEREGISTER.COM
14 DecHacker Group Linked to Russian Military Claims Credit for Cyberattack on Ukrainian Telecomsubmitted by c0mmando to netsec 1 points | 0 comments https://web.archive.org/web/20231213205125/https://www.wired.com/story/ukraine-kyivstar-solntsepek-sandworm-gru/ A hacker group calling itself Solntsepek—previously linked to Russia’s notorious Sandworm hackers—says it carried…WEB.ARCHIVE.ORG
14 DecLatest UN Cybercrime Treaty draft a ‘significant step in the wrong direction,’ experts warnsubmitted by c0mmando to netsec 3 points | 0 comments https://therecord.media/un-cybercrime-treaty-draft-criticized Dozens of cybersecurity experts and human rights groups have criticized the latest draft of the controversial UN Cybercrime Treaty currently being negotiated by mem…THERECORD.MEDIA
14 DecNew Hacker Group 'GambleForce' Tageting APAC Firms Using SQL Injection AttacksA previously unknown hacker outfit called GambleForce has been attributed to a series of SQL injection attacks against companies primarily in the Asia-Pacific (APAC) region since at least September 2023. "GambleForce uses a set of basic yet very effective techniques, in…THEHACKERNEWS.COM
14 DecUpdate: Credit Union Operations Restored After Tech Supplier Ransomware AttackThe NCUA has been in contact with the affected financial institutions and helped them get their systems back online. The attack, which was caused by ransomware, affected credit unions using cloud services provided by Ongoing Operations.THERECORD.MEDIA
14 DecUpdate: Hackers are Exploiting Critical Apache Struts Flaw Using Public PoCHackers are actively exploiting a critical vulnerability in Apache Struts that allows for remote code execution, potentially leading to unauthorized access, data theft, and network disruption.BLEEPINGCOMPUTER.COM
14 DecNew Hacker Group 'GambleForce' Tageting APAC Firms Using SQL Injection AttacksThe group relies on open-source tools like dirsearch, sqlmap, tinyproxy, and redis-rogue-getshell at different stages of the attacks and a post-exploitation framework called Cobalt Strike.THEHACKERNEWS.COM
14 DecRussian Cyberspies Exploiting TeamCity Vulnerability at Scale: Government AgenciesUS, UK, and Poland warn of Russia-linked cyberespionage group’s broad exploitation of recent TeamCity vulnerability. The post Russian Cyberspies Exploiting TeamCity Vulnerability at Scale: Government Agencies appeared first on SecurityWeek .SECURITYWEEK.COM
14 DecRussian SVR-Linked APT29 Targets JetBrains TeamCity Servers in Ongoing AttacksThreat actors affiliated with the Russian Foreign Intelligence Service (SVR) have targeted unpatched JetBrains TeamCity servers in widespread attacks since September 2023. The activity has been tied to a nation-state group known as APT29, which is also tracked as BlueBravo, …THEHACKERNEWS.COM
14 DecRussian Foreign Intelligence Service (SVR) Exploiting JetBrains TeamCity CVE GloballyThe Russian SVR cyber actors are exploiting a vulnerability in JetBrains TeamCity software to gain access to software developers' networks and potentially conduct supply chain operations.CISA.GOV
14 DecAI enters production systems even as ‘trust’ emerges as a growing concernAI has seen massive adoption in the public as well as private sector, with only a small fraction of both segments believing they are at least two years away from successfully leveraging it, according to a new report from Foundry Research. The research, commissioned by Splunk, sur…CSOONLINE.COM
14 DecFrench Police Arrests Russian Suspect Linked to Hive RansomwareFrench police have arrested a Russian national in Paris for allegedly helping the Hive ransomware gang with money laundering. The suspect was apprehended after being linked to digital wallets that received millions of dollars from suspicious sources.BLEEPINGCOMPUTER.COM
14 DecChina-Linked APT Volt Typhoon Linked to KV-Botnet AttacksVolt Typhoon utilizes living-off-the-land techniques and hands-on-keyboard activity to evade detection, routing malicious traffic through compromised SOHO network devices and relying on customized versions of open-source tools for communication.SECURITYAFFAIRS.COM
14 DecCheck Point Software in SEC Settlement Talks in Connection With SolarWinds ProbeCheck Point Software Technologies has cooperated with the SEC inquiry into the SolarWinds Orion cyber vulnerability, voluntarily providing documents and information about its limited testing environment access.CYBERSECURITYDIVE.COM
14 DecAccelerating security outcomes with a cloud-native SIEMAs organizations modernize their IT infrastructure and increase adoption of cloud services, security teams face new challenges in terms of staffing, budgets and technologies. To keep pace, security programs must evolve to secure modern IT environments against fast-evolving threat…SECURITYINTELLIGENCE.COM
14 DecThreatNG Open-Source Datasets Aim to Improve Cybersecurity PracticesThe ThreatNG Governance and Compliance Dataset is an open-source initiative that aims to provide access to critical cybersecurity data, promoting transparency and collaboration.HELPNETSECURITY.COM
14 DecHackers Keep Winning by Gambling on SQL Injection ExploitsGambling and Retail Firms Top Targets of 'GambleForce' Group, Researchers Warn A recently spotted hacking group with a penchant for using open source tools has been using a less-than-novel tactic: exploiting SQL injection flaws. So warn researchers who recently detected attacks b…DATABREACHTODAY.CO.UK
14 DecThreat Thursday - CTI, vulnerabilities and discussionssubmitted by shellsharks to cybersecurity 1 points | 0 comments Weekly thread for highlighting and discussing the past week’s notable threats, vulnerabilities, breaches and more! Feel free to comment on what I’ve collected or share things you have found useful or interesting! 5Gh…INFOSEC.PUB
14 DecHackers exploit Google Forms to trick users into falling for call-back phishing attackSecurity researchers have discovered the latest evolution in call-back phishing campaigns. Read more in my article on the Tripwire State of Security blog.TRIPWIRE.COM
14 DecNew Threat Actor Uses SQL Injection Attacks to Steal Data From APAC CompaniesGambleForce uses SQL injections to hack gambling, government, retail, and travel websites to steal sensitive information. The post New Threat Actor Uses SQL Injection Attacks to Steal Data From APAC Companies appeared first on SecurityWeek .SECURITYWEEK.COM
14 DecFortiGuard Releases Security Updates for Multiple ProductsFortiGuard has released security updates to address vulnerabilities in multiple FortiGuard products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following advisories…CISA.GOV
14 DecCISA Releases Seventeen Industrial Control Systems AdvisoriesCISA released seventeen Industrial Control Systems (ICS) advisories on December 14, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-348-01 Cambium ePMP 5GHz Force 300-25 Radio ICSA-23-348-02 J…CISA.GOV
14 DecHow Can DSPM Prevent High-Profile Breaches?In early October 2023, a DNA testing company for ancestry discovery purposes, 23andMe, disclosed that it suffered a data breach. On the 5th of December 2023, the company shared that the data breach was more damaging than was initially reported. At first, they claimed that the dat…GBHACKERS.COM
14 DecApache Struts 2 vulnerability discovered, as proof of concept circulatesA new vulnerability in the Struts 2 web application framework can potentially enable a remote attacker to execute code on systems running apps based on earlier versions of the software. The vulnerability, announced this week by Apache, involves a potential attacker manipulating f…CSOONLINE.COM
14 DecHackers Exploiting Critical Apache Struts FlawBug Enables Path Traversal Attack Hackers are using publicly disclosed proof-of-concept code to exploit a recently patched critical vulnerability found in the Apache Struts 2 Framework to achieve remote code execution. The Apache Foundation, which manages the Struts library, on D…DATABREACHTODAY.CO.UK
📢 SECURITY ADVISORIES 10[−]
14 DecUK’s Ministry of Defence fined after Bcc email blinder that put the lives of Afghan citizens at riskThe British Ministry of Defence (MoD) has been fined £350,000 for recklessly causing a data breach that exposed the personal details of citizens of Afghanistan who were seeking to flee the country after the Taliban took control in 2021. Read more in my article on the Hot for Secu…BITDEFENDER.COM
14 DecCISA Asks Public Opinion on Google Workspace Secure Configuration BaselinesIn a groundbreaking stride towards fortifying cloud security, the Cybersecurity and Infrastructure Security Agency (CISA) unveils the Secure Cloud Business Applications (SCuBA) Google Workspace (GWS) Secure Configuration Baselines. This architectural marvel establishes a robust g…GBHACKERS.COM
14 DecIndustry Regulations and Standards are Driving OT Security PrioritiesGovernments are driving OT security priorities and investments through regulations and standards. The TSA Security Directives have had the most significant impact on organizations' security priorities, followed by CDM DEFEND and ISA/IEC-62443.HELPNETSECURITY.COM
14 DecDistrict Court in Switzerland ‘Victim of a Cyber Attack’This incident follows a similar ransomware attack on the municipal administration of Zollikofen in November, highlighting the growing threat of ransomware attacks targeting Swiss organizations.THERECORD.MEDIA
14 DecBreach Roundup: French Police Arrest Alleged Hive Money ManAlso: Amazon Sues Alleged Refund Gang, Ukraine Says It Hacked Russian Tax System This week, French police arrested an alleged Hive "banker," Amazon cracked down on a refund fraud ring, Ukraine military intelligence said it hacked the Russian tax system, the U.K. Ministry of Defen…DATABREACHTODAY.CO.UK
14 DecDental Plan Administrator Fined $400K for Phishing BreachNY State AG Says Compromised Account Contained 12 Years of Email New York State regulators have smacked one of the largest dental administrators in the state with a $400,000 fine for a 2021 incident in which an attacker gained access to an employee email account containing 12 yea…DATABREACHTODAY.CO.UK
🔥 INCIDENT REPORTING 13[−]
14 DecLockBit Ransomware Now Poaching BlackCat, NoEscape AffiliatesAffiliates associated with NoEscape claimed that the ransomware operators pulled an exit scam, stealing millions of dollars in ransom payments and shutting off the operation's web panels and data leak sites.BLEEPINGCOMPUTER.COM
14 DecSilent, Yet Powerful Pandora hVNC, The Popular Cybercrime Tool That Flies Under the RadarPandora hVNC is a widely used remote access trojan (RAT) that allows cybercriminals to gain covert control over victims' computers, enabling activities like data theft and unauthorized access to sensitive systems.SLASHNEXT.COM
14 DecWhatsapp, Slack, Teams, and Other Messaging Platforms Face Constant Security RisksAccording to SafeGuard Cyber, the use of popular messaging apps like WhatsApp in business settings has led to a significant increase in security incidents, with 42% of flagged messages occurring in WhatsApp.HELPNETSECURITY.COM
14 Dec KEVMicrosoft cracks down on group operating ‘cybercrime-as-a-service’Marking a major step in the fight against cybercrime, Microsoft has initiated action against Storm-1152, a group that offers a ' cybercrime-as-a-service ' network. The company has aggressively pursued legal measures to dismantle Storm-1152's network, seizing its US-based infrastr…CSOONLINE.COM
14 DecRed Roof Hotels Claims Cybersecurity Incident Did Not Involve Guest DataHotel company Red Roof experienced a ransomware attack in September, but fortunately, no guest data was compromised. The attack was detected when suspicious activity was noticed, leading to the discovery of ransomware.CYBERSECURITYDIVE.COM
14 DecSony Investigating Potential Ransomware Attack on Insomniac Games UnitSony's subsidiary, Insomniac Games, is currently investigating a reported ransomware attack by the Rhysida gang, which has targeted various government institutions and healthcare organizations in the past.THERECORD.MEDIA
14 DecMicrosoft Seizes Domains Used to Sell Fraudulent Outlook AccountsThe cybercrime group, Storm-1152, provided accounts to other cybercriminals involved in ransomware attacks and data theft, highlighting the interconnectedness of various criminal networks.BLEEPINGCOMPUTER.COM
14 DecSupply chain attack targeting Ledger crypto wallet leaves users hackedHackers compromised the code behind a crypto protocol used by multiple web3 applications and services, the software maker Ledger said on Thursday. Ledger, a company that makes a widely used and popular crypto hardware and software wallet, among other products, announced on X (pre…TECHCRUNCH.COM
14 DecProtect your Active Directory from these Password-based VulnerabilitiesTo safeguard against potential cyberattacks and outages, it is essential to be vigilant against common Active Directory attacks, Learn more from Specops Software about these attacks and how harden your defenses. [...]BLEEPINGCOMPUTER.COM
14 DecU.S. nuclear research lab data breach impacts 45,000 peopleThe Idaho National Laboratory (INL) confirmed that attackers stole the personal information of more than 45,000 individuals after breaching its cloud-based Oracle HCM HR management platform last month. [...]BLEEPINGCOMPUTER.COM
14 DecTen Years Later, New Clues in the Target BreachOn Dec. 18, 2013, KrebsOnSecurity broke the news that U.S. retail giant Target was battling a wide-ranging computer intrusion that compromised more than 40 million customer payment cards over the previous month. The malware used in the Target breach included the text string "Resc…KREBSONSECURITY.COM
14 DecDashlane ditching master passwordsA top-tier password manager maker is ditching the use of master passwords and offering its users a totally passwordless experience. Dashlane made the announcement Wednesday, saying the feature allows new users to create an account without having to set up and remember a master pa…CSOONLINE.COM
14 DecKraft Heinz investigates hack claims, says systems ‘operating normally’Kraft Heinz has confirmed that their systems are operating normally and that there is no evidence they were breached after an extortion group listed them on a data leak site. [...]BLEEPINGCOMPUTER.COM
🕵️ THREAT INTELLIGENCE 31[−]
14 DecEmbracing AI - Alex Sharpe - PSW #810Mr. Sharpe is a long-time (+30 years) Cybersecurity, Governance, and Digital Transformation expert with real-world operational experience. Mr. Sharpe has run business units and has influenced national policy. He has spent much of his career helping corporations and government age…YOUTUBE.COM
14 DecT-shooting Terraform for DShield Honeypot in Azure [Guest Diary], (Wed, Dec 13th)[This is a Guest Diary by Michael Smith, an ISC intern as part of the SANS.edu BACS program] ISC.SANS.EDU
14 DecEmbracing AI | News - PSW8106:00pm ET - Alex Sharpe 7:00pm ET - Security News This week, we start things off by discussing Embracing AI with Alex Sharpe, Managing Director at Sharpe42. Then we discuss the security news for the week. →Full Show Notes: https://securityweekly.com/psw810 →Join the Security Week…YOUTUBE.COM
14 DecISC Stormcast For Thursday, December 14th, 2023 https://isc.sans.edu/podcastdetail/8778, (Thu, Dec 14th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
14 DecMY TAKE: Fostering Digital Trust – the role of ‘post-quantum crypto’ and ‘crypto agility’ in 2024Notable progress was made in 2023 in the quest to elevate Digital Trust . Related: Why IoT standards matter Digital Trust refers to the level of confidence both businesses and consumers hold in digital products and services – not just … (more…)LASTWATCHDOG.COM
14 DecMicrosoft Disrupts Cybercrime Service That Created 750 Million Fraudulent AccountsMicrosoft disrupts Storm-1152, a cybercrime-as-a-service business facilitating phishing, identity theft, and DDoS attacks. The post Microsoft Disrupts Cybercrime Service That Created 750 Million Fraudulent Accounts appeared first on SecurityWeek .SECURITYWEEK.COM
14 DecBeyond the Noise: Appreciating the Quiet Work of Effective DoersMore often than not, we are grateful for and celebrate the wrong people. It is incumbent on all of us to take the time to appreciate and acknowledge the doers in our lives. The post Beyond the Noise: Appreciating the Quiet Work of Effective Doers appeared first on SecurityWeek .SECURITYWEEK.COM
14 DecDell Urges Customers to Patch Vulnerabilities in PowerProtect ProductsDell is informing PowerProtect DD product customers about 8 vulnerabilities, including many rated ‘high severity’, and urging them to install patches. The post Dell Urges Customers to Patch Vulnerabilities in PowerProtect Products appeared first on SecurityWeek .SECURITYWEEK.COM
14 DecIranian State-Sponsored OilRig Group Deploys 3 New Malware DownloadersThe Iranian state-sponsored threat actor known as OilRig deployed three different downloader malware throughout 2022 to maintain persistent access to victim organizations located in Israel. The three new downloaders have been named ODAgent, OilCheck, and OilBooster by S…THEHACKERNEWS.COM
14 DecBazarCall Attack Weaponizing Google Forms to Appear LegitimateA new type of phishing attack known as BazarCall has emerged, and it’s using a clever technique to make it appear more legitimate. The attack utilizes a Google Form to trick unsuspecting victims into divulging sensitive information. The method of phishing that is being disc…GBHACKERS.COM
14 DecLW ROUNDTABLE: Cybersecurity takeaways of 2023 — and what’s ahead in 2024 ( part 2)Here’s part two of Last Watchdog’s year-end tête-à-tête with top cybersecurity experts. Part three to follow on Friday. We asked two questions: •What should be my biggest takeaway from 2023, with respect to mitigating cyber risks at my organization? •What … (more…)LASTWATCHDOG.COM
14 DecMITRE Reveals EMB3D, a Threat Model for Embedded Devices in Critical InfrastructureRed Balloon Security, Narf Industries, and MITRE collaborated to create the EMB3D Threat Model, which offers a shared knowledge of the risks embedded devices experience and the security measures needed. The EMB3D model is a comprehensive framework that focuses specifically on emb…GBHACKERS.COM
14 DecTop 3 Cybersecurity Trends for SME Business Leaders in 2024As Cynet’s COO, my team and I get to work closely with risk management executives at small-to-medium enterprises (SMEs) around the world. In this article, I’ll condense our collaboration’s insights into three key trends for 2024, backed up by data and research from al…GBHACKERS.COM
14 DecChinese Hackers Seized Outdated Routers for Covert Data TransferVolt Typhoon, also known as the Bronze Silhouette, has been discovered to be linked with a complex botnet called “KV-botnet.” The threat actor has been using this botnet to target Small Office/Home Office routers since at least February 2022. Their primary targets are…GBHACKERS.COM
14 DecPoisoned AI Coding, Assistant Tools Opens Application to Hack AttackAI (Artificial Intelligence) has significantly revolutionized software engineering with several advanced AI tools like ChatGPT and GitHub Copilot, which help boost developers’ efficiency. Besides this, two types of AI-powered coding assistant tools emerged in recent times, …GBHACKERS.COM
14 DecResearch Shows 163% ROI with Palo Alto Networks Software FirewallsThe Total Economic Impact of Palo Alto Networks Software Firewalls shows our software NGFWs providing $3.70 million in benefits over a period of 3 years. The post Research Shows 163% ROI with Palo Alto Networks Software Firewalls appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
14 DecNew Pierogi++ Malware by Gaza Cyber Gang Targeting Palestinian EntitiesA pro-Hamas threat actor known as Gaza Cyber Gang is targeting Palestinian entities using an updated version of a backdoor dubbed Pierogi. The findings come from SentinelOne, which has given the malware the name Pierogi++ owing to the fact that it's implemented in the C…THEHACKERNEWS.COM
14 DecModern Security Podcast: Jamie Finnigan on How HashiCorp Secures Their Products - 1 hour 3 minutessubmitted by ashar to security_cpe 1 points | 0 comments https://infosec.pub/pictrs/image/e344befa-2636-4503-974c-598b9997e8bf.png Modern Security Podcast: Jamie Finnigan on How HashiCorp Secures Their Products In this episode of the Modern Security Podcast we were joined by Jami…INFOSEC.PUB
14 DecNew Methodology for Bluetooth Security Assessmentsubmitted by L4s to secops 1 points | 0 comments https://www.tarlogic.com/bsam/ New Methodology for Bluetooth Security Assessment::undefinedTARLOGIC.COM
14 DecSurveillance Cameras Disguised as Clothes HooksThis seems like a bad idea. And there are ongoing lawsuits against Amazon for selling them.SCHNEIER.COM
14 DecWhite House Obtains Safe AI Pledges from 28 Healthcare FirmsCompanies Commit to Risk Management, Making Care More Affordable More than a dozen healthcare organizations on Thursday signed a White House pledge committing them to responsible deployment of artificial intelligence in a bid to improve health outcomes for Americans while protect…DATABREACHTODAY.CO.UK
14 DecHow Sandboxes Help Security Analysts Expose Script-Based AttacksCybercriminals employ numerous tactics to infiltrate endpoints and scripts are among the most destructive. You can trigger an infection chain by clicking on a seemingly innocuous document, potentially compromising your entire network. To prevent this, analyzing suspicious files i…GBHACKERS.COM
14 DecLogoFAIL, Default Passwords and Android Hacking - PSW #810Analyzing firmware with EMBA, TinyXML, and the ugly supply chain, ignoring vulnerabilities that allow attackers to turn off your vehicle, Android lock screen bypass and running water, LogoFAIL updates, and the confusing severity, you still haven’t patched Log4Shell, the password …YOUTUBE.COM
14 DecWhy Security Awareness Training Is Effective in Reducing Cybersecurity RiskSecurity awareness training (SAT) works! A well-designed security awareness training campaign will significantly reduce cybersecurity risk.KNOWBE4.COM
14 DecBazarCall Phishing Campaign Abuses Google FormsA new BazarCall phishing campaign is using Google Forms to send phony invoices, according to researchers at Abnormal Security.KNOWBE4.COM
14 DecAs the Holiday Season Ramps Up, So Do Scams Impersonating the U.S. Postal ServiceTaking traditional “delayed package” scams up a notch, new phishing and smishing attack campaigns are leveraging freemium DNS services to avoid detection by security solutions.KNOWBE4.COM
14 DecIt's been 24 hours of users reporting that Ubiquiti is showing other people's consoles and cameras with limited accesssubmitted by L4s to secops 1 points | 0 comments https://community.ui.com/questions/Security-Issue-Cloud-Site-Manager-presented-me-your-consoles-not-mine/376ec514-572d-476d-b089-030c4313888c It’s been 24 hours of users reporting that Ubiquiti is showing other people’s consoles an…COMMUNITY.UI.COM
14 DecHandling security vulnerabilities in Spring Bootsubmitted by Lanky_Pomegranate530 to cybersecurity 1 points | 0 comments https://snyk.io/blog/security-vulnerabilities-spring-boot/SNYK.IO
14 DecUS officials: Russians hackers are launching potential SolarWinds-style operationssubmitted by Lanky_Pomegranate530 to cybersecurity 1 points | 0 comments https://cybernews.com/news/us-officials-russians-hackers-are-launching-potential-solarwinds-style-operations/CYBERNEWS.COM
14 DecMicrosoft Seized Domains that Offered Fake Outlook AccountsCriminals Created 750 Million Fraudulent Microsoft Accounts A U.S. federal court at the behest of Microsoft seized multiple domains used by a Vietnamese cybercrime group that created 750 million fraudulent Microsoft accounts while raking millions of dollars in illicit revenue. St…DATABREACHTODAY.CO.UK
🌐 CYBER THREAT LANDSCAPE 6[−]
14 DecDistributional wants to develop software to reduce AI riskCompanies are increasingly curious about AI and the ways in which it can be used to (potentially) boost productivity. But they’re also wary of the risks. In a recent Workday survey, enterprises cite the timeliness and reliability of the underlying data, potential bias and s…TECHCRUNCH.COM
14 Dec116 Malware Packages Found on PyPI Repository Infecting Windows and Linux SystemsCybersecurity researchers have identified a set of 116 malicious packages on the Python Package Index (PyPI) repository that are designed to infect Windows and Linux systems with a custom backdoor. "In some cases, the final payload is a variant of the infamous W4SP Stealer, …THEHACKERNEWS.COM
14 DecLedger dApp supply chain attack steals $600K from crypto walletsLedger is warnings users not to use web3 dApps after a supply chain attack on the 'Ledger dApp Connect Kit' library was found pushing a JavaScript wallet drainer that stole $600,000 in crypto and NFTs. [...]BLEEPINGCOMPUTER.COM
14 DecSmashing Security podcast #352: For research purposes onlyA hacker bursts the bubble of inflatable fetish fans, Hollywood celebrities unwittingly record videos in a Kremlin plot, and there's a particularly devious WordPress-related malware campaign. All this and much much more is discussed in the latest edition of the "Smashing Security…GRAHAMCLULEY.COM
14 DecTen new Android banking trojans targeted 985 bank apps in 2023This year has seen the emergence of ten new Android banking malware families, which collectively target 985 bank and fintech/trading apps from financial institutes across 61 countries. [...]BLEEPINGCOMPUTER.COM
14 DecNew NKAbuse malware abuses NKN blockchain for stealthy commsA new Go-based multi-platform malware identified as 'NKAbuse' is the first malware abusing NKN (New Kind of Network) technology for data exchange, making it a stealthy threat. [...]BLEEPINGCOMPUTER.COM
📡 INFOSEC NEWS 24[−]
14 DecMicrosoft Takes Legal Action to Crack Down on Storm-1152's Cybercrime NetworkMicrosoft on Wednesday said it obtained a court order to seize infrastructure set up by a group called Storm-1152 that peddled roughly 750 million fraudulent Microsoft accounts and tools through a network of bogus websites and social media pages to other criminal actors, netting …THEHACKERNEWS.COM
14 DecUS Senate Confirms Harry Coker Jr. as National Cyber DirectorHarry Coker Jr., a Navy veteran and former executive director of the National Security Agency, will lead the Office of the National Cyber Director and be responsible for implementing the national cybersecurity strategy.CYBERSECURITYDIVE.COM
14 DecEU’s Internet Reforms Will Undermine a Decade of Advances in Online SecurityThe proposed eIDAS 2.0 bill in the European Union threatens online privacy and security by revoking web browsers' ability to independently test the authenticity and trustworthiness of certificate authorities.HELPNETSECURITY.COM
14 DecReimagining Network Pentesting With AutomationNetwork penetration testing plays a crucial role in protecting businesses in the ever-evolving world of cybersecurity. Yet, business leaders and IT pros have misconceptions about this process, which impacts their security posture and decision-making.  This blog acts as a qui…THEHACKERNEWS.COM
14 DecScammers Weaponize Google Forms in New BazarCall Attack CampaignA new variant of the BazarCall attack that incorporates Google Forms to deceive victims. In this phishing campaign, scammers send emails pretending to be payment notifications or subscription confirmations from well-known brands.HACKREAD.COM
14 DecMicrosoft disrupts cybercrime operation selling fraudulent accounts to notorious hacking gangMicrosoft says it has successfully dismantled the infrastructure of a cybercrime operation that sold access to fraudulent Outlook accounts to other hackers, including the notorious Scattered Spider gang. The group, tracked by Microsoft as “Storm-1152”, is described as a major pla…TECHCRUNCH.COM
14 DecSaudi Cyber Students Team with Bahrain to Assess AI Security & RiskSaudi Arabian students specializing in AI and cybersecurity are participating in workshops to enhance their capabilities in identifying and assessing potential risks of large language models (LLMs) across different platforms.DARKREADING.COM
14 DecOilRig’s persistent attacks using cloud service-powered downloadersESET researchers document a series of new OilRig downloaders, all relying on legitimate cloud service providers for C&C communicationsWELIVESECURITY.COM
14 DecGoogle Using Clang Sanitizers to Protect Android Against Cellular Baseband VulnerabilitiesGoogle is using Clang sanitizers to enhance the security of the cellular baseband in Android. The sanitizers, including IntSan and BoundSan, detect and prevent vulnerabilities in program execution.THEHACKERNEWS.COM
14 DecReimagining Network Pentesting With AutomationNetwork penetration testing plays a crucial role in protecting businesses in the ever-evolving world of cybersecurity. Yet, business leaders and IT pros have misconceptions about this process, which impacts their security posture and decision-making.  This blog acts as a qui…THEHACKERNEWS.COM
14 DecArrested IntimidationWhy the new US regulatory disclosure requirements work for the defenders, not the criminalsSOPHOS.COM
14 DecDiscord adds Security Key support for all users to enhance securityDiscord has made security key multi-factor authentication (MFA) available for all accounts on the platform, bringing significant security and anti-phishing benefits to its 500+ million registered users. [...]BLEEPINGCOMPUTER.COM
14 DecPrison for man who wiped bank’s data after being fired for accessing porn in the officeA man has been sentenced to 24 months in prison after being found guilty of hacking into his former employer's network, and causing substantial damage. Read more in my article on the Hot for Security blog.BITDEFENDER.COM
14 DecUS detains suspects behind $80 million 'pig butchering' schemeThe U.S. Department of Justice charged four suspects (two of them already detained) for their alleged involvement in a pig butchering fraud scheme that resulted in more than $80 million in victim losses. [...]BLEEPINGCOMPUTER.COM
14 DecUbiquiti users report having access to others’ UniFi routers, camerasSince yesterday, customers of Ubiquiti networking devices, ranging from routers to security cameras, have reported seeing other people's devices and notifications through the company's cloud services. [...]BLEEPINGCOMPUTER.COM
14 DecUniFi devices broadcasted private video to other users’ accounts"I was presented with 88 consoles from another account," one user reports.ARSTECHNICA.COM
14 DecModern Attack Surface Management (ASM) for SecOpsToday’s attack surface requires modern processes and security solutions. Explore the tenants of modern attack surface management (ASM) and what SecOps need to look for in an ASM solution.TRENDMICRO.COM
14 Dec2024 Cybersecurity PredictionsTo quote the late David Foster Wallace: sure, I’m paranoid—but am I paranoid enough?F5.COM
14 DecUniFi devices broadcasted private video to other users’ accounts"I was presented with 88 consoles from another account," one user reports.ARSTECHNICA.COM
14 Dec2024 Cybersecurity PredictionsTo quote the late David Foster Wallace: sure, I’m paranoid—but am I paranoid enough?F5.COM
14 Dec2024 Cybersecurity PredictionsTo quote the late David Foster Wallace: sure, I’m paranoid—but am I paranoid enough?F5.COM