matlock.ca // THREAT INTELLIGENCE

113Articles

8Categories

2023-12-19Date

🐛

8220 Gang Exploiting Oracle WebLogic Server Vulnerability to Spread Malware

THEHACKERNEWS.COM — 19 Dec 2023

🐛

Researchers Disclose Zero-Click Exploit for Microsoft Outlook

TECHTARGET.COM — 19 Dec 2023

🐛

Hackers Actively Exploiting ActiveMQ Vulnerability to Install Malware

GBHACKERS.COM — 19 Dec 2023

🐛

36 million people affected by data breach at Xfinity

THERECORD.MEDIA — 19 Dec 2023

🐛

Hackers steal data from millions of Xfinity customers via Citrix Bleed vulnerability

CSOONLINE.COM — 19 Dec 2023

⚠️

How cybersecurity roles are changing and what to look for when hiring

CSOONLINE.COM — 19 Dec 2023

⚠️

xorbot: A Stealthy Botnet Family That Defies Detection

NSFOCUSGLOBAL.COM — 19 Dec 2023

⚠️

US Regulators Warn of AI Risk to Financial Systems

BANKINFOSECURITY.COM — 19 Dec 2023

⚠️

Pro-Israel hacktivist group brings down 70% of gas stations in Iran

CSOONLINE.COM — 19 Dec 2023

⚠️

Insights from the CISA Healthcare and Public Health Sector Risk and Vulnerability Assessment

CISA.GOV — 19 Dec 2023

⚠️

Microsoft Windows 10 security support extension no excuse to put off patching, asset review

CSOONLINE.COM — 19 Dec 2023

⚠️

New SMTP Smuggling Attack Lets Hackers Send Spoofed Emails

GBHACKERS.COM — 19 Dec 2023

⚠️

Xfinity Customer Data Compromised in Attack Exploiting CitrixBleed Vulnerability

SECURITYWEEK.COM — 19 Dec 2023

⚠️

Comcast says hackers stole data of close to 36 million Xfinity customers

TECHCRUNCH.COM — 19 Dec 2023

⚠️

US Agencies Release Security Guidance on Managing SBOMs and Open Source Software

MERITALK.COM — 19 Dec 2023

⚠️

Authorities claim seizure of notorious ALPHV ransomware gang’s dark web leak site

TECHCRUNCH.COM — 19 Dec 2023

⚠️

Novel SMTP Smuggling Technique Slips Past DMARC, Email Protections

DARKREADING.COM — 19 Dec 2023

⚠️

CyberheistNews Vol 13 #51 Phishing Is Still the No. 1 Attack Vector, With Huge 144% Malicious URL Spike

KNOWBE4.COM — 19 Dec 2023

⚠️

Xfinity Discloses Massive Data Breach Affecting Over 35 Million People

KEVBLEEPINGCOMPUTER.COM — 19 Dec 2023

⚠️

Xfinity Customer Data Compromised In Attack Exploiting CitrixBleed Vulnerability

PACKETSTORMSECURITY.COM — 19 Dec 2023

⚠️

The lion’s share of CIOs cyber budgets must go to cloud security platforms

CSOONLINE.COM — 19 Dec 2023

⚠️

FBI Takes Down BlackCat Ransomware, Releases Free Decryption Tool

THEHACKERNEWS.COM — 19 Dec 2023

⚠️

CISA Releases Seven Industrial Control Systems Advisories

CISA.GOV — Tue, 19 Dec 23 1

⚠️

FBI warrant reveals ‘confidential source’ helped AlphV/Blackcat ransomware takedown

THERECORD.MEDIA — 19 Dec 2023

⚠️

Hacktivists say they shut down Iran's gasoline pumps

THEREGISTER.COM — 19 Dec 2023

⚠️

Microsoft Discovers Critical RCE Flaw in Perforce Helix Core Server

BLEEPINGCOMPUTER.COM — 19 Dec 2023

⚠️

Making Service Meshes Work for People - Idit Levine - ASW #267

YOUTUBE.COM — 2023-12-19

⚠️

Mr Cooper now says 15M people's data exposed in cyberattack

THEREGISTER.COM — 19 Dec 2023

⚠️

Qakbot returns: FBI-led takedown lasts just 3 months

THEREGISTER.COM — 19 Dec 2023

⚠️

Ledger JS library poisoned to steal $650K+ from wallets

THEREGISTER.COM — 19 Dec 2023

⚠️

How the FBI seized BlackCat (ALPHV) ransomware’s servers

BLEEPINGCOMPUTER.COM — 19 Dec 2023

⚠️

#StopRansomware: ALPHV Blackcat

CISA.GOV — 19 Dec 2023

⚠️

Interpol operation arrests 3,500 cybercriminals, seizes $300 million

BLEEPINGCOMPUTER.COM — 19 Dec 2023

⚠️

Outlook Plays Attacker Tunes: Vulnerability Chain Leading to Zero-Click RCE

SECURITYWEEK.COM — 19 Dec 2023

⚠️

BlackCat Ransomware Raises Ante After FBI Disruption

KREBSONSECURITY.COM — 19 Dec 2023

⚠️

Report Says CISA is Failing to Identify High-Risk Exploits

KEVDATABREACHTODAY.CO.UK — 2023-12-19

📢

Double-Extortion Play Ransomware Strikes 300 Organizations Worldwide

THEHACKERNEWS.COM — 19 Dec 2023

📢

CISA Urges Manufacturers to Eliminate Default Passwords to Thwart Cyber Threats

THEHACKERNEWS.COM — 19 Dec 2023

📢

Tech Device Manufacturers Urged by CISA to Remove Default Passwords

GBHACKERS.COM — 19 Dec 2023

📢

Cisco security advisory (AV23-774)

CYBER.GC.CA — 2023-12-19

📢

Red Hat security advisory (AV23-773)

CYBER.GC.CA — 2023-12-19

📢

Ransomware Attack on Westpole Disrupted Digital Services for Italian Public Administration

SECURITYAFFAIRS.COM — 19 Dec 2023

📢

FBI, CISA, and ACSC Release Joint Advisory on Play Ransomware

CISA.GOV — 19 Dec 2023

📢

Cyber Risk Management Starts with Risk Quantification - Padraic O'Reilly - BSW #332

YOUTUBE.COM — 2023-12-19

📢

CISA and FBI Release Advisory on ALPHV Blackcat Affiliates

CISA.GOV — Tue, 19 Dec 23 1

📢

Mozilla security advisory (AV23-776)

CYBER.GC.CA — 2023-12-19

📢

Microsoft Edge security advisory (AV23-775)

CYBER.GC.CA — 2023-12-19

📢

HPE security advisory (AV23-777)

CYBER.GC.CA — 2023-12-19

📢

[Control systems] EFACEC security advisory (AV23-779)

CYBER.GC.CA — 2023-12-19

📢

[Control systems] Subnet Solutions security advisory (AV23-778)

CYBER.GC.CA — 2023-12-19

📢

[Control systems] Open Design Alliance security advisory (AV23-780)

CYBER.GC.CA — 2023-12-19

📢

[Control systems] EuroTel security advisory (AV23-781)

CYBER.GC.CA — 2023-12-19

📢

Apple security advisory (AV23-782)

CYBER.GC.CA — 2023-12-19

🔥

Update: October Cyberattack Leaked Data of 14.7 Million People, Mortgage Giant Mr. Cooper Says

THERECORD.MEDIA — 19 Dec 2023

🔥

Alleged LockBit Operator to Face New Cybercrime Charges in Canada

THERECORD.MEDIA — 19 Dec 2023

🔥

What the SEC Weighed in Finalizing the Cyber Disclosure Rules

CYBERSECURITYDIVE.COM — 19 Dec 2023

🔥

Apparel Giant VF Corporation Reports Cyberattack on First Day of SEC Disclosure Rule

THERECORD.MEDIA — 19 Dec 2023

🔥

Mr. Cooper Data Breach Impacts 14.7 Million Individuals

SECURITYWEEK.COM — 19 Dec 2023

🔥

Governments Issue Warning After Play Ransomware Hits Hundreds of Organizations

SECURITYWEEK.COM — 19 Dec 2023

🔥

Iran Hit by Major Cyberattack Targeting Nation's Fuel Supply

BANKINFOSECURITY.COM — 19 Dec 2023

🔥

2022 Election Not Impacted by Chinese, Russian Cyber Activity: DOJ, DHS

SECURITYWEEK.COM — 19 Dec 2023

🔥

Hackers Abusing GitHub to Evade Detection and Control Compromised Hosts

THEHACKERNEWS.COM — 19 Dec 2023

🔥

Anti-ransomware startup Halcyon lands fresh $40M tranche

TECHCRUNCH.COM — 19 Dec 2023

🔥

Web injections are back on the rise: 40+ banks affected by new malware campaign

SECURITYINTELLIGENCE.COM — 19 Dec 2023

🔥

FBI disrupts Blackcat ransomware operation, creates decryption tool

BLEEPINGCOMPUTER.COM — 19 Dec 2023

🔥

Halcyon Raises $40 Million for Anti-Ransomware Platform

SECURITYWEEK.COM — 19 Dec 2023

🔥

Mr. Cooper Breach Affects 14.6 Million Customers

PACKETSTORMSECURITY.COM — 19 Dec 2023

🔥

Brazil's First Lady To Sue Musk's X Over Hacked Account

PACKETSTORMSECURITY.COM — 19 Dec 2023

🔥

Behind the Scenes of Matveev's Ransomware Empire: Tactics and Team

THEHACKERNEWS.COM — 19 Dec 2023

🔥

Holiday Scams Include Thousands of Impersonation Phishing Domains per Brand

KNOWBE4.COM — 19 Dec 2023

🔥

FBI Seizes BlackCat Infrastructure; Group Has New Domain

DATABREACHTODAY.CO.UK — 2023-12-19

🔥

US Gov Disrupts BlackCat Ransomware Operation; FBI Releases Decryption Tool

SECURITYWEEK.COM — 19 Dec 2023

🔥

FBI: ALPHV ransomware raked in $300 million from over 1,000 victims

BLEEPINGCOMPUTER.COM — 19 Dec 2023

🔥

Iowa Medical Center Latest Victim of Transcription Firm Hack

DATABREACHTODAY.CO.UK — 2023-12-19

🔥

BlackCat Ransomware 'Unseizing' a Dark Web Stunt

DATABREACHTODAY.CO.UK — 2023-12-19

🕵️

ISC Stormcast For Tuesday, December 19th, 2023 https://isc.sans.edu/podcastdetail/8784, (Tue, Dec 19th)

ISC.SANS.EDU — 19 Dec 2023

🕵️

QakBot Malware Emerges with New Tactics, Attacking Hospitality Industry

GBHACKERS.COM — 19 Dec 2023

🕵️

New Malvertising Campaign Distributing PikaBot Disguised as Popular Software

THEHACKERNEWS.COM — 19 Dec 2023

🕵️

OpenAI Is Not Training on Your Dropbox Documents—Today

SCHNEIER.COM — 2023-12-19

🕵️

Iranian Hackers Using MuddyC2Go in Telecom Espionage Attacks Across Africa

THEHACKERNEWS.COM — 19 Dec 2023

🕵️

Every “Thing” Everywhere All at Once

SECURITYWEEK.COM — 19 Dec 2023

🕵️

How Microsoft might have lured unsuspecting end-users into the hands of criminals

EYE.SECURITY — 19 Dec 2023

🕵️

The Rise in Attacks Requires Specialized Expertise – Breakaway 1=5

PALOALTONETWORKS.COM — 19 Dec 2023

🕵️

Sidewinder Hacker Group Using Weaponized Documents to Deliver Malware

GBHACKERS.COM — 19 Dec 2023

🕵️

Turngate Raises $5 Million to Shed Light on User Activity

SECURITYWEEK.COM — 19 Dec 2023

🕵️

Four Pieces of Transitional Advice: Incoming CISOs - Sean Zadig - CSP #153

YOUTUBE.COM — 2023-12-19

🕵️

New Remote “Job” Scam Tells Victims They'll Get Paid For Liking YouTube Videos

KNOWBE4.COM — 19 Dec 2023

🕵️

Effective Security Strategy, Overlooked Leadership Attributes, and Fun Icebreakers - BSW #332

YOUTUBE.COM — 2023-12-19

🕵️

Nagios and Abandoned Projects, Hacking Trains (to Fix Them), OAuth Threats, 5Ghoul - ASW #267

YOUTUBE.COM — 2023-12-19

🕵️

Understanding The Workings of Russian Hacker “Wazawaka”

25491742.FS1.HUBSPOTUSERCONTENT-EU1.NET — 19 Dec 2023

🕵️

Looking Ahead: Mobile Driver's Licenses for ID Verification

DATABREACHTODAY.CO.UK — 2023-12-19

🕵️

Santa, SEC, Google, Qakbot, VMWARE, AI, Turing, Voight-Kampff, Jason Wood, and more - SWN #350

YOUTUBE.COM — 2023-12-19

🕵️

How Strata Identity and Microsoft Entra ID solve identity challenges in mergers and acquisitions

MICROSOFT.COM — 19 Dec 2023

🕵️

Okta to Acquire Spera Security

DATABREACHTODAY.CO.UK — 2023-12-19

🕵️

What are You Working on Wednesday

INFOSEC.PUB — 19 Dec 2023

🕵️

OpenAI Formulates Framework to Mitigate 'Catastrophic Risks'

DATABREACHTODAY.CO.UK — 2023-12-19

🕵️

Azure Serial Console Attack and Defense - Part 2

MSRC.MICROSOFT.COM — 19 Dec 2023

🌐

“Inhospitality” malspam campaign targets hotel industry

SOPHOS.COM — 19 Dec 2023

🌐

New Web injections campaign steals banking data from 50,000 people

BLEEPINGCOMPUTER.COM — 19 Dec 2023

🌐

ESET Threat Report H2 2023

WELIVESECURITY.COM — 19 Dec 2023

🎙️

Sharing stories on the CyberTuesday podcast

GRAHAMCLULEY.COM — 19 Dec 2023

📡

Microsoft is Working on a More Secure Print System for Windows

HELPNETSECURITY.COM — 19 Dec 2023

📡

A Season of Giving at Sophos

SOPHOS.COM — 19 Dec 2023

📡

Are We Ready to Give Up on Security Awareness Training?

THEHACKERNEWS.COM — 19 Dec 2023

📡

SimSpace raises $45M to simulate tech stacks for cyber training

TECHCRUNCH.COM — 19 Dec 2023

📡

What are they looking for? Scans for OpenID Connect Configuration, (Tue, Dec 19th)

ISC.SANS.EDU — 19 Dec 2023

📡

New QakBot Phishing Campaign Appears After FBI Takedown

PACKETSTORMSECURITY.COM — 19 Dec 2023

📡

Hacktivists Shut Down Iran's Gas Pumps

PACKETSTORMSECURITY.COM — 19 Dec 2023

📡

New Scam Involving Remote Jobs on Social Media Platforms

BITDEFENDER.COM — 19 Dec 2023

📡

Terrapin attacks can downgrade security of OpenSSH connections

BLEEPINGCOMPUTER.COM — 19 Dec 2023

📡

Microsoft confirms Windows 11 Wi-Fi issues, asks for user feedback

BLEEPINGCOMPUTER.COM — 19 Dec 2023

📡

Sensor Intel Series: Top CVEs in November 2023

F5.COM — 19 Dec 2023

📡

Sensor Intel Series: Top CVEs in November 2023

F5.COM — 19 Dec 2023