matlock.ca // THREAT INTELLIGENCE — 2023-12-21

87Articles

9Categories

2023-12-21Date

🚨

CISA Adds Two Known Exploited Vulnerabilities to CatalogCISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2023-49897 FXC AE1021, AE1021PE OS Command Injection Vulnerability CVE-2023-47565 QNAP VioStor NVR OS Command Injection Vulnerability These types …

KEVCISA.GOV — Thu, 21 Dec 23 1

🐛

Urgent: New Chrome Zero-Day Vulnerability Exploited in the Wild - Update ASAP

KEVTHEHACKERNEWS.COM — 21 Dec 2023

🐛

Hackers Exploiting Old MS Excel Vulnerability to Spread Agent Tesla Malware

THEHACKERNEWS.COM — 21 Dec 2023

🐛

Google Rushes to Patch Eighth Chrome Zero-Day This Year

SECURITYWEEK.COM — 21 Dec 2023

🐛

ESET Patches High-Severity Vulnerability in Secure Traffic Scanning Feature

SECURITYWEEK.COM — 21 Dec 2023

🐛

Google Addressed a New Actively Exploited Chrome Zero-Day

KEVSECURITYAFFAIRS.COM — 21 Dec 2023

🐛

Chromium: CVE-2023-7024 Heap buffer overflow in WebRTC

MSRC.MICROSOFT.COM — 21 Dec 2023

🐛

MLflow vulnerability enables remote machine learning model theft and poisoning

CSOONLINE.COM — 21 Dec 2023

⚠️

Supply Chain - PSW #811

YOUTUBE.COM — 2023-12-21

⚠️

Learning About Firmware Security - Xeno Kovah - PSW #811

YOUTUBE.COM — 2023-12-21

⚠️

Why 2024 will be the year of the CISO

CSOONLINE.COM — 21 Dec 2023

⚠️

Mozilla Patches Firefox Vulnerability Allowing Remote Code Execution, Sandbox Escape

SECURITYWEEK.COM — 21 Dec 2023

⚠️

German Police Seized the Dark Web Marketplace Kingdom Market

SECURITYAFFAIRS.COM — 21 Dec 2023

⚠️

Indian Banking Customers Targeted by Phishing Campaign Distributing Trojan as Fake Verification Tool

MCAFEE.COM — 21 Dec 2023

⚠️

German Authorities Dismantle Dark Web Hub 'Kingdom Market' in Global Operation

THEHACKERNEWS.COM — 21 Dec 2023

⚠️

HCL Investigating Ransomware Attack on Isolated Cloud Environment

GBHACKERS.COM — 21 Dec 2023

⚠️

Data Leak at Real Estate Wealth Network Exposes 1.5 Billion Ownership Records

HACKREAD.COM — 21 Dec 2023

⚠️

Data Leak Exposes User Information From Car-Sharing Service Blink Mobility

SECURITYAFFAIRS.COM — 21 Dec 2023

⚠️

Ivanti Patches Dozen Critical Vulnerabilities in Avalanche MDM Product

SECURITYWEEK.COM — 21 Dec 2023

⚠️

EMBA: Open-Source Security Analyzer for Embedded Devices

HELPNETSECURITY.COM — 21 Dec 2023

⚠️

Fake F5 Vulnerability 'Update' Delivers Data Wiper to Israeli Victims

DARKREADING.COM — 21 Dec 2023

⚠️

Subdominator: Open-Source Tool for Detecting Subdomain Takeovers

HELPNETSECURITY.COM — 21 Dec 2023

⚠️

Google Rushes To Patch Eighth Chrome Zero Day This Year

PACKETSTORMSECURITY.COM — 21 Dec 2023

⚠️

Blue Galaxy Energy: a new White-box Cryptanalysis Open Source Tool

QUARKSLAB.COM — 2023-12-21

⚠️

Hybrid online frauds likely to gain momentum in 2024: Report

CSOONLINE.COM — 21 Dec 2023

⚠️

CISA Releases Two Industrial Control Systems Advisories

CISA.GOV — Thu, 21 Dec 23 1

⚠️

Cisco to acquire cloud-native networking and security startup Isovalent

TECHCRUNCH.COM — 21 Dec 2023

⚠️

Ivanti Releases Patches for 13 Critical Avalanche RCE Flaws

BLEEPINGCOMPUTER.COM — 21 Dec 2023

⚠️

Senate Confirms Biden's Pick to Lead NSA and CYBERCOM

DATABREACHTODAY.CO.UK — 2023-12-21

⚠️

CISA Releases Microsoft 365 Secure Configuration Baselines and SCuBAGear Tool

CISA.GOV — Thu, 21 Dec 23 1

⚠️

Ghidriff: Ghidra Binary Diffing Engine

CLEARBLUEJAR.GITHUB.IO — 21 Dec 2023

⚠️

Google Flags 8th Chrome Zero-Day of the Year

KEVDATABREACHTODAY.CO.UK — 2023-12-21

⚠️

NIST Report Spotlights Cyber, Privacy Risks in Genomic Data

DATABREACHTODAY.CO.UK — 2023-12-21

📢

[Control systems] FXC security advisory (AV23-785)

CYBER.GC.CA — 2023-12-21

📢

CISA Finalizes Microsoft 365 Secure Configuration Baselines

CISA.GOV — Thu, 21 Dec 23 1

📢

[Control systems] QNAP security advisory (AV23-786)

CYBER.GC.CA — 2023-12-21

📢

HPE security advisory (AV23-787)

CYBER.GC.CA — 2023-12-21

🔥

Behind the Scenes of Matveev's Ransomware Empire: Tactics and Team

THEHACKERNEWS.COM — 21 Dec 2023

🔥

Cost of a Data Breach Report 2023: Insights, Mitigators and Best Practices

THEHACKERNEWS.COM — 21 Dec 2023

🔥

Healthcare Software Provider Suffers Data Breach Impacting 2.7 Million Patients

BLEEPINGCOMPUTER.COM — 21 Dec 2023

🔥

Cyberattack on Ukraine’s Kyivstar Seems to Be Russian Hacktivists

SCHNEIER.COM — 2023-12-21

🔥

ESO Solutions Data Breach Impacts 2.7 Million Individuals

SECURITYWEEK.COM — 21 Dec 2023

🔥

ESO Solutions Data Breach Impacts 2.7 Million Individuals

PACKETSTORMSECURITY.COM — 21 Dec 2023

🔥

Russian Water Utility Rosvodokanal Hit by Disruptive Cyberattack From Blackjack Group

THECYBEREXPRESS.COM — 21 Dec 2023

🔥

Threat Thursday - CTI, vulnerabilities and discussions

INFOSEC.PUB — 21 Dec 2023

🔥

Indian Tech Giant HCL Investigating Ransomware Attack

THERECORD.MEDIA — 21 Dec 2023

🔥

Cyber Risk Strategies in Hot Seat as SEC Rules Go Live

CYBERSECURITYDIVE.COM — 21 Dec 2023

🔥

OpenAI rolls out imperfect fix for ChatGPT data leak flaw

BLEEPINGCOMPUTER.COM — 21 Dec 2023

🔥

Cancer Center Patients Become Attempted Victims of Data Extortion

KNOWBE4.COM — 21 Dec 2023

🔥

Title insurance giant First American offline after cyberattack

BLEEPINGCOMPUTER.COM — 21 Dec 2023

🔥

Akira, again: The ransomware that keeps on taking

SOPHOS.COM — 21 Dec 2023

🔥

Breach Roundup: MongoDB Blames Phishing Email for Breach

DATABREACHTODAY.CO.UK — 2023-12-21

🔥

First American takes IT systems offline after cyberattack

BLEEPINGCOMPUTER.COM — 21 Dec 2023

🕵️

How to Protect your Webserver from Directory Enumeration Attack ? Apache2 [Guest Diary], (Wed, Dec 20th)

ISC.SANS.EDU — 21 Dec 2023

🕵️

ISC Stormcast For Thursday, December 21st, 2023 https://isc.sans.edu/podcastdetail/8788, (Thu, Dec 21st)

ISC.SANS.EDU — 21 Dec 2023

🕵️

New OilRig Downloaders Abusing Microsoft Cloud APIs for C&C Communications

GBHACKERS.COM — 21 Dec 2023

🕵️

Podcast. Simply Cyber Live with host Gerald Auger, Ph.D. The Phantom CISO: A Fireside Chat with Mishaal Khan

INFOSEC.PUB — 21 Dec 2023

🕵️

FTC Proposes Strengthening Children’s Online Privacy Rules to Address Tracking, Push Notifications

SECURITYWEEK.COM — 21 Dec 2023

🕵️

Celebrities Found in Unprotected Real Estate Database Exposing 1.5 Billion Records

SECURITYWEEK.COM — 21 Dec 2023

🕵️

Interest in AI-Generated ‘Undressing’ Increases 2000% as it Becomes a Mainstream Online Business

KNOWBE4.COM — 21 Dec 2023

🕵️

Underground Cyber Crime Marketplaces are Now Showing Up on the Open Web

KNOWBE4.COM — 21 Dec 2023

🕵️

Cryptohack Roundup: Ledger to Reimburse Hack Victims

DATABREACHTODAY.CO.UK — 2023-12-21

🕵️

Missing the Lock Icon in Chrome’s Address Bar? It’s a Move to Make You More Secure

KNOWBE4.COM — 21 Dec 2023

🕵️

Microsoft: Hackers target defense firms with new FalseFont malware

BLEEPINGCOMPUTER.COM — 21 Dec 2023

🕵️

Cisco to Acquire Isovalent, Add eBPF Tech to Cloud Portfolio

SECURITYWEEK.COM — 21 Dec 2023

🕵️

Lapsus$ hacker behind GTA 6 leak sentenced to life in a hospital

BLEEPINGCOMPUTER.COM — 21 Dec 2023

🕵️

Lapsus$ hacker behind GTA 6 leak gets indefinite hospital sentence

BLEEPINGCOMPUTER.COM — 21 Dec 2023

🕵️

Cisco Announces Isovalent Acquisition to Boost Security

DATABREACHTODAY.CO.UK — 2023-12-21

🌐

New JavaScript Malware Targeted 50,000+ Users at Dozens of Banks Worldwide

THEHACKERNEWS.COM — 21 Dec 2023

🌐

Android malware Chameleon disables Fingerprint Unlock to steal PINs

BLEEPINGCOMPUTER.COM — 21 Dec 2023

🌐

Experts Detail Multi-Million Dollar Licensing Model of Predator Spyware

THEHACKERNEWS.COM — 21 Dec 2023

🌐

Chameleon Android Banking Trojan Variant Bypasses Biometric Authentication

THEHACKERNEWS.COM — 21 Dec 2023

🎙️

Smashing Security podcast #353: Phone hacking, Piers Morgan, and Carole’s Christmas cockup

GRAHAMCLULEY.COM — 21 Dec 2023

📡

SimSpace raises $45M to simulate tech stacks for cyber training

TECHCRUNCH.COM — 21 Dec 2023

📡

Live Webinar | Top Digital Fraud Threats and Predictions For 2024

DATABREACHTODAY.CO.UK — 2023-12-21

📡

Crypto Scammers Abuse Twitter ‘Feature’ to Impersonate High-Profile Accounts

BLEEPINGCOMPUTER.COM — 21 Dec 2023

📡

The Impact of Prompt Injection in LLM Agents

HELPNETSECURITY.COM — 21 Dec 2023

📡

Digital gifts for Christmas and New Year | Kaspersky official blog

KASPERSKY.COM — 21 Dec 2023

📡

New Phishing Attack Steals Instagram Backup Codes to Bypass 2FA Protection

BLEEPINGCOMPUTER.COM — 21 Dec 2023

📡

AI’s Efficacy is Constrained in Cybersecurity, but Limitless in Cybercrime

HELPNETSECURITY.COM — 21 Dec 2023

📡

Something Nasty Injected Login Stealing JavaScript Code Into 50k Online Banking Sessions

PACKETSTORMSECURITY.COM — 21 Dec 2023

📡

Mozilla Decides Trusted Types Is A Worthy Security Feature

PACKETSTORMSECURITY.COM — 21 Dec 2023

📡

Fake Delivery Websites Surge By 34% in December

INFOSECURITY-MAGAZINE.COM — 21 Dec 2023

📡

BidenCash darkweb market gives 1.9 million credit cards for free

BLEEPINGCOMPUTER.COM — 21 Dec 2023

📡

Microsoft deprecates Defender Application Guard for some Edge users

BLEEPINGCOMPUTER.COM — 21 Dec 2023

📡

Crypto drainer steals $59 million from 63k people in Twitter ad push

BLEEPINGCOMPUTER.COM — 21 Dec 2023

📡

Safeguard the joy: 10 tips for securing your shiny new device

WELIVESECURITY.COM — 21 Dec 2023