🚨 CISA KEV 1[−]
21 Dec KEVCISA Adds Two Known Exploited Vulnerabilities to CatalogCISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2023-49897 FXC AE1021, AE1021PE OS Command Injection Vulnerability CVE-2023-47565 QNAP VioStor NVR OS Command Injection Vulnerability These types …CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 7[−]
21 Dec KEVUrgent: New Chrome Zero-Day Vulnerability Exploited in the Wild - Update ASAPGoogle has rolled out security updates for the Chrome web browser to address a high-severity zero-day flaw that it said has been exploited in the wild. The vulnerability, assigned the CVE identifier CVE-2023-7024, has been described as a heap-based buffer overflow bug&n…THEHACKERNEWS.COM
21 DecHackers Exploiting Old MS Excel Vulnerability to Spread Agent Tesla MalwareAttackers are weaponizing an old Microsoft Office vulnerability as part of phishing campaigns to distribute a strain of malware called Agent Tesla. The infection chains leverage decoy Excel documents attached in invoice-themed messages to trick potential targets into opening…THEHACKERNEWS.COM
21 DecGoogle Rushes to Patch Eighth Chrome Zero-Day This YearGoogle warns of in-the-wild exploitation of CVE-2023-7024, a new Chrome vulnerability, the eighth documented this year. The post Google Rushes to Patch Eighth Chrome Zero-Day This Year appeared first on SecurityWeek .SECURITYWEEK.COM
21 DecESET Patches High-Severity Vulnerability in Secure Traffic Scanning FeatureESET has patched CVE-2023-5594, a high-severity vulnerability that can cause a browser to trust websites that should not be trusted. The post ESET Patches High-Severity Vulnerability in Secure Traffic Scanning Feature appeared first on SecurityWeek .SECURITYWEEK.COM
21 Dec KEVGoogle Addressed a New Actively Exploited Chrome Zero-DayGoogle has released emergency updates to fix a zero-day vulnerability in the Chrome browser. The vulnerability, known as CVE-2023-7024, is a heap buffer overflow issue in WebRTC.SECURITYAFFAIRS.COM
21 DecChromium: CVE-2023-7024 Heap buffer overflow in WebRTCThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information. Google is aware that an exploit for CVE-2023-7024 exists in…MSRC.MICROSOFT.COM
21 DecMLflow vulnerability enables remote machine learning model theft and poisoningThis has been a pivotal year for generative artificial intelligence (AI). The release of large language models (LLMs) have showcased how powerful the technology can be to make business processes more efficient. A lot of organizations are now in a race to adopt generative AI and t…CSOONLINE.COM
⚠️ VULNERABILITY DISCLOSURE 25[−]
21 DecSupply Chain - PSW #811AI generated description fun: "As the glasses are filled and the mood lightens, our veteran guests, each with a legendary tale or two tucked under their virtual belts, embark on a journey through the complex landscape of supply chain security. These old dogs share war stories, an…YOUTUBE.COM
21 DecLearning About Firmware Security - Xeno Kovah - PSW #811Firmware security is a deeply technical topic that's hard to get started in. In this episode of Below the Surface, Xeno will discuss some past work in firmware security, and how he has organized resources such as a low level timeline (with over 300 talks), and free MOOC classes, …YOUTUBE.COM
21 DecWhy 2024 will be the year of the CISOThe year 2023 has been difficult for CISOs. In May, former Uber CISO, Joe Sullivan, was sentenced to serve three years' probation and pay a $50,000 fine. Sullivan failed to disclose a data breach and paid off hackers to remain silent. Sullivan has appealed the conviction. In Octo…CSOONLINE.COM
21 DecMozilla Patches Firefox Vulnerability Allowing Remote Code Execution, Sandbox EscapeThe security updates for Firefox 121 include patches for critical vulnerabilities like a heap buffer overflow bug in WebGL and a side-channel attack vulnerability in Network Security Services (NSS) NIST curves.SECURITYWEEK.COM
21 DecGerman Police Seized the Dark Web Marketplace Kingdom MarketThe German police, along with international law enforcement agencies, have seized the dark web marketplace Kingdom Market, which offered drugs, malware, stolen data, and forged documents.SECURITYAFFAIRS.COM
21 DecIndian Banking Customers Targeted by Phishing Campaign Distributing Trojan as Fake Verification ToolThe trojan is distributed through WhatsApp messages, prompting users to download an APK for a mandatory verification procedure. Once installed, it collects personal and financial information and intercepts SMS messages to steal verification codes.MCAFEE.COM
21 DecGerman Authorities Dismantle Dark Web Hub 'Kingdom Market' in Global OperationGerman law enforcement has announced the disruption of a dark web platform called Kingdom Market that specialized in the sales of narcotics and malware to "tens of thousands of users." The exercise, which involved collaboration from authorities from the U.S., Switz…THEHACKERNEWS.COM
21 DecHCL Investigating Ransomware Attack on Isolated Cloud EnvironmentIn the dynamic realm of IT, HCL Technologies, the Noida-based juggernaut, recently found itself navigating choppy digital waters. The revelation of a targeted ransomware incident within an isolated cloud environment created industry ripples, yet the company’s adept re…GBHACKERS.COM
21 DecData Leak at Real Estate Wealth Network Exposes 1.5 Billion Ownership RecordsThe leaked data, which included information on property history, tax records, and mortgage details, could be exploited by threat actors for social engineering and financial fraud.HACKREAD.COM
21 DecData Leak Exposes User Information From Car-Sharing Service Blink MobilityThe leaked information, including phone numbers, email addresses, encrypted passwords, and vehicle rental details, could be exploited by cybercriminals for financial gain and fraudulent activities.SECURITYAFFAIRS.COM
21 DecIvanti Patches Dozen Critical Vulnerabilities in Avalanche MDM ProductIvanti has patched 20 vulnerabilities in its Avalanche MDM product, including a dozen remote code execution flaws rated critical. The post Ivanti Patches Dozen Critical Vulnerabilities in Avalanche MDM Product appeared first on SecurityWeek .SECURITYWEEK.COM
21 DecEMBA: Open-Source Security Analyzer for Embedded DevicesThe tool extracts firmware, conducts static and dynamic analysis, and generates web-based reports. Some unique features include enhanced firmware extraction, UEFI analysis, AI support, firmware diffing mechanisms, and user mode emulation.HELPNETSECURITY.COM
21 DecFake F5 Vulnerability 'Update' Delivers Data Wiper to Israeli VictimsThe attacker takes advantage of a vulnerability in F5's BIG-IP and tricks recipients into downloading a file that is supposed to be an update for the vulnerability. However, the file actually contains a wiper that deletes F5 servers.DARKREADING.COM
21 DecSubdominator: Open-Source Tool for Detecting Subdomain TakeoversSubdominator is a highly accurate and fast open-source tool for identifying subdomain takeovers, offering significant improvements over existing tools in terms of fingerprint accuracy and count, nested DNS support, and alternate DNS record matching.HELPNETSECURITY.COM
21 DecBlue Galaxy Energy: a new White-box Cryptanalysis Open Source ToolWe introduce a new white-box cryptanalysis tool based on the pioneering BGE paper but without known open source public implementation so far.QUARKSLAB.COM
21 DecHybrid online frauds likely to gain momentum in 2024: ReportWith hybrid online frauds likely to increase in 2024, financial institutions, payment processors, merchant services companies, and other stakeholders should allocate the required business resources to secure themselves, according to the Recorded Future report. Hybrid threats refe…CSOONLINE.COM
21 DecCISA Releases Two Industrial Control Systems AdvisoriesCISA released two Industrial Control Systems (ICS) advisories on December 21, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-355-01 FXC AE1021/AE1021PE ICSA-23-355-02 QNAP VioStor NVR CISA en…CISA.GOV
21 DecCisco to acquire cloud-native networking and security startup IsovalentCisco announced this morning that it intends to acquire Isovalent, a cloud-native security and networking startup that should fit well with the company’s core networking and security strategy. The companies did not share the purchase price. Isovalent has helped develop eBPF…TECHCRUNCH.COM
21 DecIvanti Releases Patches for 13 Critical Avalanche RCE FlawsIvanti's Avalanche enterprise MDM solution has been found to have 13 critical security vulnerabilities, including buffer overflow weaknesses, that can be exploited by attackers to gain remote code execution on unpatched systems.BLEEPINGCOMPUTER.COM
21 DecSenate Confirms Biden's Pick to Lead NSA and CYBERCOMSenate Approves Pentagon Nominees After Republican Lawmaker Drops 10-Month Blockade Air Force Lt. Gen. Timothy Haugh has been confirmed as the next head of the NSA and U.S. Cyber Command after Sen. Tommy Tuberville, R-Ala., ended a 10-month protest over a Pentagon policy allowing…DATABREACHTODAY.CO.UK
21 DecCISA Releases Microsoft 365 Secure Configuration Baselines and SCuBAGear ToolCISA has published the finalized Microsoft 365 Secure Configuration Baselines , designed to bolster the security and resilience of organizations’ Microsoft 365 (M365) cloud services. This guidance release is accompanied by the updated SCuBAGear tool that assesses organizations’ M…CISA.GOV
21 DecGhidriff: Ghidra Binary Diffing Enginesubmitted by L4s to secops 1 points | 0 comments https://clearbluejar.github.io/posts/ghidriff-ghidra-binary-diffing-engine/ Ghidriff: Ghidra Binary Diffing Engine::As seen in most security blog posts today, binary diffing tools are essential for reverse engineering, vulnerabilit…CLEARBLUEJAR.GITHUB.IO
21 Dec KEVGoogle Flags 8th Chrome Zero-Day of the YearExploit for WebRTC Exists in the Wild Google rolled out security updates Wednesday for its Chrome web browser to fix a critical vulnerability exploited in the wild. The zero-day vulnerability is a heap-based buffer overflow bug in the WebRTC framework that allows real-time commun…DATABREACHTODAY.CO.UK
21 DecNIST Report Spotlights Cyber, Privacy Risks in Genomic DataA Multitude of Considerations for Entities As Use of Genomic Data Advances The explosion in applications using genomic data - from drug and vaccine development and consumer ancestry testing to law enforcement work - is heightening the need to carefully address critical privacy an…DATABREACHTODAY.CO.UK
📢 SECURITY ADVISORIES 4[−]
🔥 INCIDENT REPORTING 16[−]
21 DecBehind the Scenes of Matveev's Ransomware Empire: Tactics and TeamMatveev and his team demonstrate a significant disregard for ethical values in their cyber operations, engaging in tactics such as threatening to leak sensitive files and retaining files even after the ransom is paid.THEHACKERNEWS.COM
21 DecCost of a Data Breach Report 2023: Insights, Mitigators and Best PracticesJohn Hanley of IBM Security shares 4 key findings from the highly acclaimed annual Cost of a Data Breach Report 2023 What is the IBM Cost of a Data Breach Report? The IBM Cost of a Data Breach Report is an annual report that provides organizations with quantifiable information ab…THEHACKERNEWS.COM
21 DecHealthcare Software Provider Suffers Data Breach Impacting 2.7 Million PatientsThe attack occurred on September 28 and resulted in data being stolen before the hackers encrypted company systems. The breach impacted patients associated with ESO's customers, including hospitals and clinics in the US.BLEEPINGCOMPUTER.COM
21 DecCyberattack on Ukraine’s Kyivstar Seems to Be Russian HacktivistsThe Solntsepek group has taken credit for the attack . They’re linked to the Russian military, so it’s unclear whether the attack was government directed or freelance. This is one of the most significant cyberattacks since Russia invaded in February 2022.SCHNEIER.COM
21 DecESO Solutions Data Breach Impacts 2.7 Million IndividualsESO Solutions is informing 2.7 million individuals of a data breach impacting their personal and health information. The post ESO Solutions Data Breach Impacts 2.7 Million Individuals appeared first on SecurityWeek .SECURITYWEEK.COM
21 DecRussian Water Utility Rosvodokanal Hit by Disruptive Cyberattack From Blackjack GroupThis attack was seen as retaliation for an earlier cyberattack on Kyivstar, a phone company in Ukraine, which was attributed to Russian hackers. There are suspicions that the Security Service of Ukraine (SBU) may have played a role in the attack.THECYBEREXPRESS.COM
21 DecThreat Thursday - CTI, vulnerabilities and discussionssubmitted by shellsharks to cybersecurity 1 points | 0 comments Weekly thread for highlighting and discussing the past week’s notable threats, vulnerabilities, breaches and more! Feel free to comment on what I’ve collected or share things you have found useful or interesting! Mon…INFOSEC.PUB
21 DecIndian Tech Giant HCL Investigating Ransomware AttackHCL Technologies has reported a ransomware attack on one of its projects in an isolated cloud environment. The company stated that the incident has had no impact on its overall network and that cybersecurity and data protection are top priorities.THERECORD.MEDIA
21 DecCyber Risk Strategies in Hot Seat as SEC Rules Go LiveCompanies are reassessing their incident response plans and determining the materiality of cyber incidents. The SEC aims to improve companies' preparedness to mitigate breaches and attacks.CYBERSECURITYDIVE.COM
21 DecOpenAI rolls out imperfect fix for ChatGPT data leak flawOpenAI has mitigated a data exfiltration bug in ChatGPT that could potentially leak conversation details to an external URL. [...]BLEEPINGCOMPUTER.COM
21 DecCancer Center Patients Become Attempted Victims of Data ExtortionCybercriminals of the lowest kind breached as many as 800,000 patients and then sent emails threatening to sell their data if they didn’t pay a fee to block it from selling.KNOWBE4.COM
21 DecTitle insurance giant First American offline after cyberattackFirst American Financial Corporation, the second-largest title insurance company in the United States, took some of its systems offline today to contain the impact of a cyberattack. [...]BLEEPINGCOMPUTER.COM
21 DecAkira, again: The ransomware that keeps on takingSeven months after our first investigation, a fuller portrait of the criminal gang and its tactics emergesSOPHOS.COM
21 DecBreach Roundup: MongoDB Blames Phishing Email for BreachAlso: Hackers Scrooge The North Face Holiday Shipments This week, MongoDB blamed a phishing email for causing unauthorized access to its corporate environment, hackers interrupted VF Corp. holiday shipping, Britain electrical grid operator National Grid dropped a Chinese supplier…DATABREACHTODAY.CO.UK
21 DecFirst American takes IT systems offline after cyberattackFirst American Financial Corporation, the second-largest title insurance company in the United States, took some of its systems offline today to contain the impact of a cyberattack. [...]BLEEPINGCOMPUTER.COM
🕵️ THREAT INTELLIGENCE 15[−]
21 DecHow to Protect your Webserver from Directory Enumeration Attack ? Apache2 [Guest Diary], (Wed, Dec 20th)[This is a Guest Diary by David Thomson, an ISC intern as part of the SANS.edu BACS program]
ISC.SANS.EDU
21 DecISC Stormcast For Thursday, December 21st, 2023 https://isc.sans.edu/podcastdetail/8788, (Thu, Dec 21st)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
21 DecNew OilRig Downloaders Abusing Microsoft Cloud APIs for C&C CommunicationsThreat actors engage in cyberespionage to gain the following advantages:- Hackers do so by stealing the following key things from the targeted organizations or nations:- Cybersecurity researchers at ESET recently identified that new OilRig downloaders are abusing Microsoft Cloud …GBHACKERS.COM
21 DecPodcast. Simply Cyber Live with host Gerald Auger, Ph.D. The Phantom CISO: A Fireside Chat with Mishaal Khansubmitted by ashar to security_cpe 1 points | 0 comments https://infosec.pub/pictrs/image/991b4891-c345-4158-9e93-5441ec607519.png The Phantom CISO: A Fireside Chat with Mishaal Khan Get ready for an electrifying episode of “Simply Cyber Live” as host Gerald Auger, Ph.D., sits do…INFOSEC.PUB
21 DecFTC Proposes Strengthening Children’s Online Privacy Rules to Address Tracking, Push NotificationsThe FTC has proposed strengthening children’s online privacy rules to address tracking and push notifications. The post FTC Proposes Strengthening Children’s Online Privacy Rules to Address Tracking, Push Notifications appeared first on SecurityWeek .SECURITYWEEK.COM
21 DecCelebrities Found in Unprotected Real Estate Database Exposing 1.5 Billion RecordsReal Estate Wealth Network database containing real estate ownership data, including for celebrities and politicians, was found unprotected. The post Celebrities Found in Unprotected Real Estate Database Exposing 1.5 Billion Records appeared first on SecurityWeek .SECURITYWEEK.COM
21 DecInterest in AI-Generated ‘Undressing’ Increases 2000% as it Becomes a Mainstream Online BusinessThe advent of non-consensual intimate imagery (NCII) as a monetized business on the Internet has shifted pornography into the realm of undressing anyone you like.KNOWBE4.COM
21 DecUnderground Cyber Crime Marketplaces are Now Showing Up on the Open WebMarketplaces such as OLVX are shifting from the dark web to the open web to take advantage of traditional web services to assist in marketing to and providing access to new customers.KNOWBE4.COM
21 DecCryptohack Roundup: Ledger to Reimburse Hack VictimsAlso: $3M NFT Trader Theft; Binance's CTFC Settlement This week, Ledger looked to reimburse hack victims, NFT Trader suffered a $3 million theft, the U.S. DOJ announced the first criminal case involving a DeFi smart contract, a court approved Binance's settlement with the U.S. CF…DATABREACHTODAY.CO.UK
21 DecMissing the Lock Icon in Chrome’s Address Bar? It’s a Move to Make You More SecureIn response to what Google calls “over trust” in the web address lock icon to indicate that a site is authentic and its’ communications are secure, they’ve swapped the lock out in an attempt to engage Chrome users in thinking about their own secure browsing.KNOWBE4.COM
21 DecMicrosoft: Hackers target defense firms with new FalseFont malwareMicrosoft says the APT33 Iranian cyber-espionage group is using recently discovered FalseFont backdoor malware to attack defense contractors worldwide. [...]BLEEPINGCOMPUTER.COM
21 DecCisco to Acquire Isovalent, Add eBPF Tech to Cloud PortfolioIsovalent raised about 70 million in funding from prominent investors including Microsoft's venture fund, Google, and Andreessen Horowitz. The post Cisco to Acquire Isovalent, Add eBPF Tech to Cloud Portfolio appeared first on SecurityWeek .SECURITYWEEK.COM
21 DecLapsus$ hacker behind GTA 6 leak sentenced to life in a hospitalLapsus$ cybercrime and extortion group member, Arion Kurtaj has been sentenced to life in a 'secure hospital' by a UK judge. Kurtaj who is 18 years of age and autistic is among the primary Lapsus$ threat actors, and was involved in the leak of assets associated with the video gam…BLEEPINGCOMPUTER.COM
21 DecLapsus$ hacker behind GTA 6 leak gets indefinite hospital sentenceLapsus$ cybercrime and extortion group member, Arion Kurtaj has been sentenced to life in a 'secure hospital' by a UK judge. Kurtaj who is 18 years of age and autistic is among the primary Lapsus$ threat actors, and was involved in the leak of assets associated with the video gam…BLEEPINGCOMPUTER.COM
21 DecCisco Announces Isovalent Acquisition to Boost SecurityCisco Continues Investments in New Cloud Security Offerings With Isovalent Deal Cisco announced plans to acquire another cloud security startup as part of a series of recent acquisitions and investments in the company’s multi-cloud networking capabilities and security offerings, …DATABREACHTODAY.CO.UK
🌐 CYBER THREAT LANDSCAPE 4[−]
21 DecNew JavaScript Malware Targeted 50,000+ Users at Dozens of Banks WorldwideA new piece of JavaScript malware has been observed attempting to steal users' online banking account credentials as part of a campaign that has targeted more than 40 financial institutions across the world. The activity cluster, which employs JavaScript web injections, is estima…THEHACKERNEWS.COM
21 DecAndroid malware Chameleon disables Fingerprint Unlock to steal PINsThe Chameleon Android banking trojan has re-emerged with a new version that uses a tricky technique to take over devices — disable fingerprint and face unlock to steal device PINs. [...]BLEEPINGCOMPUTER.COM
21 DecExperts Detail Multi-Million Dollar Licensing Model of Predator SpywareA new analysis of the sophisticated commercial spyware called Predator has revealed that its ability to persist between reboots is offered as an "add-on feature" and that it depends on the licensing options opted by a customer. "In 2021, Predator spyware couldn't survive a reboot…THEHACKERNEWS.COM
21 DecChameleon Android Banking Trojan Variant Bypasses Biometric AuthenticationCybersecurity researchers have discovered an updated version of an Android banking malware called Chameleon that has expanded its targeting to include users in the U.K. and Italy. "Representing a restructured and enhanced iteration of its predecessor, this evolved Chameleon varia…THEHACKERNEWS.COM
🎙️ PODCASTS 1[−]
21 DecSmashing Security podcast #353: Phone hacking, Piers Morgan, and Carole’s Christmas cockupPiers Morgan is less than happy after a judgement that there is "no doubt" he knew phone hacking was going on at the Daily Mirror, and a shopper comes a-cropper just before Christmas. All this and more is discussed in the latest edition of the "Smashing Security" podcast by cyber…GRAHAMCLULEY.COM
📡 INFOSEC NEWS 14[−]
21 DecSimSpace raises $45M to simulate tech stacks for cyber trainingCybersecurity training startup SimSpace has raised $45 million in a funding round led by L2 Point Management, bringing its total raised to $70 million. It creates digital replicas of organizations' tech and networking stacks for training purposes.TECHCRUNCH.COM
21 DecCrypto Scammers Abuse Twitter ‘Feature’ to Impersonate High-Profile AccountsThe scam tweets often appear to be from well-known crypto accounts like Binance and Ethereum, but they lead to unrelated users promoting fake giveaways, wallet-draining websites, and pump-and-dump schemes.BLEEPINGCOMPUTER.COM
21 DecThe Impact of Prompt Injection in LLM AgentsPrompt injection poses a significant threat to LLM integrity, especially when LLM-powered agents interact with external systems, and safeguarding their operations requires meticulous attention to confidentiality levels and access controls.HELPNETSECURITY.COM
21 DecDigital gifts for Christmas and New Year | Kaspersky official blogSix reasons to buy digital gifts for friends and family this holiday, plus the five best options for such presents.KASPERSKY.COM
21 DecNew Phishing Attack Steals Instagram Backup Codes to Bypass 2FA ProtectionThe campaign sends phishing emails pretending to be from Meta, Instagram's parent company, claiming that the recipient's account has been restricted due to copyright infringement.BLEEPINGCOMPUTER.COM
21 DecAI’s Efficacy is Constrained in Cybersecurity, but Limitless in CybercrimeThe use of AI in cybersecurity has created a cycle where both cyber professionals and cybercriminals employ AI to enhance their tools and techniques. However, there are limitations and trust issues with AI security solutions.HELPNETSECURITY.COM
21 DecSomething Nasty Injected Login Stealing JavaScript Code Into 50k Online Banking SessionsPACKETSTORMSECURITY.COM
21 DecFake Delivery Websites Surge By 34% in DecemberThese scammers create fake delivery notification sites that mimic legitimate postal operators and use official names, logos, and typosquatted URLs to appear more convincing.INFOSECURITY-MAGAZINE.COM
21 DecBidenCash darkweb market gives 1.9 million credit cards for freeThe BidenCash stolen credit card marketplace is giving away 1.9 million credit cards for free via its store to promote itself among cybercriminals. [...]BLEEPINGCOMPUTER.COM
21 DecMicrosoft deprecates Defender Application Guard for some Edge usersMicrosoft is deprecating Defender Application Guard (including the Windows Isolated App Launcher APIs) for Edge for Business users. [...]BLEEPINGCOMPUTER.COM
21 DecCrypto drainer steals $59 million from 63k people in Twitter ad pushGoogle and Twitter ads are promoting sites containing a cryptocurrency drainer named 'MS Drainer' that has already stolen $59 million from 63,210 victims over the past nine months. [...]BLEEPINGCOMPUTER.COM
21 DecSafeguard the joy: 10 tips for securing your shiny new deviceUnwrapping a new gadget this holiday season will put a big smile on your face but things may quickly turn sour if the device and data on it aren’t secured properlyWELIVESECURITY.COM