80Articles
8Categories
2024-01-05Date
🚨 CISA KEV 1[−]
5 Jan KEVIvanti patches critical EPM flaw that could allow hackers to hijack managed devicesA vulnerability patched in the Ivanti Endpoint Manager (EPM), an asset monitoring solution for enterprises, could potentially allow managed devices to be hijacked. Users are advised to deploy the patch as soon as possible because vulnerabilities in device management solutions hav…CSOONLINE.COM
🐛 COMMON VULNERABILITIES AND EXPOSURES 8[−]
5 JanAlert: Ivanti Releases Patch for Critical Vulnerability in Endpoint Manager SolutionIvanti has released security updates to address a critical flaw impacting its Endpoint Manager (EPM) solution that, if successfully exploited, could result in remote code execution (RCE) on susceptible servers. Tracked as CVE-2023-39336, the vulnerability has been rated 9.6 out o…THEHACKERNEWS.COM
5 JanIvanti Releases Patch for Critical Vulnerability in Endpoint Manager SolutionIvanti has released security updates to address a critical vulnerability in its Endpoint Manager solution. The flaw, known as CVE-2023-39336, allows attackers to execute remote code on susceptible servers.THEHACKERNEWS.COM
5 JanIvanti Patches Critical Vulnerability in Endpoint ManagerCVE-2023-39336, a critical vulnerability in Ivanti EPM, may lead to device takeover and code execution on the server. The post Ivanti Patches Critical Vulnerability in Endpoint Manager appeared first on SecurityWeek .SECURITYWEEK.COM
5 JanHackers target Apache RocketMQ servers vulnerable to RCE attacksSecurity researchers are detecting hundreds of IP addresses on a daily basis that scan or attempt to exploit Apache RocketMQ services vulnerable to a remote command execution flaw identified as CVE-2023-33246 and CVE-2023-37582. [...]BLEEPINGCOMPUTER.COM
5 JanChromium: CVE-2024-0222 Use after free in ANGLEThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
5 JanChromium: CVE-2024-0223 Heap buffer overflow in ANGLEThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
5 JanChromium: CVE-2024-0224 Use after free in WebAudioThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
5 JanChromium: CVE-2024-0225 Use after free in WebGPUThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
⚠️ VULNERABILITY DISCLOSURE 10[−]
5 JanSSH-Snake: Automated Self-Propagating, Self-Replicating, Fileless SSH-Based Network Traversalsubmitted by L4s to secops 1 points | 0 comments https://github.com/MegaManSec/SSH-Snake SSH-Snake: Automated Self-Propagating, Self-Replicating, Fileless SSH-Based Network Traversal::SSH-Snake is a self-propagating, self-replicating, file-less script that automates the post-expl…GITHUB.COM
5 JanRussian Hackers Had Covert Access to Ukraine's Telecom Giant for MonthsUkrainian cybersecurity authorities have disclosed that the Russian state-sponsored threat actor known as Sandworm was inside telecom operator Kyivstar's systems at least since May 2023. The development was first reported by Reuters. The incident, describ…THEHACKERNEWS.COM
5 JanSecurity Vulnerabilities Addressed in Firefox 121Mozilla's latest release of Firefox 121 addresses critical vulnerabilities, including a heap buffer overflow bug and a vulnerability in rendering Network Security Services (NSS) NIST curves.TUXCARE.COM
5 JanExposed Secrets are Everywhere. Here's How to Tackle ThemPicture this: you stumble upon a concealed secret within your company's source code. Instantly, a wave of panic hits as you grasp the possible consequences. This one hidden secret has the power to pave the way for unauthorized entry, data breaches, and a damaged reputation. Under…THEHACKERNEWS.COM
5 JanSan Bernardino Housing Authority Cyberattack Affected Nearly 19,000 PeopleThis incident highlights the ongoing vulnerability of housing authorities to cyberattacks, as seen in previous attacks on housing authorities in North Carolina, Los Angeles, Indianapolis, and Cleveland.THERECORD.MEDIA
5 JanUS Military’s Cyber National Mission Force Gets a New ChiefThe CNMF, composed of 39 joint cyber teams with over 2,000 military and civilian personnel, is a vital component of Cyber Command's operations and has been authorized to become a permanent organization.THERECORD.MEDIA
5 Jan[LIVE DEMO] Are Your Users Making Risky Security Mistakes? Deliver Real-Time Coaching in Response to Risky User Behavior with SecurityCoachDo you need an easy, automated way to provide real-time feedback the moment your users make risky mistakes to help reinforce the training campaigns you manage today?KNOWBE4.COM
5 JanHacked X accounts with gold checkmarks are for sale on the dark web, says studyGold-verified accounts on X (formerly Twitter) are increasingly showing up in the social media sales sections of dark web forums and marketplaces, according to a study by Cloudsek. The surge has to do with X's new paid verification model, which has made verified accounts more val…CSOONLINE.COM
5 JanDOJ Wraps xDedic Dark Web Market Case; 19 Charged WorldwideAuthorities in 15 Countries Helped Dismantle Operations Following 2019 Takedown The U.S. Department of Justice announced Friday that it has wrapped up its investigation of the xDedic dark web marketplace and successfully dismantled the multinational criminal organizations, leadin…DATABREACHTODAY.CO.UK
📢 SECURITY ADVISORIES 5[−]
5 JanBreachForums Administrator Detained After Violating ParoleThe administrator of BreachForums, a notorious cybercrime haven, has been arrested for violating his parole by using a computer and VPN services without the required monitoring software.THERECORD.MEDIA
5 JanOrange Spain Faces BGP Traffic Hijack After RIPE Account Hacked by MalwareMobile network operator Orange Spain suffered an internet outage for several hours on January 3 after a threat actor used administrator credentials captured by means of stealer malware to hijack the border gateway protocol (BGP) traffic. "The Orange account in the IP network coor…THEHACKERNEWS.COM
5 JanBreachForums admin jailed again for using a VPN, unmonitored PCThe administrator behind the notorious BreachForums hacking forum has been arrested again for breaking pretrial release conditions, including using an unmonitored computer and a VPN. [...]BLEEPINGCOMPUTER.COM
5 JanUS DOD’s CMMC 2.0 rules lift burdens on MSPs, manufacturersNew cybersecurity rules for US Department of Defense (DOD) contractors are entering the home stretch. The rules , which establish a comprehensive and scalable assessment mechanism within the agency’s Cybersecurity Maturity Model Certification (CMMC) program, aim to ensure that co…CSOONLINE.COM
5 JanNIST Warns of Cyberthreats to AI ModelsData-Poisoning Attacks Are Critical Threat to Machine Learning Security, NIST Warns Machine learning systems continue are vulnerable to cyberattacks that could allow hackers to evade security and prompt data leaks, scientists at the National Institute of Standards and Technology …DATABREACHTODAY.CO.UK
🔥 INCIDENT REPORTING 19[−]
5 JanIOTW: Victoria Court recordings exposed in suspected ransomware attackUnauthorized access disrupted audio visual in-court technology network impacting video recordings, audio recordings and transcription servicesCSHUB.COM
5 JanUpdate: Russian Hackers Had Covert Access to Ukraine's Telecom Giant for MonthsA Russian hacking group called Solntsepyok claimed responsibility for the breach. Sandworm, known for orchestrating disruptive cyber attacks, has been linked to Solntsepyok.THEHACKERNEWS.COM
5 JanCyber Security Today, Jan. 5, 2024 - 23andMe blames poor user password practices for a data breachRussian hackers were inside the biggest Ukrainian telecom provider for at least seven months before knocking it offline last month. This and other news are in the podcastCYBERSECURITYTODAY.LIBSYN.COM
5 JanUAC-0050 Group Using Remcos RAT to Attack Government AgenciesRemcos RAT (Remote Control and Surveillance) is a type of Remote Access Trojan used for unauthorized access and control of a computer system.  It allows threat actors to perform various malicious activities like:- Cybersecurity researchers at Uptycs recently discovered that …GBHACKERS.COM
5 JanOrrick, Herrington & Sutcliffe Data Breach Exposes Information of Over 600,000 IndividualsThe stolen data included a wide range of information such as names, dates of birth, addresses, government-issued identification numbers, medical treatment details, insurance claims information, and credit/debit card numbers.THECYBEREXPRESS.COM
5 JanRussia Hacked Residential Cameras in Ukraine to Spy on Air Defense, Critical InfrastructureUkraine said Russia hacked two surveillance cameras and used them to spy on air defense systems and critical infrastructure in Kyiv. The post Russia Hacked Residential Cameras in Ukraine to Spy on Air Defense, Critical Infrastructure appeared first on SecurityWeek .SECURITYWEEK.COM
5 Jan23andMe Blames User “Negligence” for Data BreachThe company claims that users negligently recycled and failed to update their passwords, allowing attackers to launch a credential stuffing campaign. Nearly 7 million customers' information was accessed, including genealogy data.INFOSECURITY-MAGAZINE.COM
5 JanPhishing Reigns as the Most Likely and Most Feared Cyber AttackWith over half of organizations being the victim of password-based attacks in the last year, new data sheds light on the risk of phishing attacks and the use of password-based credentials.KNOWBE4.COM
5 JanIn Other News: US Ransomware Attacks, 23andMe Blames Victims, Nuclear Waste Hacking AttemptNoteworthy stories that might have slipped under the radar: report on US ransomware attacks, 23andMe blames victims for hack, nuclear waste company targeted. The post In Other News: US Ransomware Attacks, 23andMe Blames Victims, Nuclear Waste Hacking Attempt appeared first on Sec…SECURITYWEEK.COM
5 JanMemorial University recovers from cyberattack, delays semester startThe Memorial University of Newfoundland (MUN) continues to deal with the effects of a cyberattack that occurred in late December and postponed the start of classes in one campus. [...]BLEEPINGCOMPUTER.COM
5 JanLaw Firm Orrick Reveals Extensive Data Breach, Over Half a Million AffectedGlobal law firm Orrick, Herrington & Sutcliffe discloses a data breach that affects a whopping $600,000 individuals. The post Law Firm Orrick Reveals Extensive Data Breach, Over Half a Million Affected appeared first on SecurityWeek .SECURITYWEEK.COM
5 JanWeb3 security firm CertiK's X account hacked to push crypto drainerThe Twitter/X account of blockchain security firm CertiK was hijacked today to redirect the company's more than 343,000 followers to a malicious website pushing a cryptocurrency wallet drainer. [...]BLEEPINGCOMPUTER.COM
5 JanISMG Editors: Why Are Ransomware Victims Still Paying?Also: Cyber Resilience in Israel; Human Risk Management in the Era of Remote Work In the latest weekly update, four ISMG editors discussed the number of ransomware victims who are paying a ransom to cybercriminals, the need for greater cyber resilience during wartime, and the cri…DATABREACHTODAY.CO.UK
5 JanBlack Basta Ransomware Decryptor Released to Help Some VictimsA flaw found by security researchers in the encryption software allows victim organizations to use “Black Basta Buster” to recover some of their data – but there’s a catch.KNOWBE4.COM
5 JanInsurers Drop Bid to Exclude Merck's $1.4B NotPetya ClaimsA Settlement Has Been Reached. So, How Might This Affect Similar Cases? A proposed settlement has been reached between Merck & Co. and several insurers that were appealing a 2023 court decision saying the insurance companies could not invoke "hostile warlike action" exclusions in…DATABREACHTODAY.CO.UK
5 JanThe Week in Ransomware - January 5th 2024 - Secret decryptorsWith it being the first week of the New Year and some still away on vacation, it has been slow with ransomware news, attacks, and new information. [...]BLEEPINGCOMPUTER.COM
5 JanIranian APT Used No-Justice Wiper in Recent Albanian AttacksReports Say Attempts to Delete Data in the Attacks Were Unsuccessful Iranian hackers targeted the Albanian Parliament using the No-Justice Wiper and other commonly used tools. The attack came months after Albania had severed diplomatic ties with Iran following a July cyberattack …DATABREACHTODAY.CO.UK
🕵️ THREAT INTELLIGENCE 21[−]
5 JanISC Stormcast For Friday, January 5th, 2024 https://isc.sans.edu/podcastdetail/8798, (Fri, Jan 5th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
5 Jan3 New Malicious PyPI Packages Found Installing CoinMiner on Linux DevicesResearchers identified three malicious PyPI (Python Package Index) packages that deploy a CoinMiner executable on Linux devices, affecting latency in device performance. These packages, namely modular even-1.0, driftme-1.0, and catme-1.0, come from a recently established author a…GBHACKERS.COM
5 JanVigilant Ops Raises $2 Million for SBOM Management PlatformVigilant Ops receives $2 million seed investment from DataTribe to help organizations manage SBOMs. The post Vigilant Ops Raises $2 Million for SBOM Management Platform appeared first on SecurityWeek .SECURITYWEEK.COM
5 JanNigerian Arrested, Charged in $7.5 Million BEC Scheme Targeting US CharitiesA Nigerian national arrested in Ghana faces charges in the US for a BEC scheme involving two charitable organizations. The post Nigerian Arrested, Charged in $7.5 Million BEC Scheme Targeting US Charities appeared first on SecurityWeek .SECURITYWEEK.COM
5 JanEnergy Department Offering $70 Million for Security, Resilience ResearchUS Department of Energy offering up to $70 million in funding for research into technologies that boost the resilience and security of energy sector. The post Energy Department Offering $70 Million for Security, Resilience Research appeared first on SecurityWeek .SECURITYWEEK.COM
5 JanImproving Shor’s AlgorithmWe don’t have a useful quantum computer yet, but we do have quantum algorithms. Shor’s algorithm has the potential to factor large numbers faster than otherwise possible, which—if the run times are actually feasible—could break both the RSA and Diffie-Hell…SCHNEIER.COM
5 JanUS Says 19 People Charged Following 2019 Takedown of xDedic Cybercrime MarketplaceJustice Department says 19 people involved in the xDedic cybercrime marketplace have been charged to date following its 2019 takedown. The post US Says 19 People Charged Following 2019 Takedown of xDedic Cybercrime Marketplace appeared first on SecurityWeek .SECURITYWEEK.COM
5 JanNew ‘SpectralBlur’ macOS Backdoor Linked to North KoreaSpectralBlur is a new macOS backdoor that shows similarities with North Korean hacking group’s KandyKorn malware. The post New ‘SpectralBlur’ macOS Backdoor Linked to North Korea appeared first on SecurityWeek .SECURITYWEEK.COM
5 JanAttack of the Clones: Feds Seek Voice-Faking DefensesIf AI Voice Cloning Can't Be Stopped, That Would Serve as Red Flag for Policymakers Do you have what it takes to build defenses that can easily and reliably spot voice cloning generated using artificial intelligence tools? If so, the U.S. Federal Trade Commission wants you to app…DATABREACHTODAY.CO.UK
5 JanAsyncRAT Distributed Using Phishing Emails and Malicious JavaScript FilesAT&T Alien Labs discovered an ongoing campaign that delivers the AsyncRAT to targeted victims. The threat actor behind the campaign has been active for at least 11 months, using phishing emails and malicious JavaScript files to distribute the RAT.CYBERSECURITY.ATT.COM
5 JanOut of the Shadows: Resecurity Exposes 'GXC Team' – Architects of Cybercrime in Online Banking and Social EngineeringResecurity is tracking a cybercriminal gang called “GXC Team” that develops and sells tools to facilitate online banking theft and social engineering attacks.KNOWBE4.COM
5 JanAI and ML — The Keys to Modernizing the SOCShailesh Rao, President of Cortex at Palo Alto Networks. He shares his insights on modernizing the SOC by harnessing AI and ML. The post AI and ML — The Keys to Modernizing the SOC appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
5 JanNew SpectralBlur macOS Backdoor Threat From North Korean HackersThe backdoor, SpectralBlur, shares similarities with the KANDYKORN malware family attributed to North Korean threat actors and showcases their evolving tactics to infiltrate industries like cryptocurrency and blockchain.THEHACKERNEWS.COM
5 JanFormer US Congressman talks about Cybersecurity and Emerging Technologies - Jim Langevin - SWN VaultJim Langevin served as a US congressman for many years and retired to become the executive director of the Institute for Cybersecurity and Emerging Technologies at Rhode Island College. Jim has been on quite a number of times and today we talk about State funded institutes and we…YOUTUBE.COM
5 JanSpectralBlur: New macOS Backdoor Threat from North Korean HackersCybersecurity researchers have discovered a new Apple macOS backdoor called SpectralBlur that overlaps with a known malware family that has been attributed to North Korean threat actors. “SpectralBlur is a moderately capable backdoor that can upload/download files, run …THEHACKERNEWS.COM
5 JanMerck Settles NotPetya Insurance Claim, Leaving Cyberwar Definition UnresolvedIn a landmark case that blurs the lines between cyber and kinetic warfare, Merck reached a settlement with insurers over a $1.4 billion claim stemming from the NotPetya malware attack. The post Merck Settles NotPetya Insurance Claim, Leaving Cyberwar Definition Unresolved appeare…SECURITYWEEK.COM
5 JanBeware of Fraudulent Charge MessagesBe careful of emails, SMS messages, or calls claiming to be from your bank about your card being used fraudulently. If this ever happens, call the phone number on the back of your card.KNOWBE4.COM
5 JanAfter Orange Disruption, Brace for More BGP Route HijackingExpert Warns of Copycat Attack Risk; Telco Hadn't Enabled Two-Factor Authentication In the wake of an apparently weak password being harvested by information-stealing malware and used to disrupt telecommunications giant Orange Spain's internet traffic, an expert is warning all or…DATABREACHTODAY.CO.UK
5 JanFriday Squid Blogging—18th Anniversary Post: New Species of Pygmy Squid DiscoveredThey’re Ryukyuan pygmy squid ( Idiosepius kijimuna ) and Hannan’s pygmy squid ( Kodama jujutsu ). The second one represents an entire new genus. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. And, yes,…SCHNEIER.COM
5 JanMimecast Acquires Elevate Security to Address Human RiskCompany Plans to Enhance Digital Workplace Protection With Behavioral Analytics Mimecast announced the acquisition of human risk management solutions specialist Elevate Security as part of its initiative to enhance digital workplace protection. The move aims to address evolving c…DATABREACHTODAY.CO.UK
🌐 CYBER THREAT LANDSCAPE 1[−]
5 JanNew Bandook RAT Variant Resurfaces, Targeting Windows MachinesA new variant of remote access trojan called Bandook has been observed being propagated via phishing attacks with an aim to infiltrate Windows machines, underscoring the continuous evolution of the malware. Fortinet FortiGuard Labs, which identified the activity in Octo…THEHACKERNEWS.COM
📡 INFOSEC NEWS 15[−]
5 JanNetstat, but Better and in PowerShell, (Fri, Jan 5th)I don&#;x26;#;39;t know about you, but in Windows I use netstat pretty frequently. Netstat is a great tool to see what is happening on your network interface - listening ports, tcp connections and so on. Common arguments are: ISC.SANS.EDU
5 JanMimecast Acquires Human Risk Management Specialist Elevate SecurityThe deal aims to enhance digital work environment protection by gaining insights into human behavior. Mimecast plans to integrate Elevate Security's technology into its own security offerings by midyear.CYBERSECURITYDIVE.COM
5 JanIn Airtags Stalking Lawsuit, Federal Judge Says Apple Likely NegligentA federal judge in San Francisco has indicated that he is leaning towards denying Apple's motion to dismiss a class action lawsuit brought by stalking victims who claim that the company's AirTags tracking product enabled their abusers.THERECORD.MEDIA
5 JanCrypto wallet founder loses $125,000 to fake airdrop websiteA crypto wallet service co-founder shares with the world his agony after losing $125,000 to a crypto scam. The startup CEO, who at the time believed he was on a legitimate cryptocurrency airdrop website, realized after his loss that the domain he'd went on was setup for the purpo…BLEEPINGCOMPUTER.COM
5 JanMyEstatePoint Property Search Android App Leaks User Passwords, Email Addresses, and Phone NumbersThe MyEstatePoint Property Search app, developed by NJ Technologies in India, left a publicly accessible MongoDB server containing sensitive information such as names, plain-text passwords, email addresses, phone numbers, and more.SECURITYAFFAIRS.COM
5 JanUpdate your white hat hacking skills with $70 off this training bundleAggressively pursuing flaws and problems is the most effective way to ensure networks and data are secure. This 10-course ethical hacking bundle shows you how for $39.99, $70 off the $110 MSRP. [...]BLEEPINGCOMPUTER.COM
5 JanDOE Announces Up to $70 Million to Strengthen Energy Sector Against Physical and Cyber HazardsThe funding opportunity is open to public and private stakeholders, universities, and DOE's National Laboratories, and will focus on developing innovative solutions to strengthen the resilience of America's energy systems.ENERGY.GOV
5 JanCrypto Wallet Founder Loses $125,000 to Fake Airdrop WebsiteBill Lou, co-founder of Nest Wallet, a cryptocurrency wallet startup, lost $125,000 to a crypto scam. He fell victim to a phishing attack after visiting a fraudulent website that appeared to be a legitimate crypto airdrop platform.BLEEPINGCOMPUTER.COM
5 JanResolutions for a cybersecure 2024 | Kaspersky official blogHow to protect against new threats in 2024: artificial intelligence in the hands of hackers, vulnerabilities in smart homes, new types of financial fraud, and much more.KASPERSKY.COM
5 JanThe FBI Is Adding More Cyber-Focused Agents to US EmbassiesThe expansion of the FBI's cyber program reflects a shift towards a proactive approach, focusing on disrupting cybercriminal operations rather than just investigating after the fact.CYBERSCOOP.COM
5 JanUS charged 19 suspects linked to xDedic cybercrime marketplaceThe U.S. Department of Justice announced the end of a transnational investigation into the dark web xDedic cybercrime marketplace, charging 19 suspects for their involvement in running and using the market's services. [...]BLEEPINGCOMPUTER.COM
5 JanCybersecurity trends and challenges to watch out for in 2024 – Week in security with Tony AnscombeWhat are some of the key cybersecurity trends that people and organizations should have on their radars this year?WELIVESECURITY.COM
5 JanCertiK Twitter account hijacked by cryptocurrency scammer posing as Forbes journalistWeb3 security outfit CertiK has fallen foul of scammers, who managed to hijack its Twitter account to share a malicious link to a fake version of the Revoke.cash project.GRAHAMCLULEY.COM