🐛 COMMON VULNERABILITIES AND EXPOSURES 1[−]
7 JanIvanti Patches Critical Endpoint Security VulnerabilitySQL Injection Flaw Affects All Supported Versions of Ivanti Endpoint Manager Ivanti issued an urgent alert to users of its endpoint security product to patch a critical vulnerability that exposes systems to potential exploitation by unauthorized attackers. The SQL injection vulne…DATABREACHTODAY.CO.UK
⚠️ VULNERABILITY DISCLOSURE 3[−]
7 JanWeekly Update 381Presently sponsored by: Unpatched devices keeping you up at night? Kolide can get your entire fleet updated in days. It's Device Trust for Okta. Watch the demo! It's another weekly update from the other side of the world with Scott and I in Rome as we continue a bit of downt…TROYHUNT.COM
7 JanCybercriminals launched “Leaksmas” event in the Dark Web exposing massive volumes of leaked PII and compromised datasubmitted by c0mmando to netsec 1 points | 0 comments https://www.resecurity.com/blog/article/cybercriminals-launched-leaksmas-event-in-the-dark-web-exposing-massive-volumes-of-leaked-pii-and-compromised-data Even as the New Year approached and the world celebrated the festive Ch…RESECURITY.COM
7 JanSuspicious Prometei Botnet Activity, (Sun, Jan 7th)On the 31 Dec 2023, after trying multiple username/password combination, actor using IP 194.30.53.68 successfully loging to the honeypot and uploaded eight files where 2 of them are protected with a 7zip password ( updates1.7z & upda…ISC.SANS.EDU
📢 SECURITY ADVISORIES 1[−]
7 JanLDAP Watchdog: A real-time LDAP monitoring tool for detecting (or stalking) directory changessubmitted by L4s to secops 1 points | 0 comments https://github.com/MegaManSec/LDAP-Monitoring-Watchdog LDAP Watchdog: A real-time LDAP monitoring tool for detecting (or stalking) directory changes::LDAP Watchdog: A real-time linux-compatible LDAP monitoring tool for detecting di…GITHUB.COM
🔥 INCIDENT REPORTING 1[−]
7 JanMortgage firm loanDepot cyberattack impacts IT systems, payment portalU.S. mortgage lender loanDepot has suffered a cyberattack that caused the company to take IT systems offline, preventing online payments against loans. [...]BLEEPINGCOMPUTER.COM
🕵️ THREAT INTELLIGENCE 2[−]
7 JanNorth Korea Debuts 'SpectralBlur' Malware Amid macOS Onslaughtsubmitted by kinther to cybersecurity 1 points | 0 comments https://www.darkreading.com/threat-intelligence/north-korea-debuts-spectralblur-malware-amid-macos-onslaughtDARKREADING.COM
7 Jan(Im)perfectProject(or) - Hacking a small WiFi connected projector for fun and to learn hard lessons.submitted by L4s to secops 1 points | 0 comments https://axelp.io/ImperfectProjector (Im)perfectProject(or) - Hacking a small WiFi connected projector for fun and to learn hard lessons.::A perfect project to hack an imperfect projector, including a hardware teardown, potential CL…AXELP.IO
🌐 CYBER THREAT LANDSCAPE 1[−]
7 JanStealthy AsyncRAT malware attacks targets US infrastructure for 11 monthsA campaign delivering the AsyncRAT malware to select targets has been active for at least the past 11 months, using hundreds of unique loader samples and more than 100 domains. [...]BLEEPINGCOMPUTER.COM
📡 INFOSEC NEWS 1[−]
7 JanKyberSlash attacks put quantum encryption projects at riskMultiple implementations of the Kyber key encapsulation mechanism for quantum-safe encryption, are vulnerable to a set of flaws collectively referred to as KyberSlash, which could allow the recovery of secret keys. [...]BLEEPINGCOMPUTER.COM