🚨 CISA KEV 1[−]
8 Jan KEVCISA Adds Six Known Exploited Vulnerabilities to CatalogCISA has added six new vulnerabilities to its Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2023-38203 Adobe ColdFusion Deserialization of Untrusted Data Vulnerability CVE-2023-29300 Adobe ColdFusion Deserialization of Untrusted Data Vuln…CISA.GOV
⚠️ VULNERABILITY DISCLOSURE 21[−]
8 JanBuffer Overflow in TP-Link Tapo C100 Home Security Camerasubmitted by L4s to secops 1 points | 0 comments https://0xbigshaq.github.io/2024/01/05/tp-link-tapo-c100/ Buffer Overflow in TP-Link Tapo C100 Home Security Camera:: Note: This blogpost was written in November 2023, but I was waiting for the TP Link Security Team to release a fi…0XBIGSHAQ.GITHUB.IO
8 JanSentinelOne acquires Peak XV-backed PingSafe for over $100 millionSentinelOne’s deal to acquire PingSafe valued the Peak XV-backed young startup at over $100 million, two sources familiar with the matter told TechCrunch, in one of the strongest and fastest deals emerging from India. The New York Stock Exchange-listed AI security firm disc…TECHCRUNCH.COM
8 JanDoJ Charges 19 Worldwide in $68 Million xDedic Dark Web Marketplace FraudThe U.S. Department of Justice (DoJ) said it charged 19 individuals worldwide in connection with the now-defunct xDedic Marketplace, which is estimated to have facilitated more than $68 million in fraud. In wrapping up its investigation into the dark web portal, the age…THEHACKERNEWS.COM
8 JanWebinar – Leverage Zero Trust Security to Minimize Your Attack SurfaceDigital expansion inevitably increases the external attack surface, making you susceptible to cyberthreats. Threat actors increasingly exploit the vulnerabilities stemming from software and infrastructure exposed to the internet; this ironically includes security tools, particula…THEHACKERNEWS.COM
8 JanNIST Warns of Security and Privacy Risks from Rapid AI System DeploymentThe U.S. National Institute of Standards and Technology (NIST) is calling attention to the privacy and security challenges that arise as a result of increased deployment of artificial intelligence (AI) systems in recent years. “These security and privacy challenges incl…THEHACKERNEWS.COM
8 JanX Users Fed up With Constant Stream of Malicious Crypto AdsCybercriminals are exploiting Twitter ads to promote cryptocurrency scams. These scams include links to Telegram channels promoting pump and dumps, phishing pages, and sites hosting malicious scripts that steal assets from connected wallets.BLEEPINGCOMPUTER.COM
8 JanRoundup: Global software supply chain security guidance and regulationsSupply chain security continues to receive critical focus in the realm of cybersecurity, and with good reason: incidents such as SolarWinds , Log4j , Microsoft , and Okta software supply chain attacks continue to impact both leading proprietary software vendors as well as widely …CSOONLINE.COM
8 JanThe Teixeira leak: an ignoble betrayal of trust and an avoidable security failureTrust is a word much bandied in information security, often it seems as a table stake in the cybersecurity game. We have zero trust , in which we create an environment and culture where the goal is to protect data in every instance. Then there's insider trust, trusting colleagues…CSOONLINE.COM
8 JanRansomware Payment Ban: Wrong Idea at the Wrong TimeA complete ban on ransomware payments is not a viable solution to combat ransomware attacks, according to some experts. While eliminating extortion as a source of criminal income may reduce attacks, there are several reasons why a ban would not work.THEREGISTER.COM
8 JanMortgage Firm loanDepot Cyberattack Impacts IT Systems, Payment PortalThe loanDepot cyberattack caused its IT systems to go offline and prevented customers from making online payments on their loans. The company confirmed the attack and is working with law enforcement and forensics experts to investigate.BLEEPINGCOMPUTER.COM
8 JanVulnerability Handling in 2023: 28,000 New CVEs, 84 New CNAsA total of more than 28,000 CVE IDs were assigned in 2023 and 84 new CVE Numbering Authorities (CNAs) were named. The post Vulnerability Handling in 2023: 28,000 New CVEs, 84 New CNAs appeared first on SecurityWeek .SECURITYWEEK.COM
8 JanAuthLogParser: Open-Source Tool for Analyzing Linux Authentication LogsThe open-source tool offers granular event analysis, customizable tables, and an adaptive design, making it a powerful resource for digital forensics and incident response on Linux platforms.HELPNETSECURITY.COM
8 JanCyber Espionage Campaign by Sea Turtle APT Targets Dutch IT and Telecom CompaniesThe group leverages DNS hijacking and exploits known vulnerabilities to establish a foothold in target networks and gather intelligence to meet strategic Turkish interests.THEHACKERNEWS.COM
8 JanSecond Interdisciplinary Workshop on Reimagining DemocracyLast month, I convened the Second Interdisciplinary Workshop on Reimagining Democracy ( IWORD 2023 ) at the Harvard Kennedy School Ash Center. As with IWORD 2022 , the goal was to bring together a diverse set of thinkers and practitioners to talk about how democracy might be reim…SCHNEIER.COM
8 JanUpdate: Traces of LockBit Foul Play Emerge in Capital Health CyberattackCapital Health is now fully operational and working with a forensic investigation firm to assess the risk to patient and employee data. While the firm has not disclosed the hacker group involved, it has been alleged that LockBit ransomware was used.THECYBEREXPRESS.COM
8 JanKyberSlash Attacks Put Quantum-Safe Encryption Projects at RiskWhile patches have been released for some implementations, several projects using Kyber, including Signal, remain unpatched, and the impact of KyberSlash on users' communications is still unclear.BLEEPINGCOMPUTER.COM
8 JanNorth Korean Hackers Stole $600 Million in Cryptocurrency in 2023Despite law enforcement pressure, North Korean hackers continue to evolve and explore alternative money laundering methods, demanding continuous vigilance and innovation from businesses and governments.THEHACKERNEWS.COM
8 JanAsyncRAT Malware Attacking the US Infrastructure for 11 MonthsAsyncRAT is an open-source remote access Trojan (RAT) malware known for its ability to provide unauthorized access and control over infected systems. It was released in 2019. Hackers use it actively for various malicious purposes, including:- Cybersecurity researchers at AT&T…GBHACKERS.COM
8 JanxDedic Marketplace Admin and Operators ArrestedIn a landmark victory for cybersecurity, the xDedic Marketplace, a notorious haven for cybercrime, has been shut down. This international operation, spearheaded by the U.S. Attorney’s Office, FBI, IRS-CI, and a consortium of law enforcement agencies from Belgium, Ukra…GBHACKERS.COM
8 JanWhat is that User Agent?, (Mon, Jan 8th)Devices are connecting to different web resources on a regular basis. One method to identify what is connecting to a web resource is through a user agent [1] and many are received on DShield [2] honeypots.
ISC.SANS.EDU
8 JanUS mortgage lender loanDepot confirms ransomware attackLeading U.S. mortgage lender loanDepot confirmed today that a cyber incident disclosed over the weekend was a ransomware attack that led to data encryption. [...]BLEEPINGCOMPUTER.COM
📢 SECURITY ADVISORIES 9[−]
8 JanNIST Warns of Security and Privacy Risks from Rapid AI System DeploymentThe increased deployment of AI systems poses significant security and privacy challenges, including adversarial manipulation of training data and the potential exfiltration of sensitive information.THEHACKERNEWS.COM
8 JanNIST: No Silver Bullet Against Adversarial Machine Learning AttacksNIST has published guidance on adversarial machine learning (AML) attacks and mitigations, warning that there is no silver bullet. The post NIST: No Silver Bullet Against Adversarial Machine Learning Attacks appeared first on SecurityWeek .SECURITYWEEK.COM
8 JanCyberattack Hits Maldives Government WebsitesOver the weekend, the Maldives government websites experienced a cyberattack, resulting in temporary unavailability of the President's office, Foreign Ministry, and Tourism Ministry websites.THECYBEREXPRESS.COM
8 JanBreachForums Boss Jailed for Violating Release RequirementsConor Fitzgerald Allegedly Violated Computer Monitoring Requirement, VPN Ban The FBI arrested Conor Fitzgerald, the admitted administrator of the notorious, now-defunct BreachForums data breach forum and marketplace, for violating the conditions of his presentencing release, afte…DATABREACHTODAY.CO.UK
8 JanAdvice to Aspiring CISOs as SEC Mandate Fosters New Risk Management Framework - BSW #333In the leadership and communications section, Advice to Aspiring CISOs, New risk management framework helps with SEC mandate compliance, A Simple Hack to Help You Communicate More Effectively, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show No…YOUTUBE.COM
🔥 INCIDENT REPORTING 17[−]
8 JanDOJ Wraps xDedic Dark Web Marketplace Case; 19 Charged WorldwidexDedic Marketplace was known for selling login credentials and personal information of U.S. residents illegally. The marketplace listed over 700,000 compromised servers for sale, affecting thousands in the United States.BANKINFOSECURITY.COM
8 JanReport: Cyberattacks Drain $1.84 Billion From Web3 in 2023The average cost per incident was $2.45m in 2023. However, there was a wide disparity between the losses suffered, with the 10 most costly attacks alone accounting for $1.11bn.INFOSECURITY-MAGAZINE.COM
8 JanCanada: Memorial University Recovers From Cyberattack, Delays Semester StartThe Memorial University of Newfoundland experienced a cyberattack in late December, leading to the postponement of classes and disruptions to IT services at its Grenfell campus.BLEEPINGCOMPUTER.COM
8 JanMerck Settles With Insurers Who Denied $700 Million NotPetya ClaimThis settlement has implications for the insurance industry, as it clarifies the need to exclude coverage for state-backed cyberattacks linked to war and incidents that significantly disrupt a state's functioning.THERECORD.MEDIA
8 JanCyber Security Today, Jan 8, 2024 - How a Spanish cellular carrier's network was knocked offline, and moreThis episode reports on basic cybersecurity oversights that led to the hacking of a teclo, the increased number of victims of a US law firm hack, a data breach at a Canadian provider of midwives and moreCYBERSECURITYTODAY.LIBSYN.COM
8 JanLebanon Airport Screens Display Anti-Hezbollah Message After Being HackedThe information display screens at Beirut’s international airport were hacked by domestic anti-Hezbollah groups. The post Lebanon Airport Screens Display Anti-Hezbollah Message After Being Hacked appeared first on SecurityWeek .SECURITYWEEK.COM
8 JanBeirut International Airport Hit by Cyberattack Affecting Flight Information Display SystemThe Beirut International Airport in Lebanon was targeted by a cyberattack, with hackers breaching the Flight Information Display System (FIDS) and disrupting the baggage inspection system.SECURITYAFFAIRS.COM
8 JanBritish Library: Finances Remain Healthy As Ransomware Recovery ContinuesPACKETSTORMSECURITY.COM
8 JanCanada: Personal and Pregnancy Details of Midwives of Windsor Clients was BreachedThe compromised data includes names, addresses, contact information, medical details, and health insurance information. The exact number of affected clients is unclear, and it is unknown if the information has been misused.CBC.CA
8 JanCapital Health attack claimed by LockBit ransomware, risk of data leakThe Lockbit ransomware operation has claimed responsibility for a November 2023 cyberattack on the Capital Health hospital network and threatens to leak stolen data and negotiation chats by tomorrow. [...]BLEEPINGCOMPUTER.COM
8 JanSecuring helpdesks from hackers: What we can learn from the MGM breachIn the wake of the MGM Resorts service desk hack, it's clear that organizations need to rethink their approach to securing their help desks. Learn more from Specops Software on how to prevent such incidents. [...]BLEEPINGCOMPUTER.COM
8 JanFBI Releases Blackcat Ransomware Decryption Tool to Victims, Disrupting AttacksFor the first time ever, the U.S. Justice Department announced the existence of an FBI-developed decryption tool that has been used to save hundreds of victim organizations attacked by one of the most prolific ransomware variants in the world.KNOWBE4.COM
8 JanLoanDepot hit by suspected ransomware attackMortgage and loan giant LoanDepot said Monday it is experiencing a cyberattack and that it’s “working diligently to restore normal business operations as quickly as possible.” The Irvine, Calif.-based company said in a brief statement on its cybersecurity incide…TECHCRUNCH.COM
8 JanLoanDepot Hit by Ransomware Attack; Multiple Systems OfflineLarge Mortgage Lender's Customers Say the Online Payment Portable Is Inaccessible Non-bank mortgage lending giant LoanDepot is warning customers and investors that hackers have infiltrated its network, gained unauthorized access to information and encrypted data, leading to it ta…DATABREACHTODAY.CO.UK
8 JanNetgear, Hyundai latest X accounts hacked to push crypto drainersThe official Netgear and Hyundai MEA Twitter/X accounts (together with over 160,000 followers) are the latest hijacked to push scams designed to infect potential victims with cryptocurrency wallet drainer malware. [...]BLEEPINGCOMPUTER.COM
8 JanNYS: Clinic Must Pay $450K Fine, Spend $1.2M on SecurityState AG Settlement Comes After 2021 Lorenz Ransomware Attack on Health Center A federally funded health center that provides services to underserved communities in New York has been fined up to $450,000 and must invest $1.2 million in improving its data security, under a settlem…DATABREACHTODAY.CO.UK
8 JanToronto Zoo: Ransomware attack had no impact on animal wellbeingToronto Zoo, the largest zoo in Canada, says that a ransomware attack that hit its systems on early Friday had no impact on the animals, its website, or its day-to-day operations. [...]BLEEPINGCOMPUTER.COM
🕵️ THREAT INTELLIGENCE 20[−]
8 JanISC Stormcast For Monday, January 8th, 2024 https://isc.sans.edu/podcastdetail/8800, (Mon, Jan 8th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
8 JanNorth Korea's Cyber Heist: DPRK Hackers Stole $600 Million in Cryptocurrency in 2023Threat actors affiliated with the Democratic People's Republic of Korea (also known as North Korea) have plundered at least $600 million in cryptocurrency in 2023. The DPRK "was responsible for almost a third of all funds stolen in crypto attacks last year, despite a 30% reductio…THEHACKERNEWS.COM
8 JanUnifying Security Tech Beyond the Stack: Integrating SecOps with Managed Risk and StrategyCybersecurity is an infinite journey in a digital landscape that never ceases to change. According to Ponemon Institute1, “only 59% of organizations say their cybersecurity strategy has changed over the past two years.” This stagnation in strategy adaptation can be traced back to…THEHACKERNEWS.COM
8 JanCISO Conversations: Jason Rebholz and Jason Ozin From the Insurance SectorSecurityWeek interviews two CISOs from the insurance sector: Jason Rebholz at Corvus Insurance and Jason Ozin at UK-based PIB Group. The post CISO Conversations: Jason Rebholz and Jason Ozin From the Insurance Sector appeared first on SecurityWeek .SECURITYWEEK.COM
8 JanMajor IT, Crypto Firms Exposed to Supply Chain Compromise via New Class of CI/CD AttackSelf-hosted GitHub Actions runners could allow attackers to inject malicious code into repositories, leading to supply chain attacks. The post Major IT, Crypto Firms Exposed to Supply Chain Compromise via New Class of CI/CD Attack appeared first on SecurityWeek .SECURITYWEEK.COM
8 JanHow to Get Started with Security Automation: Consider the Top Use Cases within Your IndustryOrganizations in different industries may approach security automation from a different entry point, but the requirements for an automation platform are consistent across use cases. The post How to Get Started with Security Automation: Consider the Top Use Cases within Your Indus…SECURITYWEEK.COM
8 JanMentorship Monday - Discussions for career and learning!submitted by shellsharks to cybersecurity 1 points | 0 comments Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? …INFOSEC.PUB
8 JanSyrian Hackers Distributing Stealthy C#-Based Silver RAT to CybercriminalsThreat actors operating under the name Anonymous Arabic have released a remote access trojan (RAT) called Silver RAT that’s equipped to bypass security software and stealthily launch hidden applications. “The developers operate on multiple hacker forums and social media…THEHACKERNEWS.COM
8 Jan2024 Security Software Pricing Preference SurveyI need your help, I'm super interested to know what your current preferences are related to licensing and pricing models for security software. You may love or hate particular models and I'm dying to know what you actually like the best.KNOWBE4.COM
8 JanQNAP Patches High-Severity Flaws in QTS, Video Station, QuMagie, Netatalk ProductsQNAP has released patches for a dozen vulnerabilities in its products, including several high-severity flaws. The post QNAP Patches High-Severity Flaws in QTS, Video Station, QuMagie, Netatalk Products appeared first on SecurityWeek .SECURITYWEEK.COM
8 JanTurkish Cyberspies Targeting NetherlandsTurkish state-sponsored group Sea Turtle has been targeting multiple organizations in the Netherlands for espionage. The post Turkish Cyberspies Targeting Netherlands appeared first on SecurityWeek .SECURITYWEEK.COM
8 JanCyqur Launches A Game-Changing Data Encryption and Fragmentation Web ExtensionThe web extension, patented in the U.S. and U.K., is now available for pre-order in a limited, pre-sale event. Lack of online data security globally In today’s almost entirely digitised, cyber world, it’s imperative that private data and passwords remain secure and protected at a…GBHACKERS.COM
8 JanSubmit now: CSO Hall of Fame nominations open for first timeThis year marks a big change for the CSO Hall of Fame: CSO is accepting nominations for the first time. Now entering its fifth year, the CSO Hall of Fame spotlights outstanding leaders who have significantly contributed to the practice of information risk management and security.…CSOONLINE.COM
8 Jan2023 CSO Hall of Fame honoreesNow entering its fifth year, the CSO Hall of Fame spotlights outstanding leaders who have significantly contributed to the practice of information risk management and security. This year marks a big change for the Hall of Fame: CSO is accepting nominations for the first time. Pre…CSOONLINE.COM
8 JanUS DHS Solicits Synthetic Data Expertise for AI TrainingAgency Prepares $1.7M Contracts for Synthetic Data Prototypes In a solicitation for synthetic data generators, the U.S. federal government is looking for a machine that can generate fake data for real-world scenarios, such as identifying cybersecurity threats. Synthetic data can …DATABREACHTODAY.CO.UK
8 JanBest Practices for Moving Sensitive Data into the Cloud | Leadership & Communications - BSW #333This week, we are kick things by discussing Best Practices for Moving Sensitive Data into the Cloud, with Mike Scott, CISO at Immuta. Then we discuss our Leadership and Communications articles for this week. Visit https://www.securityweekly.com/bsw for all the latest episodes! Sh…YOUTUBE.COM
8 JanBest Practices for Moving Sensitive Data into the Cloud – Mike Scott – BSW #333Research shows that 26% of US workers currently work remotely, and there are expected to be 32.3 million American employees working remotely by 2025. To support these workers, organizations are adopting cloud solutions and migrating data to these cloud solutions. However, many bu…YOUTUBE.COM
8 JanBypass Cognito Account Enumeration Controlssubmitted by L4s to secops 1 points | 0 comments https://hackingthe.cloud/aws/enumeration/bypass_cognito_user_enumeration_controls/ Bypass Cognito Account Enumeration Controls::Leverage a flaw in Cognito’s API to enumerate accounts in User Pools.HACKINGTHE.CLOUD
8 JanBest Practices for Moving Sensitive Data into the Cloud - Mike Scott - BSW #333Research shows that 26% of US workers currently work remotely, and there are expected to be 32.3 million American employees working remotely by 2025. To support these workers, organizations are adopting cloud solutions and migrating data to these cloud solutions. However, many bu…YOUTUBE.COM
8 JanTurkish hackers Sea Turtle expand attacks to Dutch ISPs, telcosThe Turkish state-backed cyber espionage group tracked as Sea Turtle has been carrying out multiple spying campaigns in the Netherlands, focusing on telcos, media, internet service providers (ISPs), and Kurdish websites. [...]BLEEPINGCOMPUTER.COM
🌐 CYBER THREAT LANDSCAPE 3[−]
8 JanAfter Injecting Cancer Hospital With Malware, Crims Threaten To Swat PatientsPACKETSTORMSECURITY.COM
8 JanStuxnet: The malware that cost a billion dollars to develop?A report from the Netherlands claims that a Dutch man played a key role in the notorious Stuxnet worm attack against an Iranian nuclear facility, which then accidentally escaped into the wider world.GRAHAMCLULEY.COM
8 JanUpdate: Google Says Malware Abusing API Is Standard Token Theft, Not an API IssueGoogle downplays the severity of the issue, treating it as regular cookie theft and suggesting users log out of their Chrome browser to invalidate the stolen cookies and tokens.BLEEPINGCOMPUTER.COM
📡 INFOSEC NEWS 13[−]
8 JanIranian Crypto Exchange Bit24.cash Leaks User Passports and IDsIranian cryptocurrency exchange, Bit24.cash, has exposed sensitive data belonging to nearly 230,000 users. The exchange's misconfigured storage system granted access to KYC data, including passports, IDs, and credit cards.SECURITYAFFAIRS.COM
8 JanBots, Fraud Farms, and Cryptojacking Surge, Urgently Requiring AttentionCybercriminals are increasingly relying on ready-made bots and human fraud farms, which account for the majority of malicious website and app traffic, highlighting the need for robust defenses.HELPNETSECURITY.COM
8 JanNoName Group Claims DDoS Attacks on Ukrainian Government SitesThe NoName group has reportedly targeted several Ukrainian government websites, including Accordbank, Zaporizhzhya Titanium-Magnesium Plant, and the State Tax Service. The group posted a list of their latest DDoS attack victims on the dark web.THECYBEREXPRESS.COM
8 JanMeet Ika & Sal: The Bulletproof Hosting Duo from HellIn 2020, the United States brought charges against four men accused of building a bulletproof hosting empire that once dominated the Russian cybercrime industry and supported multiple organized cybercrime groups. All four pleaded guilty to conspiracy and racketeering charges. But…KREBSONSECURITY.COM
8 JanTwilio will ditch its Authy desktop 2FA app in August, goes mobile onlyThe Authy desktop apps for Windows, macOS, and Linux will be discontinued in August 2024, with the company recommending users switch to a mobile version of the two-factor authentication (2FA) app. [...]BLEEPINGCOMPUTER.COM
8 JanHackers hijack Beirut airport departure and arrival boardsOn Sunday evening electronic departure boards at Beirut's airport were hijacked by hackers who used them to display anti-Iranian and anti-Hezbollah messages.GRAHAMCLULEY.COM
8 JanGen AI could make KYC effectively uselessKYC, or “Know Your Customer,” is a process intended to help financial institutions, fintech startups and banks verify the identity of their customers. Not uncommonly, KYC authentication involves “ID images,” or cross-checked selfies used to confirm a perso…TECHCRUNCH.COM
8 JanSexual assault in the metaverse investigated by British policeBritish police say that they are investigating reports that a girl under the age of 16 was sexually assaulted... in an online virtual reality game.GRAHAMCLULEY.COM
8 JanThe best Windows 11 features added in 2023The year 2023 marks a significant milestone for Windows 11 with the introduction of several new features and improvements. This includes drag and drop for the taskbar, AI, and more. [...]BLEEPINGCOMPUTER.COM
8 JanBlueHat India Call for Papers is Now Open!You asked for it and it’s finally here! The inaugural BlueHat India conference will be held April 18-19, 2024, in Hyderabad, India! This intimate conference will bring together a unique blend of security researchers and responders, who come together as peers to exchange ideas, ex…MSRC.MICROSOFT.COM