🚨 CISA KEV 1[−]
11 Jan KEVCISA Urges Patching of Exploited SharePoint Server VulnerabilityCISA has added a critical Microsoft SharePoint Server flaw (CVE-2023-29357) to its Known Exploited Vulnerabilities catalog. The post CISA Urges Patching of Exploited SharePoint Server Vulnerability appeared first on SecurityWeek .SECURITYWEEK.COM
🐛 COMMON VULNERABILITIES AND EXPOSURES 15[−]
11 JanCisco Fixes High-Risk Vulnerability Impacting Unity Connection SoftwareCisco has released software updates to address a critical security flaw impacting Unity Connection that could permit an adversary to execute arbitrary commands on the underlying system. Tracked as CVE-2024-20272 (CVSS score: 7.3), the vulnerability is an arbitrary file …THEHACKERNEWS.COM
11 Jan KEVActively Exploited Zero-Days in Ivanti VPN are Letting Hackers Backdoor NetworksThe vulnerabilities, tracked as CVE-2023-846805 and CVE-2024-21887, were used in an attack last month to steal configuration data, modify files, and gain unauthorized access to systems.ARSTECHNICA.COM
11 Jan KEVChinese hackers exploit Ivanti VPN zero days for RCE attacksTwo critically severe zero-day vulnerabilities in devices running Ivanti VPN services are being actively exploited by Chinese nation-state actors for unauthenticated remote code execution, according to Volexity research. Tracked as CVE-2023-46805 and CVE-2024-21887, the vulnerabi…CSOONLINE.COM
11 JanNew PoC Exploit for Apache OfBiz Vulnerability Poses Risk to ERP SystemsCybersecurity researchers have developed a proof-of-concept (PoC) code that exploits a recently disclosed critical flaw in the Apache OfBiz open-source Enterprise Resource Planning (ERP) system to execute a memory-resident payload. The vulnerability in questio…THEHACKERNEWS.COM
11 JanState-backed hackers are exploiting new Ivanti VPN zero-days — but no patches yetU.S. software giant Ivanti has confirmed that hackers are exploiting two critical-rated vulnerabilities affecting its widely-used corporate VPN appliance, but said that patches won’t be available until the end of the month. Ivanti said the two vulnerabilities — tracked as CVE-202…TECHCRUNCH.COM
11 JanJuniper Networks Releases Security Bulletin for Junos OS and Junos OS EvolvedJuniper Networks has released a security advisory to address a vulnerability (CVE-2024-21611) in Junos OS and Junos OS Evolved. A cyber threat actor could exploit this vulnerability to cause a denial-of-service condition. CISA encourages users and administrators to review the Jun…CISA.GOV
11 JanCisco Releases Security Advisory for Cisco Unity ConnectionCisco released a security advisory to address a vulnerability (CVE-2024-20272) in Cisco Unity Connection. A cyber threat actor could exploit this vulnerability to take control of an affected system. CISA encourages users and administrators to review the Cisco Unity Connection Una…CISA.GOV
11 JanAttackers deploy rootkits on misconfigured Apache Hadoop and Flink serversResearchers have discovered a new malware attack campaign that exploits misconfigurations in Apache Hadoop and Flink, two technologies for processing big data sets and data streams. The attackers behind the campaign exploit these issues without authentication to deploy rootkits o…CSOONLINE.COM
11 JanMicrosoft shares script to update Windows 10 WinRE with BitLocker fixesMicrosoft has released a PowerShell script to automate updating the Windows Recovery Environment (WinRE) partition in order to fix CVE-2024-20666, a vulnerability that allowed for BitLocker encryption bypass. [...]BLEEPINGCOMPUTER.COM
11 JanChromium: CVE-2024-0333 Insufficient data validation in ExtensionsThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
11 JanCVE-2024-20675 Microsoft Edge (Chromium-based) Security Feature Bypass VulnerabilityInformation published.MSRC.MICROSOFT.COM
11 JanCVE-2023-48631 Adobe Systems Incorporated: CVE-2023-Improper Input Validation Denial of Service VulnerabilityInformation published.MSRC.MICROSOFT.COM
11 JanCVE-2024-20709 Adobe Systems Incorporated: CVE-2024-20709 Javascript Implementation PDF VulnerabilityThis CVE was assigned by Adobe Systems Incorporated. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2023) for more information.MSRC.MICROSOFT.COM
11 JanCVE-2024-21337 Microsoft Edge (Chromium-based) Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
11 JanMiraclePtr: protecting users from use-after-free vulnerabilities on more platformsPosted by Keishi Hattori, Sergei Glazunov, Bartek Nowierski on behalf of the MiraclePtr team Welcome back to our latest update on MiraclePtr, our project to protect against use-after-free vulnerabilities in Google Chrome. If you need a refresher, you can read our previous blog po…SECURITY.GOOGLEBLOG.COM
⚠️ VULNERABILITY DISCLOSURE 24[−]
11 JanChinese Hackers Exploit Zero-Day Flaws in Ivanti Connect Secure and Policy SecureA pair of zero-day flaws identified in Ivanti Connect Secure (ICS) and Policy Secure have been chained by suspected China-linked nation-state actors to breach less than 10 customers. Cybersecurity firm Volexity, which identified the activity on the network of one of its…THEHACKERNEWS.COM
11 JanMandiant's X Account Was Hacked Using Brute-Force AttackThe compromise of Mandiant's X (formerly Twitter) account last week was likely the result of a "brute-force password attack," attributing the hack to a drainer-as-a-service (DaaS) group. "Normally, [two-factor authentication] would have mitigated this, but due to some team transi…THEHACKERNEWS.COM
11 JanCisco Says Critical Unity Connection Bug Lets Attackers Get RootThe vulnerability, found in the software's web-based management interface, allows attackers to execute commands on the underlying operating system by uploading arbitrary files.BLEEPINGCOMPUTER.COM
11 JanSecurity firm Mandiant says it didn’t have 2FA enabled on its hacked Twitter accountAnyone who works in computer security knows that they should have two-factor authentication (2FA) enabled on their accounts. 2FA provides an additional layer of security. A hacker might be able to guess, steal, or brute force the password on your accounts - but they won't be able…GRAHAMCLULEY.COM
11 JanThousands of WordPress Sites with Popup Builder Plugin Compromised by Balada InjectorA stored XSS flaw in the Popup Builder WordPress plugin has been exploited by the Balada Injector campaign. The campaign injects malicious code into websites using older versions of the plugin, with over 6,200 sites currently affected.SUCURI.NET
11 JanPharmacies Giving Patient Records to Police without WarrantsAdd pharmacies to the list of industries that are giving private data to the police without a warrant .SCHNEIER.COM
11 JanCisco Patches Critical Vulnerability in Unity Connection ProductCisco Unity Connection flaw could allow remote, unauthenticated attackers to upload arbitrary files and execute commands on the system. The post Cisco Patches Critical Vulnerability in Unity Connection Product appeared first on SecurityWeek .SECURITYWEEK.COM
11 JanMandiant Details How Its X Account Was HackedMandiant’s X account was hacked as a result of a brute force attack as part of a cryptocurrency scheme that earned at least $900k. The post Mandiant Details How Its X Account Was Hacked appeared first on SecurityWeek .SECURITYWEEK.COM
11 JanMirai-Based NoaBot Launches a DDoS Attack on Linux DevicesHackers use the Mirai botnet to launch large-scale Distributed Denial of Service (DDoS) attacks by exploiting vulnerable Internet of Things (IoT) devices. Mirai’s ability to recruit a massive number of compromised devices allows attackers to do the following things to…GBHACKERS.COM
11 JanMicrosoft Fixes 48 Bugs In January Patch Tuesday, None Of Them Zero DaysPACKETSTORMSECURITY.COM
11 Jan KEVActively Exploited 0-Days In Ivanti VPN Are Letting Hackers Backdoor NetworksPACKETSTORMSECURITY.COM
11 JanA Vulnerability in Cisco Unity Connection Could Allow for Arbitrary Code ExecutionA vulnerability has been discovered in Cisco Unity Connection that could allow for arbitrary code execution on a targeted host. Cisco Unity Connection is a unified messaging and voicemail solution that allows users access and manage messages from an email inbox, web browser, Cisc…CISECURITY.ORG
11 JanCISA Releases Nine Industrial Control Systems AdvisoriesCISA released nine Industrial Control Systems (ICS) advisories on January 11, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-011-03 Rapid Software LLC Rapid SCADA ICSA-24-011-04 Horner Automa…CISA.GOV
11 JanWe're Old Now - PSW #812The Exploit Prediction Scoring System is Awesome, or so some say, Reflections on InfoSec, Why some people don’t trust science, SSH-Snake, Back in the Driver’s seat, I Hacked My Internet Service Provider, States & Congress wrestle with cybersecurity, Combining AI with human brain …YOUTUBE.COM
11 JanJourney into the Immersive Frontier: Preliminary NIST Research on Cybersecurity and Privacy Standards for Immersive TechnologiesWords like “metaverse” and “augmented reality” may conjure up thoughts of friends in headsets wielding virtual sabers or folks roaming the streets at night in search of PokéStops. Virtual, augmented, and mixed reality technologies (“immersive technologies”) have entered the popul…NIST.GOV
11 JanBitwarden adds passkey support to log into web password vaultsThe open-source Bitwarden password manager has announced that all users can now log in to their web vaults using a passkey instead of the standard username and password pairs. [...]BLEEPINGCOMPUTER.COM
11 JanSuspected Chinese Hackers Exploit 2 Ivanti Zero-DaysCyber Agencies Urge Users to Apply Workaround in the Absence of Patches Hackers possibly connected to the Chinese government since December have exploited two zero-days in a VPN from software developer Ivanti that is widely used by governments and corporations, and a patch won't …DATABREACHTODAY.CO.UK
11 JanPredicting GenAI Threats & Concerns + Pros & Cons of Building a Security Business Around Open SourceJoin us live at 3pm ET as we discuss Predicting GenAI Threats and Concerns in 2024 with Greg Notch, Chief Information Security Officer at Expel. Join us for Segment 2 at 3:45pm ET as we cover The Pros and Cons of Building a Security Business Around Open Source with Ev Kontsevoy, …YOUTUBE.COM
11 JanBreach Roundup: FTC Bans Data Broker From Sharing LocationsAlso: Microsoft Fixes 48 Flaws in January Patch Tuesday But No Zero-Days This week: Microsoft addressed 48 security flaws, AsyncRAT targeted critical infrastructure operators, the Supreme Court rejected X Corp.'s bid to disclose national security requests, hackers hit Beirut airp…DATABREACHTODAY.CO.UK
11 JanFramework discloses data breach after accountant gets phishedFramework Computer disclosed a data breach exposing the personal information of an undisclosed number of customers after Keating Consulting Group, its accounting service provider, fell victim to a phishing attack. [...]BLEEPINGCOMPUTER.COM
11 JanThe Pros and Cons of Building a Security Business Around Open Source - Ev Kontsevoy - ESW #345Many founders and early stage startups closely guard product details and information about their roadmap and go-to-market plan. Is it a bad idea then to build a company based around an open source project? Not at all, according to Ev Kontsevoy, whose company Teleport has done jus…YOUTUBE.COM
11 JanTurkish Hackers Exploit MS SQL Servers to Deliver RansomwareFinancially Motivated Actors Targeting US, EU and LATAM Countries Financially motivated Turkish hackers are targeting Microsoft SQL servers in the United States, Europe and Latin America in hacking that ultimately ends with deployment of Mimic ransomware or the sale of access to …DATABREACHTODAY.CO.UK
11 JanA peek behind the curtain: How are sock puppet accounts used in OSINT?How wearing a ‘sock puppet’ can aid the collection of open source intelligence while insulating the ‘puppeteer’ from risksWELIVESECURITY.COM
📋 SECURITY BULLETINS 1[−]
11 JanIntel, AMD, Zoom, Splunk Release Patch Tuesday Security AdvisoriesIntel, AMD, Zoom and Splunk released security advisories on Patch Tuesday to inform customers about vulnerabilities found in their products. The post Intel, AMD, Zoom, Splunk Release Patch Tuesday Security Advisories appeared first on SecurityWeek .SECURITYWEEK.COM
📢 SECURITY ADVISORIES 6[−]
11 JanUK: NCSC Publishes Practical Security Guidance for SMBsSmaller organizations are increasingly reliant on cloud and online services, making them vulnerable to cyber threats. The guide provides practical advice on choosing the right service, securing user accounts, and recovering from a cyberattack.INFOSECURITY-MAGAZINE.COM
11 JanFinland warns of Akira ransomware wiping NAS and tape backup devicesThe Finish National Cybersecurity Center (NCSC-FI) is informing of increased Akira ransomware activity in December, targeting companies in the country and wiping backups. [...]BLEEPINGCOMPUTER.COM
11 JanFinland Warns of Akira Ransomware Wiping NAS and Tape Backup DevicesThe NCSC-FI has warned of increased Akira ransomware attacks in December. These attacks targeted companies in Finland and involved wiping backups, making it difficult for victims to recover their data without paying a ransom.BLEEPINGCOMPUTER.COM
🔥 INCIDENT REPORTING 6[−]
11 JanTwitter says, It’s not our fault the SEC’s account got hackedThe safety team at Twitter has responded to the high profile hack of the SEC Twitter account, which made headlines around the world. And what do they have to say? Well, in a nutshell - "it's not our fault. They lost control of their mobile phone number and didn't have 2FA enabled…GRAHAMCLULEY.COM
11 JanThere is a Ransomware Armageddon Coming for Us AllGenerative AI will enable anyone to launch sophisticated phishing attacks that only Next-generation MFA devices can stop The least surprising headline from 2023 is that ransomware again set new records for a number of incidents and the damage inflicted. We saw new headlines every…THEHACKERNEWS.COM
11 JanHMG Healthcare Discloses Data Breach Affecting 40 Affiliated Nursing FacilitiesThe breach occurred in August 2023 when threat actors gained unauthorized access to a company server and stole unencrypted files containing medical records, personal information, and employment records.SECURITYAFFAIRS.COM
11 JanThreat Actors Increasingly Abusing GitHub for Malicious PurposesThe ubiquity of GitHub in information technology (IT) environments has made it a lucrative choice for threat actors to host and deliver malicious payloads and act as dead drop resolvers, command-and-control, and data exfiltration points. “Using GitHub services for malicious …THEHACKERNEWS.COM
11 JanHalara probes breach after hacker leaks data for 950,000 peoplePopular athleisure clothing brand Halara is investigating a data breach after the alleged data of almost 950,000 customers was leaked on a hacking forum. [...]BLEEPINGCOMPUTER.COM
🕵️ THREAT INTELLIGENCE 20[−]
11 JanISC Stormcast For Thursday, January 11th, 2024 https://isc.sans.edu/podcastdetail/8806, (Thu, Jan 11th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
11 JanThe Evolution of Purple Teaming - Jared Atkinson - PSW #812Jared would like to discuss the evolution of purple teaming. Put bluntly, he believes traditional purple team approaches don’t test enough variations of attack techniques, delivering a false sense of detection coverage. He would like to talk about: The shortcomings of red team as…YOUTUBE.COM
11 JanBeware of Phishing Scams Disguised as Annual HR TasksThreat actors are increasingly using annual responsibilities like open enrollment, 401k updates, and salary adjustments as lures to steal employee credentials through phishing emails.COFENSE.COM
11 JanNew NoaBot Botnet Spreads an Illicit Cryptominer on Linux SystemsThe malware's obfuscation and custom code suggest mature threat actors, but the inclusion of childish elements complicates attribution, making it difficult to determine the exact nature of the operation.THERECORD.MEDIA
11 JanAtomic Stealer Gets an Upgrade - Targeting Mac Users with Encrypted PayloadCybersecurity researchers have identified an updated version of a macOS information stealer called Atomic (or AMOS), indicating that the threat actors behind the malware are actively enhancing its capabilities. "It looks like Atomic Stealer was updated around mid to lat…THEHACKERNEWS.COM
11 JanKnowBe4 Named a Leader in the Winter 2024 G2 Grid Report for Security Orchestration, Automation, and Response (SOAR)We are excited to announce that KnowBe4 has been named a leader in the Winter 2024 G2 Grid Report for Security Orchestration, Automation, and Response (SOAR) for the PhishER platform for the eleventh consecutive quarter!KNOWBE4.COM
11 JanAI-Powered Misinformation is the World’s Biggest Short-Term Threat, Davos Report SaysFalse and misleading information supercharged with cutting-edge AI that threatens to erode democracy and polarize society, the World Economic Forum said in a new report. The post AI-Powered Misinformation is the World’s Biggest Short-Term Threat, Davos Report Says appeared first …SECURITYWEEK.COM
11 JanComing Soon to a Network Near You: More Shadow IoTConsumer IoT devices will increase the threat to commercial, government, healthcare, educational, and other organizations. The post Coming Soon to a Network Near You: More Shadow IoT appeared first on SecurityWeek .SECURITYWEEK.COM
11 JanChina-Linked Volt Typhoon Hackers Possibly Targeting Australian, UK GovernmentsChinese APT Volt Typhoon appears engaged in new attacks against government entities in the US, UK, and Australia. The post China-Linked Volt Typhoon Hackers Possibly Targeting Australian, UK Governments appeared first on SecurityWeek .SECURITYWEEK.COM
11 JanVulnerabilities on Bosch Rexroth Nutrunners May Be Abused to Stop Production Lines, Tamper with Safety-Critical Tighteningssubmitted by L4s to secops 1 points | 0 comments https://www.nozominetworks.com/blog/vulnerabilities-on-bosch-rexroth-nutrunners Vulnerabilities on Bosch Rexroth Nutrunners May Be Abused to Stop Production Lines, Tamper with Safety-Critical Tightenings::New vulnerabilities discov…NOZOMINETWORKS.COM
11 JanAtomic Stealer Delivered Through Malicious Ads Via Google SearchHackers use Google ads to distribute malicious stealers and malware as it provides a legitimate shield that allows them to reach a wider audience without any suspicious detection. The use of such a trusted platform also increases the chances of unsuspecting users clicking o…GBHACKERS.COM
11 JanCryptohack Roundup: It's Raining Phishing Scams on XAlso: Bitcoin ETP, Gamma and dYdX Attacks, 2023 Hack Stats This week, hackers ran crypto phishing scams on X accounts, the SEC approved bitcoin ETP, hackers stole $3.4 million from Gamma, dYdX detailed post-hack steps, CertiK published 2023 hack stats, TRM Labs discussed North Ko…DATABREACHTODAY.CO.UK
11 JanMicrosoft Lets Cloud Users Keep Personal Data Within Europe to Ease Privacy FearsMicrosoft said that it is upgrading its cloud computing service to let customers store all personal data within the European Union. The post Microsoft Lets Cloud Users Keep Personal Data Within Europe to Ease Privacy Fears appeared first on SecurityWeek .SECURITYWEEK.COM
11 JanBeware of "Get to Know Me" SurveysTrained security awareness professionals are aware that whatever someone says about themselves and personal experiences can be used against them in a social engineering scam. It is always good to share that message, at least once a year with co-workers, family members, and friend…KNOWBE4.COM
11 JanMicrosoft Takes the Lead in Q4 2023 for Alarming Phishing AttemptsMicrosoft was the most impersonated brand last quarter, accounting for a third (33%) of all brand phishing attempts in October, November, and December 2023, according to Check Point’s Brand Phishing Report for Q4 2023.KNOWBE4.COM
11 JanFTC Issues Warning About the Dangers of QR Code-Based ScamsThe latest consumer alert posted by the federal trade commission (FTC) signals that the upticks in QR code-based scams are being seen by cybersecurity vendors are indeed a valid growing problem.KNOWBE4.COM
11 JanAttackers' GitHub Abuse Poses Growing Risk, Researchers WarnCybersecurity Researchers Detail Defenses Against Attackers Abusing Cloud Services While cybercriminals and advanced persistent threat groups have long abused legitimate internet services both to scale and disguise various types of attacks, a new report warns of a growing challen…DATABREACHTODAY.CO.UK
11 JanResearchers Flag FBot Hacking Tool Hijacking Cloud, Payment ServicesThe tool, called FBot, is capable of credential harvesting for spamming attacks, and AWS, PayPal and SaaS account hijacking. The post Researchers Flag FBot Hacking Tool Hijacking Cloud, Payment Services appeared first on SecurityWeek .SECURITYWEEK.COM
11 Jan[New Phishing Template] Formula 1 Exclusive: Gene Haas on Guenther Steiner's DepartureIn a surprising turn of events for Formula 1 enthusiasts, the Haas F1 Team is grappling with the departure of its widely-respected Team Principal, Guenther Steiner. Let's dive into the implications of Guenther Steiner's departure and more information on a new template that our Kn…KNOWBE4.COM
11 JanPredicting GenAI Threats and Concerns in 2024 - Greg Notch - ESW #345GenAI hype is still at peak levels, but clearly some of the hopes and dreams pinned on it will fail, while other use cases we haven't even imagined will become commonplace. Greg Notch joins us to share his thoughts on what security leaders and the general public should be more or…YOUTUBE.COM
🌐 CYBER THREAT LANDSCAPE 3[−]
11 JanAtomic Stealer Rings in the New Year With Updated VersionAtomic Stealer, a popular malware among criminals, has recently been updated with payload encryption to evade detection and has been distributed through malvertising campaigns and cracked software.MALWAREBYTES.COM
11 JanBlack Basta-Affiliate Spreads PikabotThreat group Water Curupira, known for its Cobalt Strike backdoors, recently transitioned to using Pikabot malware in phishing campaigns. Pikabot witnessed a surge in activity in Q4 2023, potentially serving as a replacement for Qakbot after its takedown. Users must exercise caut…CYWARE.COM
11 JanTrend Micro Defends FIFA World Cup from Cyber ThreatsTrend Micro collaborates with INTERPOL to defend FIFA World Cup by preventing attacks & mitigating risks to fight against the rising threat of cybercrime.TRENDMICRO.COM
🎙️ PODCASTS 3[−]
11 JanSmashing Security podcast #354: Chuck Norris and the fake CEO, artificial KYC, and an Airbnb scamChuck Norris gives a helping hand to a mysterious cryptocurrency CEO who may have separated investors from over a billion dollars, generative AI creates a nightmare for those wanting to Know Their Customer, and a determined journalist finally gets their revenge on a sneaky Airbnb…GRAHAMCLULEY.COM
11 JanNew YouTube Video Series: Hacker Tools Origin Stories, (Thu, Jan 11th)I remembered that I should have mentioned this in today&#;x26;#;39;s podcast, so here it goes as a quick post. The amazing Mark Baggett stepped away from his Python console and started a new series of YouTube videos about the origin stories of various …ISC.SANS.EDU
11 JanTransatlantic Cable podcast episode 329 looks news around Stuxnet, how journalists and creative artists are suing OpenAI and much more! | Kaspersky official blogEpisode 329 of the Kaspersky podcast includes AI, Stuxnet and X accounts being flogged on the dark-web.KASPERSKY.COM
📡 INFOSEC NEWS 16[−]
11 JanWhy you should start the year with a digital cleanup | Kaspersky official blogIncrease productivity and security this year by kicking off with a digital cleanup — clearing data, canceling subscriptions, deleting accounts, and more.KASPERSKY.COM
11 JanTop LLM Vulnerabilities and How to Mitigate the Associated RiskEnterprises must implement robust security measures throughout the AI application development lifecycle to mitigate vulnerabilities such as prompt and data leakage, including sandboxing, whitelisting, and careful vetting of plug-ins.HELPNETSECURITY.COM
11 JanExtraHop Raises $100M in Growth CapitalSeattle-based company ExtraHop has raised $100 million in growth capital for its cloud-native network detection and response platform. The funding will be used to expand operations and business reach.FINSMES.COM
11 JanFrench Hacker From ‘ShinyHunters’ Group Sentenced to Three Years in US PrisonA 22-year-old French hacker has been sentenced to three years in U.S. federal prison for his involvement in the ShinyHunters hacking group and must pay $5 million in restitution.THERECORD.MEDIA
11 JanNew Python-based FBot Hacking Toolkit Aims at Cloud and SaaS PlatformsA new Python-based hacking tool called FBot has been uncovered targeting web servers, cloud services, content management systems (CMS), and SaaS platforms such as Amazon Web Services (AWS), Microsoft 365, PayPal, Sendgrid, and Twilio. “Key features include credential ha…THEHACKERNEWS.COM
11 JanChertoff Group Affiliate Completes Trustwave AcquisitionMC2 Security Fund has completed its acquisition of Trustwave, a managed security services provider, expanding its reach and placing Trustwave in front of Chertoff Group customers in the commercial and public sectors.DARKREADING.COM
11 JanNew Python-based FBot Hacking Toolkit Aims at Cloud and SaaS PlatformsA new Python-based hacking tool called FBot has been discovered, targeting web servers, cloud services, content management systems, and SaaS platforms like Amazon Web Services and Microsoft 365.THEHACKERNEWS.COM
11 JanA geofence warrant typo cast a location dragnet spanning two miles over San FranciscoCivil liberties advocates have long argued that “geofence” search warrants are unconstitutional for their ability to ensnare entirely innocent people who were nearby at the time a crime was committed. But errors in the geofence warrant applications that go before a ju…TECHCRUNCH.COM
11 JanTop Takeaways From the Hijacking of Mandiant's X AccountAll Organizations That Use X Should Review Their Two-Factor Authentication Settings Google Cloud's Mandiant says its account at X, formerly Twitter, was hijacked and used to link to cryptocurrency phishing pages after an attacker guessed the account password, apparently after Twi…DATABREACHTODAY.CO.UK
11 JanNew Balada Injector campaign infects 6,700 WordPress sitesA new Balada Injector campaign launched in mid-December has infected over 6,700 WordPress websites using a vulnerable version of the Popup Builder campaign. [...]BLEEPINGCOMPUTER.COM
11 JanMicrosoft testing Windows 11 USB 80Gbps support, Copilot on loginMicrosoft is now testing support for the USB4 Version 2.0 specification in Windows 11, enabling transfer speeds of up to 80 Gbps over USB Type-C cables. [...]BLEEPINGCOMPUTER.COM
11 JanOver 150k WordPress sites at takeover risk via vulnerable pluginTwo vulnerabilities impacting the POST SMTP Mailer WordPress plugin, an email delivery tool used by 300,000 websites, could help attackers take complete control of a site authentication. [...]BLEEPINGCOMPUTER.COM
11 JanHow the Merck Case Shapes the Future of Cyber InsuranceMerck & Co.'s proposed settlement with insurers over a $1.4 billion claim related to the NotPetya attack will change the language the insurance industry uses to exclude acts of war in its policies, and organizations need to consider how those changes affect risk, said attorney Pe…DATABREACHTODAY.CO.UK
11 JanMajor T-Mobile outage takes down account access, mobile appA major T-Mobile outage is currently preventing customers from logging into their accounts and from using the company's mobile app. [...]BLEEPINGCOMPUTER.COM