18Articles
6Categories
2024-01-13Date
🐛 COMMON VULNERABILITIES AND EXPOSURES 2[−]
13 JanCritical RCE Vulnerability Uncovered in Juniper SRX Firewalls and EX SwitchesJuniper Networks has released updates to fix a critical remote code execution (RCE) vulnerability in its SRX Series firewalls and EX Series switches. The issue, tracked as CVE-2024-21591, is rated 9.8 on the CVSS scoring system. “An out-of-bounds write vulnerability in J-Web…THEHACKERNEWS.COM
13 JanWelcome To 2024, The SSLVPN Chaos Continues - Ivanti CVE-2023-46805 & CVE-2024-21887 (watchTowr Labs)submitted by L4s to secops 1 points | 0 comments https://labs.watchtowr.com/welcome-to-2024-the-sslvpn-chaos-continues-ivanti-cve-2023-46805-cve-2024-21887/ Welcome To 2024, The SSLVPN Chaos Continues - Ivanti CVE-2023-46805 & CVE-2024-21887 (watchTowr Labs)::Did you have a g…LABS.WATCHTOWR.COM
⚠️ VULNERABILITY DISCLOSURE 7[−]
13 JanUpdate: Nation-State Actors Weaponize Ivanti VPN Zero-Days, Deploying Five Malware FamiliesSuspected nation-state threat actors have been exploiting two zero-day vulnerabilities in Ivanti Connect Secure VPN appliances to gain backdoor access to targeted devices.THEHACKERNEWS.COM
13 JanNew Financial Fraud APK Campaign DiscoveredA new family of malicious Android Package Kit (APK) files has been discovered targeting Chinese users. The attackers pose as law enforcement officials and claim the victim's phone number or bank account is involved in financial fraud.UNIT42.PALOALTONETWORKS.COM
13 JanVulnerability Affecting Smart Thermostats Patched by BoschGerman technology manufacturer Bosch has fixed a vulnerability in its popular line of smart thermostats that allowed attackers to replace the device firmware with a rogue version.THERECORD.MEDIA
13 JanAPIs are Increasingly Becoming Attractive TargetsAPIs are being used more than ever by businesses to build and provide better sites, apps, and services to consumers. However, if APIs are not managed or secured properly, they can be exploited by hackers to steal sensitive information.HELPNETSECURITY.COM
13 JanMedusa Ransomware Gang Targets Nonprofit Providing Clean Water to World’s PoorestWater for People, a nonprofit focused on improving access to clean water, has been targeted by the Medusa ransomware group, highlighting the vulnerability of even non-profit organizations to cyberattacks.THERECORD.MEDIA
13 JanFertility Test Lab Will Pay $1.25M to Settle Breach LawsuitThe settlement includes reimbursement for out-of-pocket losses, credit monitoring, identity theft insurance, and a cash settlement payment for affected individuals, with an additional payment for California residents.BANKINFOSECURITY.COM
13 Jan29-Year-Old Ukrainian Cryptojacking Kingpin Arrested for Exploiting Cloud ServicesA 29-year-old Ukrainian national has been arrested in connection with running a “sophisticated cryptojacking scheme,” netting them over $2 million (€1.8 million) in illicit profits. The person was apprehended in Mykolaiv, Ukraine, on January 9 by the National Police of Ukraine wi…THEHACKERNEWS.COM
📢 SECURITY ADVISORIES 1[−]
13 JanSaudi Foreign Affairs Ministry Allegedly Hit by Major Data Breach, Impacting Over 1.4 Million EmployeesThe Ministry of Foreign Affairs for Saudi Arabia reportedly experienced a major data breach, exposing the personal information of over 1.4 million employees, including names, contact details, and job titles.THECYBEREXPRESS.COM
🔥 INCIDENT REPORTING 5[−]
13 JanUpdate: Ransomware Attack on US Navy Shipbuilder Leaked Information of Nearly 17,000 PeopleNearly 17,000 people had their personal information exposed in a ransomware attack on Fincantieri Marine Group. The attack, which occurred in April 2023, caused production issues and disrupted the company's computer systems.THERECORD.MEDIA
13 JanVolt Typhoon Ramps Up Malicious Activity Against Critical InfrastructureVolt Typhoon is using compromised routers as a command-and-control network and deploying a new web shell called "fy.sh" on targeted Cisco routers, indicating a highly active and sophisticated operation.DARKREADING.COM
13 JanReport: Elevated Ransomware Activity Hit Nearly 5,200 Organizations in 2023The most active ransomware groups in 2023 included AlphV, BianLian, Clop, LockBit 3.0, and Play, with AlphV being the most prolific and receiving substantial ransom payments.CYBERSECURITYDIVE.COM
13 JanBritish Cosmetics Firm Lush Confirms CyberattackLush has taken immediate steps to secure and screen all systems in order to contain the incident and limit its impact on their operations, while also informing relevant authorities about the incident.THERECORD.MEDIA
13 JanHacker spins up 1 million virtual servers to illegally mine cryptoA 29-year-old man in Ukraine was arrested this week for using hacked accounts to create 1 million virtual servers used to mine $2 million in cryptocurrency. [...]BLEEPINGCOMPUTER.COM
🕵️ THREAT INTELLIGENCE 2[−]
13 JanAttack of the week: Airdrop tracing – A Few Thoughts on Cryptographic Engineeringsubmitted by Blaze to securitynews 1 points | 0 comments https://blog.cryptographyengineering.com/2024/01/11/attack-of-the-week-airdrop-tracing/CRYPTOGRAPHYENGINEERING.COM
13 JanMost Important Web Server Penetration Testing ChecklistWeb server pentesting is performed under 3 significant categories: Identity, Analyse, and Report Vulnerabilities such as authentication weakness, configuration errors, and protocol Relation vulnerabilities. 1. “Conduct a series of methodical and Repeatable tests ” is …GBHACKERS.COM
📡 INFOSEC NEWS 1[−]
13 JanPurple Teaming and the Role of Threat CategorizationPurple team assessments, where red and blue teams collaborate, can provide a more comprehensive approach to security assessments, but they need to evolve to account for the multitude of attack technique variants.HELPNETSECURITY.COM