🚨 CISA KEV 1[−]
15 Jan KEVCISA: Critical SharePoint vuln is under active exploitationsubmitted by c0mmando to netsec 1 points | 0 comments https://www.theregister.com/2024/01/12/microsoft_sharepoint_vuln_exploit/ Security experts claim ransomware criminals have got their hands on a functional exploit for a nearly year-old critical Microsoft SharePoint vulnerabili…THEREGISTER.COM
🐛 COMMON VULNERABILITIES AND EXPOSURES 4[−]
15 JanIvanti zero-day victim count grows as Mandiant weighs insubmitted by c0mmando to netsec 1 points | 0 comments https://www.theregister.com/2024/01/13/ivanti_zeroday_mandiant_analysis/ Two zero-day bugs in Ivanti products were likely under attack by cyberspies as early as December, according to Mandiant’s threat intel team. The software…THEREGISTER.COM
15 JanWindows SmartScreen flaw exploited to drop Phemedrone malwareA Phemedrone information-stealing malware campaign exploits a Microsoft Defender SmartScreen vulnerability (CVE-2023-36025) to bypass Windows security prompts when opening URL files. [...]BLEEPINGCOMPUTER.COM
15 JanMicrosoft working on a fix for Windows 10 0x80070643 errorsMicrosoft is working to fix a known issue causing 0x80070643 errors when installing the KB5034441 security update that patches the CVE-2024-20666 BitLocker vulnerability. [...]BLEEPINGCOMPUTER.COM
⚠️ VULNERABILITY DISCLOSURE 24[−]
15 JanCritical RCE Vulnerability Uncovered in Juniper SRX Firewalls and EX SwitchesThe vulnerability, rated 9.8 on the CVSS scoring system, could allow an unauthenticated attacker to cause a Denial-of-Service (DoS) or execute remote code with root privileges.THEHACKERNEWS.COM
15 JanApple Fixed a Bug in Magic Keyboard That Allows to Monitor Bluetooth TrafficApple has released a firmware update for its Magic Keyboard to address a recently discovered vulnerability that allows an attacker with physical access to the keyboard to extract its Bluetooth pairing key and spy on Bluetooth traffic.SECURITYAFFAIRS.COM
15 JanHigh-Severity Flaws Uncovered in Bosch Thermostats and Smart NutrunnersMultiple security vulnerabilities have been disclosed in Bosch BCC100 thermostats and Rexroth NXA015S-36V-B smart nutrunners that, if successfully exploited, could allow attackers to execute arbitrary code on affected systems. Romanian cybersecurity firm Bitdefender, which d…THEHACKERNEWS.COM
15 JanBalada Injector Infects Over 7,100 WordPress Sites Using Plugin VulnerabilityThousands of WordPress sites using a vulnerable version of the Popup Builder plugin have been compromised with a malware called Balada Injector. First documented by Doctor Web in January 2023, the campaign takes place in a series of periodic attack waves, weaponizi…THEHACKERNEWS.COM
15 JanJuniper Networks Patches Critical Remote Code Execution Flaw in Firewalls, SwitchesJuniper Networks patches over 100 vulnerabilities, including a critical flaw that can be exploited for remote code execution against firewalls and switches. The post Juniper Networks Patches Critical Remote Code Execution Flaw in Firewalls, Switches appeared first on SecurityWeek…SECURITYWEEK.COM
15 JanGitLab Patches Critical Password Reset VulnerabilityGitLab has resolved a critical authentication vulnerability allowing attackers to hijack password reset emails. The post GitLab Patches Critical Password Reset Vulnerability appeared first on SecurityWeek .SECURITYWEEK.COM
15 JanChina Warns of Apple AirDrop De-Anonymization FlawThe Beijing Wangshendongjian Judicial Appraisal Institute Institute's claim that AirDrop's anonymization techniques can be easily circumvented raises concerns about the vulnerability of user identities and the potential for surveillance.THEREGISTER.COM
15 JanInformation Stealer Exploits Windows SmartScreen BypassAttackers exploit a recent Windows SmartScreen bypass vulnerability to deploy the Phemedrone information stealer. The post Information Stealer Exploits Windows SmartScreen Bypass appeared first on SecurityWeek .SECURITYWEEK.COM
15 JanNumber Of Orgs Compromised Via Ivanti VPN Zero Days Grows As Mandiant Weighs InPACKETSTORMSECURITY.COM
15 JanJuniper Networks Patches Critical Remote Code Execution Flaw In Firewalls, SwitchesPACKETSTORMSECURITY.COM
15 JanHow did my domain password get into Windows Credential Storage?submitted by Mikina to cybersecurity 8 points | 0 comments Hello! I’ve recently stumbled upon an amazing blog about getting credentials from Bitwarden vault through DPAPI and Windows Credential Storage, and what suprised me is that any low-privileged process can just ask for all …SH.ITJUST.WORKS
15 JanOpera MyFlaw Bug Could Let Hackers Run ANY File on Your Mac or WindowsCybersecurity researchers have disclosed a security flaw in the Opera web browser for Microsoft Windows and Apple macOS that could be exploited to execute any file on the underlying operating system. The remote code execution vulnerability has been codenamed MyFlaw by the Guardio…THEHACKERNEWS.COM
15 JanOpera MyFlaw Bug Could Let Hackers Run Any File on Your Mac or WindowsThe vulnerability was addressed through updates on November 22, 2023, after responsible disclosure, and was related to a long-forgotten version of the My Flow landing page.THEHACKERNEWS.COM
15 JanMobile security vulnerabilities threaten millions in Latin Americasubmitted by c0mmando to netsec 1 points | 0 comments https://citizenlab.ca/2024/01/millions-in-latin-america-at-mobile-security-risk/ In a new study, Citizen Lab sheds light on the massive security threats facing Latin Americans. Citizen Lab and Open Technology Fund (OTF) fellow…CITIZENLAB.CA
15 JanFrench hacker from ‘ShinyHunters’ group sentenced to three years in US prisonsubmitted by c0mmando to netsec 1 points | 0 comments https://therecord.media/french-hacker-sebastien-raoult-shinyhunters-sentenced A 22-year-old Frenchman was sentenced on Tuesday to three years in U.S. federal prison for his participation in the ShinyHunters hacking group. Seba…THERECORD.MEDIA
15 JanBusted: Cryptojacking; UndeadApes NFT Rug Pull SuspectsUkraine Nabs Suspected Cryptojacker; US Air Force Cyber Analyst Accused of Rug Pull Cryptocurrency schemes continue to generate alleged returns for criminals, as two separate cases highlight. One centers on a Ukrainian accused of earning $2 million via cryptojacking, while anothe…DATABREACHTODAY.CO.UK
15 JanOver 178,000 SonicWall firewalls vulnerable to RCE, DoS attacksSecurity researchers have found over 178,000 SonicWall next-generation firewalls (NGFW) with the management interface exposed online are vulnerable to denial-of-service (DoS) and remote code execution (RCE) attacks. [...]BLEEPINGCOMPUTER.COM
15 JanOver 178K SonicWall firewalls vulnerable to DoS, potential RCE attacksSecurity researchers have found over 178,000 SonicWall next-generation firewalls (NGFW) with the management interface exposed online are vulnerable to denial-of-service (DoS) and potential remote code execution (RCE) attacks. [...]BLEEPINGCOMPUTER.COM
15 JanExclusive: Cloud Vendor Returns Stolen Hospital DataAlliance Had Sued LockBit Gang to Force Cloud Firm to Release Affected Patient Data A cloud services firm has turned over to a New York hospital alliance the patient data stolen in a ransomware attack by LockBit. The hospital group had filed a lawsuit against LockBit as a legal m…DATABREACHTODAY.CO.UK
15 JanResearchers Spot Critical Security Flaw in Bosch ThermostatsBitdefender Finds Vulnerability in Popular IoT Device Thermostats sold across the globe by German multinational engineering company Bosch contained a flaw allowing hackers to cut power to the heating system and override the firmware, warn researchers from cybersecurity firm Bitde…DATABREACHTODAY.CO.UK
15 JanDOD Unveils First-Ever National Defense Industrial StrategyPentagon Warns Failure to Modernize Defense Industrial Base Will Hinder US Globally The Department of Defense released a 60-page strategy that aims to modernize the defense industrial ecosystem and focuses on four long-term strategic priorities: improving supply chain resilience,…DATABREACHTODAY.CO.UK
15 JanIvanti Connect Secure zero-days now under mass exploitationTwo zero-day vulnerabilities affecting Ivanti's Connect Secure VPN and Policy Secure network access control (NAC) appliances are now under mass exploitation. [...]BLEEPINGCOMPUTER.COM
📢 SECURITY ADVISORIES 8[−]
15 JanUS CISA Must Improve Water Sector Assistance, Says WatchdogFunding shortfalls and aging IT infrastructure contribute to poor cybersecurity in the water and wastewater sector, which is operated mainly by municipal and county governments.BANKINFOSECURITY.COM
15 JanSay Easy, Do Hard, Hiring a CISO, Part 1 - BSW #334Inspired by my co-host, Jason Albuquerque, we get our hands dirty and discuss the challenges of hiring a CISO. How will the new SEC regulations impact the role for both organizations and individuals? In part 1, we discuss the challenges of hiring a CISO from the organization's pe…YOUTUBE.COM
15 JanCISA Urges Critical Infrastructure to Patch Urgent ICS VulnerabilitiesThe CISA's ICS advisories highlight high and critical severity vulnerabilities in products from companies like Rapid Software, Horner Automation, Schneider Electric, and Siemens.INFOSECURITY-MAGAZINE.COM
15 JanMicrosoft to Keep All European Cloud Customers’ Personal Data Within EUMicrosoft has announced that it will store all customer data in the European Union (EU) rather than transferring it abroad. This move is aimed at complying with varying privacy regulations across jurisdictions.THERECORD.MEDIA
15 JanHelloFresh Fined $178K After Sending 80 Million Spam MessagesThe Information Commissioner's Office found that HelloFresh breached regulations by not informing customers about the extent of their data usage for marketing purposes and continuing to send unwanted messages even after customers requested to stop.INFOSECURITY-MAGAZINE.COM
🔥 INCIDENT REPORTING 10[−]
15 JanDISARM (Disinformation) Frameworksubmitted by c0mmando to netsec 1 points | 0 comments https://github.com/DISARMFoundation/DISARMframeworks/ cross-posted from: links.hackliberty.org/post/790988 DISARM is a framework designed for describing and understanding disinformation incidents. DISARM is part of work on ada…GITHUB.COM
15 JanDDoS Attacks on the Environmental Services Industry Surge by 61,839% in 2023The environmental services industry witnessed an “unprecedented surge” in HTTP-based distributed denial-of-service (DDoS) attacks, accounting for half of all its HTTP traffic. This marks a 61,839% increase in DDoS attack traffic year-over-year, web infrastructure and security com…THEHACKERNEWS.COM
15 JanVast Voter Data Leaks Cast Shadow Over Indonesia ’s 2024 Presidential ElectionMultiple breaches have resulted in the leak of millions of voter records, including personally identifiable information, which could be used for targeted information warfare campaigns during the election and beyond.SECURITYAFFAIRS.COM
15 JanHacker Spins up One Million Virtual Servers to Illegally Mine CryptoA 29-year-old man in Ukraine was arrested for using hacked accounts to create 1 million virtual servers and mine $2 million in cryptocurrency, highlighting the growing threat of cryptojacking.BLEEPINGCOMPUTER.COM
15 JanHuman Error and Insiders Expose Millions in UK Law Firm Data BreachesInsider actions and human error account for the majority of data breaches in UK law firms, emphasizing the need for robust cybersecurity measures to protect sensitive information.INFOSECURITY-MAGAZINE.COM
15 Jan3 Ransomware Group Newcomers to Watch in 2024The ransomware industry surged in 2023 as it saw an alarming 55.5% increase in victims worldwide, reaching a staggering 4,368 cases. Figure 1: Year over year victims per quarter The rollercoaster ride from explosive growth in 2021 to a momentary dip in 2022 was just a tease…THEHACKERNEWS.COM
15 JanUpdate: British Library Catalogue Back Online After Ransomware AttackThe recovery process is ongoing and will involve a full technical rebuild, with the Library working closely with the UK government to ensure a secure and financially sustainable recovery.INFOSECURITY-MAGAZINE.COM
15 JanAnonymous Collective Launches Cyberattack on Bahrain Over Yemen AirstrikesThe Anonymous Collective has launched a cyberattack on Bahrain in retaliation for its support of US and UK airstrikes on Yemen. Several Bahraini media outlets, including Akhbar al-Khaleej and Gulf Daily News, have been affected by the cyberattack.THECYBEREXPRESS.COM
15 JanNoName Targets Websites of Financial Services, Transportation, and Telecom Firms in LithuaniaSeveral prominent organizations in Lithuania, including Compensa Vienna Insurance Group, If Insurance, Lithuanian Roads Association, AD REM, INIT, and Balticum, have been targeted by the NoName ransomware group.THECYBEREXPRESS.COM
15 JanMississippi Health System Ransomware Attack Affects 253,000Report to State Regulators Indicates Big Jump in Number of Patients Affected A Mississippi health system is notifying nearly 253,000 individuals that their data was potentially compromised in a "malicious and sophisticated ransomware" attack last August that also took IT systems …DATABREACHTODAY.CO.UK
🕵️ THREAT INTELLIGENCE 11[−]
15 JanCloud Server Abuse Leads to Huge Spike in Botnet ScanningNetscout sees over one million IPs conducting reconnaissance scanning on the web due to increase in use of cheap or free cloud servers. The post Cloud Server Abuse Leads to Huge Spike in Botnet Scanning appeared first on SecurityWeek .SECURITYWEEK.COM
15 JanVoice Cloning with Very Short SamplesNew research demonstrates voice cloning, in multiple languages, using samples ranging from one to twelve seconds. Research paper .SCHNEIER.COM
15 JanMentorship Monday - Discussions for career and learning!submitted by shellsharks to cybersecurity 3 points | 0 comments Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? …INFOSEC.PUB
15 JanWomen CyberSecurity Society Targeted by Smishing CampaignThe Canada-based Women CyberSecurity Society (WCS2) has warned that its leadership, members, and volunteers are being targeted by an SMS phishing (smishing) campaign, IT World Canada reports.KNOWBE4.COM
15 JanThree-Quarters of Organizations Have Experienced Phishing Attack in the Last 12 MonthsRegardless of whether your environment remains on-premise, resides in the cloud, or is a hybrid configuration, new data makes it clear that your biggest risk is phishing attacks.KNOWBE4.COM
15 JanBSides Berlin 2023 - 10 talkssubmitted by ashar to security_cpe 1 points | 0 comments https://infosec.pub/pictrs/image/07dd7805-102e-44dc-9ebd-e7ff83f6efd1.png BSides Berlin 2023 schedule BSides Berlin 2023 playlistINFOSEC.PUB
15 JanAnalysis of Phishing Emails Shows High Likelihood They Were Written By AIIt’s no longer theoretical; phishing attacks and email scams are leveraging AI-generated content based on testing with anti-AI content solutions.KNOWBE4.COM
15 JanHacker Behind $2 Million Cryptocurrency Mining Scheme Arrested in UkraineUkrainian authorities have arrested an individual allegedly involved in a $2 million cryptojacking operation. The post Hacker Behind $2 Million Cryptocurrency Mining Scheme Arrested in Ukraine appeared first on SecurityWeek .SECURITYWEEK.COM
15 JanWeekly Update 382Presently sponsored by: Kolide ensures that if a device isn't secure, it can't access your apps. It's Device Trust for Okta. Watch the demo today! Geez it's nice to be back in Oslo! This city has such a special place in my heart for so many reasons, not least of which by vir…TROYHUNT.COM
15 JanGenerative AI Concerns Grow in Record Election YearDavos Forum Highlights Worries About AI-Enabled Misinformation Artificial intelligence-enabled voter misinformation campaigns and voter database hacking are some of the largest threats to election security in a year when more than half of the world's populace will take to the bal…DATABREACHTODAY.CO.UK
15 JanUS court docs expose fake antivirus renewal phishing tacticsIn a seizure warrant application, the U.S. Secret Service sheds light on how threat actors stole $34,000 using fake antivirus renewal subscription emails. [...]BLEEPINGCOMPUTER.COM
🌐 CYBER THREAT LANDSCAPE 3[−]
15 JanData Insights on AgentTesla and OriginLogger VictimsAgentTesla, also known as OriginLogger, is a prevalent commodity malware that steals sensitive information from Windows systems. It is commonly distributed via email attachments and has been a persistent threat since 2014.BITSIGHT.COM
15 JanAzorult Malware Comes to the Fore in New Dark Web CampaignThe Azorult malware, known for stealing sensitive data, has resurfaced with a sophisticated approach. It is distributed through malicious PDF files that contain a shortcut file.THECYBEREXPRESS.COM
15 JanCritical flaw found in WordPress plugin used on over 300,000 websitesA WordPress plugin used on over 300,000 websites has been found to contain vulnerabilities that could allow hackers to seize control. Security researchers at Wordfence found two critical flaws in the POST SMTP Mailer plugin. Read more in my article on the Tripwire State of Securi…TRIPWIRE.COM
🎙️ PODCASTS 1[−]
15 JanCyber Security Today, Jan. 15, 2024 - Three warnings to application developersThis episode covers reports with warnings to application developers from Recorded Future and Gitlab; how an accounting company was victimized by a phishing message, and moreCYBERSECURITYTODAY.LIBSYN.COM
📡 INFOSEC NEWS 13[−]
15 JanCloud Security Predictions for 2024Businesses and cybersecurity professionals must prioritize understanding the intricacies of identity and access management (IAM) in a cloud-dominated era to ensure a robust security posture.HELPNETSECURITY.COM
15 JanFCC Presses Carmakers, Wireless Providers to Protect Domestic Abuse Survivors From Stalking ToolsThe FCC is requesting detailed information from auto manufacturers and wireless providers on how they support survivors, handle geolocation data, and comply with the Safe Connections Act.THERECORD.MEDIA
15 JanAustralian Travel Agency Data Leak Puts Thousands of Tourists at RiskThe exposed data includes high-resolution passport images, travel visa certificates, and itinerary or ticket files, putting the affected individuals at risk of identity theft and fraud.HACKREAD.COM
15 JanAmazon Appeals Privacy Fine of $817 MillionAmazon is challenging a significant privacy fine imposed by the Luxembourg data protection authority, accusing them of attacking the company based on unfounded allegations.BANKINFOSECURITY.COM
15 JanChina Loathes Airdrop So Much It's Publicized An Old Flaw In Apple's P2P ProtocolPACKETSTORMSECURITY.COM
15 JanReport: DDoS Attacks on the Environmental Services Industry Surge by 61,839% in 2023The environmental services industry experienced an alarming surge in HTTP-based DDoS attacks during COP 28, highlighting the increasing intersection between environmental issues and cyber security.THEHACKERNEWS.COM
15 JanSpot Technologies, now with $2M, will see AI security tech go into Mexico WalmartsSpot’s flagship product, VisionX, taps into deep learning and computer vision technologies to analyze consumer and theft behaviors. © 2023 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
15 JanLatest Adblock update causes massive YouTube performance hitAdblock and Adblock Plus users report performance issues on YouTube, initially blamed on Google but later determined to be an issue in the popular ad-blocking extension. [...]BLEEPINGCOMPUTER.COM
15 JanHeartless scammers prey on hundreds of lost pet owners, demanding ransoms or else…Hundreds of pet owners across the UK have reported that they have received blackmail threats from scammers who claim to have found their lost pooches and missing moggies. Read more in my article on the Hot for Security blog.BITDEFENDER.COM
15 JanCloud SSO implementations, and how to reduce attack risksSingle sign-on is supposed to enhance corporate security, but it’s essential that cloud vendors have the information security team's back.KASPERSKY.COM
15 JanWindows Copilot autostart tests limited to 27" displays or largerMicrosoft says that tests of a controversial new Windows 11 feature that automatically opens the AI-powered Copilot assistant after Windows starts are limited to systems with 27-inch displays. [...]BLEEPINGCOMPUTER.COM