matlock.ca // THREAT INTELLIGENCE

96Articles

8Categories

2024-01-16Date

🚨

CISA and FBI Release Known IOCs Associated with Androxgh0st MalwareToday, CISA and the Federal Bureau of Investigation (FBI) released a joint Cybersecurity Advisory (CSA), Known Indicators of Compromise Associated with Androxgh0st Malware , to disseminate known indicators of compromise (IOCs) and tactics, techniques, and procedures (TTPs) associ…

KEVCISA.GOV — Tue, 16 Jan 24 1

🚨

CISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2018-15133 Laravel Deserialization of Untrusted Data Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber ac…

KEVCISA.GOV — Tue, 16 Jan 24 1

🐛

Patched Windows SmartScreen bug actively exploited in Phemedrone infections

KEVCSOONLINE.COM — 16 Jan 2024

🐛

Scans for Ivanti Connect "Secure" VPN Vulnerability (CVE-2023-46805, CVE-2024-21887), (Tue, Jan 16th)

ISC.SANS.EDU — 16 Jan 2024

🐛

Hackers begin mass exploiting Ivanti VPN zero-day flaws

TECHCRUNCH.COM — 16 Jan 2024

🐛

Google Warns of Chrome Browser Zero-Day Being Exploited

SECURITYWEEK.COM — 16 Jan 2024

🐛

VMware patches critical access control vulnerability in Aria Automation

CSOONLINE.COM — 16 Jan 2024

⚠️

Hackers Weaponize Windows Flaw to Deploy Crypto-Siphoning Phemedrone Stealer

THEHACKERNEWS.COM — 16 Jan 2024

⚠️

Ivanti Connect Secure VPN Exploitation Goes Global

VOLEXITY.COM — 16 Jan 2024

⚠️

Researchers Uncover Major Surge in Global Botnet Activity

INFOSECURITY-MAGAZINE.COM — 16 Jan 2024

⚠️

The OWASP AI Exchange: an open-source cybersecurity guide to AI components

CSOONLINE.COM — 16 Jan 2024

⚠️

Over 178K SonicWall Firewalls Vulnerable to DoS, Potential RCE Attacks

BLEEPINGCOMPUTER.COM — 16 Jan 2024

⚠️

Government, Military Targeted as Widespread Exploitation of Ivanti Zero-Days Begins

SECURITYWEEK.COM — 16 Jan 2024

⚠️

ShmooCon to take its final bow in 2025

CSOONLINE.COM — 16 Jan 2024

⚠️

PixieFail: Nine vulnerabilities in Tianocore's EDK II IPv6 network stack.

QUARKSLAB.COM — 2024-01-16

⚠️

Remote Code Execution Vuln Found In Opera File Sharing Feature

PACKETSTORMSECURITY.COM — 16 Jan 2024

⚠️

VMware Urges Customers To Patch Critical Aria Automation Vulnerability

PACKETSTORMSECURITY.COM — 16 Jan 2024

⚠️

CISA: Critical SharePoint Bug Actively Exploited

KEVPACKETSTORMSECURITY.COM — 16 Jan 2024

⚠️

DOD Unveils First-Ever National Defense Industrial Strategy

BANKINFOSECURITY.COM — 16 Jan 2024

⚠️

Remotely Exploitable ‘PixieFail’ Flaws Found in Tianocore EDK II PXE Implementation

SECURITYWEEK.COM — 16 Jan 2024

⚠️

Remote Code Execution Vulnerability Found in Opera File Sharing Feature

SECURITYWEEK.COM — 16 Jan 2024

⚠️

180k Internet-Exposed SonicWall Firewalls Vulnerable to DoS Attacks, Possibly RCE

SECURITYWEEK.COM — 16 Jan 2024

⚠️

VMware Urges Customers to Patch Critical Aria Automation Vulnerability

SECURITYWEEK.COM — 16 Jan 2024

⚠️

Update: Cloud Vendor Returns Stolen Hospital Data

BANKINFOSECURITY.COM — 16 Jan 2024

⚠️

Three Ways to Combat Rising OAuth SAAS Attacks

HELPNETSECURITY.COM — 16 Jan 2024

⚠️

Alert: Over 178,000 SonicWall Firewalls Potentially Vulnerable to Exploits - Act Now

THEHACKERNEWS.COM — 16 Jan 2024

⚠️

Atlassian warns of critical RCE flaw in older Confluence versions

BLEEPINGCOMPUTER.COM — 16 Jan 2024

⚠️

The Dual Role AI Plays in Cybersecurity: How to Stay Ahead

BLEEPINGCOMPUTER.COM — 16 Jan 2024

⚠️

Vulnerabilities Expose PAX Payment Terminals to Hacking

SECURITYWEEK.COM — 16 Jan 2024

⚠️

CISA Releases Two Industrial Control Systems Advisories

CISA.GOV — Tue, 16 Jan 24 1

⚠️

PixieFail flaws impact PXE network boot in enterprise systems

BLEEPINGCOMPUTER.COM — 16 Jan 2024

⚠️

Google fixes first actively exploited Chrome zero-day of 2024

KEVBLEEPINGCOMPUTER.COM — 16 Jan 2024

⚠️

Citrix warns of new Netscaler zero-days exploited in attacks

KEVBLEEPINGCOMPUTER.COM — 16 Jan 2024

⚠️

GitHub rotates keys to mitigate impact of credential-exposing flaw

BLEEPINGCOMPUTER.COM — 16 Jan 2024

📢

Case Study: The Cookie Privacy Monster in Big Global Retail

THEHACKERNEWS.COM — 16 Jan 2024

📢

You want the CISO Title & Pay? Responsibility Comes Also! - Malcolm Harkins - CSP #157

YOUTUBE.COM — 2024-01-16

📢

FBI: Androxgh0st malware botnet steals AWS, Microsoft credentials

BLEEPINGCOMPUTER.COM — 16 Jan 2024

📢

Citrix security advisory (AV24-030)

CYBER.GC.CA — 2024-01-16

📢

VMWare security advisory (AV24-031)

CYBER.GC.CA — 2024-01-16

📢

Google Chrome security advisory (AV24-034)

CYBER.GC.CA — 2024-01-16

📢

[Control systems] Integration Objects security advisory (AV24-033)

CYBER.GC.CA — 2024-01-16

📢

[Control systems] SEW-EURODRIVE security advisory (AV24-032)

CYBER.GC.CA — 2024-01-16

📢

White House Says Agencies On Track to Meet January AI Goals

DATABREACHTODAY.CO.UK — 2024-01-16

📢

Atlassian security advisory (AV24-035)

CYBER.GC.CA — 2024-01-16

📢

SBOMs & Supply Chains- BTS #22

YOUTUBE.COM — 2024-01-16

🔥

Tura Scandinavia AB Encounters Another Cyberattack Following Intrusion in December

THECYBEREXPRESS.COM — 16 Jan 2024

🔥

Mastermind Hacker Behind $2 Million Crypto Scam Arrested

GBHACKERS.COM — 16 Jan 2024

🔥

Update: Mississippi Health System Ransomware Attack Affects 253,000

BANKINFOSECURITY.COM — 16 Jan 2024

🔥

Hackers Abuse GitHub to Host Malicious Infrastructure

GBHACKERS.COM — 16 Jan 2024

🔥

LockBit Ransomware Adds Two New Victims to Dark Web Portal

THECYBEREXPRESS.COM — 16 Jan 2024

🔥

Threat Actor Puts GEICO Database for Sale on the Dark Web

THECYBEREXPRESS.COM — 16 Jan 2024

🔥

Career fair helps tackle UK cyber security recruitment shortfall

CSOONLINE.COM — 16 Jan 2024

🔥

Anonymous Sudan Claims London Internet Exchange Attack Over Yemen Strikes

HACKREAD.COM — 16 Jan 2024

🔥

Atari 400, Gitlab, Sonicwall, Juniper, Stats, Ivanti, Sharepoint, Jason Wood and More – SWN #354

YOUTUBE.COM — 2024-01-16

🔥

Majorca city Calvià extorted for $11M in ransomware attack

BLEEPINGCOMPUTER.COM — 16 Jan 2024

🔥

Atari 400, Gitlab, Sonicwall, Juniper, Stats, Ivanti, Sharepoint, Jason Wood and More - SWN #354

YOUTUBE.COM — 2024-01-16

🕵️

ISC Stormcast For Tuesday, January 16th, 2024 https://isc.sans.edu/podcastdetail/8810, (Tue, Jan 16th)

ISC.SANS.EDU — 16 Jan 2024

🕵️

The Story of the Mirai Botnet

SCHNEIER.COM — 2024-01-16

🕵️

Hacker Conversations: HD Moore and the Line Between Black and White

SECURITYWEEK.COM — 16 Jan 2024

🕵️

BSidesDFW 2023

INFOSEC.PUB — 16 Jan 2024

🕵️

Webinar | Reactive to Proactive: Elevating OT Cybersecurity with Threat Intelligence

DATABREACHTODAY.CO.UK — 2024-01-16

🕵️

CyberheistNews Vol 14 #03 Red Flags for Phishing: Verizon Outlines Latest Scams to Watch Out For

KNOWBE4.COM — 16 Jan 2024

🕵️

The CISO’s guide to accelerating quantum-safe readiness

SECURITYINTELLIGENCE.COM — 16 Jan 2024

🕵️

Ho, Ho, Hoooold on a Minute: A New Year Resolution That IoT Isn’t a Gift That Keeps on Taking

SECURITYWEEK.COM — 16 Jan 2024

🕵️

Partnering with Government to Strengthen Cyber Resilience in Poland

PALOALTONETWORKS.COM — 16 Jan 2024

🕵️

YOUTUBE.COM — 2024-01-16

🕵️

Crypto-Seeking Drainer Scam-as-a-Service Operations Thrive

DATABREACHTODAY.CO.UK — 2024-01-16

🕵️

Beyond Hacktivism: Akamai CTO on Shifting Threat Landscape

DATABREACHTODAY.CO.UK — 2024-01-16

🕵️

Communicating Technical Topics Without Being Boring - Eve Maler - ASW #269

YOUTUBE.COM — 2024-01-16

🕵️

Malicious APKs Drain Bank Accounts

KNOWBE4.COM — 16 Jan 2024

🕵️

Cryptocurrency Drainer Distributed Through Phishing

KNOWBE4.COM — 16 Jan 2024

🕵️

LinkedIn is Being Used for *Dating* – It’s a Recipe for Disaster

KNOWBE4.COM — 16 Jan 2024

🕵️

Money Launderers, Fraudsters Flocking to Tether: UN Report

DATABREACHTODAY.CO.UK — 2024-01-16

🕵️

NC Health System Agrees to Pay $6.6M in Web Tracking Case

DATABREACHTODAY.CO.UK — 2024-01-16

🕵️

PixieFail: Nine vulnerabilities in Tianocore's EDK II IPv6 network stack

QUARKSLAB.COM — 16 Jan 2024

🕵️

Mimecast Appoints Marc van Zadelhoff as New CEO

DATABREACHTODAY.CO.UK — 2024-01-16

🕵️

UK Privacy Watchdog Probes GenAI Privacy Concerns

DATABREACHTODAY.CO.UK — 2024-01-16

🕵️

Unified security operations with Microsoft Sentinel and Microsoft Defender XDR

MICROSOFT.COM — 16 Jan 2024

🕵️

K-12 Cybersecurity | News - PSW813

YOUTUBE.COM — 2024-01-16

🕵️

Creating Trust in Biometric Authentication for Identity Verification | News - ESW346

YOUTUBE.COM — 2024-01-16

🕵️

YOUTUBE.COM — 2024-01-16

🕵️

Say Easy, Do Hard, Hiring a CISO, Part 2 - BSW #335

YOUTUBE.COM — 2024-01-16

🌐

Inferno Malware Masqueraded as Coinbase, Drained $87 Million from 137,000 Victims

THEHACKERNEWS.COM — 16 Jan 2024

🌐

Tsurugi Linux Tailors User Experience for Digital Forensics and OSINT Investigations

HELPNETSECURITY.COM — 16 Jan 2024

🌐

Remcos RAT Spreading Through Adult Games in New Attack Wave

THEHACKERNEWS.COM — 16 Jan 2024

🌐

Inferno Malware Masqueraded as Coinbase, Drained $87 Million from 137,000 Victims

THEHACKERNEWS.COM — 16 Jan 2024

🌐

US Court Docs Expose Fake Antivirus Renewal Phishing Tactics

BLEEPINGCOMPUTER.COM — 16 Jan 2024

📡

Growing Pains at the Bureau of Cyberspace and Digital Policy, Report Finds

CYBERSCOOP.COM — 16 Jan 2024

📡

Can TVs, smartphones, and smart assistants eavesdrop on your conversations? | Kaspersky official blog

KASPERSKY.COM — 16 Jan 2024

📡

White House Looks to Eliminate College Degree Requirements for Cyber Jobs With Federal Contractors

NEXTGOV.COM — 16 Jan 2024

📡

Hacker Conversations: HD Moore And The Line Between Black And White

PACKETSTORMSECURITY.COM — 16 Jan 2024

📡

Flipping the BEC Funnel: Phishing in the Age of GenAI

HELPNETSECURITY.COM — 16 Jan 2024

📡

Snyk acquires Helios to bolster its AppSec platform

TECHCRUNCH.COM — 16 Jan 2024

📡

How to protect your organization from malicious macros (ITSAP.00.200)

CYBER.GC.CA — 2024-01-16

📡

MacOS info-stealers quickly evolve to evade XProtect detection

BLEEPINGCOMPUTER.COM — 16 Jan 2024

📡

The 7 deadly cloud security sins and how SMBs can do things better

WELIVESECURITY.COM — 16 Jan 2024