matlock.ca // THREAT INTELLIGENCE

108Articles

9Categories

2024-01-17Date

🚨

CISA Adds Three Known Exploited Vulnerabilities to CatalogCISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2023-6549 Citrix NetScaler ADC and NetScaler Gateway Buffer Overflow Vulnerability CVE-2023-6548 Citrix NetScaler ADC and NetScaler Gateway Code…

KEVCISA.GOV — Wed, 17 Jan 24 1

🐛

Zero-Day Alert: Update Chrome Now to Fix New Actively Exploited Vulnerability

KEVTHEHACKERNEWS.COM — 17 Jan 2024

🐛

Citrix, VMware, and Atlassian Hit with Critical Flaws — Patch ASAP!

KEVTHEHACKERNEWS.COM — 17 Jan 2024

🐛

Magic Keyboard vulnerability allows takeover of iOS, Android, Linux, and MacOS devices

CSOONLINE.COM — 17 Jan 2024

🐛

Windows SmartScreen Bug Abused to Deploy Phemedrone Stealer

CYWARE.COM — 17 Jan 2024

🐛

GitHub Rotates Keys After High-Severity Vulnerability Exposes Credentials

THEHACKERNEWS.COM — 17 Jan 2024

🐛

Citrix Warns NetScaler ADC Customers of New Zero-Day Exploitation

SECURITYWEEK.COM — 17 Jan 2024

🐛

VMware Fixed a Critical Flaw in Aria Automation

SECURITYAFFAIRS.COM — 17 Jan 2024

🐛

Citrix NetScaler devices face active zero-day exploitations

CSOONLINE.COM — 17 Jan 2024

🐛

Citrix Warns Admins to Immediately Patch NetScaler for Actively Exploited Zero-Days

KEVSECURITYAFFAIRS.COM — 17 Jan 2024

🐛

VMware Releases Security Advisory for Aria Operations

CISA.GOV — Wed, 17 Jan 24 1

🐛

Chromium: CVE-2024-0517 Out of bounds write in V8

MSRC.MICROSOFT.COM — 17 Jan 2024

🐛

Chromium: CVE-2024-0518 Type Confusion in V8

MSRC.MICROSOFT.COM — 17 Jan 2024

🐛

Chromium: CVE-2024-0519 Out of bounds memory access in V8

MSRC.MICROSOFT.COM — 17 Jan 2024

🐛

Over 178,000 SonicWall firewalls still vulnerable to old flaws

CSOONLINE.COM — 17 Jan 2024

⚠️

GitHub Rotates Keys After High-Severity Vulnerability Exposes Credentials

THEHACKERNEWS.COM — 17 Jan 2024

⚠️

Ivanti Spots ‘Sharp Increase’ in Targeting of VPN as Analysts Find 1,700 Devices Exploited

THERECORD.MEDIA — 17 Jan 2024

⚠️

Atlassian Fixed Critical RCE Flaw in Older Confluence Versions

SECURITYAFFAIRS.COM — 17 Jan 2024

⚠️

Badge privacy-preserving authentication tool launches with Okta integration

CSOONLINE.COM — 17 Jan 2024

⚠️

Google Issues Chrome Update to Fix Actively Exploited Zero-Day Vulnerability

KEVTHEHACKERNEWS.COM — 17 Jan 2024

⚠️

FBI warns against cloud credential-stealing Androxgh0st botnet

CSOONLINE.COM — 17 Jan 2024

⚠️

Google Chrome Browser Zero-Day Vulnerability Exploited in Wild – Emergency Patch!

KEVGBHACKERS.COM — 17 Jan 2024

⚠️

No digital transformation without cybersecurity

CSOONLINE.COM — 17 Jan 2024

⚠️

Feds Warn of AndroxGh0st Botnet Targeting AWS, Azure, and Office 365 Credentials

THEHACKERNEWS.COM — 17 Jan 2024

⚠️

Webinar: The Art of Privilege Escalation - How Hackers Become Admins

THEHACKERNEWS.COM — 17 Jan 2024

⚠️

Adalanche: Open-Source Active Directory ACL Visualizer, Explorer

HELPNETSECURITY.COM — 17 Jan 2024

⚠️

GitHub Rotates Credentials in Response to Vulnerability

SECURITYWEEK.COM — 17 Jan 2024

⚠️

Apple Actively Exploited Telegram Channel

KEVT.ME — 17 Jan 2024

⚠️

SoftwareProjects exposes substantial customer and affiliate data

CSOONLINE.COM — 17 Jan 2024

⚠️

Attacks On Ivanti 0-Days Scale To 1,700 VPNs

PACKETSTORMSECURITY.COM — 17 Jan 2024

⚠️

Google Warns Of Chrome Browser Zero Day Being Exploited

PACKETSTORMSECURITY.COM — 17 Jan 2024

⚠️

GitHub Rotates Credentials In Response To Vulnerability

PACKETSTORMSECURITY.COM — 17 Jan 2024

⚠️

Naz.API - 70,840,771 breached accounts

HAVEIBEENPWNED.COM — 17 Jan 2024

⚠️

A tougher balancing act in 2024, the year of the CISO

CSOONLINE.COM — 17 Jan 2024

⚠️

Wazuh: Building robust cybersecurity architecture with open source tools

BLEEPINGCOMPUTER.COM — 17 Jan 2024

⚠️

Atlassian Warns of Critical RCE Vulnerability in Outdated Confluence Instances

SECURITYWEEK.COM — 17 Jan 2024

⚠️

AMD, Apple, Qualcomm GPUs leak AI data in LeftoverLocals attacks

BLEEPINGCOMPUTER.COM — 17 Jan 2024

⚠️

Cyber Startup Vicarius Raises $30 Million Series B for Vulnerability Remediation Platform

CALCALISTECH.COM — 17 Jan 2024

⚠️

Detained Russian Student Allegedly Helped Ukrainian Hackers With Cyberattacks

THERECORD.MEDIA — 17 Jan 2024

⚠️

Vulnerabilities Discovered in Android-based POS Terminals From PAX Technology

STMCYBER.COM — 17 Jan 2024

⚠️

CISA pushes federal agencies to patch Citrix RCE within a week

KEVBLEEPINGCOMPUTER.COM — 17 Jan 2024

⚠️

Chrome Patches First Zero-Day of 2024 Exploited in the Wild

KEVDATABREACHTODAY.CO.UK — 2024-01-17

⚠️

Vulnerability Management Firm Vicarius Raises $30 Million

SECURITYWEEK.COM — 17 Jan 2024

⚠️

Hacking into a Toyota/Eicher Motors insurance company by exploiting their premium calculator website

EATON-WORKS.COM — 17 Jan 2024

⚠️

NetScaler, Atlassian, VMWare Disclose Critical Flaws

KEVDATABREACHTODAY.CO.UK — 2024-01-17

⚠️

A Vulnerability in Atlassian Confluence Data Center and Server Could Allow for Remote Code Execution

CISECURITY.ORG — 17 Jan 2024

📋

Cyber Security Today, Jan. 17, 2024 - Security updates issued for Atlassian, Citrix, VMware and Chrome products

CYBERSECURITYTODAY.LIBSYN.COM — 17 Jan 2024

📢

PixieFail Vulnerabilities Impact PXE Network Boot in Enterprise Systems

BLEEPINGCOMPUTER.COM — 17 Jan 2024

📢

As hacks worsen, SEC turns up the heat on CISOs

TECHCRUNCH.COM — 17 Jan 2024

📢

US Gov Issues Warning for Androxgh0st Malware Attacks

SECURITYWEEK.COM — 17 Jan 2024

📢

CISA Releases 2023 Year in Review Showcasing Efforts to Protect Critical Infrastructure

CISA.GOV — Wed, 17 Jan 24 1

📢

SonicWall security advisory (AV24-036)

CYBER.GC.CA — 2024-01-17

📢

London internet attack highlights confusing hacktivism movement

CSOONLINE.COM — 17 Jan 2024

📢

Chinese Drones Pose Threat to US Infrastructure, CISA Warns

DATABREACHTODAY.CO.UK — 2024-01-17

🔥

Number Usage in Passwords, (Wed, Jan 17th)

ISC.SANS.EDU — 17 Jan 2024

🔥

Three Ransomware Group Newcomers to Watch in 2024

THEHACKERNEWS.COM — 17 Jan 2024

🔥

Crypto Heists Surge in 2023, $16.93m Already Stolen in 2024

INFOSECURITY-MAGAZINE.COM — 17 Jan 2024

🔥

New iShutdown Method Exposes Hidden Spyware Like Pegasus on Your iPhone

THEHACKERNEWS.COM — 17 Jan 2024

🔥

Ransomware Gang Demands $11 Million After Attacking Spanish City Council in Majorca

THERECORD.MEDIA — 17 Jan 2024

🔥

Inside the Massive Naz.API Credential Stuffing List

TROYHUNT.COM — 17 Jan 2024

🔥

Progress Software’s MOVEit Meltdown: Uncovering the Fallout

CYBERSECURITYDIVE.COM — 17 Jan 2024

🔥

Did Uber's Delivery Service Drizly Die Due to Data Breach?

DATABREACHTODAY.CO.UK — 2024-01-17

🔥

iShutdown scripts can help detect iOS spyware on your iPhone

BLEEPINGCOMPUTER.COM — 17 Jan 2024

🔥

Swiss Govt Websites Hit by Pro-Russia Hackers After Zelensky Visit

SECURITYWEEK.COM — 17 Jan 2024

🔥

How a Novel Legal Maneuver Got a Hospital's Stolen Data Back

DATABREACHTODAY.CO.UK — 2024-01-17

🔥

Have I Been Pwned adds 71 million emails from Naz.API stolen account list

BLEEPINGCOMPUTER.COM — 17 Jan 2024

🔥

New Microsoft Incident Response guides help security teams analyze suspicious activity

MICROSOFT.COM — 17 Jan 2024

🕵️

Current account recovery best practices?

INFOSEC.PUB — 17 Jan 2024

🕵️

ISC Stormcast For Wednesday, January 17th, 2024 https://isc.sans.edu/podcastdetail/8812, (Wed, Jan 17th)

ISC.SANS.EDU — 17 Jan 2024

🕵️

PentestGPT – A ChatGPT Powered Automated Penetration Testing Tool

GBHACKERS.COM — 17 Jan 2024

🕵️

Remcos RAT Spreading Through Adult Games in New Attack Wave

THEHACKERNEWS.COM — 17 Jan 2024

🕵️

Here’s How ChatGPT Maker OpenAI Plans to Deter Election Misinformation in 2024

SECURITYWEEK.COM — 17 Jan 2024

🕵️

Oracle Patches 200 Vulnerabilities With January 2024 CPU

SECURITYWEEK.COM — 17 Jan 2024

🕵️

Code Written with AI Assistants Is Less Secure

SCHNEIER.COM — 2024-01-17

🕵️

macOS Infostealers That Actively Involve in Attacks Evade XProtect Detection

GBHACKERS.COM — 17 Jan 2024

🕵️

AI Data Exposed to ‘LeftoverLocals’ Attack via Vulnerable AMD, Apple, Qualcomm GPUs

SECURITYWEEK.COM — 17 Jan 2024

🕵️

Achieving “Frictionless Defense” in the Age of Hybrid Networks

SECURITYWEEK.COM — 17 Jan 2024

🕵️

What are You Working on Wednesday

INFOSEC.PUB — 17 Jan 2024

🕵️

AI in Security — Ready for Prime Time

PALOALTONETWORKS.COM — 17 Jan 2024

🕵️

PAX PoS Terminal Flaw Could Allow Attackers to Tamper with Transactions

THEHACKERNEWS.COM — 17 Jan 2024

🕵️

News alert: Incogni study reveals overwhelming majority of spam calls originate locally

LASTWATCHDOG.COM — 17 Jan 2024

🕵️

Microsoft: Iranian APT Impersonating Prominent Journalist in Clever Spear-Phishing Attacks

SECURITYWEEK.COM — 17 Jan 2024

🕵️

Microsoft: Iranian hackers target researchers with new MediaPl malware

BLEEPINGCOMPUTER.COM — 17 Jan 2024

🕵️

How 'sleeper agent' AI assistants can sabotage code

THEREGISTER.COM — 17 Jan 2024

🕵️

OpenAI Combats Election Misinformation Amid Growing Concerns

DATABREACHTODAY.CO.UK — 2024-01-17

🕵️

New TTPs observed in Mint Sandstorm campaign targeting high-profile individuals at universities and research orgs

MICROSOFT.COM — 17 Jan 2024

🕵️

K-12 Cybersecurity with Brian Stephens, Director, Stakeholder Engagement at Funds For Learning

YOUTUBE.COM — 2024-01-17

🕵️

US Judge Again Says Meta Pixel Privacy Case Dismissal Unlikely

DATABREACHTODAY.CO.UK — 2024-01-17

🌐

Cyber Tops Business Risk for Enterprises Worldwide, Report Finds

CYBERSECURITYDIVE.COM — 17 Jan 2024

🌐

US Agencies Warn of Androxgh0st Malware Botnet Stealing AWS, Microsoft credentials

CISA.GOV — 17 Jan 2024

🌐

MacOS Info-Stealers Quickly Evolve to Evade XProtect Detection

BLEEPINGCOMPUTER.COM — 17 Jan 2024

🌐

Release Cybersecurity Guidance on Chinese-Manufactured UAS for Critical Infrastructure Owners and Operators

CISA.GOV — Wed, 17 Jan 24 1

🌐

Bigpanzi botnet infects 170,000 Android TV boxes with malware

BLEEPINGCOMPUTER.COM — 17 Jan 2024

📡

What cybersecurity threats to kids parents should be aware of in 2024? | Kaspersky official blog

KASPERSKY.COM — 17 Jan 2024

📡

Southeast Asian Casino Industry Supercharging Cyber Fraud, UN Says

THERECORD.MEDIA — 17 Jan 2024

📡

Report: 94% of Firms Hit by Phishing Attacks in 2023

INFOSECURITY-MAGAZINE.COM — 17 Jan 2024

📡

PSA: Anyone can tell if you are using WhatsApp on your computer

TECHCRUNCH.COM — 17 Jan 2024

📡

New UEFI Vulnerabilities Send Firmware Devs Across An Entire Ecosystem Scrambling

PACKETSTORMSECURITY.COM — 17 Jan 2024

📡

SonicWall API Opens 178k Firewalls To Attack

PACKETSTORMSECURITY.COM — 17 Jan 2024

📡

Crypto Trading Firm Closes Shop After $8 Million NY State Fine Over Security Issues

THERECORD.MEDIA — 17 Jan 2024

📡

Combating IP Leaks into AI Applications with Free Discovery and Risk Reduction Automation

THEHACKERNEWS.COM — 17 Jan 2024

📡

Snyk Acquires Helios for Runtime Visibility

DARKREADING.COM — 17 Jan 2024

📡

Cheap .cloud Domains and Shark Tank Impersonation Fuels Unhealthy Scams

THEREGISTER.COM — 17 Jan 2024

📡

E-Crime Rapper ‘Punchmade Dev’ Debuts Card Shop

KREBSONSECURITY.COM — 17 Jan 2024

📡

The threat from large language model text generators

CYBER.GC.CA — 2024-01-17

📡

Embracing a risk-based cybersecurity approach with ASRM

TRENDMICRO.COM — 17 Jan 2024

📡

Is Temu safe? What to know before you ‘shop like a billionaire’

WELIVESECURITY.COM — 17 Jan 2024

📡

Modernize Federal Cybersecurity Strategy with FedRAMP

TRENDMICRO.COM — 17 Jan 2024