🚨 CISA KEV 1[−]
18 Jan KEVCISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2023-35082 Ivanti Endpoint Manager Mobile (EPMM) and MobileIron Core Authentication Bypass Vulnerability These types of vulnerabilities are frequent…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 6[−]
18 Jan KEVCitrix NetScaler 0-day Vulnerability Exploited In The Wild, CISA Urges PatchingCisco NetScaler ADC and NetScaler Gateway have been discovered to have two vulnerabilities, which were associated with remote code execution and denial of service. The CVEs for these vulnerabilities were CVE-2023-6548 and CVE-2023-6549, and the severity has been given as 5.5 (Med…GBHACKERS.COM
18 JanMore Scans for Ivanti Connect "Secure" VPN. Exploits Public, (Thu, Jan 18th)Exploits around the Ivanti Connect "Secure" VPN appliance, taking advantage of CVE-2023-46805, continue evolving. Late on Tuesday, more details became public, particularly the blog post by Rapid7 explaining the underlying vulnerability in depth [1]. Rapid7 also does a g…ISC.SANS.EDU
18 JanFrequent critical flaws open MLFlow users to imminent threatsMLFlow has emerged as the most-vulnerable open source machine learning framework with four highly critical (CVSS 10) vulnerabilities reported within 50 days, according to a Protect AI report. Protect AI’s AI/ML bug bounty program, hunter AI, discovered these vulnerabilities withi…CSOONLINE.COM
18 JanCitrix Releases Security Updates for NetScaler ADC and NetScaler GatewayCitrix released security updates to address vulnerabilities (CVE-2023-6548 and CVE-2023-6549) in NetScaler ADC and NetScaler Gateway. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to…CISA.GOV
18 JanCVE-2024-20721 Adobe Systems Incorporated: CVE-2024-20721 Improper Input Validation Denial of Service VulnerabilityUpdated FAQ information. This is an informational change only.MSRC.MICROSOFT.COM
18 JanAtlassian Releases Security Updates for Multiple ProductsAtlassian released a security advisory to address a vulnerability (CVE-2023-22527) in out-of-date versions of Confluence Data Center and Server as well as its January 2024 security bulletin to address vulnerabilities in multiple products. A malicious cyber actor could exploit one…CISA.GOV
⚠️ VULNERABILITY DISCLOSURE 28[−]
18 JanFTC Joins Global Data Security and Privacy Investigative ConsortiumThis nonbinding consortium aims to assist privacy investigators worldwide and facilitate seamless collaboration in law enforcement investigations and actions involving privacy and data security.THERECORD.MEDIA
18 JanIndian Air Force Potentially Targeted With Info-Stealing MalwareThe malware used in the campaign, a variant of Go Stealer, targets browsers like Firefox, Chrome, Edge, and Brave, and uses Slack for data exfiltration to blend in with regular business traffic.THERECORD.MEDIA
18 JanClearview Resources Ltd Hit by Cyberattack, Suffers $1.5 Million in DamagesA cyberattack on the Canadian energy producer Clearview Resources Ltd resulted in a US$1.5 million financial loss. The attack involved the compromise of an internal email address, leading to the redirection of company funds to a third-party account.THECYBEREXPRESS.COM
18 JanPixieFail UEFI Flaws Expose Millions of Computers to RCE, DoS, and Data TheftMultiple security vulnerabilities have been disclosed in the TCP/IP network protocol stack of an open-source reference implementation of the Unified Extensible Firmware Interface (UEFI) specification used widely in modern computers. Collectively dubbed PixieFail by Quar…THEHACKERNEWS.COM
18 JanK-12 Cybersecurity - Brian Stephens - PSW #813With a recent increase in government attention on K–12 cybersecurity, there is a pressing need to shed light on the challenges school districts face in implementing necessary security measures. Why? Budgeting constraints pose significant obstacles in meeting recommended cybersecu…YOUTUBE.COM
18 JanCanadian Citizen Gets Phone Back from PoliceAfter 175 million failed password guesses, a judge rules that the Canadian police must return a suspect’s phone. [Judge] Carter said the investigation can continue without the phones, and he noted that Ottawa police have made a formal request to obtain more data from Google…SCHNEIER.COM
18 JanTensorFlow CI/CD Flaw Exposed Supply Chain to Poisoning AttacksContinuous integration and continuous delivery (CI/CD) misconfigurations discovered in the open-source TensorFlow machine learning framework could have been exploited to orchestrate supply chain attacks. The misconfigurations could be abused by an attacker to "cond…THEHACKERNEWS.COM
18 JanMFA Spamming and Fatigue: When Security Measures Go WrongIn today's digital landscape, traditional password-only authentication systems have proven to be vulnerable to a wide range of cyberattacks. To safeguard critical business resources, organizations are increasingly turning to multi-factor authentication (MFA) as a more robust secu…THEHACKERNEWS.COM
18 JanNinety-Four Percent of Organizations Sustained Phishing Attacks Last YearA survey by Egress has found that 94% of organizations were hit by phishing attacks in 2023, Infosecurity Magazine reports. Additionally, 91% of firms experienced data loss and exfiltration. The three most common causes of data loss were reckless behavior, human error and malicio…KNOWBE4.COM
18 JanApple, AMD, Qualcomm, Imagination GPUs Open to Data Theft Using New LeftoverLocals VulnerabilityThe vulnerability affects various GPU products, with AMD and Apple planning mitigations, and Imagination and Qualcomm issuing fixes. Nvidia and Arm are reportedly unaffected.THEREGISTER.COM
18 JanDrupal Releases Security Advisory for Drupal CoreDrupal released a security advisory to address a vulnerability affecting multiple Drupal core versions. A cyber threat actor could exploit this vulnerability to cause a denial-of-service condition. CISA encourages users and administrators to review Drupal security advisory SA-COR…CISA.GOV
18 JanTensorFlow CI/CD Flaw Exposed Supply Chain to Poisoning AttacksContinuous integration and delivery misconfigurations in TensorFlow could have been exploited for supply chain attacks, allowing malicious code injection and compromise of GitHub and PyPi releases.THEHACKERNEWS.COM
18 JanIncident Response Guide for the WWS SectorToday, CISA, the Federal Bureau of Investigation (FBI), and the Environmental Protection Agency released a joint Incident Response Guide for the Water and Wastewater Systems (WWS) Sector . The guide includes contributions from over 25 WWS Sector organizations spanning private ind…CISA.GOV
18 JanCISA Releases One Industrial Control Systems AdvisoryCISA released one Industrial Control Systems (ICS) advisory on January 18, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-018-01 AVEVA PI Server CISA encourages users and administrators to re…CISA.GOV
18 JanUnpatched Rapid SCADA Vulnerabilities Expose Industrial Organizations to AttacksSeven vulnerabilities found in Rapid SCADA could be exploited to gain access to sensitive industrial systems, but they remain unpatched. The post Unpatched Rapid SCADA Vulnerabilities Expose Industrial Organizations to Attacks appeared first on SecurityWeek .SECURITYWEEK.COM
18 JanMalware Exploiting 9Hits, Turns Docker Servers into Crypto MinersAttackers are using off-the-shelf images from Dockerhub to spread malware, with the 9Hits app visiting various websites and the XMRig miner disabled from visiting crypto-related sites to prevent analysis.HACKREAD.COM
18 JanOracle Releases Critical Patch Update Advisory for January 2024Oracle released its Critical Patch Update Advisory for January 2024 to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Oracle’s…CISA.GOV
18 JanWhy using Google OAuth in work applications is unsafeA bug in the Google OAuth sign-in mechanism can be exploited by fired employees to retain access to accountsKASPERSKY.COM
18 JanOracle Quarterly Critical Patches Issued January 16, 2024Multiple vulnerabilities have been discovered in Oracle products, the most severe of which could allow for remote code execution.CISECURITY.ORG
18 JanOutlook Vulnerability Discovery and New Ways to Leak NTLM Hashessubmitted by L4s to secops 1 points | 0 comments https://www.varonis.com/blog/outlook-vulnerability-and-new-ways-to-leak-ntlm-hashes Outlook Vulnerability Discovery and New Ways to Leak NTLM Hashes::undefinedVARONIS.COM
18 JanCreating Trust in Biometric Authentication for Identity Verification with Sabrina Gross – ESW #346Joins us live today at 3pm ET as we discuss Creating Trust in Biometric Authentication for Identity Verification with Sabrina Gross, Regional Director of Strategic Partners at Veridas – ESW #346 The general public has varied opinions of #biometric authentication, and an increasin…YOUTUBE.COM
18 Jan KEVCISA: Critical Ivanti auth bypass bug now actively exploitedCISA warns that a critical authentication bypass vulnerability in Ivanti's Endpoint Manager Mobile (EPMM) and MobileIron Core device management software (patched in August 2023) is now under active exploitation. [...]BLEEPINGCOMPUTER.COM
18 JanThree of four CISOs ready for job changeGrowing anxiety over new and expanded demands for their jobs has many CISOs mulling over an employment change, according to an annual research study released Wednesday. The State of the CISO 2023-2024 Report , by IANS research and Artico Search, revealed that 75% of CISOs are ope…CSOONLINE.COM
18 JanCreating Trust in Biometric Authentication for Identity Verification - Sabrina Gross - ESW #346The general public has varied opinions of biometric authentication, and an increasingly reluctant relationship with it, as more and more facial recognition is forced upon us (especially those of us that travel frequently). Facial recognition doesn't work for everyone, so what oth…YOUTUBE.COM
18 JanNew Paper: “Future of the SOC: Evolution or Optimization — Choose Your Path” (Paper 4 of 4.5)New Paper: “Future of the SOC: Evolution or Optimization — Choose Your Path” (Paper 4 of 4.5) After a long, long, long writing effort break, we are ready with our 4th Deloitte / Google Future of the SOC paper “Future of the SOC: Evolution or Optimization — Choose Your Path” ( alt…MEDIUM.COM
18 JanPopular GPUs Used AI Systems Vulnerable to Memory Leak FlawLeftoverLocals Affects Apple, AMD and Qualcomm Devices Researchers uncovered a critical vulnerability in graphic processing units of popular devices that could allow attackers to access data from large language models. They dubbed the vulnerability LeftoverLocals and said it affe…DATABREACHTODAY.CO.UK
18 JanProtecting Your Network Security from Ivanti Zero-Day ThreatThe overlooked vulnerability with real impactsTRENDMICRO.COM
📢 SECURITY ADVISORIES 8[−]
18 JanSmashing Security podcast #355: Fishy Rishi, 23andMe, and the labour of loveHas the British Prime Minister been caught secretly profiting from a cryptocurrency app? Were 23andMe right to blame their users after a data breach? And Indian men have hard feelings after falling for a money-for-sex scam. All this and much much more is discussed in the latest e…GRAHAMCLULEY.COM
18 JanChinese Drones Pose Threat to US Infrastructure, CISA WarnsThe U.S. Cybersecurity and Infrastructure Security Agency and the FBI are warning critical infrastructure owners about the potential security risks posed by Chinese-manufactured unmanned aircraft systems (UAS).BANKINFOSECURITY.COM
18 JanPro-Russia Group Hit Swiss Government Sites After Zelensky Visit in DavosSwitzerland's National Cyber Security Centre promptly detected and responded to the DDoS attacks, restoring access to the targeted websites, including the Davos-Klosters ski resort and Swiss Ministry of the Interior.SECURITYAFFAIRS.COM
18 JanCISA, FBI and EPA Release Incident Response Guide for Water and Wastewater Systems SectorCISA.GOV
18 JanUS govt wants BreachForums admin sentenced to 15 years in prisonThe United States government has recommended that Conor Brian Fitzpatrick, the creator and lead administrator of the now-defunct BreachForums hacking forums, receive a sentence of 15 years in prison. [...]BLEEPINGCOMPUTER.COM
18 JanPrivacy Fines: Tech Hub Ireland Leads EU in GDPR Sanctions4.7 Billion Euros in Total Known Fines Since Data Protection Law Took Effect Ireland - home to the European headquarters of a throng of multinational tech companies - is responsible for the greatest amount of aggregate data protection fines - 2.9 billion euros - since the Europea…DATABREACHTODAY.CO.UK
18 JanCryptohack Roundup: SEC Still Probing X Account HackAlso: $3.3M Socket Hack; Do Kwon and Alex Mashinsky Trials This week, the U.S. SEC assessed its X account hack, attackers stole $3.3M from Socket, Do Kwon got a new trial date, Alex Mashinsky sought to dismiss charges, Google Play Store removed crypto apps for India users, IRS cl…DATABREACHTODAY.CO.UK
🔥 INCIDENT REPORTING 20[−]
18 JanCooper Aerobics Data Security Incident Raises Concerns of Personal Information ExposureThe breach involved sensitive data such as financial details, SSNs, and health-related information. While there is no evidence of identity theft or financial fraud, the firm is taking precautionary measures and offering support to affected people.THECYBEREXPRESS.COM
18 JanIranian Hackers Masquerade as Journalists to Spy on Israel-Hamas War ExpertsThe group's latest intrusion set involves using lures related to the Israel-Hamas war, sending malicious links disguised as innocuous emails, and utilizing breached accounts to build trust with targets.THEHACKERNEWS.COM
18 JanNational Bank of Angola Says it Mitigated CyberattackThe National Bank of Angola is trying to reassure the country that its financial system is secure following a cyberattack on January 6. No hacking group has taken credit for the incident.THERECORD.MEDIA
18 JanHackers Deploying Androxgh0st Botnet Malware that Steals AWS, Microsoft CredentialsThreat actors use botnet malware to gain access to the network of compromised systems that enable them to perform several types of illicit activities. They get attracted to botnet malware due to its distributed and anonymous infrastructure, which makes it stealthy and sophisticat…GBHACKERS.COM
18 JanDocker hosts hacked in ongoing website traffic theft schemeA new campaign targeting vulnerable Docker services deploys an XMRig miner and the 9hits viewer app on compromised hosts, allowing a dual monetization strategy. [...]BLEEPINGCOMPUTER.COM
18 JanOutsmarting Ransomware’s New PlaybookEncryption is a technological necessity and also a legal safeguard, with importance in both defending against and mitigating the consequences of cyberattacks. The post Outsmarting Ransomware’s New Playbook appeared first on SecurityWeek .SECURITYWEEK.COM
18 JanRansomware Group Targets Foxconn Subsidiary FoxsemiconFoxsemicon’s website defaced with a message from the LockBit ransomware group, which claims to have stolen 5 Tb of data. The post Ransomware Group Targets Foxconn Subsidiary Foxsemicon appeared first on SecurityWeek .SECURITYWEEK.COM
18 JanHow Do You Protect Your APIs From DDoS Attacks?Today, DDoS attacks stand out as the most widespread cyber threat, extending their impact to APIs. When successfully executed, these attacks can cripple a system, presenting a more severe consequence than DDoS incidents targeting web applications. The increased risk a…GBHACKERS.COM
18 JanTaiwanese Semiconductor Company Foxsemicon Suffers Ransomware AttackFoxsemicon, a major semiconductor manufacturer in Taiwan, was targeted by the LockBit ransomware gang, who threatened to leak customers' personal data if a ransom was not paid.THERECORD.MEDIA
18 JanAs Hacks Worsen, SEC Turns up the Heat on CISOsThe cybersecurity industry is facing increasing legal oversight and consequences, making it riskier to work in this field. Companies are now required to disclose "material" security incidents within four working days to the SEC.TECHCRUNCH.COM
18 Jan‘Swatting’ Becomes the Latest Extortion Tactic in Ransomware AttacksRather than stick to traditional ransomware extortion methods that revolve around the attack itself, a new form of extortion known as Swatting puts the focus on the victim organization’s customers.KNOWBE4.COM
18 JanReport: 75% of Organizations Hit by Ransomware in 2023Cyberattacks are the leading cause of technology outages for 40% of organizations, emphasizing the need for comprehensive disaster preparation beyond just cybersecurity measures, according to Veeam.INFOSECURITY-MAGAZINE.COM
18 JanCredentials are Still King: Leaked Credentials, Data Breaches and Dark Web MarketsLearn how threat actors utilize credentials to break into privileged IT infrastructure to create data breaches and distribute ransomware. [...]BLEEPINGCOMPUTER.COM
18 JanKansas State University cyberattack disrupts IT network and servicesKansas State University (K-State) announced it is managing a cybersecurity incident that has disrupted certain network systems, including VPN, K-State Today emails, and video services on Canvas and Mediasite. [...]BLEEPINGCOMPUTER.COM
18 JanScammers Target Owners of Missing PetsSome particularly cold-hearted scammers are targeting users of lost pet forums with phony ransom demands, the BBC reports.KNOWBE4.COM
18 JanMore Than Half of Data Breaches in the U.K.’s Legal Sector are Due to Insider ErrorA new analysis of data breaches in the United Kingdom's legal sector shows that organizations need to be looking inward more and look for ways to elevate the security awareness of employees.KNOWBE4.COM
18 JanBreach Roundup: Microsoft's Effort to Store EU Data LocallyAlso: FBI Warning About Androxgh0st; eBay Pays a $3 Million Fine for Cyberstalking This week, Microsoft expanded plans to store EU citizens' data locally, shipping-themed phishing spam is a threat, the British Library overcame a ransomware setback, the FBI warned of Androxgh0st m…DATABREACHTODAY.CO.UK
18 JanTeamViewer abused to breach networks in new ransomware attacksRansomware actors are again using TeamViewer to gain initial access to organization endpoints and attempt to deploy encryptors based on the leaked LockBit ransomware builder. [...]BLEEPINGCOMPUTER.COM
18 JanVans, Supreme owner VF Corp says hackers stole 35 million customers’ personal dataVF Corp., the parent company of the popular apparel brands Vans, Supreme, and The North Face, said Thursday that hackers stole the personal data of 35.5 million customers in a December cyberattack. The Denver, Colorado-based company reported the data breach to regulators in a fil…TECHCRUNCH.COM
18 JanPHMSA Launches Initiatives to Bolster Pipeline CybersecurityAgency Tasked With Pipeline Security Takes New Steps to Combat Rise in Cyberattacks A U.S. federal agency tasked with ensuring the secure transportation of energy and hazardous materials is launching a series of initiatives to address an increase in cyberattacks, a top official s…DATABREACHTODAY.CO.UK
🕵️ THREAT INTELLIGENCE 21[−]
18 JanIranian Hackers Masquerade as Journalists to Spy on Israel-Hamas War ExpertsHigh-profile individuals working on Middle Eastern affairs at universities and research organizations in Belgium, France, Gaza, Israel, the U.K., and the U.S. have been targeted by an Iranian cyber espionage group called Mint Sandstorm since November 2023. The threat ac…THEHACKERNEWS.COM
18 JanISC Stormcast For Thursday, January 18th, 2024 https://isc.sans.edu/podcastdetail/8814, (Thu, Jan 18th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
18 JanCustomer Information of Toyota Insurance Company Exposed Due to MisconfigurationsExposed credentials for an email address at an Indian Toyota insurance broker led to customer information compromise. The post Customer Information of Toyota Insurance Company Exposed Due to Misconfigurations appeared first on SecurityWeek .SECURITYWEEK.COM
18 JanOleria Secures $33M Investment to Grow ID Authentication BusinessSeattle identity and authentication startup Oleria has attracted renewed interest from venture capital investors. The post Oleria Secures $33M Investment to Grow ID Authentication Business appeared first on SecurityWeek .SECURITYWEEK.COM
18 JanList Containing Millions of Credentials Distributed on Hacking Forum, but Passwords OldNaz.API credential stuffing list containing 70 million unique email addresses and old passwords found on hacking forum. The post List Containing Millions of Credentials Distributed on Hacking Forum, but Passwords Old appeared first on SecurityWeek .SECURITYWEEK.COM
18 JanRussian APT Known for Phishing Attacks Is Also Developing Malware, Google WarnsRussian threat group ColdRiver has developed Spica, a malware that enables it to compromise systems and steal information. The post Russian APT Known for Phishing Attacks Is Also Developing Malware, Google Warns appeared first on SecurityWeek .SECURITYWEEK.COM
18 JanEnergy Department to Invest $30 Million in Clean Energy Cybersecurity SolutionsOrganizations can earn up to $3 million in federal funding for cyber tools securing the clean energy infrastructure. The post Energy Department to Invest $30 Million in Clean Energy Cybersecurity Solutions appeared first on SecurityWeek .SECURITYWEEK.COM
18 JanGoogle says Russian espionage crew behind new malware campaignGoogle researchers say they have evidence that a notorious Russian-linked hacking group — tracked as “Cold River” — is evolving its tactics beyond phishing to target victims with data-stealing malware. Cold River, also known as “Callisto Group” and “Star Blizzard,” is known for c…TECHCRUNCH.COM
18 JanAI trends: A closer look at machine learning’s roleThe hottest technology right now is AI — more specifically, generative AI. The trend is so popular that every conference and webinar speaker feels obligated to mention some form of AI, no matter their field. The innovations and risks that AI offers are both exciting and fri…SECURITYINTELLIGENCE.COM
18 JanHow AI-Powered Security Capabilities Implement Real-Time CybersecurityPalo Alto Networks and Accenture are leaders at the forefront of security technology and operations, using AI to help clients stay ahead of cyberthreats. The post How AI-Powered Security Capabilities Implement Real-Time Cybersecurity appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
18 JanGoogle: Russian FSB Hacking Group Turns to Malware'Coldriver' Has Been Sending Backdoors Embedded in PDFs Since November 2022 A Russian domestic intelligence agency hacking group known for long-lasting logon credential phishing campaigns against Western targets is now deploying malware embedded into PDFs, say security researcher…DATABREACHTODAY.CO.UK
18 JanSoftware Supply Chain Security Startup Kusari Raises $8 MillionKusari has raised $8 million to help organizations gain visibility into and secure their software supply chain. The post Software Supply Chain Security Startup Kusari Raises $8 Million appeared first on SecurityWeek .SECURITYWEEK.COM
18 JanMultichain Inferno Drainer Abuse Web3 Protocols To Connect Crypto WalletsA cryptocurrency-related phishing scam that uses malware called a drainer is one of the most widely used tactics these days. From November 2022 to November 2023, ‘Inferno Drainer’, a well-known multichain cryptocurrency drainer, was operational under the scam-as-a-service paradig…GBHACKERS.COM
18 JanRussian COLDRIVER Hackers Expand Beyond Phishing with Custom MalwareThe Russia-linked threat actor known as COLDRIVER has been observed evolving its tradecraft to go beyond credential harvesting to deliver its first-ever custom malware written in the Rust programming language. Google's Threat Analysis Group (TAG), which shared details of the late…THEHACKERNEWS.COM
18 JanNew Docker Malware Steals CPU for Crypto & Drives Fake Website TrafficVulnerable Docker services are being targeted by a novel campaign in which the threat actors are deploying XMRig cryptocurrency miner as well as the 9Hits Viewer software as part of a multi-pronged monetization strategy. "This is the first documented case of malware deploying the…THEHACKERNEWS.COM
18 JanBigpanzi, PixieFAIL, Dark Xmas - PSW #813In the Security News: Bricked Xmas, If you can hack a wrench, PixieFail and disclosure woes, exposing Bigpanzi (more Android supply chain issues, 20 years of OpenWRT, Jamming, traffic lights, and batteries don’t work that well in the extreme cold. All that and more on this episod…YOUTUBE.COM
18 JanAHA: Rise in Scams Targeting IT Help Desks for Payment FraudAmerican Hospital Association Warns of Social Engineering Schemes The American Hospital Association is warning of increasingly sophisticated social engineering scams targeting hospital IT help desks with schemes involving the stolen credentials of revenue cycle and other finance …DATABREACHTODAY.CO.UK
18 JanMicrosoft at Legalweek: Secure data and gain efficiencies with Microsoft Purview eDiscovery enhanced by generative AIMicrosoft solutions can ease some of the top challenges of legal professionals. Read on for two advantages of the combination of Microsoft Purview eDiscovery and generative AI, and explore opportunities to connect with us at Legalweek. The post Microsoft at Legalweek: Secure data…MICROSOFT.COM
18 JanIranian Hackers Targeting Middle East ExpertsTehran-Aligned Group Mint Sandstorm Uses Israel-Hamas Conflict as a Lure Hackers aligned with the Iranian state are masquerading as journalists to target Middle East experts and deploy a new custom backdoor that supports the Iranian government's spying agenda. Tehran may be harve…DATABREACHTODAY.CO.UK
18 JanWhite House Official Warns of AI Risks in 2024 ElectionsNo 'Magic Solution' to Prevent Malicious Use of AI in Elections, OSTP Chief Says Arati Prabhakar, director of the White House's Office of Science and Technology Policy, said during an event at the 2024 World Economic Forum that generative artificial intelligence has the potential…DATABREACHTODAY.CO.UK
18 JanDogs, AI, and Gyrogears (it's a slow security news week) - ESW #346On this segment, we talk a lot about AI, new technologies, and the future from a personal and consumer standpoint. Not a lot of enterprise-relevant stuff in the news today, but consumer products and AI will have a HUGE long-term impact, so that's how we're justifying today's topi…YOUTUBE.COM
🌐 CYBER THREAT LANDSCAPE 7[−]
18 JanBigpanzi Botnet Infects 170,000 Android TV Boxes With MalwareThe malware tools used by Bigpanzi, including 'pandoraspear' and 'pcdn,' enable the cybercriminals to hijack DNS settings, establish C2 communication, build a peer-to-peer CDN, and execute DDoS attacks on infected devices.BLEEPINGCOMPUTER.COM
18 JaniShutdown Method Allows to Discover Spyware Infections on iPhonesThe presence of spyware, such as Pegasus, Predator, and Reign, can be identified by examining the Shutdown.log file for anomalous log entries related to processes delaying the reboot.SECURITYAFFAIRS.COM
18 JanGoogle: Russian FSB hackers deploy new Spica backdoor malwareGoogle says the ColdRiver Russian-backed hacking group is pushing previously unknown backdoor malware using payloads masquerading as a PDF decryption tool. [...]BLEEPINGCOMPUTER.COM
18 JanTA866 Returns with a Large Email CampaignThe new campaign by TA866 involved a large volume of emails with attached PDFs containing OneDrive URLs that initiated a multi-step infection chain leading to malware payload.PROOFPOINT.COM
🎙️ PODCASTS 1[−]
18 JanTransatlantic Cable podcast episode 330 | Kaspersky official blogEpisode 330 of the Transatlantic Cable podcast looks at AI ‘sleeper agents’, eBay shenanigans and crypto-casinosKASPERSKY.COM
📡 INFOSEC NEWS 16[−]
18 JanJira down: Atlassian outage affecting multiple cloud servicesMultiple Atlassian Jira products are experiencing an ongoing outage as of this morning. Users of Jira Work management, Jira Software, Jira Service Management and Jira Product Discovery are facing connection issues. [...]BLEEPINGCOMPUTER.COM
18 JanVendor Email Attacks Surged by 137% in Financial Sector in 2023The financial services industry has seen a significant increase in Vendor Email Compromise (VEC) and Business Email Compromise (BEC) attacks, with VEC attacks causing millions of dollars in losses.INFOSECURITY-MAGAZINE.COM
18 JanSwiss Government Reports Nuisance-Level DDoS DisruptionsSelf-Proclaimed Russian Hacktivists Continue Putin-Aligned Information Operations Switzerland's federal government reports that multiple federal agencies' public-facing sites were temporarily disrupted by distributed denial-of-service attacks perpetrated by a self-proclaimed Russ…DATABREACHTODAY.CO.UK
18 JanResearcher Uncovers Massive Password Dump Containing 71 Million Unique CredentialsA massive data tranch containing nearly 71 million unique credentials, including 25 million previously unseen passwords, has been circulating on the internet for at least four months.ARSTECHNICA.COM
18 JanBuggy API on Insurance Firm TTIBI's Website Leaked Over 650,000 Email MessagesA security researcher Eaton Zveare discovered a misconfigured server belonging to Toyota Tsusho Insurance Broker India (TTIBI), which exposed over 650,000 Microsoft-hosted email messages.THEREGISTER.COM
18 JanAttribute-Based Encryption Could Spell the End of Data CompromiseAttribute-based encryption (ABE) offers fine-grained access to data, revolutionizing data protection and access control. ABE has diverse real-world applications, from privacy protection in surveillance videos to securing electronic medical records.HELPNETSECURITY.COM
18 JanOpenAI Combats Election Misinformation Amid Growing ConcernsOpenAI is taking steps to prevent the use of ChatGPT in spreading election misinformation, including restricting its use for political campaigning and lobbying, and creating tools to empower voters to assess the authenticity of images.BANKINFOSECURITY.COM
18 JanResearcher Uncovers One Of The Biggest Password Dumps In Recent HistoryPACKETSTORMSECURITY.COM
18 JanHaier hits Home Assistant plugin dev with takedown noticeAppliances giant Haier reportedly issued a takedown notice to a software developer for creating Home Assistant integration plugins for the company's home appliances and releasing them on GitHub. [...]BLEEPINGCOMPUTER.COM
18 JanMalicious Extortion Bot Targets Publicly Exposed PostgreSQL and MySQL DatabasesThe bot gains access to the databases, deletes all tables and databases, and leaves a ransom note demanding payment for data recovery. However, the bot only saves a small portion of the data, even if the ransom is paid.THEREGISTER.COM
18 JanWeb monitors say Gaza week-long internet outage is longest yetInternet monitoring firms say a near-total internet blackout in Gaza is reaching its seventh day, the longest outage of the ongoing Israel-Hamas conflict so far. Doug Madory, the director of internet analysis at Kentik, told TechCrunch in a Signal message that this is the “longes…TECHCRUNCH.COM
18 JanMicrosoft tests instant access to Android photos in Windows 11Microsoft plans to provide Windows 11 users with almost instant access to photos and screenshots they've taken on their Android smartphones. [...]BLEEPINGCOMPUTER.COM
18 JanReduce Business Email Compromise with CollaborationHere's the latest Trend Vision One™ platform integration addressing the growing need for collaboration in business email security space.TRENDMICRO.COM
18 JanVirtual kidnapping: How to see through this terrifying scamPhone fraud takes a frightening twist as fraudsters can tap into AI to cause serious emotional and financial damage to the victimsWELIVESECURITY.COM