21Articles
5Categories
2024-01-20Date
⚠️ VULNERABILITY DISCLOSURE 8[−]
20 Jan KEVCISA Issues Emergency Directive to Federal Agencies on Ivanti Zero-Day ExploitsThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday issued an emergency directive urging Federal Civilian Executive Branch (FCEB) agencies to implement mitigations against two actively exploited zero-day flaws in Ivanti Connect Secure (ICS) and Iv…THEHACKERNEWS.COM
20 JanChina-linked APT UNC3886 Exploits VMware Zero-Day Since 2021Mandiant researchers observed UNC3886 exploiting a VMware ESXi zero-day vulnerability in June 2023, using novel malware persistence techniques to achieve administrative access within VMware ESXi Hypervisors.SECURITYAFFAIRS.COM
20 JanCISA Issues Emergency Directive to Federal Agencies on Ivanti Zero-Day ExploitsThe vulnerabilities allow threat actors to execute arbitrary commands, move laterally, perform data exfiltration, and establish persistent system access, potentially compromising target information systems.THEHACKERNEWS.COM
20 JanChinese Hackers Silently Weaponized VMware Zero-Day Flaw for 2 YearsAn advanced China-nexus cyber espionage group previously linked to the exploitation of security flaws in VMware and Fortinet appliances has been linked to the abuse of a critical vulnerability in VMware vCenter Server as a zero-day since late 2021. "UNC3886 has a track record of …THEHACKERNEWS.COM
20 JanIn Other News: WhatsApp Privacy Issue, Spying via Ambient Light Sensor, Bigpanzi BotnetNoteworthy stories that might have slipped under the radar: WhatsApp privacy issue remains unpatched, spying via tablet ambient light sensors, and the Bigpanzi botnet. The post In Other News: WhatsApp Privacy Issue, Spying via Ambient Light Sensor, Bigpanzi Botnet appeared first …SECURITYWEEK.COM
20 JanPixieFAIL – 9 UEFI Flaws Expose Computers to Remote AttacksHackers exploit UEFI flaws to gain unauthorized access to a system’s firmware, enabling them to implant persistent malware or manipulate the boot process. This provides a stealthy entry point that allows attackers to bypass traditional security measures and maintain control…GBHACKERS.COM
20 JanRussian Hackers Win Big: Microsoft's Senior Exec Team Emails BreachedIn a Friday regulatory filing , Microsoft has reported that its corporate email accounts were compromised by a Russian state-sponsored hacking group known as Midnight Blizzard, also identified as Nobelium or APT29. Microsoft's disclosure aligns with new U.S. requirements for repo…KNOWBE4.COM
20 JanMicrosoft: Russian Hackers Had Access to Executives' EmailsComputing Giant Says Hackers Did Not Access Customer Data or Production Systems Russian state hackers obtained access to the inboxes of senior Microsoft executives for at least six weeks, the computing giant disclosed late Friday afternoon. "There is no evidence that the threat a…DATABREACHTODAY.CO.UK
📢 SECURITY ADVISORIES 1[−]
20 JanBreachForums Admin Avoids Prison Term'Pompompurin' Sentenced to Supervised Release, Banned From Internet for 1 Year A federal judge sentenced "Pompompurin," the administrator of a now-defunct data breach marketplace, to 20 years of supervised release. The Peekskill, N.Y. man avoided a recommended 15-year prison sent…DATABREACHTODAY.CO.UK
🔥 INCIDENT REPORTING 7[−]
20 JanMicrosoft's Top Execs' Emails Breached in Sophisticated Russia-Linked APT AttackMicrosoft on Friday revealed that it was the target of a nation-state attack on its corporate systems that resulted in the theft of emails and attachments from senior executives and other individuals in the company's cybersecurity and legal departments. The Windows maker attribut…THEHACKERNEWS.COM
20 JanPayoneer Accounts in Argentina Hacked in 2FA Bypass AttacksSuspicions have been raised about a potential data leak from mobile service providers or a breach in the SMS provider used for OTP code delivery as the possible cause of the hacks.BLEEPINGCOMPUTER.COM
20 JanRussian Hackers Stole Microsoft Corporate Emails in Month-Long BreachThe breach was facilitated by a password spray attack on a non-production test tenant account lacking two-factor authentication, highlighting the importance of robust account security measures.BLEEPINGCOMPUTER.COM
20 JanResearchers link 3AM ransomware to Conti, Royal cybercrime gangsSecurity researchers analyzing the activity of the recently emerged 3AM ransomware operation uncovered close connections with infamous groups, such as the Conti syndicate and the Royal ransomware gang. [...]BLEEPINGCOMPUTER.COM
20 JanWeekly Update 383Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite They're an odd thing, credential lists. Whether they're from a stealer as in this week's Naz.API incident, or just aggre…TROYHUNT.COM
20 JanMassive Data Breach at VF Hits 35M Vans, Retail Customerssubmitted by IllNess to securitynews 1 points | 1 comments https://www.darkreading.com/cyberattacks-data-breaches/massive-data-breach-vf-35m-vans-retail-customersDARKREADING.COM
20 JanCourt charges dev with hacking after cybersecurity issue disclosureA German court has charged a programmer investigating an IT problem with hacking and fined them €3,000 ($3,265) for what it deemed was unauthorized access to external computer systems and spying on data. [...]BLEEPINGCOMPUTER.COM
🕵️ THREAT INTELLIGENCE 3[−]
20 JanInvoice Phishing Alert: TA866 Deploys WasabiSeed & Screenshotter MalwareThe threat actor tracked as TA866 has resurfaced after a nine-month hiatus with a new large-volume phishing campaign to deliver known malware families such as WasabiSeed and Screenshotter. The campaign, observed earlier this month and blocked by Proofpoint on January 11…THEHACKERNEWS.COM
20 JanLogBoost - A tool for parsing and enriching IP addresses in any type of log/file with GEO, DNS, OSINT IOCs and ASN contextsubmitted by L4s to secops 1 points | 0 comments https://github.com/joeavanzato/LogBoost LogBoost - A tool for parsing and enriching IP addresses in any type of log/file with GEO, DNS, OSINT IOCs and ASN context::Convert a variety of log formats to CSV while enriching detected IP…GITHUB.COM
20 JanRussians invade Microsoft exec mail while China jabs at VMware vCenter Serversubmitted by ylai to cybersecurity 1 points | 0 comments https://www.theregister.com/2024/01/20/chinese_russia_vmware_microsoft/THEREGISTER.COM
📡 INFOSEC NEWS 2[−]
20 JanMeta won't remove fake Instagram profiles used for obvious catfishingMeta seems to be falling short of effectively tackling fake Instagram profiles even when there are sufficient signs to indicate that a profile is misusing someone else's photos and identity. [...]BLEEPINGCOMPUTER.COM
20 JanMeta won't remove fake Instagram profiles that are clearly catfishingMeta seems to be falling short of effectively tackling fake Instagram profiles even when there are sufficient signs to indicate that a profile is misusing someone else's photos and identity. [...]BLEEPINGCOMPUTER.COM