matlock.ca // THREAT INTELLIGENCE

98Articles

8Categories

2024-01-22Date

🚨

CISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2023-34048 VMware vCenter Server Out-of-Bounds Write Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber ac…

KEVCISA.GOV — Mon, 22 Jan 24 1

🐛

Apache ActiveMQ Flaw Exploited in New Godzilla Web Shell Attacks

KEVTHEHACKERNEWS.COM — 22 Jan 2024

🐛

Chinese Spies Exploited VMware vCenter Server Vulnerability Since 2021

SECURITYWEEK.COM — 22 Jan 2024

🐛

Patched Apache ActiveMQ bug abused to drop Godzilla web shells

KEVCSOONLINE.COM — 22 Jan 2024

🐛

Hackers start exploiting critical Atlassian Confluence RCE flaw

BLEEPINGCOMPUTER.COM — 22 Jan 2024

🐛

Limiting remote access exposure in hybrid work environments

CSOONLINE.COM — 22 Jan 2024

🐛

Hackers Targeting Critical Atlassian Confluence Vulnerability Days After Disclosure

KEVSECURITYWEEK.COM — 22 Jan 2024

🐛

Scans/Exploit Attempts for Atlassian Confluence RCE Vulnerability CVE-2023-22527, (Mon, Jan 22nd)

ISC.SANS.EDU — 22 Jan 2024

🐛

Many CVE Records Are Listing the Wrong Versions of Software as Being Affected

PLUGINVULNERABILITIES.COM — 22 Jan 2024

⚠️

Apache ActiveMQ Flaw Exploited in New Godzilla Web Shell Attacks

THEHACKERNEWS.COM — 22 Jan 2024

⚠️

Top 4 LLM threats to the enterprise

CSOONLINE.COM — 22 Jan 2024

⚠️

IT Consultant in Germany Fined for Exposing Shoddy Security

THEREGISTER.COM — 22 Jan 2024

⚠️

Russia-based group hacked emails of Microsoft’s senior leadership

CSOONLINE.COM — 22 Jan 2024

⚠️

Admin of the BreachForums Hacking Forum Sentenced to 20 Years Supervised Release

SECURITYAFFAIRS.COM — 22 Jan 2024

⚠️

China remains the biggest threat, according to the defense security community

CSOONLINE.COM — 22 Jan 2024

⚠️

Cyberattack Hits Three English Councils at Once, as Outsourcer Civica Denies Blame

THERECORD.MEDIA — 22 Jan 2024

⚠️

52% of Serious Vulnerabilities We Find are Related to Windows 10

THEHACKERNEWS.COM — 22 Jan 2024

⚠️

Cybercriminals Leaked Massive Volumes of Stolen PII Data From Thailand in Dark Web

SECURITYAFFAIRS.COM — 22 Jan 2024

⚠️

North Korea’s ScarCruft APT group targets infosec pros

CSOONLINE.COM — 22 Jan 2024

⚠️

New NTLM Hash Leak Attacks Target Outlook, Windows Programs

SECURITYWEEK.COM — 22 Jan 2024

⚠️

Chinese Spies Exploited VMware vCenter Server Vulnerability Since 2021

PACKETSTORMSECURITY.COM — 22 Jan 2024

⚠️

loanDepot says ransomware gang stole data of 16.6 million people

BLEEPINGCOMPUTER.COM — 22 Jan 2024

⚠️

Safeguarding AI: The path to trustworthy technology

CSOONLINE.COM — 22 Jan 2024

⚠️

Multiple Vulnerabilities in VMware Products Could Allow for Remote Code Execution

CISECURITY.ORG — 22 Jan 2024

⚠️

Ivanti: VPN appliances vulnerable if pushing configs after mitigation

BLEEPINGCOMPUTER.COM — 22 Jan 2024

⚠️

Apple fixes first zero-day bug exploited in attacks this year

BLEEPINGCOMPUTER.COM — 22 Jan 2024

⚠️

loanDepot cyberattack causes data breach for 16.6 million people

BLEEPINGCOMPUTER.COM — 22 Jan 2024

⚠️

News alert: Deloitte, Memcyco partner to deliver real-time ‘digital impersonation’ solutions

LASTWATCHDOG.COM — 22 Jan 2024

⚠️

Apple Ships iOS 17.3, Warns of WebKit Zero-Day Exploitation

SECURITYWEEK.COM — 22 Jan 2024

⚠️

Trello - 15,111,945 breached accounts

HAVEIBEENPWNED.COM — 22 Jan 2024

📢

CISA’s 1,200 Pre-Ransomware Alerts Saved Organizations Millions in Damages

CYBERSECURITYDIVE.COM — 22 Jan 2024

📢

New Guidance Urges US Water Sector to Boost Cyber Resilience

BANKINFOSECURITY.COM — 22 Jan 2024

📢

Say Easy, Do Hard, Hiring a CISO, Part 2 - BSW #335

YOUTUBE.COM — 2024-01-22

📢

Boardroom cyber expertise comes under scrutiny

SECURITYINTELLIGENCE.COM — 22 Jan 2024

📢

Dell security advisory (AV24-040)

CYBER.GC.CA — 2024-01-22

📢

Deloitte Partners with Memcyco to Combat ATO and Other Online Attacks with Real-Time Digital Impersonation Protection Solutions

GBHACKERS.COM — 22 Jan 2024

📢

IBM security advisory (AV24-041)

CYBER.GC.CA — 2024-01-22

📢

Red Hat security advisory (AV24-042)

CYBER.GC.CA — 2024-01-22

📢

Apple security advisory (AV24-043)

CYBER.GC.CA — 2024-01-22

📢

What Smart CISOs and Mature Orgs Get That Others Don’t About Cyber Compliance | News - PSW814

YOUTUBE.COM — 2024-01-22

🔥

Update: Ransomware Gang Claims Responsibility for Christmas Attack on Massachusetts Hospital

THERECORD.MEDIA — 22 Jan 2024

🔥

Researchers Link 3AM Ransomware to Conti, Royal Cybercrime Gangs

BLEEPINGCOMPUTER.COM — 22 Jan 2024

🔥

Cyber Security Today, Jan. 22, 2024 - the LockBit ransomware gang hits the Subway fast food chain, and this is the start of Data Privacy Week

CYBERSECURITYTODAY.LIBSYN.COM — 22 Jan 2024

🔥

LockBit Gang Claims New Attack on the Sandwich Chain Subway

SECURITYAFFAIRS.COM — 22 Jan 2024

🔥

DarkGate Malware Abuses AutoIT Scripting For Payload Obfustication

GBHACKERS.COM — 22 Jan 2024

🔥

Owner of Cybercrime Website BreachForums Sentenced to Supervised Release

SECURITYWEEK.COM — 22 Jan 2024

🔥

NS-STEALER Uses Discord Bots to Exfiltrate Your Secrets from Popular Browsers

THEHACKERNEWS.COM — 22 Jan 2024

🔥

Tietoevry Ransomware Attack Causes Outages for Swedish Firms, Cities

BLEEPINGCOMPUTER.COM — 22 Jan 2024

🔥

LoanDepot says 16.6 million customers had ‘sensitive personal’ information stolen in cyberattack

TECHCRUNCH.COM — 22 Jan 2024

🔥

With hackers poisoning water systems, US agencies issue incident response guide to boost cybersecurity

TRIPWIRE.COM — 22 Jan 2024

🔥

Ransomware Hit on Tietoevry Causes IT Outages Across Sweden

DATABREACHTODAY.CO.UK — 2024-01-22

🔥

Trezor support site breach exposes personal data of 66,000 customers

BLEEPINGCOMPUTER.COM — 22 Jan 2024

🔥

DENHAM the Jeanmaker Confirms Cyberattack

THECYBEREXPRESS.COM — 22 Jan 2024

🔥

LoanDepot Breach: 16.6 Million People Impacted

SECURITYWEEK.COM — 22 Jan 2024

🔥

BreachForums Admin Gets 20 Years Of Supervised Release

PACKETSTORMSECURITY.COM — 22 Jan 2024

🔥

Subway's Data Torpedoed By LockBit, Ransomware Gang Claims

PACKETSTORMSECURITY.COM — 22 Jan 2024

🔥

Facebook Phishing Scams Target Concerned Friends and Family

KNOWBE4.COM — 22 Jan 2024

🔥

AI Does Not Scare Me, But It Will Make The Problem Of Social Engineering Much Worse

KNOWBE4.COM — 22 Jan 2024

🔥

LoanDepot Ransomware Attack: 16.6 Million Customers Affected

DATABREACHTODAY.CO.UK — 2024-01-22

🔥

Malicious web redirect scripts stealth up to hide on hacked sites

BLEEPINGCOMPUTER.COM — 22 Jan 2024

🔥

France's OFAC to Tackle Cyberthreats Ahead of Olympics

DATABREACHTODAY.CO.UK — 2024-01-22

🔥

Report: Hackers Scammed $7.5M From HHS Grant Payment System

DATABREACHTODAY.CO.UK — 2024-01-22

🔥

SEC confirms X account was hacked in SIM swapping attack

BLEEPINGCOMPUTER.COM — 22 Jan 2024

🔥

Mother of all breaches - a historic data leak reveals 26 billion records

CYBERNEWS.COM — 22 Jan 2024

🔥

Microsoft's Latest Hack Sparks Major Security Concerns

DATABREACHTODAY.CO.UK — 2024-01-22

🕵️

ISC Stormcast For Monday, January 22nd, 2024 https://isc.sans.edu/podcastdetail/8818, (Mon, Jan 22nd)

ISC.SANS.EDU — 22 Jan 2024

🕵️

France Fines Yahoo 10 Mn Euros Over Cookie Abuses

SECURITYWEEK.COM — 22 Jan 2024

🕵️

AI Bots on X (Twitter)

SCHNEIER.COM — 2024-01-22

🕵️

Mentorship Monday - Discussions for career and learning!

INFOSEC.PUB — 22 Jan 2024

🕵️

Domain Escalation – Backup Operator

PENTESTLAB.BLOG — 22 Jan 2024

🕵️

Beware of Pirated MacOS Apps That Install Chinese Malware

GBHACKERS.COM — 22 Jan 2024

🕵️

North Korean Hackers Weaponize Fake Research to Deliver RokRAT Backdoor

THEHACKERNEWS.COM — 22 Jan 2024

🕵️

Security Experts Describe AI Technologies They Want to See

SECURITYWEEK.COM — 22 Jan 2024

🕵️

Russian State-Sponsored Threat Actor Targets High Profile Individuals in Phishing Campaign

KNOWBE4.COM — 22 Jan 2024

🕵️

Prosecutors Add to Evidence Against Alleged Vastaamo Hacker

DATABREACHTODAY.CO.UK — 2024-01-22

🕵️

YOUTUBE.COM — 2024-01-22

🕵️

2024: The Year Cross-Platform Endpoint Management Finally Gets Good? | News - ESW347

YOUTUBE.COM — 2024-01-22

🕵️

YOUTUBE.COM — 2024-01-22

🌐

Parrot TDS: A Persistent and Evolving Malware Campaign

UNIT42.PALOALTONETWORKS.COM — 22 Jan 2024

🌐

MavenGate Attack Could Let Hackers Hijack Java and Android via Abandoned Libraries

THEHACKERNEWS.COM — 22 Jan 2024

🌐

On Point: Offensive Security for Mobile Network Operators

DATABREACHTODAY.CO.UK — 2024-01-22

🌐

Cracked macOS apps drain wallets using scripts fetched from DNS records

BLEEPINGCOMPUTER.COM — 22 Jan 2024

📡

Experts Call for US Cyber Safety Review Board Rethink

THEREGISTER.COM — 22 Jan 2024

📡

FTC Bans InMarket for Selling Precise User Location Without Consent

THEHACKERNEWS.COM — 22 Jan 2024

📡

FTC Settles Second Case With Geolocation Data Broker in Two Weeks

THERECORD.MEDIA — 22 Jan 2024

📡

Groups Urge FTC to Scrutinize Google Location Data Practices

BANKINFOSECURITY.COM — 22 Jan 2024

📡

French CNIL Imposes Fine of $11 Million on Yahoo

BANKINFOSECURITY.COM — 22 Jan 2024

📡

Brave to End ‘Strict’ Fingerprinting Protection as it Breaks Websites

BLEEPINGCOMPUTER.COM — 22 Jan 2024

📡

Zloader: No Longer Silent in the Night

ZSCALER.COM — 22 Jan 2024

📡

Inventor Of The NTP Protocol Dies At 85

PACKETSTORMSECURITY.COM — 22 Jan 2024

📡

France Fines Yahoo 10 Million Euros Over Cookie Abuses

PACKETSTORMSECURITY.COM — 22 Jan 2024

📡

New NTLM Hash Leak Targets Outlook, Windows Programs

PACKETSTORMSECURITY.COM — 22 Jan 2024

📡

UK Expansion of Sophos Partnership with Cowbell

SOPHOS.COM — 22 Jan 2024

📡

DDoS Barrage Hits Monobank, Ukraine’s Largest Mobile Bank, in Unprecedented Attack

THECYBEREXPRESS.COM — 22 Jan 2024

📡

FTC orders Intuit to stop pushing "free" software that isn't really free

BLEEPINGCOMPUTER.COM — 22 Jan 2024

📡

Apple Updates Everything - New 0 Day in WebKit, (Mon, Jan 22nd)

ISC.SANS.EDU — 22 Jan 2024

📡

18X a Leader in Gartner Magic Quadrant for EPP

TRENDMICRO.COM — 22 Jan 2024

📡

18X a Leader in Gartner Magic Quadrant for EPP

TRENDMICRO.COM — 22 Jan 2024