🚨 CISA KEV 1[−]
23 Jan KEVCISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2024-23222 Apple Multiple Products Type Confusion Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actor…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 5[−]
23 JanApple Issues Patch for Critical Zero-Day in iPhones, Macs - Update NowApple on Monday released security updates for iOS, iPadOS, macOS, tvOS, and Safari web browser to address a zero-day flaw that has come under active exploitation in the wild. The issue, tracked as CVE-2024-23222, is a type confusion bug that could be exploited by a threat actor t…THEHACKERNEWS.COM
23 Jan~40,000 Attacks in 3 Days: Critical Confluence RCE Under Active ExploitationMalicious actors have begun to actively exploit a recently disclosed critical security flaw impacting Atlassian Confluence Data Center and Confluence Server, within three days of public disclosure. Tracked as CVE-2023-22527 (CVSS score: 10.0), the vulnerability impacts out-of-dat…THEHACKERNEWS.COM
23 JanExploiting 0-click Android Bluetooth vulnerability to inject keystrokes without pairing (CVE-2023-45866)submitted by L4s to secops 1 points | 0 comments https://www.mobile-hacker.com/2024/01/23/exploiting-0-click-android-bluetooth-vulnerability-to-inject-keystrokes-without-pairing/ Exploiting 0-click Android Bluetooth vulnerability to inject keystrokes without pairing (CVE-2023-458…MOBILE-HACKER.COM
23 JanApple Issues Patch for Critical Zero-Day in iPhones, Macs - Update NowThe vulnerability, tracked as CVE-2024-23222, is a type confusion bug in the WebKit browser engine that could lead to arbitrary code execution when processing malicious web content.THEHACKERNEWS.COM
23 JanChinese cyberspies exploited critical VMware vCenter flaw undetected for 1.5 yearsIn October, VMware fixed a critical remote code execution vulnerability in its vCenter Server ( CVE-2023-34048 ) and Cloud Foundation enterprise products that are used to manage virtual machines across hybrid clouds. It has now come to light that a Chinese cyberespionage group ha…CSOONLINE.COM
⚠️ VULNERABILITY DISCLOSURE 22[−]
23 JanUpdate: Hackers Start Exploiting Critical Atlassian Confluence RCE FlawOrganizations with outdated Confluence instances should treat them as potentially compromised, look for signs of exploitation, perform a thorough cleanup, and update to a safe version to mitigate the risk.BLEEPINGCOMPUTER.COM
23 JanNews alert: Sternum and ChargePoint collaborate to enhance ChargePoint Home Flex SecurityTel Aviv, Israel – Jan. 23, 2024 — Sternum, the pioneer in embedded IoT security and observability, today announced enhanced security for the ChargePoint Home Flex. In a comprehensive research project, Sternum identified a potential vulnerability involving the reverse SSH &…LASTWATCHDOG.COM
23 JanOutlook Vulnerability Discovery and New Ways to Leak NTLM HashesAttackers can use stolen NTLM v2 hashes for offline brute-force attacks or authentication relay attacks, potentially compromising user accounts and gaining unauthorized access.VARONIS.COM
23 JanKasseika Ransomware Deploys BYOVD Attacks, Abuses PsExec and Exploits Martini DriverIn this blog, we detail our investigation of the Kasseika ransomware and the indicators we found suggesting that the actors behind it have acquired access to the source code of the notorious BlackMatter ransomware.TRENDMICRO.COM
23 Jan10 top cyber recovery providersSophisticated and novel attacks have required new classes of security tools that are designed to detect and prevent emerging and evolving threats. This is why cyber recovery is becoming more prevalent. A cyber response differs from the known disaster response in that it detects a…CSOONLINE.COM
23 JanMavenGate Attack Could Let Hackers Hijack Java and Android via Abandoned LibrariesThe attack method involves exploiting vulnerabilities in default build configurations and targeting abandoned libraries in public repositories through domain name purchases, making it difficult to detect and prevent.THEHACKERNEWS.COM
23 JanTrezor Support Site Breach Exposes Personal Data of 66,000 CustomersWhile no evidence of compromised digital assets has been found, 66,000 users' names, usernames, and email addresses may have been exposed. Unfortunately, attackers have exploited this data to trick some users into giving away their recovery seeds.BLEEPINGCOMPUTER.COM
23 JanSequoia backs Coana to help companies prioritise vulnerabilities using ‘code aware’ software analysiSilicon Valley venture capital (VC) juggernaut Sequoia is backing a fledgling Danish startup to build a next-gen software composition analysis (SCA) tool, one that promises to help companies filter through the noise and identify vulnerabilities that are a genuine threat. For cont…TECHCRUNCH.COM
23 JanIsrael, Czech Republic Reinforce Cyber Partnership Amid Hamas WarThe agreement will facilitate the sharing of information and experience between the Israel National Cyber Directorate and the Czech National Cyber and Information Security Agency, including the possibility of internships.DARKREADING.COM
23 JanSilverfort now valued at $1B after raising $116M for its holistic approach to identity securitySilverfort, the Israeli/U.S. startup, takes an all-in view when it comes to identity security in an organization. When it comes to potential breaches, people, machines, clouds, legacy and new apps can all be targets, and they can be exploited at any of the many points where they …TECHCRUNCH.COM
23 JanHigh-Severity Vulnerability Patched in Splunk EnterpriseThe latest Splunk Enterprise releases patch multiple vulnerabilities, including a high-severity flaw in the Windows version. The post High-Severity Vulnerability Patched in Splunk Enterprise appeared first on SecurityWeek .SECURITYWEEK.COM
23 JanFortra warns of new critical GoAnywhere MFT auth bypass, patch nowFortra is warning of a new authentication bypass vulnerability impacting GoAnywhere MFT (Managed File Transfer) versions before 7.4.1 that allows an attacker to create a new admin user. [...]BLEEPINGCOMPUTER.COM
23 JanApple Releases Security Updates for Multiple ProductsApple has released security updates for iOS and iPadOS, macOS, watchOS, and tvOS. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Apple security release and apply the ne…CISA.GOV
23 JanDealing with the Burden of Bad Bots - Sandy Carielli - ASW #270Where apps provide something of value, bots are sure to follow. Modern threat models need to include scenarios for bad bots that not only target user credentials, but that will also hoard inventory and increase fraud. Sandy shares her recent research as we talk about bots, API se…YOUTUBE.COM
23 JanCISA Releases Six Industrial Control Systems AdvisoriesCISA released six Industrial Control Systems (ICS) advisories on January 23, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-023-01 APsystems Energy Communication Unit (ECU-C) Power Control So…CISA.GOV
23 JanUpdate on Atlassian Exploit Activity , (Tue, Jan 23rd)Exploit activity against Atlassian Confluence servers has exploded since we first discussed it yesterday. The combination of a simple-to-exploit vulnerability and a potential set of high-value targets makes this an ideal vulnerability for many attackers.
ISC.SANS.EDU
23 JanVulnerabilities in Lamassu Bitcoin ATMs Can Allow Hackers to Drain WalletsHackers could exploit Lamassu Douro ATM vulnerabilities to take over devices, steal bitcoin from users. The post Vulnerabilities in Lamassu Bitcoin ATMs Can Allow Hackers to Drain Wallets appeared first on SecurityWeek .SECURITYWEEK.COM
23 JanWater services giant Veolia North America hit by ransomware attackVeolia North America, a subsidiary of transnational conglomerate Veolia, disclosed a ransomware attack that impacted systems part of its Municipal Water division and disrupted its bill payment systems. [...]BLEEPINGCOMPUTER.COM
23 JanCISA Joins ACSC-led Guidance on How to Use AI Systems SecurelyCISA has collaborated with the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) on Engaging with Artificial Intelligence —joint guidance, led by ACSC, on how to use AI systems securely. The following organizations also collaborated with ACSC on the g…CISA.GOV
23 JanExploit released for Fortra GoAnywhere MFT auth bypass bugExploit code is now available for a critical authentication bypass vulnerability in Fortra's GoAnywhere MFT (Managed File Transfer) software that allows attackers to create new admin users on unpatched instances via the administration portal. [...]BLEEPINGCOMPUTER.COM
📢 SECURITY ADVISORIES 10[−]
23 JanAustralian government names and issues sanctions on individual linked to Medibank data breachThe Australian federal government has revealed Russian citizen “and cybercriminal” Aleksandr Ermakov is linked to the Medibank Private data breach that saw PII and critical medical information of Australian citizens and international students leaked on the dark web. Department of…CSOONLINE.COM
23 JanBreachForums Founder Sentenced to 20 Years of Supervised Release, No Jail TimeConor Brian Fitzpatrick has been sentenced to time served and 20 years of supervised release for his role as the creator and administrator of BreachForums. Fitzpatrick, who went by the online alias "pompompurin," was arrested in March 2023 in New York and was subsequently charged…THEHACKERNEWS.COM
23 JanLack of Understanding, Underfunding Threaten Data Privacy & ComplianceA lack of understanding combined with budgetary squeezes are significant obstacles for organization's navigating data privacy and compliance with data protection laws, according to industry body ISACA.INFOSECURITY-MAGAZINE.COM
23 JanWindows 10 KB5034203 preview update adds EU DMA complianceMicrosoft has released the January 2024 preview update for Windows 10, version 22H2, which adds Digital Markets Act (DMA) compliance in the European Economic Area (EEA) to allow European users to uninstall all apps in Windows by March 6. [...]BLEEPINGCOMPUTER.COM
23 JanCISA's Jen Easterly Confirms 'Harrowing' Swatting AttackUS Cyber Agency Director Is Latest High-Profile Target of Dangerous Swatting Attack The director of the U.S. Cybersecurity and Infrastructure Security Agency confirmed she was the apparent target of a swatting attack in which police responded to false calls of a shooting at her V…DATABREACHTODAY.CO.UK
🔥 INCIDENT REPORTING 28[−]
23 JanAustralia Sanctions Russian it Says Hacked Health InsurerAustralia has used its significant cyber incidents sanctions regime for the first time against a Russian individual named Aleksandr Gennadievich Ermakov, who is linked to the 2022 cyber attack on health insurer Medibank Private.THEREGISTER.COM
23 JanHackers Abusing LSASS Process Memory to Exfiltrate Login CredentialsThreat actors have been using several methods for credential stealing, which varies based on the environment and infrastructure of the system. Most of the time, the threat actors dump the LSASS process to extract the account credentials. For this, tools such as Mimikatz, which of…GBHACKERS.COM
23 JanFinland: Prosecutors Add to Evidence Against Alleged Vastaamo HackerProsecutors have traced the cryptocurrency wallet used for extortion to the bank account of Aleksanteri Kivimäki, the accused in the psychotherapy clinic data breach case.BANKINFOSECURITY.COM
23 JanNS-STEALER Uses Discord Bots to Exfiltrate Your Secrets from Popular BrowsersThe malware exfiltrates sensitive information including screenshots, cookies, autofill credentials, system info, installed programs, tokens, and sessions, and uploads the collected data to a Discord bot channel.THEHACKERNEWS.COM
23 JanSEC X Account was Hacked Using SIM Swapping MethodIn a brazen act of digital deception, the U.S. Securities and Exchange Commission’s (SEC) official Twitter account, @SECGov, was compromised on January 9th, 2024. This wasn’t just a prank; it sent shockwaves through the financial world, momentarily igniting a fr…GBHACKERS.COM
23 JanSEC Says X Account Hacked via SIM SwappingSEC says hackers used SIM swapping to take over its X (formerly Twitter) account on January 9. The post SEC Says X Account Hacked via SIM Swapping appeared first on SecurityWeek .SECURITYWEEK.COM
23 JanRussian Hackers Suspected of Sweden CyberattackSwedish government agencies and shops were disrupted by a ransomware attack believed to have been carried out by Russian hackers. The post Russian Hackers Suspected of Sweden Cyberattack appeared first on SecurityWeek .SECURITYWEEK.COM
23 JanSubway Sandwich Chain Investigating Ransomware Group’s ClaimsThe LockBit ransomware group claims to have stolen hundreds of gigabytes of data from US sandwich chain Subway. The post Subway Sandwich Chain Investigating Ransomware Group’s Claims appeared first on SecurityWeek .SECURITYWEEK.COM
23 JanHistoric Data Leak Reveals 26 Billion Records From Tencent, Weibo, Twitter, Adobe, and OthersThe leaked information spans across various companies, organizations, and government agencies globally. The potential impact on consumers is significant, as the leaked data could be used for credential-stuffing attacks and spear-phishing.SECURITYAFFAIRS.COM
23 JanNorth Korean ScarCruft Attackers Gear Up to Target Cybersecurity ProfessionalsThe group is testing innovative infection routines that use technical threat research on another North Korean APT group, Kimsuky, as a lure, indicating a new approach to their cyberattacks.DARKREADING.COM
23 JanAustralia sanctions REvil hacker behind Medibank data breachThe Australian government has announced sanctions for Aleksandr Gennadievich Ermakov, a Russian national considered responsible for the 2022 Medibank hack and a member of the REvil ransomware group. [...]BLEEPINGCOMPUTER.COM
23 JanAircraft Lessor AerCap Confirms Ransomware AttackAerCap confirms ransomware attack after emerging cybercrime gang lists the company on its leak website. The post Aircraft Lessor AerCap Confirms Ransomware Attack appeared first on SecurityWeek .SECURITYWEEK.COM
23 JanCato Networks launches new SASE-powered XDR offeringCato Networks has announced an expansion of its secure access service edge (SASE) cloud platform to include a threat detection and incident response offering, Cato extended detection and response (XDR). Combining its existing SASE functionalities with a new endpoint protection pl…CSOONLINE.COM
23 JanMalicious NPM Packages Exfiltrate Hundreds of Developer SSH Keys via GitHubTwo malicious packages discovered on the npm package registry have been found to leverage GitHub to store Base64-encrypted SSH keys stolen from developer systems on which they were installed. The modules named warbeast2000 and kodiak2k were published at the st…THEHACKERNEWS.COM
23 JanCyberheistNews Vol 14 #04 'Swatting' Becomes the Latest Extortion Tactic in Ransomware AttacksKNOWBE4.COM
23 JanUpdate: LoanDepot Says 16.6 Million Customers had ‘Sensitive Personal’ Information Stolen in CyberattackThe company is working to restore normal business operations, but many online services remain inaccessible even after two weeks. It is still uncertain whether the cyber incident will have a significant impact on LoanDepot's financial condition.TECHCRUNCH.COM
23 JanThreat Assessment of BianLian RansomwareThe BianLian ransomware group has shifted from a double extortion scheme to a focus on extortion without encryption, posing a significant threat to organizations, particularly in the healthcare and manufacturing sectors in the US and Europe.UNIT42.PALOALTONETWORKS.COM
23 JanJason’s Deli says customer data exposed in credential stuffing attackJason's Deli is warning of a data breach in notifications sent to customers of its online platform stating that their personal data was exposed in credential stuffing attacks. [...]BLEEPINGCOMPUTER.COM
23 JanSlug Ransomware Attacked AerCap, Claims to Have Stolen 1TB DataAerCap, the world's largest aircraft leasing company, reported a ransomware infection. However, it claims to have not suffered financial losses and has control over its systems.THEREGISTER.COM
23 JanUS sanctions Russian citizen accused of playing key role in Medibank ransomware attackThe U.S. government sanctioned a Russian national for allegedly playing a “pivotal role” in the ransomware attack against Australian health insurance giant Medibank that exposed the sensitive information of almost 10 million patients. 33-year-old Alexander Ermakov, who has also b…TECHCRUNCH.COM
23 JanBlack Basta Gang Claims the Hack of the UK Water Utility Southern WaterThe Black Basta ransomware gang targeted the UK water utility Southern Water, threatening to leak 750 gigabytes of stolen sensitive data, including personal and corporate documents.SECURITYAFFAIRS.COM
23 JanHackers Used SIM Swapping to Breach US SEC X AccountHackers Spread Fake News About SEC Approving Spot Bitcoin Exchange-Traded Fund It wasn't a sophisticated hack on Jan. 9 that allowed hackers to briefly take control of an official U.S. Securities and Exchange Commission social media account, the agency said Monday. The hackers si…DATABREACHTODAY.CO.UK
23 JanKasseika ransomware uses antivirus driver to kill other antivirusesA recently uncovered ransomware operation named 'Kasseika' has joined the club of threat actors that employs Bring Your Own Vulnerable Driver (BYOVD) tactics to disable antivirus software before encrypting files. [...]BLEEPINGCOMPUTER.COM
23 JanUnprecedented Cybersecurity Alert: 26 Billion Records Exposed in Mega Data BreachCybernews just reported: In what appears to be a digital tsunami, a colossal data breach has surfaced, unveiling a staggering 26 billion records – a figure that's hard to even fathom.KNOWBE4.COM
23 JanAustralia, US, UK Sanction Russian Over 2022 Medibank BreachGovernments Accuse Aleksandr Ermakov and REvil of Being Medibank Hackers The United States, Australia and the United Kingdom sanctioned a Russian man the governments say was behind the October 2022 hacking of Medibank, Australia's largest private health insurer. The attack was a …DATABREACHTODAY.CO.UK
23 JanUS, UK, Australia sanction REvil hacker behind Medibank data breachThe Australian government has announced sanctions for Aleksandr Gennadievich Ermakov, a Russian national considered responsible for the 2022 Medibank hack and a member of the REvil ransomware group. [...]BLEEPINGCOMPUTER.COM
23 JanUK Intelligence Agency Warns of Mounting AI CyberthreatBritish Lawmakers Call on Government to Boost Protections From AI Scams Generative artificial intelligence-enabled ransomware and nation-state hacks in the United Kingdom are "almost certainly" likely to surge after this year, the National Cyber Security Center warned. And Britis…DATABREACHTODAY.CO.UK
🕵️ THREAT INTELLIGENCE 22[−]
23 Jan15M Trello accounts have been leakedsubmitted by Blaze to securitynews 5 points | 0 comments https://lemy.lol/pictrs/image/5c1ce03a-7509-45fb-a588-e59612a35bce.jpeg cross-posted from: lemy.lol/post/18411383 I just got the email from haveibeenpwned. F Trello.LEMY.LOL
23 JanISC Stormcast For Tuesday, January 23rd, 2024 https://isc.sans.edu/podcastdetail/8820, (Tue, Jan 23rd)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
23 JanSSH3 – Faster & Rich Secure Shell Using HTTP/3SSH or Secure Shell is a cryptographic network protocol that enables secure communication and remote access over an unsecured network. This network protocol is widely used for secure command-line login, file transfers, and tunneling of other protocols. It provides a secure …GBHACKERS.COM
23 JanF5 Names Samir Sherif as New CISOF5 names Samir Sherif as Chief Information Security Officer (CISO), taking over the role from Gail Coury who will retire March 1st. The post F5 Names Samir Sherif as New CISO appeared first on SecurityWeek .SECURITYWEEK.COM
23 JanA Sanction Has Been Imposed on a Hacker Who Released Australian Health Insurer Client DataRussian national sanctioned by the Australian government for his role in the Medibank attack impacting more than 10 million Australians. The post A Sanction Has Been Imposed on a Hacker Who Released Australian Health Insurer Client Data appeared first on SecurityWeek .SECURITYWEEK.COM
23 JanSide Channels Are CommonReally interesting research: “ Lend Me Your Ear: Passive Remote Physical Side Channels on PCs .” Abstract: We show that built-in sensors in commodity PCs, such as microphones, inadvertently capture electromagnetic side-channel leakage from ongoing computation. Moreove…SCHNEIER.COM
23 JanThe Secure Developer Podcast - Generative AI, Security, And Predictions For 2024 - 1:06 hourssubmitted by ashar to security_cpe 1 points | 0 comments https://infosec.pub/pictrs/image/64018d76-3af9-48b7-81a0-ccd0e3e21396.png The Secure Developer Podcast - Generative AI, Security, And Predictions For 2024 In this engaging episode, hosts Simon Maple and Guy Podjarny delve i…INFOSEC.PUB
23 JanIdentity Security Firm Silverfort Lands $116 Million InvestmentIsraeli late-stage startup Silverfort raises a whopping $116 million in new financing to scale its ambitions in the identity security space. The post Identity Security Firm Silverfort Lands $116 Million Investment appeared first on SecurityWeek .SECURITYWEEK.COM
23 JanDoppel Secures $14M for AI-Powered Brand Protection TechnologySan Francisco startup banks $14 million in Series A funding led by prominent venture capital outfit Andreesen Horowitz (a16z). The post Doppel Secures $14M for AI-Powered Brand Protection Technology appeared first on SecurityWeek .SECURITYWEEK.COM
23 JanNew Malware Hidden In PyPI Packages Attacking Windows & Linux MachinesA PyPI malware author identified as “WS” was discovered by researchers to be covertly uploading malicious packages to PyPI that were impacting both Windows and Linux devices. Over time, the malware author distributes multiple information-stealing packages into the PyP…GBHACKERS.COM
23 JanNorth Korean Hackers Attacking Cybersecurity Professionals to Steal Threat Research ReportsHackers target cybersecurity professionals as successfully compromising their systems or gaining access to their credentials provides a gateway to valuable information and tools. Besides this, gaining control over cybersecurity professionals’ systems could be a strategic mo…GBHACKERS.COM
23 JanSilverfort Plans Platform Expansion With $116M Funding RoundIsrael-Based Cybersecurity Startup Announces Impressive Series D Fundraising Haul Silverfort, the Israel-based cybersecurity startup that claims to have built "the world's first unified identity threat protection platform," announced an impressive fundraising haul that the CEO to…DATABREACHTODAY.CO.UK
23 JanVexTrio: The Uber of Cybercrime - Brokering Malware for 60+ AffiliatesThe threat actors behind ClearFake, SocGholish, and dozens of other actors have established partnerships with another entity known as VexTrio as part of a massive "criminal affiliate program," new findings from Infoblox reveal. The latest development demonstrates the "b…THEHACKERNEWS.COM
23 JanCloud Security Staffing in a Hybrid World – It Can Be Done! - Larry Lidz - CSP #158Over the course of two years, and during the pandemic, we established a new security team and grew that team from five cloud security people to over eighty. What was our talent strategy to enable that rapid growth, how did we find the right talent in a tight market, and what did …YOUTUBE.COM
23 JanAI Testing Startup RagaAI Emerges From Stealth With $4.7M in Seed FundingAI testing platform RagaAI raises $4.7 million in seed funding to help identify AI issues and improve security and reliability. The post AI Testing Startup RagaAI Emerges From Stealth With $4.7M in Seed Funding appeared first on SecurityWeek .SECURITYWEEK.COM
23 JanSecurity in Wrenches, Vulns in Atlassian and GitLab, 2023's Top Web Hacking Tricks - ASW #270Vulns throw a wrench in a wrench, more vulns drench Atlassian, vulns send GitLab back to the design bench, voting for the top web hacking techniques of 2023, and more! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw…YOUTUBE.COM
23 JanNews alert: NCA’s Data Privacy Week webinars highlight data protection for consumers, businessesWashington D.C. Jan. 22, 2024 – Today, the National Cybersecurity Alliance (NCA) , announced the program for its third annual Data Privacy Week campaign, which will take place from January 22nd to January 27th. Throughout the week, NCA will emphasize … (more…)LASTWATCHDOG.COM
23 JanRoboJoe, Apple, VMWARE, AI, Confluence, Scarcruft, Microsoft, Jason Wood, and More - SWN #356RoboJoe, Apple, VMWARE, AI Vision, Confluence, Scarcruft, Microsoft, Jason Wood, and more on this Edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-356YOUTUBE.COM
23 JanMalicious Traffic Distribution System Spotted by ResearchersCybercrime Groups Hire VexTrio to Help Route Victims to Their Malicious Content As if the cybercrime ecosystem wasn't already damaging enough, security researchers have discovered a malicious traffic broker named VexTrio, which affiliates hire to route victims to their malicious …DATABREACHTODAY.CO.UK
23 JanCybercrime’s Silent Operator: The Unraveling of VexTrio’s Malicious Network EmpireVexTrio is a traffic direction system (TDS) with more than 60 affiliates feeding an unknown number of malicious campaigns. The post Cybercrime’s Silent Operator: The Unraveling of VexTrio’s Malicious Network Empire appeared first on SecurityWeek .SECURITYWEEK.COM
23 JanAI Automation Won't Steal All Jobs, for NowStudy Looks at Impact of AI on Tasks Requiring Visual Processing Artificial intelligence may not steal our jobs just yet, but only because humans are currently cheaper to employ. Many of the human jobs that could be replaced with AI are not "economically beneficial" to automate -…DATABREACHTODAY.CO.UK
23 JanMedical Lab Database Exposed 1.3M Records, COVID Test InfoResearcher Reported Configuration Issue to Cloud Vendor After Lab Failed to Respond An unsecured database appearing to belong to a Netherlands-based medical laboratory exposed 1.3 million records on the internet, including COVID test results and other personal identifiable inform…DATABREACHTODAY.CO.UK
🌐 CYBER THREAT LANDSCAPE 3[−]
23 JanNew Chae$ 4.1 Malware Hides in Driver DownloadsThe infection chain begins with deceptive emails and websites, ultimately leading to the activation of the Chae$ 4.1 malware, highlighting the importance of cautious online behavior.HACKREAD.COM
23 JanFrom Megabits to Terabits: Gcore Radar Warns of a New Era of DDoS AttacksAs we enter 2024, Gcore has released its latest Gcore Radar report, a twice-annual publication in which the company releases internal analytics to track DDoS attacks. Gcore’s broad, internationally distributed network of scrubbing centers allows them to follow attack trends over …THEHACKERNEWS.COM
23 Jan"Activator" Alert: MacOS Malware Hides in Cracked Apps, Targeting Crypto WalletsCracked software have been observed infecting Apple macOS users with a previously undocumented stealer malware capable of harvesting system information and cryptocurrency wallet data. Kaspersky, which identified the artifacts in the wild, said they are designed to targe…THEHACKERNEWS.COM
📡 INFOSEC NEWS 15[−]
23 JanBulletproof Hosting: A Critical Cybercriminal ServiceBulletproof hosting (BPH) providers operate in a complex and persistent manner, making it challenging for defenders to permanently shut them down. Blocking BPH providers can effectively disrupt malicious activities early in the kill chain.INTEL471.COM
23 JanThai Court Blocks 9near.org to Avoid Exposure of 55M CitizensThe Criminal Court in Thailand has ordered the blocking of the website 9near.org, which claimed to have accessed the personal information of 55 million Thai citizens from vaccine registration records.INFOSECURITY-MAGAZINE.COM
23 JanInfo Stealing Packages Hidden in PyPIMalicious Python packages on PyPI, such as nigpal, figflix, and seGMM, have been identified, with payloads designed to steal sensitive information from victims' devices, particularly targeting Windows users.FORTINET.COM
23 JanSEC Says X Account Hack was Due to SIM SwappingThe Securities and Exchange Commission (SEC) experienced an account takeover on Twitter due to a SIM swap attack, where the unauthorized party gained control of the SEC's cell phone number.THERECORD.MEDIA
23 JanKaspersky Standard wins Product of the Year award from AV-Comparatives | Kaspersky official blogIndependent testing lab AV-Comparatives named Kaspersky Standard a Product of the Year after seven rounds of tests carried out in 2023.KASPERSKY.COM
23 JanNew Method To Safeguard Against Mobile Account TakeoversThe method involves modeling how account access changes as devices, SIM cards, or apps are disconnected from the account ecosystem, providing insights into complex hacking attacks.HELPNETSECURITY.COM
23 Jan‘De-Googled’ smartphone company Murena launches own-brand mobile networkMurena, a French startup that sells “de-Googled” smartphones replete with its own flavor of Android, is launching an own-brand mobile network as it throws its hat into the fast-growing mobile virtual network operator (MVNO) ring. Murena Mobile, as the new service is c…TECHCRUNCH.COM
23 JaniPhone users should turn on Apple’s stolen device protection featureApple released a new version of iOS yesterday with a handful of new features, such as collaborative playlists in Apple Music and a new Unity wallpaper for Black History Month. Another interesting new feature in iOS 17.3 is something called stolen device protection. It is disabled…TECHCRUNCH.COM
23 JanClerk, the authentication startup, lands $30M and inks a strategic deal with StripeClerk, a startup creating a suite of embeddable UIs, APIs and admin dashboards that app developers can use to authenticate and manage users, has raised $30 million in a Series B round led by CRV with participation from Stripe, Andreessen Horowitz and Madrona. The proceeds bring C…TECHCRUNCH.COM
23 JanImportant Sophos Firewall product newsZTNA, Sophos Central, DNS protection, and more.SOPHOS.COM
23 JanX adds passkeys support for iOS users in the United StatesX, formerly Twitter, announced today that iOS users in the United States can now log into their accounts using passkeys. [...]BLEEPINGCOMPUTER.COM
23 JanTrello API abused to link email addresses to 15 million accountsAn exposed Trello API allows linking private email addresses with Trello accounts, enabling the creation of millions of data profiles containing both public and private information. [...]BLEEPINGCOMPUTER.COM
23 JanBreak the fake: The race is on to stop AI voice cloning scamsAs AI-powered voice cloning turbocharges imposter scams, we sit down with ESET’s Jake Moore to discuss how to hang up on ‘hi-fi’ scam calls – and what the future holds for deepfake detectionWELIVESECURITY.COM