MATLOCK.CA
102Articles
9Categories
2024-01-24Date
🚨
CISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2023-22527 Atlassian Confluence Data Center and Server Template Injection Vulnerability These types of vulnerabilities are frequent attack vectors f…
KEVCISA.GOV — Wed, 24 Jan 24 1
πŸ›
Patch Your GoAnywhere MFT Immediately - Critical Flaw Lets Anyone Be Admin
THEHACKERNEWS.COM — 24 Jan 2024
πŸ›
CVE-2024-0204: Fortra GoAnywhere MFT Authentication Bypass Deep-Dive
PACKETSTORMSECURITY.COM — 24 Jan 2024
πŸ›
Over 5,300 GitLab servers exposed to zero-click account takeover attacks
BLEEPINGCOMPUTER.COM — 24 Jan 2024
⚠️
Civilian cyber reserves gaining steam at the US federal and state levels
CSOONLINE.COM — 24 Jan 2024
⚠️
The Unknown Risks of The Software Supply Chain: A Deep-Dive
THEHACKERNEWS.COM — 24 Jan 2024
⚠️
The Mass Exploitation of Ivanti Connect Secure
CENSYS.COM — 24 Jan 2024
⚠️
Hackers Deploy Malicious npm Packages on GitHub to Steal SSH Keys
GBHACKERS.COM — 24 Jan 2024
⚠️
Poisoning AI Models
SCHNEIER.COM — 2024-01-24
⚠️
Go St*lk Yourself: Privacy Through OSINT w/ Mishaal Khan | 1-Hour
INFOSEC.PUB — 24 Jan 2024
⚠️
Tesla hacked, 24 zero-days demoed at Pwn2Own Automotive 2024
BLEEPINGCOMPUTER.COM — 24 Jan 2024
⚠️
How Bad User Interfaces Make Security Tools Harmful, (Wed, Jan 24th)
ISC.SANS.EDU — 24 Jan 2024
⚠️
Gen AI fuelled 2023 cyberattacks, evolution pushed remediation costs: report
CSOONLINE.COM — 24 Jan 2024
⚠️
PoC Code Published for Just-Disclosed Fortra GoAnywhere Vulnerability
SECURITYWEEK.COM — 24 Jan 2024
⚠️
Google Kubernetes Misconfig Lets Any Gmail Account Control Your Clusters
THEHACKERNEWS.COM — 24 Jan 2024
⚠️
Apple Patches iOS, macOS 0-Day That May Have Been Exploited
PACKETSTORMSECURITY.COM — 24 Jan 2024
⚠️
Pwn2Own Automotive: Hackers Earn Over $700k for Tesla, EV Charger, Infotainment Exploits
SECURITYWEEK.COM — 24 Jan 2024
⚠️
Mozilla Releases Security Updates for Thunderbird and Firefox
CISA.GOV — Wed, 24 Jan 24 1
⚠️
Group permission misconfiguration exposes Google Kubernetes Engine clusters
CSOONLINE.COM — 24 Jan 2024
⚠️
How the Sys:All Loophole Allowed Us To Penetrate GKE Clusters in Production
ORCA.SECURITY — 24 Jan 2024
⚠️
We Must Consider Software Developers a Key Part of the Cybersecurity Workforce
CISA.GOV — Wed, 24 Jan 24 1
⚠️
Fortra GoAnywhere MFT Flaw Grants Admin Access to Anyone
DATABREACHTODAY.CO.UK — 2024-01-24
⚠️
HPE: Russian hackers breached its security team’s email accounts
BLEEPINGCOMPUTER.COM — 24 Jan 2024
⚠️
SBOMs and Supply Chains - Allan Friedman - BTS #22
YOUTUBE.COM — 2024-01-24
⚠️
UK Mulls Rollout of New Software Vulnerability Rules
DATABREACHTODAY.CO.UK — 2024-01-24
⚠️
HPE Fingers Russian State Hackers for Email Hack
DATABREACHTODAY.CO.UK — 2024-01-24
πŸ“’
GoAnywhere MFT Critical Flaw Lets Anyone Be Admin
THEHACKERNEWS.COM — 24 Jan 2024
πŸ“’
BHIS Webcast: New Wave of Ransomware Attacks: How did this happen?
INFOSEC.PUB — 24 Jan 2024
πŸ“’
Venafi’s new offering to block unauthorized code across user environments
CSOONLINE.COM — 24 Jan 2024
πŸ“’
UK says AI will empower ransomware over the next two years
BLEEPINGCOMPUTER.COM — 24 Jan 2024
πŸ“’
Cisco security advisory (AV24-049)
CYBER.GC.CA — 2024-01-24
πŸ“’
Privacy Attacks in Federated Learning
NIST.GOV — 24 Jan 2024
πŸ“’
HHS Details New Cyber Performance Goals for Health Sector
DATABREACHTODAY.CO.UK — 2024-01-24
πŸ“’
What Smart CISOs and Mature Orgs Get That Others Don’t About Cyber Compliance with Matt Coose.
YOUTUBE.COM — 2024-01-24
πŸ“’
The near-term impact of AI on the cyber threat
NCSC.GOV.UK — 24 Jan 2024
πŸ”₯
Parrot TDS Injecting Malicious Redirect Scripts on Hacked Sites
GBHACKERS.COM — 24 Jan 2024
πŸ”₯
Top 12 Best Penetration Testing Companies & Services – 2024
GBHACKERS.COM — 24 Jan 2024
πŸ”₯
MavenGate Supply Chain Attack Let Attackers Hijack Java & Android Apps
GBHACKERS.COM — 24 Jan 2024
πŸ”₯
U.S., U.K., Australia Sanction Russian REvil Hacker Behind Medibank Breach
THEHACKERNEWS.COM — 24 Jan 2024
πŸ”₯
Cyber Security Today, Jan. 24, 2024 - The latest ransomware news and a controversy over alleged viruses in HP printer cartridges
CYBERSECURITYTODAY.LIBSYN.COM — 24 Jan 2024
πŸ”₯
US, UK, Australia Sanction Russian Man Over Ransomware Attack on Healthcare Insurer
SECURITYWEEK.COM — 24 Jan 2024
πŸ”₯
VexTrio a hub of Cyber attacks With Massive Criminal Affiliate Chain
GBHACKERS.COM — 24 Jan 2024
πŸ”₯
Trello API Abused to Link Email Addresses to 15 Million Accounts
BLEEPINGCOMPUTER.COM — 24 Jan 2024
πŸ”₯
Major US, UK Water Companies Hit by Ransomware
SECURITYWEEK.COM — 24 Jan 2024
πŸ”₯
Kasseika Ransomware Operators Launch BYOVD Attacks
TRENDMICRO.COM — 24 Jan 2024
πŸ”₯
Kasseika Ransomware Using BYOVD Trick to Disarms Security Pre-Encryption
THEHACKERNEWS.COM — 24 Jan 2024
πŸ”₯
Hackers Use SYSTEMBC Tool to Maintain Access to Compromised Network
GBHACKERS.COM — 24 Jan 2024
πŸ”₯
Jason’s Deli Says Customer Data Exposed in Credential Stuffing Attack
BLEEPINGCOMPUTER.COM — 24 Jan 2024
πŸ”₯
Beware of rogue chatbot hacking incidents
SECURITYINTELLIGENCE.COM — 24 Jan 2024
πŸ”₯
GitGot: GitHub Leveraged by Cybercriminals to Store Stolen Data
REVERSINGLABS.COM — 24 Jan 2024
πŸ”₯
What Microsoft's Latest Email Breach Says About This IT Security Heavyweight
PACKETSTORMSECURITY.COM — 24 Jan 2024
πŸ”₯
Major US, UK Water Companies Hit By Ransomware
PACKETSTORMSECURITY.COM — 24 Jan 2024
πŸ”₯
AI Rise Will Lead To Increase In Cyberattacks, GCHQ Warns
PACKETSTORMSECURITY.COM — 24 Jan 2024
πŸ”₯
Water Services Giant Veolia North America Hit by Ransomware Attack
BLEEPINGCOMPUTER.COM — 24 Jan 2024
πŸ”₯
Ransomware on Tap as Major Water Providers Fall Victim
DATABREACHTODAY.CO.UK — 2024-01-24
πŸ”₯
Global fintech firm EquiLend offline after recent cyberattack
BLEEPINGCOMPUTER.COM — 24 Jan 2024
πŸ”₯
37C3: how ethical hackers broke DRM on trains | Kaspersky official blog
KASPERSKY.COM — 24 Jan 2024
πŸ”₯
Watching the Watchdog: Learning from HHS' Grant Payment Mess
DATABREACHTODAY.CO.UK — 2024-01-24
πŸ”₯
North Korean Hackers Using AI in Advanced Cyberattacks
DATABREACHTODAY.CO.UK — 2024-01-24
πŸ•΅οΈ
Windows - Data Protection API - A journey into various DPAPI potential abuses from an offensive security perspective
TIERZEROSECURITY.CO.NZ — 24 Jan 2024
πŸ•΅οΈ
ISC Stormcast For Wednesday, January 24th, 2024 https://isc.sans.edu/podcastdetail/8822, (Wed, Jan 24th)
ISC.SANS.EDU — 24 Jan 2024
πŸ•΅οΈ
Amazon’s French Warehouses Fined Over Employee Surveillance
SECURITYWEEK.COM — 24 Jan 2024
πŸ•΅οΈ
Chrome 121 Patches 17 Vulnerabilities
SECURITYWEEK.COM — 24 Jan 2024
πŸ•΅οΈ
Cybersecurity Market Forecasts: AI, API, Adaptive Security, Insurance Expected to Soar
SECURITYWEEK.COM — 24 Jan 2024
πŸ•΅οΈ
Gen AI Expected to Bring Big Changes to Banking Sector
DATABREACHTODAY.CO.UK — 2024-01-24
πŸ•΅οΈ
Use of Generative AI Apps Jumps 400% in 2023, Signaling the Potential for More AI-Themed Attacks
KNOWBE4.COM — 24 Jan 2024
πŸ•΅οΈ
North Korean Threat Actor Targeting Cybersecurity Researchers With Spear Phishing Attacks
KNOWBE4.COM — 24 Jan 2024
πŸ•΅οΈ
Beyond the Hype β€” Where AI Can Shine in Security
PALOALTONETWORKS.COM — 24 Jan 2024
πŸ•΅οΈ
340,000 Jason’s Deli Customers Potentially Impacted by Credential Stuffing Attack
SECURITYWEEK.COM — 24 Jan 2024
πŸ•΅οΈ
Methodology: How we discovered over 18,000 API secret tokens
ESCAPE.TECH — 24 Jan 2024
πŸ•΅οΈ
CISO Conversations: The Legal Sector With Alyssa Miller at Epiq and Mark Walmsley at Freshfields
SECURITYWEEK.COM — 24 Jan 2024
πŸ•΅οΈ
Orca Flags Dangerous Google Kubernetes Engine Misconfiguration
SECURITYWEEK.COM — 24 Jan 2024
πŸ•΅οΈ
Israeli Startup Gets $5M Seed Capital to Tackle AI Security
SECURITYWEEK.COM — 24 Jan 2024
πŸ•΅οΈ
What are You Working on Wednesday
INFOSEC.PUB — 24 Jan 2024
πŸ•΅οΈ
Beware of Weaponized Office Documents that Deliver VenomRAT
GBHACKERS.COM — 24 Jan 2024
πŸ•΅οΈ
Roblox Game 'Hack-A-Cat' Now Part of the Free KnowBe4 Children’s Interactive Cybersecurity Activity Kit
KNOWBE4.COM — 24 Jan 2024
πŸ•΅οΈ
How Datawiza uses Microsoft Entra ID to help universities simplify access
MICROSOFT.COM — 24 Jan 2024
πŸ•΅οΈ
GSA Sparks Security Fears After Buying Risky Chinese Cameras
DATABREACHTODAY.CO.UK — 2024-01-24
πŸ•΅οΈ
NSPX30: A sophisticated AitM-enabled implant evolving since 2005
WELIVESECURITY.COM — 24 Jan 2024
πŸ•΅οΈ
NSPX30: A sophisticated AitM-enabled implant evolving since 2005
WELIVESECURITY.COM — 24 Jan 2024
🌐
VexTrio: The Uber of Cybercrime - Brokering Malware for 60+ Affiliates
THEHACKERNEWS.COM — 24 Jan 2024
πŸ“°
Sensor Intel Series: Top CVEs in December 2023
F5.COM — 24 Jan 2024
πŸ“°
Sensor Intel Series: Top CVEs in December 2023
F5.COM — 24 Jan 2024
πŸ“‘
Microsoft: Recent updates cause Sysprep Windows validation errors
BLEEPINGCOMPUTER.COM — 24 Jan 2024
πŸ“‘
What is Nudge Security and How Does it Work?
THEHACKERNEWS.COM — 24 Jan 2024
πŸ“‘
Splunk fixed high-severity flaw impacting Windows versions
SECURITYAFFAIRS.COM — 24 Jan 2024
πŸ“‘
Organizations Invest More in Data Protection But Recover Less
HELPNETSECURITY.COM — 24 Jan 2024
πŸ“‘
Windows 11 KB5034204 update fixes Bluetooth audio issues, 24 bugs
BLEEPINGCOMPUTER.COM — 24 Jan 2024
πŸ“‘
Google Pixel phones unusable after January 2024 system update
BLEEPINGCOMPUTER.COM — 24 Jan 2024
πŸ“‘
How to secure AD passwords without sacrificing end-user experience
BLEEPINGCOMPUTER.COM — 24 Jan 2024
πŸ“‘
Prompt Security wants to make GenAI safe for the enterprise
TECHCRUNCH.COM — 24 Jan 2024
πŸ“‘
Chrome 121 Patches 17 Vulnerabilities
PACKETSTORMSECURITY.COM — 24 Jan 2024
πŸ“‘
COVID-19 Testing Lab Accused Of Exposing 1.3 Million Records
PACKETSTORMSECURITY.COM — 24 Jan 2024
πŸ“‘
340,000 Jason's Deli Customers Hit By Credential Stuffing Attack
PACKETSTORMSECURITY.COM — 24 Jan 2024
πŸ“‘
Colorado Pastor Accused Of Multimillion Dollar Crypto Scheme
PACKETSTORMSECURITY.COM — 24 Jan 2024
πŸ“‘
Meta Has Not Done Enough To Safeguard Children, Whistleblower Says
PACKETSTORMSECURITY.COM — 24 Jan 2024
πŸ“‘
ACSC Engaging with Artificial Intelligence – Summary for Cyber Centre Website
CYBER.GC.CA — 2024-01-24
πŸ“‘
Engaging with Artificial Intelligence
CYBER.GC.CA — 2024-01-24
πŸ“‘
Windows 11 KB5034204 Update Fixes Bluetooth Audio Issues, 24 bugs
BLEEPINGCOMPUTER.COM — 24 Jan 2024
πŸ“‘
Global Retailer BuyGoods.com Leaks User PII, KYC data
HACKREAD.COM — 24 Jan 2024
πŸ“‘
SEC Twitter hack blamed on SIM swap attack
BITDEFENDER.COM — 24 Jan 2024
πŸ“‘
VexTrio TDS: Inside a massive 70,000-domain cybercrime operation
BLEEPINGCOMPUTER.COM — 24 Jan 2024