🐛 COMMON VULNERABILITIES AND EXPOSURES 5[−]
26 JanCritical Cisco Flaw Lets Hackers Remotely Take Over Unified Comms SystemsCisco has released patches to address a critical security flaw impacting Unified Communications and Contact Center Solutions products that could permit an unauthenticated, remote attacker to execute arbitrary code on an affected device. Tracked as CVE-2024-20253 (CVSS s…THEHACKERNEWS.COM
26 JanArbitrary file execution vulnerability in Jenkins CICD CLIsubmitted by aev to cybersecurity 1 points | 0 comments https://github.com/gquere/pwn_jenkins/blob/master/README.md#jenkins-cli-arbitrary-read-cve-2024-23897-applies-to-versions-below-2442-and-lts-24263 pentesting, cybersecurity, cveGITHUB.COM
26 JanHackers Target WordPress Database Plugin Active on One Million SitesThe vulnerability, tracked as CVE-2023-6933, allows unauthenticated attackers to inject a PHP object, potentially leading to code execution, data access, file manipulation, or denial of service.BLEEPINGCOMPUTER.COM
26 JanCVE-2024-21336 Microsoft Edge (Chromium-based) Spoofing VulnerabilityInformation published.MSRC.MICROSOFT.COM
26 JanCisco patches critical vulnerability in Unified Communications productsCisco fixed a critical flaw this week that affects multiple Unified Communications and Contact Center Solutions products and could be exploited remotely by unauthenticated attackers to execute arbitrary code on impacted devices. Medium severity vulnerabilities have also been patc…CSOONLINE.COM
⚠️ VULNERABILITY DISCLOSURE 18[−]
26 JanHackers Earn $1.3M for Tesla, EV Charger, Infotainment Exploits at Pwn2Own AutomotiveParticipants have earned more than $1.3 million for hacking Teslas, EV chargers and infotainment systems at Pwn2Own Automotive. The post Hackers Earn $1.3M for Tesla, EV Charger, Infotainment Exploits at Pwn2Own Automotive appeared first on SecurityWeek .SECURITYWEEK.COM
26 JanTesla Hacked, 24 Zero-Days Demoed at Pwn2Own Automotive 2024The Synacktiv Team earned $100,000 for chaining three zero-day bugs to gain root permissions on a Tesla Modem and an additional $120,000 for hacking other EV charging stations.BLEEPINGCOMPUTER.COM
26 JanUK Mulls Rollout of New Software Vulnerability RulesThe U.K. government is considering implementing voluntary rules for software vendors to disclose vulnerabilities in their systems. This initiative follows successful hacks targeting the country's infrastructure.BANKINFOSECURITY.COM
26 JanWatching the Watchdog: Learning from HHS' Grant Payment MessThe U.S. Department of Health and Human Services (HHS) lost $7.5 million in a cyberattack last year, leading to speculation about the hacking methods used. The incident was not publicly disclosed by HHS.BANKINFOSECURITY.COM
26 JanTop cybersecurity M&A deals for 2024Cybersecurity continues to remain one of the biggest concerns in global information technology in 2024 following a year that saw security incidents continue to grow at an alarming rate. After cybersecurity mergers and acquisitions dropped more than 18 % in 2023 over the prior yea…CSOONLINE.COM
26 JanCritical Jenkins Vulnerability Leads to Remote Code ExecutionA critical vulnerability in Jenkins’ built-in CLI allows remote attackers to obtain cryptographic keys and execute arbitrary code. The post Critical Jenkins Vulnerability Leads to Remote Code Execution appeared first on SecurityWeek .SECURITYWEEK.COM
26 JanZero-day, supply-chain attacks drove data breach high for 2023A new record for data breaches reported to the Identity Theft Resource Center (ITRC) was set in 2023, spurred by zero-day and supply chain attacks , according to the organization’s annual data breach report released Thursday. The report noted that the number of data compromises i…CSOONLINE.COM
26 JanPwn2Own Automotive: $1.3M for 49 zero-days, Tesla hacked twiceThe first edition of Pwn2Own Automotive has ended with competitors earning $1,323,750 for hacking Tesla twice and demoing 49 zero-day bugs in multiple electric car systems between January 24 and January 26. [...]BLEEPINGCOMPUTER.COM
26 JanUS Data Compromises Surged to Record High in 2023The number of data compromises in the U.S. reached a record high in 2023, impacting over 353 million victims, with a 78% increase from the previous year, according to the Identity Theft Resource Center’s annual data breach report.CYBERSECURITYDIVE.COM
26 JanPakistan-based Threat Actor Targets Indians with Fake Loan Android ApplicationThese actors create fake loan apps, obtain personal details through a KYC process, and then extort money by threatening to distribute manipulated photos. The apps exploit minimal permissions to avoid detection.CYFIRMA.COM
26 JanCritical Cisco Flaw Lets Hackers Remotely Take Over Unified Comms SystemsAdmins are advised to implement access control lists (ACLs) as a mitigation strategy and evaluate their impact before deployment, while Cisco is not aware of any public announcements or malicious use of the vulnerability.BLEEPINGCOMPUTER.COM
26 JanAuthentication bypass exploit in GoAnywhere MFT | Kaspersky official blogAn exploit has emerged for a critical vulnerability that allows attackers to bypass authentication in Fortra GoAnywhere MFT, a managed file transfer software.KASPERSKY.COM
26 JanMicrosoft threat report: Russian actors seize on Ukraine war fatigueAs Russia’s war on Ukraine stretches on, Microsoft is closely monitoring the situation to gather relevant threat intelligence. We then use this visibility to share information across our customer base and the broader security ecosystem to help increase global awareness and enhanc…CSOONLINE.COM
26 JanGuidance: Assembling a Group of Products for SBOMToday, CISA published Guidance on Assembling a Group of Products created by the Software Bill of Materials (SBOM) Tooling & Implementation Working Group, one of the five SBOM community-driven workstreams facilitated by CISA. CISA’s community-driven working groups publish docu…CISA.GOV
26 JanHow a mistakenly published password exposed Mercedes-Benz source codeMercedes-Benz accidentally exposed a trove of internal data after leaving a private key online that gave “unrestricted access” to the company’s source code, according to the security research firm that discovered it. Shubham Mittal, co-founder and chief technology officer of RedH…TECHCRUNCH.COM
26 JanRole of Wazuh in building a robust cybersecurity architectureLeveraging open source solutions and tools to build a cybersecurity architecture offers organizations several benefits. Learn more from Wazuh about the benefits of open source solutions. [...]BLEEPINGCOMPUTER.COM
26 JanNSA is buying Americans’ internet browsing records without a warrantThe U.S. National Security Agency is buying vast amounts of commercially available web browsing data on Americans without a warrant, according to the agency’s outgoing director. NSA director Gen. Paul Nakasone disclosed the practice in a letter to Sen. Ron Wyden, a privacy …TECHCRUNCH.COM
📋 SECURITY BULLETINS 3[−]
26 JanChinese Hackers Hijack Software Updates to Install Malware Since 2005In order to obtain unauthorized access and control, hackers take advantage of software vulnerabilities by manipulating updates. By corrupting the updates, hackers can disseminate malware, compromise user data, and build backdoors for future attacks. This enables hackers to compro…GBHACKERS.COM
26 JanElusive Chinese Cyberspy Group Hijacks Software Updates to Deliver MalwareThe China-linked cyberespionage group Blackwood has been caught delivering malware to entities in China and Japan. The post Elusive Chinese Cyberspy Group Hijacks Software Updates to Deliver Malware appeared first on SecurityWeek .SECURITYWEEK.COM
26 JanBlackwood hijacks software updates to deploy NSPX30 – Week in security with Tony AnscombeThe previously unknown threat actor used the implant to target Chinese and Japanese companies, as well as individuals in China, Japan, and the UKWELIVESECURITY.COM
📢 SECURITY ADVISORIES 7[−]
26 JanMalicious Ads on Google Target Chinese Users with Fake Messaging AppsChinese-speaking users have been targeted by malicious Google ads for restricted messaging apps like Telegram as part of an ongoing malvertising campaign. "The threat actor is abusing Google advertiser accounts to create malicious ads and pointing them to pages where unsuspecting…THEHACKERNEWS.COM
26 JanWestermo Switch Vulnerabilities Can Facilitate Attacks on Industrial OrganizationsCISA informs organizations that Westermo Lynx switches are affected by eight vulnerabilities and some devices are reportedly exposed to the internet. The post Westermo Switch Vulnerabilities Can Facilitate Attacks on Industrial Organizations appeared first on SecurityWeek .SECURITYWEEK.COM
26 JanIn Other News: Secure Use of AI, HHS Hacking, CISA Director SwattingNoteworthy stories that might have slipped under the radar: guidance on secure use of AI, HHS grant money stolen by hackers, CISA director target of swatting. The post In Other News: Secure Use of AI, HHS Hacking, CISA Director Swatting appeared first on SecurityWeek .SECURITYWEEK.COM
26 JanUkraine: Hack wiped 2 petabytes of data from Russian research centerThe Main Intelligence Directorate of Ukraine's Ministry of Defense claims that pro-Ukrainian hacktivists breached the Russian Center for Space Hydrometeorology, aka "planeta" (планета), and wiped 2 petabytes of data. [...]BLEEPINGCOMPUTER.COM
26 JanCISA Aiming to Improve SBOM Implementation With New GuidanceUS Cyber Agency Issues Step-by-Step Guide to Build Software Bills of Materials The U.S. Cybersecurity and Infrastructure Security Agency is aiming to improve the implementation of software bills of materials across the public and private sectors as experts warn that a failure to …DATABREACHTODAY.CO.UK
🔥 INCIDENT REPORTING 18[−]
26 JanMicrosoft Warns of Widening APT29 Espionage Attacks Targeting Global OrgsMicrosoft on Thursday said the Russian state-sponsored threat actors responsible for a cyber attack on its systems in late November 2023 have been targeting other organizations and that it's currently beginning to notify them. The development comes a day after Hewlett P…THEHACKERNEWS.COM
26 JanStolen Crypto Falls in 2023, but Hacking Remains a ThreatThe total value stolen from DeFi protocols decreased significantly in 2023, marking a 63.7% drop compared to the previous year, despite an increase in the number of individual hacking incidents.CHAINALYSIS.COM
26 JanSystemBC Malware's C2 Server Analysis Exposes Payload Delivery TricksSystemBC malware allows threat actors to control compromised hosts, deliver additional payloads, and use SOCKS5 proxies to mask network traffic to and from the command-and-control (C2) infrastructure.THEHACKERNEWS.COM
26 JanCyber Security Today, Jan. 26, 2024 - US government employees slammed for backing forbidden videocam purchases, and moreThis episode reports on an investigation into why US federal IT staff pushed for the purchase of forbidden video cameras, record data breach numbers last year in the US, and moreCYBERSECURITYTODAY.LIBSYN.COM
26 JanLocal Governments in Colorado, Pennsylvania, and Missouri Dealing with Ransomware IncidentsThe cyber incidents have affected emergency communication systems, court services, public transit agencies, and library operations, prompting responses from state and federal agencies as well as cybersecurity professionals.THERECORD.MEDIA
26 JanHouston, We Have a 2024 China ProblemRussia is not the only global problem that democracy has to deal with. The Chinese regime ran large influence campaigns, attempting mass social engineering in the U.S. 2022 midterm elections, according to a declassified intelligence report and multiple private-sector investigatio…KNOWBE4.COM
26 JanUkrainian Energy Giant, Postal Service, Transportation Agencies Hit by CyberattacksThe attacks on transportation, postal services, and energy companies in Ukraine may be part of a larger cyber war between Ukraine and Russia, with previous attacks on telecom and banking sectors.THERECORD.MEDIA
26 JanMicrosoft reveals how hackers breached its Exchange Online accountsMicrosoft confirmed that the Russian Foreign Intelligence Service hacking group, which hacked into its executives' email accounts in November 2023, also breached other organizations as part of this malicious campaign. [...]BLEEPINGCOMPUTER.COM
26 JanAkira Ransomware Gang Says It Stole Passport Scans From Lush In 110GB Data HeistPACKETSTORMSECURITY.COM
26 JanRussian TrickBot Malware Developer Pleaded GuiltyVladimir Dunaev, a resident of Amur Blast and aged 40, has confessed to creating and distributing Trickbot malware. The purpose of the malware was to launch cyberattacks against various American hospitals and companies. Trickbot has a collection of malware tools created to steal …GBHACKERS.COM
26 JanFeds Warn Healthcare Sector of ConnectWise ScreenConnect ThreatsFederal authorities warn that a self-hosted version of ConnectWise's ScreenConnect remote access tool was compromised at a large pharmacy services firm, posing a significant risk to other healthcare organizations.HEALTHCAREINFOSECURITY.COM
26 JanLive Webinar | Incident Response & Threat Remediation: How to Leverage AI StrategicallyDATABREACHTODAY.CO.UK
26 JanUpdate: Hackers Stole Raw Genotype Data, Health Reports in 23andMe Data BreachThe stolen data includes raw genotype data, health reports, and information from DNA Relatives and Family Tree profiles, potentially exposing personal and ancestral information of affected customers.BLEEPINGCOMPUTER.COM
26 JanICO confirms data breach probe as UK councils remain downed by cyberattackThree local councils in the United Kingdom continue to experience disruption to their online services, a week after confirming a cyberattack had knocked some systems offline. The councils for Canterbury, Dover, and Thanet — all of which are based in the U.K. county of Kent and ha…TECHCRUNCH.COM
26 JanHow I hacked chess.comsubmitted by L4s to secops 1 points | 0 comments https://skii.dev/rook-to-xss/ How I hacked chess.com::Playing Chess is one of the many hobbies I like to do in my spare time, apart from tinkering around with technology. However, I’m not very good at it, and after losing many game…SKII.DEV
26 JanWho is Alleged Medibank Hacker Aleksandr Ermakov?Authorities in Australia, the United Kingdom and the United States this week levied financial sanctions against a Russian man accused of stealing data on nearly 10 million customers of the Australian health insurance giant Medibank. 33-year-old Aleksandr Ermakov allegedly stole a…KREBSONSECURITY.COM
26 JanMicrosoft Warns of Widening APT29 Espionage Attacks Targeting Global FirmsThe threat actor, known as APT29 or BlueBravo, uses diverse methods including compromised accounts, OAuth applications, and password spraying to gain and maintain access, making traditional indicators of compromise-based detection ineffective.THEHACKERNEWS.COM
26 JanTherapy Provider Notifying 4 Million Patients of PJ&A HackConcentra Health Services Joins List of Those Affected in Transcriber's Data Breach A Texas-based physical and occupational therapy provider is notifying nearly 4 million patients that they have joined the soaring tally of victims of a data theft incident at a Nevada medical tran…DATABREACHTODAY.CO.UK
🕵️ THREAT INTELLIGENCE 18[−]
26 JanSecret Double Octopus, Furbies, and Too Much Data! - ESW #347Oleria, Vicarius, and Secret Double Octopus raise funding (NOTE: Secret Double Octopus is a real company that chose Secret Double Octopus as their name, I’m making none of this up). Rumors about Zscaler’s next 9-digit acquisition, 2 new security vendors and demystifying public cy…YOUTUBE.COM
26 JanISC Stormcast For Friday, January 26th, 2024 https://isc.sans.edu/podcastdetail/8826, (Fri, Jan 26th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
26 JanMidnight Blizzard: Guidance for responders on nation-state attackThe Microsoft security team detected a nation-state attack on our corporate systems on January 12, 2024, and immediately activated our response process to investigate, disrupt malicious activity, mitigate the attack, and deny the threat actor further access. The Microsoft Threat …MICROSOFT.COM
26 JanNozomi Unveils Wireless Security Sensor for OT, IoT EnvironmentsNozomi Networks extends its offering with Guardian Air, a security sensor designed to help organizations detect wireless threats in OT and IoT. The post Nozomi Unveils Wireless Security Sensor for OT, IoT Environments appeared first on SecurityWeek .SECURITYWEEK.COM
26 JanWhat are the Common Security Challenges CISOs Face?Chief Information Security Officers (CISOs) hold a critical and challenging role in today’s rapidly evolving cybersecurity landscape. Here are the common security challenges CISOs face. As organizations increasingly rely on technology to drive their operations, CISOs face c…GBHACKERS.COM
26 JanLODEINFO Fileless Malware Evolves with Anti-Analysis and Remote Code TricksThe malware has evolved with new features and anti-analysis techniques. It is linked to a Chinese nation-state actor known as Stone Panda and has been used in attacks targeting Japanese political establishments.THEHACKERNEWS.COM
26 JanRussian TrickBot Malware Developer Sentenced to Prison in USVladimir Dunaev sentenced to 5 years in prison after admitting to participating in the development and distribution of the TrickBot malware. The post Russian TrickBot Malware Developer Sentenced to Prison in US appeared first on SecurityWeek .SECURITYWEEK.COM
26 JanYour KnowBe4 Fresh Content Updates from January 2024Check out the 37 new pieces of training content added in January, alongside the always fresh content update highlights, events and new features.KNOWBE4.COM
26 JanHealthcare Cybersecurity — Three Trends to Watch in 2024The Healthcare CISO’s Guide to Cybersecurity Transformation highlights the latest trends in healthcare and where defensive efforts should be focused. The post Healthcare Cybersecurity — Three Trends to Watch in 2024 appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
26 JanThe Life And Times Of Cozy Bear, The Russian Hackers Who Just Hit Microsoft And HPEPACKETSTORMSECURITY.COM
26 JanMicrosoft says Russian hackers also targeted other organizationsOn Friday, Microsoft revealed that it had been the victim of a hack carried out by Russian government spies. Now, a week later, the technology giant said that it was not the only target of the espionage operation. In a new blog post, Microsoft said that “the same actor has been t…TECHCRUNCH.COM
26 JanDORA and your quantum-safe cryptography migrationQuantum computing is a new paradigm with the potential to tackle problems that classical computers cannot solve today. Unfortunately, this also introduces threats to the digital economy and particularly the financial sector. The Digital Operational Resilience Act (DORA) is a regu…SECURITYINTELLIGENCE.COM
26 JanMicrosoft Says Test Account Gave Hackers Keys to the KingdomPostmortem: Multiple Customers Also Targeted by Russian Nation-State Attackers A nation-state hacking group run by Russian intelligence gained access to a Microsoft "legacy, non-production test tenant account" and used it to authorize malicious Office 365 OAuth applications, acce…DATABREACHTODAY.CO.UK
26 JanVeolia, FeverWarn, SystemK, Fortra, GitLab, Ring, Trickbot, Aaran Leyland, and More - SWN #357Visa RB Cash AP Formula 1 Team, Veolia, FeverWarn, SystemK, Fortra, GitLab, Ring, Trickbot, Aaran Leyland, and More News on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-357YOUTUBE.COM
26 JanBSides Bristol 2023 - 18 videossubmitted by ashar to security_cpe 1 points | 0 comments https://infosec.pub/pictrs/image/e4583a1c-5255-4130-89d2-f4e1da36363e.png BSides Bristol 2023 Schedule BSides Bristol 2023 videosINFOSEC.PUB
26 JanISMG Editors: Emerging AI Tech for Cloud Security in 2024Payments Expert Troy Leach Joins the Panel to Cover AI, Zero Trust and IoT Security In the latest weekly update, Troy Leach, CSO at Cloud Security Alliance, joins three editors at ISMG to discuss important cybersecurity issues, including how generative AI is enhancing multi-cloud…DATABREACHTODAY.CO.UK
26 JanFriday Squid Blogging: Footage of Black-Eyed Squid Brooding Her EggsAmazing footage of a black-eyed squid ( Gonatus onyx ) carrying thousands of eggs. They tend to hang out about 6,200 feet below sea level. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidel…SCHNEIER.COM
26 JanCivil Society Sounds Alarms on UN Cybercrime TreatyFinal Round of Negotiations Set to Begin on Monday A draft international cybercrime treaty set to enter a final round of negotiations at the United Nations Monday drew condemnation from civil society groups that said it will criminalize security research and promote indiscriminat…DATABREACHTODAY.CO.UK
🌐 CYBER THREAT LANDSCAPE 3[−]
26 JanRussian TrickBot Mastermind Gets 5-Year Prison Sentence for Cybercrime Spree40-year-old Russian national Vladimir Dunaev has been sentenced to five years and four months in prison for his role in creating and distributing the TrickBot malware, the U.S. Department of Justice (DoJ) said. The development comes nearly two months after Dunaev pleaded gui…THEHACKERNEWS.COM
26 JanCyber Security Today, Week in Review for Friday, Jan. 26, 2024This episode features a discussion on a hack at Microsoft, the recommendations of the Network Resilience Coalition, a report on AI and cyber threats and moreCYBERSECURITYTODAY.LIBSYN.COM
📡 INFOSEC NEWS 14[−]
26 JanA Batch File With Multiple Payloads, (Fri, Jan 26th)Windows batch files (.bat) are often seen by people as very simple but they can be pretty complex or.. contain interesting encoded payloads! I found one that contains multiple payloads decoded and used by a Powershell process. The magic is behind how comments can be added to…ISC.SANS.EDU
26 JanUS Regulators Have Done Little to Address Firmware Vulnerabilities, Think Tank ArguesFirmware connects the hardware and software of a device, but efforts to protect it have been absent in many of the government’s recent cybersecurity initiatives, according to a new report by the Foundation for Defense of Democracies.NEXTGOV.COM
26 JanPerfecting the Defense-in-Depth Strategy with AutomationMedieval castles stood as impregnable fortresses for centuries, thanks to their meticulous design. Fast forward to the digital age, and this medieval wisdom still echoes in cybersecurity. Like castles with strategic layouts to withstand attacks, the Defense-in-Depth strategy is t…THEHACKERNEWS.COM
26 JanChatbots and Human ConversationFor most of history, communicating with a computer has not been like communicating with a person. In their earliest years, computers required carefully constructed instructions, delivered through punch cards; then came a command-line interface, followed by menus and options and t…SCHNEIER.COM
26 JanMalicious Ads for Restricted Messaging Applications Target Chinese UsersA campaign of malicious ads is targeting Chinese-speaking users with lures for popular messaging applications like Telegram and LINE, despite the fact that these apps are heavily restricted or banned in China.MALWAREBYTES.COM
26 JanLive Webinar | Fighting Cybercrime: Insights and Strategies for Finding Bad Guys in Your EnvironmentDATABREACHTODAY.CO.UK
26 JanAbu Dhabi Investment Firm Warns About Scam EffortsThe National Investor in Abu Dhabi has issued a warning about fraudulent investment schemes misusing its name, logo, and employees' identities to solicit personal and financial information.DARKREADING.COM
26 JanMicrosoft Teams outage causes connection issues, message delaysMicrosoft is investigating an ongoing and widespread outage impacting the users of its Teams communication platform and causing connectivity issues, login problems, and message delays. [...]BLEEPINGCOMPUTER.COM
26 JanMicrosoft introduces flighting for Windows Server insidersMicrosoft has launched flighting for Windows Server systems enrolled in its Windows Insider open software testing program. [...]BLEEPINGCOMPUTER.COM
26 JaniPhone Apps Abuse iOS Push Notifications to Collect User DataMany apps abuse the background processing feature to transmit device data to their servers, potentially enabling fingerprinting and persistent tracking, which is strictly prohibited in iOS.BLEEPINGCOMPUTER.COM
26 JanMicrosoft releases first Windows Server 2025 preview buildMicrosoft has released Windows Server Insider Preview 26040, the first Windows Server 2025 build for admins enrolled in its Windows Insider program. [...]BLEEPINGCOMPUTER.COM