106Articles
9Categories
2024-01-31Date
🚨 CISA KEV 2[−]
31 Jan KEVCISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2022-48618 Apple Multiple Products Improper Authentication Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cy…CISA.GOV
31 Jan KEVCISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2024-21893 Ivanti Connect Secure, Policy Secure, and Neurons Server-Side Request Forgery (SSRF) Vulnerability These types of vulnerabilities are fre…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 11[−]
31 JanNew Glibc Flaw Grants Attackers Root Access on Major Linux DistrosMalicious local attackers can obtain full root access on Linux machines by taking advantage of a newly disclosed security flaw in the GNU C library (aka glibc). Tracked as CVE-2023-6246, the heap-based buffer overflow vulnerability is rooted in glibc's __vsyslog_internal() functi…THEHACKERNEWS.COM
31 Jan“45K+ Exposed Jenkins Instances Vulnerable to RCE Attacks”It was previously reported that Jenkins was discovered with a new critical vulnerability, which was associated with unauthenticated arbitrary file reads that can be utilized by threat actors to read sensitive files on the server. The CVE was mentioned as CVE-2024-23897, and the s…GBHACKERS.COM
31 JanChinese Hackers Exploiting VPN Flaws to Deploy KrustyLoader MalwareA pair of recently disclosed zero-day flaws in Ivanti Connect Secure (ICS) virtual private network (VPN) devices have been exploited to deliver a Rust-based payload called KrustyLoader that's used to drop the open-source Sliver adversary simulation tool. The securi…THEHACKERNEWS.COM
31 JanNew Glibc Flaw Grants Attackers Root Access on Major Linux DistrosThe __vsyslog_internal() function in glibc has also been found to contain two more flaws (CVE-2023-6779 and CVE-2023-6780) and a separate bug in the qsort() function, affecting all glibc versions since 1992.THEHACKERNEWS.COM
31 Jan45,000 Exposed Jenkins Instances Found Amid Reports of In-the-Wild ExploitationShadowserver Foundation has seen 45,000 Jenkins instances affected by CVE-2024-23897, which may already be exploited in attacks. The post 45,000 Exposed Jenkins Instances Found Amid Reports of In-the-Wild Exploitation appeared first on SecurityWeek .SECURITYWEEK.COM
31 JanAlert: Ivanti Discloses 2 New Zero-Day Flaws, One Under Active ExploitationIvanti is alerting of two new high-severity flaws in its Connect Secure and Policy Secure products, one of which is said to have come under targeted exploitation in the wild. The list of vulnerabilities is as follows - CVE-2024-21888 (CVSS score: 8.8) - A privilege escalatio…THEHACKERNEWS.COM
31 JanAI Predictions for 2024: Moving forward with precise systems that combine power, security, intelligence, and ease of use.Artificial intelligence (AI) has been table stakes in cybersecurity for several years now, but the broad adoption of Large Language Models (LLMs) made 2023 an especially exciting year. In fact, LLMs have already started transforming the entire landscape of cybersecurity. However,…CSOONLINE.COM
31 JanIvanti patches two zero-days under attack, but finds anotherIvanti warned on Wednesday that hackers are exploiting another previously undisclosed zero-day vulnerability affecting its widely used corporate VPN appliance. Since early December, ​​Chinese state-backed hackers have been exploiting Ivanti Connect Secure’s flaws — tracked …TECHCRUNCH.COM
31 JanCISA and FBI Release Secure by Design Alert Urging Manufacturers to Eliminate Defects in SOHO RoutersToday, CISA and the Federal Bureau of Investigation (FBI) published guidance on Security Design Improvements for SOHO Device Manufacturers as a part of the new Secure by Design (SbD) Alert series that focuses on how manufacturers should shift the burden of security away from cust…CISA.GOV
31 JanCVE-2023-6246: Heap-based buffer overflow in the glibc's syslog()submitted by L4s to secops 1 points | 0 comments https://www.qualys.com/2024/01/30/cve-2023-6246/syslog.txt CVE-2023-6246: Heap-based buffer overflow in the glibc’s syslog()::undefinedQUALYS.COM
31 JanVulnerabilities in Docker, other container engines enable host OS accessSecurity researchers have found four vulnerabilities in Docker components that could allow attackers to access host operating systems from within containers. One of those vulnerabilities is in runc, a command-line tool for spawning and running containers on Linux that underpins m…CSOONLINE.COM
⚠️ VULNERABILITY DISCLOSURE 30[−]
31 Jan6 user experience mistakes made for security and how to fix themThe more you do to force people to protect systems and data, the greater your security — that appears to be the assumption some organizations make when addressing cybersecurity problems. However, adding technological hurdles and increasing complexity only creates bad user experie…CSOONLINE.COM
31 JanIsraeli Government Says Smallest of SMBs Hit Hardest in CyberattacksBusinesses with five to 20 employees were the most impacted, especially those in the industrial sector. The field of commerce reported the fewest cyberattacks, with only 3% of businesses being affected.DARKREADING.COM
31 JanPawn Storm Uses Brute Force and Stealth Against High-Value TargetsBased on our estimates, from approximately April 2022 until November 2023, Pawn Storm attempted to launch NTLMv2 hash relay attacks through different methods, with huge peaks in the number of targets and variations in the government departments that it targeted.TRENDMICRO.COM
31 JanHitron DVR Zero-Day Vulnerabilities Exploited by InfectedSlurs BotnetAkamai flags six zero-day vulnerabilities in Hitron DVRs exploited to ensnare devices in the InfectedSlurs botnet. The post Hitron DVR Zero-Day Vulnerabilities Exploited by InfectedSlurs Botnet appeared first on SecurityWeek .SECURITYWEEK.COM
31 JanSecurity Now podcast SN959: Stamos on "Microsoft Security" - HP Printer Bricking, Mercedes Benz Source Code - 2 hourssubmitted by ashar to security_cpe 1 points | 0 comments https://infosec.pub/pictrs/image/16ad0ff2-fa85-482d-83bc-928e242f1a00.png Security Now podcast SN959 OS to allow native Chromium and Firefox engines. An OS immune to ransomware? HP back in the doghouse over “anti-virus” pri…INFOSEC.PUB
31 JanRust Payloads Exploiting Ivanti Zero-Days Linked to Sliver ToolkitThe KrustyLoader malware, identified in the analysis, is designed to download and execute a Sliver backdoor written in GoLang, indicating APT-level sophistication in these attacks.INFOSECURITY-MAGAZINE.COM
31 JanVulnerabilities in Lamassu Bitcoin ATMsThe attack, IOActive explains, was possible due to a vulnerability in the ATM’s software update mechanism that could allow an attacker to supply their own malicious file and trigger legitimate processes for code execution.LABS.IOACTIVE.COM
31 JanCheck Point’s new generative AI tool offers platform-wide intelligence and remediationCybersecurity company Check Point Software Technologies has debuted a new platform-wide generative AI-based tool to improve the speed and effectiveness of security decision making across its Infinity group of solutions. Designed to handle both routine administrative tasks as well…CSOONLINE.COM
31 JanMicrosoft Teams Phishing Attack Pushes DarkGate Malware via Group ChatsThe attackers exploit default settings in Teams to send over 1,000 malicious chat invites. Once the attachment is downloaded, the malware connects to a command-and-control server.BLEEPINGCOMPUTER.COM
31 JanNew Israeli startup to help organizations deal with GenAI-related risksIsraeli cybersecurity platform Aim Security has put together a SaaS offering tailored specifically against enterprise risks associated with the use of generative AI (GenAI) tools. The offering is aimed at providing collective visibility, detection, enforcement, and protection aga…CSOONLINE.COM
31 JanCanada’s foreign affairs department investigates data breachGlobal Affairs Canada (GAC), the foreign affairs department of the Canadian government, said it is investigating a data breach in its internal network. “Early results [of the investigation] indicate there has been a data breach and that there has been unauthorized access to perso…CSOONLINE.COM
31 JanIvanti warns of new Connect Secure zero-day exploited in attacksToday, Ivanti warned of two more vulnerabilities impacting Connect Secure, Policy Secure, and ZTA gateways, one of them a zero-day bug already under active exploitation. [...]BLEEPINGCOMPUTER.COM
31 JanTor Code Audit Finds 17 VulnerabilitiesOver a dozen vulnerabilities discovered in Tor audit, including a high-risk flaw that can be exploited to inject arbitrary bridges. The post Tor Code Audit Finds 17 Vulnerabilities appeared first on SecurityWeek .SECURITYWEEK.COM
31 JanLeaked GitHub Token Exposed Mercedes Source CodeA leaked token provided unrestricted access to the entire source code on Mercedes-Benz’s GitHub Enterprise server. The post Leaked GitHub Token Exposed Mercedes Source Code appeared first on SecurityWeek .SECURITYWEEK.COM
31 JanSafeguarding the healthcare sector with dynamic cybersecurityCyberattacks in the healthcare industry undermine our ability to deliver quality care and can endanger the safety, and even the lives, of our patients. Unfortunately, hackers see our industry as a prime target, particularly for ransomware and data privacy attacks. None of us want…CSOONLINE.COM
31 JanHackers steal $112 million of XRP Ripple cryptocurrencyOn Tuesday, hackers stole around $112 million of the Ripple-focused cryptocurrency XRP from a crypto wallet, Ripple’s co-founder and executive chairman has disclosed. Ripple’s Chris Larsen said on Wednesday that the stolen crypto was his. Larsen wrote on X (previously Twitt…TECHCRUNCH.COM
31 JanSecurity giant Proofpoint is laying off 280 employees, about 6% of its workforceProofpoint is laying off about 6% of its global workforce, or 280 employees, the company confirmed to TechCrunch. “This decision was not taken lightly, and it is deeply rooted in our forward-looking company strategy of aligning our investments and hiring to our strategic pr…TECHCRUNCH.COM
31 JanProofpoint Lays Off 6% of Workforce, Offshores JobsPrivate Equity-Owned Firm Lets 280 People Go, Moves Jobs to Argentina and Ireland Silicon Valley email security firm Proofpoint is laying off 280 positions two months into the tenure of Sumit Dhawan as its chief executive officer. A company spokesperson said Proofpoint anticipate…DATABREACHTODAY.CO.UK
31 JanGNU C Library Vulnerability Leads to Full Root AccessResearchers at Qualys call attention to a vulnerability in Linux’s GNU C Library (glibc) that allows full root access to a system. The post GNU C Library Vulnerability Leads to Full Root Access appeared first on SecurityWeek .SECURITYWEEK.COM
31 JanAfter Delays, Ivanti Patches Zero-Days and Confirms New ExploitIvanti documents a brand-new zero-day and belatedly ships patches; Mandiant is reporting "broad exploitation activity." The post After Delays, Ivanti Patches Zero-Days and Confirms New Exploit appeared first on SecurityWeek .SECURITYWEEK.COM
31 JanPawn Storm Uses Brute Force and Stealth Against High-Value TargetsPawn Storm, aka APT28 and Forest Blizzard, has been employing anonymization layers, such as VPN services and compromised EdgeOS routers, to hide its tracks and carry out sophisticated attacks.TRENDMICRO.COM
31 Jan KEVCISA warns of patched iPhone kernel bug now exploited in attacksCISA warned today that a patched kernel security flaw affecting Apple iPhones, Macs, TVs, and watches is now being actively exploited in attacks. [...]BLEEPINGCOMPUTER.COM
31 JanScaling security with AI: from detection to solutionDongge Liu and Oliver Chang, Google Open Source Security Team, Jan Nowakowski and Jan Keller, Machine Learning for Security Team The AI world moves fast, so we’ve been hard at work keeping security apace with recent advancements. One of our approaches, in alignment with Google’s …SECURITY.GOOGLEBLOG.COM
31 JanExploit released for Android local elevation flaw impacting 7 OEMsA proof-of-concept (PoC) exploit for a local privilege elevation flaw impacting at least seven Android original equipment manufacturers (OEMs) is now publicly available on GitHub. However, as the exploit requires local access, its release will mostly be helpful to researchers. [.…BLEEPINGCOMPUTER.COM
31 JanApple fixes zero-day bug in Apple Vision Pro that ‘may have been exploited’A day after reporters published their first hands-on review of Apple’s Vision Pro, the technology giant released its first security patch for the mixed reality headset to fix a vulnerability that “may have been exploited” by hackers in the wild. On Wednesday, Ap…TECHCRUNCH.COM
31 JanAccelerate threat response and democratize SOC skill sets with generative AIHow much more could your organization accomplish if you could automate common, repeatable tasks across security, compliance, identity, and management? Managing an organization’s defenses is a challenging and time-consuming task for many different reasons. Adopting and integrating…CSOONLINE.COM
31 JanIvanti Discloses Additional Zero-Day That Is Being ExploitedCompany Starts Patch Rollout for Flaws Exploited by Likely Chinese Intelligence Op Corporate VPN maker Ivanti on Wednesday began a belated patch rollout for zero-day flaws that many cybersecurity firms say paved the way for an espionage hacking operation likely conducted by China…DATABREACHTODAY.CO.UK
31 JanWater Sector Leaders Urge Congress to Fund Cyber MandatesThe Water and Wastewater Sector Faces Growing Cybersecurity Risks, Officials Warn Leaders from the U.S. water sector testified to the House subcommittee on environment, manufacturing and critical materials that entities across the country face funding and resource disparities as …DATABREACHTODAY.CO.UK
31 JanMultiple Vulnerabilities in Ivanti Products Could Allow for Remote Code ExecutionMultiple Vulnerabilities have been discovered in Ivanti Products, the most severe of which could allow for remote code execution. Ivanti Connect Secure is a SSL VPN solution for remote and mobile users. Ivanti Policy Secure (IPS) is a network access control (NAC) solution which p…CISECURITY.ORG
📋 SECURITY BULLETINS 1[−]
31 JanChina-Linked Hackers Target Myanmar's Top Ministries with Backdoor BlitzThe Mustang Panda group utilized legitimate software and phishing emails to deploy malicious DLLs and backdoors, disguising command-and-control traffic as Microsoft update traffic.THEHACKERNEWS.COM
📢 SECURITY ADVISORIES 6[−]
31 Jan[Live Demo] Customizing Your Compliance Training to Increase EffectivenessLinking compliance training to specific outcomes is hard. Compliance training has a reputation for being challenging for organizations to offer, difficult to do right and employees are not engaged.KNOWBE4.COM
31 JanCISA: Vendors must secure SOHO routers against Volt Typhoon attacksCISA has urged manufacturers of small office/home office (SOHO) routers to ensure their devices' security against ongoing attacks attempting to hijack them, especially those coordinated by Chinese state-backed hacking group Volt Typhoon (Bronze Silhouette). [...]BLEEPINGCOMPUTER.COM
31 JanHere’s How the FBI Stopped a Major Chinese Hacking CampaignFBI and CISA Detail Operation to Prevent Chinese Attacks on Critical Infrastructure The FBI launched a court-authorized sting operation against a Chinese hacking group known as Volt Typhoon, partnering with the Cybersecurity and Infrastructure Security Agency and a cohort of U.S.…DATABREACHTODAY.CO.UK
🔥 INCIDENT REPORTING 21[−]
31 JanAuthor Q&A: The ongoing role of fortified structures in military clashes — and cybersecurityThere’s no denying that castle walls play a prominent role in the histories of both military defense, going back thousands of years, and — as of the start of the current millennia — in cybersecurity. Related: How Putin has weaponized … (more…)LASTWATCHDOG.COM
31 JanCanada’s ‘most prolific hacker’ jailed for two yearsA 33-year-old man has been sentenced to two years in prison after admitting his part in a series of ransomware and malware attacks that hit more than one thousand individuals, businesses, and organisations — including three police departments. Read more in my article on the Hot f…BITDEFENDER.COM
31 JanAlpha Ransomware Group Launches Data Leak Site on the Dark WebThe ransomware appends a random 8-character alphanumeric extension to encrypted files and its DLS, titled “MYDATA,” is considered unstable and frequently offline, indicating the group is still in the process of setting up operations.INFOSECURITY-MAGAZINE.COM
31 JanOnline Ransomware Decryptor Helps Recover Partially Encrypted FilesWhite Phoenix attempts to recover data through automated restoration methods and may help restore valuable files for ransomware victims, providing a potential option for those affected by certain ransomware strains.BLEEPINGCOMPUTER.COM
31 JanCyber Security Today, Jan. 31, 2024 -A new ransomware strain found, and questions about the level of ransomware paymentsThis episode reports on ransomware news, a survey of infosec pros in the financial sector and moreCYBERSECURITYTODAY.LIBSYN.COM
31 JanFulton County Cyberattack Brings Down Phones, Court Site and Tax SystemsAn ongoing cyberattack against Georgia’s Fulton County, which includes parts of Atlanta, has brought some of the government’s systems to a standstill, halting access to court filings, tax processing, and other services.EDITION.CNN.COM
31 JanThe SEC Won't Let CISOs Be: Understanding New SaaS Cybersecurity RulesThe SEC isn’t giving SaaS a free pass. Applicable public companies, known as “registrants,” are now subject to cyber incident disclosure and cybersecurity readiness requirements for data stored in SaaS systems, along with the 3rd and 4th party apps connected to them.  The ne…THEHACKERNEWS.COM
31 JanHow to Align Your Incident Response Practices With the New SEC Disclosure RulesBy turning incident response simulation into a continuous process and employing innovative tools, you can address the stringent requirements of the new SEC incident disclosure rules. The post How to Align Your Incident Response Practices With the New SEC Disclosure Rules appeared…SECURITYWEEK.COM
31 JanU.S. Officials Detained a 19-year-old SIM-Swap HackerIn the murky depths of the digital underworld, a tale unfolds: the rise and fall of “King Bob,” a moniker masking 19-year-old Noah Michael Urban, a Florida man entangled in a web of cybercrime.  An investigation revealed the accused’s role in a hacking grou…GBHACKERS.COM
31 JanHackers Hijacking MS-SQL Servers to Install Mimic RansomwareThe Trigona ransomware threat actor has been observed engaging in new activities, such as installing Mimic malware that targets MS-SQL servers.  MS-SQL servers’ Bulk Copy Program (BCP) feature is abused during the malware installation process. The BCP utility bcp.exe i…GBHACKERS.COM
31 JanWhat IT Leaders should appreciate about SOAR in 2024Coined in 2015 and later updated in 2017 by Gartner , SOAR (security orchestration, automation, and response) describes a platform that is designed to orchestrate the response to incidents, leveraging automated processes designed in decision tree mapping, typically called playboo…CSOONLINE.COM
31 JanData security posture management vs cloud security posture management“A data breach has just occurred”, is a phrase no security professional wants to hear. From the CISO on down to the SOC analysts, a data breach is the definition of a very bad day. It can cause serious brand damage and financial loss for enterprises, lead to abrupt ca…SECURITYINTELLIGENCE.COM
31 JanJohnson Controls says ransomware attack cost $27 million, data stolenJohnson Controls International has confirmed that a September 2023 ransomware attack cost the company $27 million in expenses and led to a data breach after hackers stole corporate data. [...]BLEEPINGCOMPUTER.COM
31 JanRansomware Payments On The Decline As Cyber Attackers Focus on The Smallest, And Largest, OrganizationsNew data for Q4 of 2023 reveals a sizable shift in the cyber threat landscape, with serious implications regarding ransomware and social engineering attacks targeting both the largest and smallest organizations worldwide.KNOWBE4.COM
31 JanWhat is Email Hijacking? – Email Account Takeover Protection Guide – 2024Email hijacking occurs when cybercriminals gain unauthorized access to an individual’s or organization’s email account, it continues to pose a significant threat in the digital world. This security incident has the potential to result in unauthorized access and misuse…GBHACKERS.COM
31 JanISACs Slam US Federal Cyber Incident Reporting ProposalsInformation-Sharing Groups Call Reporting Requirements 'Too Costly, Overreaching' Multiple Information Sharing and Analysis Centers decried a proposed incident reporting measure for vendors selling to the U.S. federal government as being costly and ineffective. The proposal will …DATABREACHTODAY.CO.UK
31 JanEuropcar denies data breach of 50 million users, says data is fakeCar rental company Europcar says it has not suffered a data breach and that shared customer data is fake after a threat actor claimed to be selling the personal info of 50 million customers. [...]BLEEPINGCOMPUTER.COM
31 JanEuropcar says someone likely used ChatGPT to promote a fake data breachOn Sunday, a user in a well-known hacking forum advertised what they claimed was a cache of stolen data from the rental car giant Europcar. The user claimed to have stolen the personal information of more than 48 million Europcar customers, and said they were “listening to offers…TECHCRUNCH.COM
31 JanIdentifying Bad By Defining Good with Danny Jenkins, CEO & Co-Founder at ThreatLocker – PSW #815Danny Jenkins, CEO & Co-Founder of ThreatLocker, a cybersecurity firm providing Zero Trust endpoint security, is a leading cybersecurity expert with over two decades of experience building and securing corporate networks, including roles on red and blue teams. He is dedicated to …YOUTUBE.COM
31 JanESET Research Podcast: ChatGPT, the MOVEit hack, and PandoraAn AI chatbot inadvertently kindles a cybercrime boom, ransomware bandits plunder organizations without deploying ransomware, and a new botnet enslaves Android TV boxesWELIVESECURITY.COM
🕵️ THREAT INTELLIGENCE 18[−]
31 JanISC Stormcast For Wednesday, January 31st, 2024 https://isc.sans.edu/podcastdetail/8832, (Wed, Jan 31st)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
31 JanItalian Businesses Hit by Weaponized USBs Spreading Cryptojacking MalwareA financially motivated threat actor known as UNC4990 is leveraging weaponized USB devices as an initial infection vector to target organizations in Italy. Google-owned Mandiant said the attacks single out multiple industries, including health, transportation, construct…THEHACKERNEWS.COM
31 JanCFPB’s Proposed Data RulesIn October, the Consumer Financial Protection Bureau (CFPB) proposed a set of rules that if implemented would transform how financial institutions handle personal data about their customers. The rules put control of that data back in the hands of ordinary Americans, while at the …SCHNEIER.COM
31 JanTwo More Individuals Charged for DraftKings HackingNathan Austad and Kamerin Stokes have been charged for hacking user accounts at fantasy sports and betting website DraftKings. The post Two More Individuals Charged for DraftKings Hacking appeared first on SecurityWeek .SECURITYWEEK.COM
31 JanAim Security Raises $10M to Tackle Shadow AIA new Israeli startup called Aim Security has raised $10 million in seed financing to help with the secure deployment of generative-AI technologies. The post Aim Security Raises $10M to Tackle Shadow AI appeared first on SecurityWeek .SECURITYWEEK.COM
31 JanUS Sanctions Two ISIS-Affiliated ‘Cybersecurity Experts’US Treasury Department announces sanctions against two Egyptian nationals accused of running an ISIS cyber platform. The post US Sanctions Two ISIS-Affiliated ‘Cybersecurity Experts’ appeared first on SecurityWeek .SECURITYWEEK.COM
31 JanTelegram Marketplaces Fuel Phishing Attacks with Easy-to-Use Kits and MalwareCybersecurity researchers are calling attention to the "democratization" of the phishing ecosystem owing to the emergence of Telegram as an epicenter for cybercrime, enabling threat actors to mount a mass attack for as little as $230. "This messaging app has transformed into a bu…THEHACKERNEWS.COM
31 JanReken Emerges From Stealth With $10 Million Seed FundingReken, an AI-defense cybersecurity startup, emerged from stealth – but without a publicly demonstrable product. The post Reken Emerges From Stealth With $10 Million Seed Funding appeared first on SecurityWeek .SECURITYWEEK.COM
31 JanFBI disrupts Chinese botnet by wiping malware from infected routersThe FBI has disrupted the KV Botnet used by Chinese Volt Typhoon state hackers to evade detection during attacks targeting U.S. critical infrastructure. [...]BLEEPINGCOMPUTER.COM
31 JanItalian Businesses Hit by Weaponized USB Devices Spreading Cryptojacking MalwareThe threat actor deploys the EMPTYSPACE downloader and the QUIETBOARD backdoor to execute commands, alter crypto wallet addresses, take screenshots, and propagate the malware.THEHACKERNEWS.COM
31 JanPodcast: Palo Alto Networks Talks IT/OT ConvergenceSecurityWeek interviews Del Rodillas, Senior Director of Product Management at Palo Alto Networks, about the integration of IT and OT in the ICS threat landscape. The post Podcast: Palo Alto Networks Talks IT/OT Convergence appeared first on SecurityWeek .SECURITYWEEK.COM
31 JanNews alert: Reken raises $10M from Greycroft to protect against generative AI-enabled fraudSan Francisco, Calif., Jan. 31, 2024 – Reken, an AI & cybersecurity company, today announced the close of its $10M oversubscribed seed round, led by Greycroft and FPV Ventures. Other investors in the round include Firebolt Ventures, Fika Ventures, Omega … (more…)LASTWATCHDOG.COM
31 JanProof of Concept: How Do We Ensure Ethical AI Systems?Also: Safeguarding AI Vulnerabilities From Cyber Adversaries In the latest "Proof of Concept," Sam Curry of Zscaler and Heather West of Venable assess how vulnerable AI models are to potential attacks, offer practical measures to bolster the resilience of AI models and discuss ho…DATABREACHTODAY.CO.UK
31 JanFBI Cyber Alert: Tech Support Scams Steal Cash or Precious MetalsThe US Federal Bureau of Investigation (FBI) has issued an alert warning that scammers are tricking victims into converting their savings into cash or precious metals, then sending couriers to pick up the items for safekeeping.KNOWBE4.COM
31 JanUS Gov Disrupts SOHO Router Botnet Used by Chinese APT Volt TyphoonThe US government neutralizes a botnet full of end-of-life Cisco and Netgear routers being by a notorious Chinese APT group. The post US Gov Disrupts SOHO Router Botnet Used by Chinese APT Volt Typhoon appeared first on SecurityWeek .SECURITYWEEK.COM
31 JanHackers push USB malware payloads via news, media hosting sitesA financially motivated threat actor using USB devices for initial infection has been found abusing legitimate online platforms, including GitHub, Vimeo, and Ars Technica, to host encoded payloads embedded in seemingly benign content. [...]BLEEPINGCOMPUTER.COM
31 JanNews alert: Oasis Security raises $40M funding to automate the lifecycle of non-human identitiesTel Aviv, Israel, Jan. 31, 2024 — Oasis Security , the leading provider of Non-human Identity Management (NIM) solutions, announced today that it raised a total of $40 million funding led by Sequoia Capital (Doug Leone, Bogomil Balkansky), alongside Accel … (more…)LASTWATCHDOG.COM
🌐 CYBER THREAT LANDSCAPE 4[−]
31 JanCrypto theft from Exodus and Bitcoin wallets through cracked macOS apps | Kaspersky official blogWe’re looking into a new family of macOS malware that steals cryptocurrency and downloads malicious code from DNS recordsKASPERSKY.COM
31 JanUS disrupts China-backed hacking operation amid warning of threat to American infrastructureThe U.S. government announced Wednesday it had disrupted a China-backed hacking operation targeting U.S. critical infrastructure, amid warnings that Beijing is preparing to cause “real-world harm” to Americans in the event of a future conflict. Speaking during a U.S. …TECHCRUNCH.COM
31 JanSmarter, Meaner, Sneakier: Security Trends for 2024Learn how hackers are getting smarter, ruder, meaner, and sneakier and what to do about it with this overview of cybersecurity trends in 2024.TRENDMICRO.COM
📡 INFOSEC NEWS 13[−]
31 JanOpenAI Says Mysterious Chat Histories Resulted From Account TakeoverChatGPT users' private conversations were leaked due to unauthorized logins from a different location, highlighting the need for better security measures such as 2FA and IP tracking.ARSTECHNICA.COM
31 JanCritical Workspace Creation Flaw in GitLab Allows File OverwriteThe latest update also addressed four medium-severity flaws, including issues related to regular expression denial-of-service, HTML injection, and disclosure of user's public email address via the tags RSS feed.THEHACKERNEWS.COM
31 JanGreat Security or Great UX? Both, PleaseSecurity step-ups should only be used for higher-risk scenarios and should be implemented in a user-friendly manner to maintain a balance between security and user experience.HELPNETSECURITY.COM
31 JanOasis Security leaves stealth with $40M to lock down the wild west of non-human identity managementWhen people hear the term “identity management” in an enterprise context, they typically think of apps that help users authenticate who they are on a network in order to access certain services. In a security context, however, human users are just the tip of the icebe…TECHCRUNCH.COM
31 JanTor Code Audit Finds 17 VulnerabilitiesPACKETSTORMSECURITY.COM
31 JanData Leak at Fintech Giant Direct Trading TechnologiesThe leaked information included names, email addresses, trading activity, passwords, and other personal details. Additionally, the company's outreach team's internal comments were exposed.SECURITYAFFAIRS.COM
31 JanNew Evasive Large-Scale Scareware and PUP Delivery Campaign SpottedUnit 42 researchers discovered a large-scale campaign dubbed ApateWeb, which uses over 130,000 domains to distribute scareware, potentially unwanted programs (PUPs), and other scam pages.UNIT42.PALOALTONETWORKS.COM
31 JanThe Fun and Dangers of Top Level Domains (TLDs), (Wed, Jan 31st)In the beginning, life was easy. We had a very limited set of top-level domains: .com, .edu, .gov, ..int, org, .mil, .net, .org, .edu. In addition, we had .arpa for infrastructure use and various two letter country level domains. ISC.SANS.EDU
31 JanTop Tips to Avoid Corporate Social Media Account HijackingNot a Good Look: Hijacked @SECgov Social Media Account Spews Bitcoin Rumors Social media accounts - especially those tied to government agencies, big-name companies and high-profile individuals - continue to be a top target for takeover by fraudsters and scammers, especially when…DATABREACHTODAY.CO.UK
31 JanPushing the Healthcare Sector into Stronger CybersecurityGetting the health sector to vastly improve its state of cybersecurity will take much more than the recent issuance of new federal guidance outlining cyber performance goals for entities. It will also require new government incentives and mandates, said Steve Cagle, CEO of consul…DATABREACHTODAY.CO.UK
31 JanPushing the Healthcare Sector to Improve CybersecurityGetting the health sector to vastly improve the state of its cybersecurity will take much more than the recent issuance of federal guidance outlining cyber performance goals for entities. It will also require new government incentives and mandates, said Steve Cagle, CEO of consul…DATABREACHTODAY.CO.UK
31 JanPolice seize record 50,000 Bitcoin from now-defunct piracy siteThe police in Saxony, eastern Germany, have seized 50,000 Bitcoin from the former operator of the pirate site movie2k.to through a voluntary deposit to a state-controlled wallet. [...]BLEEPINGCOMPUTER.COM