matlock.ca // THREAT INTELLIGENCE

122Articles

10Categories

2024-02-01Date

🚨

PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical InfrastructureSUMMARY The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Federal Bureau of Investigation (FBI) assess that People’s Republic of China (PRC) state-sponsored cyber actors are seeking to pre-position themselves on IT networks for disru…

KEVCISA.GOV — 01 Feb 2024

🐛

RunC Flaws Enable Container Escapes, Granting Attackers Host Access

THEHACKERNEWS.COM — 01 Feb 2024

🐛

CISA Warns of Active Exploitation of Critical Vulnerability in iOS, iPadOS, and macOS

KEVTHEHACKERNEWS.COM — 01 Feb 2024

🐛

Glibc library vulnerability published | Kaspersky official blog

KASPERSKY.COM — 01 Feb 2024

🐛

Exploit Released for Android Local Elevation Flaw Impacting Seven OEMs

BLEEPINGCOMPUTER.COM — 01 Feb 2024

🐛

Moby and Open Container Initiative Release Critical Updates for Multiple Vulnerabilities Affecting Docker-related Components

CISA.GOV — Thu, 01 Feb 24 1

⚠️

Mercedes-Benz Source Code Leaked via mishandled GitHub token

GBHACKERS.COM — 01 Feb 2024

⚠️

Warning: New Malware Emerges in Attacks Exploiting Ivanti VPN Vulnerabilities

THEHACKERNEWS.COM — 01 Feb 2024

⚠️

CISA Warns of Active Exploitation of Critical Flaws in Apple iOS and macOS

THEHACKERNEWS.COM — 01 Feb 2024

⚠️

Ransomware Incidents Hit Record High, But Law Enforcement Takedowns Slow Growth

INFOSECURITY-MAGAZINE.COM — 01 Feb 2024

⚠️

Two New Ivanti Bugs Discovered as CISA Warns of Hackers Bypassing Mitigations

THERECORD.MEDIA — 01 Feb 2024

⚠️

MOVEit Liabilities Mount for Progress Software

CYBERSECURITYDIVE.COM — 01 Feb 2024

⚠️

Apple Patches Vision Pro Vulnerability as CISA Warns of iOS Flaw Exploitation

SECURITYWEEK.COM — 01 Feb 2024

⚠️

Audio-jacking: Using generative AI to distort live audio transactions

SECURITYINTELLIGENCE.COM — 01 Feb 2024

⚠️

Why the Right Metrics Matter When it Comes to Vulnerability Management

THEHACKERNEWS.COM — 01 Feb 2024

⚠️

HeadCrab 2.0 Goes Fileless, Targeting Redis Servers for Crypto Mining

THEHACKERNEWS.COM — 01 Feb 2024

⚠️

Feds Say Anti-Robocall Efforts Appear to be Working Against Foreign Sources

THERECORD.MEDIA — 01 Feb 2024

⚠️

Facebook’s Extensive Surveillance Network

SCHNEIER.COM — 2024-02-01

⚠️

U.S. Feds Shut Down China-Linked "KV-Botnet" Targeting SOHO Routers

THEHACKERNEWS.COM — 01 Feb 2024

⚠️

Protect AI adds LLM support with open source acquisition

CSOONLINE.COM — 01 Feb 2024

⚠️

Faction: Open-Source Pentesting Report Generation and Collaboration Framework

HELPNETSECURITY.COM — 01 Feb 2024

⚠️

CISA orders federal agencies to disconnect Ivanti VPN appliances by Saturday

KEVBLEEPINGCOMPUTER.COM — 01 Feb 2024

⚠️

Okta lays off 400 employees — almost exactly a year after last staff cuts

TECHCRUNCH.COM — 01 Feb 2024

⚠️

Wray's Stunning Warning Points To A New Age Of US Vulnerability

PACKETSTORMSECURITY.COM — 01 Feb 2024

⚠️

New Windows Event Log zero-day flaw gets unofficial patches

BLEEPINGCOMPUTER.COM — 01 Feb 2024

⚠️

FritzFrog Returns with Log4Shell and PwnKit, Spreading Malware Inside Your Network

THEHACKERNEWS.COM — 01 Feb 2024

⚠️

CVE, CVSS, EPSS Falls Short - PSW #815

YOUTUBE.COM — 2024-02-01

⚠️

CISA Releases Two Industrial Control Systems Advisories

CISA.GOV — Thu, 01 Feb 24 1

⚠️

Zero-Day Vulnerability can Blind Defenses Relying on Windows Event Logs

HELPNETSECURITY.COM — 01 Feb 2024

⚠️

US gives federal agencies 48 hours to disconnect flawed Ivanti VPN tech

TECHCRUNCH.COM — 01 Feb 2024

⚠️

Microsoft Teams: The New Phishing Battlefront - How Attackers Are Exploiting Trusted Platforms

KNOWBE4.COM — 01 Feb 2024

⚠️

Does CVSS 4.0 Solve the Exploitability Problem?

HELPNETSECURITY.COM — 01 Feb 2024

⚠️

UN Cybercrime Treaty Could Endanger Web Security

SECURITY.GOOGLEBLOG.COM — 2024-02-01

⚠️

Okta Lays Off 400 Employees in Second Round of Dismissals

DATABREACHTODAY.CO.UK — 2024-02-01

⚠️

Protect AI Acquires Laiyer AI to Better Secure AI Models

SECURITYBOULEVARD.COM — 01 Feb 2024

⚠️

Bazel PoC attack highlights transitive vulnerability risk in custom GitHub Actions

CSOONLINE.COM — 01 Feb 2024

⚠️

UK: City Cyber Task Force Launches to Secure Corporate Finance

INFOSECURITY-MAGAZINE.COM — 01 Feb 2024

⚠️

Cloudflare hacked using auth tokens stolen in Okta attack

BLEEPINGCOMPUTER.COM — 01 Feb 2024

⚠️

The Elephant in the Pipeline: Securing the Wild, Untamed Software Supply Chain - Pete ... - ESW #348

YOUTUBE.COM — 2024-02-01

📋

Mastodon security update: every version prior to today's is vulnerable to remote user impersonation and takeover

GITHUB.COM — 1 Feb 2024

📋

The Elephant in the Pipeline: Securing the Wild, Untamed Software Supply Chain – Pete Morgan

YOUTUBE.COM — 2024-02-01

📢

US IaaS Providers Face 'Know Your Customer' Regulation

BANKINFOSECURITY.COM — 01 Feb 2024

📢

US security agencies terminate China-backed hacking attempt

CSOONLINE.COM — 01 Feb 2024

📢

Hackers Obtain Confidential Information on Romanian Officials After Cyberattack at Parliament

ROMANIA-INSIDER.COM — 01 Feb 2024

📢

Global Affairs Canada Hit by Cyberattack, Shuts Down Computer Systems to Fix

THEGLOBEANDMAIL.COM — 01 Feb 2024

📢

CISA Sets 48-hour Deadline for Removal of Insecure Ivanti Products

SECURITYWEEK.COM — 01 Feb 2024

📢

Juniper Networks security advisory (AV24-059)

CYBER.GC.CA — 2024-02-01

📢

How is IR sniping and AI changing the game in today’s ever-evolving threat situation?

CSOONLINE.COM — 01 Feb 2024

📢

CISA Hosts Second Cyber Resilient 911 Symposium

CISA.GOV — Thu, 01 Feb 24 1

📢

Apple security advisory (AV24-060)

CYBER.GC.CA — 2024-02-01

🔥

Phobos Ransomware Expands with New FAUST Variant

CYWARE.COM — 01 Feb 2024

🔥

Nitrogen Shelling Malware From Hacked Sites

MALWAREBYTES.COM — 01 Feb 2024

🔥

Hackers Started using Python for Developing New Ransomware

GBHACKERS.COM — 01 Feb 2024

🔥

Cybercriminals Embrace Smarter Strategies, Less Effort

HELPNETSECURITY.COM — 01 Feb 2024

🔥

Cybercriminals Stole Around $112 Million Worth of XRP From Ripple’s Co-Founder

SECURITYAFFAIRS.COM — 01 Feb 2024

🔥

Johnson Controls Ransomware Attack: Data Theft Confirmed, Cost Exceeds $27 Million

SECURITYWEEK.COM — 01 Feb 2024

🔥

Football Australia Data Leak Exposes Players’ Contracts, Fans’ Personal Details

THEGUARDIAN.COM — 01 Feb 2024

🔥

New York Sues Citibank Over Poor Data Security

SECURITYWEEK.COM — 01 Feb 2024

🔥

At Least 30 Journalists, Lawyers and Activists Hacked With Pegasus in Jordan, Forensic Probe Finds

SECURITYWEEK.COM — 01 Feb 2024

🔥

Update: Johnson Controls Reports $27M Hit From Ransomware Attack

CYBERSECURITYDIVE.COM — 01 Feb 2024

🔥

The Rise of Python-Scripted Ransomware

LABS.K7COMPUTING.COM — 01 Feb 2024

🔥

LockBit Shows No Remorse For Ransomware Attack On Children's Hospital

PACKETSTORMSECURITY.COM — 01 Feb 2024

🔥

Pentagon Investigating Theft of Sensitive Files by Ransomware Group

CYBERSCOOP.COM — 01 Feb 2024

🔥

Identifying Bad By Defining Good - Danny Jenkins - PSW #815

YOUTUBE.COM — 2024-02-01

🔥

Cryptohack Roundup: 2024's Biggest Heist - So Far

DATABREACHTODAY.CO.UK — 2024-02-01

🔥

Europcar Denies Data Breach of 50 Million Users, Says Data is Fake

BLEEPINGCOMPUTER.COM — 01 Feb 2024

🔥

Transatlantic Cable podcast episode 332 | Kaspersky official blog

KASPERSKY.COM — 01 Feb 2024

🔥

FTC orders Blackbaud to boost security after massive data breach

BLEEPINGCOMPUTER.COM — 01 Feb 2024

🔥

How 2023 Broke Long-Running Records for Health Data Breaches

DATABREACHTODAY.CO.UK — 2024-02-01

🔥

The Internet of Shit, AI Funding, Market Struggles, The Cyber Why, and when to Quit - ESW #348

YOUTUBE.COM — 2024-02-01

🔥

Breach Roundup: CIA Hacking Tool Leaker Gets 40 Years

DATABREACHTODAY.CO.UK — 2024-02-01

🔥

FTC Blasts Blackbaud's 'Shoddy' Practices in Ransomware Hack

DATABREACHTODAY.CO.UK — 2024-02-01

🕵️

Leaky Vessels: Docker and runc Container Breakout Vulnerabilities - January 2024

SNYK.IO — 01 Feb 2024

🕵️

US Says it Disrupted a China Cyber Threat, but Warns Hackers Could Still Wreak Havoc for Americans

SECURITYWEEK.COM — 01 Feb 2024

🕵️

ISC Stormcast For Thursday, February 1st, 2024 https://isc.sans.edu/podcastdetail/8834, (Thu, Feb 1st)

ISC.SANS.EDU — 01 Feb 2024

🕵️

‘Tis the Season for Tax Hax

PROOFPOINT.COM — 01 Feb 2024

🕵️

Why Are Cybersecurity Automation Projects Failing?

SECURITYWEEK.COM — 01 Feb 2024

🕵️

Pawn Storm APT Launch Hash Relay Attacks on Government Departments

GBHACKERS.COM — 01 Feb 2024

🕵️

Grandoreiro Banking Malware Infrastructure Seized by Authorities

GBHACKERS.COM — 01 Feb 2024

🕵️

[Live Demo] Ridiculously Easy Security Awareness Training and Phishing

KNOWBE4.COM — 01 Feb 2024

🕵️

Short, Mid and Long-Term Impacts of AI in Cybersecurity

PALOALTONETWORKS.COM — 01 Feb 2024

🕵️

Man Sentenced to Prison for Stealing Millions in Cryptocurrency via SIM Swapping

SECURITYWEEK.COM — 01 Feb 2024

🕵️

Feds Untether Hundreds Of Routers From Volt Typhoon Botnet

PACKETSTORMSECURITY.COM — 01 Feb 2024

🕵️

‘Leaky Vessels’ Container Escape Vulnerabilities Impact Docker, Others

SECURITYWEEK.COM — 01 Feb 2024

🕵️

Watch: Top Cyber Officials Testify on China’s Cyber Threat to US Critical Infrastructure

SECURITYWEEK.COM — 01 Feb 2024

🕵️

How Long Will FBI's 'Volt Tycoon' Router Interdiction Stick?

DATABREACHTODAY.CO.UK — 2024-02-01

🕵️

Associated Press: "Grave peril of digital conspiracy theories."

KNOWBE4.COM — 01 Feb 2024

🕵️

81% of Underwriters Expect Cyber Insurance Premiums to Increase as Risk is Expected to Soar

KNOWBE4.COM — 01 Feb 2024

🕵️

ANY.RUN Sandbox Now Let SOC & DFIR Teams Analyze Sophisticated Linux Malware

GBHACKERS.COM — 01 Feb 2024

🕵️

Frog4Shell — FritzFrog Botnet Adds One-Days to Its Arsenal

AKAMAI.COM — 01 Feb 2024

🕵️

Your Security Program Is Shit

CRANKYSEC.COM — 01 Feb 2024

🕵️

Uber Fined 10 Million Euros by Dutch Data Regulator

DATABREACHTODAY.CO.UK — 2024-02-01

🕵️

Palo Alto Told to Pay Centripetal $150M for Patent Theft

DATABREACHTODAY.CO.UK — 2024-02-01

🕵️

VajraSpy: A Patchwork of espionage apps

WELIVESECURITY.COM — 01 Feb 2024

🕵️

Connect with Microsoft at these cybersecurity events in 2024

MICROSOFT.COM — 01 Feb 2024

🕵️

3 new ways the Microsoft Intune Suite offers security, simplification, and savings

MICROSOFT.COM — 01 Feb 2024

🕵️

The Economic Ripple Effects of Automated Counter-Drone Solutions

GBHACKERS.COM — 01 Feb 2024

🌐

EMEA Live Panel | Defending Against Today's Threat Landscape with MDR

DATABREACHTODAY.CO.UK — 2024-02-01

🌐

AI-Generated Code Leads to Security Issues for Most Businesses: Report

CYBERSECURITYDIVE.COM — 01 Feb 2024

🌐

Brazilian Police Make Arrests in Grandoreiro Banking Malware Case

THERECORD.MEDIA — 01 Feb 2024

🌐

PurpleFox malware infected thousands of systems in Ukraine

BLEEPINGCOMPUTER.COM — 01 Feb 2024

🌐

More Android apps riddled with malware spotted on Google Play

BLEEPINGCOMPUTER.COM — 01 Feb 2024

🌐

PurpleFox malware infects thousands of computers in Ukraine

BLEEPINGCOMPUTER.COM — 01 Feb 2024

🎙️

Smashing Security podcast #357: Interview with an iPhone thief, anti-AI, and have we gone too far?

GRAHAMCLULEY.COM — 01 Feb 2024

📡

Nigerian 'Yahoo Boys' Behind Social Media Sextortion Surge in the US

INFOSECURITY-MAGAZINE.COM — 01 Feb 2024

📡

New York AG Sues Citibank for Poor Phishing Protections

BANKINFOSECURITY.COM — 01 Feb 2024

📡

'Leaky Vessels' Cloud Bugs Allow Container Escapes Globally

DARKREADING.COM — 01 Feb 2024

📡

HeadCrab 2.0 Goes Fileless, Targeting Redis Servers for Crypto Mining

THEHACKERNEWS.COM — 01 Feb 2024

📡

Exposed Docker APIs Under Attack in 'Commando Cat' Cryptojacking Campaign

THEHACKERNEWS.COM — 01 Feb 2024

📡

What is a "Top Level Domain"?, (Thu, Feb 1st)

ISC.SANS.EDU — 01 Feb 2024

📡

Italian Data Protection Watchdog Accuses ChatGPT of Privacy Violations

THEHACKERNEWS.COM — 01 Feb 2024

📡

Meta Boss Mark Zuckerberg Apologizes To Families In Fiery Senate Hearing

PACKETSTORMSECURITY.COM — 01 Feb 2024

📡

Man Sentenced To Prison For Cryptocurrency Theft Via SIM Swapping

PACKETSTORMSECURITY.COM — 01 Feb 2024

📡

New York Sues Citibank Over Poor Data Security

PACKETSTORMSECURITY.COM — 01 Feb 2024

📡

Google shares fix for Pixel phones hit by bad system update

BLEEPINGCOMPUTER.COM — 01 Feb 2024

📡

US Charges Two More Suspects With DraftKings Account Hacks

BLEEPINGCOMPUTER.COM — 01 Feb 2024

📡

Safeguarding UK Energy: A Deep Dive into Cybersecurity Strategies

DATABREACHTODAY.CO.UK — 2024-02-01

📡

Aim Security Raises $10M for its GenAI Security Platform

TECHCRUNCH.COM — 01 Feb 2024

📡

Here is Apple’s official ‘jailbroken’ iPhone for security researchers

TECHCRUNCH.COM — 01 Feb 2024

📡

Incognia Raises $31M in Series B Funding

FINSMES.COM — 01 Feb 2024

📡

Arrests in $400M SIM-Swap Tied to Heist at FTX?

KREBSONSECURITY.COM — 01 Feb 2024

📡

Microsoft fixes connection issue affecting Outlook email apps

BLEEPINGCOMPUTER.COM — 01 Feb 2024