122Articles
10Categories
2024-02-01Date
🚨 CISA KEV 1[−]
1 Feb KEVPRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical InfrastructureSUMMARY The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Federal Bureau of Investigation (FBI) assess that People’s Republic of China (PRC) state-sponsored cyber actors are seeking to pre-position themselves on IT networks for disru…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 5[−]
1 FebRunC Flaws Enable Container Escapes, Granting Attackers Host AccessMultiple security vulnerabilities have been disclosed in the runC command line tool that could be exploited by threat actors to escape the bounds of the container and stage follow-on attacks. The vulnerabilities, tracked as CVE-2024-21626, CVE-2024-23651, CVE-2024-23652, and CVE-…THEHACKERNEWS.COM
1 Feb KEVCISA Warns of Active Exploitation of Critical Vulnerability in iOS, iPadOS, and macOSThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a high-severity flaw impacting iOS, iPadOS, macOS, tvOS, and watchOS to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability, tr…THEHACKERNEWS.COM
1 FebGlibc library vulnerability published | Kaspersky official blogCVE-2023-6246 found in glibc (GNU C Library) affects Debian, Ubuntu and Fedora, and likely other Linux distributions.KASPERSKY.COM
1 FebExploit Released for Android Local Elevation Flaw Impacting Seven OEMsA local privilege elevation flaw (CVE-2023-45779) affecting several Android OEMs was discovered and addressed in the December 2023 security update, highlighting weaknesses in APEX module signing using test keys.BLEEPINGCOMPUTER.COM
1 FebMoby and Open Container Initiative Release Critical Updates for Multiple Vulnerabilities Affecting Docker-related ComponentsMoby and the Open Container Initiative (OCI) have released updates for multiple vulnerabilities ( CVE-2024-23651 , CVE-2024-23652 , CVE-2024-23653 , CVE-2024-21626 ) affecting Docker-related components, including Moby BuildKit and OCI runc. A cyber threat actor could exploit thes…CISA.GOV
⚠️ VULNERABILITY DISCLOSURE 33[−]
1 FebMercedes-Benz Source Code Leaked via mishandled GitHub tokenMercedes-Benz has been reported to have leaked its source code due to a GitHub token leak from an organization employee. This particular leak was identified during an internet scan from a research team, revealing a GitHub repository holding this information. This token gave unres…GBHACKERS.COM
1 FebWarning: New Malware Emerges in Attacks Exploiting Ivanti VPN VulnerabilitiesGoogle-owned Mandiant said it identified new malware employed by a China-nexus espionage threat actor known as UNC5221 and other threat groups during post-exploitation activity targeting Ivanti Connect Secure VPN and Policy Secure devices. This includes custom web shells such as …THEHACKERNEWS.COM
1 FebCISA Warns of Active Exploitation of Critical Flaws in Apple iOS and macOSThe flaw allows attackers with arbitrary read and write capability to bypass Pointer Authentication, and it's recommended that Federal Civilian Executive Branch (FCEB) agencies apply the fixes by February 21, 2024.THEHACKERNEWS.COM
1 FebRansomware Incidents Hit Record High, But Law Enforcement Takedowns Slow GrowthAccording to Corvus, the number of active ransomware groups grew by 34% between Q1 and Q4 2023, linked to the fracturing of well-known ransomware groups that leaked their proprietary encryptors.INFOSECURITY-MAGAZINE.COM
1 FebTwo New Ivanti Bugs Discovered as CISA Warns of Hackers Bypassing MitigationsIvanti has discovered two new vulnerabilities in its Policy Secure and Connect Secure VPN products, impacting U.S. government and other industries. One is an unauthorized access issue, while the other allows privilege escalation.THERECORD.MEDIA
1 FebMOVEit Liabilities Mount for Progress SoftwareWhile the financial impact on Progress Software from the MOVEit zero-day vulnerability has been minimal so far, the firm is still dealing with 118 class-action lawsuits and formal government investigations, including subpoenas from the SEC and FTC.CYBERSECURITYDIVE.COM
1 FebApple Patches Vision Pro Vulnerability as CISA Warns of iOS Flaw ExploitationApple releases first security update for Vision Pro VR headset as CISA issues warning about exploitation of iOS vulnerability. The post Apple Patches Vision Pro Vulnerability as CISA Warns of iOS Flaw Exploitation appeared first on SecurityWeek .SECURITYWEEK.COM
1 FebAudio-jacking: Using generative AI to distort live audio transactionsThe rise of generative AI, including text-to-image, text-to-speech and large language models (LLMs), has significantly changed our work and personal lives. While these advancements offer many benefits, they have also presented new challenges and risks. Specifically, there has bee…SECURITYINTELLIGENCE.COM
1 FebWhy the Right Metrics Matter When it Comes to Vulnerability ManagementHow’s your vulnerability management program doing? Is it effective? A success? Let’s be honest, without the right metrics or analytics, how can you tell how well you’re doing, progressing, or if you’re getting ROI? If you’re not measuring, how do you know it’s working? And even i…THEHACKERNEWS.COM
1 FebHeadCrab 2.0 Goes Fileless, Targeting Redis Servers for Crypto MiningCybersecurity researchers have detailed an updated version of the malware HeadCrab that's known to target Redis database servers across the world since early September 2021. The development, which comes exactly a year after the malware was first publicly disclosed&…THEHACKERNEWS.COM
1 FebFeds Say Anti-Robocall Efforts Appear to be Working Against Foreign SourcesThe U.S. government has observed a decrease in scam-oriented international robocalls reaching Americans, indicating improved efforts by telecom gateway providers to block fraudulent voice-call spamming.THERECORD.MEDIA
1 FebFacebook’s Extensive Surveillance NetworkConsumer Reports is reporting that Facebook has built a massive surveillance network: Using a panel of 709 volunteers who shared archives of their Facebook data, Consumer Reports found that a total of 186,892 companies sent data about them to the social network. On average, each …SCHNEIER.COM
1 FebU.S. Feds Shut Down China-Linked "KV-Botnet" Targeting SOHO RoutersThe U.S. government on Wednesday said it took steps to neutralize a botnet comprising hundreds of U.S.-based small office and home office (SOHO) routers hijacked by a China-linked state-sponsored threat actor called Volt Typhoon and blunt the impact posed by the hacking campaign.…THEHACKERNEWS.COM
1 FebProtect AI adds LLM support with open source acquisitionAI and ML security platform Protect AI has integrated a widely used, open source large language model (LLM) security tool — LLM Guard — into existing offerings after acquiring its developer Laiyer AI. Available as a Python package accessible through a preferred installer prog…CSOONLINE.COM
1 FebFaction: Open-Source Pentesting Report Generation and Collaboration FrameworkFaction is an open-source solution designed to streamline penetration testing report generation and assessment collaboration, aiming to save time, reduce stress, and improve information security workflows.HELPNETSECURITY.COM
1 Feb KEVCISA orders federal agencies to disconnect Ivanti VPN appliances by SaturdayCISA has ordered U.S. federal agencies to disconnect all Ivanti Connect Secure and Policy Secure VPN appliances vulnerable to multiple actively exploited bugs before Saturday. [...]BLEEPINGCOMPUTER.COM
1 FebOkta lays off 400 employees — almost exactly a year after last staff cutsU.S. access and identity management giant Okta has said it is laying off approximately 400 employees, or 7% of its global workforce. The layoffs come almost exactly a year to the day after Okta announced plans to reduce its workforce by 5%, about 300 employees. In an email sent t…TECHCRUNCH.COM
1 FebNew Windows Event Log zero-day flaw gets unofficial patchesFree unofficial patches are available for a new Windows zero-day vulnerability dubbed 'EventLogCrasher' that lets attackers remotely crash the Event Log service on devices within the same Windows domain. [...]BLEEPINGCOMPUTER.COM
1 FebFritzFrog Returns with Log4Shell and PwnKit, Spreading Malware Inside Your NetworkThe threat actor behind a peer-to-peer (P2P) botnet known as FritzFrog has made a return with a new variant that leverages the Log4Shell vulnerability to propagate internally within an already compromised network. "The vulnerability is exploited in a brute-for…THEHACKERNEWS.COM
1 FebCVE, CVSS, EPSS Falls Short - PSW #815When an RCE really isn’t, your kernel is vulnerable, calling all Windows 3.11 experts, back to Ebay, Turkish websites and credentials, 10 public exploits for the same vulnerability, hacking Bitcoin ATMs, another vulnerability disclosure timeline gone wrong, Flipper Zero tips and …YOUTUBE.COM
1 FebCISA Releases Two Industrial Control Systems AdvisoriesCISA released two Industrial Control Systems (ICS) advisories on February 1, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-032-01 Gessler GmbH WEB-MASTER ICSA-24-032-03 AVEVA Edge products (…CISA.GOV
1 FebZero-Day Vulnerability can Blind Defenses Relying on Windows Event LogsThe vulnerability can be leveraged by an attacker with local network access, and until Microsoft issues a patch, users can implement micropatches provided by Acros to mitigate the risk.HELPNETSECURITY.COM
1 FebUS gives federal agencies 48 hours to disconnect flawed Ivanti VPN techU.S. cybersecurity agency CISA has ordered federal agencies to urgently disconnect Ivanti VPN appliances given the risk of malicious exploitation due to multiple software flaws. In an update to an emergency directive first published last week, CISA is now mandating that all feder…TECHCRUNCH.COM
1 FebMicrosoft Teams: The New Phishing Battlefront - How Attackers Are Exploiting Trusted PlatformsAttackers are abusing Microsoft Teams to send phishing messages, according to researchers at AT&T Cybersecurity.KNOWBE4.COM
1 FebDoes CVSS 4.0 Solve the Exploitability Problem?The new system introduces changes such as splitting attack complexity into two parameters and categorizing user interaction into three levels, offering a more nuanced and comprehensive assessment of vulnerabilities.HELPNETSECURITY.COM
1 FebUN Cybercrime Treaty Could Endanger Web SecurityRoyal Hansen, Vice President of Privacy, Safety and Security Engineering This week, the United Nations convened member states to continue its years-long negotiations on the UN Cybercrime Treaty, titled “ Countering the Use of Information and Communications Technologies for Crimin…SECURITY.GOOGLEBLOG.COM
1 FebOkta Lays Off 400 Employees in Second Round of DismissalsThe Identity Provider Experienced a String of Embarrassing Cybersecurity Incidents Okta announced layoffs amounting to 7% of its workforce in a restructuring that will cost 400 employees their jobs. Thursday's disclosure is the second round of layoffs the company has undergone in…DATABREACHTODAY.CO.UK
1 FebProtect AI Acquires Laiyer AI to Better Secure AI ModelsThe acquisition will enable organizations to benefit from Laiyer AI's LLM Guard software, which detects, redacts, and sanitizes inputs and outputs from LLMs with lower latency, while also supporting open source contributions.SECURITYBOULEVARD.COM
1 FebBazel PoC attack highlights transitive vulnerability risk in custom GitHub ActionsSecurity researchers demonstrated a software supply-chain attack that could have allowed them to backdoor the codebase of Bazel, a Google-developed open-source tool for automating software building and testing. The attack exploited vulnerabilities in a custom GitHub Action used b…CSOONLINE.COM
1 FebUK: City Cyber Task Force Launches to Secure Corporate FinanceThe Institute of Chartered Accountants in England and Wales (ICAEW) and the National Cyber Security Centre (NCSC) are leading a task force with other organizations to improve the security of corporate finance deals.INFOSECURITY-MAGAZINE.COM
1 FebCloudflare hacked using auth tokens stolen in Okta attackCloudflare disclosed today that its internal Atlassian server was breached by a 'nation state' attacker who accessed its Confluence wiki, Jira bug database, and Atlassian Bitbucket source code management system. [...]BLEEPINGCOMPUTER.COM
1 FebThe Elephant in the Pipeline: Securing the Wild, Untamed Software Supply Chain - Pete ... - ESW #348We've seen general users targeted with phishing, financial employees targeted for BEC scams, and engineers targeted for access to infrastructure. The truly scary attacks, however, are the indirect ones that are automated. The threats that come in via software updates, or trusted …YOUTUBE.COM
📋 SECURITY BULLETINS 2[−]
1 FebMastodon security update: every version prior to today's is vulnerable to remote user impersonation and takeoversubmitted by Blaze to securitynews 1 points | 0 comments https://github.com/mastodon/mastodon/security/advisories/GHSA-3fjr-858r-92rwGITHUB.COM
1 FebThe Elephant in the Pipeline: Securing the Wild, Untamed Software Supply Chain – Pete MorganWe've seen general users targeted with phishing, financial employees targeted for BEC scams, and engineers targeted for access to infrastructure. The truly scary attacks, however, are the indirect ones that are automated. The threats that come in via software updates, or trusted …YOUTUBE.COM
📢 SECURITY ADVISORIES 9[−]
1 FebUS IaaS Providers Face 'Know Your Customer' RegulationThe proposed regulation would impose compliance costs on IaaS providers, including data retention and record-keeping requirements, potentially costing up to $170 million annually for affected companies.BANKINFOSECURITY.COM
1 FebUS security agencies terminate China-backed hacking attemptThe US administration has claimed to have stopped a China-sponsored attempt to place malware that could potentially damage the country’s critical infrastructure. “The hackers, Volt Typhoon, used privately owned SOHO [Small Office and Home Office] routers infected with the ‘…CSOONLINE.COM
1 FebHackers Obtain Confidential Information on Romanian Officials After Cyberattack at ParliamentHackers breached the Romanian Chamber of Deputies' database and obtained confidential information, including the prime minister's identity documents and medical analyses. They threatened to release the data unless they received a ransom of $34,000.ROMANIA-INSIDER.COM
1 FebGlobal Affairs Canada Hit by Cyberattack, Shuts Down Computer Systems to FixThe Foreign Ministry of Canada has been hit by a cyberattack, leading to the closure of remote access to its network. Hackers gained access to personal data, and experts suspect a foreign country, possibly Russia or China, to be behind the attack.THEGLOBEANDMAIL.COM
1 FebCISA Sets 48-hour Deadline for Removal of Insecure Ivanti ProductsIn an unprecedented move, CISA is demanding that federal agencies disconnect all instances of Ivanti Connect Secure and Ivanti Policy Secure products within 48 hours. The post CISA Sets 48-hour Deadline for Removal of Insecure Ivanti Products appeared first on SecurityWeek .SECURITYWEEK.COM
1 FebHow is IR sniping and AI changing the game in today’s ever-evolving threat situation?In today’s rapidly evolving cybersecurity landscape, having a proficient security team in place is not enough. Organizations must understand the nuances of modern risks. The third and fourth episodes of the Unit 42 Threat Vector podcast shed light on two critical aspects: IR snip…CSOONLINE.COM
🔥 INCIDENT REPORTING 22[−]
1 FebPhobos Ransomware Expands with New FAUST VariantFortiGuard Labs exposed a fresh attack vector involving the FAUST ransomware, a Phobos variant. The attackers employed a Visual Basic script in an Office document to propagate FAUST. They utilized the Gitea service to store encoded files. The ransomware employs advanced evasion t…CYWARE.COM
1 FebNitrogen Shelling Malware From Hacked SitesThe threat actors behind the Nitrogen campaign prefer hosting their payloads on compromised WordPress sites and have a known connection to ransomware, making it a serious threat to businesses.MALWAREBYTES.COM
1 FebHackers Started using Python for Developing New RansomwareRansomware has been one of the top threats to organizations, contributing several millions of dollars to multiple organizations worldwide. Most of these ransomware operators infiltrate the systems, steal sensitive data, and lock the systems with ransomware. There have been a vari…GBHACKERS.COM
1 FebCybercriminals Embrace Smarter Strategies, Less EffortThe expanding supply chain vulnerabilities and digital transformation are increasing the risk of data breaches in 2024. Threat actors may target rare earth material supply chains and leverage small-scale data manipulation for major impact.HELPNETSECURITY.COM
1 FebCybercriminals Stole Around $112 Million Worth of XRP From Ripple’s Co-FounderChris Larsen's personal XRP accounts were compromised, but Ripple was not impacted. The fraudulent activity was quickly detected, and the affected address was frozen with the help of other exchanges.SECURITYAFFAIRS.COM
1 FebJohnson Controls Ransomware Attack: Data Theft Confirmed, Cost Exceeds $27 MillionJohnson Controls confirms that the recent ransomware attack resulted in data theft and says expenses reached $27 million. The post Johnson Controls Ransomware Attack: Data Theft Confirmed, Cost Exceeds $27 Million appeared first on SecurityWeek .SECURITYWEEK.COM
1 FebFootball Australia Data Leak Exposes Players’ Contracts, Fans’ Personal DetailsThe leak included passports, player contracts, and personal data, potentially affecting every Australian football fan. Cybersecurity experts believe the breach was likely due to human error, and the FA is investigating the matter.THEGUARDIAN.COM
1 FebNew York Sues Citibank Over Poor Data SecurityNew York attorney general is suing Citibank for failing to protect customers against hackers and fraudsters who have stolen millions. The post New York Sues Citibank Over Poor Data Security appeared first on SecurityWeek .SECURITYWEEK.COM
1 FebAt Least 30 Journalists, Lawyers and Activists Hacked With Pegasus in Jordan, Forensic Probe FindsPegasus spyware from NSO Group was used in Jordan to hack the cellphones of journalists, lawyers, human rights and political activists. The post At Least 30 Journalists, Lawyers and Activists Hacked With Pegasus in Jordan, Forensic Probe Finds appeared first on SecurityWeek .SECURITYWEEK.COM
1 FebUpdate: Johnson Controls Reports $27M Hit From Ransomware AttackThe company's ongoing investigation and remediation efforts are focused on containing the unauthorized activity and assessing the impact on data, with no observed evidence of impact on its digital products and solutions.CYBERSECURITYDIVE.COM
1 FebThe Rise of Python-Scripted RansomwareThe ransomware, named "grinchv3," self-copies itself to the startup folder for persistence, encrypts user data using the Fernet symmetric key encryption algorithm, and adds a pop-up message after encryption.LABS.K7COMPUTING.COM
1 FebPentagon Investigating Theft of Sensitive Files by Ransomware GroupThe Department of Defense is investigating claims by the ransomware group ALPHV that they have stolen sensitive data related to the U.S. military, including information from the Defense Counterintelligence and Security Agency.CYBERSCOOP.COM
1 FebIdentifying Bad By Defining Good - Danny Jenkins - PSW #815Danny Jenkins, CEO & Co-Founder of ThreatLocker, a cybersecurity firm providing Zero Trust endpoint security, is a leading cybersecurity expert with over two decades of experience building and securing corporate networks, including roles on red and blue teams. He is dedicated to …YOUTUBE.COM
1 FebCryptohack Roundup: 2024's Biggest Heist - So FarAlso: US Courts Announce Guilty Pleas and Hand Out Sentences in Crypto-Linked Cases This week, a Ripple co-founder and a karaoke platform were hacked, Mexican crypto banks were targeted, authorities seized crypto in the U.S. and Germany, the DOJ made charges in crypto cases, peop…DATABREACHTODAY.CO.UK
1 FebEuropcar Denies Data Breach of 50 Million Users, Says Data is FakeSecurity researchers suggest that the fake data may not have been generated using artificial intelligence, as claimed, but rather through existing projects that can create realistic-looking data.BLEEPINGCOMPUTER.COM
1 FebTransatlantic Cable podcast episode 332 | Kaspersky official blogEpisode 332 of the Kaspersky podcast has AI legal issues, Mozilla worries, live facial recognition and 23andMe data breach newsKASPERSKY.COM
1 FebFTC orders Blackbaud to boost security after massive data breachBlackbaud has settled with the Federal Trade Commission after being charged with poor security and reckless data retention practices, leading to a May 2020 ransomware attack and a data breach affecting millions of people. [...]BLEEPINGCOMPUTER.COM
1 FebHow 2023 Broke Long-Running Records for Health Data BreachesWhat Will 2024 Be Like If the Healthcare Sector Doesn't Step Up? Thanks to the massive Anthem hack, for nearly a decade 2015 has been the record year for U.S. health data breaches - with 112.5 million people affected. But 2023 shattered that record, big-time. Will 2024 be another…DATABREACHTODAY.CO.UK
1 FebThe Internet of Shit, AI Funding, Market Struggles, The Cyber Why, and when to Quit - ESW #348In this week's Enterprise Security News, Adrian, Tyler, and Katie discuss: 1. Tons of funding! 2. A notable acquisition! 3. The line is blurring between services and product firms 4. Apparently IronNet isn’t dead? 5. The toxicity of Hero culture in tech 6. Knowing when to quit 7.…YOUTUBE.COM
1 FebBreach Roundup: CIA Hacking Tool Leaker Gets 40 YearsAlso: Cloudflare Was Hacked With Stolen Okta Token This week, former CIA programmer gets 40-year sentence, zero trust prevents widespread damage, possible ransomware attack in Georgia, alleged hacker detained in Ukraine, USB-spread malware in Italy, LockBit attack on non-bank hom…DATABREACHTODAY.CO.UK
1 FebFTC Blasts Blackbaud's 'Shoddy' Practices in Ransomware HackFTC Is Latest Agency to Rebuke Fundraising Firm for Lax Security in 2020 Attack The Federal Trade Commission is the latest regulatory agency taking action against fundraising and customer relationship management software provider Blackbaud in the aftermath of a 2020 ransomware in…DATABREACHTODAY.CO.UK
🕵️ THREAT INTELLIGENCE 25[−]
1 FebLeaky Vessels: Docker and runc Container Breakout Vulnerabilities - January 2024submitted by L4s to secops 1 points | 0 comments https://snyk.io/blog/leaky-vessels-docker-runc-container-breakout-vulnerabilities/ Leaky Vessels: Docker and runc Container Breakout Vulnerabilities - January 2024::Snyk Security Labs Team has identified four container breakout vul…SNYK.IO
1 FebUS Says it Disrupted a China Cyber Threat, but Warns Hackers Could Still Wreak Havoc for AmericansChinese government hackers are busily targeting water treatment plants, the electrical grid, transportation systems and other critical infrastructure inside the United States, FBI Director Chris Wray told lawmakers. The post US Says it Disrupted a China Cyber Threat, but Warns Ha…SECURITYWEEK.COM
1 FebISC Stormcast For Thursday, February 1st, 2024 https://isc.sans.edu/podcastdetail/8834, (Thu, Feb 1st)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
1 Feb‘Tis the Season for Tax HaxTA576, a cybercriminal threat actor, has returned with tax-themed lures targeting accounting and finance organizations during the U.S. tax season, using unique attack chains and delivering Parallax RAT.PROOFPOINT.COM
1 FebWhy Are Cybersecurity Automation Projects Failing?The cybersecurity industry has taken limited action to reduce cybersecurity process friction, reduce mundane tasks and improve overall user experience. The post Why Are Cybersecurity Automation Projects Failing? appeared first on SecurityWeek .SECURITYWEEK.COM
1 FebPawn Storm APT Launch Hash Relay Attacks on Government DepartmentsIn the analysis by Trendmicro, they dissect the recent maneuvers of this advanced persistent threat (APT) actor, shedding light on its unyielding repetition of tactics and the intricate dance between its seemingly unsophisticated campaigns and the concealed sophistication within.…GBHACKERS.COM
1 FebGrandoreiro Banking Malware Infrastructure Seized by AuthoritiesThe Grandoreiro, a criminal organization that uses banking malware to commit electronic banking fraud against Spain, Mexico, Brazil, and Argentina, has been seized by authorities. It’s been operating since 2017. Through fraudulent actions, the criminal group is believed to …GBHACKERS.COM
1 Feb[Live Demo] Ridiculously Easy Security Awareness Training and PhishingOld-school awareness training does not hack it anymore. Your email filters have an average 7-10% failure rate; you need a strong human firewall as your last line of defense.KNOWBE4.COM
1 FebShort, Mid and Long-Term Impacts of AI in CybersecurityKyle Wilhoit, director for threat research at Unit 42 Threat Intelligence, shares thoughts and predictions on impacts of AI in cybersecurity. The post Short, Mid and Long-Term Impacts of AI in Cybersecurity appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
1 FebMan Sentenced to Prison for Stealing Millions in Cryptocurrency via SIM SwappingDaniel James Junk sentenced to six years in prison for stealing millions in cryptocurrency through SIM swapping. The post Man Sentenced to Prison for Stealing Millions in Cryptocurrency via SIM Swapping appeared first on SecurityWeek .SECURITYWEEK.COM
1 Feb‘Leaky Vessels’ Container Escape Vulnerabilities Impact Docker, OthersSnyk discloses information on Leaky Vessels, several potentially serious container escape vulnerabilities affecting Docker and others. The post ‘Leaky Vessels’ Container Escape Vulnerabilities Impact Docker, Others appeared first on SecurityWeek .SECURITYWEEK.COM
1 FebWatch: Top Cyber Officials Testify on China’s Cyber Threat to US Critical InfrastructureVideo: Top US cyber officials testify on China’s cyber threat to U.S. national security and critical infrastrcuture. The post Watch: Top Cyber Officials Testify on China’s Cyber Threat to US Critical Infrastructure appeared first on SecurityWeek .SECURITYWEEK.COM
1 FebHow Long Will FBI's 'Volt Tycoon' Router Interdiction Stick?Volume of Poorly Secured, Legacy IoT That Can Be Turned Against Us Keeps Growing The FBI announcing that it has forcibly removed "KV Botnet" Chinese nation-state malware from "hundreds" of poorly secured SOHO routers across America highlights the risk posed by the growing volume …DATABREACHTODAY.CO.UK
1 FebAssociated Press: "Grave peril of digital conspiracy theories."The AP published a great article . This is your executive summary: Conspiracy theories have always been part of American culture, but advanced technology is making them more persuasive and dangerous than ever before. This was evident after the devastating Maui wildfires last…KNOWBE4.COM
1 Feb81% of Underwriters Expect Cyber Insurance Premiums to Increase as Risk is Expected to SoarNew data from cyber insurance underwriters shows what they think the biggest threats will be in 2024 and what organizations should do about it. KNOWBE4.COM
1 FebANY.RUN Sandbox Now Let SOC & DFIR Teams Analyze Sophisticated Linux MalwareThe ANY.RUN sandbox has now been updated with support for Linux, further enhancing its ability to provide an isolated and secure environment for malware analysis and threat hunting. This newly added feature will enable security analysts to investigate and simulate malicious activ…GBHACKERS.COM
1 FebFrog4Shell — FritzFrog Botnet Adds One-Days to Its Arsenalsubmitted by L4s to secops 1 points | 0 comments https://www.akamai.com/blog/security-research/fritzfrog-botnet-new-capabilities-log4shell Frog4Shell — FritzFrog Botnet Adds One-Days to Its Arsenal::undefinedAKAMAI.COM
1 FebYour Security Program Is Shitsubmitted by L4s to secops 1 points | 0 comments https://crankysec.com/blog/shite/ Your Security Program Is Shit::Very shitCRANKYSEC.COM
1 FebUber Fined 10 Million Euros by Dutch Data RegulatorRide-Hailing Company Fined for Inadequate Data Transparency Practices Under GDPR Uber must pay a fine of 10 million euros to the Dutch data protection authority after the agency found the ride-hailing app maker had not been transparent about how long it kept driver data and which…DATABREACHTODAY.CO.UK
1 FebPalo Alto Told to Pay Centripetal $150M for Patent TheftFederal Court Says Palo Alto Networks Violated Centripetal's Patent Rights A federal jury said Wednesday that Palo Alto Networks directly violated another cybersecurity firm's patent rights for a "threat intelligence gateway" network security technology and awarded Centripetal Ne…DATABREACHTODAY.CO.UK
1 FebVajraSpy: A Patchwork of espionage appsESET researchers discovered several Android apps carrying VajraSpy, a RAT used by the Patchwork APT groupWELIVESECURITY.COM
1 FebConnect with Microsoft at these cybersecurity events in 2024Cybersecurity professionals, business decision makers, and developers involved in cybersecurity have many industry events to choose from. But with all the possibilities, they may be unsure of which one is right for them. Read on for recommendations based on your role. The post Co…MICROSOFT.COM
1 Feb3 new ways the Microsoft Intune Suite offers security, simplification, and savingsThe main components of the Microsoft Intune Suite are now generally available. Read about how consolidated endpoint management adds value and functionality for security teams. The post 3 new ways the Microsoft Intune Suite offers security, simplification, and savings appeared fir…MICROSOFT.COM
1 FebThe Economic Ripple Effects of Automated Counter-Drone SolutionsAutomated Counter-Drone solutions detect, track, neutralize, or disable unmanned aerial vehicles (drones) that pose a security threat. These systems can safeguard essential facilities such as airports, jails, and other areas of concern from unlawful drone activity. From…GBHACKERS.COM
🌐 CYBER THREAT LANDSCAPE 6[−]
1 FebAI-Generated Code Leads to Security Issues for Most Businesses: ReportAccording to a survey by Snyk, over three-quarters of developers are bypassing established protocols to use AI-powered code completion tools, raising concerns about security implications.CYBERSECURITYDIVE.COM
1 FebBrazilian Police Make Arrests in Grandoreiro Banking Malware CaseThe Grandoreiro malware can track keyboard inputs, simulate mouse activity, and initiate communication with criminals’ servers, making it a potent threat to banking activities.THERECORD.MEDIA
1 FebPurpleFox malware infected thousands of systems in UkraineThe Computer Emergency Response Team in Ukraine (CERT-UA) is warning about a PurpleFox malware campaign that has infected at least 2,000 computers in the country. [...]BLEEPINGCOMPUTER.COM
1 FebMore Android apps riddled with malware spotted on Google PlayAn Android remote access trojan (RAT) known as VajraSpy was found in 12 malicious applications, six of which were available on Google Play from April 1, 2021, through September 10, 2023. [...]BLEEPINGCOMPUTER.COM
1 FebPurpleFox malware infects thousands of computers in UkraineThe Computer Emergency Response Team in Ukraine (CERT-UA) is warning about a PurpleFox malware campaign that has infected at least 2,000 computers in the country. [...]BLEEPINGCOMPUTER.COM
🎙️ PODCASTS 1[−]
1 FebSmashing Security podcast #357: Interview with an iPhone thief, anti-AI, and have we gone too far?The iPhone security setting that you should enable right now, the worrying way that AI is predicting what criminals look like, and we play a game of face fake or real... All this and much more is discussed in the latest edition of the award-winning "Smashing Security" podcast by …GRAHAMCLULEY.COM
📡 INFOSEC NEWS 18[−]
1 FebNigerian 'Yahoo Boys' Behind Social Media Sextortion Surge in the USThe Network Contagion Research Institute (NCRI) has found that teenagers from Western English-speaking countries are increasingly targeted by financial sextortion attacks conducted by Nigeria-based cybercriminals, known as 'Yahoo Boys.'INFOSECURITY-MAGAZINE.COM
1 FebNew York AG Sues Citibank for Poor Phishing ProtectionsThe lawsuit from the New York Attorney General claims that the bank lacks sufficient security measures to prevent unauthorized transfers and fails to respond effectively when red flags are raised.BANKINFOSECURITY.COM
1 Feb'Leaky Vessels' Cloud Bugs Allow Container Escapes GloballyVulnerabilities in container engine components, dubbed "Leaky Vessels," pose a serious threat by allowing attackers to break out of containers and execute malicious actions on the underlying host system.DARKREADING.COM
1 FebHeadCrab 2.0 Goes Fileless, Targeting Redis Servers for Crypto MiningThe new version, HeadCrab 2.0, employs advanced evasion techniques and uses the Redis MGET command for command-and-control communications, making it more difficult to detect.THEHACKERNEWS.COM
1 FebExposed Docker APIs Under Attack in 'Commando Cat' Cryptojacking CampaignExposed Docker API endpoints over the internet are under assault from a sophisticated cryptojacking campaign called Commando Cat. "The campaign deploys a benign container generated using the Commando project," Cado security researchers Nate Bill and Matt Muir said&…THEHACKERNEWS.COM
1 FebWhat is a "Top Level Domain"?, (Thu, Feb 1st)In yesterday&#;x26;#;39;s diary, I discussed a new proposed top-level domain, ".internal". This reminded me to talk a bit about what a top-level domain is all about, and some different ways to look at the definition of a top-level domain. ISC.SANS.EDU
1 FebItalian Data Protection Watchdog Accuses ChatGPT of Privacy ViolationsThe Italian data protection authority has notified OpenAI, the maker of ChatGPT, of potential violations of the EU's GDPR privacy laws. The issues include collecting personal data, age protections, and potential exposure of sensitive information.THEHACKERNEWS.COM
1 FebGoogle shares fix for Pixel phones hit by bad system updateGoogle has shared a temporary fix for owners of Google Pixel devices that were rendered unusable after installing the January 2024 Google Play system update. [...]BLEEPINGCOMPUTER.COM
1 FebUS Charges Two More Suspects With DraftKings Account HacksThe defendants used credential stuffing techniques to compromise accounts, sell access to them, and devised a method for buyers to withdraw funds, resulting in millions of dollars in illicit gains.BLEEPINGCOMPUTER.COM
1 FebAim Security Raises $10M for its GenAI Security PlatformTel Aviv-based Aim Security has raised $10 million in seed funding for its new GenAI security platform, led by YL Ventures and including participation from Cyber Club London and angel investors.TECHCRUNCH.COM
1 FebHere is Apple’s official ‘jailbroken’ iPhone for security researchersIn 2019, Apple announced it would start sending some security researchers a “special” version of the iPhone designed to be used to find vulnerabilities, which could then be reported to Apple so the company could fix them. In 2020, the company started shipping the devices, which a…TECHCRUNCH.COM
1 FebIncognia Raises $31M in Series B FundingIncognia, a San Jose-based company specializing in location identity solutions, has raised $31M in Series B funding led by Bessemer Venture Partners, with participation from FJ Labs and existing investors.FINSMES.COM
1 FebArrests in $400M SIM-Swap Tied to Heist at FTX?Three Americans were charged this week with stealing more than $400 million in a November 2022 SIM-swapping attack. The U.S. government did not name the victim organization, but there is every indication that the money was stolen from the now-defunct cryptocurrency exchange FTX, …KREBSONSECURITY.COM
1 FebMicrosoft fixes connection issue affecting Outlook email appsMicrosoft has fixed a known issue causing desktop and mobile email clients to fail to connect when using Outlook.com accounts. [...]BLEEPINGCOMPUTER.COM