91Articles
8Categories
2024-02-05Date
🐛 COMMON VULNERABILITIES AND EXPOSURES 3[−]
5 FebNew Mispadu Banking Trojan Exploits Windows SmartScreen FlawThe Windows SmartScreen vulnerability CVE-2023-36025 allows threat actors to bypass warnings and execute malicious payloads using crafted .url files, posing a significant security risk to Windows users.UNIT42.PALOALTONETWORKS.COM
5 FebMispadu Malware Exploits Windows SmartScreen Flaw to Attack UsersA new variant of Mispadu stealer has been identified by researchers, which specifically targets victims in Mexico. This variant of Mispadu stealer utilizes the Windows SmartScreen vulnerability CVE-2023-36025, to download and execute malicious payloads on the system. Mispadu stea…GBHACKERS.COM
5 FebNewest Ivanti SSRF zero-day now under mass exploitationAn Ivanti Connect Secure and Ivanti Policy Secure server-side request forgery (SSRF) vulnerability tracked as CVE-2024-21893 is currently under mass exploitation by multiple attackers. [...]BLEEPINGCOMPUTER.COM
⚠️ VULNERABILITY DISCLOSURE 14[−]
5 FebNew Mispadu Banking Trojan Exploiting Windows SmartScreen FlawThe threat actors behind the Mispadu banking Trojan have become the latest to exploit a now-patched Windows SmartScreen security bypass flaw to compromise users in Mexico. The attacks entail a new variant of the malware that was first observed in 2019, Palo Alto Networks Unit 42 …THEHACKERNEWS.COM
5 FebPegasus Spyware Targeted iPhones of Journalists and Activists in JordanThe iPhones belonging to nearly three dozen journalists, activists, human rights lawyers, and civil society members in Jordan have been targeted with NSO Group's Pegasus spyware, according to joint findings from Access Now and the Citizen Lab. Nine of the 35 individuals have been…THEHACKERNEWS.COM
5 Feb8 things that should be in a company BEC policy documentBusiness email compromise (BEC) attacks made up more than 50% of incidents within social engineering in 2023, according to Verizon . The bad guys aren’t just increasing the volume of their attack attempts, they’re also getting way more sophisticated and automated in how they craf…CSOONLINE.COM
5 FebOT Maintenance Is Primary Source of OT Security Incidents: ReportA new ICS security report from TXOne Networks says many OT security incidents involved ransomware and vulnerability exploitation. The post OT Maintenance Is Primary Source of OT Security Incidents: Report appeared first on SecurityWeek .SECURITYWEEK.COM
5 FebNation-state actor used recent Okta compromises to hack into Cloudflare systemsCloudflare has revealed that a nation-state actor hacked into the company’s self-hosted Atlassian server in November 2023, but the attack was stopped by the internal team within a few days of access. The hack, which used stolen tokens and credentials, was able to access “some…CSOONLINE.COM
5 FebGoogle Open Sources AI-Aided Fuzzing FrameworkGoogle has released its fuzzing framework in open source to boost the ability of developers and researchers to identify vulnerabilities. The post Google Open Sources AI-Aided Fuzzing Framework appeared first on SecurityWeek .SECURITYWEEK.COM
5 FebAirbus App Vulnerability Introduced Aircraft Safety Risk: Security FirmNavblue Flysmart+ Manager allowed attackers to modify aircraft engine performance calculation, intercept data. The post Airbus App Vulnerability Introduced Aircraft Safety Risk: Security Firm appeared first on SecurityWeek .SECURITYWEEK.COM
5 FebHands-On Review: SASE-based XDR from Cato NetworksCompanies are engaged in a seemingly endless cat-and-mouse game when it comes to cybersecurity and cyber threats. As organizations put up one defensive block after another, malicious actors kick their game up a notch to get around those blocks. Part of the challenge is to coordin…THEHACKERNEWS.COM
5 FebImproving Interoperability Between Rust and C++Posted by Lars Bergstrom – Director, Android Platform Tools & Libraries and Chair of the Rust Foundation Board Back in 2021, we announced that Google was joining the Rust Foundation. At the time, Rust was already in wide use across Android and other Google products. Our annou…SECURITY.GOOGLEBLOG.COM
5 FebMigrate Off That Old SIEM Already!This is cross-posted from Google Cloud Community site , and written jointly with Dave Herrald . If you are like us, you may be surprised that, in 2024, traditional security information and event management (SIEM) systems are still the backbone of most security operations centers …MEDIUM.COM
5 FebPick Your Battles To Avoid Overconsolidation - Jess Burn, Jeff Pollard - BSW #337Large security vendors and hyperscalers, including Microsoft, continue to expand their cybersecurity product and service portfolios. Microsoft’s extensive enterprise reach, massive partner network, and enormous influence in the C-suite puts pressure on CIOs and CISOs to consolida…YOUTUBE.COM
📋 SECURITY BULLETINS 1[−]
5 FebMicrosoft Outlook December updates trigger ICS security alertsMicrosoft is investigating an issue that triggers Outlook security alerts when trying to open .ICS calendar files after installing December 2023 Patch Tuesday Office security updates. [...]BLEEPINGCOMPUTER.COM
📢 SECURITY ADVISORIES 10[−]
5 FebCyber Security Today, Feb. 5, 2024 - Warnings to AnyDesk and Mastodon administrators, a lesson from a Cloudflare breach, and moreThis episode reports on a US regulator hammering Blackbaud for a data breach, a former CIA application developer jailed for 40 years and moreCYBERSECURITYTODAY.LIBSYN.COM
5 FebChina-Linked Hackers Primed to Attack US Critical Infrastructure, FBI Director SaysThe Cybersecurity and Infrastructure Security Agency (CISA) has observed an evolving threat from China-linked hackers infiltrating U.S. critical infrastructure, aiming to induce societal panic and chaos.CYBERSECURITYDIVE.COM
5 FebMore Ransomware Victims are Declining to Pay ExtortionistsThe decline in the number of ransomware victims paying a ransom is attributed to better business resilience, assistance from the FBI, and the realization that paying for intangible promises is not effective.HEALTHCAREINFOSECURITY.COM
🔥 INCIDENT REPORTING 15[−]
5 FebHow I Hacked My Air Purifier to Remove Cloud Dependency [Detailed Write-Up]submitted by L4s to secops 1 points | 0 comments https://jmswrnr.com/blog/hacking-a-smart-home-device How I Hacked My Air Purifier to Remove Cloud Dependency [Detailed Write-Up]::undefinedJMSWRNR.COM
5 FebWeekly Update 385Presently sponsored by: Got Linux? (And Mac and Windows and iOS and Android?) Then Kolide has the device trust solution for you. Click here to watch the demo. I told ya so. Right from the beginning, it was pretty obvious what "MOAB" was probably going to be and sure eno…TROYHUNT.COM
5 FebApateWeb: Hackers Using 130,000+ Domains to Launch Cyber AttacksA new large-scale campaign named “ApateWeb ” has been discovered, which uses over 130,000 domains to deliver scareware, potentially unwanted programs, and other scam pages. Threat actors use deceptive emails to lure victims into their malicious websites and redirect t…GBHACKERS.COM
5 FebSpoutible - 207,114 breached accountsIn January 2024, Spoutible had 207k records scraped from a misconfigured API that inadvertently returned excessive personal information . The data included names, usernames, email and IP addresses, phone numbers (where provided to the platform), genders and bcrypt password hashes…HAVEIBEENPWNED.COM
5 FebLurie Children’s Hospital in Chicago Took Systems Offline After CyberattackSome internal services at the hospital, such as internet, email, and access to medical platforms, have been affected, resulting in delays for scheduled procedures and test results.BLEEPINGCOMPUTER.COM
5 FebAnyDesk Confirms Systems Hacked, Triggers Password ResetCompany Says Problem Remediated, All Security-Related Certificates Revoked Remote desktop application provider AnyDesk acknowledged hackers recently gained unauthorized access to the company's production systems in a cyberattack. The firm said it revoked all security-related cert…DATABREACHTODAY.CO.UK
5 FebAnyDesk Revokes Passwords, Certificates in Response to HackAnyDesk is revoking certificates and passwords in response to a recently discovered security breach impacting production systems. The post AnyDesk Revokes Passwords, Certificates in Response to Hack appeared first on SecurityWeek .SECURITYWEEK.COM
5 FebAnyDesk has been hacked, users urged to change passwordssubmitted by Ninjazzon to cybersecurity 1 points | 0 comments https://www.helpnetsecurity.com/2024/02/05/anydesk-hacked/ AnyDesk Software GmbH, the German company behind the widely used (and misused) remote desktop application of the same name, has confirmed they’ve been hacked a…HELPNETSECURITY.COM
5 FebRemote access giant AnyDesk resets passwords and revokes certificates after hackRemote desktop software provider AnyDesk confirmed late Friday that a cyberattack allowed hackers to gain access to the company’s production systems, putting the company in lockdown for almost a week. AnyDesk’s software is used by millions of IT professionals to quickly and remot…TECHCRUNCH.COM
5 FebEquiLend Continues System Restoration Post-Ransomware AttackBack Online: NGT Platform, Which Handles Daily Transactions Worth $100 Billion Financial giant EquiLend Holdings said it's brought back online multiple systems, including its NGT platform that handles securities lending transactions worth $2.4 trillion every month, following an o…DATABREACHTODAY.CO.UK
5 FebHopSkipDrive says personal data of 155,000 drivers stolen in data breachStudent rideshare startup HopSkipDrive has confirmed a data breach involving the personal data of more than 155,000 drivers. Los Angeles-based HopSkipDrive offers an Uber-style rideshare service for children and teenagers. The startup, which has raised at least $90 million since …TECHCRUNCH.COM
5 FebHPE investigates new breach after data for sale on hacking forumHewlett Packard Enterprise (HPE) is investigating a potential new breach after a threat actor put allegedly stolen data up for sale on a hacking forum, claiming it contains HPE credentials and other sensitive information. [...]BLEEPINGCOMPUTER.COM
5 FebSystems, Phones Still Offline at Chicago Children's HospitalCyberattacks on Pediatric Facilities Are Rare But Considered Especially Egregious Network systems - including phones, email, electronic health records and patient portals - remain offline at a Chicago children's hospital and research center nearly a week after it was hit by a cyb…DATABREACHTODAY.CO.UK
🕵️ THREAT INTELLIGENCE 25[−]
5 FebISC Stormcast For Monday, February 5th, 2024 https://isc.sans.edu/podcastdetail/8838, (Mon, Feb 5th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
5 FebHow Spoutible’s Leaky API Spurted out a Deluge of Personal DataPresently sponsored by: Got Linux? (And Mac and Windows and iOS and Android?) Then Kolide has the device trust solution for you. Click here to watch the demo. Ever hear one of those stories where as it unravels, you lean in ever closer and mutter “No way! No way! NO WAY! &…TROYHUNT.COM
5 FebPatchwork Using Romance Scam Lures to Infect Android Devices with VajraSpy MalwareThe threat actor known as Patchwork likely used romance scam lures to trap victims in Pakistan and India, and infect their Android devices with a remote access trojan called VajraSpy. Slovak cybersecurity firm ESET said it uncovered 12 espionage apps, six of which were avail…THEHACKERNEWS.COM
5 FebSocial Engineering Masterstroke: How Deepfake CFO Duped a Firm out of $25 MillionCheck out this one line for a moment...“ duped into attending a video call with what he thought were several other members of staff, but all of whom were in fact deepfake recreations. ”KNOWBE4.COM
5 FebQNAP Patches High-Severity Bugs in QTS, Qsync CentralTwo high-severity vulnerabilities in QNAP’s operating system could lead to command execution over the network. The post QNAP Patches High-Severity Bugs in QTS, Qsync Central appeared first on SecurityWeek .SECURITYWEEK.COM
5 FebGlobal AppSec DC 2023 - OWASP Foundation - 33 talkssubmitted by ashar to security_cpe 1 points | 0 comments https://infosec.pub/pictrs/image/f1d4cf24-11cb-4324-a3df-6ccd613d1545.png Global AppSec DC returns October 30 - November 3 2023. Designed for private and public sector infosec professionals, the two day OWASP conferences eq…INFOSEC.PUB
5 FebDeepfake FraudA deepfake video conference call—with everyone else on the call a fake— fooled a finance worker into sending $25M to the criminals’ account.SCHNEIER.COM
5 FebMastercard Deploys AI to Power CX and Fight FraudRohit Chauhan and Nitendra Rajput of Mastercard on Using AI Beyond Convention Mastercard, a global leader in payments, is expanding its use of artificial intelligence beyond traditional applications. The company has deployed AI to prevent fraud and enhance customer experience, ef…DATABREACHTODAY.CO.UK
5 FebMitsubishi Electric Factory Automation Flaws Expose Engineering WorkstationsCritical and high-severity Mitsubishi Electric Factory Automation vulnerabilities can allow privileged access to engineering workstations. The post Mitsubishi Electric Factory Automation Flaws Expose Engineering Workstations appeared first on SecurityWeek .SECURITYWEEK.COM
5 FebGoogle Contributes $1 Million to Rust, Says It Prevented Hundreds of Android VulnerabilitiesGoogle announces $1 million investment in improving Rust’s interoperability with legacy C++ codebases. The post Google Contributes $1 Million to Rust, Says It Prevented Hundreds of Android Vulnerabilities appeared first on SecurityWeek .SECURITYWEEK.COM
5 FebGUEST ESSAY: Best practices to shrink the ever-present risk of Exchange Server getting corruptedEven in the cloud era, Microsoft Exchange Server remains a staple business communications tool across the globe. Related: The need for robust data recovery policies. One critical issue faced by organizations that rely on Exchange Server is the risk of … (more…)LASTWATCHDOG.COM
5 FebSecurity Money - The Index Comes Roaring Back | News - BSW #337This week, It's our Security Money segment. We start things off with a discussion about how The Index Comes Roaring Back. Then we are joined by Jess Burn, Senior Analyst at Forrester Research & Jeff Pollard, Vice-President, Principal Analyst on the Security and Risk Team at Forre…YOUTUBE.COM
5 FebPick Your Battles To Avoid Overconsolidation with Jess Burn & Jeff Pollard - BSW #337Segment 1: Security Money – The Index Comes Roaring Back – BSW #337 Segment 2: Pick Your Battles To Avoid Overconsolidation with Jess Burn, Senior Analyst at Forrester Research and Jeff Pollard, Vice-President, Principal Analyst on the Security and Risk Team at Forrester Research…YOUTUBE.COM
5 FebUK Government Warned of AI Regulatory Capture by Big TechUK Parliament Urges Competition Regulator to Keep LLMs Under 'Close Review' A U.K. parliamentary committee scrutinizing the artificial intelligence market urged the British competition regulator to closely monitor developers of foundation models and warned against regulatory capt…DATABREACHTODAY.CO.UK
5 FebFraudsters Deepfake Entire Meeting, Swindle $25.5MHong Kong Company Scammed After Criminals Used Deepfake Technology to Imitate CFO Fraudsters used deepfake technology to trick an employee at a Hong Kong-based multinational company to transfer $25.57 million to their bank accounts. Hong Kong Police said Sunday that the fraudster…DATABREACHTODAY.CO.UK
5 FebUS to Roll Out Visa Restrictions on People Who Misuse Spyware to Target Journalists, ActivistsOfficials said the visa restriction policy can apply to citizens of any country found to have misused or facilitated the malign use of spyware The post US to Roll Out Visa Restrictions on People Who Misuse Spyware to Target Journalists, Activists appeared first on SecurityWeek .SECURITYWEEK.COM
5 FebSecurity Money - The Index Comes Roaring Back - BSW #337It's time to review the money of security, including public companies, IPOs, funding rounds and acquisitions from the previous quarter. We also update you on the Security Weekly 25 index. The index came roaring back last quarter. Here are the stocks currently in the index: SCWX S…YOUTUBE.COM
5 FebFake “I Can’t Believe He’s Gone” Posts Seek to Steal Facebook CredentialsA new scam relies on a victim's sense of curiosity, brand impersonation, and the hopes of a new login to compromise Facebook credentials.KNOWBE4.COM
5 FebNew Phishing-As-A-Service Kit with Ability to Bypass MFA Targets Microsoft 365 AccountsA phishing-as-a-service platform called “Greatness” is facilitating phishing attacks against Microsoft 365 accounts, according to researchers at Sucuri.KNOWBE4.COM
5 FebWiz Snags Zscaler COO Dali RajicStartup Company Vows It Will Earn $1 Billion in Annual Recurring Revenue Fast-growing cloud cybersecurity startup Wiz snagged a former Zscaler executive as its new chief operating officer and president as the company prepares to go public. Wiz announced Monday that Dali Rajic has…DATABREACHTODAY.CO.UK
5 FebAre Cybersecurity Performance Measures Realistic?Government Watchdog Urges ONCD to Develop Outcome-Oriented Performance Measures A government watchdog urged the White House to establish metrics that would help determine the effectiveness of federal cybersecurity initiatives, but it's a lot easier to recommend developing outcome…DATABREACHTODAY.CO.UK
5 FebTeens Gone Wild | Nintendo | Anydesk | RUST | Google | Deepfakes | Jason Wood & More! – SWN360This week Doug talks: Teens Gone Wild, Nintendo, Anydesk, RUST, Google, Deepfakes , Jason Wood, and more are on this edition of the Security Weekly News. →Full Show Notes: https://securityweekly.com/swn360 →Join the Security Weekly Discord Server: https://discord.gg/pqSwWm4 →Visi…YOUTUBE.COM
5 FebYou Can’t Defend What You Can’t Define | News - PSW8166:00pm ET - Sergey Bratus 7:00pm ET - Security News This week, we discuss how You Can’t Defend What You Can’t Define, with Sergey Bratus, DARPA Program Manager, Information Innovation Office at Defense Advanced Research Projects Agency (DARPA). Then we discuss the security news f…YOUTUBE.COM
5 FebZero-Trust is Meaningless if Your Cryptography is Flakey | News - ESW349This week, we kick things off with an interview with Vincent Berk, Chief Strategy and Revenue Officer at Quantum Xchange, about Zero-Trust is Meaningless if Your Cryptography is Flakey. Then, we finish off with the weekly enterprise news. →Full Show Notes: https://www.securitywee…YOUTUBE.COM
5 FebRoboJoe | SHIM | Fortinet | FaceOff | Simswap | Sudi in Window | Aaran Leyland & More! – SWN361This week, Doug Talks: RoboJoe, SHIM, Fortinet, FaceOff, Simswap, sudo in Windows , Aaran Leyland, and More News on the Security Weekly News. →Full Show Notes: https://securityweekly.com/swn361 →Join the Security Weekly Discord Server: https://discord.gg/pqSwWm4 →Visit our websit…YOUTUBE.COM
🌐 CYBER THREAT LANDSCAPE 4[−]
5 FebAccenture and Tenchi Security Unite to Fortify Supply Chain SecurityThis strategic partnership will involve integrating Tenchi's SaaS platform into Accenture's managed security services to enhance defenses against supply chain security threats.FINTECH.GLOBAL
5 FebReport: Civil Society in Jordan Under Assault by NSO's Pegasus SpywareAn investigation revealed widespread use of Pegasus spyware on the phones of journalists, human rights advocates, and lawyers in Jordan, suggesting a targeted surveillance campaign by Jordanian authorities.THERECORD.MEDIA
5 FebUS announces visa ban on those linked to commercial spywareSecretary of State Antony J. Blinken announced today a new visa restriction policy that will enable the Department of State to ban those linked to commercial spyware from entering the United States. [...]BLEEPINGCOMPUTER.COM
📡 INFOSEC NEWS 19[−]
5 FebUpdate: Secret Service Recovers Nearly $3 Million Stolen From North Carolina Housing Authority in BEC ScamThe scam involved a request to update payment information for a private company contracting with the agency, resulting in the transfer of funds to an illegitimate account.THERECORD.MEDIA
5 FebUpdate: DOJ Charges Trio in SIM-Swap Scheme Potentially Linked to $400 Million FTX Crypto HeistThe trio obtained personal information from around 50 individuals and used it to access authentication codes for financial accounts, including those of FTX, resulting in the transfer of over $400 million in digital assets.CRYPTOSLATE.COM
5 FebOasis Security Leaves Stealth With $40M to Lock down the Wild West of Non-Human Identity ManagementOasis Security, a startup from Israel, has developed a three-part system to address the challenges of non-human identity management, including discovery, resolution, and automation.TECHCRUNCH.COM
5 FebDetecting and Mitigating the “Greatness” Phishing Kit ThreatThe "Greatness" phishing tool poses a significant threat to Microsoft 365 accounts and has the capability to outmaneuver multi-factor authentication, increasing the potential for cybercrime.SUCURI.NET
5 FebYandex to sell its remaining Russian businesses for $5.2B — half its market valueYandex N.V., the Dutch parent company of the eponymous Russian internet giant, is selling the last of its remaining Russian businesses at a steep discount, following sanctions imposed in the wake of the Russia’s invasion of Ukraine two years ago. The value of the transactio…TECHCRUNCH.COM
5 FebCombined Security Practices Changing the Game for Risk ManagementA significant challenge within cyber security at present is that there are a lot of risk management platforms available in the market, but only some deal with cyber risks in a very good way. The majority will shout alerts at the customer as and when they become apparent and cause…THEHACKERNEWS.COM
5 FebDDoS Attack Power Skyrockets to 1.6 TbpsThe second half of 2023 saw a significant increase in the scale and sophistication of DDoS attacks, with the maximum attack power rising to 1.6 Tbps, according to data by Gcore.HELPNETSECURITY.COM
5 FebOver 25$ Million Lost in Deepfake Conference Call Scam at Hong Kong Office of Multinational FirmThe scammers digitally recreated the company's chief financial officer and other employees in a convincing video conference call to trick the victim into making money transfers.SCMP.COM
5 FebThoma Bravo takes critical event management software company Everbridge private in $1.5B dealEverbridge, a critical event management (CEM) software company, is going private in a $1.5 billion all-cash deal that will see it taken over by private equity giant Thoma Bravo. Founded in 2002 initially as 3N Global, Everbridge helps governments and enterprises from across the i…TECHCRUNCH.COM
5 FebPublic Information and Email Spam, (Mon, Feb 5th)Many organizations publicly list contact information to help consumers reach out for help when needed. This may be general contact information or a full public directory of staff. It seems obvious that having any kind of publicly available information will increase the liklihood …ISC.SANS.EDU
5 FebBelarusian National Linked to BTC-e Faces 25 Years for $4 Billion Crypto Money LaunderingA 42-year-old Belarusian and Cypriot national with alleged connections to the now-defunct cryptocurrency exchange BTC-e is facing charges related to money laundering and operating an unlicensed money services business. Aliaksandr Klimenka, who was arrested in Latvia on December 2…THEHACKERNEWS.COM
5 FebUsing ambient light sensor for spying | Kaspersky official blogCan potential attackers spy on a mobile device user through its an ambient light sensor?KASPERSKY.COM
5 FebBots Cheat to WinHow automated fraudsters tried to ruin a restaurant’s promotional contest.F5.COM
5 FebCould your Valentine be a scammer? How to avoid getting caught in a bad romanceWith Valentine’s Day almost upon us, here’s some timely advice on how to prevent scammers from stealing more than your heartWELIVESECURITY.COM
5 FebBots Cheat to WinHow automated fraudsters tried to ruin a restaurant’s promotional contest.F5.COM
5 FebBots Cheat to WinHow automated fraudsters tried to ruin a restaurant’s promotional contest.F5.COM