90Articles
8Categories
2024-02-12Date
🚨 CISA KEV 1[−]
12 Feb KEVCISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2023-43770 Roundcube Webmail Persistent Cross-Site Scripting (XSS) Vulnerability These types of vulnerabilities are frequent attack vectors for mali…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 1[−]
12 FebHow to protect against BitLocker-bypassing vulnerabilities in Windows recovery partitionsFor many years, Windows systems have been deployed without concern for the space required to house the various partitions that will be required during a routine installation. Many organizations use a routine deployment script that sets partitions with a certain size and standardi…CSOONLINE.COM
⚠️ VULNERABILITY DISCLOSURE 26[−]
12 FebBreach Analysis: APT29’s Attack on Microsoft - Password Spray & OAuth abuse.submitted by L4s to secops 1 points | 0 comments https://www.cyberark.com/resources/blog/apt29s-attack-on-microsoft-tracking-cozy-bears-footprints Breach Analysis: APT29’s Attack on Microsoft - Password Spray & OAuth abuse.::undefinedCYBERARK.COM
12 FebRansomware Actors Hit Zero-Day Exploits Hard in 2023According to a report by Chainalysis, ransomware attacks caused a record-breaking $1.1 billion in financial damage in 2023, with a 49% increase in victim organizations being publicly threatened.CYBERSECURITYDIVE.COM
12 FebExploiting a Vulnerable Minifilter Driver to Create a Process KillerThe technique involves using a vulnerable signed Minifilter Driver to create a program capable of terminating a targeted process, particularly to evade detection by security solutions like EDR.SECURITYAFFAIRS.COM
12 FebExpressVPN Flaw Exposes Some the DNS Requests to Third-Party ServerCustomers of ExpressVPN have been notified of a vulnerability in the most recent version of the Windows app that permitted some DNS requests to be routed to a third-party server, usually the user’s internet service provider (ISP). After a reviewer pointed out that there mig…GBHACKERS.COM
12 FebExploitation of Another Ivanti VPN Vulnerability ObservedOrganizations urged to hunt for potential compromise as exploitation of a recent Ivanti enterprise VPN vulnerability begins. The post Exploitation of Another Ivanti VPN Vulnerability Observed appeared first on SecurityWeek .SECURITYWEEK.COM
12 FebWarzone RAT Shut Down by Law Enforcement, Two ArrestedWarzone RAT dismantled in international law enforcement operation that also involved arrests of suspects in Malta and Nigeria. The post Warzone RAT Shut Down by Law Enforcement, Two Arrested appeared first on SecurityWeek .SECURITYWEEK.COM
12 Feb KEVNew Fortinet RCE Bug is Actively Exploited, CISA ConfirmsCISA confirmed active exploitation of a critical remote code execution (RCE) bug in Fortinet's FortiOS, urging immediate security updates or SSL VPN disabling to mitigate the risk.BLEEPINGCOMPUTER.COM
12 FebCISA and OpenSSF Release Framework for Package Repository SecurityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced that it's partnering with the Open Source Security Foundation (OpenSSF) Securing Software Repositories Working Group to publish a new framework to secure package repositories. Called the Principles fo…THEHACKERNEWS.COM
12 FebNew API security startup claims edge over legacy protection capabilitiesVorlon, a SaaS-based security startup, has launched a new offering to help customers with API visibility and associated attack surfaces with a “shift-right” focus that the company claims legacy solutions lack. The SaaS-based offering, which was available under beta to select cust…CSOONLINE.COM
12 FebRansomware attack forces 18 Romanian hospitals to go offlineAt least 18 hospitals in Romania were knocked offline after a ransomware attack took down their healthcare management system. [...]BLEEPINGCOMPUTER.COM
12 FebNational Cyber Director Urges Private Sector Collaboration to Counter Nation-State Cyber ThreatNational Cyber Director Harry Coker emphasized the need for a collaborative effort between the government and industry to address cyber threats, harmonize regulations, and build a diverse cybersecurity workforce.CYBERSECURITYDIVE.COM
12 FebRhysida Ransomware Cracked, Free Decryption Tool ReleasedCybersecurity researchers have uncovered an "implementation vulnerability" that has made it possible to reconstruct encryption keys and decrypt data locked by Rhysida ransomware. The findings were published last week by a group of researchers from Kookmin University and the Korea…THEHACKERNEWS.COM
12 FebRansomware Attack Forces 18 Romanian Hospitals to Go OfflineThe Hipocrate Information System (HIS) used by hospitals to manage medical activity and patient data was targeted over the weekend and is now offline after its database was encrypted.BLEEPINGCOMPUTER.COM
12 FebCISA Partners with OpenSSF to Release Principles for Package Repository Security FrameworkThis initiative aligns with CISA's Open Source Software Security Roadmap's objective of collaborating with relevant working groups to develop security principles for package managers.CISA.GOV
12 FebDecryptor for Rhysida Ransomware is AvailableFiles encrypted by Rhysida ransomware can be successfully decrypted, due to a implementation vulnerability discovered by Korean researchers and leveraged to create a decryptor.HELPNETSECURITY.COM
12 FebHuge Surge in Hackers Exploiting QR code for Phishing AttacksPhishing has been one of the primary methods threat actors use for impersonating individuals or brands with a sense of urgency that could result in private information being entered on a malicious URL. Phishing has been set with several preventive measures that block any phishing…GBHACKERS.COM
12 FebFree Rhysida ransomware decryptor for Windows exploits RNG flawSouth Korean researchers have publicly disclosed an encryption flaw in the Rhysida ransomware encryptor, allowing the creation of a Windows decryptor to recover files for free. [...]BLEEPINGCOMPUTER.COM
12 FebSecurity Teams Spend 71 Hours Responding to Every One Hour in a Cyber AttackNew data sheds light on what kinds of cyber attacks are targeting your cybersecurity team, what it’s costing them, why it’s taking so much time to fix, and where you should focus resources.KNOWBE4.COM
12 FebAmericans Lose a Record $10 Billion to Fraud in 2023; Mostly Due To Investment ScamsThe US Federal Trade Commission (FTC) has disclosed that people in the United States lost a record $10 billion to fraud in 2023, a 14% increase from 2022. Nearly half of the losses were due to investment scams.KNOWBE4.COM
12 Feb3 Well-known Microsoft Word & Excel Flaws Abused by hackers WidelyDespite not being 0-day or even 1-day vulnerabilities, three well-known and outdated CVEs in Microsoft Word and Excel continue to pose a threat to the cybersecurity industry. In these three CVEs, researchers found several connections, including technical tricks to conceal th…GBHACKERS.COM
12 FebExploit against Unnamed "Bytevalue" router vulnerability included in Mirai Bot, (Mon, Feb 12th)Today, I noticed the following URL showing up in our "First Seen" list: ISC.SANS.EDU
12 FebHackers exploit Ivanti SSRF flaw to deploy new DSLog backdoorHackers are exploiting a server-side request forgery (SSRF) vulnerability in Ivanti Connect Secure, Policy Secure, and ZTA gateways to deploy the new DSLog backdoor on vulnerable devices. [...]BLEEPINGCOMPUTER.COM
12 FebRansomware attack forces 21 Romanian hospitals to go offlineAt least 21 hospitals in Romania were knocked offline after a ransomware attack took down their healthcare management system. [...]BLEEPINGCOMPUTER.COM
12 Feb KEVCISA: Roundcube email server bug now exploited in attacksCISA warns that a Roundcube email server vulnerability patched in September is now actively exploited in cross-site scripting (XSS) attacks. [...]BLEEPINGCOMPUTER.COM
12 Feb20+ hospitals in Romania hit hard by ransomware attack on IT service providerOver 20 hospitals in Bucharest have reportedly been impacted by a ransomware attack after cybercriminals targeted an IT service provider. As a consequence medical staff have been forced to use pen-and-paper rather than computer systems.GRAHAMCLULEY.COM
📢 SECURITY ADVISORIES 10[−]
12 FebMicrosoft Introduces Linux-Like 'sudo' Command to Windows 11Microsoft said it's introducing Sudo for Windows 11 as part of an early preview version to help users execute commands with administrator privileges. "Sudo for Windows is a new way for users to run elevated commands directly from an unelevated console session," Microsoft Product …THEHACKERNEWS.COM
12 FebIs privacy being traded away in the name of innovation and security?Just a couple of weeks ago, International Privacy Day passed with the usual fanfare as companies, organizations, and governments seized the opportunity to push their sound bites highlighting the importance of making privacy paramount. But I see an irony in all the noise — much of…CSOONLINE.COM
12 FebCISA Blitzes Super Bowl With Cyber Campaign as Businesses Fumble SecurityThe Cybersecurity and Infrastructure Security Agency (CISA) partnered with the NFL to promote cybersecurity awareness during the Super Bowl, aiming to encourage strong passwords, multifactor authentication, and phishing reporting.CYBERSECURITYDIVE.COM
12 FebPriorities of the Joint Cyber Defense Collaborative for 2024Today, CISA—on behalf of the collective group of industry and government partners that comprise the Joint Cyber Defense Collaborative (JCDC)—released JCDC’s 2024 Priorities . Similar to the 2023 JCDC Planning Agenda, JCDC’s 2024 Priorities will help focus the collective group on …CISA.GOV
12 FebBipartisan Senate Bill Requires HHS to Bolster Cyber EffortsLegislation Aims to Evaluate and Improve Agency's Cybersecurity Posture A new bipartisan Senate bill would require the U.S. Department of Health and Human Services to biennially conduct cybersecurity reviews and tests on its IT systems and report to Congress on how it is updating…DATABREACHTODAY.CO.UK
🔥 INCIDENT REPORTING 17[−]
12 FebU.S. Offers $10 Million Bounty for Info Leading to Arrest of Hive Ransomware LeadersThe U.S. Department of State has announced monetary rewards of up to $10 million for information about individuals holding key positions within the Hive ransomware operation. It is also giving away an additional $5 million for specifics that could lead to the arrest and…THEHACKERNEWS.COM
12 FebGUEST ESSAY: Why internal IT teams are ill-equipped to adequately address cyber risksEvery industry is dealing with a myriad of cyber threats in 2024. It seems every day we hear of another breach, another scam, another attack on anything from a small business to a critical aspect of our nation’s infrastructure. Related: … (more…)LASTWATCHDOG.COM
12 FebCyber Security Today, Feb. 12, 2024 - US seizes a website selling the Warzone malwareThis episode reports on huge data breaches in France and the US, , a new Mac backdoor and moreCYBERSECURITYTODAY.LIBSYN.COM
12 FebUS offers $10M reward for info on Hive ransomware group leadersThe US government is offering rewards of up to $10 million for information leading to the identification, location, arrest, and conviction of members of the Hive ransomware group.SECURITYAFFAIRS.COM
12 FebCybersecurity Teams Recognized as Key Enablers of Business GoalsAs per a new study by CybSafe, 97% of office workers in the United Kingdom and United States trust their cybersecurity teams to prevent or minimize damage from cyberattacks.HELPNETSECURITY.COM
12 FebWhy Are Compromised Identities the Nightmare to IR Speed and Efficiency?Incident response (IR) is a race against time. You engage your internal or external team because there's enough evidence that something bad is happening, but you’re still blind to the scope, the impact, and the root cause. The common set of IR tools and practices provides IR team…THEHACKERNEWS.COM
12 FebHow AI is Revolutionizing Identity FraudBusinesses and consumers are facing heightened levels of identity-focused attacks, with over 30% of businesses reporting growth in data and security breaches, impacting industries beyond the financial sector, according to AuthenticID.HELPNETSECURITY.COM
12 Feb4 Ways Hackers use Social Engineering to Bypass MFAWhen it comes to access security, one recommendation stands out above the rest: multi-factor authentication (MFA). With passwords alone being simple work for hackers, MFA provides an essential layer of protection against breaches. However, it's important to remember that MFA isn'…THEHACKERNEWS.COM
12 FebUN Experts Investigating 58 Suspected North Korean Cyberattacks Valued at About $3 BillionThe United Nations is investigating 58 suspected cyberattacks by North Korea, totaling around $3 billion, which are believed to be funding the country's development of weapons of mass destruction.APNEWS.COM
12 FebOngoing Azure Compromises Target Senior Executives, Microsoft 365 AppsThreat actors are targeting Microsoft Azure corporate clouds with sophisticated and tailored phishing attacks, compromising a wide range of user accounts for activities such as data exfiltration and financial fraud.DARKREADING.COM
12 FebOngoing Azure Cloud Account Takeover Campaign Targeting Senior PersonnelAn active cloud account takeover campaign has impacted dozens of Azure environments and compromised hundreds of user accounts. The post Ongoing Azure Cloud Account Takeover Campaign Targeting Senior Personnel appeared first on SecurityWeek .SECURITYWEEK.COM
12 FebAccount Takeover Campaign Hits Execs in Microsoft AzureAttackers Downloaded Files Containing Financial, Security and User Information A still-active phishing campaign using individualized phishing lures is targeting senior corporate accounts in Microsoft Azure environments, said researchers from Proofpoint. They said the hackers have…DATABREACHTODAY.CO.UK
12 FebOngoing Microsoft Azure account hijacking campaign targets executivesA phishing campaign detected in late November 2023 has compromised hundreds of user accounts in dozens of Microsoft Azure environments, including those of senior executives. [...]BLEEPINGCOMPUTER.COM
12 FebFCC orders telecom carriers to report PII data breaches within 30 daysStarting March 13th, telecommunications companies must report data breaches impacting customers' personally identifiable information within 30 days, as required by FCC's updated data breach reporting requirements. [...]BLEEPINGCOMPUTER.COM
12 FebHackers uncover new TheTruthSpy stalkerware victims: Is your Android device compromised?A consumer-grade spyware operation called TheTruthSpy poses an ongoing security and privacy risk to thousands of people whose Android devices are unknowingly compromised with its mobile surveillance apps, not least due to a simple security flaw that its operators never fixed. Now…TECHCRUNCH.COM
12 FebRansomware Disrupts Hospital Services in Romania and FranceEmergency Services Are Suspended as Digital Systems Are Pulled Offline Ransomware operators disrupted emergency healthcare services over the weekend, crippling operations in nearly two dozen hospitals in Romania and France. Ransomware attacks increase the in-hospital mortality ra…DATABREACHTODAY.CO.UK
12 FebBank of America warns customers of data breach after vendor hackBank of America is warning customers of a data breach exposing their personal information after one of its service providers was hacked last year. [...]BLEEPINGCOMPUTER.COM
🕵️ THREAT INTELLIGENCE 20[−]
12 FebISC Stormcast For Monday, February 12th, 2024 https://isc.sans.edu/podcastdetail/8848, (Mon, Feb 12th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
12 FebUncovering the Deceptive Tactics of Chinese Websites Mimic as Local NewsA network of at least 123 websites based in the People’s Republic of China that posed as local news outlets in 30 countries across Europe, Asia, and Latin America.  The websites are disseminating pro-Beijing falsehoods and ad hominem attacks together with more commerci…GBHACKERS.COM
12 FebNew Android MoqHao Malware Executes Automatically on InstallationThe Roaming Mantis threat group distributes a well-known Android malware family called “MoqHao.” This malware family has been previously reported to be targeting Asian countries such as Korea and Japan. Though the distribution method remains the same, the new variants…GBHACKERS.COM
12 FebAuthorities Bust Accused Seller of Widely Used RAT Malware2 Men Arrested in Malta, Nigeria for Hawking Malware on Hacking Forums Since 2012 Federal authorities have seized internet domains and arrested two men in Malta and Nigeria who they say served as sales and customer service reps for a dark web business that sold RAT malware to cyb…DATABREACHTODAY.CO.UK
12 FebBugcrowd Raises $102 MillionBugcrowd has raised $102 million in strategic growth funding, which it will use to accelerate growth and improve its platform. The post Bugcrowd Raises $102 Million appeared first on SecurityWeek .SECURITYWEEK.COM
12 FebBSidesBoulder 2023 - 5 talkssubmitted by ashar to security_cpe 1 points | 0 comments https://infosec.pub/pictrs/image/4d381c45-c2a7-4ead-b962-b4c9ea48ab8b.png BSidesBoulder 2023 talk descriptions BSidesBoulder 2023 playlistINFOSEC.PUB
12 FebHackers Leak Alleged Partial Facebook Marketplace DatabaseThe partial Facebook Marketplace database was allegedly leaked by a threat actor, exposing sensitive personal information of approximately 200,000 users, including full names, Facebook IDs, phone numbers, physical IDs, and email addresses.HACKREAD.COM
12 FebBugcrowd Attains $102M Strategic Growth Funding RoundCompany Will Use Investment to Expand Services, says CEO Dave Gerry Bugcrowd received a $102 million venture capital investment to fuel strategic growth, the company announced Monday. "Our customers are outgunned and outmatched. They need to tap into all this creativity that exis…DATABREACHTODAY.CO.UK
12 FebMentorship Monday - Discussions for career and learning!submitted by shellsharks to cybersecurity 1 points | 0 comments Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? …INFOSEC.PUB
12 FebExpressVPN User Data Exposed Due to BugExpressVPN disables split tunneling on Windows after learning that DNS requests were not properly directed. The post ExpressVPN User Data Exposed Due to Bug appeared first on SecurityWeek .SECURITYWEEK.COM
12 FebStealthy Cyberespionage Campaign Remained Undiscovered for Two YearsA possibly China-linked threat actor uses a custom backdoor in a cyberespionage campaign ongoing since at least 2021. The post Stealthy Cyberespionage Campaign Remained Undiscovered for Two Years appeared first on SecurityWeek .SECURITYWEEK.COM
12 FebUS Dismantled Sophisticated Warzone RAT, Key Operators ArrestedFederal authorities have dismantled a major malware operation, seizing online marketplaces and being involved in its sale and support.  This international effort targeted a service known as “Warzone RAT,” a powerful tool cybercriminals use to remotely access and …GBHACKERS.COM
12 FebHard Lessons From Romance ScamsSeeing as this week is Valentine’s Day, I should have written something about rom coms, true love, and trusting your heart more. But this is not one of those posts. This post is about romance scams and how hard they are to defend against, especially once sprung.KNOWBE4.COM
12 FebOn Passkey UsabilityMatt Burgess tries to only use passkeys . The results are mixed.SCHNEIER.COM
12 FebData Insights Are Key to Fighting Synthetic ID FraudSteve Lenderman on the Shift From Synthetic Identity to Synthetic Entity Fraud Synthetic IDs remain a problem not because of a lack of data but because of failure to identify the right data and establish correlations, said Steve Lenderman, co-chair of the Industry Working Groups …DATABREACHTODAY.CO.UK
12 FebHow Application Performance Transformed into Application Security - Shibu George - BSW #338Panoptica, Cisco’s cloud application security solution, was born out of Outshift, Cisco's incubation engine. Shibu George, Engineering Product Manager at Outshift, joins Business Security Weekly to discuss his transition from application performance monitoring to application secu…YOUTUBE.COM
12 FebManaging Supply Chain Risk - BTS #24In this edition of Below The Surface, we discuss Managing Supply Chain Risk, with Saša Zdjelar, Chief Trust Officer at ReversingLabs & Operating Partner at Crosspoint Capital. This segment is sponsored by Eclypsium. Visit https://securityweekly.com/eclypsium to learn more about t…YOUTUBE.COM
12 FebMaterial: cybersecurity word of the year, thanks to the SEC | News - ESW350This week, we kick things off with an interview with Amer Deeba, CEO & Cofounder at Normalyze, about Material: cybersecurity word of the year, thanks to the SEC. Then, we finish off with the weekly enterprise news. →Full Show Notes: https://www.securityweekly.com/esw350 →Join the…YOUTUBE.COM
12 FebBatman | Microsoft | War Driving | OpenAI | DevDrive | The Dead | Aaran Leyland & More! – SWN363This week, Doug Talks: Batman, Microsoft, War Driving, OpenAI, DevDrive, The Dead, Aaran Leyland, and More News on the Security Weekly News. →Full Show Notes: https://securityweekly.com/swn363 →Join the Security Weekly Discord Server: https://discord.gg/pqSwWm4 →Visit our website…YOUTUBE.COM
🌐 CYBER THREAT LANDSCAPE 3[−]
12 FebUS Authorities Take Down Seller of Widely Used RAT MalwareTwo men, one from Malta and the other from Nigeria, have been arrested for their involvement in selling and providing customer support for remote access Trojan (RAT) malware on hacking forums since 2012.BANKINFOSECURITY.COM
12 FebFBI seizes Warzone RAT infrastructure, arrests malware vendorThe FBI dismantled the Warzone RAT malware operation, seizing infrastructure and arresting two individuals associated with the cybercrime operation. [...]BLEEPINGCOMPUTER.COM
📡 INFOSEC NEWS 12[−]
12 FebExpressVPN Bug has Been Leaking Some DNS Requests for YearsThe bug affected versions 12.23.1 – 12.72.0 of ExpressVPN for Windows and allowed some DNS requests to bypass ExpressVPN's server, potentially exposing users' browsing history.BLEEPINGCOMPUTER.COM
12 FebAI-Generated Voices in Robocalls Now IllegalA new FCC Declaratory Ruling recognizes AI-generated voices in robocalls as "artificial" and illegal, giving State Attorneys General new tools to crack down on these scams and protect the public.HELPNETSECURITY.COM
12 FebAmericans Lost Record $10 Billion to Fraud in 2023, FTC WarnsIn 2023, the U.S. FTC reported that Americans lost over $10 billion to scammers, a 14% increase from the previous year. Imposter scams were the most frequently reported, followed by online shopping scams and investment scams.BLEEPINGCOMPUTER.COM
12 FebBugcrowd snaps up $102M for a ‘bug bounty’ security platform that taps 500K+ hackersBugcrowd — the startup that taps into a database of half a million hackers to help organizations like OpenAI and the U.S. government set up and run bug bounty programs, cash rewards to freelancers who can identify bugs and vulnerabilities in their code — has picked up…TECHCRUNCH.COM
12 FebNavigating the risks of online dating | Kaspersky official blogOnline dating is great for those looking for love – but beware the risks this Valentine's dayKASPERSKY.COM
12 FebQR Code 'Quishing' Attacks on Executives Surge, Evading Email SecurityEmail attacks using QR codes, known as "quishing," have surged, especially targeting corporate executives and managers, highlighting the need for enhanced digital protections for business leadership.DARKREADING.COM
12 FebCohesity, Veritas Combine as New Data Protection CompanyThe deal will result in the formation of a separate company called DataCo to handle Veritas' remaining assets, while Cohesity will follow a "no customer left behind" approach.TECHTARGET.COM
12 FebExpressVPN User Data Exposed Due To BugPACKETSTORMSECURITY.COM
12 Feb“Smart” helmet flaw exposes location tracking and privacy risksA simple-to-avoid security flaw allowed unauthorised parties to track the location of anyone wearing Livall ski and biking helmets, and listen to group conversations. Read more in my article on the Hot for Security blog.BITDEFENDER.COM
12 FebMicrosoft tests Windows 11 ‘Super Resolution’ AI-upscaling for gamersMicrosoft is testing a new "Automatic Super Resolution" AI-assisted upscaling feature that increases the video and image quality of supported games while also making them run more smoothly. [...]BLEEPINGCOMPUTER.COM