161Articles
9Categories
2024-02-13Date
🚨 CISA KEV 1[−]
13 Feb KEVCISA Adds Two Known Exploited Vulnerabilities to CatalogCISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2024-21412 Microsoft Windows Internet Shortcut Files Security Feature Bypass Vulnerability CVE-2024-21351 Microsoft Windows SmartScreen Security F…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 79[−]
13 FebIvanti Vulnerability Exploited to Install 'DSLog' Backdoor on 670+ IT InfrastructuresThreat actors are leveraging a recently disclosed security flaw impacting Ivanti Connect Secure, Policy Secure, and ZTA gateways to deploy a backdoor codenamed DSLog on susceptible devices. That's according to findings from Orange Cyberdefense, which said it o…THEHACKERNEWS.COM
13 Feb KEVAlert: CISA Warns of Active 'Roundcube' Email Attacks - Patch NowThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a medium-severity security flaw impacting Roundcube email software to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The issue, tracked as …THEHACKERNEWS.COM
13 FebISC Releases Security Advisories for BIND 9The Internet Systems Consortium (ISC) released security advisories to address vulnerabilities affecting multiple versions of ISC’s Berkeley Internet Name Domain (BIND) 9. A cyber threat actor could exploit one of these vulnerabilities to cause a denial-of-service condition. CISA …CISA.GOV
13 FebCVE-2024-21338 Windows Kernel Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
13 FebCVE-2024-21340 Windows Kernel Information Disclosure VulnerabilityInformation published.MSRC.MICROSOFT.COM
13 FebCVE-2024-21371 Windows Kernel Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
13 FebCVE-2024-21372 Windows OLE Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
13 FebCVE-2024-21379 Microsoft Word Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
13 FebCVE-2024-21386 .NET Denial of Service VulnerabilityInformation published.MSRC.MICROSOFT.COM
13 FebCVE-2024-21394 Dynamics 365 Field Service Spoofing VulnerabilityInformation published.MSRC.MICROSOFT.COM
13 FebCVE-2024-21396 Dynamics 365 Sales Spoofing VulnerabilityInformation published.MSRC.MICROSOFT.COM
13 FebCVE-2024-21402 Microsoft Outlook Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
13 FebCVE-2024-21404 .NET Denial of Service VulnerabilityInformation published.MSRC.MICROSOFT.COM
13 FebCVE-2024-21413 Microsoft Outlook Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
13 FebCVE-2024-20673 Microsoft Office Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
13 FebCVE-2024-20679 Azure Stack Hub Spoofing VulnerabilityInformation published.MSRC.MICROSOFT.COM
13 FebCVE-2024-21328 Dynamics 365 Sales Spoofing VulnerabilityInformation published.MSRC.MICROSOFT.COM
13 FebCVE-2024-20684 Windows Hyper-V Denial of Service VulnerabilityInformation published.MSRC.MICROSOFT.COM
13 FebCVE-2024-21341 Windows Kernel Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
13 FebCVE-2024-21342 Windows DNS Client Denial of Service VulnerabilityInformation published.MSRC.MICROSOFT.COM
13 FebCVE-2024-21345 Windows Kernel Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
13 FebCVE-2024-21346 Win32k Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
13 FebCVE-2024-21362 Windows Kernel Security Feature Bypass VulnerabilityInformation published.MSRC.MICROSOFT.COM
13 FebCVE-2024-21374 Microsoft Teams for Android Information DisclosureInformation published.MSRC.MICROSOFT.COM
13 FebCVE-2024-21377 Windows DNS Information Disclosure VulnerabilityInformation published.MSRC.MICROSOFT.COM
13 FebCVE-2024-21378 Microsoft Outlook Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
13 FebCVE-2024-21391 Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution VulnerabilityInformation published. This CVE was addressed by updates that were released in January 2024, but the CVE was inadvertently omitted from the January 2024 Security Updates. This is an informational change only. Customers who have already installed the January 2024 updates do not ne…MSRC.MICROSOFT.COM
13 FebCVE-2024-21406 Windows Printing Service Spoofing VulnerabilityInformation published.MSRC.MICROSOFT.COM
13 FebSmartScreen Vulnerability: CVE-2024-21412 Facts and FixesThis entry aims to provide additional context to CVE-2024-21412, how it can be used by threat actors, and how Trend protects customers from this specific vulnerability.TRENDMICRO.COM
13 FebCVE-2024-21412: Water Hydra Targets Traders with Microsoft Defender SmartScreen Zero-DayThe APT group Water Hydra has been exploiting the zero-day Microsoft Defender SmartScreen vulnerability (CVE-2024-21412) in its campaigns targeting financial market traders. This vulnerability, which has now been patched by Microsoft, was discovered and disclosed by the Trend Mic…TRENDMICRO.COM
13 Feb KEVAttackers target new Ivanti XXE vulnerability days after patchDays after Ivanti announced patches for a new vulnerability in its Connect Secure and Policy Secure products, proof-of-concept exploit code has already been published for the flaw and security companies are reporting exploitation attempts in the wild. This follows a difficult mon…CSOONLINE.COM
⚠️ VULNERABILITY DISCLOSURE 26[−]
13 FebBlueprint for Threat Intel to Detection Flow (Part 7)This blog series was written jointly with Amine Besson, Principal Cyber Engineer, Behemoth CyberDefence and one more anonymous collaborator. In this blog (#7 in the series), we will cover more details on the TI to detectin flow, and stop (for Part 8) at testing. Detection Enginee…MEDIUM.COM
13 FebCritical Patches Issued for Microsoft Products, February 13, 2024Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, o…CISECURITY.ORG
13 FebPrudential Financial breached in data theft cyberattackPrudential Financial has disclosed that its network was breached last week, with the attackers stealing employee and contractor data before being blocked from compromised systems one day later. [...]BLEEPINGCOMPUTER.COM
13 Feb KEVHackers used new Windows Defender zero-day to drop DarkMe malwareMicrosoft has patched today a Windows Defender SmartScreen zero-day exploited in the wild by a financially motivated threat group to deploy the DarkMe remote access trojan (RAT). [...]BLEEPINGCOMPUTER.COM
13 Feb KEVMicrosoft February 2024 Patch Tuesday fixes 2 zero-days, 73 flawsToday is Microsoft's February 2024 Patch Tuesday, which includes security updates for 73 flaws and two actively exploited zero-days. [...]BLEEPINGCOMPUTER.COM
13 FebSiCat: Open-Source Exploit FinderThe tool has key features such as an easy-to-understand code structure, reporting/output system in HTML and JSON formats, and the ability to run via Nmap scan results in XML format.HELPNETSECURITY.COM
13 FebHackers Exploit Ivanti SSRF Flaw to Deploy New DSLog BackdoorThe new DSLog backdoor allows threat actors to execute commands on compromised Ivanti servers remotely, and Orange Cyberdefense has confirmed its successful exploitation.BLEEPINGCOMPUTER.COM
13 FebMicrosoft Confirms Windows Exploits Bypassing Security FeaturesPatch Tuesday: Microsoft pushes a massive batch of security-themed updates and calls urgent attention to exploits bypassing security features. The post Microsoft Confirms Windows Exploits Bypassing Security Features appeared first on SecurityWeek .SECURITYWEEK.COM
13 FebIvanti Vulnerability Exploited to Deliver New ‘DSLog’ BackdoorBackdoor deployed using recent Ivanti VPN vulnerability enables command execution, web request and system log theft. The post Ivanti Vulnerability Exploited to Deliver New ‘DSLog’ Backdoor appeared first on SecurityWeek .SECURITYWEEK.COM
13 FebFat Patch Tuesday, February 2024 EditionMicrosoft Corp. today pushed software updates to plug more than 70 security holes in its Windows operating systems and related products, including two zero-day vulnerabilities that are already being exploited in active attacks.KREBSONSECURITY.COM
13 FebMicrosoft February 2024 Patch Tuesday, (Tue, Feb 13th)This month we got patches for 80 vulnerabilities. Of these, 5 are critical , and 2 are being exploited according to Microsoft. ISC.SANS.EDU
13 FebMicrosoft Releases Security Updates for Multiple ProductsMicrosoft has released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review Microsoft’s February Security Update…CISA.GOV
13 FebCISA Releases One Industrial Control Systems AdvisoryCISA released one Industrial Control Systems (ICS) advisory on February 13, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-044-01 Mitsubishi Electric MELSEC iQ-R Series Safety CPU CISA encour…CISA.GOV
13 FebAdobe Releases Security Updates for Multiple ProductsAdobe has released security updates to address vulnerabilities in Adobe software. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following Adobe Security Bulletins and …CISA.GOV
13 FebSeal Security wants to make open source vulnerability remediation easySeal Security, a Tel Aviv-based startup founded by a group of former members of Israel’s Unit 8200 intelligence unit, is coming out of stealth today and announcing a $7.4 million seed funding round led by Vertex Ventures Israel, with participation from Crew Capital, PayPal …TECHCRUNCH.COM
13 FebAI adoption in security taking off amid budget, trust, and skill-based issuesWhile the application of AI has picked up in cybersecurity, large-scale adoption still suffers from a lack of expertise, budget, and trust, according to a MixMode report. The report, commissioned through the Ponemon Institute, surveyed 641 IT and security practitioners in the US …CSOONLINE.COM
13 FebHow to strengthen your Kubernetes defensesThe runaway success of Kubernetes adoption by enterprise software developers has created motivation for attackers to target these installations with specifically designed exploits that leverage its popularity. Attackers have become better at hiding their malware, avoiding the alm…CSOONLINE.COM
13 FebA changing world requires CISOs to rethink cyber preparednessFollowing a tumultuous 2023, it might seem remarkable to suggest that 2024 could bring unprecedented security events to world affairs. Yet many factors suggest this will be the case. Around 50 countries will vote in 2024 , including the world’s three largest democracies and sev…CSOONLINE.COM
13 FebHigh-profile incidents put spotlight on non-production system securityIn 2018, the US Federal Trade Commission (FTC) entered a settlement with Uber over the company’s data privacy and protection policies. The FTC alleged that Uber software engineers would develop and test software that could connect to cloud data using inadequate cloud access contr…CSOONLINE.COM
13 FebProactive Compliance, Improving Cybersecurity Culture, and Hiring The Right Skills - BSW #338In the leadership and communications section, SEC’s Enforcement Head: It’s Time for ‘Proactive Compliance’, Improving cybersecurity culture: A priority in the year of the CISO, Breaking Down Barriers: 6 Simple Measures to Overcome Communication Barriers, and more! Visit https://w…YOUTUBE.COM
13 FebCreating Code Security Through Better Visibility - Christien Rioux - ASW #273We've been scanning code for decades. Sometimes scanning works well -- it finds meaningful flaws to fix. Sometimes it distracts us with false positives. Sometimes it burdens us with too many issues. We talk about finding a scanning strategy that works well and what the definition…YOUTUBE.COM
13 FebThe Ultimate OSINT Collectionsubmitted by c0mmando to netsec 7 points | 0 comments https://start.me/p/DPYPMz/the-ultimate-osint-collection This page is for anyone trying to find their way in the overwhelming world of open-source intelligence. It’s a collection of my favorite OSINT resources, and I hope it he…START.ME
13 FebCISA, FBI warn of China-linked hackers pre-positioning for ‘destructive cyberattacks against US critical infrastructure’submitted by c0mmando to netsec 13 points | 1 comments https://therecord.media/cisa-fbi-warn-of-china-linked-hackers-targeting-critical-us-infrastructure Hackers allegedly connected to China’s government are conducting attacks with the long-term goal of causing physical destructi…THERECORD.MEDIA
13 FebFree Rhysida ransomware recovery tool publishedsubmitted by c0mmando to netsec 15 points | 1 comments https://www.theregister.com/2024/02/13/rhysida_ransomware_decrypted/ Some smart folks have found a way to automatically unscramble documents encrypted by the Rhysida ransomware, and used that know-how to produce and release a…THEREGISTER.COM
📋 SECURITY BULLETINS 2[−]
13 FebPatch Tuesday: Adobe Warns of Critical Flaws in Widely Deployed SoftwareAdobe ships patches for at least 30 documented security flaws, warning that users are exposed to code execution, security feature bypass and denial-of-service attacks. The post Patch Tuesday: Adobe Warns of Critical Flaws in Widely Deployed Software appeared first on SecurityWeek…SECURITYWEEK.COM
13 FebICS Patch Tuesday: Siemens Addresses 270 VulnerabilitiesFebruary 2024 ICS Patch Tuesday: Siemens and Schneider Electric release a total of 18 new security advisories. The post ICS Patch Tuesday: Siemens Addresses 270 Vulnerabilities appeared first on SecurityWeek .SECURITYWEEK.COM
📢 SECURITY ADVISORIES 3[−]
13 FebNews alert: Kiteworks named as a founding member of NIST’s new AI safety consortium – ‘AISIC’San Mateo, Calif., Feb. 13, 2023 – The U.S. White House announced groundbreaking collaboration between OpenPolicy and leading innovation companies, including Kiteworks , which delivers data privacy and compliance for sensitive content communications through its Private Content Ne…LASTWATCHDOG.COM
13 FebData residency: What is it and why it is important?Data residency is a hot topic, especially for cloud data. The reason is multi-faceted, but the focus has been driven by the General Data Protection Regulation (GDPR), which governs information privacy in the European Union and the European Economic Area. The GDPR defines the requ…SECURITYINTELLIGENCE.COM
13 FebRaspberry Pi Pico cracks BitLocker in under a minutesubmitted by c0mmando to netsec 16 points | 2 comments https://www.theregister.com/2024/02/07/breaking_bitlocker_pi_pico/ We’re very familiar with the many projects in which Raspberry Pi hardware is used, from giving old computers a new lease of life through to running the animat…THEREGISTER.COM
🔥 INCIDENT REPORTING 13[−]
13 FebIntegris Health says data breach impacts 2.4 million patientsIntegris Health has reported to U.S. authorities that the data breach it suffered last November exposed personal information belonging to almost 2.4 million people. [...]BLEEPINGCOMPUTER.COM
13 FebJet Engine Dealer to Major Airlines Discloses ‘Unauthorized Activity’The Black Basta ransomware group claims to have stolen 910 GB of sensitive company data from Willis Lease Finance Corporation, including passport scans and personal information of staff and customers.THEREGISTER.COM
13 FebBank of America Warns Customers of Data Breach After Vendor HackThe personal information of approximately 57,028 individuals was exposed, including names, addresses, social security numbers, and financial details. The breach was attributed to a cyberattack by the LockBit ransomware gang.BLEEPINGCOMPUTER.COM
13 FebFrench Healthcare Payments Processor Breaches Affect Half of PopulationFrance’s data protection agency CNIL says it is investigating massive data breaches at two companies that manage third-party healthcare payments, warning that more than 33 million people may be affected. The post French Healthcare Payments Processor Breaches Affect Half of Popula…SECURITYWEEK.COM
13 FebWillis Lease Finance Corp Discloses CyberattackAircraft parts dealer Willis Lease Finance Corporation (WLFC) notified the SEC that it fell victim to a cyberattack. The post Willis Lease Finance Corp Discloses Cyberattack appeared first on SecurityWeek .SECURITYWEEK.COM
13 FebBank of America Customer Data Stolen in Data BreachBank of America is notifying some customers that their personal information was stolen in a data breach at third-party services provider. The post Bank of America Customer Data Stolen in Data Breach appeared first on SecurityWeek .SECURITYWEEK.COM
13 FebMidnight Blizzard and Cloudflare-Atlassian Cybersecurity Incidents: What to KnowThe Midnight Blizzard and Cloudflare-Atlassian cybersecurity incidents raised alarms about the vulnerabilities inherent in major SaaS platforms. These incidents illustrate the stakes involved in SaaS breaches — safeguarding the integrity of SaaS apps and their sensitive data is c…THEHACKERNEWS.COM
13 FebDarkGate Malware opens RaaS For Financially Motivated HackersFollowing the FBI’s shutdown of Qakbot infrastructure in August 2023, security analysts at EclecticIQ observed a surge in the use of the DarkGate loader. EclecticIQ believes DarkGate is primarily in the hands of financially motivated groups like TA577 and Ducktail and RaaS …GBHACKERS.COM
13 FebTool sprawl is hurting application security, US CSOs sayEight out of the top 10 data breaches in 2023 can be attributed to application attack surfaces, as attackers shift focus from classic infrastructure configurations to targeting vulnerable applications and APIs, according to a study from CrowdStrike. Eight breaches alone exposed a…CSOONLINE.COM
13 FebCyber Attacks Spike Suddenly Prior to Taiwan’s Electionsubmitted by LinearArray to security 9 points | 0 comments https://www.voanews.com/a/cyber-attacks-spike-suddenly-prior-to-taiwan-s-election-/7485386.htmlVOANEWS.COM
13 FebDecrypted: Rhysida Ransomware - "we are now publicly releasing our decryptor for download to all victims of the Rhysida ransomware"submitted by L4s to secops 33 points | 1 comments https://decoded.avast.io/threatresearch/decrypted-rhysida-ransomware/ Decrypted: Rhysida Ransomware - “we are now publicly releasing our decryptor for download to all victims of the Rhysida ransomware”::The team at Avast has devel…DECODED.AVAST.IO
🕵️ THREAT INTELLIGENCE 19[−]
13 FebA Hacker’s Mind is Out in PaperbackThe paperback version of A Hacker’s Mind has just been published. It’s the same book, only a cheaper format. But—and this is the real reason I am posting this—Amazon has significantly discounted the hardcover to $15 to get rid of its stock. This is much ch…SCHNEIER.COM
13 FebMolly White Reviews Blockchain BookMolly White—of “ Web3 is Going Just Great ” fame— reviews Chris Dixon’s blockchain solutions book: Read Write Own : In fact, throughout the entire book, Dixon fails to identify a single blockchain project that has successfully provided a non-speculat…SCHNEIER.COM
13 Feb200,000 Facebook Marketplace user records leaked on hacking forumA threat actor leaked 200,000 records on a hacker forum, claiming they contained the mobile phone numbers, email addresses, and other personal information of Facebook Marketplace users. [...]BLEEPINGCOMPUTER.COM
13 Feb5 Steps to Improve Your Security Posture in Microsoft TeamsMicrosoft Teams is susceptible to a growing number of cybersecurity threats as its massive user base is an attractive target for cybercriminals. Learn more from Adaptive Shield on how to increase your Microsoft Teams security posture. [...]BLEEPINGCOMPUTER.COM
13 FebJFK Airport Taxi Hackers Sentenced to PrisonTwo individuals involved in hacking the taxi dispatch system at JFK airport have been sentenced to prison. The post JFK Airport Taxi Hackers Sentenced to Prison appeared first on SecurityWeek .SECURITYWEEK.COM
13 FebPikaBot Resurfaces with Streamlined Code and Deceptive TacticsThe threat actors behind the PikaBot malware have made significant changes to the malware in what has been described as a case of "devolution." "Although it appears to be in a new development cycle and testing phase, the developers have reduced the complexity of the code by remov…THEHACKERNEWS.COM
13 FebISC Stormcast For Tuesday, February 13th, 2024 https://isc.sans.edu/podcastdetail/8850, (Tue, Feb 13th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
13 FebFileless Revenge RAT Abuses Legitimate Tools to Hide Malicious ActivityThreat actors are distributing Revenge RAT malware, developed using legitimate tools like “smtp-validator” and “Email to SMS.” When executed, the malware runs a malicious file and a legitimate tool, making it difficult for users to know there is malicious …GBHACKERS.COM
13 FebNew Azure Hacking Campaign Steals Senior Executive AccountsAn ongoing campaign of cloud account takeover has affected hundreds of user accounts, including those of senior executives, and impacted dozens of Microsoft Azure environments. Threat actors attack users with customized phishing lures inside shared documents as part of this ongoi…GBHACKERS.COM
13 FebTurk Hack Team Attacked the World’s Largest Cooperative FinanceThreat actors target financial institutions due to the potential for significant financial gains and access to sensitive customer data. These entities are attractive targets for threat actors seeking lucrative opportunities and avenues for money laundering, fraud, and ransom.…GBHACKERS.COM
13 FebLLMs & Security Tools, Shim Vuln, AI Threat Models, Configuration as Code with Pkl - ASW #273LLMs improve fuzzing coverage, the Shim vuln threatens Linux secure boot, considering AI application threat models, a new language for a configuration file format, and more! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.c…YOUTUBE.COM
13 FebAngry mobs, Azure, Avanti, Rhysida, Warzone, Flipper Zero, Josh Marpet, and More - SWN #362Angry mobs, Azure, Avanti, Rhysida, Warzone, Flipper Zero, Bitlocker, Josh Marpet, and more are on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-362YOUTUBE.COM
13 FebAngry mobs, Azure, Avanti, Rhysida, Warzone, Flipper Zero, Josh Marpet, and More – SWN #362Angry mobs, Azure, Avanti, Rhysida, Warzone, Flipper Zero, Bitlocker, Josh Marpet, and more are on this edition of the Security Weekly News. →Watch live: https://securityweekly.com/live →Subscribe to our podcasts: https://securityweekly.com/subscribe →Join our community Discord: …YOUTUBE.COM
13 FebThe Business Side of AI - Edward Contreras - CSP #161Artificial Intelligence: Currently these two words can mean a world of difference to different people. How do you bring this topic to the board, to executives, or to business partners, and help them understand the risks without the FUD or technical language that so often creeps i…YOUTUBE.COM
13 Feb83% of Indian cybersecurity, IT workers impacted by burnout, fatigue: Report - Social News XYZsubmitted by LinearArray to security 4 points | 0 comments https://www.socialnews.xyz/2024/02/12/83-of-indian-cybersecurity-it-workers-impacted-by-burnout-fatigue-report/SOCIALNEWS.XYZ
13 FebChatGPT Account Takeover via Wildcard Web Cache Deceptionsubmitted by testeronious to security 18 points | 0 comments https://nokline.github.io/bugbounty/2024/02/04/ChatGPT-ATO.htmlNOKLINE.GITHUB.IO
13 FebPAPERWALL: Chinese Websites Posing as Local News Outlets Target Global Audiences with Pro-Beijing Contentsubmitted by c0mmando to netsec 28 points | 0 comments https://citizenlab.ca/2024/02/paperwall-chinese-websites-posing-as-local-news-outlets-with-pro-beijing-content/ Key Findings A network of at least 123 websites operated from within the People’s Republic of China while posing …CITIZENLAB.CA
🌐 CYBER THREAT LANDSCAPE 4[−]
13 FebBumblebee malware attacks are back after 4-month breakThe Bumblebee malware has returned after a four-month vacation, targeting thousands of organizations in the United States in phishing campaigns. [...]BLEEPINGCOMPUTER.COM
13 FebDiving Into Glupteba's UEFI BootkitThe Pay-Per-Install (PPI) ecosystem, originally intended for distributing advertisements, has evolved into a profitable platform for spreading spyware and malware, including threats like Glupteba.UNIT42.PALOALTONETWORKS.COM
13 FebNotorious Bumblebee Malware Re-emerges with New Attack MethodsThe Bumblebee malware has re-emerged with a significantly different attack chain after a four-month absence, utilizing social engineering techniques and unique characteristics in its new campaign.INFOSECURITY-MAGAZINE.COM
13 FebGlupteba Botnet Evades Detection with Undocumented UEFI BootkitThe Glupteba botnet has been found to incorporate a previously undocumented Unified Extensible Firmware Interface (UEFI) bootkit feature, adding another layer of sophistication and stealth to the malware. "This bootkit can intervene and control the [operating system] bo…THEHACKERNEWS.COM
📡 INFOSEC NEWS 14[−]
13 FebSophos Wins Top Employer Awards in British Columbia, CanadaSophos has been named as one of the top employers in British Columbia, Canada for the eighth year running.SOPHOS.COM
13 FebWindows 10 KB5034763 update released with new fixes, changesMicrosoft has released the KB5034763 cumulative update for Windows 10 21H2 and Windows 10 22H2, which includes a small number of changes, including the continued rollout of changes to comply with Europe's Digital Markets Act (DMA). [...]BLEEPINGCOMPUTER.COM
13 FebWindows 11 KB5034765 update released with Start Menu fixesMicrosoft has released the KB5034765 cumulative update for Windows versions 23H2 and 22H2 to fix several bugs in the OS, including an issue that causes problems with the Start menu. [...]BLEEPINGCOMPUTER.COM
13 FebHackers steal $290 million in crypto from PlayDapp gaming platformHackers are believed to have used a stolen private key to mint and steal over $290 million in PLA tokens, a cryptocurrency used within the PlayDapp ecosystem. [...]BLEEPINGCOMPUTER.COM
13 FebFertility tracker Glow fixes bug that exposed users’ personal dataA bug in the online forum for the fertility tracking app Glow exposed the personal data of around 25 million users, according to a security researcher. The bug exposed users’ first and last names, self-reported age group (such as children aged 13-18 and adults aged 19-25, and age…TECHCRUNCH.COM
13 FebGlobal Cybersecurity Trends: AI, Geopolitical Risks, and Zero TrustTrend Micro’s Chief Technology Strategy Officer discusses the biggest cybersecurity trends and what to watch for in 2024.TRENDMICRO.COM
13 FebGlobal Cybersecurity Trends: AI, Geopolitical Risks, and Zero TrustTrend Micro’s Chief Technology Strategy Officer discusses the biggest cybersecurity trends and what to watch for in 2024.TRENDMICRO.COM
13 FebCyberthreats to marketing | Kaspersky official blogHow cybercriminals steal advertising budgets, advertising mailouts, and websites, and how to protect them.KASPERSKY.COM
13 FebPHP deserialization attacks and a new gadget chain in LaravelDiscovery of a new gadget chain in Laravel.QUARKSLAB.COM
13 FebDeepfakes in the global election year of 2024: A weapon of mass deception?As fabricated images, videos and audio clips of real people go mainstream, the prospect of a firehose of AI-powered disinformation is a cause for mounting concernWELIVESECURITY.COM
13 FebHackers mint 1.79 billion crypto tokens from PlayDapp gaming platformHackers are believed to have used a stolen private key to mint and steal over 1.79 billion PLA tokens, a cryptocurrency used within the PlayDapp ecosystem. [...]BLEEPINGCOMPUTER.COM