🚨 CISA KEV 1[−]
15 Feb KEVCISA Adds Two Known Exploited Vulnerabilities to CatalogCISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2020-3259 Cisco ASA and FTD Information Disclosure Vulnerability CVE-2024-21410 Microsoft Exchange Server Privilege Escalation Vulnerability These…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 4[−]
15 Feb KEVCritical Exchange Server Flaw (CVE-2024-21410) Under Active ExploitationMicrosoft on Wednesday acknowledged that a newly disclosed critical security flaw in Exchange Server has been actively exploited in the wild, a day after it released fixes for the vulnerability as part of its Patch Tuesday updates. Tracked as CVE-2024-21410 (CVSS s…THEHACKERNEWS.COM
15 FebWater Hydra’s Zero-Day Attack Chain Targets Financial TradersThe Water Hydra APT group utilized CVE-2024-21412 to bypass Microsoft Defender SmartScreen and implant victims with the DarkMe malware, targeting financial market traders.INFOSECURITY-MAGAZINE.COM
15 FebNew Critical Microsoft Exchange Bug Exploited as Zero-DayDiscovered internally and tracked as CVE-2024-21410, this security flaw can let remote unauthenticated threat actors escalate privileges in NTLM relay attacks targeting vulnerable Microsoft Exchange Server versions.BLEEPINGCOMPUTER.COM
15 FebMicrosoft Warns of Exploited Exchange Server Zero-DayMicrosoft says a newly patched Exchange Server vulnerability (CVE-2024-21410) has been exploited in attacks. The post Microsoft Warns of Exploited Exchange Server Zero-Day appeared first on SecurityWeek .SECURITYWEEK.COM
⚠️ VULNERABILITY DISCLOSURE 34[−]
15 FebNew HijackLoader Malware Uses Advanced Techniques to Avoid DetectionThreat actors exploit HijackLoader because it is a powerful tool for injecting malicious code into legitimate processes, enabling stealthy execution of payloads. This technique helps them to evade detection by leveraging trusted applications to carry out malicious activities.…GBHACKERS.COM
15 FebCisco Announces It is Laying Off Thousands of WorkersAbout 5 percent of Cisco's global workforce will be affected by layoffs, the Silicon Valley-based company said. The post Cisco Announces It is Laying Off Thousands of Workers appeared first on SecurityWeek .SECURITYWEEK.COM
15 Feb KEVMicrosoft Patch Tuesday 2024: 73 Security Flaws, Including Two 0-Days PatchedAs part of its February 2024 Patch Tuesday updates, Microsoft has published patches to address 73 security flaws, including two zero-day vulnerabilities that have been actively exploited. Five of the 73 vulnerabilities are classified as ‘Critical’, 65 as ‘Import…GBHACKERS.COM
15 FebZoom Patches Critical Privilege Elevation Flaw in Windows AppsThe Zoom desktop and VDI clients, as well as the Meeting SDK for Windows, are vulnerable to an improper input validation flaw, which could allow an unauthenticated attacker to conduct privilege escalation on the target system over the network.BLEEPINGCOMPUTER.COM
15 FebDNS Server Vulnerability: Single DNS Packet can Bring Down the SystemA new flaw has been discovered in DNSSEC, which, when exploited by threat actors, could result in the unavailability of technologies such as web browsing, email, and instant messaging. This new class of attacks has been termed “KeyTrap” by researchers. Moreover, a thr…GBHACKERS.COM
15 FebCybercriminals Get Productivity Boost With AICybercriminals are using generative AI tools to create convincing face swaps and exploit loopholes in biometric systems, posing a significant threat to identity verification.HELPNETSECURITY.COM
15 FebChinese Hackers Using Deepfakes in Advanced Mobile Banking Malware AttacksA Chinese-speaking threat actor codenamed GoldFactory has been attributed to the development of highly sophisticated banking trojans, including a previously undocumented iOS malware called GoldPickaxe that's capable of harvesting identity documents, facial recognition d…THEHACKERNEWS.COM
15 FebTwo Queens Men Sentenced for Hacking Into JFK Airport Taxi Dispatch SystemTwo men, Daniel Abayev and Peter Leyman, were sentenced to prison for hacking into the taxi dispatch system at JFK Airport in New York City. They exploited the system to allow certain drivers to skip ahead in the pickup line in exchange for payment.THERECORD.MEDIA
15 FebOn the Insecurity of Software BloatGood essay on software bloat and the insecurities it causes. The world ships too much code, most of it by third parties, sometimes unintended, most of it uninspected. Because of this, there is a huge attack surface full of mediocre code. Efforts are ongoing to improve the quality…SCHNEIER.COM
15 FebReport: Threat Actors Intensify Focus on NATO Member StatesA report from Flare indicates that Initial Access Brokers (IABs) are increasingly targeting entities within NATO member states through various techniques such as spear-phishing and exploiting vulnerabilities.HELPNETSECURITY.COM
15 FebNew Qbot malware variant uses fake Adobe installer popup for evasionThe developer of Qakbot malware, or someone with access to the source code, seems to be experimenting with new builds as fresh samples have been observed in email campaigns since mid-December. [...]BLEEPINGCOMPUTER.COM
15 FebPhishing Campaign Exploits Remote Desktop SoftwareA phishing campaign is attempting to trick users into downloading remote monitoring and management (RMM) software like AnyDesk, Atera, and Splashtop, according to researchers at Malwarebytes.KNOWBE4.COM
15 FebGerman Battery Maker Varta Halts Production After CyberattackThe company has not yet determined the extent of the damage caused by the attack. VARTA is currently focused on ensuring data integrity and has formed a task force to aid in system restoration.BLEEPINGCOMPUTER.COM
15 FebOpenAI Shuts Down Accounts Used to Generate Phishing Emails & MalwareWhile Artificial Intelligence holds immense potential for good, its power can also attract those with malicious intent. State-affiliated actors, with their advanced resources and expertise, pose a unique threat, leveraging AI for cyberattacks that can disrupt infrastructure…GBHACKERS.COM
15 FebBigID adds access governance targeted at sensitive data and privilegesCloud data security and compliance provider, BigID, has announced adding an access governance capability to its existing offerings to help hunt down exposed sensitive data and overprivileged user accounts. The capability is targeted at helping organizations improve security postu…CSOONLINE.COM
15 FebIvanti Uses End-of-Life Operating Systems, Software PackagesOutdated Software, Exploited Flaws, Security Loopholes Expose Ivanti's Devices Supply chain security firm Eclypsium found corporate VPN maker Ivanti's Pulse Secure devices - which underwent much emergency patching amid a likely Chinese espionage zero-day hacking campaign - operat…DATABREACHTODAY.CO.UK
15 FebNew Jersey Law Enforcement Officers Sue 118 Data Brokers for Not Removing Personal InformationThe lawsuits filed against data brokers in New Jersey highlight the need for stronger regulation of data brokers to protect the privacy of law enforcement personnel and all Americans.THERECORD.MEDIA
15 FebESET Patches High-Severity Privilege Escalation VulnerabilityESET has released patches for a high-severity elevation of privilege vulnerability in its Windows security products. The post ESET Patches High-Severity Privilege Escalation Vulnerability appeared first on SecurityWeek .SECURITYWEEK.COM
15 FebNew Wi-Fi Authentication Bypass Flaws Expose Home, Enterprise NetworksA couple of Wi-Fi authentication bypass vulnerabilities found in open source software can expose enterprise and home networks to attacks. The post New Wi-Fi Authentication Bypass Flaws Expose Home, Enterprise Networks appeared first on SecurityWeek .SECURITYWEEK.COM
15 FebWhy Sequoia is funding open source developers via a new equity-free fellowshipSequoia Capital plans to fund up to three open source software developers annually, as a continuation of a program it debuted last year. The Silicon Valley venture capital firm announced the Sequoia Open Source Fellowship last May, but it was initially offered on an invite-only b…TECHCRUNCH.COM
15 FebEncryption Vital For Right to Privacy, European Court RulesThe European Court of Human Rights ruled in favor of a Russian petitioner who challenged a Kremlin rule requiring telecom firms to provide backdoor access to servers for law enforcement data collection.BANKINFOSECURITY.COM
15 Feb KEVOver 13,000 Ivanti gateways vulnerable to actively exploited bugsThousands of Ivanti Connect Secure and Policy Secure endpoints remain vulnerable to multiple security issues first disclosed more than a month ago and which the vendor gradually patched. [...]BLEEPINGCOMPUTER.COM
15 FebThree critical application security flaws scanners can’t detectIn this article, Outpost24 explains three key limitations of automated vulnerability scanners, emphasizing the significance of manual pen testing in enhancing security. [...]BLEEPINGCOMPUTER.COM
15 FebRhysida ransomware cracked! Free decryption tool releasedA group of South Korean security researchers have uncovered a vulnerability in the infamous Rhysida ransomware that provides a way for encrypted files to be unscrambled. Read more in my article on the Tripwire State of Security blog.TRIPWIRE.COM
15 FebNew Security Advisory Tab Added to the Microsoft Security Update GuideToday, we are adding a new Security Advisory tab to the Security Update Guide to meet our customers’ needs for a unified and authoritative source for the latest public information about Microsoft security updates and issues. We are continuously listening to feedback from users of…MSRC.MICROSOFT.COM
15 FebCISA Releases Seventeen Industrial Control Systems AdvisoriesCISA released seventeen Industrial Control Systems (ICS) advisories on February 15, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-046-01 Siemens SCALANCE W1750D ICSA-24-046-02 Siemens SIDIS …CISA.GOV
15 FebCISA and MS-ISAC Release Advisory on Compromised Account Used to Access State Government OrganizationToday, CISA and the Multi-State Information Sharing & Analysis Center (MS-ISAC) released a joint Cybersecurity Advisory (CSA), Threat Actor Leverages Compromised Account of Former Employee to Access State Government Organization to provide network defenders with the tactics, …CISA.GOV
15 FebSpyware startup Variston is losing staff, some say it’s closingIn July 2021, someone sent Google a batch of malicious code that could be used to hack Chrome, Firefox, and PCs running Windows Defender. That code was part of an exploitation framework called Heliconia. And at the time, the exploits used to target those applications were zero-da…TECHCRUNCH.COM
15 FebPretending to be Batman, self-destructing USB drives, and controlling your dreams - ESW #350This is almost a special episode on crazy new products. For the first half of the show, we discuss startup funding, market forces, acquisitions - stuff we usually discuss. Then we get into all the crazy new AI and non-AI products being announced and coming out. Have some disposab…YOUTUBE.COM
15 FebBreach Roundup: Zeus Banking Trojan Leader Pleads GuiltyAlso: Polish Prime Minister Says Previous Administration Deployed Pegasus Spyware This week, the Zeus leader pleaded guilty, Prudential detected hackers, U.S. telecoms have to report breaches, Microsoft patched zero-days, researchers said Chinese threat intel is faulty, ransomwar…DATABREACHTODAY.CO.UK
15 FebOpenAI and Microsoft Terminate State-Backed Hacker AccountsHackers Used LLMs to Perform Tasks That Non-AI Tools Can Perform Nation-state hackers including Russian military intelligence and hackers backed by China have used OpenAI large language models for research and to craft phishing emails, the artificial intelligence company disclose…DATABREACHTODAY.CO.UK
📢 SECURITY ADVISORIES 2[−]
15 FebCISA Reveals JCDC’s 2024 Cybersecurity PrioritiesThe priorities focus on defending against Advanced Persistent Threat (APT) operations, raising cybersecurity standards for critical infrastructure, and anticipating emerging technology risks.INFOSECURITY-MAGAZINE.COM
15 FebNorth Korean Hackers Target South Korean President's OfficeSouth Korea has accused North Korean hackers of breaching an administrator's email account in the Office of the President to access information about the president's communications and overseas trips.BANKINFOSECURITY.COM
🔥 INCIDENT REPORTING 19[−]
15 FebSmashing Security podcast #359: Declaring war on ransomware gangs, mobile muddles, and AI religionHoly mackerel! AI is jumping on the religion bandwagon, ransomware gangs target hospitals, and what's happened to your old mobile phone number? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Clule…GRAHAMCLULEY.COM
15 FebUpdate: LockBit Claims Ransomware Attack on Fulton County, GeorgiaThe county's website still shows the initial alert about the system outage, and some services, like property tax and water billing, remain offline. The hackers claim to have stolen sensitive data and threaten to release it if a ransom is not paid.BLEEPINGCOMPUTER.COM
15 FebNorth Korea successfully hacks email of South Korean President’s aide, gains access to sensitive informationThe office of South Korean president Yoon Suk Yeol has confirmed that North Korea hacked into the personal emails of one of its staff members. Read more in my article on the Hot for Security blog.BITDEFENDER.COM
15 FebHow Nation-State Actors Target Your Business: New Research Exposes Major SaaS VulnerabilitiesWith many of the highly publicized 2023 cyber attacks revolving around one or more SaaS applications, SaaS has become a cause for genuine concern in many boardroom discussions. More so than ever, considering that GenAI applications are, in fact, SaaS applications. Wing Security (…THEHACKERNEWS.COM
15 FebALPHV Ransomware Claims Hit on Canada’s Trans-Northern PipelinesTNPI's internal network was breached by the ALPHV/BlackCat ransomware gang, leading to the potential theft of 183GB of company documents and contact information for TNPI employees.CYBERSECURITYDIVE.COM
15 FebNumber of Data Compromises Affecting U.S. Organizations Rises To 77%New data summarizing the compromises of data in 2023 provides key details on who’s being targeted, what types of data is being compromised, and what attack vectors are being used.KNOWBE4.COM
15 FebRussian Turla Hackers Target Polish NGOs with New TinyTurla-NG BackdoorThe Russia-linked threat actor known as Turla has been observed using a new backdoor called TinyTurla-NG as part of a three-month-long campaign targeting Polish non-governmental organizations in December 2023. "TinyTurla-NG, just like TinyTurla, is a small 'last chance'…THEHACKERNEWS.COM
15 FebLockBit claims cyberattack on Indian broker Motilal OswalThe prolific ransomware gang LockBit has claimed responsibility for hacking one of India’s top brokerage firms, Motilal Oswal. Indian authorities say they are aware and investigating the incident. On Tuesday, LockBit added the Indian brokerage giant Motilal Oswal to its dar…TECHCRUNCH.COM
15 FebUs Military Notifies 20,000 of Data Breach After Cloud Email LeakThe U.S. Department of Defense has notified around 20,600 individuals that their personal information was exposed in an email data spill due to a misconfigured cloud email server hosted on Microsoft's platform.AU.FINANCE.YAHOO.COM
15 FebCyberattack Disrupts Production at Varta Battery FactoriesProduction at five plants of German battery maker Varta has been disrupted by a cyberattack, possibly a ransomware attack. The post Cyberattack Disrupts Production at Varta Battery Factories appeared first on SecurityWeek .SECURITYWEEK.COM
15 FebCryptohack Roundup: Cash Is Still King for CriminalsAlso: Changpeng Zhao's Sentencing; UN Probe of North Korean Hacks This week, the U.S. Treasury reported on crypto in crime, Changpeng Zhao's sentencing was rescheduled, PlayDapp was hacked, the UN probed North Korean hacking, suspicious crypto transactions increased in South Kore…DATABREACHTODAY.CO.UK
15 FebCyberattacks on Hospitals Are Likely to Increase, Putting Lives at Risk, Experts WarnHospitals around the country are at risk for attacks like the one that is crippling operations at a children’s hospital, and some say the government is doing too little prevent such breaches. The post Cyberattacks on Hospitals Are Likely to Increase, Putting Lives at Risk, Expert…SECURITYWEEK.COM
15 FebUS offers up to $15 million for tips on ALPHV ransomware gangThe U.S. State Department is offering rewards of up to $10 million for information that could lead to the identification or location of ALPHV/Blackcat ransomware gang leaders. [...]BLEEPINGCOMPUTER.COM
15 FebRansomHouse gang automates VMware ESXi attacks with new MrAgent toolThe RansomHouse ransomware operation has created a new tool named 'MrAgent' that automates the deployment of its data encrypter across multiple VMware ESXi hypervisors. [...]BLEEPINGCOMPUTER.COM
15 FebPrescriptive Mitigation Guidance, Power to ICS SecurityImagine a cascading blackout, disrupted pipelines, or manipulated manufacturing processes – all orchestrated through a cyberattack. This chilling reality paints a stark picture of the escalating cyber threats targeting Industrial Control Systems (ICS). Addressing these chal…GBHACKERS.COM
15 FebOver Half of Malware Downloads Originate from SaaS AppsAs the popularity of SaaS apps continues to grow, security analysts expect the misuse of such apps as the host for malware downloads to continue to rise through 2024.KNOWBE4.COM
15 FebMaterial: cybersecurity word of the year, thanks to the SEC - Amer Deeba - ESW #350In this segment, featuring guest Amer Deeba, we'll explore how the SEC's new breach reporting rules will affect companies. We've got a ton of questions: What behavior has to change? What additional preparation needs to take place? How does this rule affect data security? How does…YOUTUBE.COM
15 FebTo Avoid Bankruptcy, EMR Firm Settles Lawsuit for $4MPediatric Tech Vendor Hit by 2022 Data Breach Affecting 3 Million - Mostly Children An electronic health record and practice management software firm says the only way to avoid bankruptcy from the consolidation of nine proposed class action lawsuits filed in the wake of a 2022 da…DATABREACHTODAY.CO.UK
15 FebNews alert: Harter Secrest & Emery announces designation as NetDiligence-authorized Breach CoacRochester, N.Y. Feb. 15, 2024 – Harter Secrest & Emery LLP , a full-service business law firm with offices throughout New York, is pleased to announce that it has been selected as a NetDiligence-authorized Breach Coach ® , a designation … (more…)LASTWATCHDOG.COM
🕵️ THREAT INTELLIGENCE 17[−]
15 FebISC Stormcast For Thursday, February 15th, 2024 https://isc.sans.edu/podcastdetail/8854, (Thu, Feb 15th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
15 FebOpenAI Shuts Down Accounts Linked to Five Nation-State Hacking GroupsState-linked hacking groups from China, Russia, Iran, and North Korea were observed using AI technologies to improve reconnaissance, command techniques, and social engineering efforts, posing a potential cybersecurity threat.THERECORD.MEDIA
15 FebDDoS Hacktivism is Back With a Geopolitical VengeanceDDoS attacks have evolved from social protests through criminal extortion, hack attack smokescreens and competitor suppression to geopolitical vengeance. The post DDoS Hacktivism is Back With a Geopolitical Vengeance appeared first on SecurityWeek .SECURITYWEEK.COM
15 FebBanking Trojan GoldPickaxe Harvests Facial BiometricsBoth iOS and Android Variants Can Record Face Videos, Used to Create AI Deepfakes A Chinese-speaking cybercrime group codenamed GoldFactory has built a new Android and iOS banking Trojan, GoldPickaxe, that can to harvest and steal personal details, including biometric face profil…DATABREACHTODAY.CO.UK
15 FebGoldPickaxe Trojan Uses Biometric Data and Deepfake Tech to Scam BanksThe trojan captures facial biometric data to create deepfake videos for bypassing banking logins, demonstrating a high level of sophistication and operational maturity by the cybercriminal group GoldFactory.INFOSECURITY-MAGAZINE.COM
15 FebWhat are You Working on Wednesday (Special Thursday edition)submitted by shellsharks to cybersecurity 1 points | 0 comments Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.INFOSEC.PUB
15 FebTurla hackers backdoor NGOs with new TinyTurla-NG malwareSecurity researchers have identified and analyzed new malware they call TinyTurla-NG and TurlaPower-NG used by the Russian hacker group Turla to maintain access to a target's network and to steal sensitive data. [...]BLEEPINGCOMPUTER.COM
15 FebNo Security Scrutiny for Half of Major Code Changes: AppSec SurveyOnly 54% of major code changes go through a full security review, a new CrowdStrike State of Application Security report reveals. The post No Security Scrutiny for Half of Major Code Changes: AppSec Survey appeared first on SecurityWeek .SECURITYWEEK.COM
15 FebNorth Korea Turns to Designing Malware-Infected Gambling Websites for CashThe operation is carried out by an IT organization called "Gyeongheung," affiliated with North Korea's secretive Office 39. These websites are sold for $5,000 a month, with additional tech support for $3,000.THEREGISTER.COM
15 FebOpenAI blocks state-sponsored hackers from using ChatGPTOpenAI has removed accounts used by state-sponsored threat groups from Iran, North Korea, China, and Russia, that were abusing its artificial intelligence chatbot, ChatGPT. [...]BLEEPINGCOMPUTER.COM
15 FebHow to Analyse an Advanced Phishing Attack with ANY.RUN Threat Intelligence LookupAn advanced phishing attack typically involves sophisticated tactics such as compelling email and website replicas that are often tailored to specific targets. These attacks may use social engineering techniques to manipulate victims into revealing sensitive information and insta…GBHACKERS.COM
15 FebBanking Trojan Harvests Facial Biometrics for AI DeepfakesGoldPickaxe Malware Can Record User’s Face - Use Video to Commit Deepfake Scams A Chinese-speaking cybercrime group with the codename GoldFactory has built a new Android and iOS banking Trojan, GoldPickaxe, that can harvest and steal personal details, including biometric face pro…DATABREACHTODAY.CO.UK
15 FebMaterial: cybersecurity word of the year, thanks to the SEC with Amer Deeba – ESW #350Join us live at 2pm ET as we discuss Material: cybersecurity word of the year, thanks to the SEC with Amer Deeba, CEO & Cofounder at Normalyze – ESW #350 →Watch live here: securityweekly.com/live →Subscribe to our podcasts: https://securityweekly.com/subscribe →Join our community…YOUTUBE.COM
15 FebUS Disrupts Russian Military Intelligence BotnetGRU Hackers Commandeered 'Moobot' for Cyberespionage The U.S. federal government says it disrupted a criminal botnet that Russian military intelligence had converted into a platform for global cyberespionage. The malware targets Linux-based IoT devices - in this case, routers mad…DATABREACHTODAY.CO.UK
15 FebFBI Dismantles Ubiquiti Router Botnet Controlled by Russian CyberspiesThe US government says it has neutralized a network of hundreds of Ubiquiti Edge OS routers under the control of the Russia's APT28 hackers. The post FBI Dismantles Ubiquiti Router Botnet Controlled by Russian Cyberspies appeared first on SecurityWeek .SECURITYWEEK.COM
15 FebIran-Aligned Threat Actor "CharmingCypress" Launches Spear Phishing AttacksResearchers at Volexity warn that the suspected Iranian threat actor CharmingCypress (also known as “Charming Kitten” or “APT42”) has been launching spear phishing attacks against Middle Eastern policy experts.KNOWBE4.COM
15 FebRussia Continues to Focus on Cyber Operations and EspionageGoogle and Mandiant Researchers Track Russia-Ukraine War Tactics Ahead of Elections Russia continues to focus on running cyber operations and espionage that target Ukraine's military, government and civil society in support of its ground campaign, researchers at Google said, warn…DATABREACHTODAY.CO.UK
🌐 CYBER THREAT LANDSCAPE 9[−]
15 FebNew ‘Gold Pickaxe’ Android, iOS malware steals your face for fraudA new iOS and Android trojan named 'GoldPickaxe' employs a social engineering scheme to trick victims into scanning their faces and ID documents, which are believed to be used to generate deepfakes for unauthorized banking access. [...]BLEEPINGCOMPUTER.COM
15 FebBackdoors That Let Cops Decrypt Messages Violate Human Rights, EU Courts SaysPACKETSTORMSECURITY.COM
15 FebIvanti Pulse Secure Found Using 11-Year-Old Linux Version and Outdated LibrariesA reverse engineering of the firmware running on Ivanti Pulse Secure appliances has revealed numerous weaknesses, once again underscoring the challenge of securing software supply chains. Eclypsiusm, which acquired firmware version 9.1.18.2-24467.1 as part of the process, said th…THEHACKERNEWS.COM
15 Feb6 Categories of Modern Threat Landscape | Empowering Business Continuity for Cyber ResilienceDATABREACHTODAY.CO.UK
15 FebFBI disrupts Moobot botnet used by Russian military hackersThe FBI took down a botnet of small office/home office (SOHO) routers used by Russia's Main Intelligence Directorate of the General Staff (GRU) in spearphishing and credential theft attacks targeting the United States and its allies. [...]BLEEPINGCOMPUTER.COM
15 FebZeus, IcedID malware gangs leader pleads guilty, faces 40 years in prisonUkrainian national Vyacheslav Igorevich Penchukov, one of the heads of the notorious JabberZeus cybercrime gang, has pleaded guilty to charges related to his leadership roles in the Zeus and IcedID malware groups. [...]BLEEPINGCOMPUTER.COM
15 FebAll eyes on AI | Unlocked 403: A cybersecurity podcastArtificial intelligence is on everybody’s lips these days, but there are also many misconceptions about what AI actually is and isn’t. We unpack the basics and examine AI's broader implications.WELIVESECURITY.COM
15 FebFBI disrupts Russian Moobot botnet infecting Ubiquiti routersThe FBI took down a botnet of small office/home office (SOHO) routers used by Russia's Main Intelligence Directorate of the General Staff (GRU) to proxy malicious traffic and to target the United States and its allies in spearphishing and credential theft attacks. [...]BLEEPINGCOMPUTER.COM
📡 INFOSEC NEWS 14[−]
15 Feb[Guest Diary] Learning by doing: Iterative adventures in troubleshooting, (Thu, Feb 15th)[This is a Guest Diary by Preston Fitzgerald, an ISC intern as part of the SANS.edu Bachelor&#;39;s Degree in Applied Cybersecurity (BACS) program [1].
ISC.SANS.EDU
15 FebFrance Uncovers Russian Disinformation CampaignThe network of disinformation websites, dubbed "Portal Kombat," reproduces content from pro-Russian social media accounts and news agencies, using automation and machine translation to disseminate the content.BANKINFOSECURITY.COM
15 FebRomantic AI Chatbots Fail the Security and Privacy TestMost relationship chatbots lack transparency on security management, encryption use, and data privacy, raising concerns about the potential for data misuse and manipulation of users.INFOSECURITY-MAGAZINE.COM
15 FebAsset Management Firm Armis Acquires Honeypot Maker CTCIArmis acquired CTCI, a cybersecurity startup, in a deal worth nearly $20 million. The acquisition aims to integrate CTCI's technology into Armis' Centrix platform to enhance early warning cyber intelligence capabilities.BANKINFOSECURITY.COM
15 FebCorporate Users Getting Tricked into Downloading AnyDeskHackers are tricking victims into downloading an outdated but legitimate AnyDesk executable by directing them to fake websites posing as financial institutions. Once the program is run, attackers can gain control of the victim's machine.HELPNETSECURITY.COM
15 FebFeds Want To Ban The World's Cutest Hacking Device. Experts Say It's A ScapegoatPACKETSTORMSECURITY.COM
15 FebThree Terms Sure To Grab Attention: Russia, Nuclear, Anti-Satellite WeaponPACKETSTORMSECURITY.COM
15 FebU.S. Internet Corp. Leaked Years of Internal, Customer EmailsU.S. Internet Corp.'s subsidiary, Securence, inadvertently exposed over a decade's worth of internal and client emails, including those of government institutions, due to a misconfigured server, raising serious security concerns.KREBSONSECURITY.COM
15 FebMicrosoft says it fixed a Windows Metadata server issue that’s still brokenMicrosoft claims to have fixed Windows Metadata connection issues which continue to plague customers, causing problems for users trying to manage their printers and other hardware. [...]BLEEPINGCOMPUTER.COM
15 FebNginx key developer starts a “freenginx” fork after dispute with parent firmDisagreement over security disclosures and bug-fixing priorities led to split.ARSTECHNICA.COM
15 FebNginx core developer quits project in security dispute, starts “freenginx” forkDisagreement over security disclosures and bug-fixing priorities led to split.ARSTECHNICA.COM