72Articles
7Categories
2024-02-19Date
🐛 COMMON VULNERABILITIES AND EXPOSURES 6[−]
19 FebESET Fixed High-Severity Local Privilege Escalation Bug in Windows ProductsESET addressed a high-severity vulnerability (CVE-2024-0353) in its Windows security products allowing attackers to delete files without proper permission, potentially escalating their privileges.SECURITYAFFAIRS.COM
19 FebKeyTrap attack can take out a DNS server | Kaspersky official blogThe KeyTrap attack can disable DNS servers by sending a single malicious packet that exploits a vulnerability in DNSSEC (CVE-2023-50387).KASPERSKY.COM
19 FebESET Privilege Escalation Flaw Let Attackers Delete Arbitrary FilesESET, a cybersecurity firm, has released patches for a high-severity vulnerability identified in several Windows-based security products, including consumer, business, and server security. The vulnerability tracked as CVE-2024-0353 has a CVSS score of 7.8 and was identified in th…GBHACKERS.COM
19 FebAnalysis of Mirai variant leveraging CVE-2023-1389submitted by L4s to secops 1 points | 0 comments https://blog.permafrostsec.com/posts/mirai-variant-cve-2023-1389/ Analysis of Mirai variant leveraging CVE-2023-1389::undefinedPERMAFROSTSEC.COM
19 FebRussian hackers target vulnerable webmail servers in Europe for espionageA Russian advanced persistent threat (APT) actor has been using the cross-site scripting (XSS) vulnerabilities in Roundcube webmail servers to target critical government infrastructures in Europe, according to a research by Recorded Future. The threat group, known as Winter Viver…CSOONLINE.COM
19 Feb KEVOver 28,500 Exchange servers vulnerable to actively exploited bugUp to 97,000 Microsoft Exchange servers may be vulnerable to a critical severity privilege escalation flaw tracked as CVE-2024-21410 that hackers are actively exploiting. [...]BLEEPINGCOMPUTER.COM
⚠️ VULNERABILITY DISCLOSURE 18[−]
19 FebRussian-Linked Hackers Breach 80+ Organizations via Roundcube FlawsThreat actors operating with interests aligned to Belarus and Russia have been linked to a new cyber espionage campaign that likely exploited cross-site scripting (XSS) vulnerabilities in Roundcube webmail servers to target over 80 organizations. These entities are primarily loca…THEHACKERNEWS.COM
19 FebFirst Ever iOS Trojan Steals Facial Recognition DataA novel, very sophisticated mobile Trojan dubbed GoldPickaxe.iOS that targets iOS users exclusively was discovered to collect facial recognition data, intercept SMS, and gather identity documents. The Asia-Pacific region includes the majority of those impacted by t…GBHACKERS.COM
19 FebHow to proactively prevent password-spray attacks on legacy email accountsMicrosoft recently released a security news update that addresses chilling reports that attackers have been able to pivot from a test tenant to the C suite to obtain access to emails being sent and received. In addition, it came to light that HPE’s corporate mailboxes had been ac…CSOONLINE.COM
19 FebTurla APT’c New Tool Designed to Steal Login CredentialsThe Russian cyber espionage threat group “Turla APT group” was discovered to be using a new backdoor for its malicious operations. This new backdoor has been termed “TinyTurla-NG” (TTNG), which shares similarities with a previously disclosed implant, TinyT…GBHACKERS.COM
19 FebNew MonikerLink Flaw Exposes Outlook Users to Data Theft and MalwareThe #MonikerLink vulnerability in Microsoft Outlook has a critical severity rating of 9.8 out of 10 and allows threat actors to execute arbitrary code with minimal user interaction, posing a significant security risk.HACKREAD.COM
19 FebNew TicTacToe Malware Dropper Attacking Windows UsersMalware often targets Windows users due to the operating system’s widespread popularity, making it a lucrative target for threat actors. Windows systems have historically been perceived as more vulnerable due to their larger user base and the majority of security vulnerabil…GBHACKERS.COM
19 FebRCE Vulnerabilities Fixed in Solarwinds Enterprise SolutionsSolarWinds has patched critical vulnerabilities in its Access Rights Manager (ARM) and (Orion) Platform that could allow attackers to execute code, emphasizing the importance of promptly updating to the fixed versions.HELPNETSECURITY.COM
19 FebAnatsa Android Trojan Bypasses Google Play Security, Expands Reach to New CountriesThe Android banking trojan known as Anatsa has expanded its focus to include Slovakia, Slovenia, and Czechia as part of a new campaign observed in November 2023. "Some of the droppers in the campaign successfully exploited the accessibility service, despite Google Play'…THEHACKERNEWS.COM
19 FebAkira Ransomware Actively Exploiting Cisco Anyconnect VulnerabilityThreat actors exploit Cisco AnyConnect vulnerabilities to gain unauthorized access to networks, compromise sensitive information, and potentially execute malicious activities.  Exploiting these vulnerabilities allows attackers to bypass security measures, leading to unauthor…GBHACKERS.COM
19 FebRussian Cyberspies Exploit Roundcube Flaws Against European GovernmentsRussian cyberespionage group targets European government, military, and critical infrastructure entities via Roundcube vulnerabilities. The post Russian Cyberspies Exploit Roundcube Flaws Against European Governments appeared first on SecurityWeek .SECURITYWEEK.COM
19 FebRussia-Aligned Hackers Target European and Iranian Embassies in New Espionage CampaignA Russia-linked hacking group, Winter Vivern, exploited a vulnerability in the Roundcube webmail server to spy on government and military agencies in Europe and Iranian embassies in Russia, indicating a significant cybersecurity threat.THERECORD.MEDIA
19 FebSolarWinds ARM Flaw Let Attackers Execute Remote CodeSolarWinds has released their Access Rights Manager version 2023.2.3, in which several vulnerabilities associated with Deserialization and Directory Traversal leading to Remote code execution have been fixed. The CVEs of these vulnerabilities were assigned with The severity for t…GBHACKERS.COM
19 FebHackers exploit critical RCE flaw in Bricks WordPress site builderHackers are actively exploiting a critical remote code execution (RCE) flaw impacting the Brick Builder Theme to run malicious PHP code on vulnerable sites. [...]BLEEPINGCOMPUTER.COM
19 FebLockBit ransomware disrupted by global police operationLaw enforcement agencies from 11 countries have disrupted the notorious LockBit ransomware operation in a joint operation known as ''Operation Cronos." [...]BLEEPINGCOMPUTER.COM
19 FebNew Guides Aim to Help Health Sector Beef Up Cyber, PrivacyHHS OCR, NIST Finalize HIPAA Cyber Guide; HSCC Issues Security, Privacy Resource Two new guidance resources - one from regulators and the other from an industry council - aim to help healthcare firms strengthen their protection of sensitive patient information and critical IT sys…DATABREACHTODAY.CO.UK
19 FebMicrosoft Azure Hit With The Largest Data Breach In Its History; Hundreds Of Executive Accounts Compromisedsubmitted by kid to cybersecurity 1 points | 0 comments https://techreport.com/news/microsoft-azure-hit-with-the-largest-data-breach-in-its-history-hundreds-of-executive-accounts-compromised/ For the first time in the history of Microsoft, a cyberattack has left hundreds of execu…TECHREPORT.COM
19 FebLockBit Infrasttructure Seized By US, UK PoliceLockBit Ransomware Operations Is Latest to Fall in Series of Takedowns An international law enforcement operation seized the infrastructure of Russian-speaking cybercriminal group LockBit, a prolific ransomware-as-a-service operation, marking the latest in a series of digital tak…DATABREACHTODAY.CO.UK
📢 SECURITY ADVISORIES 9[−]
19 FebJapan Sees Increased Cyberthreats to Critical Infrastructure, Particularly From ChinaRecent cyberattacks on Japanese entities, such as the Ministry of Foreign Affairs and aerospace agency JAXA, underscore the persistent threat posed by Chinese hackers to Japan's security and economy.THERECORD.MEDIA
19 FebGmail & Yahoo DMARC Rollout: When Cyber Compliance Gives a Competitive EdgeDMARC compliance offers businesses a competitive advantage through improved email deliverability and enhanced security posture, leading to better engagement rates and revenue growth.HELPNETSECURITY.COM
19 FebNorth Korean hackers linked to defense sector supply-chain attackIn an advisory today Germany's federal intelligence agency (BfV) and South Korea's National Intelligence Service (NIS) warn of an ongoing cyber-espionage operation targeting the global defense sector on behalf of the North Korean government. [...]BLEEPINGCOMPUTER.COM
19 FebNIST Offers Concrete Steps for Secure Software DevelopmentNew Guidelines Include 'Absolutely Crucial' Steps to Enhance Security, Experts Say The National Institute of Standards and Technology issued new guidelines to help software developers integrate software supply chain security into every phase of the software development life cycle…DATABREACHTODAY.CO.UK
🔥 INCIDENT REPORTING 11[−]
19 FebUpdate: ALPHV Ransomware Claims loanDepot, Prudential Financial BreachesThe ALPHV/Blackcat ransomware gang has claimed responsibility for breaching the networks of Prudential Financial and loanDepot, leading to significant data theft and potential cybersecurity risks for millions of individuals.BLEEPINGCOMPUTER.COM
19 FebCyber Security Today, Feb. 19, 2024 - Fake police data breach notification fools Maine's AG officeThis episode reports a recent fake data breach report and two real ones, a man pleads guilty to being involved in malware distribution, and moreCYBERSECURITYTODAY.LIBSYN.COM
19 FebIranian Hackers Target Middle East Policy Experts with New BASICSTAR BackdoorCharming Kitten's phishing attacks involve social engineering tactics, compromised email accounts, and the distribution of various backdoors, demonstrating their commitment to surveillance and malware deployment.THEHACKERNEWS.COM
19 FebHackers Claim Data Breach at Staffing Giant Robert Half, Sell Sensitive DataThe stolen data includes confidential records, employee documents, customer information, and configuration settings related to services such as OpenAI and Twilio, posing a significant threat to the company and its clients.HACKREAD.COM
19 FebRansomware Group Takes Credit for LoanDepot, Prudential Financial AttacksThe BlackCat/Alphv ransomware group has taken credit for the LoanDepot and Prudential Financial attacks, threatening to sell or leak data. The post Ransomware Group Takes Credit for LoanDepot, Prudential Financial Attacks appeared first on SecurityWeek .SECURITYWEEK.COM
19 FebWyze camera glitch gave 13,000 users a peek into other homes​Wyze shared more details on a security incident that impacted thousands of users on Friday and said that at least 13,000 customers could get a peek into other users' homes. [...]BLEEPINGCOMPUTER.COM
19 FebProtecting EHR Systems Against Attacks and CompromisesWhy Are EHRs So Vulnerable and How Can Organizations Get Better at Protecting Them? When a hospital or clinic is hit with a cyberattack, it often seems as if the electronic health record systems just can't win. Even if the EHR system is not the prime target of the attack, it's st…DATABREACHTODAY.CO.UK
19 FebCactus ransomware claim to steal 1.5TB of Schneider Electric dataThe Cactus ransomware gang claims they stole 1.5TB of data from Schneider Electric after breaching the company's network last month. [...]BLEEPINGCOMPUTER.COM
19 FebRansomware Experts See Problems With Banning Ransom PaymentsWould Criminals Care? Might Victims Still Pay? Would Hospitals Be Exempt? As the damage caused by ransomware and profits flowing to attackers reaches record levels, a panel of cybersecurity and policy experts reviewed what it might take to ban ransom payments and whether such a b…DATABREACHTODAY.CO.UK
19 FebOnly 7% of Organizations Can Restore Data Processes within 1-3 Days After a Ransomware AttackNew data on how organizations are able to respond to ransomware attacks also shows that paying a ransom is highly likely, despite having a policy of “Do Not Pay.”KNOWBE4.COM
🕵️ THREAT INTELLIGENCE 17[−]
19 FebISC Stormcast For Monday, February 19th, 2024 https://isc.sans.edu/podcastdetail/8858, (Mon, Feb 19th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
19 FebIranian Hackers Target Middle East Policy Experts with New BASICSTAR BackdoorThe Iranian-origin threat actor known as Charming Kitten has been linked to a new set of attacks aimed at Middle East policy experts with a new backdoor called BASICSTAR by creating a fake webinar portal. Charming Kitten, also called APT35, CharmingCypress, Mint Sandsto…THEHACKERNEWS.COM
19 FebNew Google Initiative to Foster AI in CybersecurityGoogle’s new AI Cyber Defense Initiative focuses on boosting cybersecurity through artificial intelligence. The post New Google Initiative to Foster AI in Cybersecurity appeared first on SecurityWeek .SECURITYWEEK.COM
19 FebiOS Trojan Collects Face and Other Data for Bank Account HackingChinese hackers use Android and iOS trojans to obtain information needed to steal money from victims’ bank accounts. The post iOS Trojan Collects Face and Other Data for Bank Account Hacking appeared first on SecurityWeek .SECURITYWEEK.COM
19 FebBSidesLisbon 2022 - 10 videossubmitted by ashar to security_cpe 1 points | 0 comments https://infosec.pub/pictrs/image/5e3505e5-e421-40e5-92c1-8ff0c3ce8f9d.png BSidesLisbon 2022 playlist BSidesLisbon 2022 schedule .SidesLisbon is the premier technical information security conference in Portugal. It is a comm…INFOSEC.PUB
19 FebUkrainian Extradited to US Over Alleged Raccoon Stealer TiesMark Sokolovsky Has Fought Extradition From the Netherlands Since March 2022 Arrest A Dutch court extradited a Ukrainian national to the United States, where he faces criminal charges related to his role in the malware-as-a-service Raccoon Stealer. The extradition of Mark Sokolov…DATABREACHTODAY.CO.UK
19 FebMirai-Mirai On The Wall... [Guest Diary], (Sun, Feb 18th)[This is a Guest Diary by Rafael Larios, an ISC intern as part of the SANS.edu BACS program] ISC.SANS.EDU
19 FebHow to Achieve the Best Risk-Based Alerting (Bye-Bye SIEM)Did you know that Network Detection and Response (NDR) has become the most effective technology to detect cyber threats? In contrast to SIEM, NDR offers adaptive cybersecurity with reduced false alerts and efficient threat response. Are you aware of Network Detection and Res…THEHACKERNEWS.COM
19 FebMentorship Monday - Discussions for career and learning!submitted by shellsharks to cybersecurity 1 points | 0 comments Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? …INFOSEC.PUB
19 FebCactusCon 12 - 2 days, 3 trackssubmitted by ashar to security_cpe 2 points | 0 comments CactusCon 12 Schedule CactusCon 12 - Track 1 - 16 videos CactusCon 12 - Track 2 - 12 videos CactusCon 12 - Track 3 - 13 videos CactusCon is the largest annual hacker and security conference in Arizona. Our last event attrac…INFOSEC.PUB
19 FebThe IT Pro's How-to Guide to Building a Strong Security CultureThe thought of building and improving your organization’s security culture can seem like a daunting task. How can you influence an entire culture? With the right plan, buy-in and content, we assure you it IS possible… and maybe even easier than you thought!KNOWBE4.COM
19 FebUkrainian Raccoon Infostealer Operator Extradited to USAlleged Raccoon Infostealer operator Mark Sokolovsky is awaiting trial in the US, after being extradited from the Netherlands. The post Ukrainian Raccoon Infostealer Operator Extradited to US appeared first on SecurityWeek .SECURITYWEEK.COM
19 FebEU Court of Human Rights Rejects Encryption BackdoorsThe European Court of Human Rights has ruled that breaking end-to-end encryption by adding backdoors violates human rights : Seemingly most critically, the [Russian] government told the ECHR that any intrusion on private lives resulting from decrypting messages was “necessa…SCHNEIER.COM
19 FebThe New BISO Role – A Career Path to CISO? - BSW VaultCheck out this interview from the BSW Vault, hand picked by main host Matt Alderman! This segment was originally published on February 22, 2022. The Business Information Security Officer, or BISO, is relatively new and somewhat controversial role. Does this role act as the CISO's…YOUTUBE.COM
19 FebTech Giants Pledge to Curb AI-Made Election MisinformationAI's Speed and Scale of Deception Is 'Unprecedented," Says US Senator Twenty technology giants including Google and Meta pledged Friday to combat the presence of artificially generated deepfake content meant to deceive voters as more than 4 billion people in more than 70 countrie…DATABREACHTODAY.CO.UK
19 FebState-Sponsored Threat Actors Targeting European Union Entities With Spear Phishing CampaignsNumerous state-sponsored threat actors frequently launched spear phishing attacks against European Union entities last year, according to a new report from the EU’s Emergency Response Team (CERT-EU).KNOWBE4.COM
19 FebZenlayer Exposes 384 Million RecordsExposed Database at Network Services Firm Included Server Log Details A global data center provider Zenlayer exposed an internal database accessible on the internet, revealing approximately 384 million records. A spokesperson said no internal or customer operational data, credent…DATABREACHTODAY.CO.UK
🌐 CYBER THREAT LANDSCAPE 6[−]
19 FebMassive Utility Scam Campaign Spreads via Online AdsScammers create multiple fraudulent domains and use scare tactics to pressure victims into making hasty decisions, such as disclosing personal details or making immediate payments.MALWAREBYTES.COM
19 FebUkrainian Extradited to US Over Alleged Raccoon Stealer TiesMark Sokolovsky, a Ukrainian national, has been extradited to the United States to face criminal charges related to his involvement in the Raccoon info stealer malware-as-a-service operation.HEALTHCAREINFOSECURITY.COM
19 FebAnatsa Android malware downloaded 150,000 times via Google PlayThe Anatsa banking trojan has been targeting users in Europe by infecting Android devices through malware droppers hosted on Google Play. [...]BLEEPINGCOMPUTER.COM
19 FebMeta Warns of 8 Spyware Firms Targeting iOS, Android, and Windows DevicesMeta Platforms said it took a series of steps to curtail malicious activity from eight different firms based in Italy, Spain, and the United Arab Emirates (U.A.E.) operating in the surveillance-for-hire industry. The findings are part of its Adversarial Threat Report fo…THEHACKERNEWS.COM
19 FebPDF Malware on the Rise, Used to Spread WikiLoader, Ursnif, and DarkGateCybercriminals are using ad tools to track and optimize their malware campaigns, making their lures more convincing and increasing the likelihood of users falling victim to the attacks.INFOSECURITY-MAGAZINE.COM
19 FebAnatsa Android Trojan Bypasses Google Play Security, Expands Reach to New CountriesThe Android banking trojan Anatsa has expanded its reach to include Slovakia, Slovenia, and Czechia, demonstrating the capability to bypass restricted settings for accessibility service in Android 13.THEHACKERNEWS.COM
📡 INFOSEC NEWS 5[−]
19 FebNew Google Chrome Feature Blocks Attacks Against Home NetworksGoogle is testing a new feature called "Private Network Access protections" in Chrome 123 to prevent malicious websites from attacking devices and services on a user's private network.BLEEPINGCOMPUTER.COM