🐛 COMMON VULNERABILITIES AND EXPOSURES 5[−]
20 FebIvanti Connect Secure Under Attack: Uncovering Five Exploitable CVEs - XXEsubmitted by L4s to secops 1 points | 0 comments https://blog.securelayer7.net/ivanti-connect-secure-5-cve-vulnerability/ Ivanti Connect Secure Under Attack: Uncovering Five Exploitable CVEs - XXE::Time and again, securing youSECURELAYER7.NET
20 Feb KEVWordPress Bricks Theme Under Active Attack: Critical Flaw Impacts 25,000+ SitesA critical security flaw in the Bricks theme for WordPress is being actively exploited by threat actors to run arbitrary PHP code on susceptible installations. The flaw, tracked as CVE-2024-25600 (CVSS score: 9.8), enables unauthenticated attackers to achieve remote code executio…THEHACKERNEWS.COM
20 FebHackers Exploit Critical RCE Flaw in Bricks WordPress Site BuilderThe vulnerability, tracked as CVE-2024-25600, was discovered by a researcher named 'snicco' and a fix became available on February 13 with the release of version 1.9.6.1.BLEEPINGCOMPUTER.COM
20 FebNew Redis attack campaign weakens systems before deploying cryptominerCloud attackers are stepping up their game in a new cryptojacking campaign that targets exposed Redis deployments, researchers warn. Compared to previous attacks against the in-memory data store, the perpetrators make use of certain system weakening commands before installing the…CSOONLINE.COM
20 Feb KEVOver 28,500 Exchange Servers Vulnerable to Actively Exploited BugThe CVE-2024-21410 vulnerability allows remote unauthenticated actors to perform NTLM relay attacks, potentially leading to unauthorized access to confidential data and network exploitation.BLEEPINGCOMPUTER.COM
⚠️ VULNERABILITY DISCLOSURE 36[−]
20 FebLockBit Infrastructure Seized By US, UK PoliceLockBit Ransomware Operations Is Latest to Fall in Series of Takedowns An international law enforcement operation seized the infrastructure of Russian-speaking cybercriminal group LockBit, a prolific ransomware-as-a-service operation, marking the latest in a series of digital tak…DATABREACHTODAY.CO.UK
20 FebHackers Arrested For Stealing Banking Credentials Using Novel Android MalwareAn individual residing in Vinnytsia, aged 31, has been apprehended for purportedly pilfering confidential data of Android users and exploiting their Google accounts belonging to citizens of the United States and Canada. The cybercrime incident resulted in the perpetrator acquirin…GBHACKERS.COM
20 FebLockBit Ransomware's Darknet Domains Seized in Global Law Enforcement RaidAn international law enforcement operation has led to the seizure of multiple darknet domains operated by LockBit, one of the most prolific ransomware groups, marking the latest in a long list of digital takedowns. While the full extent of the effort, codenamed Operatio…THEHACKERNEWS.COM
20 FebWarning: Agniane Stealer Targeting Users to Steal Financial DataThreat actors use stealers to collect sensitive information from unsuspecting users covertly. These tools are favored for their ability to infiltrate systems, remain undetected, and extract valuable data, which threat actors can exploit for financial gain and several malicious pu…GBHACKERS.COM
20 FebUS, UK authorities claim seizure of LockBit ransomware gang’s dark web leak siteA coalition of international law enforcement agencies, including the FBI and the U.K.’s National Crime Agency, have disrupted the operations of the prolific LockBit ransomware gang. LockBit’s dark-web leak site — where the group publicly lists its victims and threatens to l…TECHCRUNCH.COM
20 FebLockBit Ransomware Gang Disrupted by Global Law Enforcement OperationEarlier this week, Europol and the UK’s National Crime Agency announced they had successfully taken down the dark web platform associated with LockBit, a notorious ransomware group. LockBit has been one of the most active and prolific ransomware groups, and this operation i…GBHACKERS.COM
20 FebGoogle Open Sources Magika: AI-Powered File Identification ToolMagika outperforms conventional methods and is used to enhance user safety in Gmail, Drive, and Safe Browsing. Google emphasizes the use of AI to strengthen digital security and shift the balance in favor of defenders in cybersecurity.THEHACKERNEWS.COM
20 FebLearn How to Build an Incident Response Playbook Against Scattered Spider in Real-TimeIn the tumultuous landscape of cybersecurity, the year 2023 left an indelible mark with the brazen exploits of the Scattered Spider threat group. Their attacks targeted the nerve centers of major financial and insurance institutions, culminating in what stands as one of the most …THEHACKERNEWS.COM
20 FebCritical Flaws Found in ConnectWise ScreenConnect Software - Patch NowConnectWise has released software updates to address two security flaws in its ScreenConnect remote desktop and access software, including a critical bug that could enable remote code execution on affected systems. The vulnerabilities, which currently lack CVE identifiers, a…THEHACKERNEWS.COM
20 FebPolice arrests LockBit ransomware members, release decryptor in global crackdownLaw enforcement arrested two operators of the LockBit ransomware gang in Poland and Ukraine, created a decryption tool to recover encrypted files for free, and seized over 200 crypto-wallets after hacking the cybercrime gang's servers in an international crackdown operation. [...…BLEEPINGCOMPUTER.COM
20 FebCactus Ransomware Gang Claims the Theft of 1.5TB of Data From Schneider ElectricThe attack, which hit the Sustainability Business division on January 17th, caused outages in Schneider Electric’s Resource Advisor cloud platform. The gang published 25MB of stolen data as proof of the hack.SECURITYAFFAIRS.COM
20 FebLockBit ransomware operations seized by law enforcement in ‘Operation Cronos’Several operations of the notorious ransomware gang LockBit have been seized by global law enforcement authorities in a coordinated takeover under the banner “Operation Cronos.” Eight “.onion” domains owned by the ransomware group have been taken over by the authorities and as of…CSOONLINE.COM
20 FebBroken LockBit: Ransomware Group Takedown Will Have ImpactEven if Group Reboots, Disruption Already Stands as a Success, Experts Say Blue Monday arrived late this year for the LockBit ransomware-as-a-service group, after an international coalition of law enforcement agencies seized swathes of its infrastructure. Security experts said ev…DATABREACHTODAY.CO.UK
20 FebLaw Enforcement Hacks LockBit Ransomware, Delivers Major Blow to OperationThe LockBit ransomware operation has been severely disrupted by an international law enforcement operation resulting in server seizures and arrests. The post Law Enforcement Hacks LockBit Ransomware, Delivers Major Blow to Operation appeared first on SecurityWeek .SECURITYWEEK.COM
20 FebPolice arrest LockBit ransomware members, release decryptor in global crackdownLaw enforcement arrested two operators of the LockBit ransomware gang in Poland and Ukraine, created a decryption tool to recover encrypted files for free, and seized over 200 crypto-wallets after hacking the cybercrime gang's servers in an international crackdown operation. [...…BLEEPINGCOMPUTER.COM
20 FebMeta Unveils 8 Spyware Companies Targeting iOS, Android, & Windows DevicesSpyware firms target iOS, Android, and Windows devices due to their widespread usage, making them lucrative targets for gathering sensitive information. Each platform offers unique exploitation opportunities, with iOS and Android dominating the mobile market, while Windows …GBHACKERS.COM
20 FebLockBit Ransomware Operation Shut Down; Criminals Arrested; Decryption Keys ReleasedThe U.K. National Crime Agency (NCA) on Tuesday confirmed that it obtained LockBit's source code as well as intelligence pertaining to its activities and their affiliates as part of a dedicated task force called Operation Cronos. "Some of the data on LockBit's systems belong…THEHACKERNEWS.COM
20 FebWebsites Hacked via Vulnerability in Bricks Builder WordPress PluginAttackers are exploiting a recent remote code execution flaw in the Bricks Builder WordPress plugin to deploy malware. The post Websites Hacked via Vulnerability in Bricks Builder WordPress Plugin appeared first on SecurityWeek .SECURITYWEEK.COM
20 FebCyberheistNews Vol 14 #08 Browser-Based Phishing Attacks Increase 198%, With Evasive Attacks Increasing 206%KNOWBE4.COM
20 Feb1Password expands its endpoint security offerings with Kolide acquisition1Password, the AgileBits-owned password management software developer, today announced that it has acquired Kolide, an endpoint security platform, for an undisclosed amount. According to 1Password CEO Jeff Shiner, Kolide founder and CEO Jason Meller and all of Kolide’s 30 employe…TECHCRUNCH.COM
20 FebCritical infrastructure software maker confirms ransomware attackPSI Software SE, a German software developer for complex production and logistics processes, has confirmed that the cyber incident it disclosed last week is a ransomware attack that impacted its internal infrastructure. [...]BLEEPINGCOMPUTER.COM
20 FebCritical Flaws Found in ConnectWise ScreenConnect SoftwareConnectWise has released software updates to address two critical security flaws in its ScreenConnect remote desktop and access software. The vulnerabilities could allow remote code execution and unauthorized access to restricted directories.THEHACKERNEWS.COM
20 FebNew Malicious PyPI Packages Caught Using Covert Side-Loading TacticsCybersecurity researchers have discovered two malicious packages on the Python Package Index (PyPI) repository that were found leveraging a technique called DLL side-loading to circumvent detection by security software and run malicious code. The packages, named NP…THEHACKERNEWS.COM
20 FebRecent Zero-Day Could Impact Up to 97,000 Microsoft Exchange ServersShadowserver Foundation has identified roughly 28,000 Microsoft Exchange servers impacted by a recent zero-day. The post Recent Zero-Day Could Impact Up to 97,000 Microsoft Exchange Servers appeared first on SecurityWeek .SECURITYWEEK.COM
20 FebReddit Signed a $60,000,000 Content Licensing Deal with an AI companyReddit, the popular social media platform known as the “front page of the internet,” has reportedly signed a significant content licensing agreement with an undisclosed AI company. This $60 million deal is poised to impact AI research substantially, Reddit’s imp…GBHACKERS.COM
20 FebLaw Enforcement Hacks LockBit Ransomware, Delivers Major Blow To OperationPACKETSTORMSECURITY.COM
20 FebLockBit Ransomware Members Charged by Authorities, Free Decryptor ReleasedIn a significant blow to one of the most prolific ransomware operations, authorities from the U.S. and U.K., in collaboration with international law enforcement, have disrupted the LockBit ransomware variant. The coordinated effort led to the arrest of two operators in Poland and…GBHACKERS.COM
20 FebKnight ransomware source code for sale after leak site shuts downThe alleged source code for the third iteration of the Knight ransomware is being offered for sale to a single buyer on a hacker forum by a representative of the operation. [...]BLEEPINGCOMPUTER.COM
20 FebConnectWise urges ScreenConnect admins to patch critical RCE flawConnectWise warned customers to patch their ScreenConnect servers immediately against a maximum severity flaw that can be used in remote code execution (RCE) attacks. [...]BLEEPINGCOMPUTER.COM
20 FebCISA Releases Three Industrial Control Systems AdvisoriesCISA released three Industrial Control Systems (ICS) advisories on February 20, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-051-01 Commend WS203VICM ICSA-24-051-02 Ethercat Zeek Plugin ICS…CISA.GOV
20 FebRedefining Threat Modeling - Security Team Goes on Vacation - Jeevan Singh - ASW VaultCheck out this interview from the ASW Vault, hand picked by main host Mike Shema! This segment was originally published on Dec 13, 2022. Threat modeling is an important part of a security program, but as companies grow you will choose which features you want to threat model or be…YOUTUBE.COM
20 FebArrests and Indictments in LockBit CrackdownUS, UK and European Authorities Seize Decryption Keys and Will Contact Victims An international law enforcement operation that infiltrated ransomware-as-a-service operation LockBit has resulted in arrests, indictments and the seizure of encryption keys that can be used to help vi…DATABREACHTODAY.CO.UK
20 FebVMware urges admins to remove deprecated, vulnerable auth plug-inVMware urged admins today to remove a discontinued authentication plugin exposed to authentication relay and session hijack attacks in Windows domain environments via two security vulnerabilities left unpatched. [...]BLEEPINGCOMPUTER.COM
20 FebChinese Hacking Contractor iSoon Leaks Internal DocumentsCompany Mainly Hacked for the Ministry of Public Security An apparent leak of internal documents from a Chinese hacking contractor paints a picture of a disaffected, poorly paid workforce that nonetheless penetrated multiple regional governments and possibly NATO. Multiple expert…DATABREACHTODAY.CO.UK
20 FebJoomla CMS Patches Critical XSS VulnerabilitiesMillions of Websites Potentially at Risk Cross-site scripting vulnerabilities in Joomla, a widely used free-source content management system, were fixed in a patch published Tuesday by the open-source project that maintains the software. The flaws potentially expose millions of w…DATABREACHTODAY.CO.UK
📢 SECURITY ADVISORIES 6[−]
20 FebSaaS Compliance through the NIST Cybersecurity FrameworkThe US National Institute of Standards and Technology (NIST) cybersecurity framework is one of the world's most important guidelines for securing networks. It can be applied to any number of applications, including SaaS. One of the challenges facing those tasked with securi…THEHACKERNEWS.COM
20 FebNew Report Reveals North Korean Hackers Targeting Defense Firms WorldwideThe North Korean state-sponsored threat actors have been attributed to a cyber espionage campaign targeting the defense sector across the world. In a joint advisory published by Germany's Federal Office for the Protection of the Constitution (BfV) and South Korea's National Intel…THEHACKERNEWS.COM
20 FebNorth Korean Hackers Linked to Defense Sector Supply-Chain AttackThe German federal intelligence agency and South Korea's National Intelligence Service have issued a joint advisory warning about ongoing cyber-espionage operations targeting the global defense sector on behalf of North Korea.BLEEPINGCOMPUTER.COM
🔥 INCIDENT REPORTING 15[−]
20 FebIran and Hezbollah Hackers Launch Attacks to Influence Israel-Hamas NarrativeHackers backed by Iran and Hezbollah staged cyber attacks designed to undercut public support for the Israel-Hamas war after October 2023. This includes destructive attacks against key Israeli organizations, hack-and-leak operations targeting entities in Israel and the U.S., phis…THEHACKERNEWS.COM
20 Feb‘M.O.R.E’ Ransomware Emerges on the Dark Web; Threatens Windows, Mac, Linux UsersMulti-OS Ransomware Executable (M.O.R.E) represents a new breed of ransomware that can target multiple operating systems simultaneously, posing a significant threat to cybersecurity.THECYBEREXPRESS.COM
20 FebNewly Discovered RustDoor Malware Impersonates Visual Studio UpdateA new macOS malware dubbed RustDoor, written in Rust, is being distributed disguised as a Visual Studio update. The malware provides backdoor access to compromised systems and is linked to infrastructure associated with the BlackCat ransomware gang. Researchers have shared a…CYWARE.COM
20 FebAlpha Ransomware Uses Living-Off-The-Land Tools To Attack Windows ComputersRansomware utilizes living-off-the-land tools in Windows attacks for stealth and evasion. They can blend in with normal system activities by leveraging legitimate, built-in tools like PowerShell or Windows Management Instrumentation (WMI). This stealthy move makes it harder for s…GBHACKERS.COM
20 FebMaking The Return on Investment (ROI) Case For Security Awareness TrainingAs an InfoSec professional, one of your many important responsibilities is to minimize expensive downtime and prevent data breaches.KNOWBE4.COM
20 FebThe biggest ransomware attacks of 2023 | Kaspersky official blogRansomware attacks remain a serious threat. We explore the biggest incidents of 2023, and the consequences for the organizations on the receiving end.KASPERSKY.COM
20 FebWyze Camera Breach Let 13,000 Strangers Look into Other People’s HomesThe breach resulted from a system overload caused by incorrect mapping of device IDs, which was attributed to a third-party caching client library recently integrated into Wyze's system.ZDNET.COM
20 FebVolt Typhoon Seen Exfiltrating Sensitive OT DataVolt Typhoon and two other threat groups that emerged in 2023 can pose a serious threat to ICS/OT, according to industrial cybersecurity firm Dragos. The post Volt Typhoon Seen Exfiltrating Sensitive OT Data appeared first on SecurityWeek .SECURITYWEEK.COM
20 FebCactus Ransomware Group Confirms Hacking Schneider ElectricCactus ransomware has added Schneider Electric to its leak site, claiming to have stolen 1.5 terabytes of data. The post Cactus Ransomware Group Confirms Hacking Schneider Electric appeared first on SecurityWeek .SECURITYWEEK.COM
20 FebRansomware Groups, Targeting Preferences, and the Access EconomyThe cybercrime ecosystem has created a supply chain of stolen accounts and breached networks that are used to fuel ransomware attacks and data breaches. Learn more from Flare about how this supply chain has led to an explosion of cybercrime. [...]BLEEPINGCOMPUTER.COM
20 FebUS sanctions LockBit members after ransomware takedownThe U.S. government has sanctioned two key members of LockBit, the Russian-speaking hacking and extortion gang accused of launching ransomware attacks against victims across the U.S. and internationally. In a post on Tuesday, the U.S. Treasury confirmed it is sanctioning two Russ…TECHCRUNCH.COM
20 FebNew Migo Malware Targeting Redis Servers for Cryptocurrency MiningA novel malware campaign has been observed targeting Redis servers for initial access with the ultimate goal of mining cryptocurrency on compromised Linux hosts. "This particular campaign involves the use of a number of novel system weakening techniques against the data store its…THEHACKERNEWS.COM
20 FebFeds Seize LockBit Ransomware Websites, Offer Decryption Tools, Troll AffiliatesU.S. and U.K. authorities have seized the darknet websites run by LockBit, a prolific and destructive ransomware group that has claimed more than 2,000 victims worldwide and extorted over $120 million in payments. Instead of listing data stolen from ransomware victims who didn't …KREBSONSECURITY.COM
20 FebBill Proposes Measuring the Accuracy of Patient MatchingAim Is to Reduce Medical Mistakes and Breaches That Result From Mismatched Records A bipartisan pair of congressmen is again attempting to address long-standing issues of patient safety and privacy - as well as medical errors, inadvertent information disclosures and denied medica…DATABREACHTODAY.CO.UK
🕵️ THREAT INTELLIGENCE 23[−]
20 FebTop 10 web hacking techniques of 2023submitted by testeronious to security 1 points | 0 comments https://portswigger.net/research/top-10-web-hacking-techniques-of-2023PORTSWIGGER.NET
20 FebISC Stormcast For Tuesday, February 20th, 2024 https://isc.sans.edu/podcastdetail/8860, (Tue, Feb 20th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
20 FebPossible leak of sensitive Chinese cyber security documentssubmitted by UnpopularCrow to cybersecurity 2 points | 0 comments https://cybernews.com/news/github-leak-exposes-chinese-cyber-ops/ Link to dump: github.com/I-S00N/I-S00N/CYBERNEWS.COM
20 FebAlleged Chinese-Contract-Company's Dump of the "Chinese Government Spyware" I-S00Nsubmitted by Zuberi to cybersecurity 3 points | 0 comments https://github.com/I-S00N/I-S00N Plenty of interesting-looking tools in here for those looking at what the script kiddies are going to be using here in a bit. Could 100% be fake, but is making the rounds on LinkedIn secur…GITHUB.COM
20 FebAnatsa Banking Trojan Resurfaces, Targets European Banks (Android)submitted by kid to cybersecurity 3 points | 0 comments https://www.infosecurity-magazine.com/news/anatsa-banking-trojan-targets/INFOSECURITY-MAGAZINE.COM
20 FebMicrosoft Is Spying on Users of Its AI ToolsMicrosoft announced that it caught Chinese, Russian, and Iranian hackers using its AI tools—presumably coding tools—to improve their hacking abilities. From their report : In collaboration with OpenAI, we are sharing threat intelligence showing detected state affiliat…SCHNEIER.COM
20 FebAnatsa Android Banking Trojan Continues to Spread via Google PlayRecent Anatsa Android banking trojan attacks have become more targeted, showing an evolution in tactics. The post Anatsa Android Banking Trojan Continues to Spread via Google Play appeared first on SecurityWeek .SECURITYWEEK.COM
20 FebHow does Safe Browsing block websites?submitted by Pantherina to cybersecurity 2 points | 0 comments I never had a single “website blocked” dialog because of safe browsing. Meanwhile UBlock Origin often blocks websites, fullscreen with a warning. On Firefox Safe Browsing is proxied through their servers and anonymize…SH.ITJUST.WORKS
20 FebSeveral Ukrainian Media Outlets Attacked by Russian HackersUkrainian authorities and cybersecurity agencies attributed the attack to Russian threat actors and described it as part of Russia's "information warfare" against Ukraine.THERECORD.MEDIA
20 FebCyber Insights 2024: Supply ChainSupply chain security insights: A successful attack against a supplier can lead to multiple opportunities against the supplier’s downstream customers. The post Cyber Insights 2024: Supply Chain appeared first on SecurityWeek .SECURITYWEEK.COM
20 FebHow I got started: Cyber AI/ML engineerAs generative AI goes mainstream, it highlights the increasing demand for AI cybersecurity professionals like Maria Pospelova. Pospelova is currently a senior data scientist, and data science team lead at OpenText Cybersecurity. She also worked at Interest, an AI cybersecurity co…SECURITYINTELLIGENCE.COM
20 FebResponsible Use and Vetting of AI Solutions - Jon Washburn - CSP #162Responsible use and governance of AI are key issues today, as training data limitations and data retention issues must be addressed. The risk of exposing PII or other confidential data, managing bias, hallucination, misinterpretation risks and other AI considerations are discusse…YOUTUBE.COM
20 FebBack to School: Networking 101 - SWN VaultCheck out this interview from the SWN Vault, hand picked by main host Doug White! This segment was originally published on October 4, 2018. This week, Russ takes the reigns in the absence of Dr. Doug to talk about Networking 101! We are going to go back to school to examine how n…YOUTUBE.COM
20 FebConnectWise Rushes to Patch Critical Vulns in Remote Access ToolConnectWise ships patches for extremely critical security defects in its ScreenConnect remote desktop access product and urges emergency patching. The post ConnectWise Rushes to Patch Critical Vulns in Remote Access Tool appeared first on SecurityWeek .SECURITYWEEK.COM
20 FebGUEST ESSAY: Everything you should know about the cybersecurity vulnerabilities of AI chatbotsAI chatbots are computer programs that talk like humans, gaining popularity for quick responses. They boost customer service, efficiency and user experience by offering constant help, handling routine tasks, and providing prompt and personalized interactions. Related: The securit…LASTWATCHDOG.COM
20 FebMoving First-Party Fraud Out of the Bank's Blind SpotFraud Expert Ian Mitchell on Creating a Holistic Program to Tackle Authorized Fraud Unlike identity theft, first-party fraud is harder to spot when a consumer opens an account. To guard against this growing blind spot, banks need to invest in transaction-monitoring tools and take…DATABREACHTODAY.CO.UK
20 FebThe Unsettling Leap of AI in Video Creation: A Glimpse Into SoraIn the rapidly evolving landscape of artificial intelligence (AI), the launch of Sora by OpenAI marks an unnerving milestone in video synthesis.KNOWBE4.COM
20 FebIBM Tests Audio-Based Large Language Model to Hijack Live ConversationsWith the idea in mind to “audio-jack” a live call-based banking transaction, security researchers were successful in inserting cybercriminal-controlled account details.KNOWBE4.COM
20 FebMalvertising Campaign Spreads Phony Utility BillsA widespread malvertising campaign is attempting to trick users into paying phony utility bills, according to researchers at Malwarebytes.KNOWBE4.COM
20 FebGitHub - mlcsec/FormThief: Spoofing desktop login applications with WinForms and WPFsubmitted by L4s to secops 1 points | 0 comments https://github.com/mlcsec/FormThief GitHub - mlcsec/FormThief: Spoofing desktop login applications with WinForms and WPF::Spoofing desktop login applications with WinForms and WPF - mlcsec/FormThiefGITHUB.COM
20 Feb1Password Acquires Kolide, Aiming to Enhance Device Security1Password CEO Says Acquisition Will Help Customers Achieve Zero Trust Objectives Jeff Shiner, CEO of the popular password management company 1Password, said Monday that the company is acquiring leading device security platform Kolide in response to the "historic transformation of…DATABREACHTODAY.CO.UK
20 FebNavigating NIS2 requirements with Microsoft Security solutionsNIS2 is the most comprehensive European cybersecurity directive yet, covering 18 sectors and 160,000+ companies. The Zero Trust principles addressed by Microsoft Security solutions can help you protect your organization and meet NIS2 requirements. The post Navigating NIS2 requi…MICROSOFT.COM
20 FebVastaamo Hacker Disappears Amid Ongoing TrialAleksanteri Kivimaki Vanished After the Court Ordered His Reconfinement A Finnish hacker on trial for his alleged role in the hack and leak of mental patient notes taken during psychotherapy sessions has vanished. A Finnish court on Friday ordered Aleksanteri Tomminpoika Kivimäki…DATABREACHTODAY.CO.UK
🌐 CYBER THREAT LANDSCAPE 6[−]
20 FebPython InfoStealer With Dynamic Sandbox Detection, (Tue, Feb 20th)Infostealers written in Python are not new. They also onboard a lot of sandbox detection mechanisms to prevent being executed (and probably detected) by automatic analysis. Last week, I found one that uses the same approach but in a different way. Usually, the scripts have a list…ISC.SANS.EDU
20 FebNew 'MMS Fingerprinting' Zero-Click Attack Used to Deploy SpywareThe "MMS Fingerprint" technique leverages the MMS flow to retrieve user device information, which could be used to tailor malicious payloads like Pegasus spyware or craft more effective phishing campaigns.DARKREADING.COM
20 FebEarth Preta Campaign Uses DOPLUGS to Target AsiaIn this blog entry, we focus on Earth Preta's campaign that employed a variant of the DOPLUGS malware to target Asian countries.TRENDMICRO.COM
20 FebMeta Warns of 8 Spyware Firms Targeting iOS, Android, and Windows DevicesThe surveillance industry continues to evolve, with recent discoveries of new surveillance tools like Patternz and a previously unknown mobile network attack called MMS Fingerprint, raising concerns about privacy and security.THEHACKERNEWS.COM
20 FebNew Migo malware disables protection features on Redis serversSecurity researchers discovered a new campaign that targets Redis servers on Linux hosts using a piece of malware called 'Migo' to mine for cryptocurrency. [...]BLEEPINGCOMPUTER.COM
📡 INFOSEC NEWS 8[−]
20 FebAn Obsession With Impact: The Inspiring Journey of a Dreamer That Led to a Career at MicrosoftBruce’s story unfolds in Cincinnati, Ohio. As a young boy, he had an ambitious dream of one day becoming the President of the United States. This aspiration remained his guiding star until he began his professional career after college. His mother, amused by hisMSRC.MICROSOFT.COM
20 FebSignal rolls out usernames that let you hide your phone numberSignal finally allows users to pick custom usernames to connect with others while hiding their phone numbers and protecting their privacy. [...]BLEEPINGCOMPUTER.COM
20 FebVoltSchemer attacks use wireless chargers to inject voice commands, fry phonesA team of academic researchers show that a new set of attacks called 'VoltSchemer' can inject voice commands to manipulate a smartphone's voice assistant through the magnetic field emitted by an off-the-shelf wireless charger. [...]BLEEPINGCOMPUTER.COM
20 FebWatching out for the fakes: How to spot online disinformationWhy and how are we subjected to so much disinformation nowadays, and is there a way to spot the fakes?WELIVESECURITY.COM
20 FebSensor Intel Series: Top CVEs in January 2024More IoT Targeting, plus a bunch of new CVEs! See what attackers went after in January 2024.F5.COM
20 FebSensor Intel Series: Top CVEs in January 2024More IoT Targeting, plus a bunch of new CVEs! See what attackers went after in January 2024.F5.COM