matlock.ca // THREAT INTELLIGENCE

109Articles

8Categories

2024-02-21Date

🚨

Threat Actors Exploit Multiple Vulnerabilities in Ivanti Connect Secure and Policy Secure GatewaysSUMMARY The Cybersecurity and Infrastructure Security Agency (CISA) and the following partners (hereafter referred to as the authoring organizations) are releasing this joint Cybersecurity Advisory to warn that cyber threat actors are exploiting previously identified vulnerabilit…

KEVCISA.GOV — 21 Feb 2024

🐛

VMware Alert: Uninstall EAP Now - Critical Flaw Puts Active Directory at Risk

THEHACKERNEWS.COM — 21 Feb 2024

🐛

Removing the deprecated VMware Enhanced Authentication Plugin (EAP) to address CVE-2024-22245 and CVE-2024-22250

KB.VMWARE.COM — 21 Feb 2024

🐛

Code Injection Or Backdoor: A New Look At Ivanti's CVE-2021-44529

PACKETSTORMSECURITY.COM — 21 Feb 2024

🐛

New Wi-Fi Vulnerabilities Expose Android and Linux Devices to Hackers

THEHACKERNEWS.COM — 21 Feb 2024

🐛

Critical ConnectWise ScreenConnect flaw exploited in the wild

KEVCSOONLINE.COM — 21 Feb 2024

⚠️

Ransomware Declines as InfoStealers and AI Threats Gain Ground: IBM X-Force

SECURITYWEEK.COM — 21 Feb 2024

⚠️

Is hybrid encryption the answer to post-quantum security?

CSOONLINE.COM — 21 Feb 2024

⚠️

LockBit Ransomware's Darknet Domains Seized in Global Law Enforcement Raid

THEHACKERNEWS.COM — 21 Feb 2024

⚠️

VMware Urges to Remove Enhanced EAP Plugin to Stop Auth & Session Hijack Attacks

GBHACKERS.COM — 21 Feb 2024

⚠️

Trend Micro and INTERPOL Join Forces Again for Operation Synergia

TRENDMICRO.COM — 21 Feb 2024

⚠️

Cyber Security Today, Feb. 21, 2024 - A patch warning from ConnectWise, the latest ransomware news, and more

CYBERSECURITYTODAY.LIBSYN.COM — 21 Feb 2024

⚠️

Six things we learned from the LockBit takedown

TECHCRUNCH.COM — 21 Feb 2024

⚠️

New Malicious PyPI Packages Use DLL Sideloading In A Supply Chain Attack

GBHACKERS.COM — 21 Feb 2024

⚠️

Hackers using stolen credentials to launch attacks as info-stealing peaks

CSOONLINE.COM — 21 Feb 2024

⚠️

UScellular and Palo Alto Networks Join Forces to Secure 5G

PALOALTONETWORKS.COM — 21 Feb 2024

⚠️

Mozilla Releases Security Updates for Firefox and Thunderbird

CISA.GOV — Wed, 21 Feb 24 1

⚠️

Astaroth, Mekotio, and Ousaban Abusing Google Cloud Run in LATAM-Focused Malware Campaigns

TALOSINTELLIGENCE.COM — 21 Feb 2024

⚠️

CISA, EPA, and FBI Release Top Cyber Actions for Securing Water Systems

CISA.GOV — Wed, 21 Feb 24 1

⚠️

ConnectWise Confirms ScreenConnect Flaw Under Active Exploitation

SECURITYWEEK.COM — 21 Feb 2024

⚠️

ScreenConnect critical bug now under attack as exploit code emerges

BLEEPINGCOMPUTER.COM — 21 Feb 2024

⚠️

Fake Tokens Exploit BRICS Investment Hype

INFOSECURITY-MAGAZINE.COM — 21 Feb 2024

⚠️

Knight Ransomware Source Code for Sale After Leak Site Shuts Down

BLEEPINGCOMPUTER.COM — 21 Feb 2024

⚠️

Researchers warn high-risk ConnectWise flaw under attack is ’embarrassingly easy’ to exploit

TECHCRUNCH.COM — 21 Feb 2024

⚠️

Ongoing Malware Laced Developer Job Interviews

PHYLUM.IO — 21 Feb 2024

⚠️

New Malicious PyPI Packages Caught Using Covert Side-Loading Tactics

THEHACKERNEWS.COM — 21 Feb 2024

⚠️

LockBit: Lessons learned on winning the war on cybercrime

SOPHOS.COM — 21 Feb 2024

⚠️

New SSH-Snake malware steals SSH keys to spread across the network

BLEEPINGCOMPUTER.COM — 21 Feb 2024

⚠️

Exposed: Global Espionage Unleashed by China's Police in Groundbreaking Leak

KNOWBE4.COM — 21 Feb 2024

⚠️

Joomla fixes XSS flaws that could expose sites to RCE attacks

BLEEPINGCOMPUTER.COM — 21 Feb 2024

⚠️

Illuminating Cybersecurity Wisdom: Insights from a Thought Leader - Wendy Nather - PSW Vault

YOUTUBE.COM — 2024-02-21

⚠️

Experts Praise White House Port Cybersecurity Initiatives

DATABREACHTODAY.CO.UK — 2024-02-21

📢

Biden to Issue Executive Order Raising Maritime Cybersecurity

DATABREACHTODAY.CO.UK — 2024-02-21

📢

Chinese Hacking Contractor iSoon Leaks Internal Documents

HEALTHCAREINFOSECURITY.COM — 21 Feb 2024

📢

[INFOGRAPHIC] KnowBe4’s Learner App by the Numbers

KNOWBE4.COM — 21 Feb 2024

📢

Biden to Sign Executive Order Raising Maritime Cybersecurity

DATABREACHTODAY.CO.UK — 2024-02-21

📢

Executive Order on Port Cybersecurity Points to IT/OT Threat Posed by Chinese Cranes

SECURITYWEEK.COM — 21 Feb 2024

📢

Google Chrome security advisory (AV24-102)

CYBER.GC.CA — 2024-02-21

📢

US govt shares cyberattack defense tips for water utilities

BLEEPINGCOMPUTER.COM — 21 Feb 2024

📢

GitLab security advisory (AV24-103)

CYBER.GC.CA — 2024-02-21

📢

CISA, OMB, ONCD and Microsoft Efforts Bring New Logging Capabilities to Federal Agencies

CISA.GOV — Wed, 21 Feb 24 1

📢

Atlassian security advisory (AV24-104)

CYBER.GC.CA — 2024-02-21

📢

PAM Provider Delinea Buys Fastpath

DATABREACHTODAY.CO.UK — 2024-02-21

📢

Hack at Services Firm Hits 2.4 Million Eye Doctor Patients

DATABREACHTODAY.CO.UK — 2024-02-21

🔥

Lockbit Ransomeware global taketown

ITNEWS.COM.AU — 21 Feb 2024

🔥

Israeli El Al Alleges Hackers Targeted Flights in Mid-Air Hijack Attempt

HACKREAD.COM — 21 Feb 2024

🔥

New 'VietCredCare' Stealer Targeting Facebook Advertisers in Vietnam

THEHACKERNEWS.COM — 21 Feb 2024

🔥

Iran and Hezbollah Hackers Launch Attacks to Influence Israel-Hamas Narrative

THEHACKERNEWS.COM — 21 Feb 2024

🔥

Hacker Arrested for Selling Bank Accounts of US, Canadian Users

BLEEPINGCOMPUTER.COM — 21 Feb 2024

🔥

Cybersecurity for Healthcare—Diagnosing the Threat Landscape and Prescribing Solutions for Recovery

THEHACKERNEWS.COM — 21 Feb 2024

🔥

DC-Area School System Says Data of 100,000 People Affected in Ransomware Attack

THERECORD.MEDIA — 21 Feb 2024

🔥

Control Systems Firm PSI Struggles to Recover From Ransomware Attack

SECURITYWEEK.COM — 21 Feb 2024

🔥

Critical Infrastructure Vendor PSI Software Hit by Ransomware Attack

CYBERSECURITYDIVE.COM — 21 Feb 2024

🔥

Russia Announces Arrest of Medibank Hacker Tied to REvil

DATABREACHTODAY.CO.UK — 2024-02-21

🔥

Cactus Ransomware Claims 1.5TB Of Schneider Electric Data

PACKETSTORMSECURITY.COM — 21 Feb 2024

🔥

LockBit Leaks Expose Almost 200 Affiliates And Custom Malware

PACKETSTORMSECURITY.COM — 21 Feb 2024

🔥

Breach at Aussie Telecom Tangerine Affects 232,000 Customers

DATABREACHTODAY.CO.UK — 2024-02-21

🔥

US offers $15 million bounty for info on LockBit ransomware gang

BLEEPINGCOMPUTER.COM — 21 Feb 2024

🔥

Beware of VietCredCare Malware that Steals businesses’ Facebook Accounts

GBHACKERS.COM — 21 Feb 2024

🔥

Top UK Universities Recovering Following Targeted DDoS Attack

INFOSECURITY-MAGAZINE.COM — 21 Feb 2024

🔥

Cyber Insights 2024: Ransomware

SECURITYWEEK.COM — 21 Feb 2024

🔥

Microsoft finally expands free logging—but only for govt agencies

BLEEPINGCOMPUTER.COM — 21 Feb 2024

🔥

US health tech giant Change Healthcare hit by cyberattack

TECHCRUNCH.COM — 21 Feb 2024

🔥

Wyze Security Incident Exposes Private Cameras

DATABREACHTODAY.CO.UK — 2024-02-21

🔥

Microsoft expands free logging capabilities after May breach

BLEEPINGCOMPUTER.COM — 21 Feb 2024

🕵️

ISC Stormcast For Wednesday, February 21st, 2024 https://isc.sans.edu/podcastdetail/8862, (Wed, Feb 21st)

ISC.SANS.EDU — 21 Feb 2024

🕵️

ISC Stormcast For Wednesday, February 21st, 2024 https://isc.sans.edu/podcastdetail/8864, (Wed, Feb 21st)

ISC.SANS.EDU — 21 Feb 2024

🕵️

Exploring Changing SOC Landscapes

TRENDMICRO.COM — 21 Feb 2024

🕵️

Russian Hackers Target Ukraine with Disinformation and Credential-Harvesting Attacks

THEHACKERNEWS.COM — 21 Feb 2024

🕵️

What are You Working on Wednesday

INFOSEC.PUB — 21 Feb 2024

🕵️

Phishing pages hosted on archive.org, (Wed, Feb 21st)

ISC.SANS.EDU — 21 Feb 2024

🕵️

Charming Kitten Uses BASICSTAR Against Middle East Policy Experts

CYWARE.COM — 21 Feb 2024

🕵️

Security Onion 2.4.50 Released for Defenders With New Features

GBHACKERS.COM — 21 Feb 2024

🕵️

New Mingo Malware Attacking Linux Redis Servers To Mine Cryptocurrency

GBHACKERS.COM — 21 Feb 2024

🕵️

Chrome 122, Firefox 123 Patch High-Severity Vulnerabilities

SECURITYWEEK.COM — 21 Feb 2024

🕵️

NSA Announces Retirement of Cybersecurity Director Rob Joyce

SECURITYWEEK.COM — 21 Feb 2024

🕵️

Google Chrome 122 Update Addresses Critical Security Vulnerabilities

GBHACKERS.COM — 21 Feb 2024

🕵️

Details of a Phone Scam

SCHNEIER.COM — 2024-02-21

🕵️

Redis Servers Targeted With New ‘Migo’ Malware

SECURITYWEEK.COM — 21 Feb 2024

🕵️

Mustang Panda Targets Asia with Advanced PlugX Variant DOPLUGS

THEHACKERNEWS.COM — 21 Feb 2024

🕵️

Apple Adds Post-Quantum Encryption to iMessage

SECURITYWEEK.COM — 21 Feb 2024

🕵️

Diversifying Defenses: FjordPhantom Malware Shows Importance of a Multi-Pronged Approach

SECURITYWEEK.COM — 21 Feb 2024

🕵️

SHARED INTEL: Poll shows companies pursuing ‘Digital Trust’ reap benefits as laggards fall behind

LASTWATCHDOG.COM — 21 Feb 2024

🕵️

Webinar Tomorrow: The Active Threat Landscape in the Cloud

SECURITYWEEK.COM — 21 Feb 2024

🕵️

Researchers Devise ‘VoltSchemer’ Attacks Targeting Wireless Chargers

SECURITYWEEK.COM — 21 Feb 2024

🕵️

QR-Code Attacks Target the C-Suite 42 Times More than Standard Employees

KNOWBE4.COM — 21 Feb 2024

🕵️

Anyone Can Be Scammed and Phished, With Examples

KNOWBE4.COM — 21 Feb 2024

🕵️

Malware Delivered Through Phishing Surges 276%

KNOWBE4.COM — 21 Feb 2024

🕵️

Managing Supply Chain Risk - Saša Zdjelar - BTS #24

YOUTUBE.COM — 2024-02-21

🕵️

Get the most out of Microsoft Copilot for Security with good prompt engineering

MICROSOFT.COM — 21 Feb 2024

🕵️

Operation Texonto: Information operation targeting Ukrainian speakers in the context of the war

WELIVESECURITY.COM — 21 Feb 2024

🌐

New Migo Malware Targeting Redis Servers for Cryptocurrency Mining

THEHACKERNEWS.COM — 21 Feb 2024

🌐

New 'VietCredCare' Stealer Targeting Facebook Advertisers in Vietnam

THEHACKERNEWS.COM — 21 Feb 2024

🌐

Hackers abuse Google Cloud Run in massive banking trojan campaign

BLEEPINGCOMPUTER.COM — 21 Feb 2024

📡

Decoding Digital Transformation: AI, ML, and RPA in the Modern Era

TRENDMICRO.COM — 21 Feb 2024

📡

Decoding Digital Transformation: AI, ML, and RPA in the Modern Era

TRENDMICRO.COM — 21 Feb 2024

📡

Signal Introduces Usernames, Allowing Users to Keep Their Phone Numbers Private

THEHACKERNEWS.COM — 21 Feb 2024

📡

Permit.io Secures $8m in Series A for Revolutionary Authorization Service

FINTECH.GLOBAL — 21 Feb 2024

📡

Clean Links and Sophisticated Scams Mark New Era in Email Attacks

HELPNETSECURITY.COM — 21 Feb 2024

📡

6 Ways to Simplify SaaS Identity Governance

THEHACKERNEWS.COM — 21 Feb 2024

📡

Sophos NDR is now available on AWS

SOPHOS.COM — 21 Feb 2024

📡

Insider Steals 80,000 Email Addresses From UK District Councils

INFOSECURITY-MAGAZINE.COM — 21 Feb 2024

📡

Apple readies iMessage for when quantum computers could break encryption

TECHCRUNCH.COM — 21 Feb 2024

📡

VoltSchemer Attacks Use Wireless Chargers to Inject Voice Commands, Fry Phones

BLEEPINGCOMPUTER.COM — 21 Feb 2024

📡

Apple Adds Post-Quantum Encryption To iMessage

PACKETSTORMSECURITY.COM — 21 Feb 2024

📡

VMware Urges Admins to Remove Deprecated, Vulnerable Enhanced Authentication Plug-in

BLEEPINGCOMPUTER.COM — 21 Feb 2024

📡

Fraudsters tried to scam Apple out of 5,000 iPhones worth over $3 million

BLEEPINGCOMPUTER.COM — 21 Feb 2024

📡

ConnectWise sounds the alarm on two vulnerabilities

SOPHOS.COM — 21 Feb 2024

📡

Discord took no action against server that coordinated costly Mastodon spam attacks

TECHCRUNCH.COM — 21 Feb 2024