🐛 COMMON VULNERABILITIES AND EXPOSURES 4[−]
28 FebWordPress LiteSpeed Plugin Vulnerability Puts Five Million Sites at RiskA security vulnerability (CVE-2023-40000) in the LiteSpeed Cache plugin for WordPress allowed unauthenticated users to escalate their privileges, posing a significant risk to over five million installations.THEHACKERNEWS.COM
28 FebAds for Zero-Day Exploit Sales Surge 70% Annuallysubmitted by kid to cybersecurity 1 points | 0 comments https://www.infosecurity-magazine.com/news/ads-zeroday-exploit-sales-surge-70/ Group-IB’s report reveals a 70% increase in the sale of zero-day exploits in 2023 and monthly rentals of vulnerabilities, such as CVE-2023-38831 …INFOSECURITY-MAGAZINE.COM
28 FebUpdate: Black Basta, Bl00dy Ransomware Gangs Join ScreenConnect AttacksThe Black Basta and Bl00dy ransomware gangs are exploiting a critical authentication bypass vulnerability (CVE-2024-1709) in unpatched ScreenConnect servers to gain admin access and deploy ransomware.BLEEPINGCOMPUTER.COM
28 FebCVE-2024-21626 GitHub: CVE-2024-21626 Container breakout through process.cwd trickery and leaked fdsMicrosoft is announcing that the Azure Kubernetes Service security updates released on 31 January 2024 include runc updates, which addresses this vulnerability. Microsoft recommends that customers install the 31 January 2024 updates to ensure they have the most up-to-date version…MSRC.MICROSOFT.COM
⚠️ VULNERABILITY DISCLOSURE 20[−]
28 FebRussia’s use of malware to enhance election influence operations sign of things to comeIn a year full of national elections, security pundits and practitioners are focused on the shape of influence campaigns in 2024 . With more than a third of the world’s population heading to the ballot box in more than 50 elections worldwide , the threat of disinformation powered…CSOONLINE.COM
28 FebCybersecurity Agencies Warn Ubiquiti EdgeRouter Users of APT28's MooBot ThreatIn a new joint advisory, cybersecurity and intelligence agencies from the U.S. and other countries are urging users of Ubiquiti EdgeRouter to take protective measures, weeks after a botnet comprising infected routers was felled by law enforcement as part of an operation…THEHACKERNEWS.COM
28 FebBeware of Typos that May lead to malicious PyPI Package InstallationCybersecurity experts have raised alarms over a new threat vector targeting Python developers: typo-squatting on the Python Package Index (PyPI). The notorious Lazarus group, known for its cyber espionage and sabotage activities, has been implicated in the release of malicious pa…GBHACKERS.COM
28 FebHacking Terraform state to gain code execution and privilege escalationsubmitted by L4s to secops 1 points | 0 comments https://blog.plerion.com/hacking-terraform-state-privilege-escalation/ Hacking Terraform state to gain code execution and privilege escalation::undefinedPLERION.COM
28 Feb KEVUS healthcare alerted against BlackCat amid targeted attacksThe ALPHV, also known as the Blackcat ransomware gang, is targeting US healthcare systems, according to a joint cybersecurity advisory by the FBI, CISA, and the Department of Health and Human Services (SSH). The advisory, which was published as part of the #StopRansomware effort …CSOONLINE.COM
28 FebPharmaceutical Giant Cencora Says Data was Stolen in a CyberattackThe company has initiated containment measures, enlisted the help of law enforcement and cybersecurity experts, and is currently investigating the incident, with no confirmation yet on the impact to their finances or operations.BLEEPINGCOMPUTER.COM
28 FebUS Agencies Warn of ALPHV/Blackcat Ransomware Threat to Healthcare ProvidersALPHV/Blackcat ransomware affiliates use advanced social engineering techniques and open-source research to gain initial access to victim networks, posing as IT or helpdesk staff to obtain credentials.CISA.GOV
28 FebThe death of the CIOA half-century ago, most corporations were paper-native: Their business processes all executed on paper from both back office (accounting) to go-to-market functions (sales and marketing). Their businesses were location-native: Revenue was often generated in some form of person-to…CSOONLINE.COM
28 FebHackers Using Weaponized PDF Files To Kickstart Infection ChainThreat actors use weaponized PDF files for initial infection. This is because they can be embedded with malicious code, PDF readers’ vulnerabilities are exploited, and users are tricked into activating the payload. Since they are common trusted file types, PDFs have also become a…GBHACKERS.COM
28 FebExploit Attempts for Unknown Password Reset Vulnerability, (Wed, Feb 28th)My Google skills let me down this morning, attempting to figure out which vulnerability is exactly being exploited by these "forgotuserpassword.action" scans. Maybe someone else can help me out here. Based on the scans, I do not believe this is a "normal" password reset vulnerabi…ISC.SANS.EDU
28 FebCyber Insights 2024: APIs – A Clear, Present, and Future DangerThe API attack surface is expanding and API vulnerabilities are growing. AI will help attackers find and exploit API vulnerabilities at scale. The post Cyber Insights 2024: APIs – A Clear, Present, and Future Danger appeared first on SecurityWeek .SECURITYWEEK.COM
28 FebLazarus hackers exploited Windows zero-day to gain Kernel privilegesNorth Korean threat actors known as the Lazarus Group exploited a flaw in the Windows AppLocker driver (appid.sys) as a zero-day to gain kernel-level access and turn off security tools, allowing them to bypass noisy BYOVD (Bring Your Own Vulnerable Driver) techniques. [...]BLEEPINGCOMPUTER.COM
28 FebCredential Theft Is Mostly Due To PhishingAccording to IBM X-Force’s latest Threat Intelligence Index , 30% of all cyber incidents in 2023 involved abuse of valid credentials. X-Force’s report stated that abuse of valid credentials exceeded phishing as a top threat for the first time.KNOWBE4.COM
28 FebLockBit ransomware returns to attacks with new encryptors, serversThe LockBit ransomware gang is once again conducting attacks, using updated encryptors with ransom notes linking to new servers after last week's law enforcement disruption. [...]BLEEPINGCOMPUTER.COM
28 FebCISA Releases Resource Guide for University Cybersecurity ClinicsToday, CISA released a Resource Guide for Cybersecurity Clinics to outline ways CISA can partner with and support cybersecurity clinics and their clients. University cybersecurity clinics train students from diverse backgrounds and academic expertise to strengthen the digital def…CISA.GOV
28 FebHow to interpret the MITRE Engenuity ATT&CK® Evaluations: EnterpriseGraham Cluley Security News is sponsored this week by the folks at Cynet. Thanks to the great team there for their support! Thorough, independent tests are a vital resource as cybersecurity leaders and their teams evaluate vendors’ abilities to guard against increasingly sophisti…GRAHAMCLULEY.COM
28 FebBiden order bars data broker sale of Americans’ sensitive data to adversariesUS President Joe Biden signed a sweeping executive order involving multiple government agencies that seeks to protect Americans’ sensitive personal data from exploitation by barring data brokers from selling that sensitive information to a list of US adversaries, most prominently…CSOONLINE.COM
28 FebThree new advanced threat groups targeted industrial organizations last yearIndustrial organizations that own operational technology (OT) assets were targeted by three new advanced threat groups last year. In total, industrial cybersecurity firm Dragos tracked 10 OT-focused threat groups that had active operations in 2023, but attacks from hacktivists an…CSOONLINE.COM
28 FebChinese Group Runs Highly Persistent Ivanti 0-Day ExploitsUNC5325 Can Remain in Hacked Devices Despite Factory Reset and Patches Chinese threat actors are continuing to persist after exploiting the recent Ivanti Connect Secure VPN vulnerability even after factory resets, system upgrades and patches. The threat actor, UNC5325, is adept a…DATABREACHTODAY.CO.UK
28 FebVulnerabilities in business VPNs under the spotlightAs adversaries increasingly set their sights on vulnerable enterprise VPN software to infiltrate corporate networks, concerns mount about VPNs themselves being a source of cyber riskWELIVESECURITY.COM
📢 SECURITY ADVISORIES 14[−]
28 FebNIST CSF 2.0 released, to help all organizations, not just those in critical infrastructure - Help Net Securitysubmitted by kid to cybersecurity 1 points | 0 comments https://www.helpnetsecurity.com/2024/02/27/nist-csf-2-released/ NIST has released version 2.0 of the Cybersecurity Framework (CSF), focused on risk management and security for software supply chains. The update includes the …HELPNETSECURITY.COM
28 FebBuilding Your Privacy-Compliant Customer Data Platform (CDP) with First-Party DataIn today's digital era, data privacy isn't just a concern; it's a consumer demand. Businesses are grappling with the dual challenge of leveraging customer data for personalized experiences while navigating a maze of privacy regulations. The answer? A privacy-compliant Customer Da…THEHACKERNEWS.COM
28 FebBiden Executive Order Targets Bulk Data Transfers to ChinaNew Order Tasks Department of Justice with Developing Data Transfer Protections U.S. President Joe Biden is set to sign Wednesday an executive order aimed at preventing the large-scale transfer of Americans' sensitive personal data to countries including China. The order will set…DATABREACHTODAY.CO.UK
28 FebUpdates on NIST’s Interagency International Cybersecurity Standardization Working GroupLast November, I was pleased to chair the most recent meeting of the Interagency International Cybersecurity Standardization Working Group (IICSWG) – a group NIST created in 2016. Our charge, from the Cybersecurity Enhancement Act of 2014, was to build a coordination mechanism fo…NIST.GOV
28 FebNIST Releases Version 2.0 of Landmark Cybersecurity Frameworksubmitted by wizardbeard to securitynews 1 points | 0 comments https://www.nist.gov/news-events/news/2024/02/nist-releases-version-20-landmark-cybersecurity-framework NIST is a US government org that produces industry guidlines on best practices for cybersecurity, and they’ve jus…NIST.GOV
28 FebFBI Warns U.S. Healthcare Sector of Targeted BlackCat Ransomware AttacksThe U.S. government is warning about the resurgence of BlackCat (aka ALPHV) ransomware attacks targeting the healthcare sector as recently as this month. "Since mid-December 2023, of the nearly 70 leaked victims, the healthcare sector has been the most commonly victimized," the g…THEHACKERNEWS.COM
28 FebFBI, CISA warns Of ALPHV Blackcat Ransomware Attacking HospitalsTo raise awareness of the ALPHV Blackcat ransomware as a service (RaaS) that targets the US healthcare industry, the FBI, CISA, and the Department of Health and Human Services (HHS) have collaborated to release a joint Cybersecurity Advisory (CSA). To get initial access to t…GBHACKERS.COM
28 FebJapan warns of malicious PyPi packages created by North Korean hackersJapan's Computer Security Incident Response Team (JPCERT/CC) is warning that the notorious North Korean hacking group Lazarus has uploaded four malicious PyPI packages to infect developers with malware. [...]BLEEPINGCOMPUTER.COM
28 FebWhite House to Issue Executive Order on Personal Information ProtectionA coming White House Executive Order seeks to protect personal information by preventing the mass transfer of Americans' sensitive data to countries of concern. The post White House to Issue Executive Order on Personal Information Protection appeared first on SecurityWeek .SECURITYWEEK.COM
28 FebNew executive order bans mass sale of personal data to China, RussiaU.S. President Joe Biden has signed an executive order that aims to ban the bulk sale and transfer of Americans' private data to "countries of concern" such as China, Russia, Iran, North Korea, Cuba, and Venezuela. [...]BLEEPINGCOMPUTER.COM
🔥 INCIDENT REPORTING 26[−]
28 FebTangerine - 243,462 breached accountsIn February 2024, the Australian Telco Tangerine suffered a data breach that exposed over 200k customer records . Attributed to a legacy customer database, the data included physical and email addresses, names, phone numbers and dates of birth. Whilst the Tangerine login process …HAVEIBEENPWNED.COM
28 FebUAC-0184 Targets Ukrainian Entity in Finland with Remcos RATMorphisec found that the UAC-0184 threat actor used steganography to deliver the Remcos RAT via the IDAT Loader, targeting a Ukrainian entity in Finland. The incident comes a few weeks after ASEC discovered that Remcos RAT is being distributed disguised as adult games throug…CYWARE.COM
28 Feb67K Customers Impacted by Data Breach, According to U-Haulsubmitted by IllNess to securitynews 1 points | 0 comments https://www.darkreading.com/cyberattacks-data-breaches/67k-customers-impacted-by-data-breach-according-to-u-haulDARKREADING.COM
28 FebCathy Ullman: The Power of Active Defense. Interview by Phillip Wyliesubmitted by ashar to security_cpe 2 points | 0 comments https://infosec.pub/pictrs/image/af044d84-cc92-4b7f-bf3a-7f1005763b31.png Cathy Ullman: The Power of Active Defense In this episode of the Phillip Wylie show, listeners are treated to an intimate conversation with cybersecu…INFOSEC.PUB
28 FebmedQ Confirms Data Breach After Software Encryption IncidentThe data breach occurred when an unauthorized party encrypted software used by medQ and hosted by a third-party data center, resulting in the exposure of confidential consumer data.JDSUPRA.COM
28 FebCFOs Take Backseat to CISOs on SEC Cyber RulesCorporate finance chiefs are less involved in SEC cybersecurity breach disclosure processes compared to chief information security officers, potentially leading to decision-making mistakes.CYBERSECURITYDIVE.COM
28 FebAkira Ransomware Group Threatens to Leak Stolen Data from Swedish MunicipalityThe notorious Akira ransomware group has targeted the municipality of Bjuv in South Sweden, threatening to leak nearly 200GB of stolen data, including confidential documents and personal HR files.THECYBEREXPRESS.COM
28 FebLoanDepot January Hack: 16.9M Individuals Data ExposedIn a significant cybersecurity incident, loanDepot, a prominent player in the loan and mortgage industry, announced a data breach that potentially compromised the sensitive personal information of approximately 16.9 million individuals. This breach, identified in early January 20…GBHACKERS.COM
28 FebGermany's Hessen Consumer Center Says Systems Encrypted by RansomwareThe organization is working with external IT security experts to restore its communication channels and is committed to informing affected individuals if a data compromise is confirmed.BLEEPINGCOMPUTER.COM
28 FebA Cyber Insurance BackstopIn the first week of January, the pharmaceutical giant Merck quietly settled its years-long lawsuit over whether or not its property and casualty insurers would cover a $700 million claim filed after the devastating NotPetya cyberattack in 2017. The malware ultimately infected mo…SCHNEIER.COM
28 FebRussia and Belarus Targeted by at Least 14 Nation-State Hacker Groups, Researchers SayState-sponsored hacker groups targeted Russia and former Soviet Union members with destructive or espionage campaigns, indicating an increase in politically motivated cyber attacks in the region.THERECORD.MEDIA
28 FebUS Government Urges Cleanup of Routers Infected by Russia’s APT28The US government says Russia’s APT28 group compromised Ubiquiti EdgeRouters to run cyberespionage operations worldwide. The post US Government Urges Cleanup of Routers Infected by Russia’s APT28 appeared first on SecurityWeek .SECURITYWEEK.COM
28 FebCyber Security Today, Feb. 28, 2024 - Thousands of subdomains abused for phishing, the latest ransomware news and moreThis episode reports on a threat actor taking advantage of abandoned subdomains once used by big brands, ransomwmare attacks and moreCYBERSECURITYTODAY.LIBSYN.COM
28 FebHackers Steal Personal Information From Pharma Giant CencoraPharmaceutical solutions provider Cencora discloses a cyberattack that resulted in personal information being stolen from its systems. The post Hackers Steal Personal Information From Pharma Giant Cencora appeared first on SecurityWeek .SECURITYWEEK.COM
28 FebResearchers Uncover Tools And Tactics Used By Chinese HackersOver the years, several reports associated with cybercriminals have been based in Russia and Western countries. This is due to the fact that many sophisticated cyber attacks and data leaks originate from these regions. Though this is the case, there has been major blindness towar…GBHACKERS.COM
28 FebToday’s Attack Trends — Unit 42 Incident Response ReportThe 2024 Unit 42 Incident Response Report offers insights into attacker tactics and actionable recommendations to help you defend your organization. The post Today’s Attack Trends — Unit 42 Incident Response Report appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
28 FebEpic Games: "Zero evidence" we were hacked by Mogilevich gangEpic Games said they found zero evidence of a cyberattack or data theft after the Mogilevich extortion group claimed to have breached the company's servers. [...]BLEEPINGCOMPUTER.COM
28 FebUpdate: Ransomware Gang Seeks $3.4 Million After Attacking Children’s HospitalThe hospital, which serves a large number of pediatric patients, is still providing care despite disruptions caused by the cyberattack. The ransomware group is attempting to sell stolen data from the hospital for 60 bitcoins.THERECORD.MEDIA
28 FebAnycubic users say their 3D printers were hacked to warn of a security flawAnycubic customers are reporting that their 3D printers have been hacked and now display a message warning of an alleged security flaw in the company’s systems. Numerous threads on news sharing site Reddit show similar reports (hat tip to @dan) of users receiving an unsolic…TECHCRUNCH.COM
28 FebMatthew Perry’s Twitter account hacked by cryptocurrency scammersMatthew Perry's official Twitter account was hijacked by scammers this week who attempted to solicit donations from well-meaning fans of the much-loved late actor. The post asked for cryptocurrency donations "to support our mission in battling addiction." Read more in my article …BITDEFENDER.COM
28 FebNew Research: Ransomware Incidents Spike 84% in 2023Newly-released data covering cyberthreats experienced in 2023 sheds some light on how very different last year was and paints a picture of what to expect of cyber attacks in 2024.KNOWBE4.COM
28 FebRansomware gang claims they stole 6TB of Change Healthcare dataThe BlackCat/ALPHV ransomware gang has officially claimed responsibility for a cyberattack on Optum, a subsidiary of UnitedHealth Group (UHG), which led to an ongoing outage affecting the Change Healthcare platform. [...]BLEEPINGCOMPUTER.COM
28 FebRhysida ransomware wants $3.6 million for children’s stolen dataThe Rhysida ransomware gang has claimed the cyberattack on Lurie Children's Hospital in Chicago at the start of the month. [...]BLEEPINGCOMPUTER.COM
28 FebAnycubic 3D printers hacked worldwide to expose security flawAccording to a wave of online reports from Anycubic customers, someone hacked their 3D printers to warn that the devices are exposed to attacks. [...]BLEEPINGCOMPUTER.COM
28 FebCutout.Pro - 19,972,829 breached accountsIn February 2024, the AI-powered visual design platform Cutout.Pro suffered a data breach that exposed 20M records . The data included email and IP addresses, names and salted MD5 password hashes which were subsequently broadly distributed on a popular hacking forum and Telegram …HAVEIBEENPWNED.COM
28 FebBlackCat Pounces on Health Sector After Federal TakedownFeds Issue Alert as Change Healthcare Hack Affects Medicare, CVS Caremark, MetLife BlackCat claimed on its dark web site that it is behind the biggest healthcare hack so far the year - exfiltrating 6 terabytes of "highly selective data" relating to "all" Change Healthcare clients…DATABREACHTODAY.CO.UK
🕵️ THREAT INTELLIGENCE 21[−]
28 FebISC Stormcast For Wednesday, February 28th, 2024 https://isc.sans.edu/podcastdetail/8872, (Wed, Feb 28th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
28 FebRussian Hackers Hijack Ubiquiti Routers To Launch Stealthy Attacks - RedPacket Securitysubmitted by Lanky_Pomegranate530 to cybersecurity 1 points | 1 comments https://www.redpacketsecurity.com/russian-hackers-hijack-ubiquiti-routers-to-launch-stealthy-attacks/REDPACKETSECURITY.COM
28 FebTimbreStealer Malware Spreading via Tax-themed Phishing Scam Targets IT UsersMexican users have been targeted with tax-themed phishing lures at least since November 2023 to distribute a previously undocumented Windows malware called TimbreStealer. Cisco Talos, which discovered the activity, described the authors as skilled and that the "thr…THEHACKERNEWS.COM
28 FebHackers Advertising New Version Of WarZone RAT On Hacking ForumsCybersecurity experts have raised alarms as a new version of the notorious WarZone Remote Access Trojan (RAT) has been spotted being advertised on various hacking forums. The latest iteration, known as WarZone RAT v3, boasts enhanced features and capabilities, making it a more po…GBHACKERS.COM
28 FebIs XDR Enough? The Hidden Gaps in Your Security NetWhen evaluating XDR, consider its value based on its ability to reduce complexity and improve threat detection and response times. The post Is XDR Enough? The Hidden Gaps in Your Security Net appeared first on SecurityWeek .SECURITYWEEK.COM
28 FebChinese Cyberspies Use New Malware in Ivanti VPN AttacksChinese threat actors target Ivanti VPN appliances with new malware designed to persist system upgrades. The post Chinese Cyberspies Use New Malware in Ivanti VPN Attacks appeared first on SecurityWeek .SECURITYWEEK.COM
28 FebIntel Core Ultra vPro Platform Brings New Security FeaturesIntel announces new and improved security features with the latest vPro platform and Core Ultra processors. The post Intel Core Ultra vPro Platform Brings New Security Features appeared first on SecurityWeek .SECURITYWEEK.COM
28 FebWhat are You Working on Wednesdaysubmitted by shellsharks to cybersecurity 1 points | 0 comments Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.INFOSEC.PUB
28 FebCybersecurity Agencies Warn Ubiquiti EdgeRouter Users of APT28's MooBot ThreatOrganizations are urged to perform a hardware factory reset, upgrade firmware, change default credentials, and implement firewall rules to protect against the MooBot attacks.THEHACKERNEWS.COM
28 FebAMOS macOS Stealer Steals Particular Files on the System & Browser DataIn the ever-evolving landscape of cybersecurity threats, a new variant of the AMOS (Atomic) Stealer malware has emerged, targeting macOS users with sophisticated techniques to steal sensitive information. Bitdefender’s recent analysis sheds light on this alarming developmen…GBHACKERS.COM
28 FebResearchers Exposed Predator Spyware Infrastructure & Domains AssociatedThe Predator Files project, coordinated by the European Investigative Collaborations (EIC), has highlighted the extensive use of Predator spyware by customers of Intellexa surveillance solutions. The intrusion set, known as Lycantrox, was exposed by Sekoia.io in collaboration wit…GBHACKERS.COM
28 FebSavvy Seahorse gang uses DNS CNAME records to power investor scamsA threat actor named Savvy Seahorse is abusing CNAME DNS records Domain Name System to create a traffic distribution system that powers financial scam campaigns. [...]BLEEPINGCOMPUTER.COM
28 FebUS Bans Trading With Canadian Network Intelligence Firm SandvineThe US has restricted trade with Canadian company Sandvine for aiding the Egyptian government’s web monitoring operations. The post US Bans Trading With Canadian Network Intelligence Firm Sandvine appeared first on SecurityWeek .SECURITYWEEK.COM
28 FebIran-Linked UNC1549 Hackers Target Middle East Aerospace & Defense SectorsAn Iran-nexus threat actor known as UNC1549 has been attributed with medium confidence to a new set of attacks targeting aerospace, aviation, and defense industries in the Middle East, including Israel and the U.A.E. Other targets of the cyber espionage activity likely …THEHACKERNEWS.COM
28 FebWhen Threat Actors Don’t Have a Viable Email Platform to Phish From, They Just Steal YoursNew analysis of a phishing campaign shows how cybercriminals use brand impersonation of the platforms they need to compromise accounts and takeover legitimate services.KNOWBE4.COM
28 FebMitigating attacks based on knowing the length of a Windows Hello PIN - The Old New Thingsubmitted by Kissaki to security 1 points | 0 comments https://devblogs.microsoft.com/oldnewthing/20240227-00/?p=109456 Describes considerations of convenience and security of auto-confirmation while entering a numeric PIN - which leads to information disclosure considerations. A…DEVBLOGS.MICROSOFT.COM
28 FebPhishing Campaign Targets Mexican Taxpayers With Tax-Themed LuresA phishing campaign is targeting users in Mexico with tax-themed lures, according to researchers at Cisco Talos. The phishing emails direct users to a website that attempts to trick them into downloading a new strain of information-stealing malware called “TimbreStealer.”KNOWBE4.COM
28 FebGame-Changer: Biometric-Stealing MalwareI have been working in cybersecurity for a long time, since 1987, over 35 years. And, surprisingly to many readers/observers, I often say I have not seen anything new in the hacker/malware space since I began. The same threats that were a problem then are the same problems now.KNOWBE4.COM
28 FebDown, Not Out: Russian Hacktivists Claiming DDoS DisruptionsDistributed Denial-of-Service Attacks Decline as Russia-Ukraine War Continues Russia's war of conquest against Ukraine grinds onward, but the number of self-proclaimed hacktivists appears to be dwindling as the strategy of temporarily disrupting the availability of high-profile w…DATABREACHTODAY.CO.UK
28 FebBanks Use Behavioral Analytics to Tackle First-Party FraudBioCatch's Seth Ruden on How Defenders Can Keep Up With Evolving Fraud Scams First-party fraudsters have shifted their focus from credit card fraud to deposit scams. In this evolving threat environment, financial institutions face new challenges from the increased use of syntheti…DATABREACHTODAY.CO.UK
🌐 CYBER THREAT LANDSCAPE 4[−]
28 FebOnline Travelers at Risk: Agent Tesla Malware Attacks Travel IndustryMalware campaigns are evolving, using email attachments to deliver RAT infections, as demonstrated by the example of a PDF attachment impersonating Booking.com to lure victims.FORCEPOINT.COM
28 FebTimbreStealer Campaign Targets Mexican Users with Financial LuresThe malware comes with embedded modules for orchestration, decryption, and protection, while also conducting checks to avoid sandbox environments and targeting specific industries like manufacturing and transportation sectors.TALOSINTELLIGENCE.COM
28 FebCalendar Meeting Links Used to Spread Mac MalwareMalicious hackers are targeting people in the cryptocurrency space in attacks that start with a link added to the target’s account at Calendly, a popular free calendar application for scheduling appointments and meetings. The attackers impersonate established cryptocurrency inves…KREBSONSECURITY.COM
28 FebMalicious AI models on Hugging Face backdoor users’ machinesAt least 100 instances of malicious AI ML models were found on the Hugging Face platform, some of which can execute code on the victim's machine, giving attackers a persistent backdoor. [...]BLEEPINGCOMPUTER.COM
🎙️ PODCASTS 1[−]
28 FebTransatlantic Cable podcast episode 335 | Kaspersky official blogEpisode 335 of the Transatlantic Cable podcast looks at AI, magicians, chatbot snafus and more!KASPERSKY.COM
📡 INFOSEC NEWS 18[−]
28 FebUsing AI to Reduce False Positives in Secrets ScannersIdentifying and securing secrets in code is challenging due to the wide variety of secret types, but AI and ML can reduce false positives by as much as 86%, improving risk prioritization.HELPNETSECURITY.COM
28 FebUnmanaged Third-Party Access Threatens OT EnvironmentsThe increased connectivity between IT and OT systems, along with the rise in third-party access, introduces serious new risks that can leave organizations exposed to safety and security threats if access and connectivity are not properly controlled.HELPNETSECURITY.COM
28 FebSuperusers Need Super Protection: How to Bridge Privileged Access Management and Identity ManagementTraditional perimeter-based security has become costly and ineffective. As a result, communications security between people, systems, and networks is more important than blocking access with firewalls. On top of that, most cybersecurity risks are caused by just a few superus…THEHACKERNEWS.COM
28 FebRegistrars can now block all domains that resemble brand namesRegistrars can now block people from registering tens of thousands of domain names that look like, are spelling variations of, or otherwise infringe on brand names. [...]BLEEPINGCOMPUTER.COM
28 FebMeta to Assign Special Teams in Europe to Fight Election Disinformation, AI AbuseThe company plans to set up a team in Europe to identify and mitigate election-related threats on its platforms in real time. It will also expand its fact-checking network with new partners in Bulgaria, France, and Slovakia.THERECORD.MEDIA
28 FebEnterprises’ Progress in Digital Trust Implementation is Far From GreatEnterprises face challenges in managing the complexity of digital trust in a rapidly evolving technology landscape, which impacts their ability to protect digital assets.HELPNETSECURITY.COM
28 FebVoltSchemer: attacks on wireless chargers through the power supply | Kaspersky official blogVoltSchemer attacks can "fry" smartphones charging on wireless chargers, disable various devices, and send silent voice commands.KASPERSKY.COM
28 FebMalicious Code in Tornado Cash Governance Proposal Puts User Funds at RiskThe compromise was introduced via a governance proposal, and the Tornado Cash Developers confirmed the compromise, urging users to withdraw old deposit notes and token holders to cancel their votes for the malicious proposal.BLEEPINGCOMPUTER.COM
28 FebLabHost Cybercrime Service Lets Anyone Phish Canadian Bank UsersLabHost offers three membership tiers targeting banks and online services, along with a real-time phishing management tool called LabRat that enables cybercriminals to steal 2FA protection.BLEEPINGCOMPUTER.COM
28 FebNeed to Know: Key Takeaways from the Latest Phishing AttacksThis article takes a look at some lessons from recent phishing attacks and highlights actionable tips to limit the risks of phishing affecting your company. [...]BLEEPINGCOMPUTER.COM
28 FebHSCC Issues Cyber 'Call to Action' Plan for Health SectorThe plan includes 12 measurable objectives, such as increasing cybersecurity practices, developing cross-sector risk management strategies, and implementing automation and emerging technologies.BANKINFOSECURITY.COM
28 FebKali Linux 2024.1 released with 4 new tools, UI refreshKali Linux has released version 2024.1, the first version of 2024, with four new tools, a theme refresh, and desktop changes. [...]BLEEPINGCOMPUTER.COM
28 FebHas the US Created the Wrong War Machine?We Need Low-Cost, High-Volume Weapons Systems to Prevail in Future Conflicts Has the U.S. created the wrong war machine? Developing and deploying advanced military technologies involves balancing the desire to improve national security with the need to navigate the ethical, strat…DATABREACHTODAY.CO.UK
28 FebWhat EU Antitrust Probe Around Entra ID Means for MicrosoftRivals Say Microsoft Restricts Competition Around Identity. Will Regulators Agree? Microsoft once again finds itself in the crosshairs of antitrust regulators, this time for practices around its Entra ID identity management tool. The European Commission is probing whether Microso…DATABREACHTODAY.CO.UK