🚨 CISA KEV 1[−]
29 Feb KEVCISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2023-29360 Microsoft Streaming Service Untrusted Pointer Dereference Vulnerability These types of vulnerabilities are frequent attack vectors …CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 9[−]
29 FebLazarus Hackers Exploited Windows 0-Day to Gain Kernel read/write AccessThe Lazarus Group, a well-known cybercriminal organization, has recently exploited a zero-day vulnerability in Windows to gain kernel privileges, a critical level of system access. This vulnerability, identified as CVE-2024-21338, was found in the appid.Sys AppLocker driver was p…GBHACKERS.COM
29 FebChinese Hackers Exploiting Ivanti VPN Flaws to Deploy New MalwareAt least two different suspected China-linked cyber espionage clusters, tracked as UNC5325 and UNC3886, have been attributed to the exploitation of security flaws in Ivanti Connect Secure VPN appliances. UNC5325 abused CVE-2024-21893 to deliver a wide ran…THEHACKERNEWS.COM
29 FebWindows Zero-Day Exploited by North Korean Hackers in Rootkit AttackNorth Korean group Lazarus exploited AppLocker driver zero-day CVE-2024-21338 for privilege escalation in attacks involving FudModule rootkit. The post Windows Zero-Day Exploited by North Korean Hackers in Rootkit Attack appeared first on SecurityWeek .SECURITYWEEK.COM
29 FebLazarus Group Exploits Windows Zero-Day for Kernel-Level Accesssubmitted by kid to cybersecurity 2 points | 0 comments https://vulnera.com/newswire/lazarus-group-exploits-windows-zero-day-for-kernel-level-access/ The Lazarus Group exploited CVE-2024-21338, a zero-day vulnerability in Windows AppLocker’s ‘appid.sys’ driver, to gain kernel pri…VULNERA.COM
29 FebLazarus Hackers Exploited Windows Kernel Flaw as Zero-Day in Recent AttacksThe notorious Lazarus Group actors exploited a recently patched privilege escalation flaw in the Windows Kernel as a zero-day to obtain kernel-level access and disable security software on compromised hosts. The vulnerability in question is CVE-2024-21338 (CVSS score: 7…THEHACKERNEWS.COM
29 FebCISA and Partners Release Advisory on Threat Actors Exploiting Ivanti Connect Secure and Policy Secure Gateways VulnerabilitiesToday, CISA and the following partners released joint Cybersecurity Advisory Threat Actors Exploit Multiple Vulnerabilities in Ivanti Connect Secure and Policy Secure Gateways : Federal Bureau of Investigation (FBI) Multi-State Information Sharing & Analysis Cente…CISA.GOV
29 FebChromium: CVE-2024-1938 Type Confusion in V8This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
29 FebChromium: CVE-2024-1939 Type Confusion in V8This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
29 FebCVE-2024-26196 Microsoft Edge for Android (Chromium-based) Information Disclosure VulnerabilityInformation published.MSRC.MICROSOFT.COM
⚠️ VULNERABILITY DISCLOSURE 32[−]
29 FebOpenCTI maker Filigran raises $16 million for its cybersecurity threat management suiteParis-based cybersecurity startup Filigran is capitalizing on the success of OpenCTI to build a suite of open-source threat management products. The company has already found some early traction with OpenCTI, its open-source threat intelligence platform. That’s why the company re…TECHCRUNCH.COM
29 FebOkta Security Push Pays Dividends Following String of IssuesCredential Stuffing Plummets, More Malicious Requests Detected Amid Huge Investment Okta's 90-day push to improve its security architecture and operations following a crippling October 2023 data breach delivered quick results, CEO Todd McKinnon said. Okta over the past quarter re…DATABREACHTODAY.CO.UK
29 FebWhy governance, risk, and compliance must be integrated with cybersecurityPersistent cyber threats, the growing array of regulations and rapidly changing technology have heightened the need for cybersecurity to be integrated into governance, risk and compliance (GRC) frameworks. GRC programs include the processes and technologies that enable organizati…CSOONLINE.COM
29 FebLazarus Exploits Typos to Sneak PyPI Malware into Dev SystemsThe notorious North Korean state-backed hacking group Lazarus uploaded four packages to the Python Package Index (PyPI) repository with the goal of infecting developer systems with malware. The packages, now taken down, are pycryptoenv, pycryptoconf, quasarlib, and…THEHACKERNEWS.COM
29 FebFTC’s Khan Warns Tech Industry That Agency Will Strictly Enforce AI Data PrivacyThe FTC's aggressive approach to enforcing privacy regulations reflects a commitment to ensuring that AI model refinement does not compromise people's privacy or security.THERECORD.MEDIA
29 FebUpdate: Chinese Group Runs Highly Persistent Ivanti Zero-Day ExploitsChinese threat actor UNC5325 is adept at using novel malware and "living off the land" techniques to persist in hacked devices even after factory resets and system upgrades.BANKINFOSECURITY.COM
29 FebHow the “Frontier” Became the Slogan of Uncontrolled AIArtificial intelligence (AI) has been billed as the next frontier of humanity: the newly available expanse whose exploration will drive the next era of growth, wealth, and human flourishing. It’s a scary metaphor. Throughout American history, the drive for expansion and the…SCHNEIER.COM
29 FebBobTheSmuggler: Open-source tool for undetectable payload deliveryThe open-source tool supports various payload delivery chains and has future plans to add more image polyglots, file extensions, and EML file support for stealthy payload delivery.HELPNETSECURITY.COM
29 FebGTPDOOR Linux Malware Targets Telecoms, Exploiting GPRS Roaming NetworksThreat hunters have discovered a new Linux malware called GTPDOOR that’s designed to be deployed in telecom networks that are adjacent to GPRS roaming exchanges (GRX) The malware is novel in the fact that it leverages the GPRS Tunnelling Protocol (GTP) for com…THEHACKERNEWS.COM
29 FebHow to Prioritize Cybersecurity Spending: A Risk-Based Strategy for the Highest ROIAs an IT leader, staying on top of the latest cybersecurity developments is essential to keeping your organization safe. But with threats coming from all around — and hackers dreaming up new exploits every day — how do you create proactive, agile cybersecurity strategies? And wha…THEHACKERNEWS.COM
29 FebThe Imperative for Modern Security: Risk-Based Vulnerability ManagementBy prioritizing vulnerabilities based on risk and aligning security efforts with business objectives, organizations can enhance their resilience to cyberattacks, optimize resource allocation, and maintain a proactive security posture. The post The Imperative for Modern Security: …SECURITYWEEK.COM
29 FebReport: Most Commercial Code Contains High-Risk Open Source BugsThe ninth annual Open Source Security and Risk Analysis (OSSRA) report by Synopsys revealed that 74% of commercial codebases contain high-risk open source vulnerabilities, an increase from 48% in 2022.INFOSECURITY-MAGAZINE.COM
29 FebTop cybersecurity salaries shoot past $780kThe top 10% of cybersecurity professionals in the US drew as much as $783,000 on average in 2023, according to according to a joint IANS and Artico Search study. Although well-compensated, cybersecurity roles are often multifunctional, and typical functional combinations within a…CSOONLINE.COM
29 FebMeta Patches Facebook Account Takeover VulnerabilityMeta has patched a critical vulnerability that could have been exploited to take over any Facebook account via a brute-force attack. The post Meta Patches Facebook Account Takeover Vulnerability appeared first on SecurityWeek .SECURITYWEEK.COM
29 FebReport: Ads for Zero-Day Exploit Sales Surge 70% AnnuallyThreat actors are increasingly using zero-day exploits to enhance the success of advanced targeted attacks, with a 70% increase in public ads selling zero-day exploits observed between 2022 and 2023, according to Group-IB.INFOSECURITY-MAGAZINE.COM
29 FebCISA Releases Two Industrial Control Systems AdvisoriesCISA released two Industrial Control Systems (ICS) advisories on February 29, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-060-01 Delta Electronics CNCSoft-B ICSMA-24-060-01 MicroDicom DICO…CISA.GOV
29 FebAnycubic 3D Printers Hacked Worldwide to Expose Security FlawThe hackers have urged Anycubic to open-source their 3D printers due to software deficiencies and have warned affected customers to disconnect their printers from the Internet until the security issue is patched.BLEEPINGCOMPUTER.COM
29 FebNew Silver SAML Attack Evades Golden SAML Defenses in Identity SystemsCybersecurity researchers have disclosed a new attack technique called Silver SAML that can be successful even in cases where mitigations have been applied against Golden SAML attacks. Silver SAML “enables the exploitation of SAML to launch attacks from an identity prov…THEHACKERNEWS.COM
29 FebGTPDOOR Linux Malware Targets Telecoms, Exploiting GPRS Roaming NetworksGTPDOOR is a new Linux malware designed for telecom networks that leverages the GPRS Tunnelling Protocol (GTP) for command-and-control communications, posing a threat to subscriber information and call metadata.THEHACKERNEWS.COM
29 FebCISA, U.S. and International Partners Warn of Ongoing Exploitation of Multiple Ivanti VulnerabilitiesCISA.GOV
29 FebJoint Cyber Security Advisory warns threat actors exploit multiple vulnerabilities in Ivanti Connect Secure and Policy Secure GatewaysCYBER.GC.CA
29 FebTo defeat AI attacks, fight fire with more fireIn an era of unprecedented technological advancement, the adoption of AI continues to rise. However, with the proliferation of this powerful technology, a darker side is emerging. Increasingly, malicious actors are using AI to enhance every stage of an attack. Cybercriminals are …CSOONLINE.COM
29 FebMajority of commercial codebases contain high-risk open-source codeNearly three-quarters of all commercial codebases contain open-source software with high-risk vulnerabilities. That’s according to a new report from Synopsys, a cybersecurity vendor, which found that 96 percent of codebases audited, covering 17 industries, contained some open sou…CSOONLINE.COM
29 Feb KEVCISA warns against using hacked Ivanti devices even after factory resetsThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) revealed today that attackers who breached Ivanti appliances using one of multiple actively exploited vulnerabilities can maintain root persistence even after performing factory resets. [...]BLEEPINGCOMPUTER.COM
29 FebMalware In Strange Places, Overheating, LockBit - PSW #818The latest attacks against WiFi, its illegal to break encryption, BLE Padlocks are as secure as you think, when command not found attacks, how did your vibrator get infected...with malware, the OT jackpot, the backdoor in a random CSRF library, it’s a vulnerability but there is n…YOUTUBE.COM
29 FebGolden Corral restaurant chain data breach impacts 183,000 peopleThe Golden Corral American restaurant chain disclosed a data breach after attackers behind an August cyberattack stole the personal information of over 180,000 people. [...]BLEEPINGCOMPUTER.COM
29 FebFulton County, Security Experts Call LockBit’s BluffThe ransomware group LockBit told officials with Fulton County, Ga. they could expect to see their internal documents published online this morning unless the county paid a ransom demand. Instead, LockBit removed Fulton County's listing from its victim shaming website this mornin…KREBSONSECURITY.COM
29 FebLazarus Group Exploits Windows AppLocker Driver Zero-DayMicrosoft Fixed Bug in February That Gave Kernel-Level Access to North Korean APT North Korea's Lazarus hackers exploited a Windows AppLocker driver zero-day to gain kernel-level access and turn off security tools that could detect the group's bring-your-own-vulnerable-driver exp…DATABREACHTODAY.CO.UK
29 Feb KEVCISA cautions against using hacked Ivanti VPN gateways even after factory resetsThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) revealed today that attackers who hack Ivanti VPN appliances using one of multiple actively exploited vulnerabilities may be able to maintain root persistence even after performing factory resets. [...]BLEEPINGCOMPUTER.COM
29 FebBlue Team toolkit: 6 open-source tools to assess and enhance corporate defensesHere’s how the blue team wards off red teamers and a few open-source tools it may leverage to identify chinks in the corporate armorWELIVESECURITY.COM
📢 SECURITY ADVISORIES 11[−]
29 FebPresident Biden Blocks Mass Transfer of Personal Data to High-Risk NationsU.S. President Joe Biden has issued an Executive Order that prohibits the mass transfer of citizens' personal data to countries of concern. The Executive Order also "provides safeguards around other activities that can give those countries access to Americans' sensitive…THEHACKERNEWS.COM
29 FebBiden Executive Order Seeks to Cut China off From Americans’ Sensitive DataThe new executive order targets the unregulated data broker industry and prohibits the sale of genomic, biometric, health, geolocation, and financial data to the identified countries.CYBERSCOOP.COM
29 FebBiden Crack Down Sale of Americans’ Personal Data to China & RussiaTo safeguard the privacy and security of American citizens, President Joe Biden has issued an Executive Order to prevent the sale and transfer of sensitive personal data to countries deemed as threats, notably China and Russia. This decisive action represents the most significant…GBHACKERS.COM
29 FebCisco Patches High-Severity Vulnerabilities in Data Center OSCisco’s semiannual FXOS and NX-OS security advisory bundle resolves two high- and two medium-severity vulnerabilities. The post Cisco Patches High-Severity Vulnerabilities in Data Center OS appeared first on SecurityWeek .SECURITYWEEK.COM
29 FebCISA, FBI, and MS-ISAC Release Advisory on Phobos RansomwareToday, CISA, the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released a joint Cybersecurity Advisory (CSA), #StopRansomware: Phobos Ransomware , to disseminate known tactics, techniques, and procedures (TTPs) and in…CISA.GOV
29 FebBiden Administration Will Investigate National Security Risks Posed by Chinese-Made ‘Smart Cars’Government probe could lead to new regulations aimed at preventing China from using sophisticated technology in connected vehicles to track drivers and their personal information. The post Biden Administration Will Investigate National Security Risks Posed by Chinese-Made ‘Smart …SECURITYWEEK.COM
29 FebBreach Roundup: White House Calls for Memory-Safe LanguagesAlso: Malware Campaign Hits GitHub, Affects Over 100,000 Repos This week, the Biden administration urged software developers to adopt memory-safe programming languages and moved to restrict Chinese connected cars, a pharma giant was breached, researchers found malicious repos in …DATABREACHTODAY.CO.UK
29 FebUS Coast Guard Expands Cyber Command to Combat New ThreatsOfficials Express Concern Over Growing Potential for Chinese Maritime Cyberthreats Officials from the U.S. Coast Guard Cyber Command told lawmakers Thursday the military branch is building out deployable teams of cybersecurity protection units and taking advantage of expanded aut…DATABREACHTODAY.CO.UK
29 FebICO Reprimands UK Home Office for Privacy ViolationsHome Office Electronic Migrant Tracking System Violates UK GDPR, Says ICO A defunct U.K. Home Office pilot project that tracked the whereabouts of 600 migrants violated British privacy law, the British data regulator said early Friday in London, giving the agency a deadline of ne…DATABREACHTODAY.CO.UK
🔥 INCIDENT REPORTING 22[−]
29 FebSmashing Security podcast #361: Wireless charging woe, AI romance apps, and ransomware revisitedYour smartphone may be toast – if you use a hacked wireless charger, we take a closer look at the latest developments in the unfolding LockBit ransomware drama, and Carole dips her toe into online AI romance apps. All this and much much more is discussed in the latest editi…GRAHAMCLULEY.COM
29 FebMillions of GitHub Repos Found Infected with Malicious CodeSecurity researchers have uncovered a massive campaign of repository confusion attacks on GitHub, affecting over 100,000 repositories and potentially millions more. This sophisticated cyberattack targets developers by tricking them into downloading and using malicious repositorie…GBHACKERS.COM
29 FebLOCKBIT 3.0 Ransomware – Complete Malware Analysis ReportLockBit 3.0 is a sophisticated ransomware identified as a significant threat to organizations worldwide. This ransomware variant is designed to encrypt files on infected systems, rendering them inaccessible until a ransom is paid. LockBit” is a ransomware-as-a-service (RaaS) grou…GBHACKERS.COM
29 FebReport: 69% of Organizations Infected by Ransomware in 2023Per a Proofpoint report, over two-thirds of organizations experienced a successful ransomware incident in the past year, with close to 60% reporting four or more separate ransomware incidents.INFOSECURITY-MAGAZINE.COM
29 FebGerman Applied Sciences University Announces Being Hit by Criminal CyberattackHochschule Kempten, a university of applied sciences in Germany, has been targeted by a criminal cyberattack. The attack has affected access to several IT systems, including email, while the telephone system remains operational.THERECORD.MEDIA
29 FebCyberattackers Lure EU Diplomats With Wine-Tasting Offerssubmitted by phreekno to cybersecurity 2 points | 0 comments https://www.darkreading.com/cyberattacks-data-breaches/cyberattackers-lure-eu-diplomats-wine-tasting-offersDARKREADING.COM
29 FebEuropean Retailer Pepco Loses $16.8 Million Due to Phishing AttackWhile customer, supplier, and colleague information was not compromised, the incident may have involved a social engineering attack known as business email compromise (BEC).HELPNETSECURITY.COM
29 FebPharmaceutical giant Cencora discloses a data breachsubmitted by vikingqueef to cybersecurity 2 points | 0 comments https://securityaffairs.com/159716/data-breach/cencora-discloses-data-breach.htmlSECURITYAFFAIRS.COM
29 FebBlackCat Ransomware Gang Claims Attack on Change HealthcareThe Alphv/BlackCat ransomware gang says 6 terabytes of data were stolen from healthcare technology firm Change Healthcare. The post BlackCat Ransomware Gang Claims Attack on Change Healthcare appeared first on SecurityWeek .SECURITYWEEK.COM
29 FebHealthcare sector warned of ALPHV BlackCat ransomware after surge in targeted attacksThe US government has warned the healthcare sector that it is now the biggest target of the BlackCat ransomware group. Read more in my article on the Tripwire State of Security blog.TRIPWIRE.COM
29 FebUnitedHealth confirms ransomware gang behind Change Healthcare hack amid ongoing pharmacy outagesU.S. health insurance giant UnitedHealth Group has confirmed a ransomware attack on its health tech subsidiary Change Healthcare, which continues to disrupt hospitals and pharmacies across the United States. “Change Healthcare can confirm we are experiencing a cyber security issu…TECHCRUNCH.COM
29 Feb20 million Cutout.Pro user records leaked on data breach forumAI service Cutout.Pro has suffered a data breach exposing the personal information of 20 million members, including email addresses, hashed and salted passwords, IP addresses, and names. [...]BLEEPINGCOMPUTER.COM
29 FebDoE Invests $45 Million to Prevent Cyberattacks on US Energy SystemsThe Department of Energy's Office of Cybersecurity, Energy Security, and Emergency Response (CESER) has allocated $45 million for 16 projects aimed at developing new technologies to prevent cyberattacks and reduce energy disruptions.MERITALK.COM
29 FebGerman Steelmaker Thyssenkrupp Confirms Ransomware AttackGerman steelmaking conglomerate Thyssenkrupp confirms one of its automotive units was disrupted by a ransomware attack. The post German Steelmaker Thyssenkrupp Confirms Ransomware Attack appeared first on SecurityWeek .SECURITYWEEK.COM
29 FebA government watchdog hacked a US federal agency to stress-test its cloud securityA U.S. government watchdog stole more than one gigabyte of seemingly sensitive personal data from the cloud systems of the U.S. Department of the Interior. The good news: The data was fake and part of a series of tests to check whether the Department’s cloud infrastructure was se…TECHCRUNCH.COM
29 FebData Scientists Targeted by Malicious Hugging Face ML Models with Silent BackdoorThe model’s payload grants the attacker a shell on the compromised machine, enabling them to gain full control over victims’ machines through what is commonly referred to as a “backdoor”.JFROG.COM
29 FebLockBit Ransomware Returns to Attacks With New Encryptors, ServersLockBit has set up new data leak and negotiation sites, and is actively recruiting experienced pentesters to join their operation, indicating a potential increase in future attacks.BLEEPINGCOMPUTER.COM
29 FebStages of LockBit Grief: Anger, Denial, Faking Resurrection?Is LockBit a Kremlin Sock Puppet? Is Moscow using the Russian-speaking LockBit ransomware group as a tool to disrupt critical infrastructure and democracy in the West? While no publicly available evidence reveals direct ties, what are the chances that the prolific, trash-talking …DATABREACHTODAY.CO.UK
29 FebUpdate: BlackCat Ransomware Gang Claims They Stole 6TB of Change Healthcare DataThe BlackCat/ALPHV ransomware gang claimed responsibility for a cyberattack on Optum, affecting the Change Healthcare platform and potentially compromising sensitive data of millions of individuals and organizations.BLEEPINGCOMPUTER.COM
29 FebFBI Is Focused on Election Integrity, Misinformation ThreatsAgent Robert K. Tripp on FBI's Approach to Deepfakes, Nation-State Election Threats The U.S. presidential election is still eight months away, but the FBI is already seeing its share of cyberattacks, nation-state threats and AI-generated deepfakes. According to FBI Agent Robert K…DATABREACHTODAY.CO.UK
29 FebCryptohack Roundup: FTX UpdatesAlso: Bitcoin Fog Case Testimony; Axie Infinity Co-Founder Hack This week, progress was made in the FTX case, a hacker testified in the Bitcoin Fog case, an Axie Infinity co-founder and a MicroStrategy account were hacked, the KyberSwap hacker moved funds, the EU has a new AMLA o…DATABREACHTODAY.CO.UK
29 FebRhysida Offers to Sell Children's Hospital Data for $3.4MOne Month Later, Lurie Children's Hospital Still Recovering From Ransomware Attack Ransomware group Rhysida is offering to sell "exclusive data" stolen from a Chicago children's hospital for $3.4 million on the dark web, while the hospital is still struggling to recover its IT sy…DATABREACHTODAY.CO.UK
🕵️ THREAT INTELLIGENCE 17[−]
29 FebPasskeys - beyond passwords and OTP - in 4 minutessubmitted by rimu to cybersecurity 1 points | 1 comments https://www.youtube.com/watch?v=2xdV-xut7EQ Passkeys are a safer and easier alternative to passwords. With passkeys, users can sign in to apps and websites with a biometric sensor (such as a fingerprint or facial recognitio…YOUTUBE.COM
29 FebISC Stormcast For Thursday, February 29th, 2024 https://isc.sans.edu/podcastdetail/8874, (Thu, Feb 29th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
29 Feb'Voltzite' Zaps African Utilities as Part of Volt Typhoon's Onslaughtsubmitted by phreekno to cybersecurity 2 points | 0 comments https://www.darkreading.com/vulnerabilities-threats/voltzite-zaps-african-utilities-volt-typhoon-onslaughtDARKREADING.COM
29 FebResearchers Say Iranian Hackers Targeting Israeli Defense SectorThe cybersecurity firm Mandiant has identified a suspected Iranian hacking group, UNC1549, targeting aerospace and defense industries across the Middle East, including in Israel and the United Arab Emirates.BANKINFOSECURITY.COM
29 FebNew Backdoor Targeting European Officials Linked to Indian Diplomatic EventsA previously undocumented threat actor dubbed SPIKEDWINE has been observed targeting officials in European countries with Indian diplomatic missions using a new backdoor called WINELOADER. The adversary, according to a report from Zscaler ThreatLabz, used a PD…THEHACKERNEWS.COM
29 FebChinese Mini PC Maker Acemagic Ships machines with Malware Pre-installedAcemagic, a Chinese manufacturer of mini PCs, has been found to ship devices laden with malware, raising significant concerns about cybersecurity and consumer safety. Further investigations revealed that other models, including the AD15 and S1, also harbored similar malicious sof…GBHACKERS.COM
29 FebKali Linux 2024.1 Released – What’s NewKali Linux recently released version 2024.1, the first release of the year 2024, with new Micro Mirror free software CDN, a theme refresh, additional Desktop environment changes, NetHunter updates, and four new tools. Kali Linux is one of the most powerful Debian-based Linux dist…GBHACKERS.COM
29 FebReport: Cyber Espionage France’s Top Threat Ahead of 2024 Paris OlympicsThe 2023 Cyber Threat Landscape report from France’s National Cybersecurity Agency (ANSSI) highlights a significant increase in cyber espionage campaigns targeting individuals and non-governmental organizations.INFOSECURITY-MAGAZINE.COM
29 FebHSCC Issues Cyber 'Call to Action' Plan for Health Sectorsubmitted by kid to cybersecurity 2 points | 0 comments https://www.govinfosecurity.com/hscc-issues-cyber-call-to-action-plan-for-health-sector-a-24456 The Health Sector Coordinating Council (HSCC) released a five-year strategic plan (HIC-SP) urging healthcare organizations to en…GOVINFOSECURITY.COM
29 FebIranian Hackers Target Aviation and Defense Sectors in Middle EastAn Iranian threat actor tracked as UNC1549 is abusing Azure infrastructure in attacks targeting organizations in the Middle East. The post Iranian Hackers Target Aviation and Defense Sectors in Middle East appeared first on SecurityWeek .SECURITYWEEK.COM
29 FebRSM US Deploys Stellar Cyber Open XDR Platform to Secure ClientsStellar Cyber, the innovator of Open XDR, today announced that RSM US – the leading provider of professional services to the middle market – is leveraging the Stellar Cyber Open XDR platform to unify, expand and control the cybersecurity defenses across its Global MSSP Client Net…GBHACKERS.COM
29 FebUbiquiti Router Users Urged To Secure Devices Targeted By Russian HackersPACKETSTORMSECURITY.COM
29 FebDiscount Retail Giant Pepco Loses €15 Million to CybercriminalsEuropean discount retailer Pepco has lost €15.5 million as a result of what it described as a phishing attack. The post Discount Retail Giant Pepco Loses €15 Million to Cybercriminals appeared first on SecurityWeek .SECURITYWEEK.COM
29 FebSocial Engineering: AI & Living Off The Land - Jayson E. Street - PSW #818Jayson joins us to discuss how he is using, and social engineering, AI to help with his security engagements. We also talk about the low-tech tools he employs to get the job done, some tech tools that are in play, and the most important part of any security testing: Talking to pe…YOUTUBE.COM
29 Feb'Silver SAML' Haunts Entra ID SIngle Sign On SecurityMoving From AFDS to Avoid 'Golden SAML' Wasn't A Cure-All A post-SolarWinds move away from Active Directory Federation Services to Azure AD - now known as Entra ID - didn't necessarily stop hackers from forging single sign on authentication messages, warn security researchers fro…DATABREACHTODAY.CO.UK
29 FebNews alert: Silence Laboratories raises $4.1M for new privacy-preserving cryptography platformSINGAPORE – Feb. 29, 2024. In the modern age, large companies are wrestling to leverage their customers’ data to provide ever-better AI-enhanced experiences. But a key barrier to leveraging this opportunity is mounting public concern around data privacy, as ever-greater … (…LASTWATCHDOG.COM
🌐 CYBER THREAT LANDSCAPE 7[−]
29 Feb[Guest Diary] Dissecting DarkGate: Modular Malware Delivery and Persistence as a Service., (Thu, Feb 29th)[This is a Guest Diary by John Moutos, an ISC intern as part of the SANS.edu Bachelor&#;39;s Degree in Applied Cybersecurity (BACS) program [1].
ISC.SANS.EDU
29 FebAustralian Spy Chief Fears Critical Infrastructure SabotageAdversaries are actively conducting sophisticated cyber reconnaissance on critical infrastructure networks in Australia, posing a significant threat to national security.THEREGISTER.COM
29 FebCryptojacking is No Longer the Sole Focus of Cloud AttackersCloud-focused malware campaigns are increasingly targeting services like Docker, Redis, Kubernetes, and Jupyter, requiring security teams to reassess their approaches to identifying and responding to emerging cloud threats.HELPNETSECURITY.COM
29 FebEuropean Diplomats Targeted by SPIKEDWINE Actors with WINELOADER BackdoorThe adversary used a PDF file posing as an invitation from the Ambassador of India to a wine-tasting event, which contained a malicious link leading to the WINELOADER malware.ZSCALER.COM
29 FebYour Supply Chain Is Your New Attack SurfaceYour supply chain is your new attack surface, according to Galit Lubetzky Sharon, the co-founder and CEO of Wing Security. She discusses Wing's solution - Secure SaaS Posture Management, or SSPM - that helps organizations ensure that all of their SaaS apps are safe and compliant.DATABREACHTODAY.CO.UK
29 FebNew Bifrost malware for Linux mimics VMware domain for evasionA new Linux variant of the Bifrost remote access trojan (RAT) employs several novel evasion techniques, including the use of a deceptive domain that was made to appear as part of VMware. [...]BLEEPINGCOMPUTER.COM
📡 INFOSEC NEWS 20[−]
29 FebReport: Business Logic Abuse Dominates as API Attacks SurgeAccording to Imperva's State of API Security Report, attacks on the business logic of APIs, including credential stuffing and data scraping, account for the largest share (27%) of API attacks.INFOSECURITY-MAGAZINE.COM
29 FebSilence Laboratories, a cryptographic security startup, secures fundingSilence Laboratories, a startup that builds infrastructure using multiparty computation (MPC) to help enterprises keep data private and safe, said it has raised a $4.1 million funding round. Pi Ventures and Kira Studio co-led the recent funding, which brings its total raised to $…TECHCRUNCH.COM
29 FebUkraine Expects Billion-Dollar Russian Disinformation Campaign to Peak This SpringUkraine's military intelligence has reported that Russia has invested over $1 billion in a disinformation campaign called "Maidan-3" aimed at diminishing Western support for Kyiv and sowing distrust among Ukrainian citizens.THERECORD.MEDIA
29 FebRussian Hacktivists Continue Claiming DDoS DisruptionsRussian hacktivist groups' attacks have minimal impact and are more psychological than kinetic, aiming to degrade confidence in governments and rally support for Russian President Vladimir Putin.BANKINFOSECURITY.COM
29 FebPopular video doorbells can be easily hijacked, researchers findSeveral internet-connected doorbell cameras have a security flaw that allows hackers to take over the camera by just holding down a button, among other issues, according to research by Consumer Reports. On Thursday, the non-profit Consumer Reports published research that detailed…TECHCRUNCH.COM
29 FebBEAST Attack on AI Models can Break LLM Guardrails in a MinuteComputer scientists have developed a fast and efficient method, called BEAST, to generate harmful prompts that elicit undesirable responses from large language models using an Nvidia RTX A6000 GPU with 48GB of memory.THEREGISTER.COM
29 FebReport: Vishing, Smishing, and Phishing Attacks Rise 1,265% Post-ChatGPTAccording to a report by Enea, 76% of enterprises lack sufficient voice and messaging fraud protection as AI-powered vishing and smishing skyrocketed following the launch of ChatGPT.HELPNETSECURITY.COM
29 FebGitHub Besieged By Millions Of Malicious Repositories In Ongoing AttackPACKETSTORMSECURITY.COM
29 FebGitHub Besieged by Millions of Malicious Repositories in Ongoing AttackThe attack involves the automated forking of legitimate repositories, resulting in millions of malicious forks with names identical to the original ones, making detection and removal challenging for GitHub.ARSTECHNICA.COM
29 FebBGE Attack on AES White-Boxes: Extending Blue Galaxy Energy for Decryption and Shuffled StatesWe announce the release of a new version of Blue Galaxy Energy , our white-box cryptanalysis tool implementing the BGE attack against AES. This version addresses the main limitations of the previous version.QUARKSLAB.COM
29 FebSenator Asks FTC to Investigate Automakers’ Data Privacy PracticesSenator Edward Markey has called for an investigation into the data privacy practices of the automotive industry, urging Federal Trade Commission (FTC) Chair Lina Khan to take action.THERECORD.MEDIA
29 FebMicrosoft rolls back decision to stop Windows 11 22H2 preview updatesMicrosoft says that systems running Windows 11 22H2 will continue to receive non-security preview updates after initially stating they would no longer receive them after February 2024. [...]BLEEPINGCOMPUTER.COM
29 FebCitrix, Sophos software impacted by 2024 leap year bugsCitrix and Sophos products have been impacted by leap year flaws, leading to unexpected problems in their products. [...]BLEEPINGCOMPUTER.COM
29 FebWindows 11 'Moment 5' update released, here are the new featuresMicrosoft has released the Windows 11 'Moment 5' update for versions 23H2 and 22H2, starting the rollout of new features, such as Windows Copilot skills and plugins, Voice Access, AI enhancements for ClipChamp and Photos, and Narrator improvements. [...]BLEEPINGCOMPUTER.COM
29 FebGitHub enables push protection by default to stop secrets leakGitHub has enabled push protection by default for all public repositories to prevent accidental exposure of secrets such as access tokens and API keys when pushing new code. [...]BLEEPINGCOMPUTER.COM
29 FebWindows 11 KB5034848 preview update adds USB 80Gbps supportMicrosoft has released the optional KB5034848 Preview cumulative update for Windows 11 23H2 and 22H2, which brings new features, including USB 80Gbps and nineteen other changes and fixes. [...]BLEEPINGCOMPUTER.COM
29 FebWindows 10 KB5034843 update released with 9 new changes, fixesMicrosoft has released the optional KB5034843 Preview cumulative update for Windows 10 22H2 with an updated sharing experience and eight other fixes or changes. [...]BLEEPINGCOMPUTER.COM
29 FebBrave browser launches privacy-focused AI assistant on AndroidBrave Software is the next company to jump into AI, announcing a new privacy-preserving AI assistant called "Leo" is rolling out on the Android version of its browser through the latest release, version 1.63. [...]BLEEPINGCOMPUTER.COM
29 FebA leaky database spilled 2FA codes for the world’s tech giantsA technology company that routes millions of SMS text messages across the world has secured an exposed database that was spilling one-time security codes that may have granted users’ access to their Facebook, Google and TikTok accounts. The Asian technology and internet com…TECHCRUNCH.COM
29 FebFaye’s Journey: From Security PM to Diversity Advocate at MicrosoftFaye, a veteran at Microsoft for 22 years, has had a career as varied as it is long. Her journey began in 2002 as the first desktop security Project Manager (PM) in Microsoft IT. From there, she transitioned into owning a deployment team that deployed to desktops and handled oper…MSRC.MICROSOFT.COM