matlock.ca // THREAT INTELLIGENCE

100Articles

8Categories

2024-03-05Date

🚨

CISA Adds Two Known Exploited Vulnerabilities to CatalogCISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2023-21237 Android Pixel Information Disclosure Vulnerability CVE-2021-36380 Sunhillo SureLine OS Command Injection Vulnerablity These types…

KEVCISA.GOV — Tue, 05 Mar 24 1

🐛

Critical JetBrains TeamCity On-Premises Flaws Could Lead to Server Takeovers

THEHACKERNEWS.COM — 05 Mar 2024

🐛

Exploit Available for New Critical JetBrains TeamCity Authentication Bypass Bug, Patch Now

BLEEPINGCOMPUTER.COM — 05 Mar 2024

🐛

TeamCity hit by critical software supply chain bugs

CSOONLINE.COM — 05 Mar 2024

🐛

Apple Releases iOS/iPadOS Updates with Zero Day Fixes., (Tue, Mar 5th)

ISC.SANS.EDU — 05 Mar 2024

⚠️

How the Application ‘XHelper’ Is Powering the Indian Money-Laundering Gig Economy

THERECORD.MEDIA — 05 Mar 2024

⚠️

143: Jim Hates Scams

DARKNETDIARIES.COM — 05 Mar 2024

⚠️

How GenAI helps entry-level SOC analysts improve their skills

CSOONLINE.COM — 05 Mar 2024

⚠️

CACTUS Hackers Exploiting Software Bug to Attack Corporate Networks

GBHACKERS.COM — 05 Mar 2024

⚠️

TA577 Exploits NTLM Authentication Vulnerability

INFOSECURITY-MAGAZINE.COM — 05 Mar 2024

⚠️

Securing Software Repositories Leads to Better OSS Security

HELPNETSECURITY.COM — 05 Mar 2024

⚠️

ScreenConnect Flaws Exploited to Drop New ToddleShark Malware

BLEEPINGCOMPUTER.COM — 05 Mar 2024

⚠️

Open Source IDS - Security Onion 2.4

SECURITYONIONSOLUTIONS.COM — 5 Mar 2024

⚠️

Critical Vulnerability Exposes TeamCity Servers to Takeover

SECURITYWEEK.COM — 05 Mar 2024

⚠️

Zeek Security Tool Vulnerabilities Allow ICS Network Hacking

SECURITYWEEK.COM — 05 Mar 2024

⚠️

Self-Propagating Worm Created to Target Generative AI Systems

INFOSECURITY-MAGAZINE.COM — 5 Mar 2024

⚠️

ALPHV BlackCat New Leak Site Seized by Authorities

GBHACKERS.COM — 05 Mar 2024

⚠️

Nepali Hacker Tops Hall of Fame by Reporting Facebook's Zero-Click Flaw

HACKREAD.COM — 5 Mar 2024

⚠️

An Air Force Employee Shared Highly Classified Data Via Dating App

PACKETSTORMSECURITY.COM — 05 Mar 2024

⚠️

Hackers Exploited Windows 0-Day For 6 Months After Microsoft Knew About It

PACKETSTORMSECURITY.COM — 05 Mar 2024

⚠️

CISA Releases Three Industrial Control Systems Advisories

CISA.GOV — Tue, 05 Mar 24 1

⚠️

Hackers abuse QEMU to covertly tunnel network traffic in cyberattacks

BLEEPINGCOMPUTER.COM — 05 Mar 2024

⚠️

Hackers Exploit ConnectWise ScreenConnect Flaws to Deploy TODDLERSHARK Malware

THEHACKERNEWS.COM — 05 Mar 2024

⚠️

Why Your Firewall Will Kill You, (Tue, Mar 5th)

ISC.SANS.EDU — 05 Mar 2024

⚠️

Cyberattack Forces Canada’s Financial Intelligence Agency to Take Systems Offline

THERECORD.MEDIA — 05 Mar 2024

⚠️

JetBrains' TeamCity Bugs Could Lead to Server Takeover

DATABREACHTODAY.CO.UK — 2024-03-05

⚠️

The Simple Mistakes and Complex Seeds of a Vulnerability Management Program - Emily Fox - ASW #275

YOUTUBE.COM — 2024-03-05

⚠️

Apple Blunts Zero-Day Attacks With iOS 17.4 Update

SECURITYWEEK.COM — 05 Mar 2024

⚠️

Apple fixes two new iOS zero-days exploited in attacks on iPhones

BLEEPINGCOMPUTER.COM — 05 Mar 2024

⚠️

CrowdStrike to Buy Israeli Data Defense Vendor Flow Security

DATABREACHTODAY.CO.UK — 2024-03-05

⚠️

Germany Rules Out Russian Hack in Military Data Leak

DATABREACHTODAY.CO.UK — 2024-03-05

⚠️

Multiple Vulnerabilities in Apple Products Could Allow for Privilege Escalation.

CISECURITY.ORG — 05 Mar 2024

📢

Ukraine Claims it Hacked Russian Ministry of Defense Servers

BLEEPINGCOMPUTER.COM — 05 Mar 2024

📢

SolarWinds security advisory (AV24-120)

CYBER.GC.CA — 2024-03-05

📢

A Printout on Secure by Design When Utilizing 3rd Parties - Bryan Willett - CSP #164

YOUTUBE.COM — 2024-03-05

📢

VMware security advisory (AV24-122)

CYBER.GC.CA — 2024-03-05

📢

JetBrains security advisory (AV24-121)

CYBER.GC.CA — 2024-03-05

📢

Secure SaaS applications with Valence Security and Microsoft Security

MICROSOFT.COM — 05 Mar 2024

🔥

Iowa Electric, Water Utility Says Information of Nearly 37,000 Leaked in January Ransomware Attack

THERECORD.MEDIA — 05 Mar 2024

🔥

Over 225,000 Compromised ChatGPT Credentials Up for Sale on Dark Web Markets

THEHACKERNEWS.COM — 05 Mar 2024

🔥

Amex Customer Data Exposed in Third-Party Breach

DARKREADING.COM — 5 Mar 2024

🔥

RA World Ransomware Attack Windows Using Hacked Domain Control & Anti-AV Tactics

GBHACKERS.COM — 05 Mar 2024

🔥

American Express Discloses Data Breach

SECURITYWEEK.COM — 05 Mar 2024

🔥

Update: BlackCat Ransomware Turns off Servers Amid Claim They Stole $22 Million Ransom

BLEEPINGCOMPUTER.COM — 05 Mar 2024

🔥

American Express Data Breach Exposed Customer Data

PACKETSTORMSECURITY.COM — 05 Mar 2024

🔥

BlackCat ransomware shuts down in exit scam, blames the "feds"

BLEEPINGCOMPUTER.COM — 05 Mar 2024

🔥

GhostLocker 2.0 Haunts Businesses Across Middle East, Africa, and Asia

DARKREADING.COM — 05 Mar 2024

🔥

Sophos Guidance on CIRCIA

SOPHOS.COM — 05 Mar 2024

🔥

Mr. Green Gaming Suffers Data Breach, Exposing Personal Information of 27,000 Users

THECYBEREXPRESS.COM — 05 Mar 2024

🔥

How to Improve Health Data Breach Response Planning

DATABREACHTODAY.CO.UK — 2024-03-05

🔥

A New Self-Spreading, Zero-Click Gen AI Worm Has Arrived!

DATABREACHTODAY.CO.UK — 2024-03-05

🕵️

ISC Stormcast For Tuesday, March 5th, 2024 https://isc.sans.edu/podcastdetail/8880, (Tue, Mar 5th)

ISC.SANS.EDU — 05 Mar 2024

🕵️

GTPDOOR – Previously Unknown Linux Malware Attack Telecom Networks

GBHACKERS.COM — 05 Mar 2024

🕵️

Discord military leaker pleads guilty, gets 16 years

CYBERNEWS.COM — 5 Mar 2024

🕵️

Warning: Thread Hijacking Attack Targets IT Networks, Stealing NTLM Hashes

THEHACKERNEWS.COM — 05 Mar 2024

🕵️

Accelerate Your Cybersecurity Transformation at Ignite On Tour

PALOALTONETWORKS.COM — 05 Mar 2024

🕵️

Cybercriminals Using Novel DNS Hijacking Technique for Investment Scams

THEHACKERNEWS.COM — 05 Mar 2024

🕵️

South Korea Says Semiconductor Industry Targeted by Cyber-Spies From North Korea

THERECORD.MEDIA — 05 Mar 2024

🕵️

Phishers Abusing Legitimate but Neglected Domains To Pass DMARC Checks

KNOWBE4.COM — 05 Mar 2024

🕵️

Phishing Kit Targets the FCC and Crypto Exchanges

KNOWBE4.COM — 05 Mar 2024

🕵️

The Insecurity of Video Doorbells

SCHNEIER.COM — 2024-03-05

🕵️

Hacktivist Collective NoName057(16) Strikes European Targets

INFOSECURITY-MAGAZINE.COM — 05 Mar 2024

🕵️

Axonius Raises $200M, Aims to Guard More Asset Types Via M&A

DATABREACHTODAY.CO.UK — 2024-03-05

🕵️

CyberheistNews Vol 14 #10 [SCARY] You Knew About OSINT, But Did You Know About ADINT?

KNOWBE4.COM — 05 Mar 2024

🕵️

From federation to fabric: IAM’s evolution

SECURITYINTELLIGENCE.COM — 05 Mar 2024

🕵️

Axonius Banks $200 Million in Late-Stage Funding

SECURITYWEEK.COM — 05 Mar 2024

🕵️

Investment Firm Team8 Raises Additional $500 Million

SECURITYWEEK.COM — 05 Mar 2024

🕵️

Cybersecurity M&A Roundup: 27 Deals Announced in February 2024

SECURITYWEEK.COM — 05 Mar 2024

🕵️

Microsoft and OpenAI Team Up to Block Threat Actor Access to AI

KNOWBE4.COM — 05 Mar 2024

🕵️

Dtex Systems Snags $50M from Alphabet’s CapitalG

SECURITYWEEK.COM — 05 Mar 2024

🕵️

Cloudflare Introduces AI Security Solutions

SECURITYWEEK.COM — 05 Mar 2024

🕵️

How to Create a Sandbox Environment For Malware Analysis – A Complete Guide

GBHACKERS.COM — 05 Mar 2024

🕵️

VMware Patches Critical ESXi Sandbox Escape Flaws

SECURITYWEEK.COM — 05 Mar 2024

🕵️

TA577 Now Focusing on NT LAN Manager Authentication Theft

DATABREACHTODAY.CO.UK — 2024-03-05

🕵️

SAML & Secrets, Serializing AI Models, OWASP ISTG, More Memory Safety - ASW #275

YOUTUBE.COM — 2024-03-05

🕵️

US Sanctions Spyware Company and Executives Who Targeted American Journalists, Government Officials

SECURITYWEEK.COM — 05 Mar 2024

🕵️

ToddleShark, Zeek, Stuxnet revisited, ICS, AMEX, Apple, Change, Josh Marpet, and More - SWN #366

YOUTUBE.COM — 2024-03-05

🕵️

Hornetsecurity Buys Vade to Fuel Strength in France, Germany

DATABREACHTODAY.CO.UK — 2024-03-05

🌐

Report: 95% Believe LLMs Making Phishing Detection More Challenging

HELPNETSECURITY.COM — 05 Mar 2024

🌐

Self-Propagating Worm Created to Target Generative AI Systems

INFOSECURITY-MAGAZINE.COM — 05 Mar 2024

🌐

Zeek Security Tool Vulns Allow ICS Network Hacking

PACKETSTORMSECURITY.COM — 05 Mar 2024

🌐

US sanctions founder of spyware maker Intellexa for targeting Americans

TECHCRUNCH.COM — 05 Mar 2024

🌐

New CHAVECLOAK Banking Trojan Targets Brazilians via Malicious PDFs

HACKREAD.COM — 05 Mar 2024

🌐

U.S. sanctions Predator spyware operators for spying on Americans

BLEEPINGCOMPUTER.COM — 05 Mar 2024

🌐

New WogRAT malware abuses online notepad service to store malware

BLEEPINGCOMPUTER.COM — 05 Mar 2024

📡

GitHub Push Protection Now on by Default for Public Repositories

HELPNETSECURITY.COM — 05 Mar 2024

📡

The Impact of Organizational Structure on Cybersecurity Outcomes

SOPHOS.COM — 05 Mar 2024

📡

Update: Optum Offering Financial Aid to Some Providers Hit by Outage

BANKINFOSECURITY.COM — 05 Mar 2024

📡

What is Exposure Management and How Does it Differ from ASM?

THEHACKERNEWS.COM — 05 Mar 2024

📡

Axonius, a specialist in cyber asset managment, secures $200M at a flat $2.6B valuation

TECHCRUNCH.COM — 05 Mar 2024

📡

Protecting surveillance cameras and smart doorbells from intruders | Kaspersky official blog

KASPERSKY.COM — 05 Mar 2024

📡

Discord Leaker Jack Teixeira Pleads Guilty, Seeks Light 11-Year Sentence

PACKETSTORMSECURITY.COM — 05 Mar 2024

📡

JetBrains TeamCity Multiple Authentication Bypass Vulnerabilities

PACKETSTORMSECURITY.COM — 05 Mar 2024

📡

Passwords are Costing Your Organization Money - How to Minimize Those Costs

BLEEPINGCOMPUTER.COM — 05 Mar 2024

📡

Facebook and Instagram outage logs out users, passwords not working

BLEEPINGCOMPUTER.COM — 05 Mar 2024

📡

Microsoft is killing off the Android apps in Windows 11 feature

BLEEPINGCOMPUTER.COM — 05 Mar 2024

📡

Security tips for organizations with remote workers - ITSAP.10.016

CYBER.GC.CA — 2024-03-05

📡

How NOT to Lead

DATABREACHTODAY.CO.UK — 2024-03-05

📡

NSA shares zero-trust guidance to limit adversaries on the network

BLEEPINGCOMPUTER.COM — 05 Mar 2024

📡

Irresistible: Hooks, habits and why you can’t put down your phone

WELIVESECURITY.COM — 05 Mar 2024