🐛 COMMON VULNERABILITIES AND EXPOSURES 5[−]
15 MarHackers Exploit Windows SmartScreen Vulnerability to Install DarkGate MalwareThe operators of DarkGate successfully leveraged a patched Windows Defender SmartScreen vulnerability, identified as CVE-2024-21412, as a zero-day attack to disseminate the complex and ever-evolving DarkGate malware. The vulnerability tracked as CVE-2024-21412, with a CVSS base s…GBHACKERS.COM
15 MarResearchers Disclose Proof of Concept for New GhostRace AttackIBM and VU Amsterdam University researchers have published a study on the new GhostRace attack, which exploits Speculative Race Conditions (SRCs) and is tracked as CVE-2024-2193.HEIMDALSECURITY.COM
15 MarPoC for Critical Arcserve UDP Vulnerabilities PublishedArcserve has addressed critical security vulnerabilities (CVE-2024-0799, CVE-2024-0800) in its Unified Data Protection (UDP) solution, which could be exploited to upload malicious files to the underlying Windows system.HELPNETSECURITY.COM
15 MarDarkGate Campaign Leverages Windows SmartScreen Bypass FlawThe DarkGate malware operation launched a new wave of attacks exploiting a recently patched Windows Defender SmartScreen vulnerability (CVE-2024-21412). Trend Micro analysts have reported that DarkGate operators are leveraging this vulnerability to enhance their malware distribut…CYWARE.COM
15 MarGhostRace – New Data Leak Vulnerability Affects Modern CPUsA group of researchers has discovered a new data leakage attack impacting modern CPU architectures supporting speculative execution. Dubbed GhostRace (CVE-2024-2193), it is a variation of the transient execution CPU vulnerability known as Spectre v1 (CVE-2017-5753). The…THEHACKERNEWS.COM
⚠️ VULNERABILITY DISCLOSURE 23[−]
15 Mar5Ghoul Revisited: Three Months Later, (Fri, Mar 15th)About three months ago, I wrote about the implications and impacts of 5Ghoul in a previous diary [1]. The 5Ghoul family of vulnerabilities could cause User Equipment (UEs) to be continuously exploited (e.g. dropping/freezing connections, which would require manual reboo…ISC.SANS.EDU
15 MarRedefining multifactor authentication: Why we need passkeysPersistent threats such as business email compromise (BEC) necessitate an evolution of cybersecurity defenses to protect identities. Transitioning away from a reliance on authenticator apps and IP fencing toward a comprehensive zero-trust framework, incorporating FIDO2 security k…CSOONLINE.COM
15 MarSIM Swappers Hijacking Phone Numbers in eSIM AttacksCybercriminals are bypassing traditional SIM swapping methods by exploiting vulnerabilities in eSIM activation processes and using stolen credentials to initiate the porting of phone numbers to their own devices.BLEEPINGCOMPUTER.COM
15 MarCritical ChatGPT Plugins Flaw Let Attackers Gain Control Over Organization’s AccountThreat actors can exploit ChatGPT’s ecosystem for several illicit purposes, such as crafting prompts to generate malicious code, phishing lures, and disinformation content. Even threat actors can exploit ChatGPT’s exceptional capabilities to craft and launch a multitu…GBHACKERS.COM
15 MarWEF Effort to Disrupt Cybercrime Moves Into Operations PhaseThe Cybercrime Atlas initiative, a collaborative effort involving law enforcement agencies, private-sector firms, and other organizations, aims to disrupt cybercriminals by mapping out relationships between criminal groups and their infrastructure.THEREGISTER.COM
15 MarCisco Fixed High-Severity Elevation of Privilege and DoS BugsCisco recently addressed several high-severity vulnerabilities in its IOS RX software. These vulnerabilities include three high-severity issues that can lead to privilege escalation and trigger denial-of-service (DoS) conditions.SECURITYAFFAIRS.COM
15 MarNew DOD Cyber Policy Office Opening Soon, Sources SayThe Pentagon is set to open its new Office of the Assistant Secretary of Defense for Cyber Policy on March 18. This office is a response to a congressionally mandated effort to elevate the military's focus on cybersecurity.THERECORD.MEDIA
15 MarImproving C++C++ guru Herb Sutter writes about how we can improve the programming language for better security. The immediate problem “is” that it’s Too Easy By Default™ to write security and safety vulnerabilities in C++ that would have been caught by stricter enforcement of know…SCHNEIER.COM
15 MarDiscontinued Security Plugins Expose Many WordPress Sites to TakeoverThousands of WordPress sites are at risk of takeover due to a critical privilege escalation vulnerability in two closed MiniOrange plugins. The post Discontinued Security Plugins Expose Many WordPress Sites to Takeover appeared first on SecurityWeek .SECURITYWEEK.COM
15 MarMultistage RA World Ransomware Exploits Group Policy InfrastructureThe RA World ransomware, previously known as the RA Group, has been a significant threat to organizations worldwide since its emergence in April 2023. Focusing on the healthcare and financial sectors, ransomware has predominantly targeted entities in the United States while also …GBHACKERS.COM
15 MarHow Wi-Fi WPA2 is hacked using PMKID interception | Kaspersky official blogPMKID interception is the simplest, most effective, and least noticeable way to hack Wi-Fi networks. We explain how this attack works and how to defend against it.KASPERSKY.COM
15 MarAlabama Suffered DDoS Cyberattack by Pro-Russian Hacker GroupAlabama's state and city governments have been grappling with cyber incidents and network disruptions, impacting critical systems such as law enforcement's ability to verify stolen vehicles.DARKREADING.COM
15 MarChange Healthcare Locates Ransomware Attack VectorUnitedHealth Group reportedly identified the source of the cyberattack on its subsidiary, Change Healthcare. The company has conducted a forensic analysis and established a safe restore point to move forward with the restoration of data and systems.CYBERSECURITYDIVE.COM
15 MarSophos: Over 75% of Cyber Incidents Target Small BusinessesNew analysis of incident data shows threat actors are evolving their attack techniques to take advantage of budget and resource-strapped small businesses. KNOWBE4.COM
15 MarAddressing Identity-Related Threats in 2024 - Rod Simmons - ESW #353In this interview, we talk to Rod Simmons, the VP of Product Strategy at Omada. We'll discuss the complex topic of securing identities against ever growing threats. We'll discuss challenges like unnecessary access, accounts with too many permissions, and a threat landscape that i…YOUTUBE.COM
15 MarMobSF: Open-Source Security Research Platform for Mobile AppsThe Mobile Security Framework (MobSF) offers both static analysis for mobile app binaries and dynamic analysis for Android and iOS applications, streamlining security assessments.HELPNETSECURITY.COM
15 MarRansomware Groups' Data Leak Blogs Lie: Stop Trusting ThemDon't Let the Quest for Data Lead You to Amplify What Criminals Might Be Claiming For the love of humanity, please stop playing into ransomware groups' hands by treating their data leak blogs as reliable sources of information and then using them to build lists of who's amassed t…DATABREACHTODAY.CO.UK
15 MarMcDonald's: Global outage was caused by "configuration change"McDonald's has blamed a third-party service provider's configuration change, not a cyberattack, for the global outage that forced many of its fast-food restaurants to close. [...]BLEEPINGCOMPUTER.COM
15 MarIMF probing cyber security incident, source says no top managers affectedsubmitted by kid to cybersecurity 1 points | 0 comments https://www.reuters.com/technology/cybersecurity/imf-says-its-investigating-cyber-security-incident-2024-03-15/REUTERS.COM
15 MarInternational Monetary Fund email accounts hacked in cyberattackThe International Monetary Fund (IMF) disclosed a cyber incident on Friday after unknown attackers breached 11 IMF email accounts earlier this year. [...]BLEEPINGCOMPUTER.COM
15 MarNew knowledge base compiles Microsoft Configuration Manager attack techniquesThe Microsoft Configuration Manager (MCM) or System Center Configuration Manager (SCCM) is a powerful technology that system administrators have used to manage computers on Windows networks for almost 30 years. However, SCCM misconfigurations are rampant inside network environmen…CSOONLINE.COM
15 MarIllicit Credentials Marketplace Admin Gets 42-Month SentenceMore Than 350,000 Credentials Were Likely Listed for Sale on the Marketplace A co-administrator of an illicit online marketplace received a 42-month prison sentence in U.S. federal court after pleading guilty to two criminal counts that could have put him in prison for 15 years. …DATABREACHTODAY.CO.UK
15 MarHealthcare still a prime target for cybercrime gangs – Week in security with Tony AnscombeHealthcare organizations remain firmly in attackers' crosshairs, representing 20 percent of all victims of ransomware attacks among critical infrastructure entities in the US in 2023WELIVESECURITY.COM
📢 SECURITY ADVISORIES 5[−]
15 MarIn Other News: CISA Hacked, Chinese Lock Backdoors, Exposed SecretsNoteworthy stories that might have slipped under the radar: CISA hacked via Ivanti vulnerabilities, Chinese electronic lock backdoors, secrets exposed on GitHub. The post In Other News: CISA Hacked, Chinese Lock Backdoors, Exposed Secrets appeared first on SecurityWeek .SECURITYWEEK.COM
15 MarISMG Editors: Inside the Politics of US CybersecurityGuest Grant Schneider on Security and Privacy Bills, AI Integration, CISA Updates In the latest weekly update, Grant Schneider of Venable LLP joined three ISMG editors to discuss the future of U.S. federal cybersecurity and privacy legislation, AI integration and recent CISA deve…DATABREACHTODAY.CO.UK
15 MarPressure Mounts on Meta to Scrap 'Pay or OK' Model in EUEU Lawmakers Say Privacy Shouldn't Be for Sale Facebook's attempt to navigate European privacy regulations by giving users a fee-based opt-out from behavioral advertising triggered backlash from more than a dozen European politicians who accused the social media giant of treating…DATABREACHTODAY.CO.UK
🔥 INCIDENT REPORTING 10[−]
15 MarHackers Claim 740GB of Data Stolen from Viber VOIP PlatformViber, known for its encrypted messaging and voice services, boasts millions of users worldwide who rely on its platform for secure communication. The breach, if confirmed, represents one of the largest in recent history, potentially exposing a vast amount of personal information…GBHACKERS.COM
15 Mar43 Million Possibly Impacted by French Government Agency Data BreachRecent data breach at unemployment agency France Travail (Pôle Emploi) could impact 43 million people. The post 43 Million Possibly Impacted by French Government Agency Data Breach appeared first on SecurityWeek .SECURITYWEEK.COM
15 MarMost Widely Distributed Ransomware Now Evades DetectionStopCrypt ransomware, also known as STOP Djvu, has evolved with a new multi-stage execution process involving shellcodes to evade security tools. Unlike ransomware operations targeting businesses, StopCrypt primarily targets consumers.BLEEPINGCOMPUTER.COM
15 MarThird-Party ChatGPT Plugins Could Lead to Account TakeoversCybersecurity researchers have found that third-party plugins available for OpenAI ChatGPT could act as a new attack surface for threat actors looking to gain unauthorized access to sensitive data. According to new research published by Salt Labs, security flaws found d…THEHACKERNEWS.COM
15 MarScottish Health Service Says ‘Focused and Ongoing Cyber Attack’ May Disrupt ServicesIn response to the cyberattack, Neil Gray, the Scottish health secretary, confirmed that established procedures are being followed to address the situation, and support is being provided to NHS Dumfries and Galloway.THERECORD.MEDIA
15 MarThreat Actors are Turning to Novel Malware as Malicious Attacks RiseA new report by BlackBerry revealed that 62% of industry-related cyberattacks from September to December 2023 were directed at critical infrastructure providers. The use of novel malware saw a 27% increase.CYBERSECURITYDIVE.COM
15 MarAdmin of major stolen account marketplace gets 42 months in prisonMoldovan national Sandu Boris Diaconu has been sentenced to 42 months in prison for operating E-Root, a major online marketplace that sold access to hacked computers worldwide. [...]BLEEPINGCOMPUTER.COM
15 MarHow to verify a data breachOver the years TechCrunch has extensively covered data breaches. In fact, some of our most-read stories have come from reporting on huge data breaches, such as revealing shoddy security practices at startups holding sensitive genetic information through to disproving privacy clai…TECHCRUNCH.COM
15 MarTransforming a Cyber Program in the Aftermath of an AttackIn the aftermath of a ransomware attack several years ago, Hackensack Meridian Health embarked on transforming its cybersecurity program with the support of top leadership and increased funding and staff and by implementing critical security tools and best practices, said CISO Ma…DATABREACHTODAY.CO.UK
🕵️ THREAT INTELLIGENCE 18[−]
15 MarISC Stormcast For Friday, March 15th, 2024 https://isc.sans.edu/podcastdetail/8896, (Fri, Mar 15th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
15 MarRedCurl Group Leverages Windows Component for Cyber EspionageThe attack chain involves phishing emails with malicious attachments, the use of curl and Program Compatibility Assistant (PCA) in Windows to deliver and execute malicious payloads, and unauthorized command execution using Impacket.TRENDMICRO.COM
15 MarGoogle Chrome to Roll Out Real-time Phishing ProtectionGoogle has announced an upgrade to its Safe Browsing technology to provide Chrome users with real-time protection against phishing, malware, and other malicious sites. This enhancement is set to revolutionize how users navigate the web, ensuring safety without compromising privac…GBHACKERS.COM
15 MarteissPodcast: Is your organisation cyber resilient? - 44 minutessubmitted by ashar to security_cpe 1 points | 0 comments https://infosec.pub/pictrs/image/937a2a59-88c7-4f8b-8748-f6a80feefc76.png …buzzsprout.com/…/14651497-teisstalk-is-your-orga… Selecting metrics that best convey the impacts and risks of your strategy to the board How the cha…INFOSEC.PUB
15 MarThreat Detection Report: Cloud Attacks Soar, Mac Threats and Malvertising EscalateRed Canary’s 2024 Threat Detection Report is based on analysis of almost 60,000 threats across 216 petabytes of telemetry from over 1,000 customers’ endpoints. The post Threat Detection Report: Cloud Attacks Soar, Mac Threats and Malvertising Escalate appeared first on SecurityWe…SECURITYWEEK.COM
15 MarRedLine Malware Tops Charts by Hijacking 170M+ Passwords in the Last 6 MonthsThe cybersecurity landscape has been shaken by the discovery that a single piece of malware, known as RedLine, has stolen over 170 million passwords in the past six months. This alarming statistic has placed RedLine at the forefront of cyber threats, accounting for nearly half of…GBHACKERS.COM
15 MarTech Support Firms Agree to $26M FTC Settlement Over Fake ServicesRestoro and Reimage agree to a $26 million settlement after selling fake antivirus and tech services to undercover FTC agents. The post Tech Support Firms Agree to $26M FTC Settlement Over Fake Services appeared first on SecurityWeek .SECURITYWEEK.COM
15 MarFortinet FortiWLM Deep-Dive, IOCs, and the Almost Story of the "Forti Forty"submitted by kid to cybersecurity 1 points | 0 comments https://www.horizon3.ai/attack-research/attack-blogs/fortiwlm-the-almost-story-for-the-forti-forty/HORIZON3.AI
15 MarCisco fixed high-severity elevation of privilege and DoS bugssubmitted by kid to cybersecurity 2 points | 0 comments https://securityaffairs.com/160489/security/cisco-ios-rx-flaws.htmlSECURITYAFFAIRS.COM
15 MarIncrease in the number of phishing messages pointing to IPFS and to R2 buckets - SANS Internet Storm Centersubmitted by kid to cybersecurity 3 points | 0 comments https://isc.sans.edu/diary/Increase+in+the+number+of+phishing+messages+pointing+to+IPFS+and+to+R2+buckets/30744 Blocking R2 buckets could be difficult, since is widely used. IPFS could be blocked to restric p2p and block acc…ISC.SANS.EDU
15 MarIf Social Engineering Accounts for up to 90% of Attacks, Why Is It Ignored?Social engineering and phishing are involved in 70% to 90% of all successful cybersecurity attacks . No other initial root hacking cause comes close.KNOWBE4.COM
15 MarWill AI allow us to finally scale vuln mgmt and threat detection? - ESW #353We don't cover a lot of stories in this week's episode, but we go deep on a few important ones. I'm biased, but I think it's a good one, especially having Darwin's input and encyclopedic knowledge available to us. Also in this week's news: 1. Homomorphic encryption pops up again!…YOUTUBE.COM
15 MarCodezero Raises $3.5 Million for DevOps Security SolutionSecure enterprise microservices development firm Codezero raises $3.5 million in seed funding. The post Codezero Raises $3.5 Million for DevOps Security Solution appeared first on SecurityWeek .SECURITYWEEK.COM
15 MarCynicism, TikTok, Redline, Securam, Ghostrace, eSim Swaps, Aaran Leyland, and More - SWN #369Cynicism, TikTok, Redline, Securam, Ghostrace, MicroOrange, eSim Swaps, Aaran Leyland, and More on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-369YOUTUBE.COM
15 MarWhy DDoS Threat Actors Are Shifting Their Tacticssubmitted by kid to cybersecurity 2 points | 0 comments https://www.infosecurity-magazine.com/opinions/ddos-threat-actors-tactics/INFOSECURITY-MAGAZINE.COM
15 MarFriday Squid Blogging: Operation SquidOperation Squid found 1.3 tons of cocaine hidden in frozen fish. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here .SCHNEIER.COM
15 MarAI-Led Edge Computing Spends to Reach $350B SoonEdge Is Set to Play a Pivotal Role in AI Deployment, Says IDC Forecast Artificial intelligence is turning everything it touches into a golden investment opportunity. Edge computing - which is set to play a pivotal role in deploying AI, according to International Data Corp. - is i…DATABREACHTODAY.CO.UK
15 MarPentagon Appoints New Chief Artificial Intelligence OfficerRadha Plumb Set to Replace the Defense Department’s First-Ever Chief AI Officer The Department of Defense has announced its inaugural Chief Digital and Artificial Intelligence Officer Craig Martell is stepping down from his role after establishing the office as a small but influe…DATABREACHTODAY.CO.UK
🌐 CYBER THREAT LANDSCAPE 3[−]
15 MarMalicious Ads Targeting Chinese Users with Fake Notepad++ and VNote InstallersChinese users looking for legitimate software such as Notepad++ and VNote on search engines like Baidu are being targeted with malicious ads and bogus links to distribute trojanized versions of the software and ultimately deploy Geacon, a Golang-based implementation of Cobal…THEHACKERNEWS.COM
15 MarFTC Investigation Shuts Down Suspected Antivirus ScamTech support businesses Restoro and Reimage settled with the FTC for $26 million after being accused of using scare tactics to swindle consumers out of money for unnecessary services.THEREGISTER.COM
15 MarScareware scam: Restoro and Reimage fined $26 million by FTCTwo firms have been fined $26 million by the US Federal Trade Commission (FTC) for scaring consumers into believing their computers were infected by malware. Read more in my article on the Hot for Security blog.BITDEFENDER.COM
🎙️ PODCASTS 1[−]
15 MarKubernetes bug allows remote execution in Windows nodes: Cyber Security Today for Friday, March 15, 2024Google adds real time phishing protection to Chrome. A security bug is found in Kubernetes that allows attackers to remotely execute code on Windows nodes. The French government suffers an enormous cyber-attack and vulnerabilities in ChatGPT plug-ins. Welcome to Cybersecurity Tod…CYBERSECURITYTODAY.LIBSYN.COM
📡 INFOSEC NEWS 17[−]
15 MarGoogle Introduces Enhanced Real-Time URL Protection for Chrome UsersGoogle on Thursday announced an enhanced version of Safe Browsing to provide real-time, privacy-preserving URL protection and safeguard users from visiting potentially malicious sites. “The Standard protection mode for Chrome on desktop and iOS will check sites against …THEHACKERNEWS.COM
15 MarNew Report Suggests Surge in SaaS Assets, Employee Data SharingSecurity researchers at DoControl observed a significant rise in software-as-a-service (SaaS) assets, with an average of 286,000 new assets generated weekly in 2023, representing an 189% surge from the previous year.INFOSECURITY-MAGAZINE.COM
15 MarTikTok Faces US Ban as House Votes to Compel ByteDance to SellThe US House of Representatives has passed a bill requiring ByteDance, the parent company of TikTok, to sell the social media platform within 165 days or face a complete ban in the United States.INFOSECURITY-MAGAZINE.COM
15 MarFCC Adopts Voluntary ‘Cyber Trust Mark’ Labeling Rule for IoT DevicesThe FCC intends for the label to apply to a range of products, including home security cameras, internet-connected appliances, fitness trackers, garage door openers, baby monitors, and voice-activated devices.THERECORD.MEDIA
15 MarGoogle Safe Browsing Makes Real-Time Protection PrivateThe Standard version of Safe Browsing has been updated to support real-time data lookup, as many unsafe sites exist for less than 10 minutes, slipping through locally stored lists.THEREGISTER.COM
15 MarMcDonald's IT systems outage impacts restaurants worldwideMcDonald's restaurants are suffering global IT outages that prevent employees from taking orders and accepting payments, causing some stores to close for the day. [...]BLEEPINGCOMPUTER.COM
15 MarFormer telecom manager admits to doing SIM swaps for $1,000A former manager at a telecommunications company in New Jersey pleaded guilty to conspiracy charges for accepting money to perform unauthorized SIM swaps that enabled an accomplice to hack customer accounts. [...]BLEEPINGCOMPUTER.COM
15 MarWhy Are There Fewer Women Than Men in Cybersecurity?How Society, Education and the Workplace Contribute to Underrepresentation The underrepresentation of women in cybersecurity is a complex issue. The reasons behind it include stereotypes and biases, educational barriers, workplace culture, and the lack of visibility and role mode…DATABREACHTODAY.CO.UK
15 MarMicrosoft announces Office LTSC 2024 preview starting next monthMicrosoft announced that Office LTSC 2024, the next Office LTSC release, will enter a commercial preview phase starting next month and will be generally available later this year. [...]BLEEPINGCOMPUTER.COM
15 MarPornHub now also blocks Texas over age verification lawsPornHub has now added Texas to its blocklist, preventing users in the state from accessing its site in protest of age verification laws. [...]BLEEPINGCOMPUTER.COM
15 MarUS moves to recover $2.3 million from "pig butchers" on BinanceThe U.S. Department of Justice (DoJ) is recovering $2.3 million worth of cryptocurrency linked to a "pig butchering" fraud scheme that victimized at least 37 people across the United States. [...]BLEEPINGCOMPUTER.COM
15 MarProtecting Medical Devices Against Future CyberthreatsHealthcare organizations and makers of medical devices need to think about how to safeguard their critical medical gear against future cyberthreats, including the looming dangers posed by quantum computing, said Mike Nelson, global vice president of digital trust at security firm…DATABREACHTODAY.CO.UK
15 MarWhy Wiz Wants to Buy Cloud Startup Gem Security for $350MWiz May Not Need More Cash for Its 2nd Deal in 4 Months Since It Has $900M on Hand Wiz is reportedly set to buy centralized cloud threat management vendor Gem Security for $350 million, Bloomberg reported this week. The deal would come just four months after Wiz made its first-ev…DATABREACHTODAY.CO.UK