matlock.ca // THREAT INTELLIGENCE

113Articles

8Categories

2024-03-22Date

🐛

TeamCity Vulnerability Exploits Leads to Surge in Ransomware Attacks

GBHACKERS.COM — 22 Mar 2024

🐛

Bringing Access Back — Initial Access Brokers Exploit F5 BIG-IP (CVE-2023-46747) and ScreenConnect | Mandiant

MANDIANT.COM — 22 Mar 2024

🐛

Critical Vulnerabilities fixed in Firefox 124.0.1

MOZILLA.ORG — 22 Mar 2024

🐛

Exploit available for critical flaw in FortiClient Server

KEVCSOONLINE.COM — 22 Mar 2024

🐛

CVE-2024-26247 Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability

MSRC.MICROSOFT.COM — 22 Mar 2024

🐛

CVE-2024-29057 Microsoft Edge (Chromium-based) Spoofing Vulnerability

MSRC.MICROSOFT.COM — 22 Mar 2024

🐛

Chromium: CVE-2024-2625 Object lifecycle issue in V8

MSRC.MICROSOFT.COM — 22 Mar 2024

🐛

Chromium: CVE-2024-2626 Out of bounds read in Swiftshader

MSRC.MICROSOFT.COM — 22 Mar 2024

🐛

Chromium: CVE-2024-2627 Use after free in Canvas

MSRC.MICROSOFT.COM — 22 Mar 2024

🐛

Chromium: CVE-2024-2628 Inappropriate implementation in Downloads

MSRC.MICROSOFT.COM — 22 Mar 2024

🐛

Chromium: CVE-2024-2629 Incorrect security UI in iOS

MSRC.MICROSOFT.COM — 22 Mar 2024

🐛

Chromium: CVE-2024-2630 Inappropriate implementation in iOS

MSRC.MICROSOFT.COM — 22 Mar 2024

🐛

Chromium: CVE-2024-2631 Inappropriate implementation in iOS

MSRC.MICROSOFT.COM — 22 Mar 2024

🐛

CVE-2024-29059 .NET Framework Information Disclosure Vulnerability

MSRC.MICROSOFT.COM — 22 Mar 2024

⚠️

Lots Of Funding News, Airbus Says No, and Cato Networks Going IPO? - ESW #354

YOUTUBE.COM — 2024-03-22

⚠️

Top 5 Myths About API Security and What to Do Instead - Robert Dickinson - ESW #354

YOUTUBE.COM — 2024-03-22

⚠️

_Half of North Korea's foreign currency income comes from cyberattacks

SH.ITJUST.WORKS — 22 Mar 2024

⚠️

Hackers earn $1,132,500 for 29 zero-days at Pwn2Own Vancouver

BLEEPINGCOMPUTER.COM — 22 Mar 2024

⚠️

Researchers Propose An Invisible Backdoor Attack Dubbed DEBA

GBHACKERS.COM — 22 Mar 2024

⚠️

Unsaflok Vulnerability Lets Hackers Open 3M+ Hotel Doors in Seconds

GBHACKERS.COM — 22 Mar 2024

⚠️

FlowFixation Account Takeover Vulnerability Impacts AWS Managed Apache Airflow Service

TENABLE.COM — 22 Mar 2024

⚠️

TinyTurla Evolved TTPs To Stealthly Attack Enterprise Organizations

GBHACKERS.COM — 22 Mar 2024

⚠️

Cyber Security Today, March 22, 2024 - Mac CPUs are vulnerable to encrypted key theft, white hat hackers win a second Tesla, and more

CYBERSECURITYTODAY.LIBSYN.COM — 22 Mar 2024

⚠️

Windows 11, Tesla, and Ubuntu Linux Hacked at Pwn2Own Vancouver

BLEEPINGCOMPUTER.COM — 22 Mar 2024

⚠️

API Environments Becoming Hotspots for Exploitation

HELPNETSECURITY.COM — 22 Mar 2024

⚠️

DHCP Hacked to Escalate Privileges in Windows Domains

GBHACKERS.COM — 22 Mar 2024

⚠️

Tesla, OS, Software Exploits Earn Hackers $1.1 Million at Pwn2Own 2024

SECURITYWEEK.COM — 22 Mar 2024

⚠️

One-Click AWS Vulnerability Let Attackers Takeover User’s Web Management Panel

GBHACKERS.COM — 22 Mar 2024

⚠️

Exploit Released For Critical Fortinet RCE Flaw: Patch Soon!

GBHACKERS.COM — 22 Mar 2024

⚠️

Chinese Government Hacker Exploiting Screenconnect, F5 Bugs To Attack Defense and Government Entities

THERECORD.MEDIA — 22 Mar 2024

⚠️

Google Pays $10M in Bug Bounties in 2023

SCHNEIER.COM — 2024-03-22

⚠️

Implementing Zero Trust Controls for Compliance

THEHACKERNEWS.COM — 22 Mar 2024

⚠️

Understanding and Responding to Distributed Denial-Of-Service Attacks | CISA

CISA.GOV — 22 Mar 2024

⚠️

Saflok Lock Vulnerability Can Be Exploited to Open Millions of Doors

SECURITYWEEK.COM — 22 Mar 2024

⚠️

GitHub’s New AI-Powered Tool Auto-Fixes Vulnerabilities in Your Code

BLEEPINGCOMPUTER.COM — 22 Mar 2024

⚠️

FBI and CISA warn government systems against increased DDoS attacks

CSOONLINE.COM — 22 Mar 2024

⚠️

AWS Patches Critical 'FlowFixation' Bug in Airflow Service to Prevent Session Hijacking

THEHACKERNEWS.COM — 22 Mar 2024

⚠️

WebCopilot: Open-Source Automation Tool Enumerates Subdomains, Detects Bugs

HELPNETSECURITY.COM — 22 Mar 2024

⚠️

Luxury Yacht Dealer Attack Claimed by Rhysida Gang

THEREGISTER.COM — 22 Mar 2024

⚠️

Apple M-Series Chip Vulnerability Puts Encryption Keys at Risk

THECYBEREXPRESS.COM — 22 Mar 2024

⚠️

Mozilla fixes two Firefox zero-day bugs exploited at Pwn2Own

BLEEPINGCOMPUTER.COM — 22 Mar 2024

⚠️

Mozilla Drops Onerep After CEO Admits to Running People-Search Networks

KREBSONSECURITY.COM — 22 Mar 2024

⚠️

Likely Chinese Hacking Contractor Is Quick to Exploit N-Days

DATABREACHTODAY.CO.UK — 2024-03-22

📋

Microsoft releases emergency fix for Windows Server crashes

BLEEPINGCOMPUTER.COM — 22 Mar 2024

📢

US Government Issues New DDoS Mitigation Guidance

SECURITYWEEK.COM — 22 Mar 2024

📢

US cyber investors pledge spyware is off limits — with a catch

TECHCRUNCH.COM — 22 Mar 2024

📢

Mozilla security advisory (AV24-155)

CYBER.GC.CA — 2024-03-22

📢

CISA, DC HSEMA and Regional Partners Conduct Exercise to Ensure National Capital Region Water Service Resilience

CISA.GOV — Fri, 22 Mar 24 1

🔥

MediaWorks - 162,710 breached accounts

HAVEIBEENPWNED.COM — 22 Mar 2024

🔥

Change Healthcare Cyberattack Could Damage Credit at Small Providers: Fitch

CYBERSECURITYDIVE.COM — 22 Mar 2024

🔥

RaaS Groups Increasing Efforts to Recruit Affiliates

HELPNETSECURITY.COM — 22 Mar 2024

🔥

IAG Warns Air Europa’s Consumers of Personal Data Leak

WSJ.COM — 22 Mar 2024

🔥

Jacksonville Beach Report Data Breach Following Cyberattacks

THERECORD.MEDIA — 22 Mar 2024

🔥

Philips Respironics Notifies the HHS-OCR of Data Breach Affecting 457,152 Individuals | JD Supra

JDSUPRA.COM — 22 Mar 2024

🔥

China-Linked Group Breaches Networks via Connectwise, F5 Software Flaws

THEHACKERNEWS.COM — 22 Mar 2024

🔥

Massive Sign1 Campaign Infects 39,000+ WordPress Sites with Scam Redirects

THEHACKERNEWS.COM — 22 Mar 2024

🔥

NDSS Symposium 2023

INFOSEC.PUB — 22 Mar 2024

🔥

Fake Data Breaches: Countering the Damage

HELPNETSECURITY.COM — 22 Mar 2024

🔥

South China Athletic Association Suffers Cyberattack Potentially Compromising 70,000 Members’ Data

THECYBEREXPRESS.COM — 22 Mar 2024

🔥

Ransomware Group Takes Credit for Attack on Boat Dealer MarineMax

SECURITYWEEK.COM — 22 Mar 2024

🔥

Report: Malware Stands Out as the Fastest-Growing Threat of 2024

HELPNETSECURITY.COM — 22 Mar 2024

🔥

New Details on TinyTurla’s Post-Compromise Activity Reveal Full Kill Chain

TALOSINTELLIGENCE.COM — 22 Mar 2024

🔥

Cyber Security Today, Week in Review for week ending Friday, March 22, 2024

CYBERSECURITYTODAY.LIBSYN.COM — 22 Mar 2024

🔥

Nursing Home Declares Bankruptcy, Blames Recent Cyberattacks

DATABREACHTODAY.CO.UK — 2024-03-22

🔥

Russian APT Releases More Deadly Variant of AcidRain Wiper Malware

DARKREADING.COM — 22 Mar 2024

🕵️

GoFetch: Breaking Constant-Time Cryptographic Implementations Using Data Memory-Dependent Prefetchers

GOFETCH.FAIL — 22 Mar 2024

🕵️

ISC Stormcast For Friday, March 22nd, 2024 https://isc.sans.edu/podcastdetail/8906, (Fri, Mar 22nd)

ISC.SANS.EDU — 22 Mar 2024

🕵️

Russian Hackers Target Ukrainian Telecoms with Upgraded 'AcidPour' Malware

THEHACKERNEWS.COM — 22 Mar 2024

🕵️

Attackers are targeting financial departments with SmokeLoader malware - Help Net Security

HELPNETSECURITY.COM — 22 Mar 2024

🕵️

BlueFlag Security Emerges From Stealth With $11.5M in Funding

SECURITYWEEK.COM — 22 Mar 2024

🕵️

New ‘GoFetch’ Apple CPU Attack Exposes Crypto Keys

SECURITYWEEK.COM — 22 Mar 2024

🕵️

Security Brief: TA450 Uses Embedded Links in PDF Attachments in Latest Campaign | Proofpoint US

PROOFPOINT.COM — 22 Mar 2024

🕵️

Microsoft Warns of New Tax Returns Phishing Scams Targeting You

HACKREAD.COM — 22 Mar 2024

🕵️

39,000 Websites Infected in ‘Sign1’ Malware Campaign

SECURITYWEEK.COM — 22 Mar 2024

🕵️

Munich Cyber Security Conferencec 2024 - 18 talks

INFOSEC.PUB — 22 Mar 2024

🕵️

Truck-to-truck worm could infect entire US fleet

THEREGISTER.COM — 22 Mar 2024

🕵️

‘Brain Weasels’: Impostor Syndrome in Cybersecurity

SECURITYWEEK.COM — 22 Mar 2024

🕵️

In Other News: Google’s PQC Threat Model, Keyboard Sounds Expose Data, AI Roadmap

SECURITYWEEK.COM — 22 Mar 2024

🕵️

Russian APT29 Hackers Caught Targeting German Political Parties

SECURITYWEEK.COM — 22 Mar 2024

🕵️

UN Adopts Resolution Backing Efforts to Ensure Artificial Intelligence is Safe

SECURITYWEEK.COM — 22 Mar 2024

🕵️

Why You Need a Battle-Tested PAM Solution

DATABREACHTODAY.CO.UK — 2024-03-22

🕵️

Solving SandboxAQ's Post-Quantum Crypto CTF

QUARKSLAB.COM — 2024-03-22

🕵️

Thousands of WordPress sites impacted by Sign1 malware campaign

SCMAGAZINE.COM — 22 Mar 2024

🕵️

Russian APT29 Hackers Caught Targeting German Political Parties

PACKETSTORMSECURITY.COM — 22 Mar 2024

🕵️

ISMG Editors: How Will the Quantum Era Reshape Cybersecurity?

DATABREACHTODAY.CO.UK — 2024-03-22

🕵️

Identity Security Clinic

DATABREACHTODAY.CO.UK — 2024-03-22

🕵️

Russian hackers target German political parties with WineLoader malware

BLEEPINGCOMPUTER.COM — 22 Mar 2024

🕵️

Robots, UDP, GoFetch, DCs, Pwn2Own, Verner Vinge, Reddit, Aaran Leyland, and More - SWN #371

YOUTUBE.COM — 2024-03-22

🕵️

Detecting a tracker pixel/image in email

INFOSEC.PUB — 22 Mar 2024

🕵️

Biden's Economic Team Warns of AI Risks and Job Displacement

DATABREACHTODAY.CO.UK — 2024-03-22

🕵️

Friday Squid Blogging: New Species of Squid Discovered

SCHNEIER.COM — 2024-03-22

🕵️

Russian Nation-State Hacker Targets German Political Parties

DATABREACHTODAY.CO.UK — 2024-03-22

🕵️

GitLab Acquires Oxeye to Bolster SAST in DevSecOps Workflow

DATABREACHTODAY.CO.UK — 2024-03-22

🕵️

Security expert Chris Krebs on TikTok, AI and the key to survival (part 2)

VENTUREBEAT.COM — 22 Mar 2024

🌐

New Sysrv Botnet Variant Makes Use of Google Subdomain to Spread XMRig Miner

IMPERVA.COM — 22 Mar 2024

🌐

AceCryptor attacks surge in Europe – Week in security with Tony Anscombe

WELIVESECURITY.COM — 22 Mar 2024

📡

DOJ calls Apple’s privacy justifications an ‘elastic shield’ for financial gains

TECHCRUNCH.COM — 22 Mar 2024

📡

U.S. Justice Department Sues Apple Over Monopoly and Messaging Security

THEHACKERNEWS.COM — 22 Mar 2024

📡

Red Teaming in the AI Era

HELPNETSECURITY.COM — 22 Mar 2024

📡

Nemesis Darknet Marketplace Raided in Germany-Led Operation

THERECORD.MEDIA — 22 Mar 2024

📡

US Airlines’ Privacy Protection Practices to Get DOT Review

THERECORD.MEDIA — 22 Mar 2024

📡

New GoFetch attack on Apple Silicon CPUs can steal crypto keys

BLEEPINGCOMPUTER.COM — 22 Mar 2024

📡

Email Bomb Attacks: Filling Up Inboxes and Servers Near You

HEALTHCAREINFOSECURITY.COM — 22 Mar 2024

📡

New StrelaStealer Phishing Attacks Hit Over 100 Organizations in E.U. and U.S.

THEHACKERNEWS.COM — 22 Mar 2024

📡

Large-Scale StrelaStealer Campaign in Early 2024

UNIT42.PALOALTONETWORKS.COM — 22 Mar 2024

📡

Darknet marketplace Nemesis Market seized by German police

BLEEPINGCOMPUTER.COM — 22 Mar 2024

📡

Ways to detect and curb Living off the Land (LotL) attacks | Kaspersky official blog

KASPERSKY.COM — 22 Mar 2024

📡

Hackers Can Unlock Over 3 Millions Hotel Doors In Seconds

PACKETSTORMSECURITY.COM — 22 Mar 2024

📡

Apple Lawsuit: US Says iPhone Monopoly Undermines Security

PACKETSTORMSECURITY.COM — 22 Mar 2024

📡

China Relaxes Some Security Review Rules For Data Exports

PACKETSTORMSECURITY.COM — 22 Mar 2024

📡

GoFetch - Breaking Constant-Time Cryptographic Implementations Using Data Memory-Dependent Prefetchers

PACKETSTORMSECURITY.COM — 22 Mar 2024

📡

AT&T won’t say how its customers’ data spilled online

TECHCRUNCH.COM — 22 Mar 2024

📡

CISOs: Make Sure Your Team Members Fit Your Company Culture

DATABREACHTODAY.CO.UK — 2024-03-22