matlock.ca // THREAT INTELLIGENCE — 2024-03-25

71Articles

8Categories

2024-03-25Date

🚨

CISA Adds Three Known Exploited Vulnerabilities to CatalogCISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2023-48788 Fortinet FortiClient EMS SQL Injection Vulnerability CVE-2021-44529 Ivanti Endpoint Manager Cloud Service Appliance (EPM …

KEVCISA.GOV — Mon, 25 Mar 24 1

⚠️

Unpatched Zephyr OS Expose Devices to DoS Attacks via IP Spoofing

HACKREAD.COM — 25 Mar 2024

⚠️

CISA Issues Advisory on WebAccess/SCADA Vulnerability

THECYBEREXPRESS.COM — 25 Mar 2024

⚠️

The state of ransomware: Faster, smarter, and meaner

CSOONLINE.COM — 25 Mar 2024

⚠️

Cyber Security Today, March 25, 2024 - A suspected China threat actor going after unpatched F5 and ScreenConnet installations

CYBERSECURITYTODAY.LIBSYN.COM — 25 Mar 2024

⚠️

Hackers Earn $1,132,500 for 29 Zero-Days at Pwn2Own Vancouver

BLEEPINGCOMPUTER.COM — 25 Mar 2024

⚠️

New "GoFetch" Vulnerability in Apple M-Series Chips Leaks Secret Encryption Keys

THEHACKERNEWS.COM — 25 Mar 2024

⚠️

Threat Groups Hit Enterprise Software, Network Infrastructure Hard in 2023

CYBERSECURITYDIVE.COM — 25 Mar 2024

⚠️

Mozilla Patches Firefox Zero-Days Exploited at Pwn2Own

SECURITYWEEK.COM — 25 Mar 2024

⚠️

Linux Admins Beware! Fake PuTTY Client that Rhadamanthys stealer

GBHACKERS.COM — 25 Mar 2024

⚠️

Cloud-Conscious Cyber Attacks Spike 110% as Threat Groups Sharpen their Attack Skills

KNOWBE4.COM — 25 Mar 2024

⚠️

Key Lesson from Microsoft’s Password Spray Hack: Secure Every Account

THEHACKERNEWS.COM — 25 Mar 2024

⚠️

CISA and FBI Release Secure by Design Alert to Urge Manufacturers to Eliminate SQL Injection Vulnerabilities

CISA.GOV — Mon, 25 Mar 24 1

⚠️

170K+ Python Developers GitHub Accounts Hacked in Supply Chain Attack

GBHACKERS.COM — 25 Mar 2024

⚠️

Mozilla Patches Firefox Zero Days Exploited At Pwn2Own

PACKETSTORMSECURITY.COM — 25 Mar 2024

⚠️

Combine Qualys TruRisk™ and MITRE ATT&CK to Adopt a Threat-Informed Defense to Reduce Risk

QUALYS.COM — 25 Mar 2024

⚠️

UK blames China for massive breach of voter data

TECHCRUNCH.COM — 25 Mar 2024

⚠️

Hackers poison source code for largest Discord bot platform

BLEEPINGCOMPUTER.COM — 25 Mar 2024

⚠️

Hackers poison source code from largest Discord bot platform

BLEEPINGCOMPUTER.COM — 25 Mar 2024

⚠️

Top 5 Myths About API Security and What to Do Instead - Robert Dickinson - ESW #354

YOUTUBE.COM — 2024-03-25

📋

There Is Only So Much Lipstick You Can Put on a Cybercriminal Troll

KNOWBE4.COM — 25 Mar 2024

📢

GUEST ESSAY: NIST’s Cybersecurity Framework update extends best practices to supply chain, AI

LASTWATCHDOG.COM — 25 Mar 2024

📢

Biden Nominates First Assistant Defense Secretary for Cyber Policy

NEXTGOV.COM — 25 Mar 2024

📢

White House Nominates First Assistant Secretary of Defense for Cyber Policy

SECURITYWEEK.COM — 25 Mar 2024

📢

Ransomware: lessons all companies can learn from the British Library attack

EXPONENTIAL-E.COM — 25 Mar 2024

📢

Biden Administration To Accuse Chinese Hackers Of Targeting US Companies In Espionage Campaign

PACKETSTORMSECURITY.COM — 25 Mar 2024

📢

My AI Odyssey in Cybersecurity | Kashif Iqbal | TEDx University of West London

INFOSEC.PUB — 25 Mar 2024

📢

US sanctions APT31 hackers behind critical infrastructure attacks

BLEEPINGCOMPUTER.COM — 25 Mar 2024

📢

Ubuntu security advisory (AV24-156)

CYBER.GC.CA — 2024-03-25

🔥

Weekly Update 392

TROYHUNT.COM — 25 Mar 2024

🔥

Hackers Claiming Unauthorized Access to the Fortinet Devices of Many Companies

GBHACKERS.COM — 25 Mar 2024

🔥

Lawsuit Filed Following Greensboro College Data Breach

THECYBEREXPRESS.COM — 25 Mar 2024

🔥

Air Europa Customers Warned Their Data May Have Been Leaked

SG.NEWS.YAHOO.COM — 25 Mar 2024

🔥

Top Python Developers Hacked in Sophisticated Supply Chain Attack

SECURITYWEEK.COM — 25 Mar 2024

🔥

Beware of New ‘HelloFire’ Ransomware Actor Mimic as a Pentester

GBHACKERS.COM — 25 Mar 2024

🔥

StrelaStealer Malware Hacked 100+ Organizations Across The EU And U.S

GBHACKERS.COM — 25 Mar 2024

🔥

Supply Chain Attack Discovered Using Fake Python Infrastructure

CHECKMARX.COM — 25 Mar 2024

🔥

Russian Hackers Attacking Political Parties In Recent Cyber Attacks

GBHACKERS.COM — 25 Mar 2024

🔥

Developers Hacked In Sophisticated Supply Chain Attack

PACKETSTORMSECURITY.COM — 25 Mar 2024

🔥

Sandworm-Linked Group Likely Knocked Down Ukrainian Internet Providers

THERECORD.MEDIA — 25 Mar 2024

🔥

Frost & Sullivan names Microsoft a Leader in the Frost Radar™: Managed Detection and Response, 2024

MICROSOFT.COM — 25 Mar 2024

🕵️

ISC Stormcast For Monday, March 25th, 2024 https://isc.sans.edu/podcastdetail/8908, (Mon, Mar 25th)

ISC.SANS.EDU — 25 Mar 2024

🕵️

Tool updates: le-hex-to-ip.py and sigs.py, (Sun, Mar 24th)

ISC.SANS.EDU — 25 Mar 2024

🕵️

Hackers Transform the Raspberry Pi into an Online Anonymity Tool

GBHACKERS.COM — 25 Mar 2024

🕵️

Updated APT Playbook of North Korean Kimsuky Threat Group

RAPID7.COM — 25 Mar 2024

🕵️

GitHub - ZephrFish/ChunkyIngress: Chunking Text Ingress

GITHUB.COM — 25 Mar 2024

🕵️

Iran-Linked MuddyWater Deploys Atera for Surveillance in Phishing Attacks

THEHACKERNEWS.COM — 25 Mar 2024

🕵️

PancakesCon 4 (2023) - 25 talks

INFOSEC.PUB — 25 Mar 2024

🕵️

Russian Hackers Target German Political Parties With WineLoader Malware

BLEEPINGCOMPUTER.COM — 25 Mar 2024

🕵️

Licensing AI Engineers

SCHNEIER.COM — 2024-03-25

🕵️

FBI: Losses Due to Cybercrime Jump to $12.5 Billion as Phishing Continues to Dominate

KNOWBE4.COM — 25 Mar 2024

🕵️

Over 100 US and EU orgs targeted in StrelaStealer malware attacks

BLEEPINGCOMPUTER.COM — 25 Mar 2024

🕵️

Mentorship Monday - Discussions for career and learning!

INFOSEC.PUB — 25 Mar 2024

🕵️

Hackers Hijack GitHub Accounts in Supply Chain Attack Affecting Top-gg and Others

THEHACKERNEWS.COM — 25 Mar 2024

🕵️

Microsoft To Ban 50+ Products For Users In Russia

GBHACKERS.COM — 25 Mar 2024

🕵️

UN Probing 58 Alleged Crypto Heists by North Korea Worth $3 Billion

THERECORD.MEDIA — 25 Mar 2024

🕵️

Over 100 Organizations Targeted in Recent ‘StrelaStealer’ Attacks

SECURITYWEEK.COM — 25 Mar 2024

🕵️

Why Endpoint Security Tools Are Still Such a Challenge

DATABREACHTODAY.CO.UK — 2024-03-25

🕵️

The Average Malicious Website Exists for Less Than 10 Minutes

KNOWBE4.COM — 25 Mar 2024

🕵️

Chinese State-Sponsored Hackers Charged, Sanctions Levied by US

DARKREADING.COM — 25 Mar 2024

🌐

Finite State Raises $20 Million Growth Round to Secure Critical Infrastructure and Software Supply Chains

FINITESTATE.IO — 25 Mar 2024

🌐

Google's new AI search results promotes sites pushing malware, scams

BLEEPINGCOMPUTER.COM — 25 Mar 2024

🌐

Google’s New AI Search Results Promotes Sites Pushing Malware, Scams

BLEEPINGCOMPUTER.COM — 25 Mar 2024

🌐

Notorious Nemesis Market zapped by video game-loving German police

TRIPWIRE.COM — 25 Mar 2024

📡

BlueFlag Security Emerges from Stealth with $11.5M Seed Funding to Address Critical Gaps in SDLC Security

FINANCE.YAHOO.COM — 25 Mar 2024

📡

Police Bust Multimillion-Dollar Holiday Fraud Gang

INFOSECURITY-MAGAZINE.COM — 25 Mar 2024

📡

Some 300,000 IPs Vulnerable To This Loop DoS Attack

PACKETSTORMSECURITY.COM — 25 Mar 2024

📡

Scammers Steal Millions From FTX, BlockFi Claimants

HELPNETSECURITY.COM — 25 Mar 2024

📡

New ZenHammer memory attack impacts AMD Zen CPUs

BLEEPINGCOMPUTER.COM — 25 Mar 2024

📡

New MFA-bypassing phishing kit targets Microsoft 365, Gmail accounts

BLEEPINGCOMPUTER.COM — 25 Mar 2024

📡

Cybersecurity starts at home: Help your children stay safe online with open conversations

WELIVESECURITY.COM — 25 Mar 2024