64Articles
9Categories
2024-03-26Date
🚨 CISA KEV 1[−]
26 Mar KEVCISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its  Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2023-24955  Microsoft SharePoint Server Code Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malic…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 3[−]
26 Mar KEVCISA Alerts on Active Exploitation of Flaws in Fortinet, Ivanti, and Nice ProductsThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday placed three security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerabilities added are as follows - CVE-2023-48788 (CVSS scor…THEHACKERNEWS.COM
26 MarWhat vulnerabilities are obscured by your cloud environments?As organizations expand and increasingly invest in more cloud applications and services, their cloud footprint grows and often becomes more complex. That’s why it is critically important to regularly reevaluate the security of those cloud assets to ensure that everything is secur…CSOONLINE.COM
26 MarApple Security Bug Opens iPhone, iPad to RCEsubmitted by Lanky_Pomegranate530 to cybersecurity 18 points | 2 comments https://www.darkreading.com/endpoint-security/apple-security-bug-opens-iphone-ipad-rce CVE-2024-1580 allows remote attackers to execute arbitrary code on affected devices.DARKREADING.COM
⚠️ VULNERABILITY DISCLOSURE 20[−]
26 MarOn Secure Voting SystemsAndrew Appel shepherded a public comment —signed by twenty election cybersecurity experts, including myself—on best practices for ballot marking devices and vote tabulation. It was written for the Pennsylvania legislature, but it’s general in nature. From the ex…SCHNEIER.COM
26 MarA Vulnerability in Multiple Apple Products Could Allow for Arbitrary Code Execution.A vulnerability has been discovered in multiple Apple products which could allow for Arbitrary Code Execution. Successful exploitation of this vulnerability could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with …CISECURITY.ORG
26 MarFinland confirms APT31 hackers behind 2021 parliament breachThe Finnish Police confirmed on Tuesday that the APT31 hacking group linked to the Chinese Ministry of State Security (MSS) was behind a breach of the country's parliament disclosed in March 2021. [...]BLEEPINGCOMPUTER.COM
26 MarRecent ‘MFA Bombing’ Attacks Targeting Apple UsersSeveral Apple customers recently reported being targeted in elaborate phishing attacks that involve what appears to be a bug in Apple's password reset feature. In this scenario, a target's Apple devices are forced to display dozens of system-level prompts that prevent the devices…KREBSONSECURITY.COM
26 MarApple Updates for MacOS, iOS/iPadOS and visionOS, (Mon, Mar 25th)Last week, Apple published updates for iOS and iPadOS. At that time, Apple withheld details about the security content of the update. This is typical if future updates for other operating systems will fix the same vulnerability. Apple&#;x26;#;39;s oper…ISC.SANS.EDU
26 MarCISA Releases Four Industrial Control Systems AdvisoriesCISA released four Industrial Control Systems (ICS) advisories on March 26, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-086-01 Automation-Direct C-MORE EA9 HMI ICSA-24-086-02 Rockwell Auto…CISA.GOV
26 MarOne More Time on SIEM Telemetry / Log Sources …One More Time on SIEM Telemetry / Log Sources … (cross posted from Dark Reading , and inspired by a previous version of this blog ) Cyberpunk IT telemetry via Dall-E For years, organizations deploying Security Information and Event Management (SIEM) or similar tools have struggle…MEDIUM.COM
26 MarFacebook snooped on users’ Snapchat traffic in secret project, documents revealIn 2016, Facebook launched a secret project designed to intercept and decrypt the network traffic between people using Snapchat’s app and its servers. The goal was to understand users’ behavior and help Facebook compete with Snapchat, according to newly unsealed court documents. …TECHCRUNCH.COM
26 MarNew Russian cyberespionage group APT29 campaign targets politiciansResearchers warn that a cyberespionage group linked to Russia’s foreign intelligence service, the SVR, has recently launched a spear-phishing campaign targeting one of Germany’s major political parties. This is a departure from the group’s typical targeting of government agencies…CSOONLINE.COM
26 MarWant to build impact as a CISO? Choose CNAPP as your solutionAs cloud adoption rates continue to rise, security leaders are beginning to rethink the way they approach cybersecurity. What once worked for on-premises networks is no longer sufficient for complex, interconnected hybrid and multicloud environments. In addition to deploying secu…CSOONLINE.COM
26 MarAdapting to a new era of cybersecurity in the age of AIAI has the power to transform security operations, enabling organizations to defeat cyberattacks at machine speed and drive innovation and efficiency in threat detection, hunting, and incident response. It also has major implications for the ongoing global cybersecurity shortage.…CSOONLINE.COM
26 MarThe US indicts 7 Chinese nationals for cyber espionageIn a significant development highlighting ongoing cyber espionage concerns between the US, the UK, and China, the US government has charged seven Chinese nationals with allegedly engaging in a widespread cyber espionage campaign on behalf of Beijing. This move underscores escalat…CSOONLINE.COM
26 MarWhen the boss doesn’t fit: Cybersecurity workforce more diverse than its managersThe cybersecurity industry is becoming more diverse as women and people of color increasingly enter the profession, yet the executives who lead it don’t reflect the reality of the workforce’s composition. The imbalance between an overwhelmingly male, white leadership and their em…CSOONLINE.COM
26 MarThe cybersecurity skills shortage: A CISO perspectiveEach year, Enterprise Strategy Group (ESG) and the Information Systems Security Association ( ISSA ) collaborate on a research project resulting in a report titled, The Life and Times of Cybersecurity Professionals. As part of this project, respondents are asked a series of quest…CSOONLINE.COM
26 MarSuccessful Security Needs a Streamlined UX - Benedek Gagyi - ASW #278One of the biggest failures in appsec is an attitude that blames users for security problems. A lot of processes and workflows break down because of an insecure design or insecure defaults. Benedek Gagyi chats with us about the impact of the user experience (UX) on security and w…YOUTUBE.COM
26 MarNew Tycoon 2FA Phishing Kit Raises Cybersecurity Concerns - Source: www.infosecurity-magazine.comsubmitted by Lanky_Pomegranate530 to cybersecurity 2 points | 0 comments https://ciso2ciso.com/new-tycoon-2fa-phishing-kit-raises-cybersecurity-concerns-source-www-infosecurity-magazine-com/ cross-posted from: midwest.social/post/10292094 Source: www.infosecurity-magazine.com – A…CISO2CISO.COM
26 MarBorrower beware: Common loan scams and how to avoid themPersonal loan scams prey on your financial vulnerability and might even trap you in a vicious circle of debt. Here’s how to avoid being scammed when considering a loan.WELIVESECURITY.COM
26 MarAddress Sanitizer for Bare-metal FirmwarePosted by Eugene Rodionov and Ivan Lozano, Android Team With steady improvements to Android userspace and kernel security, we have noticed an increasing interest from security researchers directed towards lower level firmware. This area has traditionally received less scrutiny, b…SECURITY.GOOGLEBLOG.COM
📢 SECURITY ADVISORIES 2[−]
26 MarICS CERT predictions for 2024: What you need to knowAs we work through the first quarter of 2024, various sectors are continuously adapting to increasingly complex cybersecurity threats. Sectors like healthcare, finance, energy and transportation are all regularly widening their digital infrastructure, resulting in larger attack s…SECURITYINTELLIGENCE.COM
26 MarOpen guest lecture on Product Security in Operation Technology with Abdul-Basit Syed, Konecranes - Mid Sweden University - 55 minutessubmitted by ashar to security_cpe 1 points | 0 comments https://infosec.pub/pictrs/image/99988a86-7200-48bb-b18c-0903bedd210c.jpeg Open guest lecture on Product Security in Operation Technology with Abdul-Basit Syed, Konecranes An open guest lecture on “Product security for Oper…INFOSEC.PUB
🔥 INCIDENT REPORTING 7[−]
26 MarThe impact of compromised backups on ransomware outcomesInsights into the financial and operational implications of having backups compromised in a ransomware attack.SOPHOS.COM
26 Mar$700 cybercrime software turns Raspberry Pi into an evasive fraud toolCybercriminals are selling custom Raspberry Pi software called 'GEOBOX' on Telegram, which allows inexperienced hackers to convert the mini-computers into anonymous cyberattack tools. [...]BLEEPINGCOMPUTER.COM
26 MarCrafting Shields: Defending Minecraft Servers Against DDoS AttacksMinecraft, with over 500 million registered users and 166 million monthly players, faces significant risks from distributed denial-of-service (DDoS) attacks, threatening server functionality, player experience, and the game’s reputation. Despite the prevalence of DDoS attacks on …THEHACKERNEWS.COM
26 MarAgenda Ransomware Propagates to vCenters and ESXi via Custom PowerShell ScriptThis blog entry discusses the Agenda ransomware group's use of its latest Rust variant to propagate to VMWare vCenter and ESXi servers.TRENDMICRO.COM
26 MarSwordFantasy - 2,690,657 breached accountsIn January 2019, the now defunct MMO and RPG game SwordFantasy suffered a data breach that exposed 2.7M unique email addresses. Other impacted data included username, IP address and salted MD5 password hashes.HAVEIBEENPWNED.COM
26 MarWorldwide Agenda Ransomware Wave Targets VMware ESXi Serverssubmitted by Lanky_Pomegranate530 to cybersecurity 10 points | 0 comments https://www.darkreading.com/cloud-security/agenda-ransomware-vmware-esxi-servers A new and improved variant of the group’s malware combines fileless infection, BYOVD, and more to cause havoc in virtual envi…DARKREADING.COM
🕵️ THREAT INTELLIGENCE 18[−]
26 MarSketchy NuGet Package Likely Linked to Industrial Espionage Targets DevelopersThreat hunters have identified a suspicious package in the NuGet package manager that's likely designed to target developers working with tools made by a Chinese firm that specializes in industrial- and digital equipment manufacturing. The package in question is Sq…THEHACKERNEWS.COM
26 MarU.S. Charges 7 Chinese Nationals in Major 14-Year Cyber Espionage OperationThe U.S. Department of Justice (DoJ) on Monday unsealed indictments against seven Chinese nationals for their involvement in a hacking group that targeted U.S. and foreign critics, journalists, businesses, and political officials for about 14 years. The defendants include Ni Gaob…THEHACKERNEWS.COM
26 MarNew tool: linux-pkgs.sh, (Sun, Mar 24th)During a recent Linux forensic engagement, a colleague asked if there was anyway to tell what packages were installed on a victim image. As we talk about in FOR577, depending on which tool you run on a live system and how you define "installed" you may get different answers, but …ISC.SANS.EDU
26 MarISC Stormcast For Tuesday, March 26th, 2024 https://isc.sans.edu/podcastdetail/8910, (Tue, Mar 26th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
26 MarThe foundation for responsible analytics with Microsoft PurviewIf you’re attending the Microsoft Fabric Community Conference, check out one of our opportunities to learn more about Microsoft Purview. This blog post outlines the major announcements of new capabilities. The post The foundation for responsible analytics with Microsoft Purview a…MICROSOFT.COM
26 MarIt’s Official: Cyber Insurance is No Longer Seen as a 'Safety Net'A new report on the state of email security sheds some light on how organizations are viewing and approaching cyber insurance as they shift strategy toward being cyber resilient.KNOWBE4.COM
26 MarNew Phishing-as-a-Service Kit Attempts to Bypass MFAA Phishing-as-a-Service (PhaaS) platform called “Tycoon 2FA” has surged in popularity over the past several months, according to researchers at Sekoia. The phishing kit is notable for its focus on bypassing victims’ multi-factor authentication measures.KNOWBE4.COM
26 Mar[New Research] KnowBe4's Report is a Call to Action for Global Organizations to Improve Their Security CultureWe’re thrilled to announce the release of the 2024 Security Culture Report , which dives deep into how security measures affect organizations and the way employees act and feel at work.KNOWBE4.COM
26 MarPatrick Stewart, Colorama, Strelastealer, CVSS scores, CHUDS, Josh Marpet, and more - SWN #372Patrick Stewart, Colorama, Strelastealer, CVSS scores, CHUDS, Josh Marpet, and more, on this Edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-372YOUTUBE.COM
26 MarCSO Role vs. Changing CISO Role as 60% of Both Roles are Omitted from SEC Filings - BSW #343In the leadership and communications section, The CISO Role Is Changing. Can CISOs Themselves Keep Up? , Why do 60% of SEC Cybersecurity Filings Omit CSO, CISO Info?, How Co-Leaders Succeed, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Note…YOUTUBE.COM
26 MarApps Gone Wild: Re-thinking App and Identity Security for SaaS - Guy Guzner - BSW #343With hundreds or thousands of SaaS apps to secure with no traditional perimeter, Identity becomes the focal point for SaaS Security in the modern enterprise. Yet with Shadow IT, now recast as Business-Led IT, quickly becoming normal practice, it’s more complicated than trying to …YOUTUBE.COM
26 MarGoFetch Side Channel, OpenSSF & Security Education, Fuzzing vs. Formal Verification - ASW #278The GoFetch side channel in Apple CPUs, OpenSSF's plan for secure software developer education, fuzzing vs. formal verification as a security strategy, hard problems in InfoSec (and AppSec), and more! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Note…YOUTUBE.COM
26 MarThird-Party Risk Management - BEC Compromises and the Cloud - Michael Swinarski - CSP #167Third-Party Risk Management is essential for safeguarding an organization's assets, reputation, and operations. By identifying, assessing, and managing risks associated with external partners, organizations can enhance their resilience, protect sensitive information, and maintain…YOUTUBE.COM
26 MarBSides Basingstoke 2023 - 6 talkssubmitted by ashar to security_cpe 4 points | 0 comments https://infosec.pub/pictrs/image/f51fc53a-50c4-46cc-bd46-b08591e15e95.png Basingstoke’s premier (only) cyber security/hacker conference! BSides Basingstoke 2023 playlist BSides Basingstoke 2023 scheduleINFOSEC.PUB
26 MarTheMoon malware infects 6,000 ASUS routers in 72 hours for proxy servicesubmitted by kid to cybersecurity 31 points | 4 comments https://www.bleepingcomputer.com/news/security/themoon-malware-infects-6-000-asus-routers-in-72-hours-for-proxy-service/BLEEPINGCOMPUTER.COM
26 MarZenHammer comes down on AMD Zen 2 and 3 systemssubmitted by kid to cybersecurity 13 points | 0 comments https://www.theregister.com/2024/03/25/zenhammer_comes_down_on_amd/THEREGISTER.COM
26 MarZenHammer: Rowhammer Attacks on AMD Zen-based Platformssubmitted by Lanky_Pomegranate530 to cybersecurity 9 points | 0 comments https://comsec.ethz.ch/research/dram/zenhammer/ cross-posted from: lemmy.world/post/13547352COMSEC.ETHZ.CH
26 MarAI and TrustWatch the Video on YouTube.com A 15-minute talk by Bruce Schneier.SCHNEIER.COM
🌐 CYBER THREAT LANDSCAPE 1[−]
🎙️ PODCASTS 1[−]
26 MarReversing Windows Container, episode II: Silo to Server SiloThis second article describes how to convert a Silo into a Server Silo in order to create a Windows Container. In addition, it dives into certain Kernel side Silo mechanisms.QUARKSLAB.COM
📡 INFOSEC NEWS 11[−]
26 MarWindows 11 KB5035942 update enables Moment 5 features for everyoneMicrosoft has released the March 2024 non-security KB5035942 preview update for Windows 11 23H2, which enables Moment 5 features by default and fixes 18 known issues. [...]BLEEPINGCOMPUTER.COM
26 MarWindows 10 KB5035941 update released with lock screen widgetsMicrosoft has released the optional KB5035941 preview cumulative update for Windows 10 22H2, introducing widgets on the lock screen, Windows Spotlight on the desktop, and 21 other fixes or changes. [...]BLEEPINGCOMPUTER.COM
26 MarGermany warns of 17K vulnerable Microsoft Exchange servers exposed onlineThe German national cybersecurity authority warned on Tuesday that it found at least 17,000 Microsoft Exchange servers in Germany exposed online and vulnerable to one or more critical security vulnerabilities. [...]BLEEPINGCOMPUTER.COM
26 MarU.S. Sanctions 3 Cryptocurrency Exchanges for Helping Russia Evade SanctionsThe U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) sanctioned three cryptocurrency exchanges for offering services used to evade economic restrictions imposed on Russia following its invasion of Ukraine in early 2022. This includes Bitpapa IC FZC LLC, C…THEHACKERNEWS.COM
26 MarAI is a data problem — Cyera is raising up to $300M on a $1.5B valuation to secure itA cybersecurity startup called Cyera is betting that the next big challenge in enterprise data protection will be AI, and it’s raising a big round of funding as demand picks up for it. The company — which builds AI-enhanced tools to create accurate pictures of where a…TECHCRUNCH.COM
26 MarBest Defense in 2024 | Kaspersky official blogKaspersky products and solutions took 93 first places out of 100 independent tests in 2023.KASPERSKY.COM