77Articles
8Categories
2024-03-27Date
🐛 COMMON VULNERABILITIES AND EXPOSURES 8[−]
27 Mar KEVCISA Warns: Hackers Actively Attacking Microsoft SharePoint VulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a security flaw impacting Microsoft Sharepoint Server to its Known Exploited Vulnerabilities (KEV) catalog based on evidence of active exploitation in the wild. The vulnerability, tracked as CVE-…THEHACKERNEWS.COM
27 MarApple Released Security Updates for Safari and macOSApple released security updates to address a vulnerability (CVE-2024-1580) in Safari and macOS. A cyber threat actor could exploit this vulnerability to take control of an affected system.  CISA encourages users and administrators to review the following advisories and apply…CISA.GOV
27 MarChromium: CVE-2024-2883 Use after free in ANGLEThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information. Google is aware that an exploit for CVE-2024-2883 exists in…MSRC.MICROSOFT.COM
27 MarChromium: CVE-2024-2885 Use after free in DawnThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
27 MarChromium: CVE-2024-2886 Use after free in WebCodecsThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
27 MarChromium: CVE-2024-2887 Type Confusion in WebAssemblyThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
27 MarHackers Actively Exploiting Ray AI Framework Flaw to Hack Thousands of ServersA critical vulnerability in Ray, an open-source AI framework that is widely utilized across various sectors, including education, cryptocurrency, and biopharma. This vulnerability, known as CVE-2023-48022, has been under active exploitation for the past seven months, allowing att…GBHACKERS.COM
27 MarCISA Warns of Hackers Exploiting Microsoft SharePoint Server VulnerabilityCybersecurity and Infrastructure Security Agency (CISA) has warned about a critical vulnerability in Microsoft SharePoint Server, CVE-2023-24955. This vulnerability poses a significant risk to organizations using the platform. It allows attackers with certain privileges to execut…GBHACKERS.COM
⚠️ VULNERABILITY DISCLOSURE 23[−]
27 MarSecurity Vulnerability in Saflok’s RFID-Based Keycard LocksIt’s pretty devastating : Today, Ian Carroll, Lennert Wouters, and a team of other security researchers are revealing a hotel keycard hacking technique they call Unsaflok . The technique is a collection of security vulnerabilities that would allow a hacker to almost instant…SCHNEIER.COM
27 MarCyber Security Today, March 27, 2024 - A botnet exploits old routers, a new malware loader discovered, and more warnings about downloading code from open source repositoriesThis episode reports on a new network of 40,000 infected small and home office routers and other devices that are part of a criminal botnet, and moreCYBERSECURITYTODAY.LIBSYN.COM
27 MarGoogle fixes Chrome zero-days exploited at Pwn2Own 2024Google fixed seven security vulnerabilities in the Chrome web browser on Tuesday, including two zero-days exploited during the Pwn2Own Vancouver 2024 hacking competition. [...]BLEEPINGCOMPUTER.COM
27 Mar KEVCISA tags Microsoft SharePoint RCE bug as actively exploitedCISA warns that attackers are now exploiting a Microsoft SharePoint code injection vulnerability that can be chained with a critical privilege escalation flaw for pre-auth remote code execution attacks. [...]BLEEPINGCOMPUTER.COM
27 MarGoogle: Spyware vendors behind 50% of zero-days exploited in 2023Google's Threat Analysis Group (TAG) and Google subsidiary Mandiant said they've observed a significant increase in the number of zero-day vulnerabilities exploited in attacks in 2023, many of them linked to spyware vendors and their clients. [...]BLEEPINGCOMPUTER.COM
27 MarChrome Update Patches Zero-Day Vulnerabilities Exploited at Pwn2OwnGoogle ships a security-themed Chrome browser refresh to fix flaws exploited at the CanSecWest Pwn2Own hacking contest. The post Chrome Update Patches Zero-Day Vulnerabilities Exploited at Pwn2Own appeared first on SecurityWeek .SECURITYWEEK.COM
27 MarGoogle Report: Despite Surge in Zero-Day Attacks, Exploit Mitigations Are WorkingDespite a surge in zero-day attacks, data shows that security investments into OS and software exploit mitigations are forcing attackers to find new attack surfaces and bug patterns. The post Google Report: Despite Surge in Zero-Day Attacks, Exploit Mitigations Are Working appear…SECURITYWEEK.COM
27 MarRay AI Framework Vulnerability Exploited to Hack Hundreds of ClustersDisputed Ray AI framework vulnerability exploited to steal information and deploy cryptominers on hundreds of clusters. The post Ray AI Framework Vulnerability Exploited to Hack Hundreds of Clusters appeared first on SecurityWeek .SECURITYWEEK.COM
27 MarHackers Hit Indian Defense, Energy Sectors with Malware Posing as Air Force InviteIndian government entities and energy companies have been targeted by unknown threat actors with an aim to deliver a modified version of an open-source information stealer malware called HackBrowserData and exfiltrate sensitive information in some cases by using Slack as command-…THEHACKERNEWS.COM
27 MarMicrosoft Edge Bug Could Have Allowed Attackers to Silently Install Malicious ExtensionsA now-patched security flaw in the Microsoft Edge web browser could have been abused to install arbitrary extensions on users' systems and carry out malicious actions.  "This flaw could have allowed an attacker to exploit a private API, initially intended for marketing purpo…THEHACKERNEWS.COM
27 MarCritical Unpatched Ray AI Platform Vulnerability Exploited for Cryptocurrency MiningCybersecurity researchers are warning that threat actors are actively exploiting a "disputed" and unpatched vulnerability in an open-source artificial intelligence (AI) platform called Anyscale Ray to hijack computing power for illicit cryptocurrency mining. "This vulnerability a…THEHACKERNEWS.COM
27 MarSoftware supply chain attack impacts repo of large Discord bot communityA platform called Top.gg that’s used to publish bots for the popular Discord chat app recently had one of its GitHub repositories poisoned with malicious code as part of a larger software supply chain attack. The incident highlights the snowball effect that even one malicious pac…CSOONLINE.COM
27 MarDon’t let microbranch security be your network’s weak linkIf you hear the term “microbranch,” you probably picture a small banking location with a handful of ATMs. For many years, this term was specific to the financial industry, but as remote work and internet-connected devices have grown more common, the definition has evolved to incl…CSOONLINE.COM
27 MarFor the hybrid workforce, SASE-delivered zero trust is a mustIn the early days of the pandemic, organizations relied on virtual private networks (VPNs) to link remote employees to their networks. However, legacy VPNs don’t provide the most efficient way to connect to network assets. And now that we’re fully in the age of the hybrid workfor…CSOONLINE.COM
27 MarTelesign launches integrated API to combine traditional identity verification channelsTelesign, a customer identity and engagement solutions provider, has integrated multiple user verification channels into a unified, silent verification offering, Verify API, to help organizations defend themselves against cyberfrauds. The “omnichannel API” will help integrate sev…CSOONLINE.COM
27 MarWho owns your data? SaaS contract security, privacy red flagsNearly every organization in the world depends on software as a service (SaaS). Medium- to large-sized companies can have more than 130 SaaS applications and for those employing more than 10,000 people, that number might exceed 400. When data is stored in so many places and handl…CSOONLINE.COM
27 MarRisky business: 6 steps to assessing cyber risk for the enterpriseWith the explosive rise of digital information, the continued success of modern enterprises has become inextricably bound to the effective use and management of data. However new efficiency-driving technologies, global interconnectivity, and remote work have also introduced sever…CSOONLINE.COM
27 Marknowing when to trust a login page on a Cloudflare sitesubmitted by coffeeClean to cybersecurity 9 points | 8 comments Question for people willing to visit Cloudflare sites: How do you determine whether to trust a login page on a CF site? A sloppy or naïve admin would simply take the basic steps to putting their site on Cloudflare, i…INFOSEC.PUB
27 MarTA577 Assault: New Attack Exploiting NTLM Vulnerability | Proofpoint USsubmitted by kid to cybersecurity 9 points | 0 comments https://www.proofpoint.com/us/blog/identity-threat-defense/ta577-attack-ntlm-vulnerabilityPROOFPOINT.COM
27 MarFlipping Pages: An analysis of a new Linux vulnerability in nf_tables and hardened exploitation techniquessubmitted by Lanky_Pomegranate530 to cybersecurity 11 points | 0 comments https://pwning.tech/nftables/ cross-posted from: lemmy.world/post/13589447PWNING.TECH
📢 SECURITY ADVISORIES 3[−]
27 MarLeaked Documents Reveal Australia Targeted by Chinese APT31 HackersA Chinese cybersecurity company with links to the Communist Party government used its guns-for-hire hacking operation to target Australia, leaked documents from iSoon revealed.AFR.COM
27 MarBBC R4 Analysis - How real is the existential threat from AI? - 30 minutessubmitted by ashar to security_cpe 3 points | 2 comments https://infosec.pub/pictrs/image/d69a3764-25a6-44de-bd61-cf679691c46c.jpeg How real is the existential threat from AI? Terminator-style threats from AI do not currently exist, so why is money and political heft being thrown…INFOSEC.PUB
🔥 INCIDENT REPORTING 6[−]
27 MarINC Ransom threatens to leak 3TB of NHS Scotland stolen dataThe INC Ransom extortion gang is threatening to publish three terabytes of data allegedly stolen after breaching the National Health Service (NHS) of Scotland. [...]BLEEPINGCOMPUTER.COM
27 MarRansomware as a Service and the Strange Economics of the Dark WebRansomware is quickly changing in 2024, with massive disruptions and large gangs shutting down. Learn from Flare how affiliate competition is changing in 2024, and what might come next. [...]BLEEPINGCOMPUTER.COM
27 MarTwo Chinese APT Groups Ramp Up Cyber Espionage Against ASEAN CountriesTwo China-linked advanced persistent threat (APT) groups have been observed targeting entities and member countries affiliated with the Association of Southeast Asian Nations (ASEAN) as part of a cyber espionage campaign over the past three months. This includes the threat actor …THEHACKERNEWS.COM
27 MarRansomware hits The Big Issue. Qilin group leaks confidential dataThe Qilin ransomware group has targeted The Big Issue, a street newspaper sold by the homeless and vulnerable. Spost on Qilin's dark web leak site claimed the gang has stolen 550 GB of confidential data from the periodical's parent company. Read more in my article on the Hot for …BITDEFENDER.COM
27 MarTrezor’s Twitter account hijacked by cryptocurrency scammers via bogus Calendly inviteHardware wallet manufacturer Trezor has explained how its Twitter account was compromised - despite it having sensible security precautions in place, such as strong passwords and multi-factor authentication. Read more in my article on the Hot for Security blog.BITDEFENDER.COM
27 MarGSM Hosting - 2,607,440 breached accountsIn August 2016, breached data from the vBulletin forum for GSM-Hosting appeared for sale alongside dozens of other hacked services . The breach impacted 2.6M users of the service and included email and IP addresses, usernames and salted MD5 password hashes.HAVEIBEENPWNED.COM
🕵️ THREAT INTELLIGENCE 22[−]
27 MarKuCoin charged with AML violations that let cybercriminals launder billionsThe U.S. Department of Justice (DoJ) has charged global cryptocurrency exchange KuCoin and two of its founders for failing to adhere to anti-money laundering (AML) requirements, allowing threat actors to use the platform to launder money. [...]BLEEPINGCOMPUTER.COM
27 MarFinnish Police Linked APT31 to the 2021 Parliament AttackThe investigation relied on an international information exchange, the National Bureau of Investigation collaborated with international entities and the Finnish Security and Intelligence ServiceSECURITYAFFAIRS.COM
27 MarTwo Chinese APT Groups Found Targeting ASEAN EntitiesOver the past 90 days, Unit 42 researchers identified two Chinese APT groups conducting cyberespionage activities against entities and member countries affiliated with the Association of Southeast Asian Nations (ASEAN).UNIT42.PALOALTONETWORKS.COM
27 MarCode Execution Flaws Haunt NVIDIA ChatRTX for WindowsArtificial intelligence computing giant NVIDIA patches flaws in ChatRTX for Windows and warns of code execution and data tampering risks. The post Code Execution Flaws Haunt NVIDIA ChatRTX for Windows appeared first on SecurityWeek .SECURITYWEEK.COM
27 MarVPN Apps on Google Play Turn Android Devices Into ProxiesHuman Security identifies 28 VPN applications for Android and an SDK that turn devices into proxies. The post VPN Apps on Google Play Turn Android Devices Into Proxies appeared first on SecurityWeek .SECURITYWEEK.COM
27 MarISC Stormcast For Wednesday, March 27th, 2024 https://isc.sans.edu/podcastdetail/8912, (Wed, Mar 27th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
27 MarThe Number of New Pieces of Malware Per Minute Has Quadrupled in Just One YearThe threat of novel malware is growing exponentially, making it more difficult for security solutions to identify attachments and links to files as being malware.KNOWBE4.COM
27 MarA Simple 'Payment is Underway' Phishing Email Downloads RATs from AWS, GitHubAnalysis of a new initial access malware attack shows how simple these attacks can be while also proving that malware can reside on legitimate repositories.KNOWBE4.COM
27 Mar[SCARY] Research Shows Weaponized GenAI Worm That Gets Distributed Via A Zero Click Phishing EmailIsraeli researchers came out with a hell of a thing just now. Here is a bit of the abstract and a video. YIKES.KNOWBE4.COM
27 MarChinese Hackers Attacking Southeast Asian Nations With Malware PackagesCybersecurity researchers at Unit 42 have uncovered a sophisticated cyberespionage campaign orchestrated by two Chinese Advanced Persistent Threat (APT) groups targeting entities and member countries of the Association of Southeast Asian Nations (ASEAN). This alarming development…GBHACKERS.COM
27 MarMicrosoft Expands Edge Bounty Program to Include WebView2!Microsoft announced that Microsoft Edge WebView2 eligibility and specific out-of-scope information are now included in the Edge Bounty Program. The Microsoft Edge Bounty Program aims to find vulnerabilities that are specific to the upcoming Chromium-based Microsoft Edge, and that…GBHACKERS.COM
27 MarBeware of Free Android VPN Apps that Turn Your Device into ProxiesCybersecurity experts have uncovered a cluster of Android VPN applications that covertly transform user devices into proxy nodes, potentially engaging in malicious activities without their knowledge. This discovery has raised significant concerns about the safety of free VPN apps…GBHACKERS.COM
27 MarZENHAMMER – First Rowhammer Attack Impacting Zen-based AMD PlatformsDespite AMD’s growing market share with Zen CPUs, Rowhammer attacks were absent due to challenges in reverse engineering DRAM addressing, synchronizing with refresh commands, and achieving sufficient row activation throughput.  Researchers addressed these through ZENHA…GBHACKERS.COM
27 MarAirbus to Acquire INFODAS to Strengthen its Cybersecurity PortfolioAirbus Defence and Space plans to acquire INFODAS, a leading cybersecurity and IT solutions provider in Germany. This acquisition marks a step for Airbus as it aims to enhance the security of its digital infrastructure amidst the growing cyber threats globally. A Strategic Acquis…GBHACKERS.COM
27 Mar17,000+ Microsoft Exchange Servers Vulnerable to Multiple Critical VulnerabilitiesFederal Office for Information Security (BSI) in Germany has announced that at least 17,000 Microsoft Exchange servers across the country are exposed to one or more critical vulnerabilities. This figure only scratches the surface, as several servers remain unaccounted for, potent…GBHACKERS.COM
27 Mar3 Strategies to overcome data security challenges in 2024There are over 17 billion internet-connected devices in the world — and experts expect that number will surge to almost 30 billion by 2030. This rapidly growing digital ecosystem makes it increasingly challenging to protect people’s privacy. Attackers only need to be …SECURITYINTELLIGENCE.COM
27 MarWitnessing a Revolution in Cybersecurity with AIFaraz Ahsan provided insights into the integration of artificial intelligence and machine learning in combating cyberthreats. The post Witnessing a Revolution in Cybersecurity with AI appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
27 MarWhat We Don’t Know Will Hurt Us - Cheryl Biswas - BTS #26Cheryl is super passionate about supply chain security and visibility. Tune in to our discussion on how we can collectively get better at reducing the attack surface and working to fix the wide variety of digital supply chain issues we have today. This segment is sponsored by Ecl…YOUTUBE.COM
27 MarGermany Warns Of 17k Vulnerable Microsoft Exchange Servers Exposed Online - RedPacket Securitysubmitted by Lanky_Pomegranate530 to securitynews 21 points | 0 comments https://www.redpacketsecurity.com/germany-warns-of-17k-vulnerable-microsoft-exchange-servers-exposed-online/ cross-posted from: midwest.social/post/10338366 The German national cybersecurity authority warned…REDPACKETSECURITY.COM
27 MarWhat are You Working on Wednesdaysubmitted by shellsharks to cybersecurity 13 points | 7 comments Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.INFOSEC.PUB
27 MarNew ShadowRay Campaign Targets Ray AI Framework in Global Attacksubmitted by kid to cybersecurity 9 points | 0 comments https://www.hackread.com/shadowray-attack-targets-ray-ai-framework/HACKREAD.COM
27 MarFree Vpn Apps On Google Play Turned Android Phones Into Proxies - RedPacket Securitysubmitted by Lanky_Pomegranate530 to cybersecurity 42 points | 9 comments https://www.redpacketsecurity.com/free-vpn-apps-on-google-play-turned-android-phones-into-proxies/ Over 15 free VPN apps on Google Play were found using a malicious software development kit that turned Andr…REDPACKETSECURITY.COM
🌐 CYBER THREAT LANDSCAPE 4[−]
27 MarBreaking Boundaries: Mispadu's Infiltration Beyond LATAMRecently, Morphisec Labs identified a significant increase in activity linked to the Mispadu banking trojan. Initially concentrated on LATAM countries and Spanish-speaking individuals, Mispadu has broadened its scope in the latest campaign.MORPHISEC.COM
27 MarTheMoon Malware Infects 6,000 ASUS Routers in 72 Hours for Proxy ServiceTheMoon is linked to the "Faceless" proxy service, which uses some of the infected devices as proxies to route traffic for cybercriminals who wish to anonymize their malicious activities.BLEEPINGCOMPUTER.COM
27 MarAlert: New Phishing Attack Delivers Keylogger Disguised as Bank Payment NoticeA new phishing campaign has been observed leveraging a novel loader malware to deliver an information stealer and keylogger called Agent Tesla. Trustwave SpiderLabs said it identified a phishing email bearing this attack chain on March 8, 2024. The message masquerades as a b…THEHACKERNEWS.COM
🎙️ PODCASTS 1[−]
27 MarTransatlantic Cable podcast episode 340 | Kaspersky official blogEpisode 340 of the Kaspersky podcast includes big-tech lawsuit drama, and the dangers of age-verification.KASPERSKY.COM
📡 INFOSEC NEWS 10[−]
27 MarNew Darcula phishing service targets iPhone users via iMessageA new phishing-as-a-service (PhaaS) named 'Darcula' uses 20,000 domains to spoof brands and steal credentials from Android and iPhone users in more than 100 countries. [...]BLEEPINGCOMPUTER.COM
27 MarWindows 11 22H2 Home and Pro get preview updates until June 26Microsoft reminded customers today that the Windows 11 22H2 Home and Pro editions will continue to receive non-security preview updates until June 26. [...]BLEEPINGCOMPUTER.COM
27 MarUS State Department Warns Employees of Fraud Scheme Targeting Payroll SystemsThe State Department alert said that cybercriminals are attempting to use “phishing, email account takeovers, and social engineering” to veer employee payroll deposits into their own bank accounts.NEXTGOV.COM
27 MarAirbus Enhances Cybersecurity Offerings with INFODAS AcquisitionThe acquisition is poised to significantly bolster Airbus’ cybersecurity portfolio, a critical component of its strategic vision aimed at enhancing the digital protection of its European and global clientele.FINTECH.GLOBAL
27 MarFeds Wave Sticks & Carrots at Health Sector to Bolster CyberThe Department of Health and Human Services' recently released budget proposal for fiscal 2025 includes $1.3 billion in financial help, such as grants, for hospitals to invest in cybersecurity over the next several years.BANKINFOSECURITY.COM
27 MarTech Industry’s Focus on Innovation Leaves Security BehindThe rapid digital transformation and technological progress within the technology sector have enlarged the attack surface for companies operating in this space, according to Trustwave.HELPNETSECURITY.COM
27 MarSASE Solutions Fall Short Without Enterprise Browser Extensions, New Report RevealsAs SaaS applications dominate the business landscape, organizations need optimized network speed and robust security measures. Many of them have been turning to SASE, a product category that offers cloud-based network protection while enhancing network infrastructure performance.…THEHACKERNEWS.COM
27 MarScans for Apache OfBiz, (Wed, Mar 27th)Today, I noticed in our "first seen URL" list, two URLs I didn&#;x26;#;39;t immediately recognize: ISC.SANS.EDU
27 MarEavesdropping on keyboard keystrokes | Kaspersky official blogA method of stealing data through side channels by eavesdropping on keyboard keystrokes.KASPERSKY.COM