🐛 COMMON VULNERABILITIES AND EXPOSURES 4[−]
29 MarExposing a New BOLA Vulnerability in GrafanaThis vulnerability, assigned as CVE-2024-1313 with a CVSS score of 6.5, allows low-privileged Grafana users to delete dashboard snapshots belonging to other organizations using the snapshot's keys, impacting the integrity of the system.UNIT42.PALOALTONETWORKS.COM
29 MarDecade-Old Linux ‘Wall’ Bug Helps Make Fake SUDO Prompts, Steal PasswordsTracked as CVE-2024-28085, the security issue has been dubbed WallEscape and has been present in every version of the package for the past 11 years up to 2.40 released yesterday.BLEEPINGCOMPUTER.COM
29 MarNew Linux Bug Could Lead to User Password Leaks and Clipboard HijackingDetails have emerged about a vulnerability impacting the "wall" command of the util-linux package that could be potentially exploited by a bad actor to leak a user's password or alter the clipboard on certain Linux distributions. The bug, tracked as CVE-2024-28085, has been coden…THEHACKERNEWS.COM
29 MarReported Supply Chain Compromise Affecting XZ Utils Data Compression Library, CVE-2024-3094CISA and the open source community are responding to reports of malicious code being embedded in XZ Utils versions 5.6.0 and 5.6.1. This activity was assigned CVE-2024-3094 . XZ Utils is data compression software and may be present in Linux distributions. The malicious code may a…CISA.GOV
⚠️ VULNERABILITY DISCLOSURE 16[−]
29 MarEngland Cricket - 43,299 breached accountsIn March 2024, English Cricket's icoachcricket website suffered a data breach that exposed over 40k records . The data included email addresses and passwords stored as either bcrypt hashes, salted MD5 hashes or both. The data was provided to HIBP by a source who requested it be a…HAVEIBEENPWNED.COM
29 MarNvidia's Newborn ChatRTX Bot Patched for Security BugsNvidia's AI-powered ChatRTX app launched just six week ago but already has received patches for two security vulnerabilities that enabled attack vectors, including privilege escalation and remote code execution.THEREGISTER.COM
29 MarCisco Addressed High-Severity Flaws in IOS and IOS XE SoftwareCisco this week released patches to address multiple IOS and IOS XE software vulnerabilities. An unauthenticated attacker can exploit several issues fixed by the IT giant to cause a denial-of-service (DoS) condition.SECURITYAFFAIRS.COM
29 MarMind the Patch Gap: Exploiting an io_uring Vulnerability in Ubuntu - Exodus Intelligencesubmitted by Lanky_Pomegranate530 to cybersecurity 1 points | 0 comments https://blog.exodusintel.com/2024/03/27/mind-the-patch-gap-exploiting-an-io_uring-vulnerability-in-ubuntu/ cross-posted from: lemmy.world/post/13657109EXODUSINTEL.COM
29 Mar26 Security Issues Patched in TeamCityJetBrains patches 26 security issues in TeamCity and takes steps to avoid malicious exploitation of vulnerabilities. The post 26 Security Issues Patched in TeamCity appeared first on SecurityWeek .SECURITYWEEK.COM
29 MarGoogle Revealed Kernel Address Sanitizer To Harden Android Firmware And BeyondAndroid devices are popular among hackers due to the platform’s extensive acceptance and open-source nature. However, it has a big attack surface with over 2.5 billion active Android devices all over the world. It also poses challenges when it comes to prompt vulnerability patchi…GBHACKERS.COM
29 MarRetail Chain Hot Topic Hit by New Credential Stuffing AttacksBreach notification letters sent to potentially impacted customers this week reveal that attackers targeted Hot Topic Rewards accounts in automated attacks using login information obtained from an unknown source.BLEEPINGCOMPUTER.COM
29 MarThe Golden Age of Automated Penetration Testing is HereNetwork penetration testing plays a vital role in detecting vulnerabilities that can be exploited. The current method of performing pen testing is pricey, leading many companies to undertake it only when necessary, usually once a year for their compliance requirements. This manua…THEHACKERNEWS.COM
29 MarBeware Of Weaponized Air Force invitation PDF Targeting Indian Defense And Energy SectorsEclecticIQ cybersecurity researchers have uncovered a cyberespionage operation dubbed “Operation FlightNight” targeting Indian government entities and energy companies. The attackers, likely state-sponsored, leveraged a modified version of the open-source inform…GBHACKERS.COM
29 MarAttackers Increasingly Exploit Enterprise Tech Zero-DaysThe discovery and exploitation of zero-day vulnerabilities in enterprise-specific software and appliances appears to be outpacing the leveraging of zero-day bugs overall, judging by Google's latest research.THEREGISTER.COM
29 MarTheMoon Botnet Resurfaces, Exploiting EoL Devices to Power Criminal ProxyA botnet previously considered to be rendered inert has been observed enslaving end-of-life (EoL) small home/small office (SOHO) routers and IoT devices to fuel a criminal proxy service called Faceless. "TheMoon, which emerged in 2014, has been operating quietly wh…THEHACKERNEWS.COM
29 MarAnother installment of #infosec / #cybersecurity #followfriday! Some awesome accounts below👇submitted by shellsharks to cybersecurity 1 points | 0 comments Another installment of #infosec / #cybersecurity #followfriday ! Some awesome accounts below👇 - @4Dgifts - @hatless1der - @eatscrayon - @lcheylus - @badhorse - @blastoise - @hookgab - @misczak - @thomrstrom - @dkohlb…INFOSEC.PUB
29 MarGoFetch: Apple CPU encryption hack | Kaspersky official blogA hardware vulnerability in Apple's “M” series CPUs can be exploited to hack encryption algorithms.KASPERSKY.COM
29 MarTheMoon Botnet Resurfaces, Exploiting EoL Devices to Power Criminal Proxysubmitted by Lanky_Pomegranate530 to cybersecurity 1 points | 0 comments https://thehackernews.com/2024/03/themoon-botnet-resurfaces-exploiting.html?m=1THEHACKERNEWS.COM
29 MarShadowRay Attack Strikes AI WorkloadsThousands of AI Workloads Compromised Amid CVE Vulnerability Dispute An active attack campaign dubbed ShadowRay is targeting the widely used Ray open-source artificial intelligence scaling framework. It stems from a vulnerability that researchers say is a flaw but that Ray's deve…DATABREACHTODAY.CO.UK
29 MarA Vulnerability in XZ Utils Could Allow for Remote Code ExecutionA vulnerability has been discovered in XZ Utils that could allow for remote code execution. XZ is a general-purpose data compression format present in nearly every Linux distribution, both community projects and commercial product distributions. Successful exploitation of this vu…CISECURITY.ORG
📢 SECURITY ADVISORIES 3[−]
29 MarCISA Issues Notice for Long-Awaited Critical Infrastructure Reporting RequirementsThe Cybersecurity and Infrastructure Security Agency (CISA) posted the 447-page set of regulations under the Cyber Incident Reporting for Critical Infrastructure Act to the Federal Register, allowing the public to comment on it.CYBERSECURITYDIVE.COM
29 MarChinese Hackers Target Family Members to Surveil Hard TargetsAccording to the indictment, between 2015 and 2024, the APT31 group, linked to China’s Ministry of State Security, targeted thousands of U.S. and Western politicians, foreign policy experts, academics, journalists, and democracy activists.CYBERSCOOP.COM
29 MarUK Nuclear Cleanup Site Faces Criminal Cybersecurity ChargesProbe Finds 'Largest and Most Hazardous Nuclear Site' Violated Security Laws Britain's nuclear power watchdog said it plans to prosecute the country's "largest and most hazardous nuclear site," Sellafield, for violating nuclear industry cybersecurity regulations from 2019 to 2023…DATABREACHTODAY.CO.UK
🔥 INCIDENT REPORTING 12[−]
29 MarPyPI Halts Sign-Ups Amid Surge of Malicious Package Uploads Targeting DevelopersThe maintainers of the Python Package Index (PyPI) repository briefly suspended new user sign-ups following an influx of malicious projects uploaded as part of a typosquatting campaign. It said "new project creation and new user registration" was temporarily halted to m…THEHACKERNEWS.COM
29 MarCyber Security Today, March 29, 2024 - PyPI repository shuts to stop malicious uploads, a plea to developers to stop creating apps with SQL vulnerabilities, and moreThis episode reports on a US$10 million reward for a ransomware gang, a new Linux version of a backdoor, and moreCYBERSECURITYTODAY.LIBSYN.COM
29 MarUpdate: UnitedHealth Admits Patient Data was 'Taken' in Mega AttackUnitedHealth Group has publicly acknowledged that data was "taken" in the cyberattack on its Change Healthcare unit and said it has started analyzing the types of sensitive personal, financial, and health information potentially compromised.HEALTHCAREINFOSECURITY.COM
29 MarLessons from a Ransomware Attack against the British LibraryYou might think that libraries are kind of boring, but this self-analysis of a 2023 ransomware and extortion attack against the British Library is anything but.SCHNEIER.COM
29 MarMassachusetts Health Insurer Data Breach Impacts 2.8 MillionHarvard Pilgrim Health Care says the personal information of over 2.8 million individuals was stolen in a year-old ransomware attack. The post Massachusetts Health Insurer Data Breach Impacts 2.8 Million appeared first on SecurityWeek .SECURITYWEEK.COM
29 MarCompromised SaaS Supply Chain Apps: 97% of Organizations at Risk of Cyber AttacksBusinesses increasingly rely on Software as a Service (SaaS) applications to drive efficiency, innovation, and growth. However, this shift towards a more interconnected digital ecosystem has not come without its risks. According to the “2024 State of SaaS Security Report…GBHACKERS.COM
29 MarUpdate: Harvard Pilgrim Health Network Updates Data Breach Total to Nearly 2.9 MillionHarvard Pilgrim said the files involved may contain personal data and protected health information on current and former subscribers and dependents, as well as current contracted providers.THERECORD.MEDIA
29 MarISMG Editors: Apple's Antitrust Showdown With the FedsLegal Expert Jonathan Armstrong Unpacks Issues in Big Tech, Ransomware, AI and More In the latest weekly update, legal expert Jonathan Armstrong joined three ISMG editors to discuss the Department of Justice's antitrust lawsuit against Apple, ransomware payment dilemmas and AI co…DATABREACHTODAY.CO.UK
29 MarFeds Warn of Credential Harvesting Threats in HealthcareHHS Says Tried-and-True Hacker Methods Can Compromise Patient Data, Safety Federal regulators are sounding an alarm to warn healthcare sector entities of cyberattacks involving a tried-and-true hacking method - credential harvesting, which can be used to compromise patient data, …DATABREACHTODAY.CO.UK
29 MarLessons From the LockBit Takedownsubmitted by Lanky_Pomegranate530 to cybersecurity 1 points | 0 comments https://www.darkreading.com/threat-intelligence/lessons-from-the-lockbit-takedownDARKREADING.COM
29 MarDHS Calls Political Campaigns 'Ripe Target' for CyberattacksForeign Adversaries Increasingly See Campaigns as Prime for Hacking, Official Says The U.S. Department of Homeland Security's assistant secretary for cyber, infrastructure, risk and resilience is sounding the alarm over hackers targeting political campaigns ahead of the 2024 elec…DATABREACHTODAY.CO.UK
29 MarRDP remains a security concern – Week in security with Tony AnscombeMuch has been written about the risks that poorly-secured RDP connections entail, but many organizations continue to leave themselves at risk and get hit by data breaches as a resultWELIVESECURITY.COM
🕵️ THREAT INTELLIGENCE 28[−]
29 MarISC Stormcast For Friday, March 29th, 2024 https://isc.sans.edu/podcastdetail/8916, (Fri, Mar 29th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
29 MarHow to Analyse .NET Malware? – Reverse Engineering Snake KeyloggerUtilizing sandbox analysis for behavioral, network, and process examination provides a foundation for reverse engineering .NET malware. The write-up outlines the importance of sandbox analysis in preparing for reverse engineering by highlighting what to expect and focus on, given…GBHACKERS.COM
29 MarIT and security Leaders Feel Ill-Equipped to Handle Emerging Threats: New SurveyA comprehensive survey conducted by Keeper Security, in partnership with TrendCandy Research, has shed light on the growing concerns within the cybersecurity community. The survey, which gathered insights from over 800 IT and security executives globally, reveals a stark reality:…GBHACKERS.COM
29 MarCisco IOS Bugs Allow Unauthenticated, Remote DoS Attackssubmitted by Lanky_Pomegranate530 to cybersecurity 2 points | 0 comments https://www.darkreading.com/application-security/cisco-ios-bugs-unauthenticated-remote-dos-attacks Several Cisco products, including IOS, IOS XE, and AP software, need patching against various high-risk secu…DARKREADING.COM
29 MarThink tank urges US and EU to cooperate over cybersecurity labelingsubmitted by Lanky_Pomegranate530 to cybersecurity 3 points | 0 comments https://cybernews.com/news/itif-urges-cooperate-cybersecurity-labeling/CYBERNEWS.COM
29 MarWarzoneRAT Returns Post FBI Seizure: Utilizing LNK & HTA FileThe notorious WarzoneRAT malware has made a comeback, despite the FBI’s recent efforts to dismantle its operations. Initially detected in 2018, WarzoneRAT was disrupted by the FBI in mid-February when they seized the malware’s infrastructure and arrested two individua…GBHACKERS.COM
29 MarYour KnowBe4 Fresh Content Updates from March 2024Check out the 35 new pieces of training content added in March, alongside the always fresh content update highlights, events and new features.KNOWBE4.COM
29 MarThe Complexity and Need to Manage Mental Well-Being in the Security TeamIt is the CISO’s responsibility to build and maintain a high functioning team in a difficult environment – cybersecurity is a complex, continuous, and adversarial environment like none other outside of military conflict. The post The Complexity and Need to Manage Mental Well-Bein…SECURITYWEEK.COM
29 MarEnergy Department Invests $15 Million in University Cybersecurity CentersThe US Department of Energy announces $15 million funding for university-based electric power cybersecurity centers. The post Energy Department Invests $15 Million in University Cybersecurity Centers appeared first on SecurityWeek .SECURITYWEEK.COM
29 MarVP Harris Says US Agencies Must Show Their AI Tools Aren’t Harming People’s Safety or RightsU.S. federal agencies must show that their artificial intelligence tools aren’t harming the public, or stop using them, under new rules unveiled by the White House on Thursday. “When government agencies use AI tools, we will now require them to verify that those tools do not enda…SECURITYWEEK.COM
29 MarPentagon Outlines Cybersecurity Strategy for Defense Industrial BaseUS Defense Department releases defense industrial base cybersecurity strategy with a focus on four key goals. The post Pentagon Outlines Cybersecurity Strategy for Defense Industrial Base appeared first on SecurityWeek .SECURITYWEEK.COM
29 MarSydeLabs Emerges From Stealth Mode With $2.5 Million in FundingGenerative-AI security startup SydeLabs emerges from stealth mode with $2.5 million in seed funding led by RTP Global. The post SydeLabs Emerges From Stealth Mode With $2.5 Million in Funding appeared first on SecurityWeek .SECURITYWEEK.COM
29 MarIn Other News: Airline Privacy Review, SEC’s SolarWinds Hack Probe, Apple MFA BombingNoteworthy stories that might have slipped under the radar: US government conducting airline privacy review, SEC’s overreaching SolarWinds hack probe, MFA bombing of Apple users. The post In Other News: Airline Privacy Review, SEC’s SolarWinds Hack Probe, Apple MFA Bombing …SECURITYWEEK.COM
29 MarPyPI Suspends New User Registration to Block Malware CampaignWith thousands of packages available, the repository is an attractive target for threat actors, who often upload typosquatted or fake packages to compromise software developers and potential supply-chain attacks.BLEEPINGCOMPUTER.COM
29 MarDormakaba Locks Used in Millions of Hotel Rooms Could Be Cracked in SecondsSecurity vulnerabilities discovered in Dormakaba's Saflok electronic RFID locks used in hotels could be weaponized by threat actors to forge keycards and stealthily slip into locked rooms. The shortcomings have been collectively named Unsaflok by researchers Lennert Wou…THEHACKERNEWS.COM
29 Mar75% of Organizations Believe They Are at Risk of Careless or Negligent EmployeesNew data shows organizations are well aware that their users are one of their greatest cybersecurity risks today, and yet aren’t taking the right steps to remediate the risk.KNOWBE4.COM
29 MarNew Malware Loader Delivers Agent Tesla Remote Access Trojan Via PhishingA new malware loader is delivering the Agent Tesla remote access Trojan (RAT), according to researchers at Trustwave SpiderLabs. The malware is distributed by phishing emails with malicious attachments.KNOWBE4.COM
29 MarRussian Federation-backed threat group APT29 Now Targeting German Political PartiesNew analysis of APT29’s (aka Cozy Bear) activities and their association with Russia’s Foreign Intelligence Service (SVR) has revealed suspected attempts to collect political intelligence.KNOWBE4.COM
29 MarNarwhal Spider Threat Group Behind New Phishing Campaign Impersonating Reputable Law FirmsUsing little more than a well-known business name and a invoice-related PDF, the “NaurLegal” phishing campaign aims at installing malware trojans.KNOWBE4.COM
29 MarMulti-Layered Defense Platforms and other terms we found in security press releases - ESW #355This week, in the enterprise security news: 1. Early stage funding is all the rage 2. AI startups continue to pop out of stealth 3. The buyer's market continues with more interesting acquisitions 4. Purpose-built large language models for security 5. Benchmarking LLMs for securit…YOUTUBE.COM
29 MarBackdoor in upstream xz/liblzma leading to ssh server compromisesubmitted by thomask to cybersecurity 1 points | 0 comments https://www.openwall.com/lists/oss-security/2024/03/29/4OPENWALL.COM
29 Maross-security - backdoor in upstream xz/liblzma leading to ssh server compromisesubmitted by kbal to cybersecurity 5 points | 0 comments https://openwall.com/lists/oss-security/2024/03/29/4 The upstream xz repository and the xz tarballs have been backdoored.OPENWALL.COM
29 MarElectric Sheep, Exchange, Darcula, NuGet, Rockwell, FTX, Aaran Leyland, and More - SWN #373AI Dreams of Electric Sheep, Exchange, Darcula, NuGet, Rockwell, FTX, Aaran Leyland, and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-373YOUTUBE.COM
29 MarMulti-Layered Defense Platforms and other terms we found in security press releases - ESW #355This week, in the enterprise security news: 1. Early stage funding is all the rage 2. AI startups continue to pop out of stealth 3. The buyer's market continues with more interesting acquisitions 4. Purpose-built large language models for security 5. Benchmarking LLMs for securit…YOUTUBE.COM
29 MarMalware Flood Causes PyPI to Temporarily Halt New AccountsHackers Are Now Using Code Repositories as Malware Vectors Python code repository PyPI temporarily halted new user registration for a second time in three months following a surge in malware-ridden code mimicking legitimate software packages. PyPI is not the only code repository …DATABREACHTODAY.CO.UK
29 MarFriday Squid Blogging: The Geopolitics of Eating SquidNew York Times op-ed on the Chinese dominance of the squid industry: China’s domination in seafood has raised deep concerns among American fishermen, policymakers and human rights activists. They warn that China is expanding its maritime reach in ways that are putting domes…SCHNEIER.COM
29 MarRoss Anderson, professor and famed author of ‘Security Engineering,’ passes awaysubmitted by canpolat to security 3 points | 0 comments https://therecord.media/ross-anderson-cambridge-professor-passes-awayTHERECORD.MEDIA
29 MarBackdoor found in widely used Linux utility breaks encrypted SSH connectionssubmitted by Lanky_Pomegranate530 to cybersecurity 1 points | 1 comments https://arstechnica.com/security/2024/03/backdoor-found-in-widely-used-linux-utility-breaks-encrypted-ssh-connections/ Malicious code planted in xz Utils has been circulating for more than a month.ARSTECHNICA.COM
🌐 CYBER THREAT LANDSCAPE 3[−]
29 MarQuick Forensics Analysis of Apache logs, (Fri, Mar 29th)Sometimes, you&#;x26;#;xe2;&#;x26;#;x80;&#;x26;#;x99;ve to quickly investigate a webserver logs for potential malicious activity. If you&#;x26;#;39;re lucky, logs are a…ISC.SANS.EDU
29 MarRed Hat warns of backdoor in XZ tools used by most Linux distrosToday, Red Hat warned users to immediately stop using systems running Fedora development versions because of a backdoor found in the latest XZ data compression tools and libraries. [...]BLEEPINGCOMPUTER.COM
29 MarActivision: Enable 2FA to secure accounts recently stolen by malwareAn infostealer malware campaign has reportedly collected millions of logins from users of various gaming websites, including players that use cheats, pay-to-cheat services. [...]BLEEPINGCOMPUTER.COM
🎙️ PODCASTS 2[−]
29 MarGoogle Podcasts service shuts down in the US next weekU.S. users have just a few more days to make the transition from Google Podcasts as the company moves forward with the process of discontinuing the service globally. [...]BLEEPINGCOMPUTER.COM
29 MarCyber Security Today, Week in Review for the week ending Friday, March 29, 2024This episode features a discussion on World Backup Day, a security awareness report and moreCYBERSECURITYTODAY.LIBSYN.COM
📡 INFOSEC NEWS 13[−]
29 MarBedrock Security Raises $10M in Seed FundingBedrock Security, a Menlo Park, CA-based data security company, raised $10M in Seed funding. The round was led by Greylock. The company intends to use the funds to expand operations and development efforts.FINSMES.COM
29 MarApple Users Deluged by Phony Password Reset RequestsFirst called out on X/Twitter by AI entrepreneur Parth Patel – and confirmed to be happening to others by security blogger Brian Krebs – the campaign appears to be targeting specific individuals, who are flooded with password reset requests.THEREGISTER.COM
29 MarBinarly Closes $10.5M Seed FinancingThe round was led by Two Bear Capital, with participation from Blu Ventures, Canaan Partners, Cisco Investments, and Liquid 2 Ventures. Pre-seed investors Westwave Capital and Acrobator Ventures also expanded their equity positions.FINSMES.COM
29 MarLarge Trove of UK Student Records Leaked Due to School Software Server MisconfigurationAccording to researcher Jeremiah Fowler, the server was affiliated with OTrack, also known as Optimum Pupil/Sonar Tracker, developed by Juniper Education. OTrack is utilized by over 7,000 primary and secondary schools across the United Kingdom.HACKREAD.COM
29 MarSeveral ImageMagick Vulnerabilities Addressed in UbuntuThe vulnerabilities addressed by the updates impact several Ubuntu releases, including Ubuntu 22.04 LTS, Ubuntu 20.04 LTS, Ubuntu 23.10, Ubuntu 23.04, Ubuntu 18.04, and Ubuntu 16.04.TUXCARE.COM
29 MarCisco Warns of Password-Spraying Attacks Targeting Secure Firewall DevicesThe company published a document containing recommendations against password spray attacks aimed at Remote Access VPN (RAVPN) services. The IT giant pointed out that the attacks are also targeting third-party VPN concentrators.SECURITYAFFAIRS.COM
29 MarIs It Generative AI's Fault, or Do We Blame Human Beings?AI is on the way to embedding itself in our daily lives. CISO Sam Curry and his brother, CMO Red Curry, discuss what generative AI means for copyrights and plagiarism, the "AI bubble," and whether governing AI-derived speech will wind up limiting free speech.DATABREACHTODAY.CO.UK
29 MarThe Complexity And Need To Manage Mental Well-Being In The Security TeamPACKETSTORMSECURITY.COM
29 MarCoro, Building Cybersecurity for SMBs, Locks Down $100M at a $750M ValuationThe lead investor in this round is One Peak, the U.K. later-stage firm focusing on enterprise tech. Previous backers Energy Impact Partners and Balderton Capital are also participating.TECHCRUNCH.COM