67Articles
7Categories
2024-04-01Date
🐛 COMMON VULNERABILITIES AND EXPOSURES 1[−]
1 AprNIST Unveils New Consortium to Operate the NVDIt’s now official: the US National Institute of Standards and Technology (NIST) will hand over some aspects of the management of the world’s most widely used software vulnerability repository to an industry consortium.INFOSECURITY-MAGAZINE.COM
⚠️ VULNERABILITY DISCLOSURE 17[−]
1 AprRoss AndersonRoss Anderson unexpectedly passed away Thursday night in, I believe, his home in Cambridge. I can’t remember when I first met Ross. Of course it was before 2008, when we created the Security and Human Behavior workshop. It was well before 2001, when we created the Workshop …SCHNEIER.COM
1 AprHackers Using Microsoft OneNote Files to Orchestrate Cyber AttacksHackers have been found leveraging Microsoft OneNote files as a vector to compromise systems across various industries. The campaign, under the radar of cybersecurity experts, showcases a new trend in cyber threats, exploiting commonly used office applications to gain unauthorize…GBHACKERS.COM
1 AprRecruit for diversity: Practical ways to remove bias from the hiring processWhether we’re aware of it or not, we’re all biased. It stems from our individual experiences, upbringings, and backgrounds. These biases, unfortunately, are pervasive in all aspects of everyday life, including the recruitment process. A study by Harvard Business Review showed if …CSOONLINE.COM
1 AprBackdoor in upstream xz/liblzma Let Attackers Hack SSH ServersA startling revelation has identified a dangerous security vulnerability in the xz compression utility, specifically within its liblzma library. This vulnerability has been found to compromise SSH server security. Xz Utils is a tool found almost everywhere in Linux. It helps to s…GBHACKERS.COM
1 AprCyber Security Today, April 1, 2024 - An alert about a critical Linux vulnerability, a warning about password-spray attacks on Cisco VPNs, and moreThis episode reports on a way threat actors can get around cloud-based email filtering systems, the latest information on an AT&T data theft, and moreCYBERSECURITYTODAY.LIBSYN.COM
1 AprImperva Web Application Firewall Flaw Let Attackers Bypass WAF RulesImperva SecureSphere WAF, a security tool for on-premise web applications, has a vulnerability in some versions that allows attackers to bypass filters when inspecting POST data.  By sneaking malicious content past the WAF, attackers could potentially exploit security flaws …GBHACKERS.COM
1 AprAT&T suffers critical breach impacting 73 million customersAT&T has suffered a data breach impacting the information of 73 million of its current and past customers. The dataset leaked on the dark web contains several fields of personal data belonging to AT&T’s customers from 2019 and earlier, the company said in a public stateme…CSOONLINE.COM
1 AprActivision Players Attacked by Password Stealing Malware: Investigation In ProgressActivision, the powerhouse behind popular titles such as Call of Duty, is currently embroiled in an investigation into a hacking campaign aimed at its players. The primary objective of cybercriminals is to siphon off player credentials, focusing on gaming accounts and cryptocurre…GBHACKERS.COM
1 AprBackdoor Found and Defused in Widely Used Linux Utility XZMalicious Code in Utility Designed to Facilitate Full, Remote Access to System Nation-state attackers apparently backdoored widely used, open source data compression software as part of a supply-chain attack. Malicious code inserted into recent versions of XZ Utils was designed t…DATABREACHTODAY.CO.UK
1 AprWerewolf Hackers Exploiting WinRAR Vulnerability To Deploy RingSpy BackdoorActive since 2023, the Mysterious Werewolf cluster has shifted targets to the military-industrial complex (MIC) by using phishing emails with a weaponized archive.  The archive contains a seemingly legitimate PDF document along with a malicious CMD file, and when the victim …GBHACKERS.COM
1 AprIndian Government Rescues 250 Citizens Forced into Cybercrime in CambodiaThe Indian government said it has rescued and repatriated about 250 citizens in Cambodia who were held captive and coerced into running cyber scams. The Indian nationals "were lured with employment opportunities to that country but were forced to undertake illegal cyber work," th…THEHACKERNEWS.COM
1 AprMust-Read New Study on Russian Propaganda TechniquesThe Kyiv Post just published : "A knockout study by the Institute for the Study of War (“ISW”), just out March 27, is a must read for all the leadership of the West, and particularly, the US Administration and Congress. [ PDF ] Vladimir Lenin’s famous statement, that “a lie told …KNOWBE4.COM
1 AprShopping platform PandaBuy data leak impacts 1.3 million usersData belonging to more than 1.3 million customers of the PandaBuy online shopping platform has been leaked, allegedly after two threat actors exploited multiple vulnerabilities to breach systems. [...]BLEEPINGCOMPUTER.COM
1 Apr‘WallEscape’ Linux Vulnerability Leaks User PasswordsA vulnerability in util-linux, a core utilities package in Linux systems, allows attackers to leak user passwords and modify the clipboard. The post ‘WallEscape’ Linux Vulnerability Leaks User Passwords appeared first on SecurityWeek .SECURITYWEEK.COM
1 AprOWASP discloses data breach caused by wiki misconfigurationThe OWASP Foundation has disclosed a data breach after some members' resumes were exposed online due to a misconfiguration of its old Wiki web server. [...]BLEEPINGCOMPUTER.COM
1 AprGoogle now blocks spoofed emails for better phishing protection - Source: www.bleepingcomputer.com - CISO2CISO.COM & CYBER SECURITY GROUPsubmitted by Lanky_Pomegranate530 to cybersecurity 2 points | 0 comments https://ciso2ciso.com/google-now-blocks-spoofed-emails-for-better-phishing-protection-source-www-bleepingcomputer-com/CISO2CISO.COM
1 AprIndia rescues 250 citizens enslaved by Cambodian cybercrime gangThe Indian government says it rescued and repatriated 250 citizens who sought jobs in Cambodia, only to be forced into conducting cybercrime once they arrived. [...]BLEEPINGCOMPUTER.COM
📢 SECURITY ADVISORIES 4[−]
1 AprKuCoin Charged with AML Violations That Let Cybercriminals Launder BillionsIn an indictment, the Department of Justice claimed that KuCoin knowingly allowed U.S.-based users to trade on its platform while fulfilling none of its AML obligations, as defined by U.S. laws and regulations.BLEEPINGCOMPUTER.COM
1 AprYour KnowBe4 Compliance Plus Fresh Content Updates from March 2024Check out the March updates in Compliance Plus so you can stay on top of featured compliance training content.KNOWBE4.COM
1 AprHow the NIST CSF 2.0 Can Help Healthcare Sector FirmsThe National Institute of Standards and Technology's updated Cybersecurity Framework 2.0 can help healthcare organizations better formalize their governance functions to enhance their cybersecurity posture and resilience, said Robert Booker, chief strategy officer at HITRUST.DATABREACHTODAY.CO.UK
1 AprFeds Tackling Information Security in Government ProcurementGSA Establishes Framework for Security Regulations Covering Federal Acquisitions The federal government aims to streamline its information security and supply chain security procurement policies as part of an effort to better safeguard federal systems. It published a rule establi…DATABREACHTODAY.CO.UK
🔥 INCIDENT REPORTING 9[−]
1 AprDinodasRAT Linux Malware Attack on Linux Servers to Gain Backdoor AccessDinodasRAT, also known as XDealer, is a sophisticated C++ backdoor targeting multiple operating systems. It is designed to enable attackers to monitor and extract sensitive information from compromised systems covertly. Notably, a Windows variant of this RAT was employed in attac…GBHACKERS.COM
1 AprPandabuy - 1,348,407 breached accountsIn March 2024, 1.3M unique email addresses from the online store for purchasing goods from China, Pandabuy, were posted to a popular hacking forum . The data also included IP and physical addresses, names, phone numbers and order enquiries. The breach was alleged to be attributed…HAVEIBEENPWNED.COM
1 AprUpdate: AT&T Confirms Data for 73 Million Customers Leaked on Hacker ForumWhile the company continues to say there is no indication their systems were breached, it has now confirmed that the leaked data belongs to 73 million current and former customers.BLEEPINGCOMPUTER.COM
1 AprPentagon Lays Out Strategy to Improve Defense Industrial Base CybersecurityThe strategy, which covers fiscal years 2024 through 2027, lays out four topline goals, such as improving best practices within the industrial base. Each goal contains a subset of objectives, such as being able to recover from a cyberattack.THERECORD.MEDIA
1 AprReport: 17 Billion Personal Records Exposed in Data Breaches in 2023Reported data breach incidents rose by 34.5% in 2023, with over 17 billion personal records compromised throughout the year, according to Flashpoint’s 2024 Global Threat Intelligence Report.INFOSECURITY-MAGAZINE.COM
1 AprIsraeli LGBTQ Dating App Atraf Faces Data Leak, 700,000 Users AffectedAtraf, a popular Israeli LGBTQ dating app, has suffered a major data breach exposing the personal information of over half a million users. Leaked data includes cleartext passwords and payment card data.HACKREAD.COM
1 AprDetecting Windows-based Malware Through Better VisibilityDespite a plethora of available security solutions, more and more organizations fall victim to Ransomware and other threats. These continued threats aren't just an inconvenience that hurt businesses and end users - they damage the economy, endanger lives, destroy businesses and p…THEHACKERNEWS.COM
1 AprLeaked Dataset Belongs to AT&T Current and Former CustomersData of 75 Million Individuals, Including SSNs, Posted on Criminal Forum AT&T did an about-face Saturday, saying that a leaked tranche of data pertaining to 73 million individuals does in fact reveal sensitive information of current and former customers of America's largest w…DATABREACHTODAY.CO.UK
1 AprYacht retailer MarineMax discloses data breach after cyberattackMarineMax, self-described as one of the world's largest recreational boat and yacht retailers, says attackers stole employee and customer data after breaching its systems in a March cyberattack. [...]BLEEPINGCOMPUTER.COM
🕵️ THREAT INTELLIGENCE 22[−]
1 AprISC Stormcast For Monday, April 1st, 2024 https://isc.sans.edu/podcastdetail/8918, (Mon, Apr 1st)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
1 AprBest Practices Q&A: The importance of articulating how cybersecurity can be a business enablerThe technology and best practices for treating cybersecurity as a business enabler, instead of an onerous cost-center, have long been readily available. Related: Data privacy vs data security However, this remains a novel concept at most companies. Now comes a … (more…)LASTWATCHDOG.COM
1 AprMalicious Apps Caught Secretly Turning Android Phones into Proxies for CybercriminalsSeveral malicious Android apps that turn mobile devices running the operating system into residential proxies (RESIPs) for other threat actors have been observed on the Google Play Store. The findings come from HUMAN's Satori Threat Intelligence team, which said the cluster of VP…THEHACKERNEWS.COM
1 AprThe Rising Threat of Fake Business AccountsProve's Mary Ann Miller on Strategies for Stronger ID Verification The banking and financial services industry will see a growth in scams and frauds perpetrated through fake businesses, incentivizing bad actors to continue creating these fraudulent entities, said Mary Ann Miller,…DATABREACHTODAY.CO.UK
1 AprMentorship Monday - Discussions for career and learning!submitted by shellsharks to cybersecurity 1 points | 0 comments Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? …INFOSEC.PUB
1 AprThe xz-utils backdoor in security advisories by national CSIRTs, (Mon, Apr 1st)For the last few days, the backdoor in xz-utils[ 1 ] has been among the main topics of conversation in the global cyber security community. ISC.SANS.EDU
1 AprDinodasRAT Malware Targets Linux Servers in Espionage CampaignWhen executed, the Linux variant of DinodasRAT creates a hidden file in the directory where its binary resides, which acts as a mutex to prevent multiple instances from running on the infected device.BLEEPINGCOMPUTER.COM
1 AprRoss Anderson, Professor & Author of ‘Security Engineering’ Book passes awayProfessor Ross Anderson, who passed away on March 28, 2024. Anderson, a pioneer in security engineering, was the author of the seminal book ‘Security Engineering’, which has educated countless professionals and academics on the complexities of securing systems. Born o…GBHACKERS.COM
1 AprSupply Chain Attack: Major Linux Distributions Impacted by XZ Utils BackdoorUrgent security alerts issued as malicious code was found embedded in the XZ Utils data compression library used in many Linux distributions. The post Supply Chain Attack: Major Linux Distributions Impacted by XZ Utils Backdoor appeared first on SecurityWeek .SECURITYWEEK.COM
1 AprMagic Security DustAdam Shostack is selling magic security dust . It’s about time someone is commercializing this essential technology.SCHNEIER.COM
1 AprAI Hallucinated Packages Fool Unsuspecting DevelopersSoftware developers relying on AI chatbots for building applications may end up using hallucinated software packages. The post AI Hallucinated Packages Fool Unsuspecting Developers appeared first on SecurityWeek .SECURITYWEEK.COM
1 AprDespite Cybersecurity Improvements in UK Organizations, Attacks Still PersistThe UK government's third phase of research shows how well UK organizations have been improving their cybersecurity efforts but indicates that the risk from certain attacks have only been reduced marginally.  KNOWBE4.COM
1 AprThread Hijacking Phishing Attack Targets Pennsylvania JournalistA journalist in Pennsylvania was targeted by phishing attacks that involved thread hijacking, according to Brian Krebs at KrebsOnSecurity.KNOWBE4.COM
1 AprWhat we know about the xz Utils backdoor that almost infected the worldsubmitted by canpolat to security 3 points | 0 comments https://arstechnica.com/security/2024/04/what-we-know-about-the-xz-utils-backdoor-that-almost-infected-the-world/ARSTECHNICA.COM
1 Apr‘Vultur’ Android Malware Gets Extensive Device Interaction CapabilitiesNCC Group researchers warn that the Android banking malware ‘Vultur’ has been updated with device interaction and file tampering capabilities. The post ‘Vultur’ Android Malware Gets Extensive Device Interaction Capabilities appeared first on SecurityWeek .SECURITYWEEK.COM
1 AprThe amazingly scary xz sshd backdoor, (Mon, Apr 1st)Unless you took the whole weekend off, you must have seen by now that Andres Freund published an amazing discovery on Friday on the Openwall mailing list ( https://www.openwall.com/lists/oss-security/2024/03/29/4 ). The whole story around this is both fascinating and scary …ISC.SANS.EDU
1 AprAI bots hallucinate software packages and devs download them - even if potentially poisoned with malwaresubmitted by mozz to cybersecurity 1 points | 0 comments https://www.theregister.com/2024/03/28/ai_bots_hallucinate_software_packages/THEREGISTER.COM
1 AprDinodasRAT Backdoor Targeting Linux Machines WorldwideChinese Hackers Have Used DinodasRAT Hackers are using a new version of a backdoor to target Linux servers and gain and maintain access in what appears to be an espionage campaign, warn researchers from Kaspersky. The hallmark of DinodasRAT's strategy is its sophisticated victim …DATABREACHTODAY.CO.UK
1 AprLinux got wrecked by backdoor attack - Code Reportsubmitted by ruffsl to security 0 points | 0 comments https://youtube.com/watch?v=bS9em7Bg0iU cross-posted from: programming.dev/post/12247721 🔥 🚢 overviews the recent supply chain attack on XZ library.YOUTUBE.COM
1 AprVeracode Buys Longbow Security for Automated Root Cause Analysis TechVeracode announces a deal to acquire Longbow Security, a Texas seed-stage startup working on automated root cause analysis technology. The post Veracode Buys Longbow Security for Automated Root Cause Analysis Tech appeared first on SecurityWeek .SECURITYWEEK.COM
1 AprData Security Fears: Congress Bans Staff Use of Microsoft's AI Copilotsubmitted by Lanky_Pomegranate530 to cybersecurity 2 points | 0 comments https://www.hackread.com/us-congress-bans-staff-microsoft-ai-copilot/HACKREAD.COM
1 AprNetskope CEO on What Platformization Means for CybersecurityCEO Sanjay Beri on What Distinguishes Genuine Integration From Mere Aggregation In a deep dive into the cybersecurity's industry's shift toward platformization, Netskope CEO Sanjay Beri explores the nuances of integrating multiple security services, the importance of truly integr…DATABREACHTODAY.CO.UK
🌐 CYBER THREAT LANDSCAPE 7[−]
1 AprVultur Android Banking Trojan Returns with Upgraded Remote Control CapabilitiesThe Android banking trojan known as Vultur has resurfaced with a suite of new features and improved anti-analysis and detection evasion techniques, enabling its operators to remotely interact with a mobile device and harvest sensitive data. "Vultur has also started masquerading m…THEHACKERNEWS.COM
1 AprResearchers Dissect Infostealer Malware Targeting macOS UsersThe ongoing infostealer attacks targeting macOS users may have adopted different methods to compromise victims' Macs, but operate with the end goal of stealing sensitive data, Jamf Threat Labs said in a report published Friday.JAMF.COM
1 AprActivision Recommends Users Enable 2FA to Secure Accounts Recently Stolen by MalwareAn infostealer malware campaign has apparently collected millions of logins from users of various gaming websites, including players that use cheats and pay-to-cheat services.BLEEPINGCOMPUTER.COM
1 AprFAQ On The xz-utils BackdoorPACKETSTORMSECURITY.COM
1 AprFTC: Americans lost $1.1 billion to impersonation scams in 2023Impersonation scams in the U.S. exceeded $1.1 billion in losses last year, according to statistics collected by the Federal Trade Commission (FTC), a figure that is three times higher than in 2020. [...]BLEEPINGCOMPUTER.COM
📡 INFOSEC NEWS 7[−]
1 AprThe Beekeeper and cybersecurity | Kaspersky official blogWhat cybersecurity lessons can we learn from the Jason Statham movie "The Beekeeper"?KASPERSKY.COM
1 AprBritish Nuclear Site Sellafield to be Prosecuted for Cybersecurity FailuresThe UK's independent nuclear safety regulator has announced that it will be prosecuting the company managing the Sellafield nuclear site over “alleged information technology security offenses during a four year period between 2019 and early 2023.”THERECORD.MEDIA
1 AprOMB Issues First Governmentwide AI Risk Mitigation RulesU.S. federal agencies have until December to implement a series of safeguards that aim to ensure the government is responsibly using artificial intelligence, the White House ordered Thursday.GOVINFOSECURITY.COM
1 AprSophos Firewall Once Again Recognized as the #1 Firewall Solution by G2 UsersTop rated based on a high customer satisfaction score and large market presenceSOPHOS.COM
1 AprGoogle now blocks spoofed emails for better phishing protectionGoogle has started automatically blocking emails sent by bulk senders who don't meet stricter spam thresholds and authenticate their messages as required by new guidelines to strengthen defenses against spam and phishing attacks. [...]BLEEPINGCOMPUTER.COM