🐛 COMMON VULNERABILITIES AND EXPOSURES 3[−]
8 AprMultiple Cisco Small Business Routers Vulnerable to XSS AttacksCisco has alerted its customers about a critical vulnerability affecting several Small Business RV Series Routers models. This vulnerability, CVE-2024-20362, poses a significant risk, allowing unauthenticated, remote attackers to conduct cross-site scripting (XSS) attacks. The af…GBHACKERS.COM
8 AprOver 92,000 Internet-Facing D-Link NAS Devices can be Easily HackedA researcher who goes online with the moniker ‘Netsecfish’ disclosed a new arbitrary command injection and hardcoded backdoor flaw, tracked as CVE-2024-3273, that impacts multiple end-of-life D-Link NAS device models.SECURITYAFFAIRS.COM
8 AprCisco IOS Vulnerability Allows DOS Attacks via Malicious TrafficCisco recently fixed a high-severity vulnerability in Cisco IOS Software for Catalyst 6000 Series Switches, which could lead to a denial of service (DoS). This high-severity vulnerability, which has a base score of 7.4 and is tracked as CVE-2024-20276, is triggered by improp…GBHACKERS.COM
⚠️ VULNERABILITY DISCLOSURE 19[−]
8 AprGoogle Sues App Developers Over Fake Crypto Investment App ScamGoogle has filed a lawsuit against two app developers for engaging in an "international online consumer investment fraud scheme" that tricked users into downloading bogus Android apps from the Google Play Store and other sources and stealing their funds under the guise …THEHACKERNEWS.COM
8 AprUS federal agencies get first crack at expanded Microsoft 365 logging capabilitiesIf you happen to be in charge of security posture at a US federal agency, you will want to ensure that you have jumped on the increased logging capabilities that Microsoft recently announced are coming to these organizations. While the US Cybersecurity and Infrastructure Security…CSOONLINE.COM
8 AprAI-As-A-Service Providers Vulnerability Let Attackers Perform Cross-Tenant AttacksThe fast acceptance of AI has serious security issues, as this necessitates strict security measures to be put in place for the protection of sensitive information within shared cloud AI infrastructure. Wiz Research, a cybersecurity firm, in collaboration with AI-as-a-Service fir…GBHACKERS.COM
8 AprMultiple CData Vulnerabilities Let Attackers Bypass Security RestrictionsA path traversal vulnerability was discovered in the Java versions of multiple CData products when using the embedded Jetty server, allowing remote attackers to potentially access sensitive information and perform limited actions on the system. The vulnerability arises from…GBHACKERS.COM
8 AprVedalia APT Group Exploits Oversized LNK Files to Deliver MalwareThe Vedalia Advanced Persistent Threat (APT) group, also known by its alias Konni, has been distributing malware using an innovative technique involving oversized LNK files. This method marks an evolution in the group’s operational tactics, aiming to bypass conventional sec…GBHACKERS.COM
8 AprSecurity Vulnerability of HTML EmailsThis is a newly discovered email vulnerability: The email your manager received and forwarded to you was something completely innocent, such as a potential customer asking a few questions. All that email was supposed to achieve was being forwarded to you. However, the moment the …SCHNEIER.COM
8 AprUS Chamber of Commerce, Industry Groups Call for 30-Day Delay in CIRCIA RulesThe U.S. Chamber of Commerce and multiple industry leaders are calling for a month-long extension of the 60-day comment period for a new incident reporting rule being issued by the top cybersecurity agency in the U.S.THERECORD.MEDIA
8 AprCompany Offering $30 Million for Android, iOS, Browser Zero-Day ExploitsCrowdfense has announced a $30 million exploit acquisition program covering Android, iOS, Chrome, and Safari zero-days. The post Company Offering $30 Million for Android, iOS, Browser Zero-Day Exploits appeared first on SecurityWeek .SECURITYWEEK.COM
8 AprCompany Offering $30 Million For Android, iOS, Browser Zero-Day ExploitsPACKETSTORMSECURITY.COM
8 AprChinese Hackers Using AI Tools To Influence Upcoming ElectionsBy exploiting the AI tools deepfake hackers could make videos or audios of political candidates to spread misinformation or disinformation, which may be used in election campaigns. Large language models (LLMs) can also enable them to produce realistic but misleading content at sc…GBHACKERS.COM
8 AprThousands of Ivanti VPN Appliances Impacted by Recent VulnerabilityResearchers at the Shadowserver Foundation identify thousands of internet-exposed Ivanti VPN appliances likely impacted by a recently disclosed vulnerability leading to remote code execution. The post Thousands of Ivanti VPN Appliances Impacted by Recent Vulnerability appeared fi…SECURITYWEEK.COM
8 AprEscalation of Fake E-Shop Campaign Threatens Banking Security in Multiple RegionsThe threat actor behind the fake e-shop campaign leverages tools such as the open-source string obfuscator “Paranoid” and the Janus WebRTC module, showcasing a deep understanding of technological intricacies to evade detection and amplify impact.THECYBEREXPRESS.COM
8 AprHackers stole 340,000 Social Security numbers from government consulting firmU.S. consulting firm Greylock McKinnon Associates disclosed a data breach in which hackers stole 341,650 Social Security numbers. The data breach was disclosed on Friday on Maine’s government website, where the state posts data breach notifications. In its data breach notice sent…TECHCRUNCH.COM
8 AprOpen-Source Foundations Join Forces on Digital Supply ChainEurope's Cyber Resilience Act Pressures Open-Source Foundations and Manufacturers Foundations housing seven large open-source projects are banding together ahead of what they say is a nearly impossible 2027 deadline created by Europe's Cyber Resilience Act - the world's first dig…DATABREACHTODAY.CO.UK
8 AprCritical RCE bug in 92,000 D-Link NAS devices now exploited in attacksAttackers are now actively targeting over 92,000 end-of-life D-Link Network Attached Storage (NAS) devices exposed online and unpatched against a critical remote code execution (RCE) zero-day flaw. [...]BLEEPINGCOMPUTER.COM
8 AprUS-CERT Vulnerability Summary for the Week of April 1, 2024 - RedPacket Securitysubmitted by Lanky_Pomegranate530 to cybersecurity 1 points | 0 comments https://www.redpacketsecurity.com/cisa-vulnerability-summary-for-the-week-of-april-1-2024/ Bulletins provide weekly summaries of new vulnerabilities. Patch information is provided when available.REDPACKETSECURITY.COM
8 AprTargus discloses cyberattack after hackers detected on file serversLaptop and tablet accessories maker Targus disclosed that it suffered a cyberattack disrupting operations after a threat actor gained access to the company's file servers. [...]BLEEPINGCOMPUTER.COM
8 AprToward greater transparency: Adopting the CWE standard for Microsoft CVEsAt the Microsoft Security Response Center (MSRC), our mission is to protect our customers, communities, and Microsoft from current and emerging threats to security and privacy. One way we achieve this is by determining the root cause of security vulnerabilities in Microsoft produ…MSRC.MICROSOFT.COM
8 AprHow we built the new Find My Device network with user security and privacy in mindPosted by Dave Kleidermacher, VP Engineering, Android Security and Privacy Keeping people safe and their data secure and private is a top priority for Android. That is why we took our time when designing the new Find My Device , which uses a crowdsourced device-locating network t…SECURITY.GOOGLEBLOG.COM
📢 SECURITY ADVISORIES 6[−]
8 AprBest Practices Q&A: Guidance about what directors need to hear from CISOs — from a board memberCISOs can sometimes be their own worst enemy, especially when it comes to communicating with the board of directors. Related: The ‘cyber’ case for D&O insurance Vanessa Pegueros knows this all too well. She serves on the board of several … (more…)LASTWATCHDOG.COM
🔥 INCIDENT REPORTING 17[−]
8 AprWeekly Update 394Presently sponsored by: Kolide ensures only secure devices can access your cloud apps. It's Device Trust tailor-made for Okta. Book a demo today. I suggest, based on my experiences with data breaches over the years, that AT&T is about to have a very bad time of it. Class acti…TROYHUNT.COM
8 AprMicrosoft Two-Step Phishing Campaign Attack LinkedIn UsersThe professional and personal online spheres are merging as social media platforms like Facebook, LinkedIn, and WhatsApp are now commonly used for work communication. Their integration creates cybersecurity vulnerabilities. Threat actors can target employees on social media…GBHACKERS.COM
8 AprboAt - 7,528,986 breached accountsIn March 2024, the Indian audio and wearables brand boAt suffered a data breach that exposed 7.5M customer records . The data included physical and email address, names and phone numbers, all of which were subsequently published to a popular clear web hacking forum.HAVEIBEENPWNED.COM
8 AprUS Environmental Protection Agency hack exposes data of 8.5 million usersThe US federal arm tasked with environmental protection matters, the Environmental Protection Agency (EPA), is allegedly experiencing a data breach affecting over 8.5 million users. The breach, which has reportedly exposed personal and sensitive information belonging to EPA’s cus…CSOONLINE.COM
8 AprThe Drop in Ransomware Attacks in 2024 and What it MeansThe ransomware industry surged in 2023 as it saw an alarming 55.5% increase in victims worldwide, reaching a staggering 5,070. But 2024 is starting off showing a very different picture. While the numbers skyrocketed in Q4 2023 with 1309 cases, in Q1 2024, the …THEHACKERNEWS.COM
8 AprVeterinary Giant IT System Attacked by HackersCVS Group, a leading veterinary service provider, has confirmed that it fell victim to a cyber-attack involving unauthorized access to a segment of its IT systems. The company’s security protocols swiftly detected the breach, prompting an immediate response to contain the t…GBHACKERS.COM
8 AprConfidential VMs Hacked via New Ahoi AttacksNew Ahoi attacks Heckler and WeSee target AMD SEV-SNP and Intel TDX with malicious interrupts to hack confidential VMs. The post Confidential VMs Hacked via New Ahoi Attacks appeared first on SecurityWeek .SECURITYWEEK.COM
8 AprCyberattack on CVS Group veterinary clinics disrupts operationsUK veterinary services provider CVS Group has announced that it suffered a cyberattack that disrupted IT services at its practices across the country. [...]BLEEPINGCOMPUTER.COM
8 AprIndian audio giant BoAt says it’s investigating suspected customer data breachIndia's largest audio and wearables brand confirmed an investigation after alleged customers data was posted online. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
8 AprCyberattack on UK’s CVS Group disrupts veterinary operationsUK veterinary services provider CVS Group has announced that it suffered a cyberattack that disrupted IT services at its practices across the country. [...]BLEEPINGCOMPUTER.COM
8 AprHackers deploy crypto drainers on thousands of WordPress sitesAlmost 2,000 hacked WordPress sites now display fake NFT and discount pop-ups to trick visitors into connecting their wallets to crypto drainers that automatically steal funds. [...]BLEEPINGCOMPUTER.COM
8 AprUS EPA Investigates Alleged Data Breach by Government HackerHacker Claims to Leak Trove of Records Belonging to Environmental Protection Agency The U.S. Environmental Protection Agency is investigating claims that a notorious government hacker leaked a trove of contact information from the agency's database of critical infrastructure cont…DATABREACHTODAY.CO.UK
8 AprA Second Gang Shakes Down UnitedHealth Group for RansomRansomHub Claims It Has 4TBs of Data Stolen by BlackCat in Change Healthcare Attack A second cybercriminal gang - RansomHub - is trying to shake down Change Healthcare's parent company, UnitedHealth Group, and have it pay another ransom for data that an affiliate of ransomware-as…DATABREACHTODAY.CO.UK
8 AprTargus says cyberattack causing operational outageTargus' parent company, B. Riley Financial, said it discovered "a threat actor gained unauthorized access to certain of Targus’ file systems." © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
8 AprHugging Face Vulnerabilities Highlight AI-as-a-Service RisksResearchers Say Illegal Access to Private AI models Can Enable Cross-Tenant Attacks Security researchers have discovered two critical vulnerabilities in the Hugging Face AI platform that exposed potential gaps for attackers seeking unauthorized access and manipulation of customer…DATABREACHTODAY.CO.UK
🕵️ THREAT INTELLIGENCE 23[−]
8 AprCoralRaider Hackers Steals Login Credentials, Financial Data & Social Media LoginsA new threat actor dubbed “CoralRaider” targets victims’ financial information, login credentials, and social media profiles—including accounts for businesses and advertisements. The group, which is of Vietnamese origin, has been active since at least 2023 and t…GBHACKERS.COM
8 AprA Use Case for Adding Threat Hunting to Your Security Operations Team. Detecting Adversaries Abusing Legitimate Tools in A Customer Environment. [Guest Diary], (Sun, Apr 7th)[This is a Guest Diary by Nathaniel Jakusz, an ISC intern as part of the SANS.edu BACS program]
ISC.SANS.EDU
8 AprISC Stormcast For Monday, April 8th, 2024 https://isc.sans.edu/podcastdetail/8928, (Mon, Apr 8th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
8 AprHow malicious email campaigns continue to slip through the cracks - Help Net Securitysubmitted by Lanky_Pomegranate530 to cybersecurity 2 points | 0 comments https://www.helpnetsecurity.com/2024/04/08/email-remains-predominant-target-video/HELPNETSECURITY.COM
8 AprCloudflare Acquires Baselime to Enhance Serverless PerformanceCloudflare has announced its acquisition of Baselime, a pioneering observability platform designed to simplify the complexities of serverless application development. This acquisition marks a milestone in Cloudflare’s journey towards creating a more intuitive and efficient …GBHACKERS.COM
8 AprNSA Appoints Dave Luber as Cybersecurity DirectorUS National Security Agency appoints Dave Luber as its new cybersecurity director following the retirement of Rob Joyce. The post NSA Appoints Dave Luber as Cybersecurity Director appeared first on SecurityWeek .SECURITYWEEK.COM
8 AprGoogle Adds V8 Sandbox to ChromeGoogle fights Chrome V8 engine memory safety bugs with a new sandbox and adds it to the bug bounty program. The post Google Adds V8 Sandbox to Chrome appeared first on SecurityWeek .SECURITYWEEK.COM
8 AprLarge-Scale StrelaStealer Campaign Impacts Over 100 Organizations Within the E.U. and U.S.A new campaign of StrelaStealer attacks identified by security analysts at Unit42 has been spotted targeting E.U. and U.S. organizations. This somewhat new infostealer has evolved to be even better at evading detection in a new string of campaigns aimed at stealing …KNOWBE4.COM
8 AprThe Cyber Achilles' Heel: Why World Leaders and High-Profile Individuals Must Prioritise CybersecuritySocial media has become an indispensable tool for communication, outreach, and engagement. From world leaders to high-profile individuals, these platforms offer an unparalleled opportunity to connect with the masses.KNOWBE4.COM
8 AprMentorship Monday - Discussions for career and learning!submitted by shellsharks to cybersecurity 1 points | 0 comments Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? …INFOSEC.PUB
8 AprUnleash Platform Power with Strata Cloud Manager’s Command CenterThe first of its kind, Strata Cloud Manager's Command Center, represents the power of platformization within your network security infrastructure. The post Unleash Platform Power with Strata Cloud Manager’s Command Center appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
8 AprHealthcare IT Help Desk Employees Targeted in Payment-Hijacking AttacksThe US Department of Health warns of financially motivated social engineering attacks targeting healthcare organizations. The post Healthcare IT Help Desk Employees Targeted in Payment-Hijacking Attacks appeared first on SecurityWeek .SECURITYWEEK.COM
8 AprKey Lawmakers Float New Rules for Personal Data Protection; Bill Would Make Privacy a Consumer RightThe American Privacy Rights Act would preempt most state privacy laws — though it wouldn’t impact certain states’ laws already on the books that protect financial, health or employee data. The post Key Lawmakers Float New Rules for Personal Data Protection; Bill Would Make Privac…SECURITYWEEK.COM
8 AprAustralian Government Commits to Become a World-Leader in Cybersecurity by 2030The Australian Government has leveraged insight from cybersecurity experts to create a new six-part plan to combat cybersecurity over the coming decade.KNOWBE4.COM
8 AprTokyo Police Department Warns of Phishing Scam That Uses Phony Arrest WarrantsThe Tokyo Metropolitan Police Department has warned of a phishing scam that’s attempting to trick individuals with phony arrest warrants, the Japan Times reports.KNOWBE4.COM
8 AprPolice Probe Honeytrap Sexting Scam Targeting British MPsWarning: Low-Tech, Deceptive Social Engineering Attacks Remain Difficult to Detect British police are investigating attempts to target Members of Parliament, their advisers and other Conservative and Labour insiders via spear-phishing messages as part of an apparent honeytrap sex…DATABREACHTODAY.CO.UK
8 AprThreat Actors Deliver Malware via YouTube Video Game CracksThreat actors target home users with information-stealing malware like Vidar, StealC, and Lumma Stealer, which disguises the malware as pirated software and video game cracks in YouTube videos. The videos appear to instruct users on obtaining free software or game upgrades. Still…GBHACKERS.COM
8 AprAGENT TESLA Malware Steals login Credentials From Chrome & FirefoxResearchers investigated a recent Agent Tesla malware campaign targeting US and Australian organizations, which used phishing emails with fake purchase orders to trick victims into clicking malicious links. Upon clicking, an obfuscated Agent Tesla sample protected by Cassan…GBHACKERS.COM
8 AprRSA Conference 2024 Preview: 'The Art of Possible'Linda Gray Martin and Britta Glade on What to Expect and What's New This Year "The Art of Possible" is the theme of RSA Conference 2024, and event organizers Linda Gray Martin and Britta Glade say they may have put together the best agenda yet - featuring sessions and speakers on…DATABREACHTODAY.CO.UK
8 AprUnderstanding the Cybersecurity Ecosystem, Part 2 - Ross Haleliuk - BSW #345In this discussion, we focus on vendor/tool challenges in infosec, from a security leader's perspective. To quote our guest, Ross, "running a security program is often confused with shopping". You can't buy an effective security program any more than you can buy respect, or a bla…YOUTUBE.COM
8 AprUnderstanding the Cybersecurity Ecosystem, Part 1 - Ross Haleliuk - BSW #345In this discussion, we focus on vendor/tool challenges in infosec, from a security leader's perspective. To quote our guest, Ross, "running a security program is often confused with shopping". You can't buy an effective security program any more than you can buy respect, or a bla…YOUTUBE.COM
8 AprMeta Will Label AI-Generated Content Starting In MayTech Giant Asks Creators to Declare Content with 'Made with AI' Label Meta will slap a "made with AI" label on generative artificial intelligence contest posted onto its social media sites starting in May, a change the social media giant says will result in more content carrying …DATABREACHTODAY.CO.UK
8 AprXZ Utils Supply Chain Attack: A Threat Actor Spent Two Years to Implement a Linux Backdoorsubmitted by Lanky_Pomegranate530 to cybersecurity 2 points | 0 comments https://www.techrepublic.com/article/xz-backdoor-linux/ Read about a supply chain attack that involves XZ Utils, a data compressor widely used in Linux systems, and learn how to protect from this threat.TECHREPUBLIC.COM
🌐 CYBER THREAT LANDSCAPE 5[−]
8 AprPersistent Magento Backdoor Hidden in XMLAttackers are using a new method for malware persistence on Magento servers. Sansec discovered a cleverly crafted layout template in the database, which was used to automatically inject malware.SANSEC.IO
8 AprWatch Out for 'Latrodectus' - This Malware Could Be In Your InboxThreat hunters have discovered a new malware called Latrodectus that has been distributed as part of email phishing campaigns since at least late November 2023. "Latrodectus is an up-and-coming downloader with various sandbox evasion functionality," researchers from Pro…THEHACKERNEWS.COM
8 AprHackers can Use AI Hallucinations to Spread MalwareOne security researcher investigating AI-hallucinated libraries said late last month that he found chatbots calling for a nonexistent Python package dubbed "huggingface-cli."HEALTHCAREINFOSECURITY.COM
8 AprFake Facebook MidJourney AI Page Promoted Malware to 1.2 Million PeopleHackers are using Facebook advertisements and hijacked pages to promote fake Artificial Intelligence services, such as MidJourney, OpenAI's SORA and ChatGPT-5, and DALL-E, to infect unsuspecting users with password-stealing malware.BLEEPINGCOMPUTER.COM
🎙️ PODCASTS 1[−]
8 AprCyber Security Today, April 8, 2024 - Crooks are hijacking Facebook pages to spread phoney AI applicationsThis episode reports on AI and Magento scams, and moreCYBERSECURITYTODAY.LIBSYN.COM
📡 INFOSEC NEWS 11[−]
8 AprCybercriminals Targeting Latin America with Sophisticated Phishing SchemeA new phishing campaign has set its eyes on the Latin American region to deliver malicious payloads to Windows systems. "The phishing email contained a ZIP file attachment that when extracted reveals an HTML file that leads to a malicious file download posing as an invoice," Trus…THEHACKERNEWS.COM
8 AprNotepad++ needs your help in "parasite website" shutdownThe Notepad++ project is seeking the public's help in taking down a copycat website that closely impersonates Notepad++ but is not affiliated with the project. There is some concern that it could pose security threats—for example, if it starts pushing malicious releases or spam s…BLEEPINGCOMPUTER.COM
8 AprWiz Discovers Flaws in GenAI Models Enabling Customer Data TheftCloud security provider Wiz found two critical architecture flaws in generative AI models uploaded to Hugging Face, namely shared Inference infrastructure takeover and shared CI/CD takeover.INFOSECURITY-MAGAZINE.COM
8 AprUK: Police Launch Inquiry After MPs Targeted in Apparent ‘Spear-Phishing’ AttackA police investigation has been launched after MPs were apparently targeted in a “spear-phishing” attack, in what security experts believe could be an attempt to compromise the UK Parliament.THEGUARDIAN.COM
8 AprPermiso Secures $18.5 Million in Series A Funding to Fortify Cloud Identity Security LandscapeAccording to Silicon Angle, this significant injection of capital is spearheaded by Altimeter Capital Management LP, with notable participation from Point72 Ventures LLC, marking a new milestone for the company founded in 2020.FINTECH.GLOBAL
8 AprNotepad++ wants your help in "parasite website" shutdownThe Notepad++ project is seeking the public's help in taking down a copycat website that closely impersonates Notepad++ but is not affiliated with the project. There is some concern that it could pose security threats—for example, if it starts pushing malicious releases or spam s…BLEEPINGCOMPUTER.COM
8 AprGoogle Sues Crypto Investment App Makers Over Alleged Massive “Pig Butchering” ScamTwo China-based Android app developers are being sued by Google for an alleged scam targeting 100,000 users worldwide through fake cryptocurrency and other investment apps.BITDEFENDER.COM
8 AprGoogle Chrome Adds V8 Sandbox - A New Defense Against Browser AttacksGoogle has announced support for what's called a V8 Sandbox in the Chrome web browser in an effort to address memory corruption issues. The sandbox, according to V8 Security technical lead Samuel Groß, aims to prevent "memory corruption in V8 from spreading wi…THEHACKERNEWS.COM
8 AprHotel Check-In Terminal Leaks Rafts of Guests' Room CodesMartin Schobert at Swiss security firm Pentagrid discovered that an attacker could input a series of six consecutive dashes (------) in place of a booking reference number and the terminal would return an extensive list of room details.THEREGISTER.COM
8 AprGoogle rolls out new Find My Device network to Android devicesGoogle is rolling out an upgraded Find My Device network to Android devices in the United States and Canada, almost one year after it was first unveiled during the Google I/O 2023 conference in May. [...]BLEEPINGCOMPUTER.COM
8 Apr7 reasons why cybercriminals want your personal dataHere's what drives cybercriminals to relentlessly target the personal information of other people – and why you need to guard your data like your life depends on itWELIVESECURITY.COM