MATLOCK.CA
122Articles
9Categories
2024-04-11Date
🚨
OWASP Top 10 OSS Risks: A guide to better open source securityCalls for a critical look at how open-source software (OSS) is secured and used have been increasing after a number of recent scares exposed vulnerabilities and risks, in particular the XZ Utils incident that revealed a backdoor inserted into a widely used OSS for compression and…
KEVCSOONLINE.COM — 11 Apr 2024
🚨
CISA Adds Two Known Exploited Vulnerabilities to CatalogCISA has added two new vulnerabilities to its  Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2024-3272 D-Link Multiple NAS Devices Use of Hard-Coded Credentials Vulnerability CVE-2024-3273 D-Link Multiple NAS Devices Command Injectio…
KEVCISA.GOV — Thu, 11 Apr 24 1
πŸ›
Fortinet Rolls Out Critical Security Patches for FortiClientLinux Vulnerability
THEHACKERNEWS.COM — 11 Apr 2024
πŸ›
Fortinet Fixed a Critical RCE Bug in FortiClientLinux
SECURITYAFFAIRS.COM — 11 Apr 2024
πŸ›
Rust Addresses Critical Vulnerability on Windows
THEREGISTER.COM — 11 Apr 2024
πŸ›
Rust addresses critical vulnerability on Windows
THEREGISTER.COM — 11 Apr 2024
πŸ›
CVE-2022-0001 Intel: CVE-2022-0001 Branch History Injection
MSRC.MICROSOFT.COM — 11 Apr 2024
πŸ›
CVE-2024-21322 Microsoft Defender for IoT Remote Code Execution Vulnerability
MSRC.MICROSOFT.COM — 11 Apr 2024
πŸ›
CVE-2024-21323 Microsoft Defender for IoT Remote Code Execution Vulnerability
MSRC.MICROSOFT.COM — 11 Apr 2024
πŸ›
CVE-2024-21324 Microsoft Defender for IoT Elevation of Privilege Vulnerability
MSRC.MICROSOFT.COM — 11 Apr 2024
πŸ›
CVE-2024-26234 Proxy Driver Spoofing Vulnerability
MSRC.MICROSOFT.COM — 11 Apr 2024
πŸ›
CVE-2024-29053 Microsoft Defender for IoT Remote Code Execution Vulnerability
MSRC.MICROSOFT.COM — 11 Apr 2024
πŸ›
CVE-2024-29055 Microsoft Defender for IoT Elevation of Privilege Vulnerability
MSRC.MICROSOFT.COM — 11 Apr 2024
πŸ›
CVE-2024-29054 Microsoft Defender for IoT Elevation of Privilege Vulnerability
MSRC.MICROSOFT.COM — 11 Apr 2024
⚠️
Apple alerts users in 92 nations to mercenary attacks in new warning
TECHCRUNCH.COM — 11 Apr 2024
⚠️
Apple Expands Spyware Alert System to Warn Users of Mercenary Attacks
THEHACKERNEWS.COM — 11 Apr 2024
⚠️
Microsoft April 2024 Patch Tuesday fixes 150 security flaws, 67 RCEs
BLEEPINGCOMPUTER.COM — 11 Apr 2024
⚠️
Fortra For Windows Vulnerability Let Attackers Escalate Privilege
GBHACKERS.COM — 11 Apr 2024
⚠️
Hackers Manipulate GitHub Search To Deliver Clipboard-Hijacking Malware
GBHACKERS.COM — 11 Apr 2024
⚠️
Client-Side Exploitation: Poisoning WebDAV+URL+LNK to Deliver Malicious Payloads
GBHACKERS.COM — 11 Apr 2024
⚠️
Backdoor in XZ Utils That Almost Happened
SCHNEIER.COM — 2024-04-11
⚠️
New Technique Detected in an Open Source Supply Chain Attack
CHECKMARX.COM — 11 Apr 2024
⚠️
Cagey Phishing Attack Drops Multiple RATs to Steal Data
DARKREADING.COM — 11 Apr 2024
⚠️
US Cyber Force Assisted Foreign Governments 22 Times in 2023
SECURITYWEEK.COM — 11 Apr 2024
⚠️
Fortinet Patches FortiClientLinux Critical RCE Vulnerability
PACKETSTORMSECURITY.COM — 11 Apr 2024
⚠️
New Spectre v2 Attack Impacts Linux Systems Running on Intel CPUs
BLEEPINGCOMPUTER.COM — 11 Apr 2024
⚠️
Apple: Mercenary spyware attacks target iPhone users in 92 countries
BLEEPINGCOMPUTER.COM — 11 Apr 2024
⚠️
Cryptohack Roundup: Google Sues Alleged Crypto App Crooks
DATABREACHTODAY.CO.UK — 2024-04-11
⚠️
Data Access Platform PVML Launches With $8 Million in Funding
SECURITYWEEK.COM — 11 Apr 2024
⚠️
CISA Releases Nine Industrial Control Systems Advisories
CISA.GOV — Thu, 11 Apr 24 1
⚠️
DragonForce ransomware – what you need to know
TRIPWIRE.COM — 11 Apr 2024
⚠️
Intel and Lenovo servers impacted by 6-year-old BMC flaw
BLEEPINGCOMPUTER.COM — 11 Apr 2024
⚠️
Our Security of AI Papers and Blogs Explained
MEDIUM.COM — 11 Apr 2024
⚠️
Customers of Sisense data analytics service urged to change credentials
CSOONLINE.COM — 11 Apr 2024
⚠️
Understanding KillNet and Recent Waves of DDoS Attacks - Michael Smith - ESW #357
YOUTUBE.COM — 2024-04-11
⚠️
Technical Controls
INFOSEC.PUB — 11 Apr 2024
⚠️
The AI-est news segment ever, now with even more AI! - ESW #357
YOUTUBE.COM — 2024-04-11
πŸ“‹
Breach Roundup: Sisense Supply Chain Attack
DATABREACHTODAY.CO.UK — 2024-04-11
πŸ“’
CISA Opens Its Internal Malware Analysis Tool for Public Use
GBHACKERS.COM — 11 Apr 2024
πŸ“’
Water Facilities Compromised By Iranian Threat Actors
KNOWBE4.COM — 11 Apr 2024
πŸ“’
Compromise of Sisense Customer Data
CISA.GOV — Thu, 11 Apr 24 1
πŸ“’
Citrix security advisory (AV24-195)
CYBER.GC.CA — 2024-04-11
πŸ“’
CISA investigates critical infrastructure breach after Sisense hack
BLEEPINGCOMPUTER.COM — 11 Apr 2024
πŸ“’
CISA says Sisense hack impacts critical infrastructure orgs
BLEEPINGCOMPUTER.COM — 11 Apr 2024
πŸ“’
Attack on data analytics company Sisense prompts alert from CISA
THERECORD.MEDIA — 11 Apr 2024
πŸ“’
Sisense Data Breach Triggers CISA Alert and Urgent Calls for Credential Resets
SECURITYWEEK.COM — 11 Apr 2024
πŸ“’
CISA Issues Emergency Directive 24-02: Mitigating the Significant Risk from Nation-State Compromise of Microsoft Corporate Email System
CISA.GOV — Thu, 11 Apr 24 1
πŸ“’
CISA Directs Federal Agencies to Immediately Mitigate Significant Risk From Russian State-Sponsored Cyber Threat
CISA.GOV — Thu, 11 Apr 24 1
πŸ“’
CISA orders agencies impacted by Microsoft hack to mitigate risks
BLEEPINGCOMPUTER.COM — 11 Apr 2024
πŸ“’
Mitel security advisory (AV24-196)
CYBER.GC.CA — 2024-04-11
πŸ“’
CISA Warns Russian Microsoft Hackers Targeted Federal Emails
DATABREACHTODAY.CO.UK — 2024-04-11
πŸ“’
[Control systems] B&R security advisory (AV24-197)
CYBER.GC.CA — 2024-04-11
πŸ“’
US says Russian hackers stole federal government emails during Microsoft cyberattack
TECHCRUNCH.COM — 11 Apr 2024
πŸ“’
Why CISA is Warning CISOs About a Breach at Sisense
KREBSONSECURITY.COM — 11 Apr 2024
πŸ“’
Implementing Least-Privilege Administrative Models
LEARN.MICROSOFT.COM — 11 Apr 2024
πŸ“’
CISA makes its "Malware Next-Gen" analysis system publicly available
BLEEPINGCOMPUTER.COM — 11 Apr 2024
πŸ”₯
Cyber Espionage: Turla APT Hackers Attack European Organization With Backdoor
GBHACKERS.COM — 11 Apr 2024
πŸ”₯
Wiz Buys Startup Gem Security for $350M to Spot Cloud Issues
BANKINFOSECURITY.COM — 11 Apr 2024
πŸ”₯
IMF: Financial Firms Lost $12 Billion to Cyberattacks in Two Decades
SECURITYWEEK.COM — 11 Apr 2024
πŸ”₯
NSA Updates Zero-Trust Advice to Reduce Attack Surfaces
DARKREADING.COM — 11 Apr 2024
πŸ”₯
Ransomware payouts hit all-time high, but that’s not the whole story
SECURITYINTELLIGENCE.COM — 11 Apr 2024
πŸ”₯
UK's Attitude to Security Spotlit by Government Figures
THEREGISTER.COM — 11 Apr 2024
πŸ”₯
Ukrainian Hackers Launch Cyberattacks On Moscow Sewage System
PACKETSTORMSECURITY.COM — 11 Apr 2024
πŸ”₯
TA547 Hackers Launching AI-Powered Cyber Attacks Targeting Organizations
GBHACKERS.COM — 11 Apr 2024
πŸ”₯
Taxi Software Vendor Data Leak: 300K Passengers Data Exposed
GBHACKERS.COM — 11 Apr 2024
πŸ”₯
East Central University suffers BlackSuit ransomware attack
BITDEFENDER.COM — 11 Apr 2024
πŸ”₯
When a breach goes from 25 documents to 1.3 terabytes…
GRAHAMCLULEY.COM — 11 Apr 2024
πŸ”₯
How Red Team Exercises Increases Your Cyber Health
TRENDMICRO.COM — 11 Apr 2024
πŸ”₯
Optics giant Hoya hit with $10 million ransomware demand
BLEEPINGCOMPUTER.COM — 11 Apr 2024
πŸ”₯
Change Healthcare Attack 'Devastating' to Doc Practices
DATABREACHTODAY.CO.UK — 2024-04-11
πŸ”₯
FBI Calls for Increased Funding to Counter Cyber Threats
DATABREACHTODAY.CO.UK — 2024-04-11
πŸ”₯
Raspberry Robin Morphs, Now Spreads via Windows Script Files
DATABREACHTODAY.CO.UK — 2024-04-11
πŸ•΅οΈ
ISC Stormcast For Thursday, April 11th, 2024 https://isc.sans.edu/podcastdetail/8934, (Thu, Apr 11th)
ISC.SANS.EDU — 11 Apr 2024
πŸ•΅οΈ
History of RSA Conference. Bruce Schneier. The First β€˜Exhibitor’ in 1994.
SCHNEIER.COM — 2024-04-11
πŸ•΅οΈ
Evolution of Artificial Intelligence Systems and Ensuring Trustworthiness, (Thu, Apr 11th)
ISC.SANS.EDU — 11 Apr 2024
πŸ•΅οΈ
Cyberespionage Group Earth Hundun's Continuous Refinement of Waterbear and Deuterbear
TRENDMICRO.COM — 11 Apr 2024
πŸ•΅οΈ
Palo Alto Networks Patches Vulnerabilities Allowing Firewall Disruption
SECURITYWEEK.COM — 11 Apr 2024
πŸ•΅οΈ
Google Cloud Unveils New AI-Powered Security Capabilities
SECURITYWEEK.COM — 11 Apr 2024
πŸ•΅οΈ
Alethea Raises $20 Million for Disinformation Detection and Mitigation Solution
SECURITYWEEK.COM — 11 Apr 2024
πŸ•΅οΈ
TA547 Phishing Attack Hits German Firms with Rhadamanthys Stealer
THEHACKERNEWS.COM — 11 Apr 2024
πŸ•΅οΈ
Conservative Revolt in the House Blocks Effort to Reauthorize a Key US Spy Tool
SECURITYWEEK.COM — 11 Apr 2024
πŸ•΅οΈ
Google Pays Out $41,000 for Three Serious Chrome Vulnerabilities
SECURITYWEEK.COM — 11 Apr 2024
πŸ•΅οΈ
Top Tax Scams of 2024 Your Organization Should Watch Out For
KNOWBE4.COM — 11 Apr 2024
πŸ•΅οΈ
Malvertising Campaigns Surged in 2023
KNOWBE4.COM — 11 Apr 2024
πŸ•΅οΈ
Rhadamanthys Malware Deployed By TA547 Against German Targets
INFOSECURITY-MAGAZINE.COM — 11 Apr 2024
πŸ•΅οΈ
Why Intelligence Sharing Is Vital to Building a Robust Collective Cyber Defense Program
SECURITYWEEK.COM — 11 Apr 2024
πŸ•΅οΈ
News alert: Simbian launches with $10M to build autonomous, GenAI-powered security platform
LASTWATCHDOG.COM — 11 Apr 2024
πŸ•΅οΈ
Simbian Emerges From Stealth With $10 Million to Build Autonomous AI-Based Security Platform
SECURITYWEEK.COM — 11 Apr 2024
πŸ•΅οΈ
Inside AWS’s Crusade Against IP Spoofing and DDoS Attacks
SECURITYWEEK.COM — 11 Apr 2024
πŸ•΅οΈ
Knostic Emerges From Stealth With Enterprise Gen-AI Access Controls
SECURITYWEEK.COM — 11 Apr 2024
πŸ•΅οΈ
Google Cloud and Palo Alto Networks Deliver Cloud-Native NGFW Service
PALOALTONETWORKS.COM — 11 Apr 2024
πŸ•΅οΈ
Zscaler to Acquire Network Segmentation Tech Startup Airgap Networks
SECURITYWEEK.COM — 11 Apr 2024
πŸ•΅οΈ
News alert: NTT all photonics network connects data centers in U.S., U.K. at very low latency
LASTWATCHDOG.COM — 11 Apr 2024
πŸ•΅οΈ
Digging Into Supply Chain Security - James McMurry - PSW #824
YOUTUBE.COM — 2024-04-11
πŸ•΅οΈ
Yesterday, in DC, I was given theΒ Holland on the Hill Freddy Heineken Award
KNOWBE4.COM — 11 Apr 2024
πŸ•΅οΈ
US Government on High Alert as Russian Hackers Steal Critical Correspondence From Microsoft
SECURITYWEEK.COM — 11 Apr 2024
πŸ•΅οΈ
Why Is Your TV & NAS On The Internet? - PSW #824
YOUTUBE.COM — 2024-04-11
πŸ•΅οΈ
How Microsoft discovers and mitigates evolving attacks against AI guardrails
MICROSOFT.COM — 11 Apr 2024
πŸ•΅οΈ
Zscaler Buys Airgap Networks to Fuel Segmentation in IoT, OT
DATABREACHTODAY.CO.UK — 2024-04-11
πŸ•΅οΈ
LastPass: Hackers targeted employee in failed deepfake CEO call
BLEEPINGCOMPUTER.COM — 11 Apr 2024
🌐
US government urges Sisense customers to reset credentials after hack
TECHCRUNCH.COM — 11 Apr 2024
🌐
Rhadamanthys Malware Deployed By TA547 Against German Targets
INFOSECURITY-MAGAZINE.COM — 11 Apr 2024
🌐
Live Webinar | What’s Missing in Your Identity First Security Strategy: Lessons from an ISMG Survey
DATABREACHTODAY.CO.UK — 2024-04-11
πŸ“‘
Analyzing CryptoJS Encrypted Phishing Attempt
BINARYDEFENSE.COM — 11 Apr 2024
πŸ“‘
Raspberry Robin Now Spreading Through Windows Script Files
THREATRESEARCH.EXT.HP.COM — 11 Apr 2024
πŸ“‘
AI Data Security Startup Cyera Confirms $300M Raise at a $1.4B Valuation
TECHCRUNCH.COM — 11 Apr 2024
πŸ“‘
New Google Workspace Feature Prevents Sensitive Security Changes if Two Admins Don’t Approve Them
HELPNETSECURITY.COM — 11 Apr 2024
πŸ“‘
Python's PyPI Reveals Its Secrets
THEHACKERNEWS.COM — 11 Apr 2024
πŸ“‘
Simbian brings AI to existing security tools
TECHCRUNCH.COM — 11 Apr 2024
πŸ“‘
DuckDuckGo launches a premium Privacy Pro VPN service
BLEEPINGCOMPUTER.COM — 11 Apr 2024
πŸ“‘
CISO Role Shows Significant Gains Amid Corporate Recognition of Cyber Risk
CYBERSECURITYDIVE.COM — 11 Apr 2024
πŸ“‘
Meta will auto-blur nudity in Instagram DMs in latest teen safety step
TECHCRUNCH.COM — 11 Apr 2024
πŸ“‘
Cyber Resilient 911 Symposium Blog Post
CISA.GOV — Thu, 11 Apr 24 1
πŸ“‘
Google Cloud Unveils New AI-Powered Security Capabilities
PACKETSTORMSECURITY.COM — 11 Apr 2024
πŸ“‘
Global Taxi Software Vendor Exposes Details Of Nearly 300K Across UK And Ireland
PACKETSTORMSECURITY.COM — 11 Apr 2024
πŸ“‘
Apple Drops Term State-Sponsored Attacks From Its Threat Notification Policy
PACKETSTORMSECURITY.COM — 11 Apr 2024
πŸ“‘
How to automate up to 90% of IT offboarding tasks
BLEEPINGCOMPUTER.COM — 11 Apr 2024
πŸ“‘
Python's PyPI Reveals Its Secrets
THEHACKERNEWS.COM — 11 Apr 2024
πŸ“‘
X Fixes URL Blunder That Could Enable Social Media Phishing
THEREGISTER.COM — 11 Apr 2024
πŸ“‘
OpenTable is adding your first name to previously anonymous reviews
BLEEPINGCOMPUTER.COM — 11 Apr 2024
πŸ“‘
Fileless Attacks Prompt Intel’s Next-Gen Security
TRENDMICRO.COM — 11 Apr 2024
πŸ“‘
Beyond fun and games: Exploring privacy risks in children’s apps
WELIVESECURITY.COM — 11 Apr 2024