MATLOCK.CA
111Articles
8Categories
2024-04-12Date
🚨
CISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its  Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2024-3400 Palo Alto Networks PAN-OS Command Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malicious c…
KEVCISA.GOV — Fri, 12 Apr 24 1
🚨
Palo Alto Networks Releases Guidance for Vulnerability in PAN-OS, CVE-2024-3400Palo Alto Networks has released workaround guidance for a command injection vulnerability (CVE-2024-3400) affecting PAN-OS versions 10.2, 11.0, and 11.1. Palo Alto Networks has reported active exploitation of this vulnerability in the wild.  CISA encourages users and adminis…
KEVCISA.GOV — Fri, 12 Apr 24 1
🚨
Attackers exploit critical zero-day flaw in Palo Alto Networks firewallsNetwork security vendor Palo Alto Networks released mitigation instructions for an actively exploited vulnerability in PAN-OS, the software that powers its next-generation firewall (NGFW) products. The company is still working on developing software patches. The vulnerability, tr…
KEVCSOONLINE.COM — 12 Apr 2024
🐛
Zero-Day Alert: Critical Palo Alto Networks PAN-OS Flaw Under Active Attack
KEVTHEHACKERNEWS.COM — 12 Apr 2024
🐛
Palo Alto Networks Fixed Multiple DoS Bugs in its Firewalls
SECURITYAFFAIRS.COM — 12 Apr 2024
🐛
Exploitation of Unpatched D-Link NAS Device Vulnerabilities Soars
SECURITYWEEK.COM — 12 Apr 2024
🐛
Microsoft Fixed Two Zero-Day Flaws Exploited in Malware Attacks
SECURITYAFFAIRS.COM — 12 Apr 2024
🐛
Citrix Releases Security Updates for XenServer and Citrix Hypervisor
CISA.GOV — Fri, 12 Apr 24 1
🐛
Alert! Palo Alto RCE Zero-day Vulnerability Actively Exploited in the Wild
KEVGBHACKERS.COM — 12 Apr 2024
🐛
CVE 10.0 vulnerability in PAN-OS
SECURITY.PALOALTONETWORKS.COM — 12 Apr 2024
🐛
Palo Alto Networks warns of zero-day in VPN product
KEVTHERECORD.MEDIA — 12 Apr 2024
🐛
Tool finds new ways to exploit Spectre holes in Intel CPUs
THEREGISTER.COM — 12 Apr 2024
🐛
CVE-2024-3400 exploited: Unit 42, Volexity share more details about the attacks - Help Net Security
HELPNETSECURITY.COM — 12 Apr 2024
🐛
Chromium: CVE-2024-3157 Out of bounds write in Compositing
MSRC.MICROSOFT.COM — 12 Apr 2024
🐛
Chromium: CVE-2024-3515 Use after free in Dawn
MSRC.MICROSOFT.COM — 12 Apr 2024
🐛
Chromium: CVE-2024-3516 Heap buffer overflow in ANGLE
MSRC.MICROSOFT.COM — 12 Apr 2024
⚠️
ISC2 study pegs average US cybersecurity salary at $147K, up from $119K in 2021
CSOONLINE.COM — 12 Apr 2024
⚠️
How Exposure Management Elevates Cyber Resilience
HELPNETSECURITY.COM — 12 Apr 2024
⚠️
New Technique Detected in an Open Source Supply Chain Attack
CHECKMARX.COM — 12 Apr 2024
⚠️
Apple Warns of 'Mercenary Attack' on iPhones. What You Should Know
CNET.COM — 12 Apr 2024
⚠️
Palo Alto Networks Warns of Exploited Firewall Vulnerability
SECURITYWEEK.COM — 12 Apr 2024
⚠️
‘BatBadBut’ Command Injection Vulnerability Affects Multiple Programming Languages
SECURITYWEEK.COM — 12 Apr 2024
⚠️
Palo Alto Networks warns of PAN-OS firewall zero-day used in attacks
KEVBLEEPINGCOMPUTER.COM — 12 Apr 2024
⚠️
6-year-old Lighttpd Flaw Impacts Intel And Lenovo Servers
GBHACKERS.COM — 12 Apr 2024
⚠️
Apple Boosts Spyware Alerts For Mercenary Attacks
INFOSECURITY-MAGAZINE.COM — 12 Apr 2024
⚠️
CISA opens its malware analysis and threat hunting tool for public use
CSOONLINE.COM — 12 Apr 2024
⚠️
Lessons from XZ Utils: Achieving a More Sustainable Open Source Ecosystem
CISA.GOV — Fri, 12 Apr 24 1
⚠️
In Other News: Moscow Sewage Hack, Women in Cybersecurity Report, Dam Security Concerns
SECURITYWEEK.COM — 12 Apr 2024
⚠️
Juniper Releases Security Bulletin for Multiple Juniper Products
CISA.GOV — Fri, 12 Apr 24 1
⚠️
How Ukraine’s cyber police fights back against Russia’s hackers
TECHCRUNCH.COM — 12 Apr 2024
⚠️
Palo Alto Networks Warns Of Exploited Firewall Vulnerability
PACKETSTORMSECURITY.COM — 12 Apr 2024
⚠️
Wiz Acquires Gem Security, Pushes Security Tools Consolidation
SECURITYWEEK.COM — 12 Apr 2024
⚠️
How a 9.8 critical security vulnerability in ZeroMQ was found (with mostly pure luck)
FANGPENLIN.COM — 12 Apr 2024
⚠️
Cybersecurity Decluttered: A Journey to Consolidation
TRENDMICRO.COM — 12 Apr 2024
⚠️
CISA orders US government agencies to check email systems for signs of Russian compromise
CSOONLINE.COM — 12 Apr 2024
⚠️
Current and former Polish officials face probe of alleged spyware abuse
THERECORD.MEDIA — 12 Apr 2024
⚠️
Apple notifies users in 92 countries about mercenary spyware attacks
THERECORD.MEDIA — 12 Apr 2024
⚠️
Telegram fixes Windows app zero-day caused by file extension typo
BLEEPINGCOMPUTER.COM — 12 Apr 2024
⚠️
Cyber Security Today, Week in Review for week ending Friday, April 12, 2024
CYBERSECURITYTODAY.LIBSYN.COM — 12 Apr 2024
⚠️
AL24-005 - Vulnerability impacting PAN-OS GlobalProtect Gateway
CYBER.GC.CA — 2024-04-12
⚠️
Several vulnerabilities in LG WebOS. Chained, lead to RCE.
BITDEFENDER.COM — 12 Apr 2024
⚠️
State-Sponsored Hackers Exploit Zero-Day to Backdoor Palo Alto Networks Firewalls
SECURITYWEEK.COM — 12 Apr 2024
⚠️
A Vulnerability in PAN-OS Could Allow for Arbitrary Code Execution
CISECURITY.ORG — 12 Apr 2024
⚠️
Friday Squid Blogging: The Awfulness of Squid Fishing Boats
SCHNEIER.COM — 2024-04-12
⚠️
Telegram fixes Windows app zero-day used to launch Python scripts
BLEEPINGCOMPUTER.COM — 12 Apr 2024
⚠️
US Cyber Command Expanded 'Hunt Forward' Operations in 2023
DATABREACHTODAY.CO.UK — 2024-04-12
⚠️
UK Markets Authority Warns of AI Market Capture by Big Tech
DATABREACHTODAY.CO.UK — 2024-04-12
⚠️
iPhone Users in 92 Countries Targeted by Mercenary Spyware Attacks
HACKREAD.COM — 12 Apr 2024
📢
U.S. Federal Agencies Ordered to Hunt for Signs of Microsoft Breach and Mitigate Risks
THEHACKERNEWS.COM — 12 Apr 2024
📢
Midnight Blizzard’s Microsoft Corporate Email Hack Threatens Federal Agencies: CISA Warns
GBHACKERS.COM — 12 Apr 2024
📢
The Cyber Defense Matrix (CDM) - Wim Remes - 36 minutes
INFOSEC.PUB — 12 Apr 2024
📢
IT Pros Targeted with Malicious Google Ads for PuTTY, FileZilla
HELPNETSECURITY.COM — 12 Apr 2024
📢
Iranian MuddyWater Hackers Adopt New C2 Tool 'DarkBeatC2' in Latest Campaign
THEHACKERNEWS.COM — 12 Apr 2024
📢
Sisence Data Breach, CISA Urges To Reset Login Credentials
GBHACKERS.COM — 12 Apr 2024
📢
CISA Alerts Organizations Regarding Cyber Incident at Global Data Analytics Company
CISA.GOV — 12 Apr 2024
📢
Palo Alto Networks security advisory (AV24-198)
CYBER.GC.CA — 2024-04-12
📢
American Privacy Rights Bill: Implications for Health Sector
DATABREACHTODAY.CO.UK — 2024-04-12
📢
Combadges, SISENSE, Microsoft, CISA, Lastpass, Palo Alto, Broadband, Aaran and More - SWN #377
YOUTUBE.COM — 2024-04-12
📢
CISA Briefs World Travel Organization Expedia with Advice on Security
CISA.GOV — Fri, 12 Apr 24 1
📢
CISA Partners with State’s K-12 Schools Fighting Cyberattacks to Keep Kids Learning
CISA.GOV — Fri, 12 Apr 24 1
📢
CISA's Malware Analysis Platform Could Foster Better Threat Intel
DARKREADING.COM — 12 Apr 2024
🔥
Building a Live SIFT USB with Persistence, (Fri, Apr 12th)
ISC.SANS.EDU — 12 Apr 2024
🔥
Cyber Attack Surge by 28%:Education Sector at High Risk
GBHACKERS.COM — 12 Apr 2024
🔥
Hackers Employ Deepfake Technology To Impersonate as LastPass CEO
GBHACKERS.COM — 12 Apr 2024
🔥
US think tank Heritage Foundation hit by cyberattack
TECHCRUNCH.COM — 12 Apr 2024
🔥
Cyber Attacks Could Cause Global Bank Runs
KNOWBE4.COM — 12 Apr 2024
🔥
UK Councils Under Cyber Attack: The Urgent Need for a Culture of Cybersecurity and Resilience
KNOWBE4.COM — 12 Apr 2024
🔥
Intel and Lenovo Servers Impacted by 6-Year-Old BMC Flaw
BLEEPINGCOMPUTER.COM — 12 Apr 2024
🔥
Roku Says More Than 500,000 Accounts Impacted In Cyberattack
PACKETSTORMSECURITY.COM — 12 Apr 2024
🔥
LockBit Copycat DarkVault Spurs Rebranding Rumor
PACKETSTORMSECURITY.COM — 12 Apr 2024
🔥
French Issue Alerte Rouge After Local Govs Knocked Offline By Cyberattack
PACKETSTORMSECURITY.COM — 12 Apr 2024
🔥
More Legal Acrimony For Truth Social, As Executive Says He Was Hacked
PACKETSTORMSECURITY.COM — 12 Apr 2024
🔥
Roku warns 576,000 accounts hacked in new credential stuffing attacks
BLEEPINGCOMPUTER.COM — 12 Apr 2024
🔥
Popular Rust Crate liblzma-sys Compromised with XZ Utils Backdoor Files
THEHACKERNEWS.COM — 12 Apr 2024
🔥
Roku says 576,000 user accounts hacked after second security incident
TECHCRUNCH.COM — 12 Apr 2024
🔥
ISMG Editors: Unpacking the Change Healthcare Attack Saga
DATABREACHTODAY.CO.UK — 2024-04-12
🔥
State-Sponsored Disinformation Campaigns Targeting Africa Driving Instability And Violence
KNOWBE4.COM — 12 Apr 2024
🔥
Roku says more than 500,000 accounts impacted in cyberattack
REUTERS.COM — 12 Apr 2024
🔥
PE Firm Accuses Synopsys of Breaching Exclusivity Agreement
DATABREACHTODAY.CO.UK — 2024-04-12
🔥
Giant Tiger - 2,842,669 breached accounts
HAVEIBEENPWNED.COM — 12 Apr 2024
🕵️
ISC Stormcast For Friday, April 12th, 2024 https://isc.sans.edu/podcastdetail/8936, (Fri, Apr 12th)
ISC.SANS.EDU — 12 Apr 2024
🕵️
Análisis de Malware en América Latina - 8dot8 - SPANISH & ENGLISH
INFOSEC.PUB — 12 Apr 2024
🕵️
Cyber Security Today, April 12, 2024 - A warning to Sisense customers, a new tactic for spreading the Raspberry Robin worm, and more
CYBERSECURITYTODAY.LIBSYN.COM — 12 Apr 2024
🕵️
Cyberespionage Group Earth Hundun's Continuous Refinement of Waterbear and Deuterbear
TRENDMICRO.COM — 12 Apr 2024
🕵️
LastPass Employee Targeted With Deepfake Calls
SECURITYWEEK.COM — 12 Apr 2024
🕵️
Cyberespionage Group Earth Hundun's Continuous Refinement of Waterbear and Deuterbear
TRENDMICRO.COM — 12 Apr 2024
🕵️
IT pros targeted with malicious Google ads for PuTTY, FileZilla - Help Net Security
HELPNETSECURITY.COM — 12 Apr 2024
🕵️
DuckDuckGo Launches Privacy Pro: 3-in-1 service With VPN
GBHACKERS.COM — 12 Apr 2024
🕵️
Smuggling Gold by Disguising it as Machine Parts
SCHNEIER.COM — 2024-04-12
🕵️
Expired Redis Service Abused to Use Metasploit Meterpreter Maliciously
DARKREADING.COM — 12 Apr 2024
🕵️
Microsoft left internal passwords exposed in latest security blunder
THEVERGE.COM — 12 Apr 2024
🕵️
Threat Actors Manipulate GitHub Search to Deliver Malware
SECURITYWEEK.COM — 12 Apr 2024
🕵️
House Will Try Again on Reauthorization of US Spy Program After Republican Upheaval
SECURITYWEEK.COM — 12 Apr 2024
🕵️
DarkBeatC2: The Latest MuddyWater Attack Framework
DEEPINSTINCT.COM — 12 Apr 2024
🕵️
US-China Competition to Field Military Drone Swarms Could Fuel Global Arms Race
SECURITYWEEK.COM — 12 Apr 2024
🕵️
US Government On High Alert As Russian Hackers Steal Critical Correspondence From Microsoft
PACKETSTORMSECURITY.COM — 12 Apr 2024
🕵️
CCC Winterkongress 2024 - GERMAN and ENGLISH language
INFOSEC.PUB — 12 Apr 2024
🕵️
RubyCarp: Insights Into the Longevity of a Romanian Cybercriminal Gang
SECURITYWEEK.COM — 12 Apr 2024
🕵️
U.S. Department of Health Alert: Hackers are Targeting IT Help Desks at Healthcare Organizations
KNOWBE4.COM — 12 Apr 2024
🕵️
Cloned Voice Tech Is Coming for Bank Accounts
DATABREACHTODAY.CO.UK — 2024-04-12
🕵️
eXotic Visit includes XploitSPY malware – Week in security with Tony Anscombe
WELIVESECURITY.COM — 12 Apr 2024
🌐
Sneaky Credit Card Skimmer Disguised as Harmless Facebook Tracker
THEHACKERNEWS.COM — 12 Apr 2024
🌐
Credit Card Skimmer Hidden in Fake Facebook Pixel Tracker
SUCURI.NET — 12 Apr 2024
🌐
Importance of Scanning Files on Uploader Applications
TRENDMICRO.COM — 12 Apr 2024
📡
Code Keepers: Mastering Non-Human Identity Management
THEHACKERNEWS.COM — 12 Apr 2024
📡
Former AT&T customers get $6.3 million in data throttling refunds
BLEEPINGCOMPUTER.COM — 12 Apr 2024
📡
Mitigating the risks of residential proxies | Kaspersky official blog
KASPERSKY.COM — 12 Apr 2024
📡
Security engineer jailed for 3 years for $12M crypto hacks
TECHCRUNCH.COM — 12 Apr 2024
📡
Ex-Amazon engineer gets 3 years for hacking crypto exchanges
BLEEPINGCOMPUTER.COM — 12 Apr 2024
📡
FBI warns of massive wave of road toll SMS phishing attacks
BLEEPINGCOMPUTER.COM — 12 Apr 2024
📡
Microsoft now testing app ads in Windows 11's Start menu
BLEEPINGCOMPUTER.COM — 12 Apr 2024