107Articles
9Categories
2024-04-17Date
🚨 CISA KEV 1[−]
17 Apr KEV#StopRansomware: Akira RansomwareSUMMARY Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically …CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 13[−]
17 AprOperation MidnightEclipse: Hackers Actively Exploiting Palo Alto Networks Zero-Day FlawThe Palo Alto Networks PAN-OS software has a critical command injection vulnerability that allows an unauthorized attacker to run arbitrary code on the firewall with root access.  The vulnerability is identified as CVE-2024-3400, with a CVSS score of 10.0. Operation Mid…GBHACKERS.COM
17 Apr KEVUpdate: Researchers Released Exploit Code for Actively Exploited Palo Alto Networks PAN-OS BugResearchers at watchTowr Labs have released a technical analysis of the vulnerability CVE-2024-3400 in Palo Alto Networks’ PAN-OS and a proof-of-concept exploit that can be used to execute shell commands on vulnerable firewalls.SECURITYAFFAIRS.COM
17 AprBotnets Continue Exploiting CVE-2023-1389 for Wide-Scale SpreadRecently, FortiGuard Labs observed multiple attacks focusing on this year-old vulnerability, spotlighting botnets like Moobot, Miori, the Golang-based agent “AGoent,” and the Gafgyt Variant.FORTINET.COM
17 AprCritical Atlassian Flaw Exploited to Deploy Linux Variant of Cerber RansomwareThreat actors are exploiting unpatched Atlassian servers to deploy a Linux variant of Cerber (aka C3RB3R) ransomware. The attacks leverage CVE-2023-22518 (CVSS score: 9.1), a critical security vulnerability impacting the Atlassian Confluence Data Center and Server that …THEHACKERNEWS.COM
17 AprHackers Exploit Fortinet Flaw, Deploy ScreenConnect, Metasploit in New CampaignCybersecurity researchers have discovered a new campaign that's exploiting a recently disclosed security flaw in Fortinet FortiClient EMS devices to deliver ScreenConnect and Metasploit Powerfun payloads. The activity entails the exploitation of CVE-2023-48788 (CVSS sco…THEHACKERNEWS.COM
17 AprExploitation of Palo Alto Firewall Vulnerability Picking Up After PoC ReleasePalo Alto Networks firewall vulnerability CVE-2024-3400 increasingly exploited after PoC code has been released. The post Exploitation of Palo Alto Firewall Vulnerability Picking Up After PoC Release appeared first on SecurityWeek .SECURITYWEEK.COM
17 AprIvanti Patches Two Critical Avalanche Flaws in Major Updatesubmitted by kid to cybersecurity 1 points | 1 comments https://www.infosecurity-magazine.com/news/ivanti-patches-two-critical/ CVE-2024-24996 is described as a heap overflow in the WLInfoRailService component of the product, while CVE-2024-29204 is a heap overflow bug in the WLA…INFOSECURITY-MAGAZINE.COM
17 AprCritical Atlassian Flaw Exploited to Deploy Linux Variant of Cerber RansomwareThreat actors are exploiting unpatched Atlassian servers to deploy a Linux variant of Cerber (aka C3RB3R) ransomware. The vulnerability (CVE-2023-22518) allows an unauthenticated attacker to reset Confluence and create an administrator account.THEHACKERNEWS.COM
17 AprCerber Linux Ransomware Exploits Atlassian Servers to Take Full ControlSecurity researchers at Cado Security Labs have uncovered a new variant of the Cerber ransomware targeting Linux systems. This strain of the notorious malware has been observed exploiting a recent vulnerability in the Atlassian Confluence application to gain a foothold on targete…GBHACKERS.COM
17 AprSAP users are at high risk as hackers exploit application vulnerabilitiesTargeting SAP vulnerabilities by threat actors is currently at its peak as systems compromised by ransomware incidents have grown fivefold since 2021, according to joint research by Flashpoint and Onapsis. Based on SAP threat intelligence from Onapsis Research Labs and Flashpoint…CSOONLINE.COM
17 AprPalo Alto - Putting The Protecc In GlobalProtect (CVE-2024-3400) - watchTowr Labssubmitted by testeronious to security 1 points | 0 comments https://labs.watchtowr.com/palo-alto-putting-the-protecc-in-globalprotect-cve-2024-3400/LABS.WATCHTOWR.COM
17 AprXiid SealedTunnel: Unfazed by Yet Another Critical Firewall Vulnerability (CVE-2024-3400)In the wake of the recent disclosure of a critical vulnerability (CVE-2024-3400) affecting a leading firewall solution, Xiid Corporation reminds organizations that Xiid SealedTunnel customers remain secure. This latest vulnerability, currently unpatched and rated 10/10 on the CVS…GBHACKERS.COM
17 AprAWS and Google Cloud command-line tools can expose secrets in CI/CD logsSecurity researchers warn that certain commands executed in the AWS and Google Cloud command-line interfaces (CLIs) will return credentials and other secrets stored in environment variables as part of the standard output. If such commands are executed as part of build workflows i…CSOONLINE.COM
⚠️ VULNERABILITY DISCLOSURE 28[−]
17 AprLightSpy Hackers Target Indian Apple Device Users To Steal Sensitive DataHackers target Apple device users because they are perceived to be of higher social classes. This leads to targets who are richer than others and who can possibly provide more money to the hackers in one way or another. Besides this, Apple’s ecosystem is interconnected, which mea…GBHACKERS.COM
17 AprWhere in the world is your AI? Identify and secure AI across a hybrid environmentArtificial intelligence is quickly becoming an integral component of daily business operations — by 2026, more than 80% of enterprises will have used generative AI APIs or deployed AI-enabled applications, according to Gartner . Most of this activity is happening in cloud and Saa…CSOONLINE.COM
17 AprUnderstanding CISA’s proposed cyber incident reporting rulesIn the wake of a string of high-profile cyber incidents, capped by a crippling ransomware attack on Colonial Pipeline , the US Congress passed the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) to create a centralized federal government cyber incident r…CSOONLINE.COM
17 AprPassbolt: a bold use of HaveIBeenPwnedPassbolt, an Open Source Password Manager, is using the Pwned Passwords service from HaveIBeenPwned to alert users if their password is present in a previous data breach. Pwned Passwords API is based on a mathematical property known as k-Anonymity guaranteeing that it never gains…QUARKSLAB.COM
17 AprCisco Warns of Global Surge in Brute-Force Attacks Targeting VPN and SSH ServicesCisco is warning about a global surge in brute-force attacks targeting various devices, including Virtual Private Network (VPN) services, web application authentication interfaces, and SSH services, since at least March 18, 2024. "These attacks all appear to be originating from T…THEHACKERNEWS.COM
17 AprCyber Security Today, April 17, 2024 - More suspicious attempts to take over open source projects, a data theft at a Cisco Duo partner, and moreThis episode reports on security updates from Delinea and PuTTY, and reports on bad bots and threat actors going after Zoom meetingsCYBERSECURITYTODAY.LIBSYN.COM
17 AprCisco Warns Of Massive Brute-Force Attacks Targeting VPNs & SSH ServicesHackers use brute-force attacks since it is an uncomplicated technique to break passwords or get into systems without permission.  By systematically trying various combinations of usernames and passwords, attackers can exploit weak credentials. Brute-force attacks are automa…GBHACKERS.COM
17 AprSeveral GTKWave Vulnerabilities Fixed in DebianRecently, the Debian security team fixed several issues in GTKWave, an open-source waveform viewer for VCD files. These vulnerabilities, if exploited, could result in the execution of arbitrary code, posing a significant risk to users.TUXCARE.COM
17 AprOracle Releases Biggest Security Update in 2024 – 372 Vulnerabilities Are Fixed – Update Now!Oracle has released its April 2024 Critical Patch Update (CPU), addressing 372 security vulnerabilities across multiple Oracle products. This comprehensive update fixes critical flaws that could allow remote code execution, data manipulation, and unauthorized access to systems. A…GBHACKERS.COM
17 AprLikely State Hackers Exploiting Palo Alto Firewall Zero-Daysubmitted by kid to cybersecurity 1 points | 0 comments https://www.bankinfosecurity.com/likely-state-hackers-exploiting-palo-alto-firewall-zero-day-a-24866BANKINFOSECURITY.COM
17 AprFGVulDet – New Vulnerability Detector to Analyze Source CodeDetecting source code vulnerabilities aims to protect software systems from attacks by identifying inherent vulnerabilities.  Prior studies often oversimplify the problem into binary classification tasks, which poses challenges for deep learning models to effectively learn d…GBHACKERS.COM
17 AprWhat should Security Operations teams take away from the IBM X-Force 2024 Threat Intelligence Index?The IBM X-Force 2024 Threat Intelligence Index has been released. The headlines are in and among them are the fact that a global identity crisis is emerging. X-Force noted a 71% increase year-to-year in attacks using valid credentials. In this blog post, I’ll explore three …SECURITYINTELLIGENCE.COM
17 AprMultiple botnets exploiting one-year-old TP-Link flaw to hack routersAt least six distinct botnet malware operations are hunting for TP-Link Archer AX21 (AX1800) routers vulnerable to a command injection security issue reported and addressed last year. [...]BLEEPINGCOMPUTER.COM
17 AprIvanti Warns of Critical Flaws in Its Avalanche MDM SolutionIvanti has released security updates to fix 27 vulnerabilities in its Avalanche mobile device management (MDM) solution, two of them critical heap overflows that can be exploited for remote command execution.BLEEPINGCOMPUTER.COM
17 AprCisco: Multiple VPN, SSH Services Targeted in Mass Brute-Force AttacksCisco has observed an increase in brute-force attacks targeting web application authentication, VPNs, and SSH services. The post Cisco: Multiple VPN, SSH Services Targeted in Mass Brute-Force Attacks appeared first on SecurityWeek .SECURITYWEEK.COM
17 AprPalo Alto Networks’ firewall bug under attack brings fresh havoc to thousands of companiesOrganizations are urged to patch their Palo Alto firewalls after researchers discover evidence of malicious exploitation dating back to late-March. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
17 AprMultiple Vulnerabilities in Google Chrome Could Allow for Remote Code ExecutionMultiple vulnerabilities have been discovered in Google Chrome, which could allow for remote code execution. Successful exploitation of these vulnerabilities could allow for remote code execution in the context of the logged on user. Depending on the privileges associated with th…CISECURITY.ORG
17 AprCisco discloses root escalation flaw with public exploit codeCisco has released patches for a high-severity Integrated Management Controller (IMC) vulnerability with public exploit code that can let local attackers escalate privileges to root. [...]BLEEPINGCOMPUTER.COM
17 AprExploited TP-Link Vulnerability Spawns Botnet ThreatsAttackers Exploit Old Flaw, Hijack TP-Link Archer Routers Half a dozen different botnets are prowling the internet for TP-Link-brand Wi-Fi routers unpatched since last summer with the goal of commandeering them into joining distributed denial-of-service attacks. Chinese router ma…DATABREACHTODAY.CO.UK
17 AprKey Lawmaker Heralds 'Landmark' Draft Federal Privacy BillTop Democrat Calls Draft Bill a 'Unique' Chance to Pass Federal Privacy Legislation Rep. Cathy McMorris Rodgers, R-Wa., chair of the House Energy and Commerce Committee, suggested Wednesday that a draft national data privacy bill making its way through Congress could be the best …DATABREACHTODAY.CO.UK
17 AprMultiple Vulnerabilities in Ivanti Avalanche Could Allow for Remote Code ExecutionMultiple vulnerabilities have been discovered in Ivanti Avalanche, the most severe of which could allow for remote code execution. Ivanti Avalanche is a mobile device management system. Network security features allow one to manage wireless settings (including encryption and auth…CISECURITY.ORG
17 AprHackers hijack OpenMetadata apps in Kubernetes cryptomining attacksIn an ongoing Kubernetes cryptomining campaign, attackers target OpenMetadata workloads using critical remote code execution and authentication vulnerabilities. [...]BLEEPINGCOMPUTER.COM
17 AprPCI 4.0 - PSW #825Version 4.0 of the Payment Card Industry Data Security Standard (PCI DSS) puts greater emphasis on application security than did previous versions of the standard. It also adds a new “customized approach” option that allows merchants and other entities to come up with their own w…YOUTUBE.COM
17 AprSoumniBot malware exploits Android bugs to evade detectionA new Android banking malware named 'SoumniBot' is using a less common obfuscation approach by exploiting weaknesses in the Android manifest extraction and parsing procedure. [...]BLEEPINGCOMPUTER.COM
17 AprPossible Chinese Hackers Use OpenMetadata to CryptomineHackers Target OpenMetadata Platforms Running on Cloud Kubernetes Environments Hackers who appear to be Chinese are exploiting vulnerabilities in the OpenMetadata platform running as workloads on Kubernetes clusters to download cryptomining software, warned Microsoft. "I want to …DATABREACHTODAY.CO.UK
17 AprHack on Clinic Serving Homeless Is Latest Hit to UnderservedCenters for Underserved Patients, Resource-Poor Communities Fight for Cyber Funds Michigan's largest federally qualified health center, which treats homeless and underserved patients, is notifying more than 184,000 individuals of a December ransomware attack that compromised thei…DATABREACHTODAY.CO.UK
17 AprOracle Quarterly Critical Patches Issued April 16, 2024Multiple vulnerabilities have been discovered in Oracle products, the most severe of which could allow for remote code execution.CISECURITY.ORG
📋 SECURITY BULLETINS 2[−]
17 AprTor Browser 13.0.14 Released – What’s New!The Tor Project has released a new version of the Tor Browser, their secure and private web browsing tool. Tor Browser 13.0.14 includes several critical security updates and bug fixes. Key Updates in Tor Browser 13.0.14 The latest release of Tor Browser focuses on improving users…GBHACKERS.COM
17 AprChrome 124, Firefox 125 Patch High-Severity VulnerabilitiesChrome and Firefox security updates resolve over 35 vulnerabilities, including a dozen high-severity bugs. The post Chrome 124, Firefox 125 Patch High-Severity Vulnerabilities appeared first on SecurityWeek .SECURITYWEEK.COM
📢 SECURITY ADVISORIES 7[−]
17 AprRussia is Trying to Sabotage European Railways, Czech Minister SaidCzech transport minister Martin Kupka confirmed that Russia-linked threat actors conducted “thousands of attempts to weaken our systems” since the beginning of the Russian invasion of Ukraine.SECURITYAFFAIRS.COM
17 AprSmashing Security podcast #368: Gary Barlow, and a scam turns deadlyTake That's Gary Barlow chats up a pizza-slinging granny from Essex via Facebook, or does he? And a scam takes a sinister turn - for both the person being scammed and an innocent participant - in Ohio. All this and more is discussed in the latest edition of the "Smashing Security…GRAHAMCLULEY.COM
🔥 INCIDENT REPORTING 13[−]
17 AprIran Launched A Major Cyberattack Against Critical Infrastructure In IsraelOver the weekend, Iran launched missile and drone attacks on Israel, retaliating for a suspected Israeli strike on its Damascus consulate that killed 13 people last week. This escalation arises from the ongoing Israel-Iran rivalry and Israel-Palestine conflict.  Cyber activi…GBHACKERS.COM
17 AprINC Ransom Group Exfiltrates Data Before Encrypting & Threatens Public ExposureHackers exfiltrate data first before encrypting it to increase their bargaining power during ransom negotiations.  Threats of public exposure of private information accelerate up the urgency for victims to pay a ransom immediately. Secureworks Counter Threat Unit researchers…GBHACKERS.COM
17 AprBreachForums Down, But Not Out: Hackers Claim Attack, Admins Remain UnfazedThe domain of the notorious BreachForums data leak and hacking forum has been taken down by rival threat actors. The threat actor group, R00TK1T, along with the Cyber Army of Russia, announced a breach of user data following the takedown.THECYBEREXPRESS.COM
17 Apr‘Junk gun’ ransomware: Peashooters can still pack a punchA Sophos X-Ops investigation finds that a wave of crude, cheap ransomware could spell trouble for small businesses and individuals – but also provide insights into threat actor career development and the wider threat landscapeSOPHOS.COM
17 AprVorlon is trying to stop the next big API breachApplication programming interfaces, or APIs as they’re commonly known, are the bedrock of everything we do online. APIs allow two things on the internet to talk with each other, including connected devices or phone apps. But the enormous growth of API usage — around half of…TECHCRUNCH.COM
17 AprL00KUPRU Ransomware Attackers discovered in the wildA new variant of the Xorist ransomware, dubbed L00KUPRU, has been discovered in the wild, posing a threat to unsuspecting users. The L00KUPRU ransomware is known to encrypt user files, appending the .L00KUPRU extension to the affected files. The attackers behind this malware have…GBHACKERS.COM
17 AprLockBit 3.0 Variant Generates Custom, Self-Propagating Malwaresubmitted by kid to cybersecurity 1 points | 0 comments https://www.darkreading.com/endpoint-security/lockbit-3-0-variant-generates-custom-self-propagating-malwareDARKREADING.COM
17 AprRussian APT Deploys New 'Kapeka' Backdoor in Eastern European AttacksA previously undocumented "flexible" backdoor called Kapeka has been "sporadically" observed in cyber attacks targeting Eastern Europe, including Estonia and Ukraine, since at least mid-2022. The findings come from Finnish cybersecurity firm WithSecure, which attributed…THEHACKERNEWS.COM
17 AprRussian Sandworm hackers pose as hacktivists in water utility breachesThe Sandworm hacking group associated with Russian military intelligence has been hiding attacks and operations behind multiple online personas posing as hacktivist groups. [...]BLEEPINGCOMPUTER.COM
17 AprThe Evolving Threat of Ransomware — A Call to Action for CybersecurityTestifying before the House Financial Services Subcommittee on National Security, Illicit Finance and International Financial Institutions on ransomware. The post The Evolving Threat of Ransomware — A Call to Action for Cybersecurity appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
17 AprMoldovan charged for operating botnet used to push ransomwareThe U.S. Justice Department charged Moldovan national Alexander Lefterov, the owner and operator of a large-scale botnet that infected thousands of computers across the United States. [...]BLEEPINGCOMPUTER.COM
17 AprFree Ransomware: LockBit Knockoffs and Imposters ProliferateExperts See Surge in Attacks, Including in Russia, Using Leaked LockBit Code What do a German healthcare network, a Russian security company and an American bridal clothing retailer have in common? All seem to have been compromised in recent months by attackers who wielded LockBi…DATABREACHTODAY.CO.UK
17 AprArmis Buys Cyber Remediation Startup Silk Security for $150MCombination of Armis and Silk Will Create Leader in Asset Management, Remediation San Francisco-based asset intelligence vendor Armis plans to embed AI and automation into the incident prioritization and remediation process through the $150 million acquisition of early-stage star…DATABREACHTODAY.CO.UK
🕵️ THREAT INTELLIGENCE 25[−]
17 AprISC Stormcast For Wednesday, April 17th, 2024 https://isc.sans.edu/podcastdetail/8942, (Wed, Apr 17th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
17 AprWhat are You Working on Wednesdaysubmitted by shellsharks to cybersecurity 1 points | 0 comments Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.INFOSEC.PUB
17 AprNew Android Malware Mimic Google Chrome to Steal Banking DetailsSecurity researchers have uncovered a new strain of Android malware that masquerades as the popular Google Chrome browser to steal sensitive banking information from unsuspecting users. The malware, dubbed “Mamont Spy Banker,” has been found to target Android devices …GBHACKERS.COM
17 AprPodcast: Rob Lee on detecting cyber risk in IoT and industrial control systemssubmitted by ashar to security_cpe 1 points | 0 comments Rob Lee on detecting cyber risk in IoT and industrial control systems How does cyber risk impact industrial control systems as well as all the other connected systems in an Internet of Things (IoT) world? And which organiza…INFOSEC.PUB
17 AprBSides Prague 2024 - 10 talkssubmitted by ashar to security_cpe 1 points | 0 comments https://infosec.pub/pictrs/image/f50f8c9c-ccb4-46ae-bc9e-2a18257cad4e.png BSides Prague 2024 schedule BSides Prague Playlist BSides Prague is an annual community-driven information security conference held in Prague, Czech …INFOSEC.PUB
17 AprLikely Sandworm Hackers Using Novel Backdoor 'Kapeka'Kapeka Shows Similarities to Russian GRU Hacking Group's GreyEnergy Malware Likely Russian military intelligence hackers known as Sandworm since at least mid-2022 have deployed a new and highly flexible back door against Eastern European targets, warn security researchers. Securi…DATABREACHTODAY.CO.UK
17 AprOutlook Login Panel Themed Phishing Attack Evaded All Antivirus DetectionsCybersecurity researchers have uncovered a new phishing attack that has bypassed all antivirus detections. The attack, designed to mimic the Outlook login panel, successfully tricking users into revealing their login credentials. Security researcher @doc_guard first reported the …GBHACKERS.COM
17 AprThe Global Menace of the Russian Sandworm Hacking TeamRussian Cyber Sabotage Unit Sandworm Adopting Advanced Techniques, Mandiant Warns Russia's preeminent cyber sabotage unit presents "one of the widest and high severity cyber threats globally," warned Mandiant in a Wednesday report. Mandiant newly designated Sandworm as APT44 to d…DATABREACHTODAY.CO.UK
17 AprUsing AI-Generated Legislative Amendments as a Delaying TechniqueCanadian legislators proposed 19,600 amendments —almost certainly AI-generated—to a bill in an attempt to delay its adoption. I wrote about many different legislative delaying tactics in A Hacker’s Mind , but this is a new one.SCHNEIER.COM
17 AprOracle Patches 230 Vulnerabilities With April 2024 CPUOracle releases 441 new security patches to address 230 vulnerabilities as part of its April 2024 Critical Patch Update. The post Oracle Patches 230 Vulnerabilities With April 2024 CPU appeared first on SecurityWeek .SECURITYWEEK.COM
17 AprAttackers are pummeling networks around the world with millions of login attemptssubmitted by kid to cybersecurity 1 points | 0 comments https://arstechnica.com/security/2024/04/cisco-warns-of-large-scale-credential-compromise-attack-thats-likely-to-get-bigger/ARSTECHNICA.COM
17 AprRussian Sandworm Group Using Novel Backdoor to Target Ukrainesubmitted by kid to cybersecurity 1 points | 0 comments https://www.infosecurity-magazine.com/news/russian-sandworm-backdoor-ukraine/INFOSECURITY-MAGAZINE.COM
17 AprKnowBe4 Named a Leader in the Spring 2024 G2 Grid Report for Security Orchestration, Automation, and Response (SOAR) SoftwareWe are excited to announce that KnowBe4 has been named a leader in the Spring  2024 G2 Grid Report for Security Orchestration, Automation, and Response (SOAR) for the PhishER platform for the 12th consecutive quarter!KNOWBE4.COM
17 AprNorth Korean Hackers Abuse DMARC To Legitimize Their EmailsDMARC is targeted by hackers as this serves to act as a preventative measure against email spoofing and phishing attempts.  They compromise DMARC (Domain-based Message Authentication Reporting and Conformance) so that they can evade email authentication protocols, consequent…GBHACKERS.COM
17 AprIvanti Patches 27 Vulnerabilities in Avalanche MDM ProductIvanti releases patches for 27 vulnerabilities in the Avalanche MDM product, including critical flaws leading to command execution. The post Ivanti Patches 27 Vulnerabilities in Avalanche MDM Product appeared first on SecurityWeek .SECURITYWEEK.COM
17 AprRecent OT and Espionage Attacks Linked to Russia’s Sandworm, Now Named APT44Mandiant summarizes some of the latest operations of Russia’s notorious Sandworm group, which it now tracks as APT44. The post Recent OT and Espionage Attacks Linked to Russia’s Sandworm, Now Named APT44 appeared first on SecurityWeek .SECURITYWEEK.COM
17 AprRussian Sandworm Group Using Novel Backdoor to Target Eastern and Central EuropeThe previously unreported backdoor, dubbed ‘Kapeka’, has a high level of stealth and sophistication, designed to both serve as an early-stage toolkit for its operators, and also to provide long-term access to the victim estate.INFOSECURITY-MAGAZINE.COM
17 AprMiggo Security Gets $7.5 Million Seed Funding to Build ADR TechnologyYL Ventures leads an early stage funding round for Miggo Security, a Tel Aviv startup working on application detection and response technology. The post Miggo Security Gets $7.5 Million Seed Funding to Build ADR Technology appeared first on SecurityWeek .SECURITYWEEK.COM
17 AprArmis Acquires Silk Security for $150 MillionArmis has acquired cyber risk prioritization and remediation company Silk Security for $150 million. The post Armis Acquires Silk Security for $150 Million appeared first on SecurityWeek .SECURITYWEEK.COM
17 AprKapeka: A New Backdoor in Sandworm’s Arsenal of AggressionKapeka is a new backdoor that may be a new addition to Russia-link Sandworm’s malware arsenal and possibly a successor to GreyEnergy. The post Kapeka: A New Backdoor in Sandworm’s Arsenal of Aggression appeared first on SecurityWeek .SECURITYWEEK.COM
17 AprFIN7 targets American automaker’s IT staff in phishing attacksThe financially motivated threat actor FIN7 targeted a large U.S. car maker with spear-phishing emails for employees in the IT department to infect systems with the Anunak backdoor. [...]BLEEPINGCOMPUTER.COM
17 AprHacker Heroes - Winn Schwartau - PSW #825Pioneering the Cyber Battlefield: A Deep Dive with Winn Schwartau, Cybersecurity Luminary Get ready for an extraordinary episode as we sit down with Winn Schwartau, a true pioneer and luminary in the world of cybersecurity. Winn's impact on the field is nothing short of legendary…YOUTUBE.COM
17 AprEU Data Regulator Threatens Meta's 'Pay or Okay' ModelThe European Data Protection Board Says the Company Inhibits Real Choice for Users Social media giant Meta's attempt to navigate European data protection rules by offering a fee-based opt-out from behavioral advertising came under fire Wednesday by a trading bloc agency that said…DATABREACHTODAY.CO.UK
17 AprCookie-Monster - BOF To Steal Browser Cookies & Credentials - RedPacket Securitysubmitted by Lanky_Pomegranate530 to cybersecurity 1 points | 0 comments https://www.redpacketsecurity.com/cookie-monster-bof-to-steal-browser-cookies-credentials/ Steal browser cookies for edge, chrome and firefox through a BOF or exe! Cookie-Monster will extract the WebKit mast…REDPACKETSECURITY.COM
🌐 CYBER THREAT LANDSCAPE 1[−]
17 AprFrom Social Engineering to DMARC Abuse: TA427’s Art of Information GatheringTo craftily pose as its chosen personas, TA427 uses a few tactics including DMARC abuse in concert with free email addresses, typosquatting, and private email account spoofing.PROOFPOINT.COM
📡 INFOSEC NEWS 17[−]
17 AprUK e-visa rollout begins today: no more immigration cards for millionsStarting today, millions living in the UK will receive email invitations to sign up for an e-visa account that will replace their physical immigration documents like Biometric Residence Permits (BRPs). The move is, according to the Home Office, "a key step in creating a modernise…BLEEPINGCOMPUTER.COM
17 AprMalicious PDF File Used As Delivery Mechanism, (Wed, Apr 17th)Billions of PDF files are exchanged daily and many people trust them because they think the file is "read-only" and contains just "a bunch of data". In the past, badly crafted PDF files could trigger nasty vulnerabilities in PDF viewers. All of them were affected at least once, e…ISC.SANS.EDU
17 AprMisinformation and Hacktivist Campaigns Targeting the Philippines SkyrocketAmidst rising tensions with China in the South China Sea, Resecurity has observed a significant spike in malicious cyber activity targeting the Philippines in Q1 2024, increasing nearly 325% compared to the same period last year.SECURITYAFFAIRS.COM
17 AprT-Mobile, Verizon Workers Get Texts Offering $300 for SIM SwapsAccording to many reports, this is part of a campaign targeted at current and former mobile carrier workers who could have access to the systems required to perform a SIM swap.BLEEPINGCOMPUTER.COM
17 AprHow to prevent surveillance through banner ads | Kaspersky official blogData collected by advertising firms can be used — often illegally — by various government agencies. How does this happen, and what to do to minimize surveillance?KASPERSKY.COM
17 AprGenAI: A New Headache for SaaS Security TeamsThe introduction of Open AI’s ChatGPT was a defining moment for the software industry, touching off a GenAI race with its November 2022 release. SaaS vendors are now rushing to upgrade tools with enhanced productivity capabilities that are driven by generative AI. Among a wide ra…THEHACKERNEWS.COM
17 AprUK e-visa rollout starts today for millions: no more physical immigration cardsStarting today, millions living in the UK will receive email invitations to sign up for an e-visa account that will replace their physical immigration documents like Biometric Residence Permits (BRPs). The move is, according to the Home Office, "a key step in creating a modernise…BLEEPINGCOMPUTER.COM
17 AprMicrosoft: New Copilot app added by Edge doesn’t collect dataMicrosoft says the new Copilot app, added by recent Edge updates to the list of installed Windows apps, doesn't collect or relay data to its servers. [...]BLEEPINGCOMPUTER.COM
17 AprNew Bill Would Create a Governing Body for Water System Cyber StandardsA measure led by two House Republicans would enable the Environmental Protection Agency to certify a governing body to develop and recommend cybersecurity requirements for water treatment and wastewater systems.NEXTGOV.COM
17 AprDark Web Monitoring: What's the Value?Cybersecurity firms commonly sell "dark web monitoring" packages, with firms having slighly different features. Learn from Flare about the different dark web monitoring packages and the value they bring to your organization. [...]BLEEPINGCOMPUTER.COM
17 AprMicrosoft: Copilot ‘app’ on Windows Server mistakenly added by EdgeMicrosoft says the new Copilot app, mistakenly added to the list of installed Windows apps by recent Edge updates, doesn't collect or relay data to its servers. [...]BLEEPINGCOMPUTER.COM
17 AprHow to Start a Career in CybersecurityA Guide to Seizing Opportunities and Pursuing Growth Our dependence on technology has introduced new and sophisticated cyberthreats that elevate the demand for skilled cybersecurity professionals. The field is expected to experience a surge in job opportunities. Follow these step…DATABREACHTODAY.CO.UK
17 AprCongratulations to the Top MSRC 2024 Q1 Security Researchers!Congratulations to all the researchers recognized in this quarter’s Microsoft Researcher Recognition Program leaderboard! Thank you to everyone for your hard work and continued partnership to secure customers. The top three researchers of the 2024 Q1 Security Researcher Leaderboa…MSRC.MICROSOFT.COM