🐛 COMMON VULNERABILITIES AND EXPOSURES 61[−]
18 AprA Vuln is a Vuln, unless the CVE for it is after Feb 12, 2024, (Wed, Apr 17th)The NVD (National Vulnerability Database) announcement page ( https://nvd.nist.gov/general/news/nvd-program-transition-announcement ) indicates a growing backlog of vulnerabilities that are causing delays in their process.
ISC.SANS.EDU
18 AprCisco Warns of a Command Injection and Privilege Escalation Flaw in Its IMCA local, authenticated attacker can exploit the vulnerability, tracked as CVE-2024-20295, to conduct command injection attacks on the underlying operating system and elevate privileges to root.SECURITYAFFAIRS.COM
18 AprCybersecurity Pros Urge US Congress to Help NIST Restore NVD OperationA group of 50 cybersecurity professionals signed an open letter that was sent on April 12 to the US Secretary of Commerce, Gina Raimondo, and several members of the US Congress.INFOSECURITY-MAGAZINE.COM
18 AprAttackers exploiting new critical OpenMetadata vulnerabilities on Kubernetes clusters | Microsoft Security Blogsubmitted by kid to cybersecurity 2 points | 0 comments https://www.microsoft.com/en-us/security/blog/2024/04/17/attackers-exploiting-new-critical-openmetadata-vulnerabilities-on-kubernetes-clusters/ It’s from MS, but I’ll take anyways. Summary: Attackers exploit critical vulnera…MICROSOFT.COM
18 Apr KEVPalo Alto ZeroDay Exploited in The Wild Following PoC ReleasePalo Alto Networks has disclosed a critical vulnerability within its PAN-OS operating system, identified as CVE-2024-3400. This zero-day flaw, found in the GlobalProtect Gateway, is currently under active exploitation by attackers. CVE-2024-3400 allows attackers to execute arbitr…GBHACKERS.COM
18 AprCisco fixes vulnerabilities in Integrated Management ControllerCisco has released patches for two privilege escalation vulnerabilities in its Integrated Management Controller (IMC) that is used for out-of-band management of many of its server products, as well as various appliances. The flaws could allow authenticated attackers to execute co…CSOONLINE.COM
18 AprCVE-2024-21409 .NET, .NET Framework, and Visual Studio Remote Code Execution VulnerabilityAdded an FAQ to indicate that for .NET 7.0 and .NET 8.0., Windows is the only operating system affected by this vulnerability. For more information see [Microsoft Security Advisory CVE-2024-21409 | .NET Elevation of Privilege Vulnerability](https://github.com/dotnet/announcements…MSRC.MICROSOFT.COM
18 AprCVE-2024-28906 Microsoft OLE DB Driver for SQL Server Remote Code Execution VulnerabilityCorrected Cumulative Update version numbers and reference KB numbers in the FAQ: "There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?" These are informational changes only.MSRC.MICROSOFT.COM
18 AprCVE-2024-28908 Microsoft OLE DB Driver for SQL Server Remote Code Execution VulnerabilityCorrected Cumulative Update version numbers and reference KB numbers in the FAQ: "There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?" These are informational changes only.MSRC.MICROSOFT.COM
18 AprCVE-2024-28909 Microsoft OLE DB Driver for SQL Server Remote Code Execution VulnerabilityCorrected Cumulative Update version numbers and reference KB numbers in the FAQ: "There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?" These are informational changes only.MSRC.MICROSOFT.COM
18 AprCVE-2024-28910 Microsoft OLE DB Driver for SQL Server Remote Code Execution VulnerabilityCorrected Cumulative Update version numbers and reference KB numbers in the FAQ: "There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?" These are informational changes only.MSRC.MICROSOFT.COM
18 AprCVE-2024-28911 Microsoft OLE DB Driver for SQL Server Remote Code Execution VulnerabilityCorrected Cumulative Update version numbers and reference KB numbers in the FAQ: "There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?" These are informational changes only.MSRC.MICROSOFT.COM
18 AprCVE-2024-28912 Microsoft OLE DB Driver for SQL Server Remote Code Execution VulnerabilityCorrected Cumulative Update version numbers and reference KB numbers in the FAQ: "There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?" These are informational changes only.MSRC.MICROSOFT.COM
18 AprCVE-2024-28913 Microsoft OLE DB Driver for SQL Server Remote Code Execution VulnerabilityCorrected Cumulative Update version numbers and reference KB numbers in the FAQ: "There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?" These are informational changes only.MSRC.MICROSOFT.COM
18 AprCVE-2024-28914 Microsoft OLE DB Driver for SQL Server Remote Code Execution VulnerabilityCorrected Cumulative Update version numbers and reference KB numbers in the FAQ: "There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?" These are informational changes only.MSRC.MICROSOFT.COM
18 AprCVE-2024-28915 Microsoft OLE DB Driver for SQL Server Remote Code Execution VulnerabilityCorrected Cumulative Update version numbers and reference KB numbers in the FAQ: "There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?" These are informational changes only.MSRC.MICROSOFT.COM
18 AprCVE-2024-28929 Microsoft ODBC Driver for SQL Server Remote Code Execution VulnerabilityCorrected Cumulative Update version numbers and reference KB numbers in the FAQ: "There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?" These are informational changes only.MSRC.MICROSOFT.COM
18 AprCVE-2024-28931 Microsoft ODBC Driver for SQL Server Remote Code Execution VulnerabilityCorrected Cumulative Update version numbers and reference KB numbers in the FAQ: "There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?" These are informational changes only.MSRC.MICROSOFT.COM
18 AprCVE-2024-28932 Microsoft ODBC Driver for SQL Server Remote Code Execution VulnerabilityCorrected Cumulative Update version numbers and reference KB numbers in the FAQ: "There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?" These are informational changes only.MSRC.MICROSOFT.COM
18 AprCVE-2024-28936 Microsoft ODBC Driver for SQL Server Remote Code Execution VulnerabilityCorrected Cumulative Update version numbers and reference KB numbers in the FAQ: "There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?" These are informational changes only.MSRC.MICROSOFT.COM
18 AprCVE-2024-28939 Microsoft OLE DB Driver for SQL Server Remote Code Execution VulnerabilityCorrected Cumulative Update version numbers and reference KB numbers in the FAQ: "There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?" These are informational changes only.MSRC.MICROSOFT.COM
18 AprCVE-2024-28942 Microsoft OLE DB Driver for SQL Server Remote Code Execution VulnerabilityCorrected Cumulative Update version numbers and reference KB numbers in the FAQ: "There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?" These are informational changes only.MSRC.MICROSOFT.COM
18 AprCVE-2024-28945 Microsoft OLE DB Driver for SQL Server Remote Code Execution VulnerabilityCorrected Cumulative Update version numbers and reference KB numbers in the FAQ: "There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?" These are informational changes only.MSRC.MICROSOFT.COM
18 AprCVE-2024-29043 Microsoft ODBC Driver for SQL Server Remote Code Execution VulnerabilityCorrected Cumulative Update version numbers and reference KB numbers in the FAQ: "There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?" These are informational changes only.MSRC.MICROSOFT.COM
18 AprCVE-2024-29045 Microsoft OLE DB Driver for SQL Server Remote Code Execution VulnerabilityCorrected Cumulative Update version numbers and reference KB numbers in the FAQ: "There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?" These are informational changes only.MSRC.MICROSOFT.COM
18 AprCVE-2024-29047 Microsoft OLE DB Driver for SQL Server Remote Code Execution VulnerabilityCorrected Cumulative Update version numbers and reference KB numbers in the FAQ: "There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?" These are informational changes only.MSRC.MICROSOFT.COM
18 AprChromium: CVE-2024-3832 Object corruption in V8This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
18 AprChromium: CVE-2024-3914 Use after free in V8This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
18 AprChromium: CVE-2024-3833 Object corruption in WebAssemblyThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
18 AprChromium: CVE-2024-3834 Use after free in DownloadsThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
18 AprChromium: CVE-2024-3837 Use after free in QUICThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
18 AprChromium: CVE-2024-3838 Inappropriate implementation in AutofillThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
18 AprChromium: CVE-2024-3839 Out of bounds read in FontsThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
18 AprChromium: CVE-2024-3840 Insufficient policy enforcement in Site IsolationThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
18 AprChromium: CVE-2024-3844 Inappropriate implementation in ExtensionsThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
18 AprChromium: CVE-2024-3841 Insufficient data validation in Browser SwitcherThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
18 AprChromium: CVE-2024-3845 Inappropriate implementation in NetworkThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
18 AprChromium: CVE-2024-3843 Insufficient data validation in DownloadsThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
18 AprChromium: CVE-2024-3847 Insufficient policy enforcement in WebUIThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
18 AprChromium: CVE-2024-3846 Inappropriate implementation in PromptsThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
18 AprCVE-2024-28926 Microsoft OLE DB Driver for SQL Server Remote Code Execution VulnerabilityCorrected Cumulative Update version numbers and reference KB numbers in the FAQ: "There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?" These are informational changes only.MSRC.MICROSOFT.COM
18 AprCVE-2024-28927 Microsoft OLE DB Driver for SQL Server Remote Code Execution VulnerabilityCorrected Cumulative Update version numbers and reference KB numbers in the FAQ: "There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?" These are informational changes only.MSRC.MICROSOFT.COM
18 AprCVE-2024-28930 Microsoft ODBC Driver for SQL Server Remote Code Execution VulnerabilityCorrected Cumulative Update version numbers and reference KB numbers in the FAQ: "There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?" These are informational changes only.MSRC.MICROSOFT.COM
18 AprCVE-2024-28933 Microsoft ODBC Driver for SQL Server Remote Code Execution VulnerabilityCorrected Cumulative Update version numbers and reference KB numbers in the FAQ: "There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?" These are informational changes only.MSRC.MICROSOFT.COM
18 AprCVE-2024-28934 Microsoft ODBC Driver for SQL Server Remote Code Execution VulnerabilityCorrected Cumulative Update version numbers and reference KB numbers in the FAQ: "There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?" These are informational changes only.MSRC.MICROSOFT.COM
18 AprCVE-2024-28935 Microsoft ODBC Driver for SQL Server Remote Code Execution VulnerabilityCorrected Cumulative Update version numbers and reference KB numbers in the FAQ: "There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?" These are informational changes only.MSRC.MICROSOFT.COM
18 AprCVE-2024-28937 Microsoft ODBC Driver for SQL Server Remote Code Execution VulnerabilityCorrected Cumulative Update version numbers and reference KB numbers in the FAQ: "There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?" These are informational changes only.MSRC.MICROSOFT.COM
18 AprCVE-2024-28938 Microsoft ODBC Driver for SQL Server Remote Code Execution VulnerabilityCorrected Cumulative Update version numbers and reference KB numbers in the FAQ: "There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?" These are informational changes only.MSRC.MICROSOFT.COM
18 AprCVE-2024-28940 Microsoft OLE DB Driver for SQL Server Remote Code Execution VulnerabilityCorrected Cumulative Update version numbers and reference KB numbers in the FAQ: "There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?" These are informational changes only.MSRC.MICROSOFT.COM
18 AprCVE-2024-28941 Microsoft ODBC Driver for SQL Server Remote Code Execution VulnerabilityCorrected Cumulative Update version numbers and reference KB numbers in the FAQ: "There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?" These are informational changes only.MSRC.MICROSOFT.COM
18 AprCVE-2024-28943 Microsoft ODBC Driver for SQL Server Remote Code Execution VulnerabilityCorrected Cumulative Update version numbers and reference KB numbers in the FAQ: "There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?" These are informational changes only.MSRC.MICROSOFT.COM
18 AprCVE-2024-28944 Microsoft OLE DB Driver for SQL Server Remote Code Execution VulnerabilityCorrected Cumulative Update version numbers and reference KB numbers in the FAQ: "There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?" These are informational changes only.MSRC.MICROSOFT.COM
18 AprCVE-2024-29044 Microsoft OLE DB Driver for SQL Server Remote Code Execution VulnerabilityCorrected Cumulative Update version numbers and reference KB numbers in the FAQ: "There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?" These are informational changes only.MSRC.MICROSOFT.COM
18 AprCVE-2024-29046 Microsoft OLE DB Driver for SQL Server Remote Code Execution VulnerabilityCorrected Cumulative Update version numbers and reference KB numbers in the FAQ: "There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?" These are informational changes only.MSRC.MICROSOFT.COM
18 AprCVE-2024-29048 Microsoft OLE DB Driver for SQL Server Remote Code Execution VulnerabilityCorrected Cumulative Update version numbers and reference KB numbers in the FAQ: "There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?" These are informational changes only.MSRC.MICROSOFT.COM
18 AprCVE-2024-29982 Microsoft OLE DB Driver for SQL Server Remote Code Execution VulnerabilityCorrected Cumulative Update version numbers and reference KB numbers in the FAQ: "There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?" These are informational changes only.MSRC.MICROSOFT.COM
18 AprCVE-2024-29983 Microsoft OLE DB Driver for SQL Server Remote Code Execution VulnerabilityCorrected Cumulative Update version numbers and reference KB numbers in the FAQ: "There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?" These are informational changes only.MSRC.MICROSOFT.COM
18 AprCVE-2024-29984 Microsoft OLE DB Driver for SQL Server Remote Code Execution VulnerabilityCorrected Cumulative Update version numbers and reference KB numbers in the FAQ: "There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?" These are informational changes only.MSRC.MICROSOFT.COM
18 AprCVE-2024-29985 Microsoft OLE DB Driver for SQL Server Remote Code Execution VulnerabilityCorrected Cumulative Update version numbers and reference KB numbers in the FAQ: "There are GDR and/or CU (Cumulative Update) updates offered for my version of SQL Server. How do I know which update to use?" These are informational changes only.MSRC.MICROSOFT.COM
18 AprCVE-2024-29987 Microsoft Edge (Chromium-based) Information Disclosure VulnerabilityInformation published.MSRC.MICROSOFT.COM
18 AprCVE-2024-29986 Microsoft Edge for Android (Chromium-based) Information Disclosure VulnerabilityInformation published.MSRC.MICROSOFT.COM
⚠️ VULNERABILITY DISCLOSURE 28[−]
18 AprThe Fall of LabHost: Law Enforcement Shuts Down Phishing Service ProviderOn April 18, 2024, the UK’s Metropolitan Police Service and others conducted an operation that succeeded in taking down the Phishing-as-a-Service provider LabHost.TRENDMICRO.COM
18 AprAre you a toxic cybersecurity boss? How to be a better CISOIt wasn’t just one thing that made Keith, a 40-something cybersecurity pro in New York City, quit his job — there was no single straw that broke the proverbial camel’s back. “It was really the micromanaging, to some degree. And the cursing, the profanity being used in a corporate…CSOONLINE.COM
18 AprHackers Exploit OpenMetadata Flaws to Mine Crypto on KubernetesThreat actors are actively exploiting critical vulnerabilities in OpenMetadata to gain unauthorized access to Kubernetes workloads and leverage them for cryptocurrency mining activity. That's according to the Microsoft Threat Intelligence team, which said the flaws have…THEHACKERNEWS.COM
18 AprArmis Acquires AI-based Vulnerability Detection Firm Silk SecurityArmis, a leading cybersecurity company, has acquired Silk Security, an AI-powered vulnerability detection firm. The acquisition comes when organizations grapple with a surge of security findings, with no scalable and automated way to prioritize and operationalize remediation. Ine…GBHACKERS.COM
18 AprCisco Warns of Global Surge in Brute-Force Attacks Targeting VPN and SSH ServicesCisco Talos described the brute-forcing attempts as using both generic and valid usernames for specific organizations, with the attacks indiscriminately targeting a wide range of sectors across geographies.THEHACKERNEWS.COM
18 AprPhishing-as-a-Service Platform LabHost Seized by AuthoritiesAuthorities have dismantled LabHost, a notorious cybercrime platform that facilitated widespread phishing attacks across the globe. The crackdown on LabHost, which was founded in the UK in 2021, marks a significant victory against cybercriminal networks that have long exploited d…GBHACKERS.COM
18 AprHackers Exploit Fortinet Flaw, Deploy ScreenConnect, Metasploit in New CampaignCybersecurity researchers have discovered a new campaign that's exploiting a recently disclosed security flaw in Fortinet FortiClient EMS devices to deliver ScreenConnect and Metasploit Powerfun payloads.THEHACKERNEWS.COM
18 AprConsolidation blamed for Change Healthcare ransomware attackThe Change Healthcare ransomware attack has provoked calls to mandate baseline security standards for healthcare providers during Congressional hearings on Tuesday. UnitedHealth Group (UHG) was criticized for its response to a February 2024 attack on its Change Healthcare subsidi…CSOONLINE.COM
18 AprLabHost phishing service with 40,000 domains disrupted, 37 arrestedThe LabHost phishing-as-a-service (PhaaS) platform has been disrupted in a year-long global law enforcement operation that compromised the infrastructure and arrested 37 suspects, among them the original developer. [...]BLEEPINGCOMPUTER.COM
18 AprPossible Chinese Hackers Use OpenMetadata for CryptominingHackers who appear to be Chinese are exploiting vulnerabilities in the OpenMetadata platform running as workloads on Kubernetes clusters to download cryptomining software, warns Microsoft.BANKINFOSECURITY.COM
18 AprOther Attempts to Take Over Open Source ProjectsAfter the XZ Utils discovery, people have been examining other open-source projects. Surprising no one, the incident is not unique: The OpenJS Foundation Cross Project Council received a suspicious series of emails with similar messages, bearing different names and overlapping Gi…SCHNEIER.COM
18 AprPhishing Platform LabHost Shut Down by Law EnforcementLabHost, a major phishing-as-a-service platform, has been shut down as part of a major law enforcement operation. The post Phishing Platform LabHost Shut Down by Law Enforcement appeared first on SecurityWeek .SECURITYWEEK.COM
18 AprHow to Conduct Advanced Static Analysis in a Malware SandboxSandboxes are synonymous with dynamic malware analysis. They help to execute malicious files in a safe virtual environment and observe their behavior. However, they also offer plenty of value in terms of static analysis. See these five scenarios where a sandbox can prove to be a …THEHACKERNEWS.COM
18 AprCisco announces AI-powered Hypershield for autonomous exploit patching in the cloudCisco has announced Hypershield , an AI-based capability of the company’s Security Cloud platform for hyperscalers. Hypershield is designed to defend cloud, data center, and distributed edge appliances from rapid vulnerability exploitation, according to Cisco. Patching today’s sp…CSOONLINE.COM
18 AprCisco Says PoC Exploit Available for Newly Patched IMC VulnerabilityCisco patches a high-severity Integrated Management Controller vulnerability for which PoC exploit code is available. The post Cisco Says PoC Exploit Available for Newly Patched IMC Vulnerability appeared first on SecurityWeek .SECURITYWEEK.COM
18 AprUK law enforcement busts online phishing marketplaceUK law enforcement has infiltrated “LabHost,” a fraudulent online service used by more than 2,000 cybercriminals to create phishing websites and trick victims into revealing personal information. Between April 14 and April 17, through a joint operation led by the Metropolitan pol…CSOONLINE.COM
18 AprApex Legends hacker says game developers patched exploit used on streamersLast month, a hacker wreaked havoc during an esports tournament of the popular shooter game Apex Legends, hacking two well-known streamers mid-game to make it look like they were using cheats. A month later, it seems like the hacking saga may have come to a close with the game de…TECHCRUNCH.COM
18 AprSoumniBot Exploiting Android Manifest Flaws to Evade DetectionA new banker, SoumniBot, has recently been identified. It targets Korean users and is incredible by using an unusual method to evade investigation and detection, notably obfuscating the Android manifest. In addition to its unique obfuscation, SoumniBot stands out for its ability …GBHACKERS.COM
18 AprOracle Releases Critical Patch Update Advisory for April 2024Oracle released its quarterly Critical Patch Update Advisory for April 2024 to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. Users and administrators are encouraged to re…CISA.GOV
18 AprUS Government and OpenSSF Partner on New SBOM Management ToolProtobom, the new open source software tool, will help all organizations read and generate SBOMs and file data, as well as translate this data across standard industry SBOM formats.INFOSECURITY-MAGAZINE.COM
18 AprCISA Releases Three Industrial Control Systems AdvisoriesCISA released three Industrial Control Systems (ICS) advisories on April 18, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-109-01 Unitronics Vision Series PLCs ICSA-21-287-03 Mitsubishi Elec…CISA.GOV
18 AprRansomware Victims Who Pay a Ransom Drops to Record LowExperts See Groups Shoot Themselves in the Foot by Yet Again Swindling Affiliates Here's ransomware news to celebrate: The number of victims who opt to pay a ransom has dropped to a record low. Also, the operators of two major groups hit by law enforcement disruptions have each c…DATABREACHTODAY.CO.UK
18 AprCISA and Partners Release Advisory on Akira RansomwareToday, CISA, the Federal Bureau of Investigation (FBI), Europol’s European Cybercrime Centre (EC3), and the Netherlands’ National Cyber Security Centre (NCSC-NL) released a joint Cybersecurity Advisory (CSA), #StopRansomware: Akira Ransomware , to disseminate known Akira ransomwa…CISA.GOV
18 AprWiz is in talks to buy Lacework for $150-200M; security firm was last valued at $8.3BConsolidation continues apace in the world of security. Sources tell us that Lacework — a cloud security startup that was valued at $8.3 billion post-money in its last funding round — is in talks to be acquired by another security player, Wiz, for a price of just $150…TECHCRUNCH.COM
18 AprNovel Android Malware Targets Korean Banking UsersNew Malware SoumniBot Exploiting Legitimate Android Process A new banking Trojan is targeting Korean users using obfuscation techniques that target the Android manifest, exploit vulnerabilities and take advantage of weaknesses in how Android apps interpret this file. SoumniBot st…DATABREACHTODAY.CO.UK
18 AprCrazy money and crazy outcomes - cybersecurity acquisitions in all shapes and sizes - ESW #358This week, Adrian and Tyler discuss some crazy rumors - is it really possible that a cloud security startup valued at over *$8 billion* in November 2021 just got bought for *$200 million*??? Some healthy funding for Cyera and Cohesity ($300m and $150m, respectively) Onum, Alethea…YOUTUBE.COM
18 AprPrevent Generative AI Data Leaks with Chrome Enterprise DLPPosted Kaleigh Rosenblat, Chrome Enterprise Senior Staff Software Engineer, Security Lead Generative AI has emerged as a powerful and popular tool to automate content creation and simple tasks. From customized content creation to source code generation, it can increase both our p…SECURITY.GOOGLEBLOG.COM
📢 SECURITY ADVISORIES 3[−]
18 AprUnpacking the NIST cybersecurity framework 2.0The NIST cybersecurity framework (CSF) helps organizations improve risk management using common language that focuses on business drivers to enhance cybersecurity. NIST CSF 1.0 was released in February 2014, and version 1.1 in April 2018. In February 2024, NIST released its newes…SECURITYINTELLIGENCE.COM
18 AprFIN7 Cybercrime Group Targeting U.S. Auto Industry with Carbanak BackdoorThe infamous cybercrime syndicate known as FIN7 has been linked to a spear-phishing campaign targeting the U.S. automotive industry to deliver a known backdoor called Carbanak (aka Anunak). "FIN7 identified employees at the company who worked in the IT department and had higher l…THEHACKERNEWS.COM
🔥 INCIDENT REPORTING 22[−]
18 AprFood and Agriculture Sector Hit with More Than 160 Ransomware Attacks Last YearIn its first annual report, the Food and Agriculture-Information Sharing and Analysis Center (Food and Ag-ISAC) said the industry was the seventh most targeted sector in the country, behind manufacturing, financial services, and others.THERECORD.MEDIA
18 AprWhat is Encryption in Malware? – Understand From Basics to XORMalware commonly encrypts its traffic (stolen data sent to a command-and-control server) and internal strings (like URLs and configurations) to prevent security systems from recognizing malicious content. Cryptography fundamentals, classical ciphers, bitwise operations, XOR…GBHACKERS.COM
18 AprLe Slip Français - 1,495,127 breached accountsIn April 2024, the French underwear maker Le Slip Français suffered a data breach . The breach included 1.5M email addresses, physical addresses, names and phone numbers.HAVEIBEENPWNED.COM
18 AprUnitedHealth Expects Up to $1.6B Hit From Change Healthcare Cyberattack This YearThe hit comes from direct response efforts like recovering Change’s clearinghouse platform and paying higher medical costs after its insurance arm suspended some utilization management processes, in addition to the loss of Change’s revenue.CYBERSECURITYDIVE.COM
18 AprLockBit Knockoffs and Imposters Proliferate After LockBit 3.0 Builder LeakSince September 2022, anyone has been able to use the LockBit version 3.0 - aka Black - builder thanks to a key developer leaking it after he fell out with group leader LockBitSupp.BANKINFOSECURITY.COM
18 AprMoldovan Charged for Operating Botnet Used to Push RansomwareThe U.S. Justice Department charged Moldovan national Alexander Lefterov, the owner and operator of a large-scale botnet that infected thousands of computers across the United States.BLEEPINGCOMPUTER.COM
18 AprLeSlipFrancais Data Breach: Customers’ Personal Information ExposedLeSlipFrancais, the renowned French underwear brand, has confirmed a data breach impacting its customer base. The breach, first reported by the online security platform Have I Been Pwned, has compromised the sensitive personal information of thousands of customers. The breach has…GBHACKERS.COM
18 AprRussian Sandworm Hackers Pose as Hacktivists in Water Utility BreachesIn a report today, Mandiant says that Sandworm relied on three main hacktivist-branded Telegram channels named XakNet Team, CyberArmyofRussia_Reborn, and Solntsepek, all operating in parallel and independently of one another.BLEEPINGCOMPUTER.COM
18 Apr180k Impacted by Data Breach at Michigan Healthcare OrganizationCherry Health says the personal information of over 180,000 individuals was stolen in a ransomware attack. The post 180k Impacted by Data Breach at Michigan Healthcare Organization appeared first on SecurityWeek .SECURITYWEEK.COM
18 AprRecover from Ransomware in 5 Minutes—We will Teach You How!Super Low RPO with Continuous Data Protection:Dial Back to Just Seconds Before an Attack Zerto, a Hewlett Packard Enterprise company, can help you detect and recover from ransomware in near real-time. This solution leverages continuous data protection (CDP) to ensure all workload…THEHACKERNEWS.COM
18 AprCheap ransomware for sale on dark web marketplaces is changing the way hackers operate - Help Net Securitysubmitted by kid to cybersecurity 1 points | 0 comments https://www.helpnetsecurity.com/2024/04/18/junk-gun-cheap-ransomware-dark-web/HELPNETSECURITY.COM
18 AprCompany Says Change Healthcare Hackers Stole Sensitive DataUnitedHealth Group Makes Low Key Admission in Online FAQ UnitedHealthGroup said for the first time that hackers behind a February ransomware attack against Change Healthcare breached sensitive health information, an admission that triggers a regulatory countdown clock for public …DATABREACHTODAY.CO.UK
18 AprUnited Nations Agency Investigating Ransomware Attack Involving Data TheftUnited Nations Development Programme (UNDP) investigating a ransomware attack in which hackers stole sensitive data. The post United Nations Agency Investigating Ransomware Attack Involving Data Theft appeared first on SecurityWeek .SECURITYWEEK.COM
18 AprChange Healthcare data for sale on dark web as fallout from ransomware attack spirals out of controlFebruary's crippling ransomware attack against Change Healthcare, which saw prescription orders delayed across the United States, continues to have serious consequences. Read more in my article on the Hot for Security blog.BITDEFENDER.COM
18 Apr3.5 million Omni Hotel guest details held to ransom by Daixin TeamThe international hotel chain Omni Hotels & Resorts has confirmed that a cyber attack last month saw it shut down its systems, with hackers stealing personal information about its customers. Read more in my article on the Exponential-E blog.EXPONENTIAL-E.COM
18 AprCryptohack Roundup: First Conviction in Smart Contract HackAlso: Nebraska Man Steals $3.5 Million of Cloud Services to Mine $1M of Crypto Every week, ISMG rounds up cybersecurity incidents in digital assets. This week, sentencing in the first-ever conviction for hacking a smart contract, indictment in a million-dollar illicit mining, FTX…DATABREACHTODAY.CO.UK
18 AprCape dials up $61M from A16Z + more for mobile service that doesn’t use personal dataAT&T’s recent mega customer data breach — 74 million accounts impacted — laid bare how much data carriers have on their users, and also that the data is there for the hacking. Today, a startup called Cape — based out of Washington DC and founded by a f…TECHCRUNCH.COM
18 AprFBI: Akira ransomware raked in $42 million from 250+ victimsThe Akira ransomware operation has breached the networks of over 250 organizations and raked in roughly $42 million in ransom payments. [...]BLEEPINGCOMPUTER.COM
18 Apr840-bed hospital in France postpones procedures after cyberattackThe Hospital Simone Veil in Cannes (CHC-SV) has announced that it was targeted by a cyberattack on Tuesday morning, severely impacting its operations and forcing staff to go back to pen and paper. [...]BLEEPINGCOMPUTER.COM
18 AprHacking the Floodgates: U.S. Dams Face Growing Cyber ThreatsHacks on Unregulated Dams Can Result in Mass Casualties, Experts and Lawmakers Warn Cybersecurity experts and top lawmakers are warning that a successful cyberattack targeting federally-regulated dams across the United States - the majority of which have not received a cyber audi…DATABREACHTODAY.CO.UK
18 AprFrontier Communications shuts down systems after cyberattackAmerican telecom provider Frontier Communications is restoring systems after a cybercrime group breached some of its IT systems in a recent cyberattack. [...]BLEEPINGCOMPUTER.COM
18 AprBreach Roundup: LabHost Goes DownAlso: Omni Hack Exposed Customer Data and More Ivanti Vulnerabilities This week, police took down the LabHost phishing-as-a-service site, customer data compromised in Omni Hotels hack, more Ivanti vulnerabilities, a Moldovan botnet operators faces U.S. charges, Cisco warned of da…DATABREACHTODAY.CO.UK
🕵️ THREAT INTELLIGENCE 19[−]
18 AprISC Stormcast For Thursday, April 18th, 2024 https://isc.sans.edu/podcastdetail/8944, (Thu, Apr 18th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
18 AprMalicious Google Ads Pushing Fake IP Scanner Software with Hidden BackdoorA new Google malvertising campaign is leveraging a cluster of domains mimicking a legitimate IP scanner software to deliver a previously unknown backdoor dubbed MadMxShell. "The threat actor registered multiple look-alike domains using a typosquatting technique and leveraged…THEHACKERNEWS.COM
18 AprCisco Unveils AI-Native Enterprise Security Solution HypershieldCisco announces Hypershield, an AI-native and cloud-native enterprise security solution with a wide range of capabilities. The post Cisco Unveils AI-Native Enterprise Security Solution Hypershield appeared first on SecurityWeek .SECURITYWEEK.COM
18 AprNigeria & Romania Ranked Among Top Cybercrime Havenssubmitted by 0nekoneko7 to securitynews 2 points | 0 comments https://www.darkreading.com/cybersecurity-analytics/nigeria-romania-ranked-among-top-cybercrime-havens A survey of cybercrime experts assessing the top cybercrime-producing nations results in some expected leaders — Ru…DARKREADING.COM
18 AprCisco Hypershield: AI-Powered Hyper-Distributed Security for Data CenterCisco has unveiled its latest innovation, Cisco Hypershield, marking a milestone in cybersecurity. This groundbreaking product, described as Cisco’s most consequential security solution, introduces a cloud-native, AI-powered approach to securing highly distributed, AI-scale…GBHACKERS.COM
18 AprUnearthing APT44: Russia’s Notorious Cyber Sabotage Unit Sandworm | Google Cloud Blogsubmitted by kid to cybersecurity 1 points | 0 comments https://cloud.google.com/blog/topics/threat-intelligence/apt44-unearthing-sandwormCLOUD.GOOGLE.COM
18 AprLastPass Warns of Deepfake Phishing AttemptLastPass has warned that one of its employees was targeted by a social engineering attack that used an audio deepfake that impersonated the company’s CEO. Fortunately, the employee grew suspicious and avoided falling for the attack.KNOWBE4.COM
18 AprAI Voice Cloning and Bank Voice Authentication: A Recipe for Disaster?New advancements in generative AI voice cloning come at a time when banks are looking for additional ways to authenticate their customers – and they’re choosing your voice.KNOWBE4.COM
18 AprRussian APT44 – The Most Notorious Cyber Sabotage Group GloballyAs Russia’s invasion of Ukraine enters its third year, the formidable Sandworm (aka FROZENBARENTS, APT44) cyber threat group remains highly active and increasingly integrated with Russian conventional military operations in support of Moscow’s war aims. However,…GBHACKERS.COM
18 AprFIN7 Hackers Attacking IT Employees Of Automotive IndustryIT employees in the automotive industry are often targeted by hackers because they have access to sensitive information such as customer data, intellectual property, and critical systems. The connected technologies’ dependence on the automotive industry and the value of the…GBHACKERS.COM
18 AprFIN7 Targets American Automaker’s IT Staff in Phishing AttacksThe financially motivated threat actor FIN7 targeted a large U.S. car maker with spear-phishing emails for employees in the IT department to infect systems with the Anunak backdoor.BLEEPINGCOMPUTER.COM
18 AprFive Eyes Agencies Release New AI Security GuidanceFive Eyes cybersecurity agencies have released joint guidance on securely deploying and operating AI systems. The post Five Eyes Agencies Release New AI Security Guidance appeared first on SecurityWeek .SECURITYWEEK.COM
18 AprPalo Alto Networks Recognized by Gartner as a Leader in SSE ReportPalo Alto Networks is proud to announce that it has been named a Leader in the 2024 Gartner® Magic Quadrant™ for Security Service Edge (SSE). The post Palo Alto Networks Recognized by Gartner as a Leader in SSE Report appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
18 AprSAP Applications Increasingly in Attacker Crosshairs, Report ShowsMalicious hackers are targeting SAP applications at an alarming pace, according to warnings from Onapsis and Flashpoint. The post SAP Applications Increasingly in Attacker Crosshairs, Report Shows appeared first on SecurityWeek .SECURITYWEEK.COM
18 AprMulti-Data Platform SIEM Anvilogic Raises $45 MillionSilicon Valley startup Anvilogic has raised $45 million in a Series C funding round led by Evolution Equity Partners. The post Multi-Data Platform SIEM Anvilogic Raises $45 Million appeared first on SecurityWeek .SECURITYWEEK.COM
18 AprJury Dishes Out Guilty Verdict in Mango Markets Fraud CaseHacker Masterminded, Executed $110 Million Crypto Fraud Scheme A New York federal jury has found a hacker guilty of charges that he masterminded and carried out a scheme to fraudulently obtain $110 million in cryptocurrency from crypto currency exchange Mango Markets and investor…DATABREACHTODAY.CO.UK
18 AprDark Web Sales Driving Major Rise in Credential AttacksCybercriminals Netting Over 50 Credentials Per Infected Device, Kaspersky Says The value of corporate credentials in the cybercrime market contributed to a 643% increase in data theft attacks over the past three years, cybersecurity company Kaspersky says. Malicious access broker…DATABREACHTODAY.CO.UK
18 AprFrom Hackers to Streakers - How Counterintelligence Teams are Protecting the NFL - Joe... - ESW #358Protecting a normal enterprise environment is already difficult. What must it be like protecting a sports team? From the stadium to merch sales to protecting team strategies and even the players - securing an professional sports team and its brand is a cybersecurity challenge on …YOUTUBE.COM
🌐 CYBER THREAT LANDSCAPE 6[−]
18 AprNew Android Trojan 'SoumniBot' Evades Detection with Clever TricksA new Android trojan called SoumniBot has been detected in the wild targeting users in South Korea by leveraging weaknesses in the manifest extraction and parsing procedure. The malware is "notable for an unconventional approach to evading analysis and detection, namely…THEHACKERNEWS.COM
18 AprMalvertising Campaign Targeting IT Teams with MadMxShell BackdoorThe backdoor uses techniques such as multiple stages of DLL sideloading and DNS tunneling for command-and-control (C2) communication as a means to evade endpoint and network security solutions, respectively.ZSCALER.COM
18 AprOfflRouter Malware Evades Detection in Ukraine for Almost a DecadeSelect Ukrainian government networks have remained infected with a malware called OfflRouter since 2015. Cisco Talos said its findings are based on an analysis of over 100 confidential documents that were infected with the VBA macro virus and uploaded to the VirusTotal malware sc…THEHACKERNEWS.COM
18 AprPolice smash LabHost international fraud network, 37 arrestedPolice have successfully infiltrated and disrupted the fraud platform "LabHost", used by more than 2,000 criminals to defraud victims worldwide. Read more in my article on the Tripwire State of Security blog.TRIPWIRE.COM
18 AprGoogle ad impersonates Whales Market to push wallet drainer malwareA legitimate-looking Google Search advertisement for the crypto trading platform 'Whales Market' redirects visitors to a wallet-draining phishing site that steals all of your assets. [...]BLEEPINGCOMPUTER.COM
18 AprFake cheat lures gamers into spreading infostealer malwareA new info-stealing malware linked to Redline poses as a game cheat called 'Cheat Lab,' promising downloaders a free copy if they convince their friends to install it too. [...]BLEEPINGCOMPUTER.COM
📡 INFOSEC NEWS 17[−]
18 AprArmis Buys Cyber Remediation Startup Silk Security for $150MArmis has purchased a security prioritization and remediation vendor led by a Goldman Sachs veteran to more effectively address vulnerabilities and misconfigurations with AI and automation.BANKINFOSECURITY.COM
18 AprGlobal Police Operation Disrupts 'LabHost' Phishing Service, Over 30 Arrested WorldwideAs many as 37 individuals have been arrested as part of an international crackdown on a cybercrime service called LabHost that has been used by criminal actors to steal personal credentials from victims around the world. Described as one of the largest Phishing-as-a-Ser…THEHACKERNEWS.COM
18 AprInsider Threats Surge 14% Annually as Cost-of-Living Crisis BitesEmployee fraud grew significantly last year thanks to the opportunities afforded by remote working and the pressures of a cost-of-living crisis in the UK, according to Cifas.INFOSECURITY-MAGAZINE.COM
18 AprIT and Security Professionals Demand More Workplace FlexibilityThe concept of Everywhere Work is now much broader, encompassing where, when, and how professionals get their work done — and flexibility has become a key workplace priority, according to Ivanti.HELPNETSECURITY.COM
18 AprCybercriminals pose as LastPass staff to hack password vaultsLastPass is warning of a malicious campaign targeting its users with the CryptoChameleon phishing kit that is associated with cryptocurrency theft. [...]BLEEPINGCOMPUTER.COM
18 AprGlobal Police Operation Disrupts 'LabHost' Phishing Service, Over 30 Arrested WorldwideAs many as 37 individuals have been arrested as part of an international crackdown on a cybercrime service called LabHost that has been used by criminal actors to steal personal credentials from victims around the world.THEHACKERNEWS.COM
18 AprHydradancer: Faster USB Emulation for FacedancerIn this blogpost, we present Hydradancer, a new board for Facedancer based on HydraUSB3 allowing faster USB peripherals emulation.QUARKSLAB.COM
18 AprMicrosoft Office LTSC 2024 preview available for Windows, MacA preview of Microsoft Office LTSC 2024, a volume-licensed and perpetual version of Office for commercial customers, is now available for Windows and macOS users. [...]BLEEPINGCOMPUTER.COM
18 AprHackers are threatening to publish a huge stolen sanctions and financial crimes watchlistThe hackers say they have stolen 5.3 million records from the World-Check database, used by companies and banks for screening potential customers. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
18 AprLive Webinar | CybeRx - How to Automatically Protect Rockwell OT Customers from Today’s Cyber-AttacksDATABREACHTODAY.CO.UK
18 AprWhy Health Firms Struggle with Cybersecurity FrameworksHealthcare sector organizations often still struggle to implement security frameworks effectively, often not fully understanding the requirements or failing to integrate them into their overall cybersecurity strategy, said Keith Forrester of security firm Optiv, who offers tips t…DATABREACHTODAY.CO.UK
18 AprFrom $8.3B to $200M: Why Lacework Is Examining a Sale to WizLacework Got the Largest Funding Round in Cyber History. Now, It's Eyeing the Exits Wiz is in advanced negotiations to buy Lacework for between $150 million and $200 million. The companies recently signed a letter of intent and are now in the midst of a comprehensive due diligenc…DATABREACHTODAY.CO.UK
18 AprThe many faces of impersonation fraud: Spot an imposter before it’s too lateWhat are some of the most common giveaway signs that the person behind the screen or on the other end of the line isn’t who they claim to be?WELIVESECURITY.COM