matlock.ca // THREAT INTELLIGENCE

106Articles

9Categories

2024-04-23Date

🚨

CISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2022-38028 Microsoft Windows Print Spooler Privilege Escalation Vulnerability These types of vulnerabilities are frequent attack vectors for m…

KEVCISA.GOV — Tue, 23 Apr 24 1

🐛

Critical Apache HugeGraph Flaw Let Attackers Execute Remote Code

GBHACKERS.COM — 23 Apr 2024

🐛

Siemens Industrial Product Impacted by Exploited Palo Alto Firewall Vulnerability

SECURITYWEEK.COM — 23 Apr 2024

🐛

Russian state-sponsored hacker used GooseEgg malware to steal Windows credentials

CSOONLINE.COM — 23 Apr 2024

🐛

PoC Exploit Released For Critical Oracle VirtualBox Vulnerability

GBHACKERS.COM — 23 Apr 2024

⚠️

Russia's APT28 Exploited Windows Print Spooler Flaw to Deploy 'GooseEgg' Malware

THEHACKERNEWS.COM — 23 Apr 2024

⚠️

Microsoft’s mea culpa moment: how it should face up to the CSRB’s critical report

CSOONLINE.COM — 23 Apr 2024

⚠️

Critical Flaw with Popular API Portal Let Attackers Launch SSRF Attacks

GBHACKERS.COM — 23 Apr 2024

⚠️

Top 10 physical security considerations for CISOs

CSOONLINE.COM — 23 Apr 2024

⚠️

Hacker Offers Upto $300 To Mobile Networks Staff For Illegal SIM Swaps

GBHACKERS.COM — 23 Apr 2024

⚠️

Cloud Console Cartographer: Open-Source Tool Helps Security Teams Transcribe Log Activity

HELPNETSECURITY.COM — 23 Apr 2024

⚠️

Police Chiefs Call for Solutions to Access Encrypted Data in Serious Crime Cases

THEHACKERNEWS.COM — 23 Apr 2024

⚠️

German Authorities Issue Arrest Warrants for Three Suspected Chinese Spies

THEHACKERNEWS.COM — 23 Apr 2024

⚠️

Nespresso Domain Serves Up Steamy Cup of Phish, No Cream or Sugar

DARKREADING.COM — 23 Apr 2024

⚠️

Webinar: Learn Proactive Supply Chain Threat Hunting Techniques

THEHACKERNEWS.COM — 23 Apr 2024

⚠️

Fraudsters Exploit Telegram’s Popularity for Toncoin Scam

INFOSECURITY-MAGAZINE.COM — 23 Apr 2024

⚠️

Tracing the Steps of Cyber Intruders: The Path of Lateral Movement

GBHACKERS.COM — 23 Apr 2024

⚠️

Russian Cyberspies Deliver ‘GooseEgg’ Malware to Government Organizations

SECURITYWEEK.COM — 23 Apr 2024

⚠️

Hackers hijack antivirus updates to drop GuptiMiner malware

BLEEPINGCOMPUTER.COM — 23 Apr 2024

⚠️

Windows Vulnerability Reported By The NSA Exploited To Install Russian Malware

PACKETSTORMSECURITY.COM — 23 Apr 2024

⚠️

MITRE Hacked By State Sponsored Group Via Ivanti Zero Days

PACKETSTORMSECURITY.COM — 23 Apr 2024

⚠️

Apache Cordova App Harness Targeted in Dependency Confusion Attack

THEHACKERNEWS.COM — 23 Apr 2024

⚠️

CISA Releases Two Industrial Control Systems Advisories

CISA.GOV — Tue, 23 Apr 24 1

⚠️

US imposes visa bans on 13 spyware makers and their families

BLEEPINGCOMPUTER.COM — 23 Apr 2024

⚠️

Phishing Campaign Exploits Nespresso Domain

KNOWBE4.COM — 23 Apr 2024

⚠️

Sustainable Funding of Open Source Tools - Simon Bennetts, Mark Curphey - ASW #282

YOUTUBE.COM — 2024-04-23

⚠️

XZ & Open Source, PuTTY's Private Keys, LeakyCLI, LLMs Writing Exploits - ASW #282

YOUTUBE.COM — 2024-04-23

⚠️

Behavioral patterns of ransomware groups are changing - Help Net Security

HELPNETSECURITY.COM — 23 Apr 2024

⚠️

Authentication failure blamed for Change Healthcare ransomware attack

CSOONLINE.COM — 23 Apr 2024

⚠️

Russian APT28 Group in New “GooseEgg” Hacking Campaign

INFOSECURITY-MAGAZINE.COM — 23 Apr 2024

⚠️

Vulnerability Exploitation on the Rise as Attackers Ditch Phishing

INFOSECURITY-MAGAZINE.COM — 23 Apr 2024

⚠️

The Assumed Breach conundrum

CSOONLINE.COM — 23 Apr 2024

⚠️

Russian Hackers Exploiting Windows Print Spooler Vuln

DATABREACHTODAY.CO.UK — 2024-04-23

⚠️

Uncovering potential threats to your web application by leveraging security reports

SECURITY.GOOGLEBLOG.COM — 2024-04-23

📋

Microsoft releases Exchange hotfixes for security update issues

BLEEPINGCOMPUTER.COM — 23 Apr 2024

📋

Microsoft pulls fix for Outlook bug behind ICS security alerts

BLEEPINGCOMPUTER.COM — 23 Apr 2024

📢

Uncertainty is the Most Common Driver of Noncompliance

HELPNETSECURITY.COM — 23 Apr 2024

📢

Microsoft and Security Incentives

SCHNEIER.COM — 2024-04-23

📢

Dell security advisory (AV24-220)

CYBER.GC.CA — 2024-04-23

📢

CISA to Issue List of Software Products Critical to Agency Security by End of September

NEXTGOV.COM — 23 Apr 2024

🔥

Weekly Update 396

TROYHUNT.COM — 23 Apr 2024

🔥

Cyber Insurance Gaps Stick Firms With Millions in Uncovered Losses

CYBERSECURITYDIVE.COM — 23 Apr 2024

🔥

Researchers Warn Windows Defender Attack can Delete Databases

THEREGISTER.COM — 23 Apr 2024

🔥

UnitedHealth Pay Ransom After Change Healthcare Cyberattack

THECYBEREXPRESS.COM — 23 Apr 2024

🔥

Volkswagen Group’s Systems Hacked: 19,000+ Documents Stolen

GBHACKERS.COM — 23 Apr 2024

🔥

Feds Issue Guide for Change Health Breach Reporting Duties

GOVINFOSECURITY.COM — 23 Apr 2024

🔥

Unmasking the True Cost of Cyberattacks: Beyond Ransom and Recovery

THEHACKERNEWS.COM — 23 Apr 2024

🔥

Ransomware Gang Leaks Data Allegedly Stolen From Government Contractor

SECURITYWEEK.COM — 23 Apr 2024

🔥

Behavioral Patterns of Ransomware Groups are Changing

HELPNETSECURITY.COM — 23 Apr 2024

🔥

UnitedHealth Group Previews Massive Change Healthcare Breach

DATABREACHTODAY.CO.UK — 2024-04-23

🔥

Nespresso Domain Serves Up Steamy Cup of Phish, No Cream or Sugar

DARKREADING.COM — 23 Apr 2024

🔥

UnitedHealth Says Patient Data Exposed in Change Healthcare Cyberattack

SECURITYWEEK.COM — 23 Apr 2024

🔥

UnitedHealth confirms it paid ransomware gang to stop data leak

BLEEPINGCOMPUTER.COM — 23 Apr 2024

🔥

UnitedHealth Admits Breach Could Cover Substantial Proportion Of People In America

PACKETSTORMSECURITY.COM — 23 Apr 2024

🔥

Global Optics Provider Hit with Ransomware Attack and a $10M Ransom

KNOWBE4.COM — 23 Apr 2024

🔥

DPRK hacking groups breach South Korean defense contractors

BLEEPINGCOMPUTER.COM — 23 Apr 2024

🔥

US govt sanctions Iranians linked to government cyberattacks

BLEEPINGCOMPUTER.COM — 23 Apr 2024

🔥

This Website is Selling Billions of Private Messages of Discord Users

HACKREAD.COM — 23 Apr 2024

🔥

$10 Million Bounty on Iranian Hackers for Cyber Attacks on US Gov, Defense Contractors

SECURITYWEEK.COM — 23 Apr 2024

🔥

Ukrainian Energy Sector Under Cyber Siege by Russian Hackers

DATABREACHTODAY.CO.UK — 2024-04-23

🔥

Change Health Attack: Details Emerge; Breach Will Top Record

DATABREACHTODAY.CO.UK — 2024-04-23

🔥

New Microsoft Incident Response guide helps simplify cyberthreat investigations

MICROSOFT.COM — 23 Apr 2024

🕵️

ISC Stormcast For Tuesday, April 23rd, 2024 https://isc.sans.edu/podcastdetail/8950, (Tue, Apr 23rd)

ISC.SANS.EDU — 23 Apr 2024

🕵️

Europol calls for Tech Giants to Get Lawful Access To end-to-end Encryption

GBHACKERS.COM — 23 Apr 2024

🕵️

GitHub Comments Abused to Push Malware via Microsoft Repository URLs

BLEEPINGCOMPUTER.COM — 23 Apr 2024

🕵️

Russian Sandworm Hackers Targeted 20 Critical Organizations in Ukraine

BLEEPINGCOMPUTER.COM — 23 Apr 2024

🕵️

Microsoft DRM Hack Could Allow Movie Downloads From Popular Streaming Services

SECURITYWEEK.COM — 23 Apr 2024

🕵️

Microsoft Warns of North Korean Hackers Turning to AI-Fueled Cyber Espionage

THEHACKERNEWS.COM — 23 Apr 2024

🕵️

U.S. to Impose Visa Restrictions on 13 Individuals Involved in Commercial Spyware Operations

GBHACKERS.COM — 23 Apr 2024

🕵️

Androxgh0st Malware Compromises Servers Worldwide for Botnet Attack

HACKREAD.COM — 23 Apr 2024

🕵️

ToddyCat APT Is Stealing Data on 'Industrial Scale'

DARKREADING.COM — 23 Apr 2024

🕵️

State Hackers' New Frontier: Network Edge Devices

DATABREACHTODAY.CO.UK — 2024-04-23

🕵️

Malvertising: Fake Popular Software Ads Deliver New MadMxShell Backdoor

HACKREAD.COM — 23 Apr 2024

🕵️

CyberheistNews Vol 14 #17 [HEADS UP] LastPass Warns of a 'CEO' Deepfake Phishing Attempt

KNOWBE4.COM — 23 Apr 2024

🕵️

Passwords, passkeys and familiarity bias

SECURITYINTELLIGENCE.COM — 23 Apr 2024

🕵️

The Battle Continues: Mandiant Report Shows Improved Detection But Persistent Adversarial Success

SECURITYWEEK.COM — 23 Apr 2024

🕵️

Environmental Sustainable Training: KnowBe4's Commitment to a Greener Earth

KNOWBE4.COM — 23 Apr 2024

🕵️

USPS Surges to Take Top Spot as Most Impersonated Brand in Phishing Attacks

KNOWBE4.COM — 23 Apr 2024

🕵️

The Challenges of Managing Security in an IT/OT Environment - John Germain - CSP #171

YOUTUBE.COM — 2024-04-23

🕵️

Level Up Your Users’ Cybersecurity Skills with 'The Inside Man: New Recruits’

KNOWBE4.COM — 23 Apr 2024

🕵️

GuptiMiner: Hijacking Antivirus Updates for Distributing Backdoors and Casual Mining

DECODED.AVAST.IO — 23 Apr 2024

🕵️

Spain Reopens a Probe Into a Pegasus Spyware Case After a French Request to Work Together

SECURITYWEEK.COM — 23 Apr 2024

🕵️

US Presures Iran Over Phishing Campaign Against Feds

DATABREACHTODAY.CO.UK — 2024-04-23

🕵️

Robofly, CRUSHFTP, Github, Palo Alto, MITRE, Fancy Bear, Deepfakes, Aaran Leyland... - SWN #380

YOUTUBE.COM — 2024-04-23

🕵️

CoralRaider attacks use CDN cache to push info-stealer malware

BLEEPINGCOMPUTER.COM — 23 Apr 2024

🕵️

US Pressures Iran Over Phishing Campaign Against Feds

DATABREACHTODAY.CO.UK — 2024-04-23

🕵️

CyberRisk Alliance Live from RSAC 2024 Day 1

YOUTUBE.COM — 2024-04-23

🕵️

CyberRisk Alliance Live from RSAC 2024 Day 2

YOUTUBE.COM — 2024-04-23

🕵️

CyberRisk Alliance Live from RSA Conference 2024 - Day 3

YOUTUBE.COM — 2024-04-23

🕵️

CyberRisk Alliance Live from RSA Conference 2024 - Day 4

YOUTUBE.COM — 2024-04-23

🌐

Sharp Stealer: New Info-stealer Malware Targets Gamers, Crypto Enthusiasts

GDATASOFTWARE.COM — 23 Apr 2024

🌐

U.S. Imposes Visa Restrictions on 13 Linked to Commercial Spyware Misuse

THEHACKERNEWS.COM — 23 Apr 2024

🌐

Majority of Businesses Worldwide are Implementing Zero Trust, Gartner Finds

CYBERSECURITYDIVE.COM — 23 Apr 2024

🌐

GitLab Affected by GitHub-Style CDN Flaw Allowing Malware Hosting

BLEEPINGCOMPUTER.COM — 23 Apr 2024

🌐

HHS Beefs Up Privacy Protection for Reproductive Health Info

GOVINFOSECURITY.COM — 23 Apr 2024

📡

Content filtering in KSMG 2.1 | Kaspersky official blog

KASPERSKY.COM — 23 Apr 2024

📡

Struts "devmode": Still a problem ten years later?, (Tue, Apr 23rd)

ISC.SANS.EDU — 23 Apr 2024

📡

Resilient Together with Priority Telecommunications Services (PTS)

CISA.GOV — Tue, 23 Apr 24 1

📡

Authorities Investigate LabHost Users After Phishing Service Shutdown

PACKETSTORMSECURITY.COM — 23 Apr 2024

📡

Microsoft DRM Hack Could Allow Movie Downloads From Streaming

PACKETSTORMSECURITY.COM — 23 Apr 2024

📡

Over A Million Neighbourhood Watch Members Exposed

PACKETSTORMSECURITY.COM — 23 Apr 2024

📡

The Future is Now: Tech Trends Driving App Dev—Gen AI, Low-Code and More

DATABREACHTODAY.CO.UK — 2024-04-23

📡

Building Security for MSPs: Cisco's Blueprint for Success

DATABREACHTODAY.CO.UK — 2024-04-23

📡

How technology drives progress – A Q&A with Nobel laureate Michel Mayor

WELIVESECURITY.COM — 23 Apr 2024

📡

The vision behind Starmus – A Q&A with the festival’s co-founder Garik Israelian

WELIVESECURITY.COM — 23 Apr 2024

📡

Secure by Design Turns 1!

CISA.GOV — Tue, 23 Apr 24 1