🐛 COMMON VULNERABILITIES AND EXPOSURES 8[−]
26 AprPalo Alto Networks Shares Remediation Advice for Hacked FirewallsPalo Alto Networks has issued urgent remediation advice after discovering a critical vulnerability, designated CVE-2024-3400, which threat actors have exploited to gain unauthorized access to several firewall products. The cybersecurity giant has outlined detailed steps for organ…GBHACKERS.COM
26 AprHackers Exploiting WP-Automatic Plugin Bug to Create Admin Accounts on WordPress SitesThreat actors are attempting to actively exploit a critical security flaw in the WP‑Automatic plugin for WordPress that could allow site takeovers. The shortcoming, tracked as CVE-2024-27956, carries a CVSS score of 9.9 out of a maximum of 10. It impacts all versions of the …THEHACKERNEWS.COM
26 AprHackers Exploiting WP-Automatic Plugin Bug to Create Admin Accounts on WordPress SitesA critical severity flaw (CVE-2024-27956) in the WP-Automatic plugin for WordPress allows threat actors to gain unauthorized access to WordPress sites, create admin-level user accounts, and potentially take full control of the affected sites.THEHACKERNEWS.COM
26 AprHackers Exploit Old Microsoft Office 0-day to Deliver Cobalt StrikeHackers have leveraged an old Microsoft Office vulnerability, CVE-2017-8570, to deploy the notorious Cobalt Strike Beacon, targeting systems in Ukraine. It has been closely monitoring the situation and has successfully detected all stages of the attack. CVE-2017-8570: The Initial…GBHACKERS.COM
26 AprPalo Alto Networks Outlines Remediation for Critical PAN-OS Flaw Under AttackPalo Alto Networks has shared remediation guidance for a recently disclosed critical security flaw impacting PAN-OS that has come under active exploitation. The vulnerability, tracked as CVE-2024-3400 (CVSS score: 10.0), could be weaponized to o…THEHACKERNEWS.COM
26 AprChromium: CVE-2024-4058 Type Confusion in ANGLEThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
26 AprChromium: CVE-2024-4060 Use after free in DawnThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
26 AprChromium: CVE-2024-4059 Out of bounds read in V8 APIThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
⚠️ VULNERABILITY DISCLOSURE 20[−]
26 AprMicrosoft Publicly Releases MS-DOS 4.0 Source CodeIn a historic move, Microsoft has made the source code for MS-DOS 4.0, one of the most influential operating systems of all time, publicly available on GitHub. This decision marks a significant milestone in the company’s commitment to open-source software and preserving com…GBHACKERS.COM
26 AprKaiser Permanente: Data breach may impact 13.4 million patientsHealthcare service provider Kaiser Permanente disclosed a data security incident that may impact 13.4 million people in the United States. [...]BLEEPINGCOMPUTER.COM
26 AprCritical WordPress Automatic Plugin Vulnerability Exploited to Inject BackdoorsA vulnerability in the WordPress Automatic plugin is being exploited to inject backdoors and web shells into websites. The post Critical WordPress Automatic Plugin Vulnerability Exploited to Inject Backdoors appeared first on SecurityWeek .SECURITYWEEK.COM
26 AprResearchers Found 18 Vulnerabilities in Brocade SANnavThree of the vulnerabilities could allow an attacker to send malicious data, intercept credentials sent in clear text, and potentially compromise the entire Fibre Channel infrastructure.PIERREKIM.GITHUB.IO
26 AprGodfather Banking Trojan Spawns 1.2K Samples Across 57 CountriesFirst discovered in 2022, Godfather — which can record screens and keystrokes, intercepts 2FA calls and texts, initiates bank transfers, and more — has quickly become one of the most widespread malware-as-a-service offerings in cybercrime.DARKREADING.COM
26 AprLong Article on GM Spying on Its Cars’ DriversKashmir Hill has a really good article on how GM tricked its drivers into letting it spy on them—and then sold that data to insurance companies.SCHNEIER.COM
26 Apr5000+ CrushFTP Servers Hacked Using Zero-Day ExploitHackers often target CrushFTP servers as they contain sensitive data and are used for file sharing and storage. This makes them attractive targets for data theft and ransomware attacks for the threat actors. Besides this, the vulnerabilities in CrushFTP servers can be explo…GBHACKERS.COM
26 AprDragonForce Ransomware Group Uses LockBit’s Leaked Buildersubmitted by kid to cybersecurity 1 points | 0 comments https://www.infosecurity-magazine.com/news/dragonforce-ransomware-lockbit/INFOSECURITY-MAGAZINE.COM
26 AprNETGEAR buffer Overflow Vulnerability Let Attackers Bypass AuthenticationSome router models have identified a security vulnerability that allows attackers to bypass authentication. To exploit this vulnerability, an attacker must know the WiFi password or have an Ethernet connection to a device on the victim’s network. Firmware updates that addre…GBHACKERS.COM
26 Apr KEVOver 1,400 CrushFTP Instances Vulnerable to Exploited Zero-DayMore than 1,400 CrushFTP servers remain vulnerable to an actively exploited zero-day for which PoC has been published. The post Over 1,400 CrushFTP Instances Vulnerable to Exploited Zero-Day appeared first on SecurityWeek .SECURITYWEEK.COM
26 AprHow an Athletic Director Exploited AI to Frame a Principal with Fabricated Racist CommentsIn an unsettling turn of events, a high school athletic director in Maryland is accused of using artificial intelligence (AI) in a morally horrible manner.KNOWBE4.COM
26 AprSevere Flaws Disclosed in Brocade SANnav SAN Management SoftwareSeveral security vulnerabilities disclosed in Brocade SANnav storage area network (SAN) management application could be exploited to compromise susceptible appliances. The 18 flaws impact all versions up to and including 2.3.0, according to independe…THEHACKERNEWS.COM
26 AprAdvising The President On Cyber-Physical Resilience - Philip Venables - PSW #826On February 27, 2024, PCAST (President’s Council of Advisors on Science and Technology) sent a report to the President with recommendations to bolster the resilience and adaptability of the nation’s cyber-physical infrastructure resources. Phil was part of the team that worked on…YOUTUBE.COM
26 AprWhat We Don’t Know Will Hurt Us - Cheryl Biswas - BTS #26Cheryl is super passionate about supply chain security and visibility. Tune in to our discussion on how we can collectively get better at reducing the attack surface and working to fix the wide variety of digital supply chain issues we have today. This segment is sponsored by Ecl…YOUTUBE.COM
26 AprCyber Security Today, Week in Review for week ending Friday, April 26, 2024This episode features a discussion on the latest in the Change Healthcare ransomware attack, a vulnerability in an abandoned Apache open-source project, the next step in Canada's proposed critical infrastructure cybersecurity law and the future of TikTokCYBERSECURITYTODAY.LIBSYN.COM
26 AprSubdoMailing campaign: hijacking domains for spamming | Kaspersky official blogHow CNAME hijacking and SPF record exploitation are used in the SubdoMailing campaign to send spam from legitimate company domains.KASPERSKY.COM
26 AprFTC Finalizes Health Breach Notification Rule UpdateRegs Now Cover Wearables and Health Apps, Extend to More Types of Breaches The Federal Trade Commission has finalized changes to its Health Breach Notification Rule, expanding the type of technologies that apply to regulations pertaining to non-HIPAA-regulated entities. The rule …DATABREACHTODAY.CO.UK
26 AprMicrosoft Releases New-Open Source Tool for OT SecurityICSpector Is Now on GitHub, Scans PLCs, Extracts Info and Detects Malicious Code Microsoft has released a new open-source security tool to close gaps in threat analysis for industrial control systems and help address increased nation-state attacks on critical infrastructure. ICSp…DATABREACHTODAY.CO.UK
26 AprAccelerating incident response using generative AILambert Rosique and Jan Keller, Security Workflow Automation, and Diana Kramer, Alexandra Bowen and Andrew Cho, Privacy and Security Incident Response Introduction As security professionals, we're constantly looking for ways to reduce risk and improve our workflow's efficiency. W…SECURITY.GOOGLEBLOG.COM
📢 SECURITY ADVISORIES 2[−]
26 AprSupply Chain Threats and Regulations - BTS #25Paul and Allan will talk a little bit about Allan's background and current work at Eclypsium. Next, we'll cover some of the recent news and topics we've been discussing on our blog including Firewall and VPN appliance security struggles, Shim Shady, Glubteba and other malware tar…YOUTUBE.COM
🔥 INCIDENT REPORTING 8[−]
26 AprPiping Rock - 2,103,100 breached accountsIn April 2024, 2.1M email addresses from the online health products store Piping Rock were publicly posted to a popular hacking forum . The data also included names, phone numbers and physical addresses. The account posting the data had previously posted multiple other data breac…HAVEIBEENPWNED.COM
26 AprAutodesk Hosting PDF Files Used in Microsoft Phishing AttacksResearchers discovered a sophisticated phishing campaign that is using compromised email accounts and Autodesk's file sharing platform to steal Microsoft login credentials from victims.NETCRAFT.COM
26 Apr10 Critical Endpoint Security Tips You Should KnowIn today's digital world, where connectivity is rules all, endpoints serve as the gateway to a business’s digital kingdom. And because of this, endpoints are one of hackers' favorite targets. According to the IDC, 70% of successful breaches sta…THEHACKERNEWS.COM
26 AprIran Dupes US Military Contractors, Gov't Agencies in Cyber Campaignsubmitted by kid to cybersecurity 1 points | 0 comments https://www.darkreading.com/cyberattacks-data-breaches/iran-dupes-military-contractors-govt-agencies-cybercampaignDARKREADING.COM
26 AprIn Other News: China Hacked Volkswagen, DDoS Service Shutdown, Rubrik IPONoteworthy stories that might have slipped under the radar: Volkswagen hacked by Chinese threat group, DDoS service shut down, Rubrik IPO. The post In Other News: China Hacked Volkswagen, DDoS Service Shutdown, Rubrik IPO appeared first on SecurityWeek .SECURITYWEEK.COM
26 AprUS Justice Department Accuses Iranian Nationals of Launching Spear Phishing AttacksThe US Department of Justice has indicted four Iranian nationals for allegedly launching spear phishing attacks against the US government and defense contractors. In one instance, the hackers compromised over 200,000 employee accounts at a victim organization.KNOWBE4.COM
26 AprHealth Analytics Firm Reports Breach Affecting 1.1 MillionData Stolen via Breach of Reliable Networks - BerryDunn's Managed Service Provider A Maine consulting firm with a medical data analytics business must notify more than 1 million Americans that hackers stole their information from company servers. Which clients of Berry, Dunn, McN…DATABREACHTODAY.CO.UK
26 AprState AGs, Industry Groups Urge Action in Change Health SagaCalls for More Aid to Providers Come as Parent Company UHG Grapples With Breach Twenty-two state attorneys general and some industry groups are urging Change Healthcare's parent company and regulators to be transparent and give more financial aid to providers as the firm recovers…DATABREACHTODAY.CO.UK
🕵️ THREAT INTELLIGENCE 19[−]
26 AprISC Stormcast For Friday, April 26th, 2024 https://isc.sans.edu/podcastdetail/8956, (Fri, Apr 26th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
26 AprNew SSLoad Malware Combined With Tools Hijacking Entire Network DomainA new attack campaign has been discovered to be employed by the FROZEN#SHADOW, which utilized SSLoad malware for its operations and Cobalt Strike Implants to pivot and take over the entire network. In addition, the threat actors also used Remote Monitoring and management) softwar…GBHACKERS.COM
26 Apr13,142,840 DDoS Attacks Targeted Organization Around The GlobeDDoS attacks are a significant and growing risk that can overpower websites, crash servers, and block out authorized users with never-ending waves of offensive traffic. More than 13 million DDoS attacks were recorded in 2023 alone, which reveals the real danger of unmitigated att…GBHACKERS.COM
26 AprBlack Hat SEO Leveraged to Distribute Malwaresubmitted by kid to cybersecurity 1 points | 0 comments https://www.zscaler.com/blogs/security-research/black-hat-seo-leveraged-distribute-malwareZSCALER.COM
26 AprPasskeys: A Shattered Dreamsubmitted by thomask to cybersecurity 3 points | 0 comments https://fy.blackhats.net.au/blog/2024-04-26-passkeys-a-shattered-dream/FY.BLACKHATS.NET.AU
26 AprNorth Korea's Lazarus Group Deploys New Kaolin RAT via Fake Job LuresThe Lazarus Group's use of job offer lures to infiltrate targets is not new. Dubbed Operation Dream Job, the long-running campaign has a track record of using various social media and instant messaging platforms to deliver malware.THEHACKERNEWS.COM
26 AprYour KnowBe4 Fresh Content Updates from April 2024Check out the 33 new pieces of training content added in April, alongside the always fresh content update highlights, events and new features.KNOWBE4.COM
26 AprDarktrace to be Taken Private in $5.3 Billion Sale to Thoma BravoUK cybersecurity firm Darktace has agreed to sell itself to private equity giant Thoma Bravo for approximately $5.32 million in cash. The post Darktrace to be Taken Private in $5.3 Billion Sale to Thoma Bravo appeared first on SecurityWeek .SECURITYWEEK.COM
26 AprNext Week is World Password Day!May 2nd is World Password Day. Despite the computer industry telling us for decades that our passwords will soon be gone, we now have more than ever!KNOWBE4.COM
26 AprPowerful ‘Brokewell’ Android Trojan Allows Attackers to Takeover DevicesA new Android trojan named Brokewell can steal user’s sensitive information and allows attackers to take over devices. The post Powerful ‘Brokewell’ Android Trojan Allows Attackers to Takeover Devices appeared first on SecurityWeek .SECURITYWEEK.COM
26 AprSelf-Spreading PlugX USB Drive Malware Plagues Over 90k IP AddressesMore than 90,000 unique IPs are still infected with a PlugX worm variant that spreads via infected flash drives. The post Self-Spreading PlugX USB Drive Malware Plagues Over 90k IP Addresses appeared first on SecurityWeek .SECURITYWEEK.COM
26 AprThoma Bravo to Buy Cybersecurity AI Firm Darktrace for $5.3BPE Firm Tried to Take Darktrace Private in Summer 2022, But Couldn't Agree on Terms Private equity giant Thoma Bravo agreed to buy Darktrace for $5.32 billion just 19 months after deal talks between the two sides fell apart. The take-private deal would accelerate Darktrace's orga…DATABREACHTODAY.CO.UK
26 AprYour TV Is Scanning You - PSW #826This week the crew discusses: When TVs scan your network, bad things can happen, PuTTY is vulnerable, Crush FTP, vulnerabilities that will never be fixed, CVEs are for vulnerabilities silly, you can test for easily guessable passwords too, FlipperZero can steal all your passwords…YOUTUBE.COM
26 AprNullcon Berlin 2024 - 6 talkssubmitted by ashar to security_cpe 1 points | 0 comments https://infosec.pub/pictrs/image/a3c9bbcd-cabd-4903-9c63-37523b51266e.png Nullcon Berlin 2024 schedule Nullcon Berlin 2024 playlistINFOSEC.PUB
26 AprStrengthening Asset Management, Security in Rail TransportCISO Tom Remberg on Enhancing Rail Passenger Experience While Beefing Up Security As railways embrace digital transformation, the industry faces unique security challenges. Tom Remberg, CISO of Bane Nor, the agency responsible for Norway’s railway infrastructure, shared strategie…DATABREACHTODAY.CO.UK
26 AprTech Titans, AI Leaders Join New Federal AI Security BoardHeads of OpenAI, Microsoft, Alphabet Join Inaugural AI Safety and Security Board The heads of technology giants Alphabet and Microsoft and leading artificial intelligence firm OpenAI are joining a federal AI safety and security board aimed at securing U.S. critical infrastructure…DATABREACHTODAY.CO.UK
26 AprFriday Squid Blogging: Searching for the Colossal SquidA cruise ship is searching for the colossal squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here .SCHNEIER.COM
26 AprRubrik Execs on How Going Public Will Drive More InnovationWhy Cyber's First IPO Since 2021 Will Fuel Growth, Foster Customer Relationships After Rubrik became the first cybersecurity IPO since September 2021, company co-founder and CTO Arvind Nithrakashyap and CPO Anneka Gupta said Rubrik remain focused on cyber resilience, with investm…DATABREACHTODAY.CO.UK
26 AprCybersecurity PlatformizationPlatformization presents an opportunity to modernize and simplify security by doing a review of all cybersecurity tools and looking for ways to consolidate. The post Cybersecurity Platformization appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
🌐 CYBER THREAT LANDSCAPE 8[−]
26 AprResearchers Sinkhole PlugX Malware Server With 2.5 Million Unique IPsResearchers have sinkholed a command and control server for a variant of the PlugX malware and observed in six months more than 2.5 million connections from unique IP addresses.BLEEPINGCOMPUTER.COM
26 AprNew 'Brokewell' Android Malware Spread Through Fake Browser UpdatesFake browser updates are being used to push a previously undocumented Android malware called Brokewell. "Brokewell is a typical modern banking malware equipped with both data-stealing and remote-control capabilities built into the malware," Dutch security firm Thre…THEHACKERNEWS.COM
26 AprNew Brokewell Malware Takes Over Android Devices, Steals DataThe malware is delivered through a fake Google Chrome update that is shown while using the web browser. Brokewell is under active development and features a mix of extensive device takeover and remote control capabilities.BLEEPINGCOMPUTER.COM
26 AprFake job interviews target developers with new Python backdoorA new campaign tracked as "Dev Popper" is targeting software developers with fake job interviews in an attempt to trick them into installing a Python remote access trojan (RAT). [...]BLEEPINGCOMPUTER.COM
26 AprDespite complaints, Apple hasn’t yet removed an obviously fake app pretending to be RockAutoApple’s App Store isn’t always as trustworthy as the company claims. The latest example comes from RockAuto, an auto parts dealer popular with home mechanics and other DIYers, which is upset that a fake app masquerading as its official app has not been removed from th…TECHCRUNCH.COM
26 AprMalware campaign attempts abuse of defender binariesCommand-and-control wares try to sneak onto systems disguised as various vendors; payloads vary, but Sophos customers are protectedSOPHOS.COM
🎙️ PODCASTS 2[−]
26 AprTransatlantic Cable podcast episode 344 | Kaspersky official blogEpisode 344 of the Kaspersky podcast looks at Meta AI blunders, Grinder in the docks & do 5 year olds’ need mobile phones?KASPERSKY.COM
26 AprCyber Security Today, April 26, 2024 - Patch warnings for Cisco ASA gateways and a WordPress pluginThis episode reports on the malicious plugin worm that refuses to die, and moreCYBERSECURITYTODAY.LIBSYN.COM
📡 INFOSEC NEWS 11[−]
26 AprThreatLocker Raises $115M in Series D FundingThe round was led by existing investor General Atlantic, with participation from other major investors StepStone Group and the D. E. Shaw group. The company intends to use the funds to drive product innovation and accelerate its global expansion.FINSMES.COM
26 AprThoma Bravo to take UK cybersecurity company Darktrace private in $5B dealDarktrace is set to go private in a deal that values the U.K.-based cybersecurity giant at around $5 billion. A newly-formed entity called Luke Bidco Ltd, formed by private equity giant Thoma Bravo, has tabled an all-cash bid of £6.20 ($7.75) per share, which represents a 44% pre…TECHCRUNCH.COM
26 AprLive Webinar | Navigating the Future of Information Security: Insights and StrategiesDATABREACHTODAY.CO.UK
26 AprLive Webinar | How is AI Shaping the 3 Pillars of Cybersecurity in Europe?DATABREACHTODAY.CO.UK
26 AprMillions Of IPs Remain Infected By USB Worm Years After Its Creators Left It For DeadPACKETSTORMSECURITY.COM
26 AprTelegram is down with "Connecting" errorTelegram users are currently experiencing issues worldwide, with users unable to use the website and mobile apps. [...]BLEEPINGCOMPUTER.COM
26 AprShowcasing Artwork by Max for Autism Awareness MonthNew pop-up art display honors Autism Awareness Month at Sophos UK.SOPHOS.COM
26 AprMajor phishing-as-a-service platform disrupted – Week in security with Tony AnscombeThe investigation uncovered at least 40,000 phishing domains that were linked to LabHost and tricked victims into handing over their sensitive detailsWELIVESECURITY.COM