94Articles
8Categories
2024-04-29Date
🐛 COMMON VULNERABILITIES AND EXPOSURES 3[−]
29 AprPalo Alto Updates Remediation for Max-Critical Firewall BugThe vulnerability, tracked as CVE-2024-3400, has a CVSS score of 10 out of 10, and can allow an unauthenticated threat actor to execute arbitrary code with root privileges on the firewall device, according to the update.DARKREADING.COM
29 AprPoC Exploit Released For Windows Kernel EoP VulnerabilityMicrosoft released multiple product security patches on their April 2024 Patch Tuesday updates. One of the vulnerabilities addressed was CVE-2024-26218, associated with the Windows Kernel Privilege Escalation vulnerability, which had a severity of 7.8 (High). This vulnerability r…GBHACKERS.COM
29 AprNew R Programming Vulnerability Exposes Projects to Supply Chain AttacksA security vulnerability has been discovered in the R programming language that could be exploited by a threat actor to create a malicious RDS (R Data Serialization) file such that it results in code execution when loaded and referenced. The flaw, assigned the CVE ident…THEHACKERNEWS.COM
⚠️ VULNERABILITY DISCLOSURE 15[−]
29 AprAndroid Malware Brokewell With Complete Device Takeover CapabilitiesA new family of mobile malware known as “Brokewell” has been found to have a wide range of device takeover capabilities.  This seriously threatens the banking sector by giving attackers remote access to all the resources made available via mobile banking. New ins…GBHACKERS.COM
29 AprNavigating personal liability: post data-breach recommendations for CISOsThe key to minimize personal liability for CSOs and CISOs after a data breach is to act responsibly and reasonably. The current state of the law is that those involved in an organization that is threatened or affected by a data breach are expected to react reasonably under the ci…CSOONLINE.COM
29 AprFinding the perfect match: What CISOs should ask before saying ‘yes’ to a jobWhen people go through the recruitment process for a new job, it’s common to forget it’s a two-way street. Not only is it an opportunity for a company to figure out whether they should hire a candidate, but it’s also a chance for the individual applying for the role to work out i…CSOONLINE.COM
29 AprLSA Whisperer: Open-source tools for interacting with authentication packagesThe tool allows users to directly recover multiple types of credentials from the LSASS without accessing its memory. This includes recovering Kerberos tickets, SSO cookies, DPAPI credential keys, and NTLMv1 responses.HELPNETSECURITY.COM
29 AprSandbox Escape Vulnerabilities in Judge0 Expose Systems to Complete TakeoverMultiple critical security flaws have been disclosed in the Judge0 open-source online code execution system that could be exploited to obtain code execution on the target system. The three flaws, all critical in nature, allow an "adversary with …THEHACKERNEWS.COM
29 AprUK’s revamped surveillance rules become law despite industry oppositionThe UK’s Investigatory Powers (Amendment) Act (IPAA) received royal assent on Friday, making it law and broadening the government’s ability to collect bulk communications data. The Act raises concerns about potential mass surveillance and violations of individual privacy as it we…CSOONLINE.COM
29 AprMore Than 800 Vulnerabilities Resolved Through CISA Ransomware Notification PilotThe Ransomware Vulnerability Warning Pilot was unveiled in January 2023 as a program designed to “identify organizations with internet-accessible vulnerabilities commonly associated with known ransomware actors.”THERECORD.MEDIA
29 AprGrafana Tool Vulnerability Let Attackers Inject SQL QueriesThe popular open-source platform Grafana, widely used for monitoring and observability, has been found to contain a severe SQL injection vulnerability. This flaw allows attackers with valid user credentials to execute arbitrary SQL commands, potentially leading to data leakage an…GBHACKERS.COM
29 AprD-Link NAS Device Backdoor Abused, (Mon, Apr 29th)End of March, NetworkSecurityFish disclosed a vulnerability in various D-Link NAS devices [1]. The vulnerability allows access to the device using the user "messagebus" without credentials. The sample URL used by the PoC was: ISC.SANS.EDU
29 AprIs your hybrid/multicloud strategy putting your organization at risk?When an organization’s assets span multiple public – and private – clouds, it can be exceedingly difficult to achieve consistency with how workloads are deployed and managed and how policies are enforced in different clouds. For example, each cloud may have different concepts and…CSOONLINE.COM
29 AprMarriott admits it falsely claimed for five years it was using encryption during 2018 breachFor more than five years, Marriott has defended a massive 2018 data breach by arguing that its encryption level (AES-128) was so strong that the case against it should be dismissed. But attorneys for the hotel chain admitted in an April 10 hearing that it had never used AES-128 d…CSOONLINE.COM
29 AprSecure by Design: UK Enforces IoT Device Cybersecurity RulesLaw Bans Universal Default Passwords; Requires Bug-Reporting Channels, Update Plan Say goodbye to buying internet of things devices in Britain with a default or hardcoded password set to "12345," as the country has banned manufacturers from shipping internet-connected and network…DATABREACHTODAY.CO.UK
29 AprWant to drive more secure GenAI? Try automating your red teamingAlthough 55% of organizations are currently piloting or using a generative AI (GenAI) solution, securely deploying the technology remains a significant focus for cyber leaders. A recent ISMG poll of business and cybersecurity professionals revealed that some of the top concerns a…CSOONLINE.COM
29 AprMeet Silver SAML: Golden SAML in the Cloud - Eric Woodruff - BSW #348A hybrid workforce requires hybrid identity protection. But what are the threats facing a hybrid workforce? As identity becomes the new perimeter, we need to understand the attacks that can allow attackers access to our applications. Eric Woodruff, Product Technical Specialist at…YOUTUBE.COM
29 AprHow we fought bad apps and bad actors in 2023Posted by Steve Kafka and Khawaja Shams (Android Security and Privacy Team), and Mohet Saxena (Play Trust and Safety) A safe and trusted Google Play experience is our top priority. We leverage our SAFE (see below) principles to provide the framework to create that experience for …SECURITY.GOOGLEBLOG.COM
📋 SECURITY BULLETINS 1[−]
29 AprNo more 12345: devices with weak passwords to be banned in UKsubmitted by hellfire103 to cybersecurity 1 points | 1 comments https://www.theguardian.com/technology/2024/apr/29/devices-with-weak-passwords-to-be-banned-uk cross-posted from: feddit.uk/post/11130497 Tech that comes with weak passwords such as “admin” or “12345” will be banned …THEGUARDIAN.COM
📢 SECURITY ADVISORIES 11[−]
29 AprKnow-Your-Customer Executive Order Facing Stiff Opposition From Cloud IndustryA controversial executive order that would require U.S. cloud companies to closely monitor the identities of their customers will move one step closer to the finish line next week amid opposition from the industry.THERECORD.MEDIA
29 AprYour KnowBe4 Compliance Plus Fresh Content Updates from April 2024Check out the April updates in Compliance Plus so you can stay on top of featured compliance training content.KNOWBE4.COM
29 AprCISA Rolls Out New Guidelines to Mitigate AI Risks to US Critical InfrastructureNew CISA guidelines categorize AI risks into three significant types and pushes a four-part mitigation strategy. The post CISA Rolls Out New Guidelines to Mitigate AI Risks to US Critical Infrastructure appeared first on SecurityWeek .SECURITYWEEK.COM
29 AprFrench Government Bids on Atos' Cyber and Computing AssetsAtos Received a Letter of Intent From French Finance Minister Bruno Le Maire The French government could acquire a loss-making cybersecurity unit and other critical assets of Paris IT consultancy firm Atos after previous bids by competing firms fell through. Atos employs about 4,…DATABREACHTODAY.CO.UK
29 AprNew Regulations Pose Compliance ChallengesHow to Navigate New SEC Rules The new SEC rules, which took effect in late 2023, introduce mandatory cyber-incident reporting requirements for all U.S.-listed companies.DATABREACHTODAY.CO.UK
🔥 INCIDENT REPORTING 10[−]
29 AprOkta Warns of Credential Stuffing Attacks Using Proxy ServicesOkta has issued a warning about the increasing prevalence of credential-stuffing attacks. These attacks, which leverage stolen user credentials to gain unauthorized access to accounts, are facilitated by the widespread use of residential proxy services. This alarming trend unders…GBHACKERS.COM
29 AprKageNoHitobito Ransomware Attacking Windows Users Around the GlobeA new ransomware named KageNoHitobito has been targeting Windows users across various countries. It encrypts their data and demands a ransom through sophisticated means. This article delves into the mechanics of the KageNoHitobito ransomware and its attack methodology and provide…GBHACKERS.COM
29 AprChinese Botnet As-A-Service Bypasses Cloudflare & Other DDoS Protection ServicesA large botnet-as-a-service network originating from China was discovered, which comprises numerous domains, over 20 active Telegram groups, and utilizes other domestic communication channels.  The infrastructure that supports this botnet, located in China, raises concerns a…GBHACKERS.COM
29 AprCyber Security Today, April 29, 2024 - Credential stuffing attacks are hitting firms using Okta ID management solutions, and moreThis episode reports on a job scam aimed at app developers, the latest data breach notifications and moreCYBERSECURITYTODAY.LIBSYN.COM
29 AprCollection Agency FBCS Says Data Breach Exposed Nearly 2 million PeopleFinancial Business and Consumer Solutions (FBCS) says compromised information may include names, dates of birth, Social Security numbers, and account information. The post Collection Agency FBCS Says Data Breach Exposed Nearly 2 million People appeared first on SecurityWeek .SECURITYWEEK.COM
29 AprHackers Tool 29 Days from Initial Hack to Sabotage Ransomware AttackCybersecurity experts have meticulously traced the timeline of a sophisticated ransomware attack that spanned 29 days from the initial breach to the deployment of Dagon Locker ransomware. This case study not only illuminates cybercriminals’ efficiency and persistence but al…GBHACKERS.COM
29 AprCollection agency FBCS warns data breach impacts 1.9 million peopleFinancial Business and Consumer Solutions (FBCS) is warning 1,955,385 impacted individuals in the United States that the company suffered a data breach after discovering unauthorized access to specific systems in its network. [...]BLEEPINGCOMPUTER.COM
29 AprKaiser Permanente Data Breach Impacts 13.4 Million PatientsUS healthcare giant is warning millions of current and former patients that their personal information was exposed to third-party advertisers. The post Kaiser Permanente Data Breach Impacts 13.4 Million Patients appeared first on SecurityWeek .SECURITYWEEK.COM
29 AprLondon Drugs pharmacy chain closes stores after cyberattack​Canadian pharmacy chain London Drugs has closed all its retail stores to contain what it described as a "cybersecurity incident." [...]BLEEPINGCOMPUTER.COM
29 AprWhy Many Healthcare Sector Entities End Up Paying RansomsWhile most healthcare sector organizations hit with ransomware attacks never imagine giving in to extortion demands, the pressures they face in dealing with the crisis often push about half of them to pay, said attorney Lynn Sessions of BakerHostetler, speaking about the firm's h…DATABREACHTODAY.CO.UK
🕵️ THREAT INTELLIGENCE 25[−]
29 AprISC Stormcast For Monday, April 29th, 2024 https://isc.sans.edu/podcastdetail/8958, (Mon, Apr 29th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
29 Apr2024 CSO30 ASEAN Awards: Call for nominationsCSO ASEAN is proud to launch the fourth edition of the CSO30 ASEAN Awards in 2024 – recognising the top 30 cybersecurity executives driving innovation, strengthening resilience, and influencing industry change. In 2024, CSO30 ASEAN nominees will be judged based on the core pillar…CSOONLINE.COM
29 AprFileless .NET Based Code Injection Attack Delivers AgentTesla MalwareA recent malware campaign used a VBA macro in a Word document to download and execute a 64-bit Rust binary. This binary employs fileless injection techniques to load a malicious AgentTesla payload into its memory space. The malware leverages CLR hosting, a mechanism for native pr…GBHACKERS.COM
29 Apr1,200+ Vulnerabilities Detected In Microsoft Products In 2023Hackers often focus on flaws in Microsoft products since they are commonly employed in various institutions and personal computers, which means they have a bigger area to attack. This is because these systems could be used as an entry point into sensitive information, letting att…GBHACKERS.COM
29 AprWhale Song CodeDuring the Cold War, the US Navy tried to make a secret code out of whale song. The basic plan was to develop coded messages from recordings of whales, dolphins, sea lions, and seals. The submarine would broadcast the noises and a computer—the Combo Signal Recognizer (CSR)&…SCHNEIER.COM
29 AprSophos Endpoint: Adaptive Attack Protection Gets Even BetterSophos continues to deliver the strongest endpoint protection in the industry.SOPHOS.COM
29 AprOkta Warns of Credential Stuffing Attacks Using Tor, Residential ProxiesOkta warned of a spike in credential stuffing attacks using anonymizing services such as Tor, DataImpulse, Luminati, and NSocks. The post Okta Warns of Credential Stuffing Attacks Using Tor, Residential Proxies appeared first on SecurityWeek .SECURITYWEEK.COM
29 AprMentorship Monday - Discussions for career and learning!submitted by shellsharks to cybersecurity 3 points | 0 comments Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? …INFOSEC.PUB
29 AprBritish Intelligence Moves to Protect Research Universities From EspionageThe head of Britain’s domestic intelligence agency warned the country’s leading research universities on Thursday that foreign states are targeting their institutions and imperiling national security.THERECORD.MEDIA
29 AprAre Enterprises Overconfident About Cybersecurity Readiness?Cisco Cybersecurity Readiness Index Shows Only 3% of Companies Are Cyber Resilient Cisco's 2024 Cybersecurity Readiness Index showed a concerning gap - while 80% of organizations felt confident in their cybersecurity readiness, only 3% had a "Mature" level of readiness. This sugg…DATABREACHTODAY.CO.UK
29 AprBeyond the Buzz: Rethinking Alcohol as a Cybersecurity Bonding RitualJennifer Leggio makes the case for more alcohol-free networking events at conferences, and community-building opportunities for sober individuals working in cybersecurity. The post Beyond the Buzz: Rethinking Alcohol as a Cybersecurity Bonding Ritual appeared first on SecurityWee…SECURITYWEEK.COM
29 AprHoneywell: USB Malware Attacks on Industrial Orgs Becoming More SophisticatedAn analysis conducted by Honeywell shows that much of the USB-borne malware targeting industrial organizations can still cause OT disruption. The post Honeywell: USB Malware Attacks on Industrial Orgs Becoming More Sophisticated appeared first on SecurityWeek .SECURITYWEEK.COM
29 AprChina-Linked 'Muddling Meerkat' Hijacks DNS to Map Internet on Global ScaleA previously undocumented cyber threat dubbed Muddling Meerkat has been observed undertaking sophisticated domain name system (DNS) activities in a likely effort to evade security measures and conduct reconnaissance of networks across the world&…THEHACKERNEWS.COM
29 AprShould Cybersecurity Leadership Finally be Professionalized?The majority opinion is that a cybersecurity professional body is long overdue and would benefit cybersecurity and cybersecurity practitioners. The post Should Cybersecurity Leadership Finally be Professionalized? appeared first on SecurityWeek .SECURITYWEEK.COM
29 AprHow the Enterprise Browser Has Reshaped the Modern WorkplaceIsland CEO Mike Fey on How Enterprise Browsers Streamline Operations, Fuel Security Island co-founder and CEO Mike Fey discusses how enterprise browsers facilitate efficient business processes through cloud integrations, safeguard sensitive data effectively and deliver a user exp…DATABREACHTODAY.CO.UK
29 AprGoogle Says it Blocked 2.28 Million Apps from Google Play StoreIn 2023, Google said it blocked 2.28 million bad applications from being published on Google Play and banned 333,000 developer accounts. The post Google Says it Blocked 2.28 Million Apps from Google Play Store appeared first on SecurityWeek .SECURITYWEEK.COM
29 AprHow TikTok Grew From a Fun App for Teens Into a Potential National Security ThreatHistory of TikTok and how it many view it as a national security threat. The post How TikTok Grew From a Fun App for Teens Into a Potential National Security Threat appeared first on SecurityWeek .SECURITYWEEK.COM
29 AprTargeted Smishing Attacks by Threat Group “The Com” On The RiseCyber activity by the group "The Com," which leverages (SIM) swapping, cryptocurrency theft, swatting, and corporate intrusions, is increasing.KNOWBE4.COM
29 AprThe Art of Huh?One of the best things you can teach yourself, your family, and your organization is how to recognize the common signs of phishing and how to mitigate and appropriately report it.KNOWBE4.COM
29 AprPhishing Campaigns Spoof the U.S. Postal ServiceResearchers at Akamai have found that phishing sites impersonating the U.S. Postal Service get as much traffic as the real USPS website.KNOWBE4.COM
29 AprHas ethernet become illegitimate? A librarian flipped out after spotting me using ethernetsubmitted by coffeeClean to cybersecurity 8 points | 1 comments I plugged into ethernet (as wifi w/captive portal does not work for me). I think clearnet worked but I have no interest in that. Egress Tor traffic was blocked and so was VPN. I’m not interested in editing all my scr…INFOSEC.PUB
29 AprPyongyang Hackers Deploy Backdoors Via Fake Job InterviewsNorth Korean Prediliction for Elaborate Social Engineering Attacks Strikes Again Likely North Korean threat actors are using fake job interviews to trick software developers into downloading disguised Python backdoors as part of an ongoing espionage campaign. Pyongyang hackers ha…DATABREACHTODAY.CO.UK
29 AprBoard's Pivotal Role in Cybersecurity as CISO-CEO Communication Gaps Continue - BSW #348In the leadership and communications section, The Board's Pivotal Role in Steering Cybersecurity, CISO-CEO communication gaps continue to undermine cybersecurity, The Essence of Integrity in Leadership: A Pillar of Trust and Excellence, and more! Visit https://www.securityweekly.…YOUTUBE.COM
29 AprFCC Fines US Cell Carriers $200M for Selling Location DataCommission Approves Long-Anticipated Fines for Verizon, T-Mobile, AT&T and Sprint The Federal Communications Commission announced Monday that it is slapping the leading U.S. cellular providers with nearly $200 million in fines for selling customers' location data to third par…DATABREACHTODAY.CO.UK
29 AprForescout CEO on Navigating OT, IoT Threats in CybersecurityBarry Mainz Discusses Asset Visibility, Security and Risk Management Outside IT Forescout CEO Barry Mainz highlights the growing risks associated with OT and IoT devices and how cybersecurity strategies must evolve to address these challenges. He emphasizes the need for visibilit…DATABREACHTODAY.CO.UK
🌐 CYBER THREAT LANDSCAPE 5[−]
29 AprJapanese police create fake support scam payment cards to warn victimsThe cards are labeled "Virus Trojan Horse Removal Payment Card" and "Unpaid Bill Late Fee Payment Card," and were created by the Echizen Police in the Fukui prefecture in Japan as an alert mechanism.BLEEPINGCOMPUTER.COM
29 AprMost People Still Rely on Memory or Pen and Paper for Password ManagementA Bitwarden survey showed that 25% of respondents globally reuse passwords across 11-20+ accounts, and 36% admit to using personal information in their credentials publicly accessible on social media (60%) platforms and online forums (30%).HELPNETSECURITY.COM
29 AprDHS Announces AI Safety Board with OpenAI Founder, CEOs of Microsoft, Nvidia, IBMMembers will include representatives of tech companies, critical infrastructure entities, academia, and government agencies, as well as “leaders in the civil rights, civil liberties, and privacy communities,” DHS Secretary Alejandro Mayorkas said.THERECORD.MEDIA
29 AprNavigating the Threat Landscape: Understanding Exposure Management, Pentesting, Red Teaming and RBVMIt comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to meet this non-stop …THEHACKERNEWS.COM
29 AprGoogle Prevented 2.28 Million Malicious Apps from Reaching Play Store in 2023Google on Monday revealed that almost 200,000 app submissions to its Play Store for Android were either rejected or remediated to address issues with access to sensitive data such as location or SMS messages over the past year. The tech giant also said it blocked 333,000 bad acco…THEHACKERNEWS.COM
📡 INFOSEC NEWS 24[−]
29 AprUS Post Office Phishing Sites Get as Much Traffic as the Real OneSecurity researchers analyzing phishing campaigns that target United States Postal Service (USPS) saw that the traffic to the fake domains is typically similar to what the legitimate site records and it is even higher during holidays.BLEEPINGCOMPUTER.COM
29 AprAnalysis of Native Process CLR Hosting Used by AgentTeslaThe initial infection vector is a Word document that downloads and executes a 64-bit Rust-compiled binary. This binary then downloads an encoded shellcode containing the AgentTesla payload.SONICWALL.COM
29 AprOkta Warns of Unprecedented Scale in Credential Stuffing Attacks on Online ServicesThe attacks recently observed by Okta route requests through anonymizing services like TOR and residential proxies such as NSOCKS, Luminati, and DataImpulse. The experts noticed that millions of requests have been routed through these services.SECURITYAFFAIRS.COM
29 AprGlobal Transparency Initiative update, April 2024 | Kaspersky official blogExpanding Global Transparency Initiative by opening Istanbul Transparency Center and launching a Transparency Lab together with Boğaziçi UniversityKASPERSKY.COM
29 AprReport: 73% of SME Security Professionals Missed or Ignored Critical AlertsIT staff at SMEs is overwhelmed by the complexity and demands of managing multiple tools in their security stack, leading them to miss critical severity events and weaken their company’s security posture, according to Coro.HELPNETSECURITY.COM
29 AprDDoS Attacks Continue, Post-Election, Against Russian Independent Media Site MeduzaIn April, Meduza faced two large-scale distributed denial-of-service (DDoS) attacks, prompting it to reach out to Qurium to investigate their origin and composition, the researchers said.THERECORD.MEDIA
29 AprHowlerCYBER.GC.CA
29 AprTen Years Of Heartbleed: Lessons LearnedPACKETSTORMSECURITY.COM
29 AprMicrosoft fixes bug behind incorrect BitLocker encryption errorsMicrosoft has fixed a known issue causing incorrect BitLocker drive encryption errors in some managed Windows environments. [...]BLEEPINGCOMPUTER.COM
29 AprGoogle rejected 2.28 million risky Android apps from Play store in 2023Google blocked 2.28 million Android apps from being published on Google Play after finding various policy violations that could threaten user's security. [...]BLEEPINGCOMPUTER.COM
29 AprCareer Spotlight: Growing Need for Technology Legal AnalystsHigh Demand for Experts Who Know Law Plus AI, Blockchain and Internet of Things Advancements in AI, blockchain and the internet of things have caused the demand for professionals who have expertise in those fields as well as in law to skyrocket. There simply are not enough expert…DATABREACHTODAY.CO.UK
29 AprFBI warns of fake verification schemes targeting dating app usersThe FBI is warning of fake verification schemes promoted by fraudsters on online dating platforms that lead to costly recurring subscription charges. [...]BLEEPINGCOMPUTER.COM
29 AprFCC fines carriers $200 million for illegally sharing user location​The Federal Communications Commission (FCC) has fined the largest U.S. wireless carriers almost $200 million for sharing their customers' real-time location data without their consent. [...]BLEEPINGCOMPUTER.COM
29 AprMuddling Meerkat hackers manipulate DNS using China’s Great FirewallA new cluster of activity tracked as "Muddling Meerkat" is believed to be linked to a Chinese state-sponsored threat actor's manipulation of DNS to probe networks globally since October 2019, with a spike in activity observed in September 2023. [...]BLEEPINGCOMPUTER.COM
29 AprFCC Fines Major U.S. Wireless Carriers for Selling Customer Location DataThe U.S. Federal Communications Commission (FCC) today levied fines totaling nearly $200 million against the four major carriers -- including AT&T, Sprint, T-Mobile and Verizon -- for illegally sharing access to customers' location information without consent.KREBSONSECURITY.COM
29 AprWhy space exploration is important for Earth and its future: Q&A with David EicherWe caught up with Astronomy magazine editor-in-chief David Eicher to talk about key challenges facing our planet, the benefits of space exploration, and the possibility of life beyond EarthWELIVESECURITY.COM