82Articles
10Categories
2024-05-01Date
🚨 CISA KEV 1[−]
1 May KEVCISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its  Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2023-7028 Microsoft SmartScreen Prompt Security Feature Bypass Vulnerability These types of vulnerabilities are frequent attack vectors for ma…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 4[−]
1 MayProgramming Language R Patches Code Execution Security FlawThe vulnerability, tagged CVE-2024-27322, can be exploited by tricking someone into loading a maliciously crafted RDS (R Data Serialization) file into an R-based project, or by fooling them into integrating a poisoned R package into a code base.THEREGISTER.COM
1 May3 Windows vulnerabilities that may not be worth patchingIt’s getting ever harder to keep a network safe and secure from attacks, whether cloud-based, hybrid, or on-premises. Bad actors are employing a dizzying variety of methods, from social engineering to attacking edge devices, to gain a foothold in our networks. Security teams are …CSOONLINE.COM
1 MayCERT/CC Reports R Programming Language VulnerabilityCERT Coordination Center (CERT/CC) has released information on a vulnerability in R programming language implementations ( CVE-2024-27322 ). A cyber threat actor could exploit this vulnerability to take control of an affected system. Users and administrators are encouraged to rev…CISA.GOV
1 May“Dirty stream” attack: Discovering and mitigating a common vulnerability pattern in Android appsMicrosoft discovered a vulnerability pattern in multiple popular Android applications that could enable a malicious application to overwrite files in the vulnerable application’s internal data storage directory, which could lead to arbitrary code execution and token theft, among …MICROSOFT.COM
⚠️ VULNERABILITY DISCLOSURE 18[−]
1 MayCyber Security Today, May 1, 2024 - Data may have been stolen in London Drugs cyber attack, Congressional testimony today by UnitedHealth CEO on ransomware attack, and moreThis episode reports on a vulnerability in the R programming language, fines against large American wireless carriers, and moreCYBERSECURITYTODAY.LIBSYN.COM
1 MayVerizon Breach Report: Vulnerability Hacks Tripled in 2023Data Breach Report Lead Author Alex Pinto Discusses Top Findings, Best Practices Verizon's 17th annual 2024 Data Breach Investigations Report highlights a troubling trend: The exploitation of vulnerabilities in the wild has tripled, primarily due to ransomware actors targeting ze…DATABREACHTODAY.CO.UK
1 MayPatched Deserialization Flaw in Siemens Product Allows RCEResearchers detailed a deserialization vulnerability in Siemens software used to monitor industrial energy consumption and attributed the flaw to the German conglomerate's decision to use a programming method that has known security risks.HEALTHCAREINFOSECURITY.COM
1 MayMillions of Malicious “Imageless” Docker Hub Repositories Drop MalwareIn a startling revelation, nearly 20% of Docker Hub repositories have been identified as conduits for malware and phishing scams, underscoring the sophisticated tactics employed by cybercriminals to exploit the platform’s credibility. The investigation unveiled that attacke…GBHACKERS.COM
1 MayAttackers Leverage Sidecar Container Injection Technique To Stay StealthyKubernetes (K8s) is an open-source container orchestration platform designed to automate application container deployment, scaling, and running. Containers are isolated software packages that are lightweight and contain everything required for running an app.  In Kubernetes,…GBHACKERS.COM
1 MayRouter Roulette: Cybercriminals and Nation-States Sharing Compromised NetworksThis blog entry aims to highlight the dangers of internet-facing routers and elaborate on Pawn Storm's exploitation of EdgeRouters, complementing the FBI's advisory from February 27, 2024.TRENDMICRO.COM
1 May5 key takeways from Verizon’s 2024 Data Breach Investigations ReportCyber criminals are deploying new and innovative lines of attacks along with variations on tried-and-true methods that remain successful, Verizon’s 2024 Data Breach Investigations Report has found. The report, now in its 17th year, analyzed more than 30,000 real-world security in…CSOONLINE.COM
1 MayTake A Tour! NIST Cybersecurity Framework 2.0: Small Business Quick Start GuideThe U.S. Small Business Administration is celebrating National Small Business Week from April 28 - May 4, 2024. This week recognizes and celebrates the small business community’s significant contributions to the nation. Organizations across the country participate by hosting in-p…NIST.GOV
1 MayMachine Identity Firm Venafi Readies for the 90-day Certificate LifecycleVenafi introduced a 90-Day TLS Readiness solution to help enterprises prepare for Google’s proposed 90-day limit for the lifecycle of a digital certificate. The post Machine Identity Firm Venafi Readies for the 90-day Certificate Lifecycle appeared first on SecurityWeek .SECURITYWEEK.COM
1 MayGoogle Boosts Bug Bounty Payouts Tenfold in Mobile App Security PushResearchers can earn as much as $450,000 for a single vulnerability report as Google boosts its mobile vulnerability rewards program. The post Google Boosts Bug Bounty Payouts Tenfold in Mobile App Security Push appeared first on SecurityWeek .SECURITYWEEK.COM
1 May KEVCISA says GitLab account takeover bug is actively exploited in attacks​CISA warned today that attackers are actively exploiting a maximum-severity GitLab vulnerability that allows them to take over accounts via password resets. [...]BLEEPINGCOMPUTER.COM
1 MayCISA and Partners Release Fact Sheet on Defending OT Operations Against Ongoing Pro-Russia Hacktivist ActivityToday, CISA, in collaboration with U.S. and international partners, published a joint fact sheet, Defending OT Operations Against Ongoing Pro-Russia Hacktivist Activity . This fact sheet provides information and mitigations associated with cyber operations conducted by pro-Russia…CISA.GOV
1 MayPanda Restaurants discloses data breach after corporate systems hackPanda Restaurant Group, the parent company of Panda Express, Panda Inn, and Hibachi-San, disclosed a data breach after attackers compromised its corporate systems in March and stole the personal information of an undisclosed number of individuals. [...]BLEEPINGCOMPUTER.COM
1 MayNIST publishes new guides on AI risk for developers and CISOsThe US National Institute of Standards and Technology (NIST) this week published four guides designed to give AI developers and cybersecurity professionals a deeper dive on the risks addressed by the organization’s influential 2023 “ AI Risk Management Framework ” (AI RMF). Issue…CSOONLINE.COM
1 MayGitLab Hackers Use 'Forgot Your Password' to Hijack AccountsUS CISA Orders Federal Agencies to Apply January Patch The U.S. federal government's cybersecurity agency warned that hackers are exploiting a vulnerability in DevOps platform GitLab that was patched in January. The vulnerability allows hackers to use the "forgot your password" f…DATABREACHTODAY.CO.UK
1 MayVerizon DBIR: Cyber Defenders Are Facing Exploit FatigueExperts Warn That Human Failures Have Led to Surge in Successful Zero-Day Exploits Verizon executives warned that cyber defenders are struggling with fatigue amid a surge in cyberattacks targeting zero-day exploits and other vulnerabilities. It takes most enterprises nearly 55 da…DATABREACHTODAY.CO.UK
1 MayHPE Aruba Networking fixes four critical RCE flaws in ArubaOSHPE Aruba Networking has issued its April 2024 security advisory detailing critical remote code execution (RCE) vulnerabilities impacting multiple versions of ArubaOS, its proprietary network operating system. [...]BLEEPINGCOMPUTER.COM
1 MayReading the Mandiant M-Trends 2024This is my informal, unofficial, unapproved etc blog based on my reading of the just-released Mandiant M-Trends 2024 report (Happy 15th Birthday, M-Trends! May you live for many googley years…) Vaguely relevant AI visual with … cybernetic threats :-) “ Shorter dwell times are lik…MEDIUM.COM
📋 SECURITY BULLETINS 2[−]
1 MayMicrosoft says April Windows updates break VPN connectionsMicrosoft says the April 2024 Windows security updates break VPN connections on Windows 11, Windows 10, and Windows Server systems. [...]BLEEPINGCOMPUTER.COM
1 MayMicrosoft: April Windows Server updates cause NTLM auth failuresMicrosoft has confirmed customer reports of NTLM authentication failures and high load after installing last month's Windows Server security updates. [...]BLEEPINGCOMPUTER.COM
📢 SECURITY ADVISORIES 5[−]
1 MayCISA Unveils Guidelines for AI and Critical InfrastructureThe CISA on Monday released safety and security guidelines for critical infrastructure, a move that comes just days after the Department of Homeland Security announced the formation of a safety and security board focused on the same topic.FEDSCOOP.COM
1 MayMicrosoft named overall leader in KuppingerCole Leadership Compass for ITDRToday we are thrilled to announce that Microsoft has been recognized as an overall leader in the KuppingerCole Leadership Compass Identity Threat Detection and Response: IAM Meets the SOC. The report highlights strengths across key capabilities ranging from identity posture to re…TECHCOMMUNITY.MICROSOFT.COM
🔥 INCIDENT REPORTING 15[−]
1 MayBelarus Secret Service Website Still Down After Hackers Claim the BreachThe hackers, known as the Belarusian Cyber-Partisans, announced their operation against the KGB late last week. The agency has not commented on the attack, but on Monday its website says that it is “in the process of development.”THERECORD.MEDIA
1 MayUnitedHealth CEO Says Hackers Lurked in Network for Nine Days Before Ransomware StrikeUnitedHealth Group’s CEO Andrew Witty shares details on the damaging cyberattack in testimony before a US Congress committee set for May 1, 2024. The post UnitedHealth CEO Says Hackers Lurked in Network for Nine Days Before Ransomware Strike appeared first on SecurityWeek .SECURITYWEEK.COM
1 MayDHS asked to consider potentially 'devastating’ impact of hacks on rural water systemssubmitted by c0mmando to netsec 5 points | 0 comments https://therecord.media/water-utility-cyberattacks-lawmakers-letter-to-dhs A bipartisan pair of House lawmakers is pressing for more details about the breach of a water facility in Texas that was carried out by a group with su…THERECORD.MEDIA
1 MayNSA staffer who tried, failed to spy for Russia gets 21+ yrssubmitted by c0mmando to netsec 13 points | 2 comments https://www.theregister.com/2024/04/30/nsa_employee_guilty_sentence/ A former NSA employee has been sentenced to 262 months in prison for attempting to freelance as a Russian spy. In his trial yesterday, Jareh Sebastian Dalke…THEREGISTER.COM
1 MayQantas Airways Says App Showed Customers Each Other's DataCustomers Report Seeing Each Other's Bookings, Inadvertent Flight Cancellations Australian's Qantas Airways has confirmed suffering a data breach after its app began inadvertently exposing other customers' data to each other. While the airline said no financial data was exposed, …DATABREACHTODAY.CO.UK
1 MayWpeeper Android Trojan Uses Compromised WordPress Sites to Shield Command-and-Control ServerThe new Wpeeper Android trojan ceased operations after a week and has zero detections in VirusTotal. The post Wpeeper Android Trojan Uses Compromised WordPress Sites to Shield Command-and-Control Server appeared first on SecurityWeek .SECURITYWEEK.COM
1 MayAndroid Malware Wpeeper Uses Compromised WordPress Sites to Hide C2 ServersCybersecurity researchers have discovered a previously undocumented malware targeting Android devices that uses compromised WordPress sites as relays for its actual command-and-control (C2) servers for detection evasion. The malware, codenamed Wpeeper, is an ELF binary that …THEHACKERNEWS.COM
1 MayNew Wpeeper Android Malware Hides Behind Hacked WordPress SitesA new Android backdoor malware named 'Wpeeper' has been spotted in at least two unofficial app stores mimicking the Uptodown App Store, a popular third-party app store for Android devices with over 220 million downloads.BLEEPINGCOMPUTER.COM
1 MayUnitedHealth CEO tells Senate all systems now have multi-factor authentication after hackUnitedHealth Group chief executive officer Andrew Witty told senators on Wednesday that the company has now enabled multi-factor authentication on all the company’s systems exposed to the internet in response to the recent cyberattack against its subsidiary Change Healthcare. The…TECHCRUNCH.COM
1 MayFrench hospital CHC-SV refuses to pay LockBit extortion demandThe Hôpital de Cannes - Simone Veil (CHC-SV) in France announced it received a ransom demand from the Lockbit 3.0 ransomware gang, saying they refuse to pay the ransom. [...]BLEEPINGCOMPUTER.COM
1 MayUnited HealthCare CEO says ‘maybe a third’ of U.S. citizens were affected by recent hackTwo months after hackers broke into Change Healthcare systems stealing and then encrypting company data, it’s still unclear how many Americans were impacted by the cyberattack. Last month, Andrew Witty, the CEO of Change Healthcare’s parent company UnitedHealth Group, said that t…TECHCRUNCH.COM
1 MayLawmakers Grill UnitedHealth CEO on Change Healthcare AttackUnitedHealth Group CEO Andrew Witty Explains the Steps the Company Is Taking Lawmakers on Wednesday grilled UnitedHealth Group CEO Andrew Witty over security lapses leading up to the Change Healthcare cyberattack and the company's handling of the incident, including the sectorwid…DATABREACHTODAY.CO.UK
1 MayAI's Offensive & Defensive ImpactsMichael Sikorski, who leads Threat Intelligence and Engineering, shares predictions on AI's near and long-term implications for cyberattacks and defense. The post AI's Offensive & Defensive Impacts appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
1 MayDropBox says hackers stole customer data, auth secrets from eSignature serviceCloud storage firm DropBox says hackers breached production systems for its DropBox Sign eSignature platform and gained access to authentication tokens, MFA keys, hashed passwords, and customer information. [...]BLEEPINGCOMPUTER.COM
🕵️ THREAT INTELLIGENCE 18[−]
1 MayAI Voice ScamScammers tricked a company into believing they were dealing with a BBC presenter. They faked her voice, and accepted money intended for her.SCHNEIER.COM
1 MayGoogle Guide! How to Detect Browser Data Theft Using Windows Event LogsIn the ever-evolving cybersecurity landscape, Google is continually striving to protect user data from malicious actors. In a recent blog post, the tech giant revealed a novel method to detect browser data theft using Windows Event Logs. This approach aims to make data theft more…GBHACKERS.COM
1 MayHow to Utilize Azure Logs to Identify Threats: Insights From MicrosoftMicrosoft’s Azure platform is a highly acclaimed and widely recognized solution that organizations worldwide are leveraging. It is regarded as a game-changer in the industry and has emerged as a dependable and efficient platform that helps businesses achieve their goals eff…GBHACKERS.COM
1 MayRSAC Fireside Chat: APIs are wondrous connectors — and the wellspring of multiplying exposuresAt the close of 2019, API security was a concern, though not necessarily a top priority for many CISOs. Related: GenAI ignites 100x innovation Then Covid 19 hit, and API growth skyrocketed, a trajectory that only steepened when Generative AI … (more…)LASTWATCHDOG.COM
1 MayCISO Conversations: Talking Cybersecurity With LinkedIn’s Geoff Belknap and Meta’s Guy RosenSecurityWeek interviews Geoff Belknap, CISO at LinkedIn, and Guy Rosen, CISO at Facebook parent company Meta. The post CISO Conversations: Talking Cybersecurity With LinkedIn’s Geoff Belknap and Meta’s Guy Rosen appeared first on SecurityWeek .SECURITYWEEK.COM
1 MayISC Stormcast For Wednesday, May 1st, 2024 https://isc.sans.edu/podcastdetail/8962, (Wed, May 1st)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
1 MayWhat are You Working on Wednesdaysubmitted by shellsharks to cybersecurity 1 points | 0 comments Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.INFOSEC.PUB
1 MayDeepKeep Launches AI-Native Security Platform With $10 Million in Seed FundingAI-Native Trust, Risk, and Security Management (TRiSM) startup DeepKeep raises $10 million in seed funding. The post DeepKeep Launches AI-Native Security Platform With $10 Million in Seed Funding appeared first on SecurityWeek .SECURITYWEEK.COM
1 MayAdobe Adds Content Credentials and Firefly to Bug Bounty ProgramAdobe is providing incentives for bug bounty hackers to report security flaws in its implementation of Content Credentials and Adobe Firefly. The post Adobe Adds Content Credentials and Firefly to Bug Bounty Program appeared first on SecurityWeek .SECURITYWEEK.COM
1 MayCuttlefish Malware Targets Routers, Harvests Cloud Authentication DataCuttlefish malware platform roaming around enterprise SOHO routers capable of covertly harvesting public cloud authentication data from internet traffic. The post Cuttlefish Malware Targets Routers, Harvests Cloud Authentication Data appeared first on SecurityWeek .SECURITYWEEK.COM
1 MayNavigating the Masquerade: Recognizing and Combating Impersonation AttacksWith all great power, there comes an equal potential for misuse. Among the sophisticated arsenal of threat actors, impersonation attacks have surged to the forefront, which questions our sense of trust.KNOWBE4.COM
1 May[CASE STUDY] Healthcare Organization Hardens Employee Defenses Against Insidious Callback Phishing AttacksA major U.S. healthcare provider significantly reduced their employees' susceptibility to callback phishing attacks after using KnowBe4's callback phishing simulation and training capabilities.KNOWBE4.COM
1 MayNorth Korean Threat Actors Target Software Developers With Phony Job InterviewsSuspected North Korean threat actors are attempting to trick software developers into downloading malware during phony job interviews, according to researchers at Securonix.KNOWBE4.COM
1 MayOasis Security Raises $35 Million to Tackle Non-Human Identity ManagementNew York startup Oasis Security banks $35 million in a Series A extension round led by Accel, Cyberstarts, and Sequoia Capital. The post Oasis Security Raises $35 Million to Tackle Non-Human Identity Management appeared first on SecurityWeek .SECURITYWEEK.COM
1 MayTraceable AI Raises $30 Million to Safeguard Cloud APIsTraceable AI has raised $110 million since launching in 2018 with ambitious plans in the competitive API security and observability space. The post Traceable AI Raises $30 Million to Safeguard Cloud APIs appeared first on SecurityWeek .SECURITYWEEK.COM
1 MayCorelight Gets $150M to Expand Detection, Improve WorkflowsSeries E Funding Round to Cover Future Operations, Enhance Product Innovation Corelight has secured $150 million on a $900 million valuation to support future growth and secure full independence. The Series E funds will be used to enhance the network detection and response vendor…DATABREACHTODAY.CO.UK
1 MayUS and Allies Issue Cyber Alert on Threats to OT SystemsCyber Authorities Warn Pro-Russian Hacktivists Targeting Small-Scale OT Systems U.S. and international cyber authorities issued a warning Wednesday that pro-Russian hacktivists are increasingly targeting small-scale operational technology systems throughout North America and Euro…DATABREACHTODAY.CO.UK
1 MayA Web of Surveillance - Amnesty International Security Labsubmitted by jorge to cybersecurity 1 points | 0 comments https://securitylab.amnesty.org/latest/2024/05/a-web-of-surveillance/SECURITYLAB.AMNESTY.ORG
🌐 CYBER THREAT LANDSCAPE 7[−]
1 MayNew Latrodectus Malware Attacks Use Microsoft, Cloudflare ThemesLatrodectus malware is now being distributed in phishing campaigns using Microsoft Azure and Cloudflare lures to appear legitimate while making it harder for email security platforms to detect the emails as malicious.BLEEPINGCOMPUTER.COM
1 MayZLoader Malware Evolves with Anti-Analysis Trick from Zeus Banking TrojanThe authors behind the resurfaced ZLoader malware have added a feature that was originally present in the Zeus banking trojan that it's based on, indicating that it's being actively developed. "The latest version, 2.4.1.0, introduces a feat…THEHACKERNEWS.COM
1 MayLinux Trojan - Xorddos with Filename eyshcjdmzg, (Mon, Apr 29th)I reviewed a filename I see regularly uploaded to my DShield sensor eyshcjdmzg that have been seeing since the 1 October 2023 which has multiple hashes and has been labeled as trojan.xorddos/ddos . These various files have only been uploaded to my DShield sensor by IP 218.92.0.60…ISC.SANS.EDU
1 MayNew Cuttlefish malware infects routers to monitor traffic for credentialsA new malware named 'Cuttlefish' has been spotted infecting enterprise-grade and small office/home office (SOHO) routers to monitor data that passes through them and steal authentication information. [...]BLEEPINGCOMPUTER.COM
1 MayNew Cuttlefish Malware Infects Routers to Monitor Traffic for Credential TheftBlack Lotus Labs says the malware has been active since at least July 2023. It is currently running an active campaign concentrated in Turkey, with a few infections elsewhere impacting satellite phone and data center services.BLEEPINGCOMPUTER.COM
1 MayUS govt warns of pro-Russian hacktivists targeting water facilitiesThe US government is warning that pro-Russian hacktivists are seeking out and hacking into unsecured operational technology (OT) systems used to disrupt critical infrastructure operations. [...]BLEEPINGCOMPUTER.COM
🎙️ PODCASTS 1[−]
1 MaySmashing Security podcast #370: The closed loop conundrum, default passwords, and Baby ReindeerThe UK Government takes aim at IoT devices shipping with weak or default passwords, an identity thief spends two years in jail after being mistaken for the person who stole his name, and are you au fait with the latest scams? All this and much more is discussed in the latest edit…GRAHAMCLULEY.COM
📡 INFOSEC NEWS 11[−]
1 MayEveryone's an Expert: How to Empower Your Employees for Cybersecurity SuccessThere’s a natural human desire to avoid threatening scenarios. The irony, of course, is if you hope to attain any semblance of security, you’ve got to remain prepared to confront those very same threats. As a decision-maker for your organization, you know…THEHACKERNEWS.COM
1 MayEx-NSA Employee Sentenced to 22 Years for Trying to Sell U.S. Secrets to RussiaA former employee of the U.S. National Security Agency (NSA) has been sentenced to nearly 22 years (262 months) in prison for attempting to transfer classified documents to Russia. "This sentence should serve as a stark warning to all those entrusted with protecting national defe…THEHACKERNEWS.COM
1 MayQantas app exposed sensitive traveler details to random usersQantas Airways confirms that some of its customers were impacted by a misconfiguration in its app that exposed sensitive information and boarding passes to random users. [...]BLEEPINGCOMPUTER.COM
1 MayBelgium’s Aikido lands $17M Series A for its ‘no BS’ security platform aimed at developersDevelopers have a problem. It used to be the case that only large enterprises needed to worry themselves with security, but today, every startup is capable of holding huge amounts of customer data. That means developers across the board have to worry about how secure their platfo…TECHCRUNCH.COM
1 MayCorrelating Cyber Investments With Business OutcomesSecurityGate CEO Ted Gutierrez said the SEC's new cybersecurity mandates give "more teeth to the idea that cybersecurity is a business problem." He discussed the need for CISOs to link cyber risk and business outcomes and other ways in which the rules affect the field of cybersec…DATABREACHTODAY.CO.UK
1 MayBitcoin Forensic Analysis Uncovers Money Laundering Clusters and Criminal ProceedsA forensic analysis of a graph dataset containing transactions on the Bitcoin blockchain has revealed clusters associated with illicit activity and money laundering, including detecting criminal proceeds sent to a crypto exchange and previously unknown wallets belonging to a…THEHACKERNEWS.COM
1 MayIsland Raises $175 Million at $3 Billion ValuationThe $175 million Series D funding round for Island was led by new investor Coatue and existing investor Sequoia Capital, with additional funding from other existing investors.HELPNETSECURITY.COM