🚨 CISA KEV 1[−]
10 May KEV#StopRansomware: Black BastaSUMMARY Note : This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 10[−]
10 May KEVWarning! Google Chrome Zero-day Vulnerability Exploited in WildGoogle released a critical security update for its Chrome web browser to address attackers exploiting a high-severity vulnerability. The update brings Chrome to version 124.0.6367.201 for Windows, Mac, and Linux users on the Stable release channel. The vulnerability, tracked as C…GBHACKERS.COM
10 May KEVGoogle Chrome Zero-day Exploited in the Wild, Patch NowGoogle has urgently updated its Chrome browser across all platforms after a critical vulnerability, identified as CVE-2024-4671, was found being actively exploited. Users are strongly advised to update their browsers immediately to prevent potential security breaches. CVE-2024-46…GBHACKERS.COM
10 MayGoogle Fixes Fifth Chrome Zero-Day Exploited in Attacks This YearThe high-severity issue tracked as CVE-2024-4671 is a “user after free” vulnerability in the Visuals component that handles the rendering and display of content on the browser.BLEEPINGCOMPUTER.COM
10 MayCISA Starts CVE "Vulnrichment" ProgramThe US Cybersecurity and Infrastructure Agency (CISA) has announced the creation of “Vulnrichment,” a new project that aims to fill the CVE enrichment gap created by NIST National Vulnerability Database’s recent slowdown.HELPNETSECURITY.COM
10 May KEVChrome Zero-Day Alert — Update Your Browser to Patch New VulnerabilityGoogle on Thursday released security updates to address a zero-day flaw in Chrome that it said has been actively exploited in the wild. Tracked as CVE-2024-4671, the high-severity vulnerability has been described as a case of use-after-free in the Visuals component…THEHACKERNEWS.COM
10 MayChromium: CVE-2024-4671 Use after free in VisualsThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
10 MayChromium: CVE-2024-4558 Use after free in ANGLEThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
10 MayChromium: CVE-2024-4559 Heap buffer overflow in WebAudioThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
10 MayCVE-2024-30055 Microsoft Edge (Chromium-based) Spoofing VulnerabilityInformation published.MSRC.MICROSOFT.COM
10 May KEVGoogle Chrome gets a patch for actively exploited zero-day vulnerabilityGoogle released a Chrome stable update Thursday to patch a high-risk severity vulnerability that was being exploited in the wild, the second zero-day to be patched in Chrome this year. The vulnerability, tracked as CVE-2024-4671, is described as a use-after-free memory bug in the…CSOONLINE.COM
⚠️ VULNERABILITY DISCLOSURE 18[−]
10 MayThe Post Millennial - 26,818,266 breached accountsIn May 2024, the conservative news website The Post Millennial suffered a data breach . The breach resulted in the defacement of the website and links posted to 3 different corpuses of data including hundreds of writers and editors (IP, physical address and email exposed), tens o…HAVEIBEENPWNED.COM
10 MayResearchers Hacked into Apple Infrastructure Using SQL InjectionResearchers found several points of entry for potential attackers, one of which was Apple’s Book Travel portal, where they took advantage of a significant SQL injection vulnerability. Experimenting with the Masa/Mura CMS revealed the attack surface, primarily the one availa…GBHACKERS.COM
10 MaySome strategies for CISOs freaked out by the specter of federal indictmentsRecent legal actions against top cybersecurity professionals have sent shockwaves through the information security community in recent years, sparking fear and uncertainty over whether decisions made during the chaos of cybersecurity incidents could end up costing IT security lea…CSOONLINE.COM
10 MayDell Hacked – Attackers Stolen 49 Million Customers Personal InformationDell Technologies recently disclosed a data breach involving a company portal that contained limited customer information related to purchases. The breach exposed customer names, physical addresses, and detailed order information, including service tags, item descriptions, order …GBHACKERS.COM
10 May KEVGoogle fixes fifth Chrome zero-day exploited in attacks this yearGoogle has released a security update for the Chrome browser to fix the fifth zero-day vulnerability exploited in the wild since the start of the year. [...]BLEEPINGCOMPUTER.COM
10 MayCybercriminals are Getting Faster at Exploiting VulnerabilitiesCybercriminals are exploiting new vulnerabilities at an increasingly rapid pace, with attacks starting on average just 4.76 days after vulnerabilities are publicly disclosed, according to Fortinet.HELPNETSECURITY.COM
10 May500,000 Impacted by Ohio Lottery Ransomware AttackThe Ohio Lottery cyberattack conducted by the DragonForce ransomware group has impacted more than 500,000 individuals. The post 500,000 Impacted by Ohio Lottery Ransomware Attack appeared first on SecurityWeek .SECURITYWEEK.COM
10 May KEVSocial engineering: Definition, examples, and techniquesWhat is social engineering? Social engineering is the art of exploiting human psychology, rather than technical hacking techniques, to gain access to buildings, systems, or data. For example, instead of trying to find a software vulnerability, a social engineer might call an empl…CSOONLINE.COM
10 MayDell data breach exposes data of 49 million customersDell Technologies has sent out emails to its customers, warning them of a data breach that potentially exposed the information of approximately 49 million customers. The emails come days after a threat actor called Menelik claimed the breach on BreachForums and offered to sell “d…CSOONLINE.COM
10 MayNew LLMjacking Used Stolen Cloud Credentials to Attack Cloud LLM ServersResearchers have identified a new form of cyberattack termed “LLMjacking,” which exploits stolen cloud credentials to hijack cloud-hosted large language models (LLMs). This sophisticated attack leads to substantial financial losses and poses significant risks to data …GBHACKERS.COM
10 MayMonday.com Removes “Share Update” Feature Abused for Phishing AttacksThe phishing emails pretended to come from a "Human Resources" department, asking users to either acknowledge the "organization's workplace sex policy" or submit feedback as part of a "2024 Employee Evaluation."BLEEPINGCOMPUTER.COM
10 MayExploited Chrome Zero-Day Patched by GoogleA Chrome 124 update patches the second Chrome zero-day that has been found to be exploited in malicious attacks in 2024. The post Exploited Chrome Zero-Day Patched by Google appeared first on SecurityWeek .SECURITYWEEK.COM
10 MayPhishing-as-a-Service Platform LabHost Disrupted by Law Enforcement CrackdownOne of the largest phishing-as-a-service platforms, LabHost, was severely disrupted by law enforcement in 19 countries during a year-long operation that resulted in 37 arrests.KNOWBE4.COM
10 MayThreat actor says he scraped 49M Dell customer addresses before the company found outThe person who claims to have 49 million Dell customer records told TechCrunch that he brute-forced an online company portal and scraped customer data, including physical addresses, directly from Dell’s servers. TechCrunch verified that some of the scraped data matche…TECHCRUNCH.COM
10 MayActor IntelBroker is selling data from Europol in Breachforumssubmitted by kid to cybersecurity 1 points | 0 comments https://breachforums.st/Thread-SELLING-Europol-Data-Breach Data offered include Alliance employees, FOUO source code, PDFs, Documents for recon and guidelines.BREACHFORUMS.ST
10 MayCISA inks 68 tech vendors to secure-by-design pledge — but will it matter?Some of the biggest names in the tech industry signed onto a public pledge, backed by the US Cybersecurity and Infrastructure Security Agency, promising to implement important software security measures in their products. The CISA “Secure By Design” pledge outlines seven areas in…CSOONLINE.COM
10 MayThe Week in Ransomware - May 10th 2024 - Chipping away at LockBitAfter many months of taunting law enforcement and offering a million-dollar reward to anyone who could reveal his identity, the FBI and NCA have done just that, revealing the name of LockBitSupp, the operator of the LockBit ransomware operation. [...]BLEEPINGCOMPUTER.COM
📢 SECURITY ADVISORIES 6[−]
10 May[Must Read] How Boeing Battled a Whopping $200M Ransomware DemandBoeing recently confirmed that in October 2023, it fell victim to an attack by the LockBit ransomware gang, which disrupted some of its parts and distribution operations. The attackers demanded a whopping $200 million not to release the data they had exfiltrated.KNOWBE4.COM
10 MayCISA Explains Why it Doesn’t Call Out Tech Vendors by NameThe CISA isn’t inclined to call out technology vendors when their fundamental errors impact customers — officials contend they can make a greater impact by discerning and generalizing those mistakes for a broader audience.CYBERSECURITYDIVE.COM
10 MayCISA and Partners Release Advisory on Black Basta RansomwareToday, CISA, in partnership with the Federal Bureau of Investigation (FBI), the Department of Health and Human Services (HHS), and the Multi-State Information Sharing and Analysis Center (MS-ISAC) released joint Cybersecurity Advisory (CSA) #StopRansomware: Black Basta to provide…CISA.GOV
10 MayIt's a wrap! RSA Conference 2024 highlights – Week in security with Tony AnscombeMore than 40,000 security experts descended on San Francisco this week. Let's now look back on some of the event's highlights – including the CISA-led 'Secure by Design' pledge also signed by ESET.WELIVESECURITY.COM
🔥 INCIDENT REPORTING 22[−]
10 MayResearchers Uncover 'LLMjacking' Scheme Targeting Cloud-Hosted AI ModelsCybersecurity researchers have discovered a novel attack that employs stolen cloud credentials to target cloud-hosted large language model (LLM) services with the goal of selling access to other threat actors. The attack technique has been codenamed LLMjacking …THEHACKERNEWS.COM
10 MayCyber Security Today, May 10 ,2024 - Patches for F5's Next Central Manager released, Dell discovers data theft covering millions of buyers, and moreThis episode reports on Anit-Ransomware Day , big tech companies vowing to make their products and services Secure By Design, and moreCYBERSECURITYTODAY.LIBSYN.COM
10 MayMalicious Android Apps Pose as Google, Instagram, WhatsApp, Spread via SmishingMalicious Android apps masquerading as Google, Instagram, Snapchat, WhatsApp, and X (formerly Twitter) have been observed to steal users' credentials from compromised devices. "This malware uses famous Android app icons to mislead users and trick victims into installing the malic…THEHACKERNEWS.COM
10 MayBoeing confirms attempted $200 million ransomware extortion attemptsubmitted by kid to cybersecurity 2 points | 0 comments https://cyberscoop.com/boeing-confirms-attempted-200-million-ransomware-extortion-attempt/CYBERSCOOP.COM
10 MayIntelBroker Hacker Leaks Alleged HSBC & Barclays Bank Datasubmitted by kid to cybersecurity 2 points | 0 comments https://www.hackread.com/intelbroker-hacker-hsbc-barclays-data-breach/HACKREAD.COM
10 MayRansomware Attacks Impact 20% of Sensitive Data in Healthcare OrgsRecent cyber incidents demonstrate the healthcare industry continues to be a prime target for ransomware hackers, according to Rubrik. New research by Rubrik Zero Labs reveals that ransomware attacks produce larger impacts against healthcare targets.HELPNETSECURITY.COM
10 MayIn Other News: European Parliament Breach, DocGo Hack, VMware Advisories MovedNoteworthy stories that might have slipped under the radar: European Parliament application breached, DocGo hacked, VMware advisories moved to Broadcom portal. The post In Other News: European Parliament Breach, DocGo Hack, VMware Advisories Moved appeared first on SecurityWeek .SECURITYWEEK.COM
10 MayReport: Global Ransomware Crisis WorsensAccording to NTT Security Holdings’ 2024 Global Threat Intelligence report, ransomware and extortion incidents increased by 67% in 2023, with over 5,000 victims detected or posted across social channels, up from 3,000 in 2022.HELPNETSECURITY.COM
10 MayBoeing refused to pay $200 million LockBit ransomware demandBoeing has confirmed that it received a demand for a massive $200 million after a ransomware attack by the notorious LockBit hacking group in October 2023. The company confirmed its link to the indictment of Dmitry Yuryevich Khoroshev, who was identified this week by the US Depar…BITDEFENDER.COM
10 MayUpdate: Thwarted Cyberattack Targeted Library of Congress in Tandem With October British Library BreachThe Library of Congress was targeted in a cyberattack that occurred in parallel with a high-profile intrusion into the British Library in October 2023 but it was a failed attempt, according to internal documents obtained by Nextgov/FCW.NEXTGOV.COM
10 MayNew LLMjacking Attack Uses Stolen Cloud Credentials to Target Cloud-Hosted AI ModelsSysdig researchers discovered evidence of a reverse proxy for LLMs being used to provide access to the compromised accounts, suggesting a financial motivation. However, another possible motivation is to extract LLM training data.SYSDIG.COM
10 MayHealthcare Giant Ascension Hacked, Hospitals Diverting Emergency ServiceOne of the largest healthcare systems in the United States is scrambling to contain a hack that's causing disruption and “downtime procedures” at hospitals around the country. The post Healthcare Giant Ascension Hacked, Hospitals Diverting Emergency Service appeared first on Secu…SECURITYWEEK.COM
10 MayNorth Korean Hackers Deploy New Golang Malware 'Durian' Against Crypto FirmsThe North Korean threat actor tracked as Kimsuky has been observed deploying a previously undocumented Golang-based malware dubbed Durian as part of highly-targeted cyber attacks aimed at South Korean cryptocurrency firms. "Durian boasts comprehensive backdoor functiona…THEHACKERNEWS.COM
10 MayOhio Lottery ransomware attack impacts over 538,000 individualsThe Ohio Lottery is sending data breach notification letters to over 538,000 individuals affected by a cyberattack that hit the organization's systems on Christmas Eve. [...]BLEEPINGCOMPUTER.COM
10 MayRansomware Detection Time Shortens by 44% as Organizations Attempt to Keep Up with AttackersNew data shows organizations are improving their ability to detect and respond to ransomware attacks, but is it fast enough to make a difference and stop attacks?KNOWBE4.COM
10 MayAscension Diverts Emergency Patients, Postpones CareWednesday Cyber Incident Shakes America's Largest Healthcare System The Ascension healthcare system is sending away emergency patients and postponing nonemergency procedures as it digs out from a cyber incident that knocked its electronic health record systems offline with no imm…DATABREACHTODAY.CO.UK
10 MayAscension redirects ambulances after suspected ransomware attackAscension, a major U.S. healthcare network, is diverting ambulances from several hospitals due to a suspected ransomware attack that has been causing clinical operation disruptions and system outages since Wednesday. [...]BLEEPINGCOMPUTER.COM
10 MayDell API abused to steal 49 million customer records in data breachThe threat actor behind the recent Dell data breach revealed they scraped information of 49 million customer records using an partner portal API they accessed as a fake company. [...]BLEEPINGCOMPUTER.COM
10 MayISMG Editors: RSA Conference 2024 Wrap-UpPanels Unpack the Buzz Around AI, Future Trends for CISOs From the RSA Conference in San Francisco, five ISMG editors cover the major themes at the event including emerging threats related to AI and new AI-embedded cybersecurity solutions. Other hot topics included ransomware thr…DATABREACHTODAY.CO.UK
🕵️ THREAT INTELLIGENCE 13[−]
10 MayISC Stormcast For Friday, May 10th, 2024 https://isc.sans.edu/podcastdetail/8976, (Fri, May 10th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
10 MayStack Overflow Users Delete Posts in Protest Over OpenAI PartnershipSeveral Stack Overflow users have begun deleting their contributions from the platform, a move that has sparked widespread debate within the developer community. This action follows a newly announced partnership between Stack Overflow and OpenAI, detailed in a press release on Ma…GBHACKERS.COM
10 MayNorth Korean Hackers Abusing Facebook & MS Management ConsoleThe North Korean hacking group known as Kimsuky has been reported to employ sophisticated methods involving social media platforms and system management tools to conduct espionage activities. This revelation highlights the evolving tactics of cyber adversaries and the increasing …GBHACKERS.COM
10 MayHijackLoader Malware Attack Windows Via Weaponized PNG ImageIn a recent cybersecurity breakthrough, researchers have unveiled significant updates to the HijackLoader malware, a sophisticated modular loader notorious for delivering a variety of malicious payloads. The malware has been updated to deploy threats such as Amadey, Lumma Stealer…GBHACKERS.COM
10 MayRSA Conference 2024 – Announcements Summary (Day 4)Hundreds of companies are showcasing their products and services this week at the 2024 edition of the RSA Conference in San Francisco. The post RSA Conference 2024 – Announcements Summary (Day 4) appeared first on SecurityWeek .SECURITYWEEK.COM
10 MayDigital Doppelgängers: AI-Generated Celeb Fashion Takes Over the Met Gala on Social MediaThe Met Gala, fashion's biggest night, was not just the A-list attendees who stole the spotlight—digital imposters in the form of AI-generated superstars sent social media into a frenzy.KNOWBE4.COM
10 MayArizona Election Workers Battle Against Deepfake Threats in New AI Defense DrillIn the quest to secure the integrity of elections, Arizona election workers have taken a groundbreaking step by participating in a first-of-its-kind drill meant to defend against a new wave of AI-generated threats.KNOWBE4.COM
10 MayOff-Topic Friday (experimental)submitted by shellsharks to cybersecurity 1 points | 0 comments Experimenting with a new regular thread. Wanna chat about something non-infosec amongst those of us who frequent /c/cybersecurity? Here’s your chance! (Keep things civil & respectful please). Have a great weekend…INFOSEC.PUB
10 MayDDoS Attack Size Increased by 233.33%, UDP-Based are PopularThe latest Nexusguard DDoS Trend Report for 2024 has unveiled a significant escalation in the size of Distributed Denial of Service (DDoS) attacks throughout 2023, with an average increase of 233.33% compared to the previous year. Despite a 54.74% drop in the total number of atta…GBHACKERS.COM
10 MayNew Attack Against Self-Driving Car AIThis is another attack that convinces the AI to ignore road signs : Due to the way CMOS cameras operate, rapidly changing light from fast flashing diodes can be used to vary the color. For example, the shade of red on a stop sign could look different on each line depending on the…SCHNEIER.COM
10 MayGoogle’s Multi-Party Approval Process Is Great, but Not UnphishableLike most observers, I celebrated Google’s recent announcement on April 9 th about new multi-party approvals for a handful or so of common actions accomplished by super admins in Google Workspace.KNOWBE4.COM
10 MayHackers Steal Credit Card Data of Deal-Seeking ShoppersChina-Linked Criminals Processed Orders Worth $50M: Security Research Labs Hackers linked to Chinese fraudsters are targeting online shoppers to steal credit card information, likely making off with about $50 million from victims in the United States and Western Europe who order …DATABREACHTODAY.CO.UK
10 MayFriday Squid Blogging: Squid Mating StrategiesSome squids are “consorts,” others are “sneakers.” The species is healthiest when individuals have different strategies randomly. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog…SCHNEIER.COM
🌐 CYBER THREAT LANDSCAPE 3[−]
10 MaySocGholish Sets Sights on Victim PeersThe SocGholish malware is targeting enterprises through fake browser update prompts, compromising legitimate websites to deliver malicious payloads that steal sensitive data and establish persistence on infected systems.ESENTIRE.COM
10 MayAndroid Remote Access Trojan Equipped to Harvest CredentialsThis malware uses famous Android app icons to mislead users and trick victims into installing the malicious app on their devices. This includes the icons of Google, Instagram, Snapchat, WhatsApp, and X (formerly Twitter).SONICWALL.COM
10 MayCensysGPT: AI-Powered Threat Hunting for Cybersecurity Pros (Webinar)Artificial intelligence (AI) is transforming cybersecurity, and those leading the charge are using it to outsmart increasingly advanced cyber threats. Join us for an exciting webinar, "The Future of Threat Hunting is Powered by Generative AI," where you'll explore how AI tools ar…THEHACKERNEWS.COM
📡 INFOSEC NEWS 17[−]
10 MayWidely used Telit Cinterion modems open to SMS takeover attacksSecurity flaws in Telit Cinterion cellular modems, widely used in sectors including industrial, healthcare, and telecommunications, could allow remote attackers to execute arbitrary code via SMS. [...]BLEEPINGCOMPUTER.COM
10 MaySophos Germany Champions Girls’ Pathways into TechAnnual Girl’s Day event in Wiesbaden encourages girls into careers in tech.SOPHOS.COM
10 MayCitrix Warns Customers to Update PuTTY Version Installed on Their XenCenter System ManuallyVersions of XenCenter for Citrix Hypervisor 8.2 CU1 LTSR used PuTTY, a third-party component, for SSH connections to guest VMs. However, PuTTY inclusion was deprecated with XenCenter version 8.2.6, and any versions after 8.2.7 will not include PuTTY.SECURITYAFFAIRS.COM
10 MayWhat's the Right EDR for You?A guide to finding the right endpoint detection and response (EDR) solution for your business’ unique needs. Cybersecurity has become an ongoing battle between hackers and small- and mid-sized businesses. Though perimeter security measures like antivirus and firewalls h…THEHACKERNEWS.COM
10 MayRegulators are Coming for IoT Device SecurityRegulators are increasingly focusing on IoT device security due to the vulnerabilities present in many IoT devices. The lack of expertise among manufacturers in securing connected products has led to significant security risks.HELPNETSECURITY.COM
10 MayWidely Used Telit Cinterion Modems Open to SMS-based Device Takeover AttacksThe vulnerabilities were found in the Cinterion EHS5-E series modem, but other Telit Cinterion products with similar software and hardware architecture are also likely impacted, including Cinterion BGS5, EHS5/6/7, PDS5/6/8, ELS61/81, and PLS62.BLEEPINGCOMPUTER.COM
10 MayTelus Acquires Cybersecurity Services Firm VumetricTelus announced Tuesday its acquisition of Vumetric Cybersecurity, a Toronto-based cybersecurity provider that specializes in advanced penetration testing designed to identify cyber vulnerabilities and threats to companies across North America.CARTT.CA
10 MayEx-White House Election Threat Hunter Weighs In On What To Expect In NovemberPACKETSTORMSECURITY.COM
10 MayLeaked FBI Email Stresses Need For Warrantless Surveillance Of AmericansPACKETSTORMSECURITY.COM
10 MayWorld Warned To Prepare For Today's Severe Geomagnetic Storm, First In 20 YearsPACKETSTORMSECURITY.COM
10 MayWidely used modems in industrial IoT devices open to SMS attackSecurity flaws in Telit Cinterion cellular modems, widely used in sectors including industrial, healthcare, and telecommunications, could allow remote attackers to execute arbitrary code via SMS. [...]BLEEPINGCOMPUTER.COM
10 MayCyber Towns - and Interview with Francois Guay: Cyber Security Today Weekend for May 11, 2024Join us for an interview with Francois Guay, founder of the Canadian Cyber Security Network and a new study of Canadian municipalities and how they rate in terms of attracting and retaining cybersecurity professionals.CYBERSECURITYTODAY.LIBSYN.COM
10 MayHow to talk about climate change – and what motivates people to action: An interview with Katharine HayhoeWe spoke to climate scientist Katharine Hayhoe about intersections between climate action, human psychology and spirituality, and how to channel anxiety about the state of our planet into meaningful actionWELIVESECURITY.COM
10 MayIn it to win it! WeLiveSecurity shortlisted for European Security Blogger AwardsWe’re thrilled to announce that WeLiveSecurity has been named a finalist in the Corporates – Best Cybersecurity Vendor Blog category of the European Security Blogger Awards 2024WELIVESECURITY.COM