🚨 CISA KEV 1[−]
30 May KEVCISA Adds Two Known Exploited Vulnerabilities to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2024-24919 Check Point Quantum Security Gateways Information Disclosure Vulnerability CVE-2024-1086 Linux Kernel Use-After-Free Vulnerability …CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 7[−]
30 MayDecoding Water Sigbin's Latest Obfuscation TricksWater Sigbin (aka the 8220 Gang) exploited the Oracle WebLogic vulnerabilities CVE-2017-3506 and CVE-2023-21839 to deploy a cryptocurrency miner using a PowerShell script. The threat actor also adopted new techniques to conceal its activities, making attacks harder to defend agai…TRENDMICRO.COM
30 MayCheck Point VPN Attacks Involve Zero-Day Exploited Since AprilThe recently disclosed Check Point VPN attacks involve the zero-day vulnerability CVE-2024-24919, which allows hackers to obtain passwords. The post Check Point VPN Attacks Involve Zero-Day Exploited Since April appeared first on SecurityWeek .SECURITYWEEK.COM
30 MaySpring Cloud Data Flow Let Attackers Compromise The ServerA critical vulnerability has been discovered in Spring Cloud Data Flow, a microservices-based platform for streaming and batch data processing in Cloud Foundry and Kubernetes. The flaw, identified in the Skipper server component, allows attackers to compromise the server by explo…GBHACKERS.COM
30 MayProgress Telerik Report Server Flaw Let Attackers Bypass AuthenticationA new vulnerability related to authentication bypass was discovered in the Progress Telerik Report server. The CVE for this vulnerability has been assigned CVE-2024-4358, and its severity has been given as 9.8 (Critical). This vulnerability exists in Telerik Report Server 2024 Q1…GBHACKERS.COM
30 MayNIST Getting Outside Help for National Vulnerability DatabaseNIST is receiving support to get the NVD and CVE processing back on track within the next few months. The post NIST Getting Outside Help for National Vulnerability Database appeared first on SecurityWeek .SECURITYWEEK.COM
30 May KEVCISA Alerts Federal Agencies to Patch Actively Exploited Linux Kernel FlawThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a security flaw impacting the Linux kernel to the Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. Tracked as CVE-2024-1086 (CVSS score: 7.8), the high-severit…THEHACKERNEWS.COM
30 MayNIST Unveils Plan to Restore National Vulnerability DatabaseAgency Awards Contract for Additional Staffing to Cope With Massive Backlog of CVEs The U.S. National Institute of Standards and Technology announced plans to resume processing new vulnerabilities for the National Vulnerability Database after funding cuts forced the agency to sto…DATABREACHTODAY.CO.UK
⚠️ VULNERABILITY DISCLOSURE 32[−]
30 MayOperation EndgamePresently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite Today we loaded 16.5M email addresses and 13.5M unique passwords provided by law enforcement agencies into Have I Been Pwned (HIBP) fol…TROYHUNT.COM
30 MayOperation Endgame - 16,455,383 breached accountsIn May 2024, a coalition of international law enforcement agencies took down a series of botnets in a campaign they coined "Operation Endgame" . Data seized in the operation included impacted email addresses and passwords which were provided to HIBP to help victims lear…HAVEIBEENPWNED.COM
30 MayCloud access security brokers (CASBs): What to know before you buyCloud access security brokers (CASBs) explained As the name suggests, a cloud access security broker (CASB) manages access between enterprise endpoints and cloud resources from a security perspective. CASBs can be deployed on-premises or in the cloud; as a hardware appliance or s…CSOONLINE.COM
30 MayHuman vulnerability remains top threat: ReportHumans remains a key vulnerability point of enterprise security strategies, according to a report from IT security provider Arctic Wolf, which found that 48% of more than 1,000 senior IT and cybersecurity decision-makers surveyed experienced concrete evidence of a security breach…CSOONLINE.COM
30 MayFeeding MISP with OSSEC, (Thu, May 30th)I&#;x26;#;39;m a big fan of OSSEC[ 1 ] for years. OSSEC ("Open Source Security Event Correlator") is a comprehensive, open-source host-based intrusion detection system (HIDS). It is designed to monitor and analyze system logs, detect suspicio…ISC.SANS.EDU
30 MayRSAC Fireside Chat: Start-up Anetac rolls out a solution to rising ‘service accounts’ exposuresFrom MFA to biometrics, a lot has been done to reinforce user ID and password authentication — for human users. Related: How weak service accounts factored into SolarWinds hack By comparison, almost nothing has been done to strengthen service accounts … (more…) The po…LASTWATCHDOG.COM
30 MayOkta Warns Credential Stuffing Attacks Targeting Customer Identity CloudOkta, a leading identity and access management company, has warned about credential stuffing attacks targeting its Customer Identity Cloud (CIC). The company has identified that threat actors are exploiting the cross-origin authentication feature within CIC. As part of its Okta S…GBHACKERS.COM
30 MayPolice seize malware loader servers, arrest four cybercriminalsAn international law enforcement operation codenamed 'Operation Endgame' has seized over 100 servers worldwide used by multiple major malware loader operations, including IcedID, Pikabot, Trickbot, Bumblebee, Smokeloader, and SystemBC. [...]BLEEPINGCOMPUTER.COM
30 MayPolice seize over 100 malware loader servers, arrest four cybercriminalsAn international law enforcement operation codenamed 'Operation Endgame' has seized over 100 servers worldwide used by multiple major malware loader operations, including IcedID, Pikabot, Trickbot, Bumblebee, Smokeloader, and SystemBC. [...]BLEEPINGCOMPUTER.COM
30 May KEVWorld’s largest botnet seized in Federal bust, Chinese national arrestedAn international law enforcement operation led by the US Department of Justice has taken down a multi-million botnet network linked to large-scale cyberattacks, including fraud, child exploitation, harassment, bomb threats, and export violations. The botnet network, a residential…CSOONLINE.COM
30 MayEuropol Shuts Down 100+ Servers Linked to IcedID, TrickBot, and Other MalwareEuropol on Thursday said it shut down the infrastructure associated with several malware loader operations such as IcedID, SystemBC, PikaBot, SmokeLoader, Bumblebee, and TrickBot as part of a coordinated law enforcement effort codenamed Operation Endgame. "The actions focused on …THEHACKERNEWS.COM
30 MayPolice seize over 100 malware loader servers, arrest four cybercriminalsAn international law enforcement operation codenamed 'Operation Endgame' has seized over 100 servers worldwide used by multiple major malware loader operations, including IcedID, Pikabot, Trickbot, Bumblebee, Smokeloader, and SystemBC. [...]BLEEPINGCOMPUTER.COM
30 MayTrickBot and Other Malware Droppers Disrupted by Law EnforcementThe TrickBot botnet and other malware droppers have been targeted by international law enforcement in Operation Endgame. The post TrickBot and Other Malware Droppers Disrupted by Law Enforcement appeared first on SecurityWeek .SECURITYWEEK.COM
30 May KEVOver half of government applications have unpatched flaws older than a yearThe public sector is one of the top targets for sophisticated state sponsored threat actors as well as ransomware gangs, but it’s having a hard time keeping up with security patches in a timely manner. More than half of the software applications deployed in government organizatio…CSOONLINE.COM
30 MayBBC suffers data breach impacting current, former employeesThe BBC has disclosed a data security incident that occurred on May 21, involving unauthorized access to files hosted on a cloud-based service, compromising the personal information of BBC Pension Scheme members. [...]BLEEPINGCOMPUTER.COM
30 May KEVResearchers Uncover Active Exploitation of WordPress Plugin VulnerabilitiesCybersecurity researchers have warned that multiple high-severity security vulnerabilities in WordPress plugins are being actively exploited by threat actors to create rogue administrator accounts for follow-on exploitation. "These vulnerabilities are found in various WordPress p…THEHACKERNEWS.COM
30 May“Largest botnet ever” disrupted. 911 S5’s alleged mastermind arrestedA vast network of millions of compromised computers, being used to facilitate a wide range of cybercrime, has been disrupted by a multinational law enforcement operation. Read more in my article on the Tripwire State of Security blog.TRIPWIRE.COM
30 MayCISA Releases Seven Industrial Control Systems AdvisoriesCISA released seven Industrial Control Systems (ICS) advisories on May 30, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-151-01 LenelS2 NetBox ICSA-24-151-02 Fuji Electric Monitouch V-SFT IC…CISA.GOV
30 MayRedTail Crypto-Mining Malware Exploiting Palo Alto Networks Firewall VulnerabilityThe threat actors behind the RedTail cryptocurrency mining malware have added a recently disclosed security flaw impacting Palo Alto Networks firewalls to its exploit arsenal. The addition of the PAN-OS vulnerability to its toolkit has been complemented by updates to the malware,…THEHACKERNEWS.COM
30 MayCritical WordPress Plugin Flaws Exploited to Inject Malicious Scripts and BackdoorsMalicious campaign exploits high-severity XSS flaws in three WordPress plugins to backdoor websites. The post Critical WordPress Plugin Flaws Exploited to Inject Malicious Scripts and Backdoors appeared first on SecurityWeek .SECURITYWEEK.COM
30 May‘Operation Endgame’ Hits Malware Delivery PlatformsLaw enforcement agencies in the United States and Europe today announced Operation Endgame, a coordinated action against some of the most popular cybercrime platforms for delivering ransomware and data-stealing malware. Dubbed "the largest ever operation against botnets," the int…KREBSONSECURITY.COM
30 MayEuropean Police Take Down Botnet Servers, Make Arrests'Operation Endgame' Disrupted 5 Botnets Including IcedID and SmokeLoader An international law enforcement operation resulted in the arrests of four botnet operators and the seizure of more than 100 servers used as infrastructure for malware dropper botnets. Armenian police arrest…DATABREACHTODAY.CO.UK
30 MayFlyingYeti Exploits WinRAR Vulnerability to Deliver COOKBOX Malware in UkraineCloudflare on Thursday said it took steps to disrupt a month-long phishing campaign orchestrated by a Russia-aligned threat actor called FlyingYeti targeting Ukraine. "The FlyingYeti campaign capitalized on anxiety over the potential loss of access to housing and utilities by ent…THEHACKERNEWS.COM
30 MayExploring the latest FortiGuard Labs Threat Report - Derek Manky - ESW VaultAs a special treat for this week's vault episode, we set up a conversation with Derek Manky to discuss Fortinet's FortiGuard Labs Threat Report. This is a bi-annual report put out by FortiGuard Labs, and in my opinion, it just keeps getting better and better. The report is chock …YOUTUBE.COM
30 MayA CISO’s Perspective, Defending Against AI & Ransomware Evolution - Kris Lahiri, Jim ... - ESW VaultIn this interview, join Swimlane Chief Information Security Officer, Mike Lyborg, and host Akira Brand as we discuss the value of cybersecurity marketplaces from a CISO perspective. Through insightful discussions, unpack the connection between outcomes-driven solutions and tangib…YOUTUBE.COM
30 MayAchieving Cyber Resilience, External Cybersecurity & Risk Reduction - Margarita Barre... - ESW VaultOrganizations today are overwhelmed with the sheer magnitude of potential cybersecurity threats and there is plenty of vendor buzz around AI in Security products, but what is the reality? Threat detection and incident response (TDIR) strategy and execution have never been more cr…YOUTUBE.COM
30 MayZero-day flaw in Check Point VPNs is ‘extremely easy’ to exploitCheck Point is the latest security vendor to fix a vulnerability in its technology, which it sells to companies to protect their networks. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
30 MayCybercrime group claims to have stolen data on 560 million Ticketmaster usersCybercrime group ShinyHunters is claiming it has grabbed data from more than half a billion Ticketmaster customers. It has posted screen captures supporting this claim, but there is little in those captures that explicitly establishes a new attack on Ticketmaster or its parent co…CSOONLINE.COM
30 MayThe Threat of Deepfakes to Remote Identity Verification Systems - Andrew Bud - IDV24 #2Remote identity verification is one of the biggest challenges in the digital age, especially with the use of AI-generated deepfakes which are now impossible to distinguish from real imagery with the human eye. AI-powered biometrics have emerged as the most robust defense against …YOUTUBE.COM
30 May‘Operation Endgame’ deals major blow to malware distribution botnetsIn what Europol calls the largest-ever takedown operation against botnets, law enforcement agencies from different countries managed to disrupt the infrastructure, seize assets, and arrest suspects behind some of the most widespread malware droppers. Malware droppers are maliciou…CSOONLINE.COM
30 MayRedTail Cryptomining Malware Exploits PAN-OS VulnerabilityThreat Actors Mirror the Tactics of North Korea's Lazarus Group Cryptomining malware that might be North Korean in origin is targeting edge devices, including a zero-day in Palo Alto Networks' custom operating system that the company hurriedly patched in April. It appears threat …DATABREACHTODAY.CO.UK
30 MayMultiple Vulnerabilities in LenelS2 NetBox Could Allow for Arbitrary Code ExecutionMultiple vulnerabilities have been discovered in LenelS2 NetBox, the most severe of which could allow for arbitrary code execution. LenelS2 NetBox is a browser-based enterprise access control and event monitoring system designed for deployments with demanding security requirement…CISECURITY.ORG
📢 SECURITY ADVISORIES 4[−]
30 MayMassive 911 S5 Botnet Dismantled, Chinese Mastermind ArrestedThe US announced that the 911 S5 (Cloud Router) botnet, likely the world’s largest, has been dismantled and its administrator arrested. The post Massive 911 S5 Botnet Dismantled, Chinese Mastermind Arrested appeared first on SecurityWeek .SECURITYWEEK.COM
30 MayImportant details about CIRCIA ransomware reportingIn March 2022, the Biden Administration signed into law the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA). This landmark legislation tasks the Cybersecurity and Infrastructure Security Agency (CISA) to develop and implement regulations requiring covere…SECURITYINTELLIGENCE.COM
30 MayCloudflare Buys BastionZero to Guard Critical InfrastructureAcquisition of Zero Trust Tool Secures Remote Access to Critical IT Infrastructure Cloudflare acquired BastionZero to provide its platform with enhanced zero trust controls for servers, Kubernetes clusters and databases. The purchase aims to secure remote access, improve complian…DATABREACHTODAY.CO.UK
30 MayCyber Security Today, May 31, 2024 - Hundreds of thousands of routers are wiped, warnings to Okta and Snowflake administrators, and moreThis episode reports on police takedowns of criminal IT infrastructure, and moreCYBERSECURITYTODAY.LIBSYN.COM
🔥 INCIDENT REPORTING 13[−]
30 MayHackers Claiming Shell Data Breach On Popular Hacking ForumIn a shocking revelation, a threat actor has allegedly leaked sensitive data belonging to Shell, one of the world’s leading energy companies. According to a tweet from Data Web Informer, the May 2024 data was posted on a popular hacking forum, raising significant concerns a…GBHACKERS.COM
30 MayRansomware Attack Disrupts Seattle Public Library ServicesThe Seattle Public Library is scrambling to bring systems online after shutting them down to contain a ransomware attack. The post Ransomware Attack Disrupts Seattle Public Library Services appeared first on SecurityWeek .SECURITYWEEK.COM
30 MayFBCS Data Breach Impact Grows to 3.2 Million IndividualsThe data breach at debt collection agency Financial Business and Consumer Solutions (FBCS) impacts 3.2 million individuals. The post FBCS Data Breach Impact Grows to 3.2 Million Individuals appeared first on SecurityWeek .SECURITYWEEK.COM
30 MayCooler Master confirms customer info stolen in data breachComputer hardware manufacturer Cooler Master has confirmed that it suffered a data breach on May 19, allowing a threat actor to steal customer data. [...]BLEEPINGCOMPUTER.COM
30 MayEverbridge warns of corporate systems breach exposing business dataEverbridge, an American software company focused on crisis management and public warning solutions, notified customers that unknown attackers had accessed files containing business and user data in a recent corporate systems breach. [...]BLEEPINGCOMPUTER.COM
30 MayCyber Espionage Alert: LilacSquid Targets IT, Energy, and Pharma SectorsA previously undocumented cyber espionage-focused threat actor named LilacSquid has been linked to targeted attacks spanning various sectors in the United States (U.S.), Europe, and Asia as part of a data theft campaign since at least 2021. "The campaign is geared toward establis…THEHACKERNEWS.COM
30 MayStolen Ticketmaster Data Advertised on Rebooted BreachForumsShinyHunters Fronting for Threat Group That Allegedly Infiltrated AWS Instances A massive quantity of data allegedly stolen from Ticketmaster is being offered for sale on the BreachForums data leak site, which has been freshly rebooted following a recent FBI-led seizure. The alle…DATABREACHTODAY.CO.UK
30 MayBreach Roundup: Google AI Blunders Go ViralAlso: Okta Alert on Credential Stuffing; Data Breaches in Spain This week, Google AI search provided wrong answers, Internet Archive suffered DDos attack, Okta warned of credential stuffing, Canada shut down two tech firms, attackers delivered malware with Stack Overflow, Telefón…DATABREACHTODAY.CO.UK
30 MayData of 560 million Ticketmaster customers for sale after alleged breachA threat group known as ShinyHunters is selling what they claim is the personal and financial information of 560 million Ticketmaster customers on the recently revived BreachForums hacking forum for $500,000. [...]BLEEPINGCOMPUTER.COM
30 MayInternet-Exposed OT Devices at Risk Amid Israel-Hamas WarCyberattack on Aliquippa Water Plant Highlights Vulnerabilities in OT Systems The onset of war between Israel and Hamas led to a spike in cyberattacks against operational technology, says Microsoft in a warning to critical infrastructure operators about the dangers of internet-ex…DATABREACHTODAY.CO.UK
30 MayHospital Allegedly Skirting Ransomware Death Suit SettlementAttorneys Say Hospital Is Reneging on Paying Up in Case Involving Baby's Death Six weeks after an Alabama hospital settled the first-ever death claim related to a ransomware attack, attorneys representing the mother of the baby who died - allegedly from birth complications relate…DATABREACHTODAY.CO.UK
30 MayNext-Gen Fraud Strategies Use Data to Onboard Customers Safely - Chris Meyer - IDV24 #2The criminal opportunity shaping the landscape today and how authoritative, accurate and automated processes are helping others increase their conversion rates by 20% while preventing 99% of all fraudulent attempts. What is the Criminal Opportunity facing us all right now? Data b…YOUTUBE.COM
🕵️ THREAT INTELLIGENCE 16[−]
30 MayISC Stormcast For Thursday, May 30th, 2024 https://isc.sans.edu/podcastdetail/9002, (Thu, May 30th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
30 MayChinese national cuffed on charges of running 'likely the world's largest botnet ever'submitted by 0nekoneko7 to securitynews 1 points | 0 comments https://www.theregister.com/2024/05/29/911s5_botnet_arrest/THEREGISTER.COM
30 MayCould someone explain to me exactly what this feature is?submitted by Kalcifer to cybersecurity 1 points | 0 comments https://www.phoronix.com/news/Linux-610-TPM-Encrypt-Integrity I’m a little confused with this article. Is it talking about implementing TPM parameter encryption? If so, does this mean that the TPM bus prior to kernel v6…PHORONIX.COM
30 MayOkta Warns of Credential Stuffing Attacks Targeting Customer Identity CloudOkta is warning that a cross-origin authentication feature in Customer Identity Cloud (CIC) is susceptible to credential stuffing attacks orchestrated by threat actors. "We observed that the endpoints used to support the cross-origin authentication feature being attacked via cred…THEHACKERNEWS.COM
30 MayU.S. Dismantles World's Largest 911 S5 Botnet, with 19 Million Infected DevicesThe U.S. Department of Justice (DoJ) on Wednesday said it dismantled what it described as "likely the world's largest botnet ever," which consisted of an army of 19 million infected devices that was leased to other threat actors to commit a wide array of offenses. The botnet, whi…THEHACKERNEWS.COM
30 MaySupply Chain Attack against Courtroom SoftwareNo word on how this backdoor was installed: A software maker serving more than 10,000 courtrooms throughout the world hosted an application update containing a hidden backdoor that maintained persistent communication with a malicious website, researchers reported Thursday, in the…SCHNEIER.COM
30 MayOkta Warns of Credential Stuffing Attacks Targeting Cross-Origin AuthenticationOkta raises the alarm on credential stuffing attacks targeting endpoints used for cross-origin authentication. The post Okta Warns of Credential Stuffing Attacks Targeting Cross-Origin Authentication appeared first on SecurityWeek .SECURITYWEEK.COM
30 May8 Degrees of Secure Access Service EdgeAssembling a diverse team, outlining clear objectives, and meticulously assessing your network landscape can enable organizations to successfully navigate SASE migration without hiccups and pitfalls. The post 8 Degrees of Secure Access Service Edge appeared first on SecurityWeek …SECURITYWEEK.COM
30 MayCryptoChameleon Kit With Group of Tools Propagate Phishing Quickly into InfrastructureCryptoChameleon, a phishing tool detected in February 2024, was developed by someone anonymous and is used by threat actors to collect personal data such as usernames and passwords of mobile phone users. A thorough investigation has exposed many CryptoChameleon fast-flux indicato…GBHACKERS.COM
30 MaySmashing Security podcast #374: Microsoft’s Recall controversy, and the North Korean insider threatMicrosoft gets itself into a pickle with a privacy-popping new feature on its CoPilot+ PCs, the FTC warns of impersonated companies, and is your company hiring North Korean IT workers? All this and much much more is discussed in the latest edition of the “Smashing Security” podca…GRAHAMCLULEY.COM
30 MayMystery Malware Destroys 600,000 Routers From a Single ISP During 72-hour Spansubmitted by 0nekoneko7 to securitynews 3 points | 0 comments https://it.slashdot.org/story/24/05/30/165253/mystery-malware-destroys-600000-routers-from-a-single-isp-during-72-hour-spanIT.SLASHDOT.ORG
30 MayCloudflare Expands Zero Trust Capabilities with Acquisition of BastionZeroCloudlfare acquires Boston seed-stage startup BastionZero to bolster its Zero Trust Network Access technology portfolio. The post Cloudflare Expands Zero Trust Capabilities with Acquisition of BastionZero appeared first on SecurityWeek .SECURITYWEEK.COM
30 MayMicrosoft’s Windows Recall: Cutting-Edge Search Tech or Creepy Overreach?SecurityWeek editor-at-large Ryan Naraine examines the broad tension between tech innovation and privacy rights at a time when ChatGPT-like bots and generative-AI apps are starting to dominate the landscape. The post Microsoft’s Windows Recall: Cutting-Edge Search Tech or C…SECURITYWEEK.COM
30 MayInvesting in Cloud Infrastructure in the Kingdom of Saudi ArabiaSaudi Arabia's announces Data Cybersecurity Controls, Operational Technology Cybersecurity Controls and passing the Personal Data Protection Law. The post Investing in Cloud Infrastructure in the Kingdom of Saudi Arabia appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
30 MayCryptohack Roundup: FTX Paid Off WhistleblowersAlso: Guilty Pleas - Lots of Them This week, FTX paid $25 million to whistleblowers, former FTX co-CEO Ryan Salame was sentenced, guilty pleas were entered in the cases of a $47 million embezzlement, a $37 million theft and a $9.5 million fraud, and a woman was sentenced in a $10…DATABREACHTODAY.CO.UK
30 MayExposed and vulnerable: Recent attacks highlight critical need to protect internet-exposed OT devicesSince late 2023, Microsoft has observed an increase in reports of attacks focusing on internet-exposed, poorly secured operational technology (OT) devices. Internet-exposed OT equipment in water and wastewater systems (WWS) in the US were targeted in multiple attacks over the pas…MICROSOFT.COM
🌐 CYBER THREAT LANDSCAPE 10[−]
30 MayTransatlantic Cable podcast episode 349 | Kaspersky official blogEpisode 349 of the Kaspersky podcast covers topics including misinformation during disasters, car theft tricks, and a dark web market bust.KASPERSKY.COM
30 MaymacOS version of elusive 'LightSpy' spyware tool discoveredA macOS version of the LightSpy surveillance framework has been discovered, confirming the extensive reach of a tool only previously known for targeting Android and iOS devices. [...]BLEEPINGCOMPUTER.COM
30 MayHow malware authors play with the LNK file formatWe did a quick study on the most common ways to deliver malware through LNK files.QUARKSLAB.COM
30 MayKVRT for Linux: malware scanner for Linux systems | Kaspersky official blogKaspersky Virus Removal Tool (KVRT), a free application for scanning Linux systems for known malware.KASPERSKY.COM
30 MayMalware botnet bricked 600,000 routers in mysterious 2023 eventA malware botnet named 'Pumpkin Eclipse' performed a mysterious destructive event in 2023 that took 600,000 office/home office (SOHO) internet routers offline, according to a new report by researchers at Lumen's Black Lotus Labs. [...]BLEEPINGCOMPUTER.COM
30 MayMalware botnet bricked 600,000 routers in mysterious 2023 attackA malware botnet named 'Pumpkin Eclipse' performed a mysterious destructive event in 2023 that took 600,000 office/home office (SOHO) internet routers offline, according to a new report by researchers at Lumen's Black Lotus Labs. [...]BLEEPINGCOMPUTER.COM
30 MayPirated Microsoft Office delivers malware cocktail on systemsCybercriminals are distributing a malware cocktail through cracked versions of Microsoft Office promoted on torrent sites. [...]BLEEPINGCOMPUTER.COM
📡 INFOSEC NEWS 9[−]
30 MayHow to Build Your Autonomous SOC StrategySecurity leaders are in a tricky position trying to discern how much new AI-driven cybersecurity tools could actually benefit a security operations center (SOC). The hype about generative AI is still everywhere, but security teams have to live in reality. They face constantly inc…THEHACKERNEWS.COM
30 MayDownload our data security posture management (DSPM) enterprise buyer’s guideFrom the editors of CSO, this enterprise buyer’s guide helps security IT staff understand what data security posture management (DSPM) can do for their organizations and how to choose the right solution.US.RESOURCES.CSOONLINE.COM
30 MayIntroducing Sophos Central Custom DashboardsThe new flexible, interactive custom dashboard experience uses actionable data to optimize user operations and workflows.SOPHOS.COM
30 MayWhy Barracuda Networks Is Eyeing MSP Platform Vendor N-ableN-able Eyeing a Tech, PE Exit Less Than 3 Years After Spinning Off From SolarWinds Barracuda is looking to extend its tentacles beyond security and into remote monitoring and management through the purchase of MSP platform provider N-able, Reuters reported. The Silicon Valley-bas…DATABREACHTODAY.CO.UK
30 MayMicrosoft: Windows 11 preview update causes taskbar crashesMicrosoft warned customers on Thursday that the May 2024 non-security preview update for Windows 11 is causing taskbar crashes and glitches. [...]BLEEPINGCOMPUTER.COM
30 MayAI in HR: Is artificial intelligence changing how we hire employees forever?Much digital ink has been spilled on artificial intelligence taking over jobs, but what about AI shaking up the hiring process in the meantime?WELIVESECURITY.COM