🚨 CISA KEV 1[−]
4 Jun KEVCISA Warns of Attacks Exploiting Old Oracle WebLogic VulnerabilityCISA has added an old Oracle WebLogic flaw tracked as CVE-2017-3506 to its known exploited vulnerabilities catalog. The post CISA Warns of Attacks Exploiting Old Oracle WebLogic Vulnerability appeared first on SecurityWeek .SECURITYWEEK.COM
🐛 COMMON VULNERABILITIES AND EXPOSURES 9[−]
4 Jun KEVOracle WebLogic Server OS Command Injection Flaw Under Active AttackThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a security flaw impacting the Oracle WebLogic Server to the Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. Tracked as CVE-2017-3506 (CVSS score: 7.4), the is…THEHACKERNEWS.COM
4 JunBreach and attack simulation tools: Top vendors, key features, how to chooseBreach and attack simulation (BAS) products help organizations understand their security posture by automating the tests of specific threat vectors. BAS typically uses MITRE ATT&CK and Cyber Killchain frameworks to emulate attacks such as network and infiltration, lateral mov…CSOONLINE.COM
4 JunZyxel NAS Devices Vulnerability Let Attackers Execute Code RemotelyZyxel has released patches addressing critical command injection and remote code execution vulnerabilities in two of its NAS products, NAS326 and NAS542, which have reached end-of-vulnerability support. Users are strongly advised to install these patches to ensure optimal protect…GBHACKERS.COM
4 JunAtlassian’s Confluence hit with critical remote code execution bugsAtlassian Confluence Data Center and Server has been hit with a critical remote code execution bug, allowing authenticated threat actors to exploit account privileges and execute arbitrary codes. The vulnerability, tracked as CVE-2024-21683, is assigned a CVSS score of 8.3/10, an…CSOONLINE.COM
4 JunHigh-risk Atlassian Confluence RCE fixed, PoC available (CVE-2024-21683)submitted by kid to cybersecurity 1 points | 0 comments https://www.helpnetsecurity.com/2024/06/03/cve-2024-21683-poc/HELPNETSECURITY.COM
4 JunOpen Source Software Supply Chain Security & The Real Crisis Behind XZ Utils - Luis Villa - ASW #287Open source has been a part of the software supply chain for decades, yet many projects and their maintainers remain undersupported by the companies that consume them. The security responsibilities for project owners has increased not only in dealing with security disclosures, bu…YOUTUBE.COM
4 JunTelerik Report Server Flaw Could Let Attackers Create Rogue Admin AccountsProgress Software has rolled out updates to address a critical security flaw impacting the Telerik Report Server that could be potentially exploited by a remote attacker to bypass authentication and create rogue administrator users. The issue, tracked as CVE-2024-4358, carries a …THEHACKERNEWS.COM
4 JunNIST is finally getting help with the National Vulnerability Database backlogMaryland-based security firm Analygence has landed the job of helping the National Institute of Standards and Technology (NIST) reduce mounting backlog of entries in the US National Vulnerability Database (NVD), an agency representative said Tuesday. “I can confirm that Analygenc…CSOONLINE.COM
⚠️ VULNERABILITY DISCLOSURE 14[−]
4 JunCISM certification: Requirements, training, exam, and costWhat is CISM? Certified Information Security Manager (CISM) is an advanced certification for IT and cybersecurity professionals that demonstrates they ability to develop and manage an infosec program at the enterprise level. CISM is offered by ISACA, a nonprofit professional asso…CSOONLINE.COM
4 JunSnowflake Warns: Targeted Credential Theft Campaign Hits Cloud CustomersCloud computing and analytics company Snowflake said a "limited number" of its customers have been singled out as part of a targeted campaign. "We have not identified evidence suggesting this activity was caused by a vulnerability, misconfiguration, or breach of Snowflake’s platf…THEHACKERNEWS.COM
4 JunEnhance NIS2 Compliance: Elevate Your Cybersecurity with Awareness & Culture Before The DeadlineThe NIS2 Directive, also known as the Network and Information Security Directive, is a crucial piece of legislation designed to enhance cybersecurity and protect critical infrastructure across the European Union (EU). Building on the previous NIS Directive, it addresses its short…KNOWBE4.COM
4 JunThe Next Generation of RBI (Remote Browser Isolation)The landscape of browser security has undergone significant changes over the past decade. While Browser Isolation was once considered the gold standard for protecting against browser exploits and malware downloads, it has become increasingly inadequate and insecure in today's Saa…THEHACKERNEWS.COM
4 JunProgress Patches Critical Vulnerability in Telerik Report ServerA critical vulnerability in the Progress Telerik Report Server could allow unauthenticated attackers to access restricted functionality. The post Progress Patches Critical Vulnerability in Telerik Report Server appeared first on SecurityWeek .SECURITYWEEK.COM
4 JunCISA Releases Four Industrial Control Systems AdvisoriesCISA released four Industrial Control Systems (ICS) advisories on June 4, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-156-01 Uniview NVR301-04S2-P4 ICSA-23-278-03 Mitsubishi Electric CC-Li…CISA.GOV
4 JunDetails of Atlassian Confluence RCE Vulnerability DisclosedSonicWall has shared technical details on a recently addressed high-severity remote code execution flaw in Confluence. The post Details of Atlassian Confluence RCE Vulnerability Disclosed appeared first on SecurityWeek .SECURITYWEEK.COM
4 JunDevelopers Beware Of Malicious npm Package That Delivers Sophisticated RATHackers have multiple reasons for abusing malicious npm packages, as they can first use popular open-source libraries as a medium for distributing malware or backdoors without the users’ knowledge. Secondly, allow threat actors to penetrate into developers’ and agenci…GBHACKERS.COM
4 JunZyxel issues emergency RCE patch for end-of-life NAS devicesZyxel Networks has released an emergency security update to address three critical vulnerabilities impacting older NAS devices that have reached end-of-life. [...]BLEEPINGCOMPUTER.COM
4 JunMajor service tag security problems reported in Microsoft AzureTenable Research has reported a vulnerability in Microsoft Azure service tags that “allows an attacker to bypass firewall rules … by forging requests from trusted services.” “The vulnerability was discovered initially in the Azure Application Insights service, but we and the Micr…CSOONLINE.COM
4 JunTikTok acknowledges exploit targeting high-profile accountsThe malicious attack appears to have involved malware transmitted through TikTok's DMs. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
4 JunCox Communications Patches Newly Discovered Critical API BugSecurity Researcher Says Flaw Came From 700 Exposed APIs Belonging to Cox An independent security researcher discovered a critical flaw in the backend infrastructure of the largest broadband provider in the United States that, if exploited, could have left millions of business cu…DATABREACHTODAY.CO.UK
4 JunTikTok fixes zero-day bug used to hijack high-profile accountsOver the past week, attackers have hijacked high-profile TikTok accounts belonging to multiple companies and celebrities, exploiting a zero-day vulnerability in the social media's direct messages feature. [...]BLEEPINGCOMPUTER.COM
4 JunMultiple Vulnerabilities in Progress Telerik Report Server Could Allow for Remote Code ExecutionMultiple vulnerabilities have been discovered in Progress Telerik Report Server, which could allow for remote code execution. Telerik Report Server provides centralized management for Progress’ business intelligence reporting suite through a web application. Successful chain expl…CISECURITY.ORG
📋 SECURITY BULLETINS 1[−]
4 Jun37 Vulnerabilities Patched in AndroidAndroid’s June 2024 security update resolves 37 vulnerabilities, including high-severity flaws in Framework and System. The post 37 Vulnerabilities Patched in Android appeared first on SecurityWeek .SECURITYWEEK.COM
📢 SECURITY ADVISORIES 2[−]
🔥 INCIDENT REPORTING 15[−]
4 JunDarkGate Malware Replaces AutoIt with AutoHotkey in Latest Cyber AttacksCyber attacks involving the DarkGate malware-as-a-service (MaaS) operation have shifted away from AutoIt scripts to an AutoHotkey mechanism to deliver the last stages, underscoring continued efforts on the part of the threat actors to continuously stay ahead of the detection curv…THEHACKERNEWS.COM
4 JunUnderground Ransomware Continues to Attack Industries Of Various SizesOver the past year, the ransomware actor known as “Underground” has been less active than other groups, yet they remain a threat in the cybersecurity landscape. Despite their reduced activity, Underground continues to target industries of various sizes, causing substa…GBHACKERS.COM
4 JunRansomware Group Creation Touched Yearly All Time HighThe ransomware landscape is rapidly diversifying in 2024, with a surge in new extortion groups as established attackers continue to target large companies. A record number of smaller groups are emerging—22 in just five months compared to 22 in a prior 30-month period. The growth …GBHACKERS.COM
4 JunHackers Use MS Excel Macro to Launch Multi-Stage Malware Attack in UkraineA new sophisticated cyber attack has been observed targeting endpoints geolocated to Ukraine with an aim to deploy Cobalt Strike and seize control of the compromised hosts. The attack chain, per Fortinet FortiGuard Labs, involves a Microsoft Excel file that carries an embedded VB…THEHACKERNEWS.COM
4 JunRansomware Group Claims Cyberattack on Frontier CommunicationsThe RansomHub ransomware group claims to have stolen the information of over 2 million Frontier Communications customers. The post Ransomware Group Claims Cyberattack on Frontier Communications appeared first on SecurityWeek .SECURITYWEEK.COM
4 JunMajor London hospitals disrupted by Synnovis cyberattackA cyberattack affecting pathology and diagnostic services provider Synnovis has impacted healthcare services at multiple major NHS hospitals in London. [...]BLEEPINGCOMPUTER.COM
4 JunRussian Power Companies, IT Firms, and Govt Agencies Hit by Decoy Dog TrojanRussian organizations are at the receiving end of cyber attacks that have been found to deliver a Windows version of a malware called Decoy Dog. Cybersecurity company Positive Technologies is tracking the activity cluster under the name Operation Lahat, attributing it to an advan…THEHACKERNEWS.COM
4 JunRussian Cyberthreat Looms Over Paris OlympicsCyberespionage, Hack-and-Leak and Disinformation Are All Possibilities Russia-aligned actors, including intelligence agency threat actors and hacktivists, are at high risk for carrying out cyberattacks and disinformation campaigns against organizations linked to the Paris Olympic…DATABREACHTODAY.CO.UK
4 JunMajor London hospitals disrupted by Synnovis ransomware attackA ransomware attack affecting pathology and diagnostic services provider Synnovis has impacted healthcare services at multiple major NHS hospitals in London. [...]BLEEPINGCOMPUTER.COM
4 JunEmail Compromise Continues to Dominate as Top Threat Incident Type as Tactics EvolveAs email compromise attacks increase, analysis of tactics provides context on how organizations need to evolve their defenses.KNOWBE4.COM
4 JunCritical incident declared as ransomware attack disrupts multiple London hospitalssubmitted by kid to cybersecurity 1 points | 0 comments https://therecord.media/london-hospitals-ransomware-attack-critical-incident-declaredTHERECORD.MEDIA
4 JunHackers Claim They Breached Australian Logistics CompanyThreat Actor GhostR Says They Stole 846 GB of Data Financially motivated hackers with a track record of data breaches claimed on a criminal forum that they stole data from Australian logistics company Victorian Freight Specialists. GhostR said in a Tuesday post on BreachForums th…DATABREACHTODAY.CO.UK
4 JunARRL says it was hacked by an "international cyber group"American Radio Relay League (ARRL) has shared more information about a May cyberattack that took its Logbook of the World offline and caused some members to become frustrated over the lack of information. [...]BLEEPINGCOMPUTER.COM
4 JunUK Vendor's Attack Disrupts Care at London NHS HospitalsLondon Incident Is Latest Major Ongoing Outage From Recent Ransomware Attacks A cyberattack on a U.K. laboratory services provider is disrupting patient care and testing services at several London-based NHS hospitals and other care facilities. Meanwhile, in the U.S., Ascension is…DATABREACHTODAY.CO.UK
4 JunAustralian mining company discloses breach after BianLian leaks dataNorthern Minerals issued an announcement earlier today warning that it suffered a cybersecurity breach resulting in some of its stolen data being published on the dark web. [...]BLEEPINGCOMPUTER.COM
🕵️ THREAT INTELLIGENCE 19[−]
4 JunISC Stormcast For Tuesday, June 4th, 2024 https://isc.sans.edu/podcastdetail/9008, (Tue, Jun 4th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
4 Jun146: ANOMIn this episode, Joseph Cox (https://x.com/josephfcox) tells us the story of anom. A secure phone made by criminals, for criminals. This story comes from part of Joseph’s book “Dark Wire” which you should definitely read. Get yours here https://www.hachettebookgroup.com/titles/jo…DARKNETDIARIES.COM
4 JunCybersecurity M&A Roundup: 28 Deals Announced in May 2024Roundup of the more than two dozen cybersecurity-related merger and acquisition (M&A) deals announced in May 2024. The post Cybersecurity M&A Roundup: 28 Deals Announced in May 2024 appeared first on SecurityWeek .SECURITYWEEK.COM
4 JunVulnerabilities Exposed Millions of Cox Modems to Remote HackingCox recently patched a series of vulnerabilities that could have allowed hackers to remotely take control of millions of modems. The post Vulnerabilities Exposed Millions of Cox Modems to Remote Hacking appeared first on SecurityWeek .SECURITYWEEK.COM
4 JunBreaking a Password ManagerInteresting story of breaking the security of the RoboForm password manager in order to recover a cryptocurrency wallet password. Grand and Bruno spent months reverse engineering the version of the RoboForm program that they thought Michael had used in 2013 and found that the pse…SCHNEIER.COM
4 JunRussian Hackers In Attempt To Distrupt The 2024 Paris Olympic GamesRussia is intensifying disinformation campaigns against France, President Macron, the IOC, and the 2024 Paris Olympics, blending decades-old tactics with AI, as the Microsoft Threat Analysis Center (MTAC) identifies two primary goals: tarnishing the IOC’s reputation and fos…GBHACKERS.COM
4 JunCybercriminals attack banking customers in EU with V3B phishing kitsubmitted by kid to cybersecurity 1 points | 0 comments https://www.resecurity.com/blog/article/cybercriminals-attack-banking-customers-in-eu-with-v3b-phishing-kitRESECURITY.COM
4 JunAPT28 targets key networks in Europe with HeadLace malwaresubmitted by kid to cybersecurity 1 points | 0 comments https://securityaffairs.com/164061/apt/apt28-headlace-malware-europe.htmlSECURITYAFFAIRS.COM
4 Jun[NEW RESEARCH]: KnowBe4’s 2024 Phishing by Industry Benchmarking Report Reveals that 34.3% of Untrained End Users Will Fail a Phishing TestThe prevalence of cyber crime continues to soar, victimizing individuals in both their work and private lives. Cybercriminals are indiscriminate, targeting around the clock and across the globe. KNOWBE4.COM
4 JunCyberheistNews Vol 14 #23 [SPECIAL] The Hard Evidence That Phishing Training and Testing Really Works GreatKNOWBE4.COM
4 JunPoint Vs. Platform: Improving TCO Cost/Benefit - Patrick Benoit - CSP #177CISOs must prioritize the intelligent selection of cybersecurity products by considering the total cost of ownership (TCO) and whether point products or platforms are best suited. This includes the costs of deployment and operations for people, processes, and technology, as well …YOUTUBE.COM
4 JunBots are Taking Over the Internet & Defining ASPM - Idan Plotnik, Erez Hasson - ASW #287Application security posture management has quickly become a hot commodity in the world of AppSec, but questions remain around what is defined by ASPM. Vendors have cropped up from different corners of the AppSec space to help security teams make their programs more effective, im…YOUTUBE.COM
4 JunRSAC Fireside Chat: Bedrock Security introduces advanced approach to “commoditize” data discoveryBusiness data today gets scattered far and wide across distributed infrastructure. Just knowing where to look – or even how to look – much less enforcing security policies, has become next to impossible for many organizations. At RSAC 2024 , … (more…) The post RSAC Fireside…LASTWATCHDOG.COM
4 JunBest Buy/Geek Squad Impersonation Scams Surged in 2023The US Federal Trade Commission (FTC) has found that Best Buy, and its tech support subsidiary Geek Squad, were the most commonly impersonated brands by scammers in 2023.KNOWBE4.COM
4 JunBCNF, Azure, Roaring Kitty, Hugging Face, Okta, Linux, Oracle, Josh Marpet... - SWN #390Boyce Codd Normal Form, Azure, Roaring Kitty, Hugging Face, Okta, Linux, Oracle, Josh Marpet and more, are on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-390YOUTUBE.COM
4 JunFormer OpenAI Employees Lead Push to Protect Whistleblowers Flagging Artificial Intelligence RisksA group of OpenAI’s current and former workers is calling for AI firms to protect whistleblowing employees who flag safety risks about AI technology. The post Former OpenAI Employees Lead Push to Protect Whistleblowers Flagging Artificial Intelligence Risks appeared first on Secu…SECURITYWEEK.COM
4 JunA SANS's 2024 Threat-Hunting Survey ReviewIn its ninth year, the annual SANS Threat Hunting Survey delves into global organizational practices in threat hunting, shedding light on the challenges and adaptations in the landscape over the past year.TRENDMICRO.COM
4 JunAI jailbreaks: What they are and how they can be mitigatedMicrosoft security researchers, in partnership with other security experts, continue to proactively explore and discover new types of AI model and system vulnerabilities. In this post we are providing information about AI jailbreaks, a family of vulnerabilities that can occur whe…MICROSOFT.COM
4 JunThe four stages of creating a trust fabric with identity and network securityThe trust fabric journey has four stages of maturity for organizations working to evaluate, improve, and evolve their identity and network access security posture. The post The four stages of creating a trust fabric with identity and network security appeared first on Microsoft S…MICROSOFT.COM
🌐 CYBER THREAT LANDSCAPE 2[−]
4 JunE-mail attacks on the hotel business | Kaspersky official blogPhishing and malware in e-mails to hotel employees, disguised as ordinary correspondence from previous or potential guests.KASPERSKY.COM
4 JunThe AI Fix #3: The AI Olympics, WTF is AGI, and ChatGPT is downIn this week's episode of The AI Fix podcast, Graham and Mark tackle the latest news from the world of AI and discover an unusual way to stop Joe Biden deepfakes, ponder the implications of ChatGPT going down, and discuss the danger of Daleks armed with venti lattes. Graham tells…GRAHAMCLULEY.COM
📡 INFOSEC NEWS 14[−]
4 JunLive Webinar | Securing the Future: OT Cybersecurity in an Era of Remote ConnectivityDATABREACHTODAY.CO.UK
4 JunMicrosoft announces deprecation of Windows NTLM authenticationMicrosoft has officially deprecated NTLM authentication on Windows and Windows servers, stating that developers should transition to Kerberos or Negotiation authentication to prevent problems in the future. [...]BLEEPINGCOMPUTER.COM
4 JunMicrosoft deprecates Windows NTLM authentication protocolMicrosoft has officially deprecated NTLM authentication on Windows and Windows servers, stating that developers should transition to Kerberos or Negotiation authentication to prevent problems in the future. [...]BLEEPINGCOMPUTER.COM
4 JunNew V3B phishing kit targets customers of 54 European banksCybercriminals are promoting a new phishing kit named 'V3B' on Telegram, which currently targets customers of 54 major financial institutes in Ireland, the Netherlands, Finland, Austria, Germany, France, Belgium, Greece, Luxembourg, and Italy. [...]BLEEPINGCOMPUTER.COM
4 JunMicrosoft announces first Windows 10 Beta build since 2021Microsoft has reopened the Windows 10 beta channel and is asking Insiders to join or switch to receive a new beta build in the coming weeks. [...]BLEEPINGCOMPUTER.COM
4 JunFBI warns of fake remote work ads used for cryptocurrency fraudToday, the FBI issued a warning about scammers using fake remote job ads to steal cryptocurrency from job seekers across the United States while posing as recruiters for legitimate companies. [...]BLEEPINGCOMPUTER.COM
4 JunWhy Tenable Is Eyeing Israeli Data Security Startup EurekaIBM, Rubrik, Palo Alto & CrowdStrike All Bought into DSPM. Will Tenable Join Them? IBM, Rubrik, Palo Alto Networks and CrowdStrike entered the red-hot data security posture management market with nine-figure deals announced between May 2023 and March 2024. Now, Tenable reportedly…DATABREACHTODAY.CO.UK