71Articles
5Categories
2024-06-05Date
⚠️ VULNERABILITY DISCLOSURE 17[−]
5 JunUnauthorized AI is eating your company data, thanks to your employeesEmployees at many organizations are engaging in widespread use of unauthorized AI models behind the backs of their CIOs and CISOs, according to a recent study. Employees are sharing company legal documents, source code, and employee information with unlicensed, non-corporate vers…CSOONLINE.COM
5 JunCelebrity TikTok Accounts Compromised Using Zero-Click Attack via DMsPopular video-sharing platform TikTok has acknowledged a security issue that has been exploited by threat actors to take control of high-profile accounts on the platform. The development was first reported by Semafor and Forbes, which detailed a zero-click account takeover campai…THEHACKERNEWS.COM
5 JunRSAC Fireside Chat: Seclore advances ‘EDRM’ by aligning granular controls onto sensitive dataDigital rights management ( DRM ) has come a long way since Hollywood first recognized in the 1990s that it needed to rigorously protect digital music and movies. By the mid-2000s a branch called enterprise digital rights management ( EDRM … (more…) The post RSAC Fireside C…LASTWATCHDOG.COM
5 JunZyxel Releases Patches for Firmware Vulnerabilities in EoL NAS ModelsZyxel has released security updates to address critical flaws impacting two of its network-attached storage (NAS) devices that have currently reached end-of-life (EoL) status. Successful exploitation of three of the five vulnerabilities could permit an unauthenticated attacker to…THEHACKERNEWS.COM
5 JunDarkcrystal RAT Malware Attacking Government Officials Via Signal MessengerCybersecurity experts have discovered that the widely used messaging application Signal is being exploited to deliver DarkCrystal RAT malware to high-profile targets, including government officials, military personnel, and representatives of defense enterprises in Ukraine. The In…GBHACKERS.COM
5 JunCyber Security Today, June 5, 2024 - New threat actor going after American IT firms, Canada's Auditor General slams federal cybercrime-fighting agenciesThis episode reports on vulnerabilities in unpatched versions of Progress Software's Telerik Report Server, the spread of the Remcos remote access trojan, and moreCYBERSECURITYTODAY.LIBSYN.COM
5 JunArctic Wolf sniffs out new ransomware variantArctic Wolf’s incident response team has identified a new ransomware variant, referred to as Fog — targeting the education and recreation sectors in the US — presumably for easy infection and quicker payday. Called a ransomware “variant” specifically to distinguish from a “group”…CSOONLINE.COM
5 JunBeware Of Phishing Emails Prompting Execution Via Paste (CTRL+V)Phishing attackers are distributing malicious HTML files as email attachments, containing code designed to exploit users by prompting them to directly paste and execute the code, which leverages social engineering, as users are tricked into running the malicious code themselves b…GBHACKERS.COM
5 JunCloud security challenges are growing. Here’s why traditional SOC tools are failing to address themThe cloud will become a cornerstone of enterprise operations as IDC estimates that by 2025, there will be over 750 million cloud-native applications globally. Additionally, over 90% of organizations anticipate employing a multi-cloud approach over the next few years. Considering …CSOONLINE.COM
5 JunBrute Force Attacks Against Watchguard VPN Endpoints, (Wed, Jun 5th)If you have a pulse and work in information security (or are a new scraping script without a pulse), you have probably seen reports of attacks against VPN endpoints. Running any VPN without strong authentication has been negligent for years, but in recent times, ransomware gangs,…ISC.SANS.EDU
5 JunTikTok Zero-Click vulnerability: what to know? | Kaspersky official blogA recent zero-click vulnerability in TikTok has led to high-profile accounts being taken over.KASPERSKY.COM
5 JunNavigating AI disruption in cybersecurity: Practical steps for leadersSecurity leaders live under the constant pressure of evolving and scaling threats, technology trends, and business requirements. Many of us have had to play the rough catch-up game when we failed to ‘surf the wave’ of a movement and didn’t have quite the right skilled team ready.…CSOONLINE.COM
5 JunAustralian Mining Giant Confirms BianLian Ransomware AttackNews Comes on Heels of Treasury Forcing Chinese Investors to Divest BianLian Shares Australian mining giant Northern Minerals says cybercriminals stole sensitive corporate secrets from its systems not long after the government forced several Chinese investors to divest their shar…DATABREACHTODAY.CO.UK
5 JunUK Official Touts CHERI for Memory-Safe ComputingCHERI Architecture Enforces Memory Safety in Hardware A U.K. government official on Tuesday touted the potential of a processor designed to prevent memory-based cyberattacks even as he acknowledged commercial hurdles to its widespread adoption. The CHERI processor reduces attack …DATABREACHTODAY.CO.UK
5 JunLong-running Chinese cyberespionage operation targeted Southeast Asian governmentResearchers have uncovered a long-running cyberespionage operation by a possibly state-run Chinese threat actor against an unidentified high-profile government organization from Southeast Asia. The attackers, who launched multiple intrusion campaigns last year against the same ta…CSOONLINE.COM
5 JunZyxel Releases Emergency Security Update for NAS DevicesCompany Addresses Flaws in End-of-Life NAS Devices Networking solutions vendor Zyxel fixed critical vulnerabilities in end-of-life network-attached storage devices that allow remote code execution. It left two vulnerabilities allowing attacks by authenticated local attackers unpa…DATABREACHTODAY.CO.UK
📢 SECURITY ADVISORIES 5[−]
5 JunCisco Patches Webex Bugs Following Exposure of German Government MeetingsCisco has released a security advisory after researchers discovered that the German government’s Webex meetings were exposed. The post Cisco Patches Webex Bugs Following Exposure of German Government Meetings appeared first on SecurityWeek .SECURITYWEEK.COM
5 JunLondon hospitals face days of disruption after ransomware attack on supply chain partnerSeveral large hospitals in Britain’s capital London face days and possibly weeks of disruption after a partner organization was compromised by a potent ransomware attack. The attack on June 3 targeted medical diagnostics company Synnovis, causing huge disruption to pathology and …CSOONLINE.COM
5 JunONCD Urges Congress to Harmonize Cybersecurity RegulationsONCD Director Harry Coker Calls on Congress to Improve Cybersecurity Reciprocity ONCD Director Harry Coker called on Congress to better harmonize cross-sector baseline cybersecurity requirements in regulated industries after years of federal and international guidance. Organizati…DATABREACHTODAY.CO.UK
🔥 INCIDENT REPORTING 17[−]
5 JunThreat Actors Weaponize Excel Files To Attack Windows MachinesAttackers are using malicious Excel files with VBA macros to deploy DLLs and ultimately install Cobalt Strike on compromised Windows machines, which use obfuscation and target specific processes to avoid detection by antivirus software. The attacks appear to target Ukrainian syst…GBHACKERS.COM
5 JunTargetCompany’s Linux Variant Targets ESXi EnvironmentsIn this blog entry, our researchers provide an analysis of TargetCompany ransomware’s Linux variant and how it targets VMware ESXi environments using new methods for payload delivery and execution.TRENDMICRO.COM
5 JunRansomware Gang Leaks Data From Australian Mining CompanyThe BianLian ransomware gang has leaked data allegedly stolen from Australian mining company Northern Minerals. The post Ransomware Gang Leaks Data From Australian Mining Company appeared first on SecurityWeek .SECURITYWEEK.COM
5 JunLondon Hospitals Cancel Operations and Appointments After Being Hit in Ransomware AttackSeveral hospitals in London have canceled operations and appointments after being hit in a ransomware attack. The post London Hospitals Cancel Operations and Appointments After Being Hit in Ransomware Attack appeared first on SecurityWeek .SECURITYWEEK.COM
5 JunOperation Crimson Palace: A Technical Deep DiveSophos Managed Detection and Response initiated a threat hunt across all customers after the detection of abuse of a vulnerable legitimate VMware executable (vmnat.exe) to perform dynamic link library (DLL) side-loading on one customer’s network. In a search for similar incidents…SOPHOS.COM
5 JunRebranded Knight Ransomware Targeting Healthcare and Businesses WorldwideAn analysis of a nascent ransomware strain called RansomHub has revealed it to be an updated and rebranded version of Knight ransomware, itself an evolution of another ransomware known as Cyclops. Knight (aka Cyclops 2.0) ransomware first arrived in May 2023, employing double ext…THEHACKERNEWS.COM
5 JunResurgence of Ransomware: Mandiant Observes Sharp Rise in Criminal Extortion TacticsMandiant saw an increase in ransomware activity in 2023 compared to 2022, including a 75% increase in posts on data leak sites. The post Resurgence of Ransomware: Mandiant Observes Sharp Rise in Criminal Extortion Tactics appeared first on SecurityWeek .SECURITYWEEK.COM
5 JunRansomHub extortion gang linked to now-defunct Knight ransomwareSecurity researchers analyzing the relatively new RansomHub ransomware-as-a-service believe that it has evoloved from the currently defunct Knight ransomware project. [...]BLEEPINGCOMPUTER.COM
5 JunRussian hackers claim cyberattack on Spanish defence companysubmitted by kid to cybersecurity 2 points | 0 comments https://www.reuters.com/technology/cybersecurity/russian-hackers-claim-cyberattack-website-spain-firm-preparing-tanks-ukraine-2024-06-05/REUTERS.COM
5 JunQilin ransomware gang linked to attack on London hospitalsA ransomware attack that hit pathology services provider Synnovis on Monday and impacted several major NHS hospitals in London has now been linked to the Qilin ransomware operation. [...]BLEEPINGCOMPUTER.COM
5 JunClub Penguin fans breached Disney Confluence server, stole 2.5GB of dataClub Penguin fans hacked a Disney Confluence server to steal information about their favorite game but wound up walking away with 2.5 GB of internal corporate data, BleepingComputer has learned. [...]BLEEPINGCOMPUTER.COM
5 JunAdvance Auto Parts stolen data for sale after Snowflake attackThreat actors claim to be selling 3TB of data from Advance Auto Parts, a leading automotive aftermarket parts provider, stolen after breaching the company's Snowflake account. [...]BLEEPINGCOMPUTER.COM
5 JunISMG Editors: Opening Day Overview of InfoSec Europe 2024Panel Discusses Trends in Ransomware, Application Security and Generative AI Information Security Media Group editors are live at InfoSecurity Europe Conference 2024 in London with an overview of opening-day activities and hot topics including the latest ransomware trends, softwa…DATABREACHTODAY.CO.UK
5 JunFBI recovers 7,000 LockBit keys, urges ransomware victims to reach outThe FBI urges past victims of LockBit ransomware attacks to come forward after revealing that it has obtained over 7,000 LockBit decryption keys that they can use to recover encrypted data for free. [...]BLEEPINGCOMPUTER.COM
5 JunHundreds of Snowflake customer passwords found online are linked to info-stealing malwareSnowflake is the latest company in a string of high-profile security incidents and sizable data breaches caused by the lack of MFA. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
5 JunLinux version of TargetCompany ransomware focuses on VMware ESXiResearchers observed a new Linux variant of the TargetCompany ransomware family that targets VMware ESXi environments using a custom shell script to deliver and execute payloads. [...]BLEEPINGCOMPUTER.COM
🕵️ THREAT INTELLIGENCE 20[−]
5 JunISC Stormcast For Wednesday, June 5th, 2024 https://isc.sans.edu/podcastdetail/9010, (Wed, Jun 5th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
5 JunCommand Senior Chief Convicted For Setting Up Wi-Fi On US Navy Combat Ship The former command senior chief of the littoral combat ship Manchester’s gold crew, Senior Chief Grisel Marrero, has been convicted at a court-martial for installing an unauthorized Wi-Fi system aboard the ship and subsequently lying about it to her superiors. The convictio…GBHACKERS.COM
5 JunGeorge Kurtz: CrowdStrike Falcon Driving Cyber ConsolidationCrowdStrike CEO Says Market Embracing AI-Driven Security Platform for Consolidation George Kurtz said CrowdStrike's Falcon platform is leading the way in cybersecurity consolidation, with deals involving cloud, identity or SIEM doubling year-over-year. Customer are seeing signifi…DATABREACHTODAY.CO.UK
5 JunHow Hackers Using Packers To Hide Malware & Bypass DefensesHackers use packers maliciously to make their code difficult to recognize, as most antivirus programs are coded to be able to recognize these packers. The packers initialize and encrypt the original malware payload into a new form, which is hard to detect using signature detectio…GBHACKERS.COM
5 JunMicrosoft Details AI Jailbreaks And How They Can Be MitigatedGenerative AI systems comprise several components and models geared to enhancing human interactions with the system. However, while being as realistic and useful as possible, these models are protected by defense layers against generating misuse or inappropriate content against t…GBHACKERS.COM
5 JunOperation Crimson Palace: Sophos threat hunting unveils multiple clusters of Chinese state-sponsored activity targeting Southeast Asian governmentThreat clusters targeted a government agency for cyberespionage in a campaign that had precursors dating back to early 2022.SOPHOS.COM
5 Jun225,000 More Cybersecurity Workers Needed in US: CyberSeekThere are 1.2 million cybersecurity workers in the US, but 225,000 more are needed to close the talent gap, according to new data. The post 225,000 More Cybersecurity Workers Needed in US: CyberSeek appeared first on SecurityWeek .SECURITYWEEK.COM
5 Jun361 Million Unique Email Credentials Leaked On Telegram ChannelsLast week, a security researcher sent me 122GB of data scraped out of thousands of Telegram channels. It contained 1.7k files with 2B lines and 361M unique email addresses, of which 151M had never been seen in Have I Been Pwned (HIBP) before. Alongside those addresses were passwo…GBHACKERS.COM
5 JunOnline Privacy and OverfishingMicrosoft recently caught state-backed hackers using its generative AI tools to help with their attacks. In the security community, the immediate questions weren’t about how hackers were using the tools (that was utterly predictable), but about how Microsoft figured it out.…SCHNEIER.COM
5 Jun‘NsaRescueAngel’ Backdoor Account Again Discovered in Zyxel ProductsCritical vulnerabilities in discontinued Zyxel NAS products allow unauthenticated attackers to execute arbitrary code and OS commands. The post ‘NsaRescueAngel’ Backdoor Account Again Discovered in Zyxel Products appeared first on SecurityWeek .SECURITYWEEK.COM
5 JunChinese State-Backed Cyber Espionage Targets Southeast Asian GovernmentAn unnamed high-profile government organization in Southeast Asia emerged as the target of a "complex, long-running" Chinese state-sponsored cyber espionage operation codenamed Crimson Palace. "The overall goal behind the campaign was to maintain access to the target network for …THEHACKERNEWS.COM
5 JunWhat are You Working on Wednesdaysubmitted by shellsharks to cybersecurity 3 points | 0 comments Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.INFOSEC.PUB
5 JunChinese South China Sea Cyberespionage Campaign UnearthedSophos Finds 3 Clusters of Activity Dating at Least to May 2023 A government agency in a country that has repeatedly clashed with China over Beijing's territorial ambitions in the South China Sea was the subject of a prolonged cyberespionage campaign that used previously undetect…DATABREACHTODAY.CO.UK
5 JunChinese Hackers Attacking Government Organization In Southeast AsiaSophos Managed Detection and Response (MDR) has uncovered a sophisticated, long-running cyberespionage campaign dubbed “Crimson Palace,” attributed to Chinese state-sponsored actors. The operation targeted a high-profile government organization in Southeast Asia, with…GBHACKERS.COM
5 JunHypr Raises $30 Million for Passwordless AuthenticationPasswordless authentication provider Hypr has received a $30 million investment from Silver Lake Waterman. The post Hypr Raises $30 Million for Passwordless Authentication appeared first on SecurityWeek .SECURITYWEEK.COM
5 JunResearchers Show How Malware Could Steal Windows Recall DataCybersecurity researchers are demonstrating how malware could steal data collected by the new Windows Recall feature. The post Researchers Show How Malware Could Steal Windows Recall Data appeared first on SecurityWeek .SECURITYWEEK.COM
5 JunChinese hacking groups team up in cyber espionage campaignChinese state-sponsored actors have been targeting a government agency since at least March 2023 in a cyberespionage campaign that researchers track as Crimson Palace [...]BLEEPINGCOMPUTER.COM
5 JunManaging Complex Digital Supply Chains - Cassie Crossley - BTS #31Cassie has a long history of successfully managing a variety of security programs. Today, she leads supply chain efforts for a very large product company. We will tackle topics such as software supply chain management, SBOMs, third-party supply chain challenges, asset management,…YOUTUBE.COM
5 JunNominations for CSO30 Australia 2024 openNominations for the 2024 CSO30 Australia Awards have opened. The 2024 CSO30 Awards will be held together with the CIO50 Awards at the Shangri-La Hotel in Sydney on October 17th. The CSO30 Australia is part of Foundry’s global awards program, recognising the top cybersecurity exec…CSOONLINE.COM
5 JunSecurityScorecard Accuses Vendor of Stealing Trade SecretsFirm Claims Safe Security Competed Unfairly, Engaged in 'Skullduggery' SecurityScorecard accused Safe Security and former employee Mary Polyakova in a civil complaint of stealing confidential customer information and engaging in unfair competition. The lawsuit seeks to protect Se…DATABREACHTODAY.CO.UK
📡 INFOSEC NEWS 12[−]
5 JunEMEA Webinar | Mythbusting MDRDATABREACHTODAY.CO.UK
5 JunIntroducing Active Threat Response for Sophos Switch/Sophos Wireless (AP6)Active Threat Response is available now for all Sophos AP6 Series and Switch customers.SOPHOS.COM
5 JunUnpacking 2024's SaaS Threat PredictionsEarly in 2024, Wing Security released its State of SaaS Security report, offering surprising insights into emerging threats and best practices in the SaaS domain. Now, halfway through the year, several SaaS threat predictions from the report have already proven accurate. Fortunat…THEHACKERNEWS.COM
5 JunHow to set up private browsing and incognito mode correctly in 2024 | Kaspersky official blogTips for using incognito mode and advanced private browsing controls.KASPERSKY.COM
5 JunKali Linux 2024.2 released with 18 new tools, Y2038 changesKali Linux has released version 2024.2, the first version of 2024, with eighteen new tools and fixes for the Y2038 bug. [...]BLEEPINGCOMPUTER.COM
5 JunCheck-in terminals used by thousands of hotels leak guest infoAriane Systems self check-in systems installed at thousands of hotels worldwide are vulnerable to a kiosk mode bypass flaw that could allow access to guests' personal information and the keys for other rooms. [...]BLEEPINGCOMPUTER.COM
5 JunGoogle Chrome reduced cookie requests to improve performanceGoogle shared details on a recently introduced Chrome feature that changes how cookies are requested, with early tests showing increased performance across all platforms. [...]BLEEPINGCOMPUTER.COM