89Articles
10Categories
2024-06-12Date
🚨 CISA KEV 1[−]
12 Jun KEVCISA Adds Two Known Exploited Vulnerabilities to CatalogCISA has added two new vulnerabilities to its  Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2024-4610 ARM Mali GPU Kernel Driver Use-After-Free Vulnerability CVE-2024-4577 PHP-CGI OS Command Injection Vulnerability These types of vu…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 9[−]
12 JunMicrosoft Urges Windows Admins to Patch Microsoft Message Queuing RCE flawMicrosoft has disclosed two Critical remote code execution vulnerabilities in MSMQ (Microsoft Message Queuing) and the Windows Wi-Fi Driver. The CVE for these vulnerabilities has been assigned with CVE-2024-30080 and CVE-2024-30078. The severity for these vulnerabilities was give…GBHACKERS.COM
12 JunBlack Basta Ransomware May Have Exploited MS Windows Zero-Day FlawThreat actors linked to the Black Basta ransomware may have exploited a recently disclosed privilege escalation flaw in the Microsoft Windows Error Reporting Service as zero-day, according to new findings from Symantec. The security flaw in question is CVE-2024-26169 (CVSS score:…THEHACKERNEWS.COM
12 JunCriminals, too, see productivity gains from AICyber criminals are beginning to use artificial intelligence to make their operations more effective — and their use goes way beyond creating better bait for phishing. Just as in legitimate business, discussions about AI among criminals have accelerated this year compared to 2023…CSOONLINE.COM
12 JunBlack Basta ransomware gang linked to Windows zero-day attacksThe Cardinal cybercrime group (Storm-1811, UNC4394), who are the main operators of the Black Basta ransomware, is suspected of exploiting a Windows privilege escalation vulnerability, CVE-2024-26169, before a fix was made available. [...]BLEEPINGCOMPUTER.COM
12 JunFirefox 127 Released With patch for 15 VulnerabilitiesMozilla has released Firefox 127, addressing 15 security vulnerabilities, some of which have been rated as high impact. This update is crucial for users to ensure their browsing experience remains secure. Below is a detailed breakdown of the vulnerabilities fixed in this release.…GBHACKERS.COM
12 JunJetBrains Warns of GitHub Plugin that Exposes Access TokensA critical vulnerability (CVE-2024-37051) in the JetBrains GitHub plugin for IntelliJ-based IDEs (2023.1 and later) exposed access tokens to malicious content within GitHub pull requests, allowing attackers to steal tokens and potentially compromise linked accounts, even with two…GBHACKERS.COM
12 JunRansomware Group May Have Exploited Windows Vulnerability as Zero-DayThe Black Basta ransomware gang may have exploited the Windows privilege escalation flaw CVE-2024-26169 before it was patched. The post Ransomware Group May Have Exploited Windows Vulnerability as Zero-Day appeared first on SecurityWeek .SECURITYWEEK.COM
12 JunGoogle Warns of Pixel Firmware Zero-Day Under Limited, Targeted ExploitationThe zero-day is tagged as CVE-2024-32896 and described as an elevation of privilege issue in Pixel Firmware. The post Google Warns of Pixel Firmware Zero-Day Under Limited, Targeted Exploitation appeared first on SecurityWeek .SECURITYWEEK.COM
12 JunMicrosoft fixes dangerous zero-click Outlook remote code execution exploitAs part of its Patch Tuesday cycle, Microsoft has fixed a high-risk vulnerability in its Outlook desktop client that could be exploited by attackers to execute malicious code when opening a specially crafted email message. While opening an email is needed to exploit this flaw, th…CSOONLINE.COM
⚠️ VULNERABILITY DISCLOSURE 22[−]
12 Jun KEVMicrosoft Issues Patches for 51 Flaws, Including Critical MSMQ VulnerabilityMicrosoft has released security updates to address 51 flaws as part of its Patch Tuesday updates for June 2024. Of the 51 vulnerabilities, one is rated Critical and 50 are rated Important. This is in addition to 17 vulnerabilities resolved in the Chromium-based Edge browser over …THEHACKERNEWS.COM
12 Jun8 critical lessons from the Change Healthcare ransomware catastropheLessons are beginning to cohere from Change Healthcare’s disastrous ransomware attack that starkly illustrated the fragility of the healthcare sector, prompting calls for regulatory action. The February attack disrupted insurance claims processing across the US, creating chaos fo…CSOONLINE.COM
12 JunThe pressure on CISOs is real: fixing the hiring process would helpCISOs are under tremendous pressure and according to multiple surveys many are looking for a graceful exit to provide self-relief. A recent report from Proofpoint noted that “66% of global CISOs are concerned about personal, financial, and legal liability in their role.” Those wh…CSOONLINE.COM
12 JunRansomware Group Exploits PHP Vulnerability Days After DisclosureThe TellYouThePass ransomware gang started exploiting a recent code execution flaw in PHP days after public disclosure. The post Ransomware Group Exploits PHP Vulnerability Days After Disclosure appeared first on SecurityWeek .SECURITYWEEK.COM
12 JunNew Phishing Campaign Deploys WARMCOOKIE Backdoor Targeting Job SeekersCybersecurity researchers have disclosed details of an ongoing phishing campaign that leverages recruiting- and job-themed lures to deliver a Windows-based backdoor named WARMCOOKIE. "WARMCOOKIE appears to be an initial backdoor tool used to scout out victim networks and deploy a…THEHACKERNEWS.COM
12 JunChina-Backed Hackers Exploit Fortinet Flaw, Infecting 20,000 Systems GloballyState-sponsored threat actors backed by China gained access to 20,000 Fortinet FortiGate systems worldwide by exploiting a known critical security flaw between 2022 and 2023, indicating that the operation had a broader impact than previously known. "The state actor behind this ca…THEHACKERNEWS.COM
12 JunSelf-replicating Morris II worm targets AI email assistantsThe proliferation of generative artificial intelligence (GenAI) email assistants such as OpenAI’s GPT-3 and Google’s Smart Compose has revolutionized communication workflows. Unfortunately, it has also introduced novel attack vectors for cyber criminals. Leveraging re…SECURITYINTELLIGENCE.COM
12 JunHackers Exploiting Linux SSH Services to Deploy MalwareSSH and RDP provide remote access to server machines (Linux and Windows respectively) for administration. Both protocols are vulnerable to brute-force attacks if solid passwords and access controls are not implemented. Exposed SSH ports (default 22) are scanned by attackers who a…GBHACKERS.COM
12 JunPhone Scammers Impersonating CISA EmployeesImpersonation scams are on the rise and often use the names and titles of government employees. The Cybersecurity and Infrastructure Security Agency (CISA) is aware of recent impersonation scammers claiming to represent the agency. As a reminder, CISA staff will never contact you…CISA.GOV
12 JunMicrosoft Patches Zero-Click Outlook Vulnerability That Could Soon Be ExploitedMicrosoft’s June 2024 Patch Tuesday updates resolve a zero-click Outlook vulnerability leading to remote code execution. The post Microsoft Patches Zero-Click Outlook Vulnerability That Could Soon Be Exploited appeared first on SecurityWeek .SECURITYWEEK.COM
12 JunFortinet Patches Code Execution Vulnerability in FortiOSFortinet has patched multiple vulnerabilities in FortiOS, including a high-severity code execution security flaw. The post Fortinet Patches Code Execution Vulnerability in FortiOS appeared first on SecurityWeek .SECURITYWEEK.COM
12 JunBusKill Warrant Canary for 2024 H2 🕵️submitted by buskill to cybersecurity 1 points | 1 comments https://www.buskill.in/canary-008/ This post contains a canary message that’s cryptographically signed by the official BusKill PGP release key The BusKill project just published their Warrant Canary #008 For more informa…BUSKILL.IN
12 Jun KEVGoogle warns of actively exploited Pixel firmware zero-dayGoogle has released patches for 50 security vulnerabilities impacting its Pixel devices and warned that one of them had already been targeted in attacks as a zero-day. [...]BLEEPINGCOMPUTER.COM
12 JunFraudsters Impersonate CISA in Money ScamsCISA Won't Ask You to Wire Money or Keep Discussions Secret If you've received an urgent phone call from the U.S. Cybersecurity and Infrastructure Security Agency about a security vulnerability, you should know: The call wasn't really from CISA. Americans reported more than $1.1 …DATABREACHTODAY.CO.UK
12 JunNew Research Shows An Alarming Trend of Phishing Attacks Doubling For US and European OrganizationsCybercriminals never sleep, and their aim keeps getting better. According to new research from Abnormal Security, phishing attacks targeting organizations in Europe shot up by a staggering 112.4% between April 2023 and April 2024. Meanwhile, US organizations weren't spared either…KNOWBE4.COM
12 JunMastercard To Phase Out Manual Card Entry For Online Payments In Europe By 2030submitted by pedroapero to cybersecurity 2 points | 0 comments https://www.cnbc.com/2024/06/11/mastercard-to-phase-out-card-entry-for-e-commerce-by-2030-in-europe.html Starting from 2030, Mastercard will no longer require Europeans to enter their card numbers manually when checki…CNBC.COM
12 JunPure Storage says it was breached as Snowflake victim count continues to growStorage vendor Pure Storage has named itself the latest company affected by the extraordinary series of cyberattacks affecting customers of data warehousing company Snowflake. The Snowflake attack s are, collectively, already one of the biggest cyber-incidents of the year and as …CSOONLINE.COM
12 JunHacker Accesses Internal 'Tile' Tool That Provides Location Data To Copssubmitted by pedroapero to cybersecurity 6 points | 0 comments https://www.404media.co/hacker-accesses-internal-tile-tool-that-provides-location-data-to-cops/ A hacker has gained access to internal tools used by the location tracking company Tile, including one that processes loc…404MEDIA.CO
12 JunBlack Basta ransomware gang may have exploited Windows flaw before it was patchedsubmitted by Lanky_Pomegranate530 to cybersecurity 2 points | 0 comments https://therecord.media/black-basta-ransomware-zero-day-windows The flaw was patched in March, and at the time Microsoft stated there was no evidence of its exploitation in the wild.THERECORD.MEDIA
12 JunGoogle patches exploited Android zero-day on Pixel devicesGoogle has released patches for 50 security vulnerabilities impacting its Pixel devices and warned that one of them had already been exploited in targeted attacks as a zero-day. [...]BLEEPINGCOMPUTER.COM
12 JunTime to challenge yourself in the 2024 Google CTFHlynur Gudmundsson, Software Engineer It’s Google CTF time! Install your tools, commit your scripts, and clear your schedule. The competition kicks off on June 21 2024 6:00 PM UTC and runs through June 23 2024 6:00 PM UTC. Registration is now open at goo.gle/ctf . Join the Google…SECURITY.GOOGLEBLOG.COM
📋 SECURITY BULLETINS 2[−]
12 JunJune Patch Tuesday squares up with 49 patchesJust one critical-severity issue addressed, but don’t sleep on an industry-wide DNS issueSOPHOS.COM
12 JunICS Patch Tuesday: Advisories Published by Siemens, Schneider Electric, Aveva, CISASeveral ICS vendors released advisories on Tuesday to inform customers about vulnerabilities found in their industrial and OT products. The post ICS Patch Tuesday: Advisories Published by Siemens, Schneider Electric, Aveva, CISA appeared first on SecurityWeek .SECURITYWEEK.COM
📢 SECURITY ADVISORIES 7[−]
12 JunNIST’s International Cybersecurity and Privacy Engagement Update – Mexico City, RSA Conference, and MoreThe last few months have brought even more opportunities for NIST to engage with our international partners to enhance cybersecurity. Here are some updates on our recent international engagement: Conversations have continued with our partners throughout the world on the recent re…NIST.GOV
12 JunCISA warns of criminals impersonating its employees in phone callsToday, the Cybersecurity and Infrastructure Security Agency (CISA) warned that criminals are impersonating its employees in phone calls and attempting to deceive potential victims into transferring money. [...]BLEEPINGCOMPUTER.COM
12 JunBrazil's Climb Onto the World Stage Sparks Cyber RisksCyber Spies, Extortionists and Domestic Crooks All Vie to Hack Brazil Brazil's growing profile on the world stage comes freighted with cyberthreats from abroad and a thriving criminal ecosystem from within, warns Google. "As Brazil's influence grows, so does its digital footprint…DATABREACHTODAY.CO.UK
12 JunNIST Publishes Draft OT Cybersecurity Guide for Water SectorAgency Seeks Feedback on OT Security Reference Guide for Water, Wastewater Sectors The U.S. National Institute of Standards and Technology wants public feedback on the first draft publication of a new project that aims to better secure the water and wastewater sectors from emergi…DATABREACHTODAY.CO.UK
🔥 INCIDENT REPORTING 13[−]
12 JunCleveland City Closes Offices Following Attack on IT SystemsCleveland City Hall and Erieview offices will remain closed for a second consecutive day, June 11, as officials continue investigating a significant “cyber event” that has disrupted city operations. A recent tweet from the City of…GBHACKERS.COM
12 JunPure Storage Data Breach Following Snowflake Hack: LDAP Usernames, Email Addresses ExposedPure Storage has confirmed that a third party temporarily gained unauthorized access to a Snowflake data analytics workspace. This workspace contained telemetry information used by Pure Storage to provide proactive customer support services. The exposed data includes company name…GBHACKERS.COM
12 JunBattered and bruised 23andMe faces probe after hack that stole seven million users’ data23andMe, the California-based company which sells DNA testing kits to help people learn about their ancestry and potential health risks, is facing scrutiny from British and Canadian data protection authorities following a security breach that saw hackers compromise the personal d…BITDEFENDER.COM
12 JunLessons from the Ticketmaster-Snowflake BreachLast week, the notorious hacker gang, ShinyHunters, sent shockwaves across the globe by allegedly plundering 1.3 terabytes of data from 560 million Ticketmaster users. This colossal breach, with a price tag of $500,000, could expose the personal information of a massive swath of …THEHACKERNEWS.COM
12 JunThe State of Ransomware in Retail 2024IT and cybersecurity leaders reveal ransomware realities for retail businesses today.SOPHOS.COM
12 JunPolice arrest Conti and LockBit ransomware crypter specialistThe Ukraine cyber police have arrested a 28-year-old Russian man in Kyiv for working with Conti and LockBit ransomware operations to make their malware undetectable by antivirus software and conducting at least one attack himself. [...]BLEEPINGCOMPUTER.COM
12 JunCryptojacking Campaign Targets Misconfigured Kubernetes ClustersCybersecurity researchers have warned of an ongoing cryptojacking campaign targeting misconfigured Kubernetes clusters to mine Dero cryptocurrency. Cloud security firm Wiz, which shed light on the activity, said it's an updated variant of a financially motivated operation that wa…THEHACKERNEWS.COM
12 JunCritical Flaw In Apple Ecosystems Let Attackers Gain Unauthorized AccessHackers go for Apple due to its massive user base along with rich customers, including business people and managers who use those devices with some important information. Even with these security measures in place, Apple is a likely target since there will always be risks and the…GBHACKERS.COM
12 JunLife360 says hacker tried to extort them after Tile data breachSafety and location services company Life360 says it was the target of an extortion attempt after a threat actor breached and stole sensitive information from a Tile customer support platform. [...]BLEEPINGCOMPUTER.COM
12 JunRD Web Access abuse: Fighting backInvestigation insights and recommendations from a recent welter of incident-response casesSOPHOS.COM
12 JunRansomware: Disruption of Hospitals and Nearby FacilitiesA study investigating the impact of ransomware attacks on hospitals and the ripple effect on nearby facilities is a call to action for policymakers to seriously address how those assaults can be better handled in the health sector, said researchers Rahi Abouk and David Powell.DATABREACHTODAY.CO.UK
12 JunMicrosoft Incident Response tips for managing a mass password resetWhen an active incident leaves systems vulnerable, a mass password reset may be the right tool to restore security. This post explores the necessity and risk associated with mass password resets. The post Microsoft Incident Response tips for managing a mass password reset appeare…MICROSOFT.COM
🕵️ THREAT INTELLIGENCE 17[−]
12 JunISC Stormcast For Wednesday, June 12th, 2024 https://isc.sans.edu/podcastdetail/9020, (Wed, Jun 12th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
12 JunChrome 126, Firefox 127 Patch High-Severity VulnerabilitiesGoogle and Mozilla have released patches for 21 and 15 vulnerabilities in Chrome and Firefox, respectively. The post Chrome 126, Firefox 127 Patch High-Severity Vulnerabilities appeared first on SecurityWeek .SECURITYWEEK.COM
12 JunCharon Android Botnet Made a Comeback With New WeaponsThe notorious Charon Android Botnet has resurfaced with enhanced capabilities, according to a threat actor’s announcement on a popular cybercrime forum. The botnet, an edited version of the infamous Ermac, has undergone significant improvements, making it a formidable threa…GBHACKERS.COM
12 JunUsing AI for Political PollingPublic polling is a critical function of modern political campaigns and movements, but it isn’t what it once was. Recent US election cycles have produced copious postmortems explaining both the successes and the flaws of public polling. There are two main reasons polling fa…SCHNEIER.COM
12 JunAdvancing Innovation and Harnessing AI to Secure the HomelandBefore the House Committee on Homeland Security, Unit 42 shares the Palo Alto Networks perspective on the intersection of AI and cybersecurity. The post Advancing Innovation and Harnessing AI to Secure the Homeland appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
12 JunWhen Vendors Overstep – Identifying the AI You Don’t NeedAI models are nothing without vast data sets to train them and vendors will be increasingly tempted to harvest as much data as they can and answer any questions later. The post When Vendors Overstep – Identifying the AI You Don’t Need appeared first on SecurityWeek .SECURITYWEEK.COM
12 JunGitHub Paid Out Over $4 Million via Bug Bounty ProgramThe code hosting platform GitHub has paid out more than $4 million since the launch of its bug bounty program 10 years ago. The post GitHub Paid Out Over $4 Million via Bug Bounty Program appeared first on SecurityWeek .SECURITYWEEK.COM
12 JunWhat are You Working on Wednesdaysubmitted by shellsharks to cybersecurity 2 points | 0 comments Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.INFOSEC.PUB
12 JunRSAC Fireside Chat: VISO TRUST replaces questionaires with AI analysis to advance ‘TPRM’Taking stock of exposures arising from the data-handling practices of third-party suppliers was never simple. Related: Europe requires corporate sustainability In a hyper-connected, widely-distributed operating environment the challenge has become daunting. At RSAC 2024 , I visit…LASTWATCHDOG.COM
12 JunIdentiverse 2024: The problem with passkeysMany sessions during day 1 of Identiverse focused on potential security issues with passkeys, and possible solutions for those problems. In this segment, CRATV’s Bill Brenner and Paul Wagenseil unpack the details as covered in the day’s keynotes and sessions. For a wrap up of the…YOUTUBE.COM
12 JunIdentiverse 2024: Deep-sixing the deepfakesHow can you thwart deepfakes and make certain that you’re talking to a real person? That was the focus of day 1's introductory chat between CyberRiskTV’s Bill Brenner and Ron Eddings of Hacker Valley Media. Brenner and Eddings also discussed innovations around passwordless techno…YOUTUBE.COM
12 JunIdentiverse 2024: Preventing the weaponization of identityCybersecurity leaders are increasingly concerned about the weaponization of stolen identities and that was a recurring discussion point on day 2 of Identiverse. CRATV’s Bill Brenner and Paul Wagenseil unpack the details of what they heard from the show floor. For a wrap up of the…YOUTUBE.COM
12 JunIdentiverse 2024: Advancements in facial recognitionTo thwart deepfake efforts, companies at Identiverse discussed and promoted advancements in facial recognition. CRATV’s Bill Brenner and Paul Wagenseil unpacked the details of what they heard from the show floor and in keynotes. For a wrap up of the key topics covered at Identive…YOUTUBE.COM
12 JunData Security Firm Cyberhaven Raises $88 Million at $488 Million ValuationData security company Cyberhaven has raised $88 million in a Series C funding round that brings the total to $136 million. The post Data Security Firm Cyberhaven Raises $88 Million at $488 Million Valuation appeared first on SecurityWeek .SECURITYWEEK.COM
12 JunEverfox to Acquire British Hardware Security Vendor GarrisonHigh-Assurance Security Tech Boosts Everfox's Government and Infrastructure Tools Everfox's purchase of Garrison Technology is set to fortify its cybersecurity offerings, especially for government and critical infrastructure. The deal leverages Garrison's advanced hardware securi…DATABREACHTODAY.CO.UK
12 JunHow to achieve cloud-native endpoint management with Microsoft IntuneIn this post, we’re focusing on what it really takes for organizations to become fully cloud-native in endpoint management—from the strategic leadership to the tactical execution. The post How to achieve cloud-native endpoint management with Microsoft Intune appeared first on Mic…MICROSOFT.COM
🌐 CYBER THREAT LANDSCAPE 1[−]
12 JunPhishing emails abuse Windows search protocol to push malicious scriptsA new phishing campaign uses HTML attachments that abuse the Windows search protocol (search-ms URI) to push batch files hosted on remote servers that deliver malware. [...]BLEEPINGCOMPUTER.COM
🎙️ PODCASTS 1[−]
12 JunCyber Security Today, June 12, 2024 - More Snowflake storage victims found, Microsoft issues new Windows patches, and moreThis episode reports on the latest patches from Microsoft, Nvidia, JetBrains and ARM, as well as action by the Privacy Commissioner of CanadaCYBERSECURITYTODAY.LIBSYN.COM
📡 INFOSEC NEWS 16[−]
12 JunEMEA Webinar | Mythbusting MDRDATABREACHTODAY.CO.UK
12 JunSophos DNS Protection is now availableSophos DNS Protection is available to all licensed Sophos Firewall customers who have the Xstream Protection bundle.SOPHOS.COM
12 JunMicrosoft deprecates Windows DirectAccess, recommends Always On VPNMicrosoft has announced that the DirectAccess remote access solution is now deprecated and will be removed in a future release of Windows, recommending companies migrate to the 'Always On VPN' for enhanced security and continued support. [...]BLEEPINGCOMPUTER.COM
12 JunOn the Future of Cybersecurity in Hybrid Cloud EnvironmentsAn Interview with Gigamon's Chief Security Officer, Chaim Mazal Chief Information Security Officers (CISOs) face unprecedented challenges in their efforts to protect their organizations against a rising tide of increasingly sophisticated cyberthreats.DATABREACHTODAY.CO.UK
12 JunNew phishing toolkit uses PWAs to steal login credentialsA new phishing kit has been released that allows red teamers and cybercriminals to create progressive web Apps (PWAs) that display convincing corporate login forms to steal credentials. [...]BLEEPINGCOMPUTER.COM
12 JunPort 1801 Traffic: Microsoft Message Queue, (Wed, Jun 12th)I planned a bit a more conclusive story here, but after running into issues decoding the packets and running out of time between looking at student papers, I figured I would leave it up to the audience ;-) Maybe someone here better understands the Microsoft Message Queue (MS…ISC.SANS.EDU
12 JunTern AI wants to reduce reliance on GPS with low-cost navigation alternativeThe most critical systems of our modern world rely on GPS, from aviation and road networks to emergency and disaster response, from precision farming and power grids to weather forecasting and military defense. That dependence is becoming a problem. “We’ve got an increased threat…TECHCRUNCH.COM
12 JunThe Shift to Skills-Based HiringHow and Why to Select Candidates Based on Their Real-World Skills Traditional hiring methods often emphasize educational background and work experience, but the White House is encouraging efforts to transition federal and contractor roles to a skills-based framework. Here's how a…DATABREACHTODAY.CO.UK
12 JunAWS adds passkeys support, warns root users must enable MFAAmazon Web Services (AWS) has introduced FIDO2 passkeys as a new method for multi-factor authentication (MFA) to enhance account security and usability. [...]BLEEPINGCOMPUTER.COM