⚠️ VULNERABILITY DISCLOSURE 2[−]
15 JunASUS warns of critical remote authentication bypass on 7 routersASUS has released a new firmware update that addresses a vulnerability impacting seven router models that allow remote attackers to log in to devices. [...]BLEEPINGCOMPUTER.COM
15 JunUnmasking the Threat: Why Phishing Scams are Surging in JapanJapan has a large number of Forbes Global 2000 corporations--more than the UK, Germany, and France combined. Despite this economic strength, Japan faces an alarming and growing threat from phishing attacks, which is much worse than previously assumed. According to findings by Mai…KNOWBE4.COM
📢 SECURITY ADVISORIES 1[−]
15 JunVermont Governor Vetoes Data Privacy Bill, Saying State Would be Most Hostile to BusinessesRepublican Gov. Phil Scott said the legislation would have made Vermont “a national outlier and more hostile than any other state to many businesses and non-profits.” The post Vermont Governor Vetoes Data Privacy Bill, Saying State Would be Most Hostile to Businesses appeared fir…SECURITYWEEK.COM
🔥 INCIDENT REPORTING 2[−]
15 JunPakistani Hackers Use DISGOMOJI Malware in Indian Government Cyber AttacksA suspected Pakistan-based threat actor has been linked to a cyber espionage campaign targeting Indian government entities in 2024. Cybersecurity company Volexity is tracking the activity under the moniker UTA0137, noting the adversary's exclusive use of a malware called DISGOMOJ…THEHACKERNEWS.COM
15 JunWhistleblower Says Microsoft Dismissed Warnings About a Security Flaw That Russians Later Used to Hack U.S. Governmentsubmitted by ylai to cybersecurity 77 points | 2 comments https://www.propublica.org/article/microsoft-solarwinds-golden-saml-data-breach-russian-hackersPROPUBLICA.ORG
🕵️ THREAT INTELLIGENCE 2[−]
15 JunGrandoreiro Banking Trojan Hits Brazil as Smishing Scams Surge in PakistanPakistan has become the latest target of a threat actor called the Smishing Triad, marking the first expansion of its footprint beyond the E.U., Saudi Arabia, the U.A.E., and the U.S. "The group's latest tactic involves sending malicious messages on behalf of Pakistan Post to cus…THEHACKERNEWS.COM
15 JunOverview of My Tools That Handle JSON Data, (Sat, Jun 15th)I wrote a couple of diary entries showing my tools that produce and consume JSON data. Like " Analyzing PDF Streams ", " Another PDF Streams Example: Extracting JPEGs " and " Analyzing MSG Files ".
ISC.SANS.EDU
🌐 CYBER THREAT LANDSCAPE 1[−]
15 JunNew Linux malware is controlled through emojis sent from DiscordA newly discovered Linux malware dubbed 'DISGOMOJI' uses the novel approach of utilizing emojis to execute commands on infected devices in attacks on government agencies in India. [...]BLEEPINGCOMPUTER.COM
🎙️ PODCASTS 1[−]
15 JunCyber Security Today, Week in Review for week ending Friday June 14, 2024This episode includes a discussion on Microsoft and Google's offer to help U.S. rural hospitals tighten their cybersecurity, a report on top network vulnerabilities found by penetration testers and the latest news on hacks of Snowflake customers.CYBERSECURITYTODAY.LIBSYN.COM
📡 INFOSEC NEWS 3[−]
15 JunMicrosoft: New Outlook security changes coming to personal accountsMicrosoft has announced new cybersecurity enhancements for Outlook personal email accounts as part of its 'Secure Future Initiative,' including the deprecation of basic authentication (username + password) by September 16, 2024. [...]BLEEPINGCOMPUTER.COM
15 JunAlleged Boss of ‘Scattered Spider’ Hacking Group ArrestedA 22-year-old man from the United Kingdom arrested this week in Spain is allegedly the ringleader of Scattered Spider, a cybercrime group suspected of hacking into Twilio, LastPass, DoorDash, Mailchimp, and nearly 130 other organizations over the past two years.KREBSONSECURITY.COM
15 JunMeta Pauses AI Training on EU User Data Amid Privacy ConcernsMeta on Friday said it's delaying its efforts to train the company's large language models (LLMs) using public content shared by adult users on Facebook and Instagram in the European Union following a request from the Irish Data Protection Commission (DPC). The company expressed …THEHACKERNEWS.COM