14Articles
5Categories
2024-06-29Date
πŸ› COMMON VULNERABILITIES AND EXPOSURES 1[βˆ’]
29 JunMerkSpy: Exploiting CVE-2021-40444 to Infiltrate SystemsMerkSpy is designed to covertly monitor user activities, capture sensitive information like keystrokes and Chrome login credentials, and exfiltrate the data to the attacker's server.FORTINET.COM
⚠️ VULNERABILITY DISCLOSURE 7[βˆ’]
29 JunExamining Water Sigbin's Infection Routine Leading to an XMRig CryptominerA sophisticated multi-stage malware campaign by the threat actor "Water Sigbin" (also known as the 8220 Gang) exploits Oracle WebLogic vulnerabilities to deliver a cryptocurrency miner called XMRig.TRENDMICRO.COM
29 JunCritical GitLab Bug Lets Attackers Run Pipelines as Any UserA critical vulnerability has been discovered in certain versions of GitLab Community and Enterprise Edition products. This vulnerability allows an attacker to run pipelines as any user.BLEEPINGCOMPUTER.COM
29 JunOperation First Light Seizes $257m in Global Scam BustPolice forces from 61 countries have collaborated in Operation First Light 2024, led by Interpol, resulting in the arrest of 3,950 suspects and the identification of 14,643 more.INFOSECURITY-MAGAZINE.COM
29 JunHackers exploit critical D-Link DIR-859 router flaw to steal passwordsHackers are exploiting a critical vulnerability that affects all D-Link DIR-859 WiFi routers to collect account information from the device, including passwords. [...]BLEEPINGCOMPUTER.COM
29 JunGoogle to Block Entrust Certificates in Chrome Starting November 2024Google has announced that it's going to start blocking websites that use certificates from Entrust starting around November 1, 2024, in its Chrome browser, citing compliance failures and the certificate authority's inability to address security issues in a timely manner. "Over th…THEHACKERNEWS.COM
29 JunWeekly Update 406Presently sponsored by: Push Security. Stop identity attacks with a browser-based agent that detects and prevents account takeover. Try it free now. Why does it need to be a crazy data breach week right when I'm struggling with jet lag?! I came home from Europe just as a bun…TROYHUNT.COM
29 JunCyber Security Today, Week in Review for week ending Friday, June 28, 2024This episode features a discussion on the latest MOVEit vulnerability, a report on recruiting cybersecurity pros and how an API coding error is being blamed for a large cyber breach in AustraliaCYBERSECURITYTODAY.LIBSYN.COM
πŸ”₯ INCIDENT REPORTING 3[βˆ’]
29 JunHubSpot Investigating Cyber Attack Following Customer Account HacksMarketing and sales software giant HubSpot announced on Friday that it is investigating a cybersecurity incident following reports of customer account hacks. The company, specializing in customer relationship management (CRM) and marketing automation software, identified the secu…GBHACKERS.COM
29 JunMeet Brain Cipher β€” The new ransomware behind Indonesia's data center attackThe new Brain Cipher ransomware operation has begun targeting organizations worldwide, gaining media attention for a recent attack on Indonesia's temporary National Data Center. [...]BLEEPINGCOMPUTER.COM
29 JunThe biggest data breaches in 2024: 1B stolen records and risingSome of the largest, most damaging breaches of 2024 already account for over a billion stolen records. Β© 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
πŸ•΅οΈ THREAT INTELLIGENCE 1[βˆ’]
29 JunChina-Sponsored Attackers Target 40K Corporate Users in 90 DaysThe campaigns, named LegalQloud, Eqooqp, and Boomer, deploy highly evasive and adaptive threat (HEAT) attack techniques that can bypass multifactor authentication (MFA) and URL filtering.DARKREADING.COM
πŸ“‘ INFOSEC NEWS 2[βˆ’]
29 JunYour Phone's 5G Connection Is Vulnerable to Bypass, DoS AttacksOne attack involves setting up a fake base station using a Raspberry Pi or a software-defined radio (SDR). These devices can imitate a real base station and are readily available for purchase.DARKREADING.COM
29 JunMicrosoft resumes rollout of Windows 11 KB5039302 update for most usersMicrosoft has resumed the rollout of the June Windows 11 KB5039302 update, now blocking the update only for those using virtualization software. [...]BLEEPINGCOMPUTER.COM