🐛 COMMON VULNERABILITIES AND EXPOSURES 7[−]
1 JulJuniper Networks Releases Critical Security Update for RoutersJuniper Networks has released out-of-band security updates to address a critical security flaw that could lead to an authentication bypass in some of its routers. The vulnerability, tracked as CVE-2024-2973, carries a CVSS score of 10.0, indicating maximum severity. “An Authentic…THEHACKERNEWS.COM
1 JulJuniper Releases Out-Of-Cycle Critical Update for Smart RoutersJuniper Networks has released an out-of-cycle critical update to address a severe vulnerability affecting its Session Smart Router, Session Smart Conductor, and WAN Assurance Router products. The security flaw, identified as CVE-2024-2973, allows network-based attackers to bypass…GBHACKERS.COM
1 JulCVE-2024-6387: RCE in OpenSSH's server, on glibc-based Linux systemssubmitted by 0x0 to security 1 points | 0 comments https://seclists.org/oss-sec/2024/q3/2 Regression in signal handler. This vulnerability is exploitable remotely on glibc-based Linux systems, where syslog() itself calls async-signal-unsafe functions (for example, malloc() and fr…SECLISTS.ORG
1 JulregreSSHion: RCE in OpenSSH's server, on glibc-based Linux systems (CVE-2024-6387)submitted by thomask to cybersecurity 3 points | 0 comments https://www.qualys.com/2024/07/01/cve-2024-6387/regresshion.txt The following summary from Debian’s security list: The Qualys Threat Research Unit (TRU) discovered that OpenSSH, an implementation of the SSH protocol suit…QUALYS.COM
1 JulNew OpenSSH Vulnerability Could Lead to RCE as Root on Linux SystemsOpenSSH maintainers have released security updates to contain a critical security flaw that could result in unauthenticated remote code execution with root privileges in glibc-based Linux systems. The vulnerability has been assigned the CVE identifier CVE-2024-6387. It resides in…THEHACKERNEWS.COM
1 JulMillions of OpenSSH Servers Potentially Vulnerable to Remote regreSSHion AttackMillions of OpenSSH servers could be vulnerable to unauthenticated remote code execution due to a vulnerability tracked as regreSSHion and CVE-2024-6387. The post Millions of OpenSSH Servers Potentially Vulnerable to Remote regreSSHion Attack appeared first on SecurityWeek .SECURITYWEEK.COM
1 JulOpenSSH vulnerability regreSSHion puts millions of servers at riskResearchers have uncovered a serious remote code execution vulnerability in the Open Secure Shell (OpenSSH) server that could let unauthenticated attackers obtain a root shell on servers and take them over. Through internet scanning services like Shodan and Censys, Qualys researc…CSOONLINE.COM
⚠️ VULNERABILITY DISCLOSURE 22[−]
1 Jul KEVReduce security risk with 3 edge-securing stepsA cybersecurity leader’s role in reducing risk should always be clearly defined, but all too often in our business, it seems we’re not doing enough. Risk is everywhere these days, with attacks seemly coming at our businesses from all angles — ransomware , phishing , social engine…CSOONLINE.COM
1 JulJuniper Releases Out-of-Cycle Fix for Max Severity Authentication Bypass FlawJuniper Networks has released an emergency update to address a severe vulnerability in Session Smart Router (SSR), Session Smart Conductor, and WAN Assurance Router products.BLEEPINGCOMPUTER.COM
1 JulNew Tech Q&A: Adaptiva – CrowdStrike alliance highlights trend of blending IT and security systemsThe coalescing of the next-gen security platforms that will carry us forward continues. Related: Jump starting vulnerability management Adaptiva, a leader in autonomous endpoint management, recently announced the launch of OneSite Patch for CrowdStrike . This new solution integra…LASTWATCHDOG.COM
1 JulThreat Actors Actively Exploit D-Link DIR-859 Router FlawThe flaw, which has a CVSS score of 9.8, allows threat actors to perform path traversal attacks and gain unauthorized access to sensitive information, including user passwords.SECURITYAFFAIRS.COM
1 JulFake IT Support Sites Push Malicious PowerShell Scripts as Windows FixesThese sites are promoted through compromised YouTube channels, lending them credibility. One particular error, the 0x80070643 error, which appeared after a Microsoft security update, has been exploited by threat actors.BLEEPINGCOMPUTER.COM
1 JulJuniper Networks Warns of Critical Authentication Bypass VulnerabilityJuniper Networks warns of a critical authentication bypass flaw impacting Session Smart routers and conductors. The post Juniper Networks Warns of Critical Authentication Bypass Vulnerability appeared first on SecurityWeek .SECURITYWEEK.COM
1 JulNew 'regreSSHion' Remote Unauthenticated Code Execution Vulnerability Discovered in OpenSSH ServerApproximately 700,000 external internet-facing instances are vulnerable, accounting for 31% of global instances with OpenSSH. Additionally, a small percentage of vulnerable instances are running an End-Of-Life/End-Of-Support version of OpenSSH.QUALYS.COM
1 JulHackers Target Vulnerability Found Recently in Long-Discontinued D-Link RoutersGreyNoise observes the first attempts to exploit a path traversal vulnerability in discontinued D-Link DIR-859 WiFi routers. The post Hackers Target Vulnerability Found Recently in Long-Discontinued D-Link Routers appeared first on SecurityWeek .SECURITYWEEK.COM
1 JulReport: 75% of New Vulnerabilities Exploited Within 19 DaysLast year, Skybox Security reported that there were over 30,000 new vulnerabilities, with a new vulnerability emerging every 17 minutes on average. This amounts to around 600 new vulnerabilities per week.HELPNETSECURITY.COM
1 JulChatGPT 4 can exploit 87% of one-day vulnerabilitiesSince the widespread and growing use of ChatGPT and other large language models (LLMs) in recent years, cybersecurity has been a top concern. Among the many questions, cybersecurity professionals wondered how effective these tools were in launching an attack. Cybersecurity resear…SECURITYINTELLIGENCE.COM
1 JulNew regreSSHion OpenSSH RCE bug gives root on Linux serversA new OpenSSH unauthenticated remote code execution (RCE) vulnerability dubbed "regreSSHion" gives root privileges on glibc-based Linux systems. [...]BLEEPINGCOMPUTER.COM
1 JulregreSSHion: Remote Unauthenticated Code Execution Vulnerability In OpenSSH ServerPACKETSTORMSECURITY.COM
1 JulCodeintegrity-ai/mutahunter: Open Source, Language Agnostic LLM-based mutation testing toolsubmitted by coderinsan to security 1 points | 0 comments https://github.com/codeintegrity-ai/mutahunter Check out our open-source, language-agnostic mutation testing tool using LLM agents here: github.com/codeintegrity-ai/mutahunter Mutation testing is a way to verify the effect…GITHUB.COM
1 JulHacker Conversations: Chris Evans, Hacker and CISOChris Evans, CISO and chief hacking officer at HackerOne, challenges the common perception of both hackers and their motivation. The post Hacker Conversations: Chris Evans, Hacker and CISO appeared first on SecurityWeek .SECURITYWEEK.COM
1 JulCritical Flaws in CocoaPods Expose iOS and macOS Apps to Supply Chain AttacksA trio of security flaws has been uncovered in the CocoaPods dependency manager for Swift and Objective-C Cocoa projects that could be exploited to stage software supply chain attacks, putting downstream customers at severe risks. The vulnerabilities allow "any malicious actor to…THEHACKERNEWS.COM
1 JulSSH "regreSSHion" Remote Code Execution Vulnerability in OpenSSH., (Mon, Jul 1st)Qualys published a blog posts with details regarding a critical remote code execution vulnerability [1]
ISC.SANS.EDU
1 JulJuniper Releases Emergency Fix for Maximum-Severity FlawVulnerability Can Allow Authentication Bypass; No Evidence of Exploitation Yet Juniper Networks released an out-of-band fix for a maximum-severity vulnerability that can allow hackers to bypass authentication in three Juniper products. The CVSS 10-rated bug could allow an attacke…DATABREACHTODAY.CO.UK
1 JulCisco warns of NX-OS zero-day exploited to deploy custom malwareCisco has patched an NX-OS zero-day exploited in April attacks to install previously unknown malware as root on vulnerable switches. [...]BLEEPINGCOMPUTER.COM
1 JulThe Curious Case of the Payroll PilferingIn a world where cyber espionage has become as common as a rainy day in London, the recent events surrounding the UK armed forces' payroll database have had us all raising our eyebrows higher than a butler's in a posh British drama.KNOWBE4.COM
1 JulUrgent: Patch Fixed, Reintroduced OpenSSH Bug, Says QualysOver 14 Million Servers May Be Affected by Bug First Fixed Decades Ago More than 14 million servers may be affected by a regressed vulnerability in a remote server management and file transfer tool that can allow hackers to completely take over the affected systems. The flaw is a…DATABREACHTODAY.CO.UK
1 JulA Vulnerability in OpenSSH Could Allow for Remote Code ExecutionA vulnerability has been discovered in OpenSSH, which could allow for remote code execution. OpenSSH is a suite of secure networking utilities based on the SSH protocol and is crucial for secure communication over unsecured networks. It is widely used in enterprise environments f…CISECURITY.ORG
1 JulGoogle Opens $250K Bug Bounty Contest for VM Hypervisorsubmitted by BrikoX to cybersecurity 1 points | 0 comments https://www.darkreading.com/cloud-security/google-opens-250k-bug-bounty-contest-for-vm-hypervisor If security researchers can execute a guest-to-host attack using a zero-day vuln in the KVM open source hypervisor, Google …DARKREADING.COM
📢 SECURITY ADVISORIES 4[−]
1 JulThreat Actor IntelBroker Claims Leak of Cognizant OIPA DatabaseThe notorious threat actor known as IntelBroker has claimed responsibility for leaking a database belonging to Cognizant’s Oracle Insurance Policy Administration (OIPA) system. The announcement was made via Twitter on the dark web, sending shockwaves through the cybersecuri…GBHACKERS.COM
1 JulYour KnowBe4 Compliance Plus Fresh Content Updates from June 2024Check out the June updates in Compliance Plus so you can stay on top of featured compliance training content.KNOWBE4.COM
1 JulStartup Odaseva Raises $54M to Bolster Global Expansion, R&DThe Series C funding will allow San Francisco-based Odaseva to provide more robust support to clients dealing with stringent data residency regulations and evolving privacy laws around the globe, according to founder and CEO Sovan Bin.BANKINFOSECURITY.COM
1 JulHow Cyber Insurers Evaluate Security MeasuresTokio Marine HCC's Keith Bergin on Cybersecurity Measures for Insurance Eligibility Keith Bergin, vice president of corporate claims at Tokio Marine HCC, explains how cyber insurers evaluate security measures such as MFA and administrative access control, and describes the integr…DATABREACHTODAY.CO.UK
🔥 INCIDENT REPORTING 16[−]
1 JulMeet Brain Cipher — The New Ransomware Behind Indonesia’s Data Center AttackBrain Cipher ransomware has been uploaded to various malware-sharing sites, created using the leaked LockBit 3.0 builder. The encryptor used by Brain Cipher appends an extension and encrypts the file name of the encrypted files.BLEEPINGCOMPUTER.COM
1 JulRouter maker's support portal hacked, replies with MetaMask phishingBleepingComputer has verified that the helpdesk portal of a router manufacturer is currently sending MetaMask phishing emails in response to newly filed support tickets, in what appears to be a compromise. [...]BLEEPINGCOMPUTER.COM
1 JulPrudential Financial Data Breach Impacts 2.5 MillionPrudential Financial has updated the February data breach impact estimate to 2.5 million individuals. The post Prudential Financial Data Breach Impacts 2.5 Million appeared first on SecurityWeek .SECURITYWEEK.COM
1 JulEnd-to-End Secrets Security: Making a Plan to Secure Your Machine IdentitiesAt the heart of every application are secrets. Credentials that allow human-to-machine and machine-to-machine communication. Machine identities outnumber human identities by a factor of 45-to-1 and represent the majority of secrets we need to worry about. According to CyberArk's …THEHACKERNEWS.COM
1 JulMultiple Vulnerabilities Found in Gas ChromatographsMultiple critical vulnerabilities have been discovered in Emerson gas chromatographs, which could potentially enable unauthorized access to sensitive data, cause denial-of-service attacks, and execute arbitrary commands.BANKINFOSECURITY.COM
1 JulIndian Software Firm's Products Hacked to Spread Data-Stealing MalwareInstallers for three different software products developed by an Indian company named Conceptworld have been trojanized to distribute information-stealing malware. The installers correspond to Notezilla, RecentX, and Copywhiz, according to cybersecurity firm Rapid7, which discove…THEHACKERNEWS.COM
1 JulTeamViewer Says Russia’s ‘Cozy Bear’ Hackers Attacked Corporate IT SystemRemote access solution provider TeamViewer confirmed that the Russian hacking group APT29 breached its corporate IT environment. The hack on TeamViewer was traced back to an employee account.THERECORD.MEDIA
1 JulLandmark Admin Discloses Data Breach Impacting Personal, Medical InformationLife insurance company Landmark Admin says personal, medical, and insurance information was compromised in a May data breach. The post Landmark Admin Discloses Data Breach Impacting Personal, Medical Information appeared first on SecurityWeek .SECURITYWEEK.COM
1 JulHubSpot Warns of Ongoing Cyberattacks Targeting Customer AccountsHubSpot is "actively investigating and blocking attempts” to hack into customer accounts but some targets have already been compromised. The post HubSpot Warns of Ongoing Cyberattacks Targeting Customer Accounts appeared first on SecurityWeek .SECURITYWEEK.COM
1 JulFintech company Wise says some customers affected by Evolve Bank data breachThe news highlights that the fallout from the Evolve data breach on third-party companies — and their customers and users — is still unclear. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
1 JulNew Malware Campaign Impersonates AI Tools To Trick UsersResearchers at ESET warn that malvertising campaigns are impersonating AI tools to trick users into installing malware. The Rilide infostealer, for example, is being distributed via a malicious browser extension posing as Sora or Gemini.KNOWBE4.COM
1 JulCDK Global says all dealers will be back online by ThursdayCDK Global says that its dealer management system (DMS), impacted by a massive IT outage following a June 18th ransomware attack, will be back online by Thursday for all car dealerships. [...]BLEEPINGCOMPUTER.COM
1 JulPrudential Financial now says 2.5 million impacted by data breachPrudential Financial, a global financial services company, has revealed that over 2.5 million people had their personal information compromised in a February data breach. [...]BLEEPINGCOMPUTER.COM
1 JulGroups Ask HHS for Guidance on Massive Change Breach ReportsIndustry Associations Want Feds to Put Regulatory Onus on Change Healthcare Two weeks ago, Change Healthcare began notifying thousands of medical practices about a massive data breach affecting millions of patients. The healthcare software firm says it will handle breach notifica…DATABREACHTODAY.CO.UK
1 JulHijacked: How hacked YouTube channels spread scams and malwareHere’s how cybercriminals go after YouTube channels and use them as conduits for fraud – and what you should watch out for when watching videos on the platformWELIVESECURITY.COM
🕵️ THREAT INTELLIGENCE 16[−]
1 JulSony Enters Crypto Exchange Arena with Acquisition of AmberSony Group, the Japanese conglomerate renowned for its gaming, music, and camera prowess, has officially entered the crypto exchange market. According to crypto reporter Wu Blockchain, Sony has acquired Amber Japan, a regulated digital asset trading service provider. Amber Japan,…GBHACKERS.COM
1 JulMicrosoft Alerts More Users in Update to Midnight Blizzard HackMicrosoft has issued a new alert to its users, updating them on the continued threat posed by Midnight Blizzard, a Russian state-sponsored hacking group also known as NOBELIUM. The alert follows the initial detection of the attack by Microsoft’s Security Team on January 12,…GBHACKERS.COM
1 JulNew Hacker Group Attacking Systems With 10 Malware At Same TimeA malware campaign of huge magnitude, and perhaps run by just one group, is using artificially nested files for distribution named ‘WEXTRACT.EXE .MUI’. More than 50,000 files worldwide featuring this method are delivered by dif…GBHACKERS.COM
1 JulTeamViewer Hack Officially Attributed to Russian CyberspiesTeamViewer has confirmed that the Russian cyberespionage group APT29 appears to be behind the recent hack. The post TeamViewer Hack Officially Attributed to Russian Cyberspies appeared first on SecurityWeek .SECURITYWEEK.COM
1 JulHackers Using Google Ads To Deliver ‘Poseidon’ Mac StealerHackers abuse Mac Stealer to covertly extract sensitive information such as passwords, financial data, and personal files from macOS devices. Besides this, macOS users or Mac users are considered valuer targets. On June 24th, Malwarebytes researchers identified another Mac-specif…GBHACKERS.COM
1 JulModel Extraction from Neural NetworksA new paper , “Polynomial Time Cryptanalytic Extraction of Neural Network Models,” by Adi Shamir and others, uses ideas from differential cryptanalysis to extract the weights inside a neural network using specific queries and their results. This is much more theoretic…SCHNEIER.COM
1 JulGoogle to allow isolated web applications on Chrome access sensitive USB devicesGoogle is working to allow trusted isolated web applications to have unfettered access through the WebUSB API , a JavaScript API that authenticates web applications to interact with local USB devices on a computer. Through a Chrome status update, the company said it is testing th…CSOONLINE.COM
1 JulMentorship Monday - Discussions for career and learning!submitted by shellsharks to cybersecurity 1 points | 0 comments Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? …INFOSEC.PUB
1 JulCapraRAT Spyware Disguised as Popular Apps Threatens Android UsersThe threat actor known as Transparent Tribe has continued to unleash malware-laced Android apps as part of a social engineering campaign to target individuals of interest. "These APKs continue the group's trend of embedding spyware into curated video browsing applications, with a…THEHACKERNEWS.COM
1 JulPolice allege ‘evil twin’ in-flight Wi-Fi used to steal infosubmitted by kid to cybersecurity 2 points | 1 comments https://www.theregister.com/2024/07/01/australia_evil_twin_wifi_airline_attack/THEREGISTER.COM
1 JulGoogle Offering $250,000 for Full VM Escape in New KVM Bug Bounty ProgramGoogle has announced a new KVM bug bounty program named kvmCTF with rewards of up to $250,000 for a full VM escape. The post Google Offering $250,000 for Full VM Escape in New KVM Bug Bounty Program appeared first on SecurityWeek .SECURITYWEEK.COM
1 JulCISOs 2023 Planning Guide: Forecast The Recession's Impact On Your Program - Jeff Pol... - BSW VaultCheck out this interview from the BSW Vault, hand picked by main host Matt Alderman! This segment was originally published on October 11, 2022. As 2023 approaches, security leaders are hard at work preparing their budgets, identifying their projects, and setting their priorities …YOUTUBE.COM
1 JulLatest Intel CPUs impacted by new Indirector side-channel attackModern Intel processors, including chips from the Raptor Lake and the Alder Lake generations are susceptible to a new type of a high-precision Branch Target Injection (BTI) attack dubbed 'Indirector,' which could be used to steal sensitive information from the CPU. [...]BLEEPINGCOMPUTER.COM
1 JulBalancing AI Potential and Risk Management in CybersecurityDunphy of Omron on Enhancing Productivity Through Strategic Gen AI Implementation Generative AI offers significant potential for enhancing productivity across various organizational functions. The integration of gen AI demands meticulous oversight to mitigate errors and ensure al…DATABREACHTODAY.CO.UK
1 JulPortSwigger Scores Hefty $112 Million InvestmentThe British company behind the popular Burp Suite pen-test utilities has banked a massive $112 million investment from Brighton Park Capital. The post PortSwigger Scores Hefty $112 Million Investment appeared first on SecurityWeek .SECURITYWEEK.COM
1 JulCyber A.I. Group Announces Substantial Expansion of Acquisition PipelinePipeline Will Support Company’s Highly Proactive Buy & Build Business Model Cyber A.I. Group, Inc., an emerging growth global cybersecurity, A.I. and IT services company, announced today the significant expansion of the Company’s acquisition pipeline. The announcement was mad…GBHACKERS.COM
🌐 CYBER THREAT LANDSCAPE 2[−]
1 JulCyber Security Today, July 1, 2024 - A critical patch for GitLabThis episode reports on new reports on vulnerabilities and software supply chain securityCYBERSECURITYTODAY.LIBSYN.COM
1 JulKaspersky Expertise Centers | Kaspersky official blogFive Kaspersky centers of expertise: GReAT, Threat Research, AI Technology Research, Security Services, and ICS CERTKASPERSKY.COM
📡 INFOSEC NEWS 11[−]
1 JulRouter maker's support portal responds with MetaMask phishingBleepingComputer has verified that the helpdesk portal of a router manufacturer is currently sending MetaMask phishing emails in response to newly filed support tickets, in what appears to be a compromise. [...]BLEEPINGCOMPUTER.COM
1 JulUpdate: Polyfill.io, BootCDN, Bootcss, Staticfile Attack Traced to one OperatorResearchers found a public GitHub repo where the operators of Polyfill.io accidentally exposed their Cloudflare secret keys. By using these leaked API keys, they were able to confirm that a single entity was behind the attack on all four domains.BLEEPINGCOMPUTER.COM
1 JulPolice Allege ‘Evil Twin’ In-Flight Wi-Fi Used to Steal InformationA man in Australia was charged with operating fake Wi-Fi networks on a commercial flight to steal passengers' email and social media credentials. The investigation began when an airline reported a suspicious Wi-Fi network during a domestic flight.THEREGISTER.COM
1 JulWeb Scraping is Not Just a Security or Fraud ProblemScraper bots have a negative impact on various aspects of an organization, including revenue, competitive advantage, brand identity, customer experience, infrastructure costs, and digital experience.HELPNETSECURITY.COM
1 JulApple CocoaPods Bugs Expose Millions of Apps to Code InjectionA report by E.V.A Information Security reveals that Apple's popular dependency manager, CocoaPods, has been plagued with three critical vulnerabilities for several years.DARKREADING.COM
1 JulAustralian charged for ‘Evil Twin’ WiFi attack on planeAn Australian man was charged by Australia's Federal Police (AFP) for allegedly conducting an 'evil twin' WiFi attack on various domestic flights and airports in Perth, Melbourne, and Adelaide to steal other people's email or social media credentials. [...]BLEEPINGCOMPUTER.COM
1 JulPurple Teaming: Evaluate the Efficacy of Security ControlsRed teaming is not effective for evaluating the efficacy of preventative or detective security controls, said Jared Atkinson of Specter Ops, but purple teaming is. Purple teaming as "the evaluation of security control efficacy through atomic testing, using deliberately selected t…DATABREACHTODAY.CO.UK
1 JulUpcoming Book on AI and DemocracyIf you’ve been reading my blog, you’ve noticed that I have written a lot about AI and democracy, mostly with my co-author Nathan Sanders. I am pleased to announce that we’re writing a book on the topic. This isn’t a book about deep fakes, or misinformation…SCHNEIER.COM