92Articles
8Categories
2024-07-03Date
🐛 COMMON VULNERABILITIES AND EXPOSURES 4[−]
3 JulCritical WordPress Plugin Flaw Exposes 90,000+ WordPress SitesA critical vulnerability has been discovered in the popular WordPress plugin “Email Subscribers by Icegram Express – Email Marketing, Newsletters, Automation for WordPress & WooCommerce.” The flaw, identified as CVE-2024-6172, has been assigned a CVSS score of 9.8…GBHACKERS.COM
3 JulGoogle Patches 25 Android Flaws, Including Critical Privilege Escalation BugGoogle has issued patches for 25 security vulnerabilities in the Android operating system. One critical bug, known as CVE-2024-31320, affects Android versions 12 and 12L, enabling privilege escalation.SOURCE.ANDROID.COM
3 JulregreSSHion OpenSSH Flaw: Potential Exploitation Attempts Seen, but Mass Attacks UnlikelyThe critical OpenSSH vulnerability tracked as regreSSHion and CVE-2024-6387 may already be targeted by attackers, but mass exploitation is unlikely. The post regreSSHion OpenSSH Flaw: Potential Exploitation Attempts Seen, but Mass Attacks Unlikely appeared first on SecurityWeek .SECURITYWEEK.COM
3 JulPTC Releases Patch for Critical Flaw in Creo Elements/Direct License ServerThe vulnerability, tracked as CVE-2024-6071, affects version 20.7.0.0 and earlier, and allows unauthenticated remote attackers to execute arbitrary OS commands on the server through a web interface.CISA.GOV
⚠️ VULNERABILITY DISCLOSURE 24[−]
3 JulSouth Korean ERP Vendor's Server Hacked to Spread Xctdoor MalwareAn unnamed South Korean enterprise resource planning (ERP) vendor's product update server has been found to be compromised to deliver a Go-based backdoor dubbed Xctdoor. The AhnLab Security Intelligence Center (ASEC), which identified the attack in May 2024, did not attribute it …THEHACKERNEWS.COM
3 JulHackers Claiming of Sandbox Escape RCE in 0-DAY Google ChromeA group of hackers has claimed to have discovered a critical zero-day vulnerability in Google Chrome. This exploit, which reportedly enables a sandbox escape and remote code execution (RCE), could potentially compromise millions of users worldwide. The announcement was made via a…GBHACKERS.COM
3 JulDarnet Diaries podcast EP 147: TORNADOsubmitted by ashar to security_cpe 1 points | 0 comments https://darknetdiaries.com/imgs/darknet-diaries-sm.jpg In this episode, Geoff White ( x.com/geoffwhite247 ) tells us what happened to Axie Infinity and Tornado cash. It’s a digital heist of epic proportions that changed eve…INFOSEC.PUB
3 JulMicrosoft MSHTML Flaw Exploited to Deliver MerkSpy Spyware ToolUnknown threat actors have been observed exploiting a now-patched security flaw in Microsoft MSHTML to deliver a surveillance tool called MerkSpy as part of a campaign primarily targeting users in Canada, India, Poland, and the U.S. "MerkSpy is designed to clandestinely monitor u…THEHACKERNEWS.COM
3 JulIntel Says No New Mitigations Required for Indirector CPU AttackResearchers disclosed a new high-precision Branch Target Injection attack method named Indirector, but Intel says no new mitigations are needed. The post Intel Says No New Mitigations Required for Indirector CPU Attack appeared first on SecurityWeek .SECURITYWEEK.COM
3 JulProton launches free, privacy-focused Google Docs alternativeProton has launched 'Docs in Proton Drive,' a free and open-source end-to-end encrypted web-based document editing and collaboration tool. [...]BLEEPINGCOMPUTER.COM
3 JulSupposed Grasshopper Operators Impersonate Israeli Government and Private Companies to Deploy Open-Source MalwareThe group uses a mix of publicly available malware and custom development to carry out their attacks. They have been using custom WordPress websites as a payload delivery mechanism.HARFANGLAB.IO
3 JulPasskeys aren’t attack-proof, not until properly implementedPasskey, a password-less technology for authenticating user access to cloud-hosted applications, may still be vulnerable to adversary-in-the-middle (AitM) attacks despite its massive popularity, according to an eSentire study . Poor implementation of passkeys, like offering less …CSOONLINE.COM
3 JulThe Emerging Role of AI in Open-Source IntelligenceRecently the Office of the Director of National Intelligence (ODNI) unveiled a new strategy for open-source intelligence (OSINT) and referred to OSINT as the “INT of first resort”. Public and private sector organizations are realizing the value that the discipline can provide but…THEHACKERNEWS.COM
3 JulJuniper SRX Vulnerability Allows Attackers Trigger DoS ConditionA vulnerability in Junos OS on SRX Series devices allows attackers to trigger a DoS attack by sending crafted valid traffic, which is caused by improper handling of exceptional conditions within the Packet Forwarding Engine (PFE) and leads to PFE crashes and restarts upon receivi…GBHACKERS.COM
3 JulGogs Vulnerabilities Let Attackers Hack Instances And Steal Source CodeGogs is a standard open-source code hosting system used by many developers. Several Gogs vulnerabilities have been discovered recently by the cybersecurity researchers at SonarSource. Gogs can be hacked through these flaws, which put its instances at risk of source code theft, ba…GBHACKERS.COM
3 JulOdaseva Raises $54 Million for Salesforce Enterprise Data Security PlatformEnterprise data security platform Odaseva raises $54 million in a Series C funding round led by Silver Lake Waterman. The post Odaseva Raises $54 Million for Salesforce Enterprise Data Security Platform appeared first on SecurityWeek .SECURITYWEEK.COM
3 JulEuropol takes down 593 Cobalt Strike servers used by cybercriminalsEuropol coordinated a joint law enforcement action known as Operation Morpheus, which led to the takedown of almost 600 Cobalt Strike servers used by cybercriminals to infiltrate victims' networks. [...]BLEEPINGCOMPUTER.COM
3 JulVulnerabilities in CocoaPods: The Achilles' Heel of the Apple App EcosystemRecent discoveries have unveiled severe vulnerabilities within CocoaPods, a dependency manager essential for iOS and macOS application development. These security flaws could lead to significant supply chain attacks, jeopardizing numerous applications. The exploit allows attacker…CYWARE.COM
3 JulSecator: Open-Source Pentesting Swiss Army KnifeSecator is an open-source task and workflow runner designed for security assessments to streamline the use of various security tools for pen testers and security researchers.HELPNETSECURITY.COM
3 JulNew Open SSH VulnerabilityIt’s a serious one : The vulnerability, which is a signal handler race condition in OpenSSH’s server (sshd), allows unauthenticated remote code execution (RCE) as root on glibc-based Linux systems; that presents a significant security risk. This race condition affects…SCHNEIER.COM
3 JulRCE, DoS Exploits Found in Rockwell PanelView Plus: Patch NowMicrosoft has exposed two significant vulnerabilities in Rockwell Automation's PanelView Plus devices that could be exploited by attackers to execute remote code and launch denial-of-service attacks.THECYBEREXPRESS.COM
3 JulInfostealer malware logs used to identify child abuse website membersThousands of pedophiles who download and share child sexual abuse material (CSAM) were identified through information-stealing malware logs leaked on the dark web, highlighting a new dimension of using stolen credentials in law enforcement investigations. [...]BLEEPINGCOMPUTER.COM
3 JulEuropol Announces Crackdown on Cobalt Strike Servers Used by CybercriminalsEuropean law enforcement agency announces the takedown of nearly 600 Cobalt Strike servers linked to criminal activity. The post Europol Announces Crackdown on Cobalt Strike Servers Used by Cybercriminals appeared first on SecurityWeek .SECURITYWEEK.COM
3 JulPatched: RCE Flaw That Affects Critical ManufacturingHackers Have Not Yet Exploited the CVSS 10-Rated Flaw, Says PTC Software maker for critical manufacturing organizations PTC patched a critical flaw that could allow hackers to execute arbitrary commands on a system server, days after the U.S. cybersecurity watchdog published a vu…DATABREACHTODAY.CO.UK
3 JulOn Day 4 of Ransomware Attack, Service Still Down at PatelcoCustomers Cannot Make Payments, Receive Direct Deposits or Transfer Funds A ransomware attack forced Patelco Credit Union to shutter critical banking operations for more than four days, leaving nearly 500,000 customers unable to make card payments or conduct electronic transactio…DATABREACHTODAY.CO.UK
3 JulHacker Heroes - Joe Grand - PSW VaultExploring the Hardware Hacking Realm with Joe Grand, AKA Kingpin Joe Grand, also known by his hacker pseudonym "Kingpin," stands as a prominent figure in the cybersecurity landscape. With an extensive background in hardware hacking, reverse engineering, and embedded systems, Joe …YOUTUBE.COM
📢 SECURITY ADVISORIES 6[−]
3 JulHow CISOs can protect their personal liabilityCourt cases against CISOs that threaten jail time and expensive penalties such as those against former Uber CISO Joe Sullivan and SolarWinds’ Timothy G. Brown , have kept CISOs wake at night. The pressure is on for CISOs to figure out how to minimize not only professional but per…CSOONLINE.COM
3 JulUS Supreme Court Ruling on Chevron Doctrine May Upend Future Cybersecurity RegulationThe ruling may lead to legal challenges against recent cybersecurity regulations, including the 2023 cyber incident reporting requirements by the Securities and Exchange Commission (SEC).CYBERSECURITYDIVE.COM
3 JulRoll20, an online tabletop role-playing game platform, discloses data breachRoll20 said that on June 29 it had detected that a “bad actor” gained access to an account on the company’s administrative website for one hour. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
🔥 INCIDENT REPORTING 20[−]
3 JulRafel RAT Attacking Android Devices To Gain Unauthorized AccessThe Rafel RAT is an advanced Android-targeting Remote Access Trojan which poses a great cybersecurity danger. This malicious program has become popular due to its prominence for breaking into device security and taking away confidential details. Knowing the origin of Rafel RAT, t…GBHACKERS.COM
3 JulIsraeli Entities Targeted by Cyberattack Using Donut and Sliver FrameworksCybersecurity researchers have discovered an attack campaign that targets various Israeli entities with publicly-available frameworks like Donut and Sliver. The campaign, believed to be highly targeted in nature, "leverage target-specific infrastructure and custom WordPress websi…THEHACKERNEWS.COM
3 JulPolyglot Files Enable Cyber Attack Chains and Methods for Detection & DisarmamentHackers are using polyglot files, which can fit into multiple file formats and evade detection by endpoint detection and response systems. Research indicates that some commercial EDR tools have a 0% detection rate for malicious polyglots.ARXIV.ORG
3 JulCybersecurity is Now a Top Concern for Auto Industry, Report FindsAccording to a survey by Rockwell Automation, vehicle and automotive supply manufacturers ranked cybersecurity as their biggest external concern. Cyberattacks resulted in $11.8 billion in damages during the first half of 2023 alone.CYBERSECURITYDIVE.COM
3 JulIndustry Groups Ask HHS for Guidance on Massive Change Breach ReportsIndustry groups are seeking further clarification on delegation processes and want a clear statement that covered entities without a business associate relationship with Change Healthcare are not obliged to notify patients.BANKINFOSECURITY.COM
3 JulHiap Seng Industries Servers Attacked by RansomwareHiap Seng Industries, a prominent engineering and construction company, has fallen victim to a ransomware attack that compromised its servers. The company has swiftly taken measures to contain the breach and ensure the continuity of its business operations. Immediate Containment …GBHACKERS.COM
3 Jul300k Affected by Year-Old Data Breach at Florida Community Health CentersFlorida Community Health Centers says the information of 300,000 individuals was stolen in a June 2023 ransomware attack. The post 300k Affected by Year-Old Data Breach at Florida Community Health Centers appeared first on SecurityWeek .SECURITYWEEK.COM
3 JulPatelco Credit Union Scrambling to Restore Systems Following Ransomware AttackPatelco Credit Union shuts down banking systems and suspends electronic operations in response to a ransomware attack. The post Patelco Credit Union Scrambling to Restore Systems Following Ransomware Attack appeared first on SecurityWeek .SECURITYWEEK.COM
3 JulFeds Hit Health Entity With $950K Fine in Ransomware AttackThe US Department of Health and Human Services has levied a fine of $950,000 from the Heritage Valley Health System in Pennsylvania. It must address potential HIPAA violations after a ransomware attack in 2017.BANKINFOSECURITY.COM
3 JulTotalEnergies Cyber Attack: Data of 210,715 Customers ExposedTotalEnergies Clientes SAU has reported a significant cyberattack that has compromised the personal data of 210,715 customers. The incident has raised serious concerns about data security and the integrity of digital infrastructures in the energy sector. Unauthorized Access Detec…GBHACKERS.COM
3 JulNew Ransomware Group Uses Phone Calls to Pressure Victims, Researchers SayResearchers have identified a new ransomware group called Volcano Demon responsible for two recent successful attacks on companies in the manufacturing and logistics sectors.THERECORD.MEDIA
3 JulFormula 1 governing body discloses data breach after email hacksFIA (Fédération Internationale de l'Automobile), the auto racing governing body since the 1950s, says attackers gained access to personal data after compromising several FIA email accounts in a phishing attack. [...]BLEEPINGCOMPUTER.COM
3 JulNew RUSI Report Exposes Psychological Toll of Ransomware, Urges ActionA recent report by the Royal United Services Institute (RUSI) emphasized the need for all incident response stakeholders to address the psychological and physiological impact of ransomware attacks on individuals.INFOSECURITY-MAGAZINE.COM
3 JulThe Not-So-Secret Network Access Broker x999xxMost accomplished cybercriminals go out of their way to separate their real names from their hacker handles. But among certain old-school Russian hackers it is not uncommon to find major players who have done little to prevent people from figuring out who they are in real life. A…KREBSONSECURITY.COM
3 JulPolish government investigates Russia-linked cyberattack on state news agencysubmitted by kid to cybersecurity 1 points | 0 comments https://securityaffairs.com/165139/intelligence/polish-government-investigating-russia-attack.htmlSECURITYAFFAIRS.COM
3 JulAuto Dealers Plan July Fourth Comeback After CDK CyberattackDealership Software Firm Continues Restoration Process Amid Fallout and Lawsuits CDK Global, a dealership software solutions company that provides tech solutions to an estimated 15,000 auto dealers in the United States and Canada, is aiming to restore its systems by the July Four…DATABREACHTODAY.CO.UK
3 JulHealthEquity data breach exposes protected health informationHealthcare fintech firm HealthEquity is warning that it suffered a data breach after a partner's account was compromised and used to access the Company's systems to steal protected health information. [...]BLEEPINGCOMPUTER.COM
3 JulHealthEquity says data breach is an ‘isolated incident’HealthEquity said in an 8-K filing with the SEC that it detected “anomalous behavior by a personal use device belonging to a business partner.” © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
3 JulChildren's Hospital Notifies 800,000 of Data Theft in AttackChicago Pediatrics Center Refused to Pay Ransom to Rhysida Cybercrime Group A Chicago pediatrics hospital is notifying nearly 800,000 people that their information was compromised in a ransomware attack earlier this year. Cybercrime group Rhysida had demanded a $3.4 million ranso…DATABREACHTODAY.CO.UK
🕵️ THREAT INTELLIGENCE 15[−]
3 JulCyber Security Today, July 3, 3034 - Beware of advanced attack tacticsThis episode reports on some of the new ways threat actors are bypassing phishing defencesCYBERSECURITYTODAY.LIBSYN.COM
3 JulWhat are You Working on Wednesdaysubmitted by shellsharks to cybersecurity 1 points | 0 comments Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.INFOSEC.PUB
3 JulBSides Cheltenham 2024 - 20 videossubmitted by ashar to security_cpe 1 points | 0 comments https://infosec.pub/pictrs/image/1820bf48-b402-4a9e-afd4-9708b9aabe58.png BSides Cheltenham 2024 Playlist BSides Cheltenham 2024 ScheduleINFOSEC.PUB
3 JulCybersecurity M&A Roundup: 29 Deals Announced in June 2024Roundup of the more than two dozen cybersecurity-related merger and acquisition (M&A) deals announced in June 2024. The post Cybersecurity M&A Roundup: 29 Deals Announced in June 2024 appeared first on SecurityWeek .SECURITYWEEK.COM
3 JulBrazil Data Regulator Bans Meta From Mining Data to Train AI ModelsBrazil’s national data protection authority has determined that Meta cannot use data originating in the country to train its artificial intelligence. The post Brazil Data Regulator Bans Meta From Mining Data to Train AI Models appeared first on SecurityWeek .SECURITYWEEK.COM
3 JulDoes your business have an AI blind spot? Navigating the risks of shadow AIWith AI now an integral part of business operations, shadow AI has become the next frontier in information security. Here’s what that means for managing risk. For many organizations, 2023 was the breakout year for generative AI. Now, large language models (LLMs) like ChatGP…SECURITYINTELLIGENCE.COM
3 JulThe Growing Dichotomy of AI-Powered Code in Cloud-Native SecurityAI-accelerated workflows create new cybersecurity risks. AI-developed code and security within the cloud-native ecosystem needs understanding. The post The Growing Dichotomy of AI-Powered Code in Cloud-Native Security appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
3 JulOver 380k Hosts Still Referencing Malicious Polyfill Domain: CensysCensys has discovered more than 380,000 hosts, including major platforms, still referencing the malicious polyfill.io domain. The post Over 380k Hosts Still Referencing Malicious Polyfill Domain: Censys appeared first on SecurityWeek .SECURITYWEEK.COM
3 JulTwilio says hackers identified cell phone numbers of two-factor app Authy usersTwilio says "threat actors were able to identify" phone numbers of people who use the two-factor app Authy. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
3 JulHackers abused API to verify millions of Authy MFA phone numbersTwilio has confirmed that an unsecured API endpoint allowed threat actors to verify the phone numbers of millions of Authy multi-factor authentication users, potentially making them vulnerable to smishing and SIM swapping attacks. [...]BLEEPINGCOMPUTER.COM
3 JulSplunk Named a 10-Time Leader in Gartner® Magic Quadrant™ for SIEMIn this webinar session, you will learn new innovations for our industry-defining SIEM solution, Splunk Enterprise Security, and the rest of our security solutionsDATABREACHTODAY.CO.UK
3 JulEmbracing Resilience, Grit and Adaptability in the WorkplaceWhat to Do When a Sudden Change or Loss Challenges These Qualities Resilience, grit and adaptability are key traits for success in the professional world. But what happens when these qualities are put to the test? Unexpected events can shake us to our core and challenge our abili…DATABREACHTODAY.CO.UK
3 JulScaling Zero Trust: How ThreatLocker Uses Series D FundsDanny Jenkins on Leveraging Funding for Global Expansion, Endpoint Security and MDR ThreatLocker CEO Danny Jenkins explains how Series D funding is driving the company's zero trust cybersecurity model forward. He discusses the company's focus on improving endpoint security, the i…DATABREACHTODAY.CO.UK
3 JulSecuring OT Environments - Dr. Ed Harris - BTS #33Ed Harris joins us to discuss how to secure OT environments, implement effective air gaps, and more! This segment is sponsored by Eclypsium. Visit https://securityweekly.com/eclypsium to learn more about them! Show Notes: https://securityweekly.com/bts-33YOUTUBE.COM
3 JulFedRAMP Launches New Framework for Emerging TechnologiesFramework Sets Stage for Agencies to Increasingly Adopt New, Modern Tech Solutions The Federal Risk Authorization Management Program unveiled a new framework designed to help agencies increasingly adopt emerging technologies that maintain rigorous security standards and that can …DATABREACHTODAY.CO.UK
🌐 CYBER THREAT LANDSCAPE 8[−]
3 JulFakeBat Loader Malware Spreads Widely Through Drive-by Download AttacksThe loader-as-a-service (LaaS) known as FakeBat has become one of the most widespread loader malware families distributed using the drive-by download technique this year, findings from Sekoia reveal. "FakeBat primarily aims to download and execute the next-stage payload, such as …THEHACKERNEWS.COM
3 JulAPP Fraud Singled Out as Biggest Financial Crime ThreatNearly two-thirds of payments professionals in the UK believe that fraud is the most urgent financial crime threat, with authorized push payment (APP) scams being the top concern, according to a survey by The Payments Association.INFOSECURITY-MAGAZINE.COM
3 JulUnderstanding the FakeBat Loader: Distribution Tactics and Cybercriminal InfrastructureIn the early part of 2024, the FakeBat loader, also known as EugenLoader or PaykLoader, emerged as a significant threat utilizing the drive-by download technique to spread malware.THECYBEREXPRESS.COM
3 JulOVHcloud blames record-breaking DDoS attack on MikroTik botnetOVHcloud, a global cloud services provider and one of the largest of its kind in Europe, says it mitigated a record-breaking distributed denial of service (DDoS) attack earlier this year that reached an unprecedented packet rate of 840 million packets per second (Mpps). [...]BLEEPINGCOMPUTER.COM
3 JulWhat’s new in the MSRC Report Abuse Portal and APIThe Microsoft Security Response Center (MSRC) has always been at the forefront of addressing cyber threats, privacy issues, and abuse arising from Microsoft Online Services. Building on our commitment, we have introduced several key updates to the Report Abuse Portal and API, whi…MSRC.MICROSOFT.COM
🎙️ PODCASTS 2[−]
3 JulTransatlantic Cable podcast episode 354 | Kaspersky official blogEpisode 354 has more DMA news, Microsoft in the docks, Google thwart influencer op & more!KASPERSKY.COM
3 JulSmashing Security podcast #379: Private nights, evil twins, and crypto home invasionsApps can let you spy on strangers in bars, a gang of cryptocurrency thieves turns to kidnap and assault, and have you joined the mile-high evil twin club? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans G…GRAHAMCLULEY.COM
📡 INFOSEC NEWS 13[−]
3 JulFCC Drafts Rules to Strengthen Cyber of Emergency SystemsThe Federal Communications Commission (FCC) has proposed draft final rules to enhance the security of public alert and warning systems in the face of emerging cybersecurity threats.MERITALK.COM
3 JulThe Impossibility of “Getting Ahead” in Cyber DefenseThe nature of defense is inherently stacked against defenders, as cybercriminals aim to disrupt systems while defenders manage complex tech stacks. Additionally, the rapid evolution of technology means defenders are always playing catch-up.HELPNETSECURITY.COM
3 JulIn a major update, Proton adds privacy-safe document collaboration to Drive, its freemium E2EE cloud storage serviceCollaborative document features are being made available inside Proton Drive, further extending the company's trademark pitch of robust security. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
3 JulChrome Update Will Block Entrust Certificates by November 2024Google has announced that starting November 1, 2024, Chrome version 127 and higher will no longer trust new TLS server authentication certificates from Entrust and AffirmTrust.INFOSECURITY-MAGAZINE.COM
3 JulDozens of Arrests Disrupt $2.7m Vishing GangThe criminal gang targeted elderly Spanish citizens by posing as bank employees through voice phishing and then showing up unannounced at their homes to collect cards, bank details, and PINs.INFOSECURITY-MAGAZINE.COM
3 JulDownload the UEM vendor comparison chart, 2024 editionFrom the editors of our sister publication Computerworld, this vendor comparison chart helps IT and security staff understand what the major unified endpoint management (UEM) platforms can do for their organizations to help choose the right solution.US.RESOURCES.CSOONLINE.COM
3 JulInside the workings of fraud-as-a-service | Kaspersky official blogScammers are forming large gangs to provide fraud-as-a-service.KASPERSKY.COM
3 JulNo room for error: Don’t get stung by these common Booking.com scamsFrom sending phishing emails to posting fake listings, here’s how fraudsters hunt for victims while you’re booking your well-earned vacationWELIVESECURITY.COM