🐛 COMMON VULNERABILITIES AND EXPOSURES 1[−]
4 JulHackers attack HFS servers to drop malware and Monero minersHackers are targeting older versions of the HTTP File Server from Rejetto to drop malware and cryptocurrency mining software by exploiting a critical vulnerability (CVE-2024-23692) that allows executing arbitrary commands without authentication.BLEEPINGCOMPUTER.COM
⚠️ VULNERABILITY DISCLOSURE 13[−]
4 JulGlobal Police Operation Shuts Down 600 Cybercrime Servers Linked to Cobalt StrikeA coordinated law enforcement operation codenamed MORPHEUS has felled close to 600 servers that were used by cybercriminal groups and were part of an attack infrastructure associated with the Cobalt Strike. The crackdown targeted older, unlicensed versions of the Cobalt Str…THEHACKERNEWS.COM
4 JulKaspersky software ban: CISOs must move quickly, experts sayThe US government enacted new restrictions on Kaspersky’s customers , indicting 12 of its executives and prohibiting further sales of its software and services in June. The regulations augment existing bans from using its software by US federal agencies that began several years a…CSOONLINE.COM
4 JulThreat Actors Selling Shopify Commerce Platform Data on Dark WebThreat actors have been found selling sensitive data from the Shopify commerce platform on the dark web. This alarming news was first reported by DarkWebInformer on their social media Twitter account, raising significant concerns about the security of e-commerce platforms and the…GBHACKERS.COM
4 JulOver 380,000+ Hosts Embedding Polyfill JS script Linking to Malicious DomainOver 380,000 web hosts have been found embedding a compromised Polyfill.io JavaScript script, linking to a malicious domain. This supply chain attack has sent shockwaves through the web development community, highlighting the vulnerabilities inherent in widely used open-source li…GBHACKERS.COM
4 JulOperation Morpheus took down 593 Cobalt Strike servers used by threat actorsThe international law enforcement operation, Operation Morpheus, led to the takedown of 593 Cobalt Strike servers used by cybercriminals. This action was a collaborative effort involving multiple countries and private partners.SECURITYAFFAIRS.COM
4 JulTabletop exercise scenarios: 10 tips, 6 examplesWhat is a tabletop exercise? A tabletop exercise is an informal, discussion-based session in which a team talks through their roles and responses during an emergency, walking through one or more example scenarios. It’s a great way to get business continuity plans off the written …CSOONLINE.COM
4 JulMicrosoft Uncovers Critical Flaws in Rockwell Automation PanelView PlusMicrosoft has revealed two security flaws in Rockwell Automation PanelView Plus that could be weaponized by remote, unauthenticated attackers to execute arbitrary code and trigger a denial-of-service (DoS) condition. "The [remote code execution] vulnerability in PanelView Plus in…THEHACKERNEWS.COM
4 JulEuropol disrupts about 600 abusive Cobalt Strike serversA slew of IP addresses associated with the abuse of Fortra’s legitimate red teaming tool, Cobalt Strike, have been taken down by a coordinated law enforcement operation dubbed “Morpheus.” The Europol-led operation between June 24 and 28 targeted older, unlicensed versions of the …CSOONLINE.COM
4 JulSplunk fixed tens of flaws in Splunk Enterprise and Cloud PlatformSplunk has released security updates to address 16 vulnerabilities in Splunk Enterprise and Cloud Platform. These vulnerabilities include high-severity flaws such as Remote Code Execution (RCE) and Serialized Session Payload exploits.SECURITYAFFAIRS.COM
4 JulCritical Vulnerabilities Found in Rockwell PanelView PlusMicrosoft Uncovers Critical Flaws in Rockwell PanelView Plus Microsoft has found critical vulnerabilities in Rockwell Automation's PanelView Plus products that could enable remote code execution and denial-of-service attacks by unauthenticated attackers, potentially compromising …DATABREACHTODAY.CO.UK
4 JulCryptohack Roundup: JPEX Case UpdateAlso:SEC's Lawsuit against Silvergate, Suspected Bittensor Exploit Every week, ISMG rounds up cybersecurity incidents in digital assets. This week's stories include singer Nine Chen’s potential prosecution in the JPEX case, SEC's lawsuit Silvergate, a suspected Bittensor exploit,…DATABREACHTODAY.CO.UK
4 JulBreach Roundup: FBI Warns of US Renewable Energy Sector ThreatsGoogle Offers $250,000 Reward for KVM Vulns; CocoaPods Flaws Expose Apple Apps This week: FBI warns of cyber threats to US renewable energy sector; Indonesia data center hacker apologizes; Google Pixel 6 series devices bricked, critical vulnerability in EoL D-Link routers, Google…DATABREACHTODAY.CO.UK
📋 SECURITY BULLETINS 1[−]
4 JulGhostscript Vulnerabilities Patched in Recent Ubuntu UpdatesCanonical has released Ubuntu security updates to address bugs in Ghostscript, a tool used for interpreting PostScript and PDF files. These vulnerabilities could potentially allow attackers to bypass security restrictions or execute malicious code.SECURITYBOULEVARD.COM
📢 SECURITY ADVISORIES 3[−]
4 JulAlert: French Diplomats Targeted By Russian Cyber AttacksANSSI warned about a hacking group linked to Russia's SVR targeting French diplomatic interests. The group has compromised email accounts at the French Ministry of Culture and the National Agency for Territorial CohesionSECURITYBOULEVARD.COM
4 JulCalifornia Advances Unique Safety Regulations for AI Companies Despite Tech Firm oppositionLawmakers voted to advance legislation that would require AI companies to test their systems and add safety measures to prevent them from being potentially manipulated for malicious purposes. The post California Advances Unique Safety Regulations for AI Companies Despite Tech Fir…SECURITYWEEK.COM
🔥 INCIDENT REPORTING 12[−]
4 JulTwilio's Authy App Breach Exposes Millions of Phone NumbersCloud communications provider Twilio has revealed that unidentified threat actors took advantage of an unauthenticated endpoint in Authy to identify data associated with Authy accounts, including users' cell phone numbers. The company said it took steps to secure the endpoint to …THEHACKERNEWS.COM
4 JulTwilio Confirms Data Breach After Hackers Leak 33M Authy User Phone NumbersTwilio has confirmed a data breach after hackers leaked 33 million phone numbers associated with the Authy app. The post Twilio Confirms Data Breach After Hackers Leak 33M Authy User Phone Numbers appeared first on SecurityWeek .SECURITYWEEK.COM
4 JulNew ‘Pryx’ Ransomware Hijacked 30,000 University ApplicationsA new player has emerged on the cybercrime landscape the ransomware group “Pryx.” Pryx has claimed its first attack, announcing that it has compromised the systems of Rowan College at Burlington County (RCBC.edu) and stolen 30,000 university applications. This announcement was ma…GBHACKERS.COM
4 JulCyber Extortion Soars: SMBs Hit Four Times HarderThe Cy-Xplorer 2024 report by Orange Cyberdefense reveals a significant rise in cyber extortion, with 60 ransomware groups affecting 4374 victims from Q1 2023 to Q1 2024. SMBs are targeted 4.2 times more than larger enterprises.INFOSECURITY-MAGAZINE.COM
4 JulOVHcloud blames record-breaking DDoS attack on MikroTik botnetOVHcloud successfully mitigated a record-breaking DDoS attack with a packet rate of 840 million packets per second. The attack originated from compromised MikroTik network devices, which were used to generate high packet rates.BLEEPINGCOMPUTER.COM
4 JulWhy Zero Trust Is Critical in Health and Government SectorsImplementing a zero trust security approach is critical to avoid the types of major IT disruptions and massive data compromises seen in recent cyberattacks that affected the healthcare, public health and government sectors, said Clinton McCarty, CISO at National Government Servic…DATABREACHTODAY.CO.UK
4 JulRansomware Eruption: Novel Locker Malware Flows From ‘Volcano Demon'submitted by kid to cybersecurity 0 points | 0 comments https://www.darkreading.com/cyberattacks-data-breaches/ransomware-eruption-novel-locker-malware-flows-from-volcano-demonDARKREADING.COM
4 JulVolcano Demon ransomware group rings its victims to extort moneySecurity researchers have warned that a new ransomware group has taken an unusual twist on the traditional method of extorting money from its corporate victims. Read more in my article on the Tripwire State of Security blog.TRIPWIRE.COM
4 JulEthereum mailing list breach exposes 35,000 to crypto draining attackA threat actor compromised Ethereum's mailing list provider and sent to over 35,000 addresses a phishing email with a link to a malicious site running a crypto drainer. [...]BLEEPINGCOMPUTER.COM
4 JulDate Hot Brunettes - 1,494,078 breached accountsIn January 2021, the now defunct website Date Hot Brunettes which provided a service to "Date Neglected Women Who Can Keep a Secret", suffered a data breach. The incident exposed 1.5M unique email addresses along with IP addresses, usernames, user-entered bios and MD5 p…HAVEIBEENPWNED.COM
🕵️ THREAT INTELLIGENCE 6[−]
4 JulTraeger smokes security bugs threatening grillers' hard worksubmitted by Alphane_Moon to cybersecurity 1 points | 1 comments https://www.theregister.com/2024/07/03/traeger_security_bugs/THEREGISTER.COM
4 JulHackers abused API to verify millions of Authy MFA phone numbersTwilio has confirmed that an unsecured API endpoint allowed threat actors to access phone numbers of millions of Authy multi-factor authentication users, potentially making them vulnerable to SMS phishing and SIM swapping attacks.BLEEPINGCOMPUTER.COM
4 JulFakeBat Malware Weaponizing AnyDesk, Zoom, Teams & ChromeHackers target and weaponize AnyDesk, Zoom, Teams, and Chrome as these applications are widely used in a multitude of sectors. Not only that, but even these widely used applications also provide access to many users and sensitive information. Cybersecurity researchers at Sekoia i…GBHACKERS.COM
4 JulInfostealer malware logs used to identify child abuse website membersResearchers at Recorded Future's Insikt Group analyzed infostealer malware logs captured between February 2021 and February 2024. They cross-referenced the credentials with 20 known CSAM domains, identifying 3,324 unique username-password pairs.BLEEPINGCOMPUTER.COM
4 JulOperation Morpheus took down 593 Cobalt Strike servers used by threat actorssubmitted by kid to cybersecurity 1 points | 0 comments https://securityaffairs.com/165172/cyber-crime/operation-morpheus-aganst-cobalt-strike-abuse.htmlSECURITYAFFAIRS.COM
4 JulGhostscript Vulnerabilities Patched in Recent Ubuntu Updatessubmitted by kid to cybersecurity 1 points | 0 comments https://securityboulevard.com/2024/07/ghostscript-vulnerabilities-patched-in-recent-ubuntu-updatesSECURITYBOULEVARD.COM
🌐 CYBER THREAT LANDSCAPE 5[−]
4 JulMekotio Banking Trojan Threatens Financial Systems in Latin AmericaWe’ve recently seen a surge in attacks involving the Mekotio banking trojan. In this blog entry, we'll provide an overview of the trojan and what it does.TRENDMICRO.COM
4 Jul384,000 sites pull code from sketchy code library recently bought by Chinese firmOver 384,000 websites, including those of major companies and government entities, are still linking to the polyfill[.]io code library that was recently acquired by a Chinese firm and used to perform a supply chain attack.ARSTECHNICA.COM
4 JulMekotio Banking Trojan Threatens Financial Systems in Latin AmericaThe Mekotio banking trojan is a highly sophisticated malware that targets Latin American countries, with a focus on stealing banking credentials. It spreads through phishing emails, tricking users into interacting with malicious links or attachments.TRENDMICRO.COM
4 JulHackers attack HFS servers to drop malware and Monero minersHackers are targeting older versions of the HTTP File Server (HFS) from Rejetto to drop malware and cryptocurrency mining software. [...]BLEEPINGCOMPUTER.COM
📡 INFOSEC NEWS 5[−]
4 JulBrazil Halts Meta's AI Data Processing Amid Privacy ConcernsBrazil's data protection authority, Autoridade Nacional de Proteção de Dados (ANPD), has temporarily banned Meta from processing users' personal data to train the company's artificial intelligence (AI) algorithms. The ANPD said it found "evidence of processing of personal data ba…THEHACKERNEWS.COM
4 JulSophos Named a 2024 Gartner® Peer Insights™ Customers’ Choice for Network Firewalls and Endpoint Protection PlatformsCustomers have recognized Sophos for the third consecutive yearSOPHOS.COM
4 JulSocial media and teen mental health – Week in security with Tony AnscombeSocial media sites are designed to make their users come back for more. Do laws restricting children's exposure to addictive social media feeds have teeth or are they a political gimmick?WELIVESECURITY.COM