🐛 COMMON VULNERABILITIES AND EXPOSURES 1[−]
5 JulPseudo-exploit for CVE-2024-6387 aka regreSSHion | Kaspersky official blogUnknown actor is using the theme of the OpenSSH vulnerability CVE-2024-6387, also known as regreSSHion, to attack security researchers.KASPERSKY.COM
⚠️ VULNERABILITY DISCLOSURE 12[−]
5 JulHackers Abused Twilio API To Verify Phone Numbers used For MFAAn unauthenticated endpoint vulnerability allowed threat actors to identify phone numbers associated with Authy accounts, which was identified, and the endpoint has been secured to prevent unauthorized access. No evidence suggests the attackers gained access to internal sys…GBHACKERS.COM
5 JulLogic bombs explained: Definition, examples, preventionWhat is a logic bomb? A logic bomb is a set of instructions embedded in a software system that, if specified conditions are met, triggers a malicious payload to take actions against the operating system, application, or network. The actual code that does the dirty work, sometimes…CSOONLINE.COM
5 JulThreat Actor Claiming 2FA Bypass Vulnerability in HackerOne Bug Bounty PlatformA threat actor has claimed to have discovered a vulnerability that bypasses the two-factor authentication (2FA) on the HackerOne bug bounty platform. The claim was made public via a tweet from the account MonThreat, which is known for sharing cybersecurity-related information. Th…GBHACKERS.COM
5 JulMekotio Banking Trojan Attacking American Users To Steal Financial DataActive since 2015, Mekotio is a Latin American banking trojan specifically designed to target financial data in regions like Brazil, Chile, Mexico, Spain, and Peru. It exhibits links to the recently disrupted Grandoreiro malware, both likely originating from the same source. Meko…GBHACKERS.COM
5 JulNew “Paste and Run” Phishing Technique Makes CTRL-V A Cyber Attack AccompliceA new phishing campaign tries to trick email recipients into pasting and executing malicious commands on their system that installs DarkGate malware.KNOWBE4.COM
5 JulOver 35,000 Ether subscribers targeted in a campaign from crypto drainingA huge number of Ether (ETH) investors were targeted in a phishing campaign directing users to a crypto-draining site, the cryptocurrency issuing company Ethereum said in a blog post . The threat actor used an email address list of their own, combined with one exported from the c…CSOONLINE.COM
5 JulMeet Brex, Google Cloud, Aerospace and more at Disrupt 2024We’re about four months away from TechCrunch Disrupt 2024, taking place October 28 to 30 in San Francisco! We could not bring you this world-class event without our world-class partners — some of the startup ecosystem’s leading tech companies. Why? They show up armed with their e…TECHCRUNCH.COM
5 JulLatest Ghostscript Vulnerability Haunts Experts As The Next Big Breach EnablerPACKETSTORMSECURITY.COM
5 JulHacker Stole Secrets From OpenAIChatGPT maker OpenAI was breached in 2023, but the company says source code and customer data were not accessed. The post Hacker Stole Secrets From OpenAI appeared first on SecurityWeek .SECURITYWEEK.COM
5 JulState-Sponsored Phishing Campaigns Target 40,000 VIP IndividualsResearchers at Menlo Security discovered three state-sponsored phishing campaigns that have targeted 40,000 important individuals over the past three months. “In a recent 90-day period, Menlo Labs uncovered a trifecta of sophisticated [highly evasive and adaptive threat] campaign…KNOWBE4.COM
5 JulNew Intel CPU side-channel attack Indirector can leak sensitive dataFive years after the Spectre and Meltdown CPU attacks rocked the computer industry, researchers are still finding new techniques that exploit low-level processor features to break security boundaries in operating systems and leak protected data across different processes and priv…CSOONLINE.COM
5 JulNew Zealand Fitness Retailer Hit By DragonForce RansomwareRansomware Group Apparently Uses Leaked LockBit Builder Code to Mount Attacks A ransomware group that uses locker malware based on the leaked LockBit 3.0 ransomware builder compromised New Zealand's leading fitness equipment retailer. The DragonForce ransomware group on Tuesday s…DATABREACHTODAY.CO.UK
📢 SECURITY ADVISORIES 2[−]
5 JulHealth Benefits Administrator Reports 3rd-Party Hack to SECHealthEquity Says a Vendor's Compromised Credentials Led to Data Theft Breach HealthEquity, which administers healthcare benefits plans for employers, has notified the U.S. Securities and Exchange Commission of a data exfiltration breach involving the compromised credentials of a…DATABREACHTODAY.CO.UK
🔥 INCIDENT REPORTING 13[−]
5 JulIndia’s Airtel dismisses data breach reports amid customer concernsAirtel, India’s second-largest telecom operator, on Friday denied any breach of its systems following reports of an alleged security lapse that has caused concern among its customers. The telecom group, which also sells productivity and security solutions to businesses, sai…TECHCRUNCH.COM
5 JulTurla: A Master of DeceptionThe Turla malware has been found using weaponized LNK files to infect computers. The malware leverages a compromised website to distribute malicious packages through phishing emails.GDATASOFTWARE.COM
5 JulHackers Compromised Ethereum’s Mailing List to Drain Their Crypto FundsIn a recent cyberattack, hackers successfully compromised Ethereum’s mailing list, attempting to drain users’ crypto funds through a sophisticated phishing campaign. The breach has raised significant concerns within the cryptocurrency community, prompting immediate ac…GBHACKERS.COM
5 JulGootLoader Malware Still Active, Deploys New Versions for Enhanced AttacksThe malware known as GootLoader continues to be in active use by threat actors looking to deliver additional payloads to compromised hosts. "Updates to the GootLoader payload have resulted in several versions of GootLoader, with GootLoader 3 currently in active use," cybersecurit…THEHACKERNEWS.COM
5 JulSome Data Is ‘Breached’ During a Hacking Attack on the Alabama Education DepartmentAlabama’s education superintendent said some data was breached during a hacking attempt at the State Department of Education. The post Some Data Is ‘Breached’ During a Hacking Attack on the Alabama Education Department appeared first on SecurityWeek .SECURITYWEEK.COM
5 JulCloudflare Details 1.1.1.1 Service Outage IncidentOn June 27, 2024, Cloudflare experienced a disruption of its 1.1.1.1 DNS resolver service. This several-hour incident was caused by a combination of BGP (Border Gateway Protocol) hijacking and a route leak. The event led to a noticeable impact on users globally, with some unable …GBHACKERS.COM
5 JulIn Other News: Microsoft Details ICS Flaws, Smart Grill Hacking, Predator Spyware ActivityNoteworthy stories that might have slipped under the radar: Microsoft details Rockwell HMI vulnerabilities, smart grills hacked, Predator spyware activity drops. The post In Other News: Microsoft Details ICS Flaws, Smart Grill Hacking, Predator Spyware Activity appeared first on …SECURITYWEEK.COM
5 JulOpenAI's internal AI details stolen in 2023 breach, NYT reportssubmitted by kid to cybersecurity 4 points | 0 comments https://www.reuters.com/technology/cybersecurity/openais-internal-ai-details-stolen-2023-breach-nyt-reports-2024-07-05/REUTERS.COM
5 JulWebinar Alert: Learn How ITDR Solutions Stop Sophisticated Identity AttacksIdentity theft isn't just about stolen credit cards anymore. Today, cybercriminals are using advanced tactics to infiltrate organizations and cause major damage with compromised credentials. The stakes are high: ransomware attacks, lateral movement, and devastating data breaches.…THEHACKERNEWS.COM
5 JulOpenAI Did Not Disclose 2023 Breach to Feds, Public: ReportHacker had Unauthorized Access to Data on Designs for New AI Use Cases A hacker reportedly stole information on OpenAI's new technologies last year by breaking into the company's internal messaging systems. The messages comprised details of designs for new AI technologies, the Ne…DATABREACHTODAY.CO.UK
5 JulNew Eldorado ransomware targets Windows, VMware ESXi VMsA new ransomware-as-a-service (RaaS) called Eldorado emerged in March and comes with locker variants for VMware ESXi and Windows. [...]BLEEPINGCOMPUTER.COM
5 JulCloudflare blames recent outage on BGP hijacking incidentInternet giant Cloudflare reports that its DNS resolver service, 1.1.1.1, was recently unreachable or degraded for some of its customers because of a combination of Border Gateway Protocol (BGP) hijacking and a route leak. [...]BLEEPINGCOMPUTER.COM
5 JulOpenAI breach is a reminder that AI companies are treasure troves for hackersThere’s no need to worry that your secret ChatGPT conversations were obtained in a recently reported breach of OpenAI’s systems. The hack itself, while troubling, appears to have been superficial — but it’s reminder that AI companies have in short order made the…TECHCRUNCH.COM
🕵️ THREAT INTELLIGENCE 11[−]
5 JulPolyfill[.]io Attack Impacts Over 380,000 Hosts, Including Major CompaniesThe supply chain attack targeting widely-used Polyfill[.]io JavaScript library is wider in scope than previously thought, with new findings from Censys showing that over 380,000 hosts are embedding a polyfill script linking to the malicious domain as of July 2, 2024. This include…THEHACKERNEWS.COM
5 JulKimusk’s HappyDoor Executed Via regsvr32 File To Evade DetectionKimsuky, also known as the Velvet Chollima, Black Banshee, THALLIUM, or Emerald Sleet, is a North Korean state-sponsored advanced cyber espionage group that uses sophisticated methods to target political, economic, and national security interests for various countries. They are v…GBHACKERS.COM
5 JulHow Intelligence Sharing Can Help Keep Major Worldwide Sporting Events on TrackThe Olympic Games is only 29 days long, so set up and take down is a very intense period, where the threat actors can take advantage. The post How Intelligence Sharing Can Help Keep Major Worldwide Sporting Events on Track appeared first on SecurityWeek .SECURITYWEEK.COM
5 JulOVHcloud Sees Record 840 Mpps DDoS AttackOVHcloud says it mitigated the largest ever DDoS attack leveraging packet rate, which peaked at 840 Mpps. The post OVHcloud Sees Record 840 Mpps DDoS Attack appeared first on SecurityWeek .SECURITYWEEK.COM
5 JulRockYou2024: 10 billion passwords leaked in the largest compilation of all timesubmitted by kid to cybersecurity 2 points | 0 comments https://cybernews.com/security/rockyou2024-largest-password-compilation-leak/CYBERNEWS.COM
5 JulOff-Topic Fridaysubmitted by shellsharks to cybersecurity 1 points | 0 comments Wanna chat about something non-infosec amongst those of us who frequent /c/cybersecurity? Here’s your chance! (Keep things civil & respectful please)INFOSEC.PUB
5 JulDon't Fall for It: How to Spot Social Media Job Scams a Mile AwayAs social media becomes more intertwined with our daily routines, cybercriminals are using it to trick people with fake job offers. What are these social-media recruitment scams, and how can you spot the red flags?KNOWBE4.COM
5 JulPhishing Attacks Themed Around Popular Weight Loss Drugs Increase 183%As popularity grows for these proven methods of weight loss, scammers have taken note and have placed a significant focus on separating victims from their money.KNOWBE4.COM
5 JulBinary - SWN VaultCheck out this interview from the SWN Vault, hand picked by main host Doug White! This segment was originally published on July 20, 2017. Doug talks about how to count from zero to one! Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://secu…YOUTUBE.COM
5 JulISMG Editors: A Tribute to Steve KingSteve King's Legacy in Cybersecurity: Insights and Reflections In this special edition of the ISMG Editors’ Panel, we honored the memory of industry veteran Steve King, managing director of CyberEd.io. His friend Richard Bird joined ISMG editors to share reflections on Steve's le…DATABREACHTODAY.CO.UK
5 JulFriday Squid Blogging: Newly Discovered Vampire SquidA new vampire squid species was discovered in the South China Sea. Blog moderation policy.SCHNEIER.COM
🌐 CYBER THREAT LANDSCAPE 3[−]
5 JulNew Golang-Based Zergeca Botnet Capable of Powerful DDoS AttacksCybersecurity researchers have uncovered a new botnet called Zergeca that's capable of conducting distributed denial-of-service (DDoS) attacks. Written in Golang, the botnet is so named for its reference to a string named "ootheca" present in the command-and-control (C2) servers …THEHACKERNEWS.COM
5 JulMalicious QR Reader App in Google Play Delivers Anatsa Banking MalwareA malicious QR code reader app on Google Play has been found distributing the Anatsa banking malware, posing a significant threat to users' financial data. The app has already been downloaded thousands of times.CYBERSECURITYNEWS.COM
5 JulNew Golang Zergeca Botnet appeared in the threat landscapeThe researchers at QiAnXin XLab team discovered a new Golang-based botnet called Zergeca, capable of conducting DDoS attacks. It was detected through a suspicious ELF file and has been used to launch DDoS attacks in Canada, the U.S., and Germany.SECURITYAFFAIRS.COM
📡 INFOSEC NEWS 10[−]
5 JulWhy you need to remove the Polyfill.io script from your websiteThe JavaScript CDN service Polyfill.io is being used for spreading malicious code redirecting users to third-party websites.KASPERSKY.COM
5 JulTurning Jenkins Into a Cryptomining Machine From an Attacker's PerspectiveIn this blog entry, we will discuss how the Jenkins Script Console can be weaponized by attackers for cryptomining activity if not configured properly.TRENDMICRO.COM
5 JulCyber Security Today, July 5, 2024 - Prepare for business email compromise attacksA report on business email compromise attacks is highlighted in this editionCYBERSECURITYTODAY.LIBSYN.COM
5 JulBlueprint for Success: Implementing a CTEM OperationThe attack surface isn’t what it once was and it’s becoming a nightmare to protect. A constantly expanding and evolving attack surface means risk to the business has skyrocketed and current security measures are struggling to keep it protected. If you’ve clicked on this article, …THEHACKERNEWS.COM
5 JulOverlooked Domain Name Resiliency Issues: Registrar Communications, (Fri, Jul 5th)I often think the Internet would work better without DNS. People unable to remember an IP address would be unable to use it. But on the other hand, there is more to DNS than translating a human-readable hostname to a "machine-readable" IP address. DNS does allow us to use consist…ISC.SANS.EDU
5 JulOVHcloud Hit with Record 840 Million PPS DDoS Attack Using MikroTik RoutersFrench cloud computing firm OVHcloud said it mitigated a record-breaking distributed denial-of-service (DDoS) attack in April 2024 that reached a packet rate of 840 million packets per second (Mpps). This is just above the previous record of 809 million Mpps reported by Akamai as…THEHACKERNEWS.COM
5 JulHackers leak alleged Taylor Swift tickets, amp up Ticketmaster extortionHackers have leaked what they claim is Ticketmaster barcode data for 166,000 Taylor Swift Eras Tour tickets, warning that more events would be leaked if a $2 million extortion demand is not paid. [...]BLEEPINGCOMPUTER.COM