90Articles
10Categories
2024-07-10Date
🚨 CISA KEV 1[−]
10 Jul KEVCISA Adds Microsoft Windows and Rejetto HTTP File Server Bugs to its Known Exploited Vulnerabilities CatalogThe vulnerabilities added include CVE-2024-23692 affecting Rejetto HTTP File Server, CVE-2024-38080 impacting Windows Hyper-V, and CVE-2024-38112 targeting Windows MSHTML Platform.SECURITYAFFAIRS.COM
🐛 COMMON VULNERABILITIES AND EXPOSURES 4[−]
10 JulNew OpenSSH Vulnerability Discovered: Potential Remote Code Execution RiskSelect versions of the OpenSSH secure networking suite are susceptible to a new vulnerability that can trigger remote code execution (RCE). The vulnerability, tracked as CVE-2024-6409 (CVSS score: 7.0), is distinct from CVE-2024-6387 (aka RegreSSHion) and relates to a case of cod…THEHACKERNEWS.COM
10 JulNew Flaw in OpenSSH can Lead to Remote Code ExecutionA vulnerability in certain versions of the OpenSSH secure networking suite may allow for remote code execution. The vulnerability, identified as CVE-2024-6409 with a CVSS score of 7.0, affects specific versions of OpenSSH such as 8.7p1 and 8.8p1.SECURITYAFFAIRS.COM
10 JulNew Ransomware Group Exploiting Veeam Backup Software VulnerabilityA now-patched security flaw in Veeam Backup & Replication software is being exploited by a nascent ransomware operation known as EstateRansomware. Singapore-headquartered Group-IB, which discovered the threat actor in early April 2024, said the modus operandi involved the exp…THEHACKERNEWS.COM
10 JulCISA and FBI Release Secure by Design Alert on Eliminating OS Command Injection VulnerabilitiesToday, CISA and FBI are releasing their newest Secure by Design Alert in the series,  Eliminating OS Command Injection Vulnerabilities , in response to recent well-publicized threat actor campaigns that exploited OS command injection defects in network edge devices ( CVE-202…CISA.GOV
⚠️ VULNERABILITY DISCLOSURE 25[−]
10 JulMore than a CISO: the rise of the dual-titled IT leaderThe role of the CISO is expanding and these C-level leaders have been acquiring responsibilities and adding roles beyond their principal function. Dual-title roles such as CISO plus CIO, CTO, VP of engineering, head of product, or head of infrastructure reflect a shift towards br…CSOONLINE.COM
10 JulSoftware supply chain still dangerous despite new protectionsIn late March, Microsoft developer and engineer Andres Freund discovered that someone had placed a backdoor in the open-source data compression tool XZ Utils , a ubiquitous feature across Linux installations. The discovery averted what could have been the most disastrous supply c…CSOONLINE.COM
10 JulU.S. Disrupts AI-Powered Russian State-Sponsored Hackers Bot FarmIn collaboration with international partners, the U.S. Federal Bureau of Investigation (FBI) and the Cyber National Mission Force (CNMF) have successfully disrupted a sophisticated AI-powered bot farm operated by Russian state-sponsored hackers. The bot farm, known as Meliorator,…GBHACKERS.COM
10 JulHackers Target WordPress Calendar Plugin Used by 150,000 SitesHackers are targeting a vulnerability in the Modern Events Calendar WordPress plugin found on over 150,000 websites to upload files and execute code remotely. The plugin by Webnus is used to manage events.BLEEPINGCOMPUTER.COM
10 JulHow CISA Plans to Measure Trust in Open-Source SoftwareThe CISA is developing a new framework to assess the trustworthiness of open-source software projects. The agency's open-source software security roadmap aims to increase visibility into OSS use and risks across the federal government.HEALTHCAREINFOSECURITY.COM
10 JulMonocle: Open-Source LLM for Binary Analysis SearchMonocle is an open-source tool powered by an LLM for searching natural language in compiled binaries. It can analyze binaries based on criteria like authentication code or password strings, using Ghidra headless for decompilation.HELPNETSECURITY.COM
10 JulBlast RADIUS Attack can Bypass Authentication for ClientsThis vulnerability, known as Blast RADIUS and rated 7.5 out of 10 on the severity scale, affects the RADIUS networking protocol, potentially granting unauthorized access to network devices and services without credentials.THEREGISTER.COM
10 JulFBI disrupts 1,000 Russian bots spreading disinformation on XA covert Russian government-operated social media bot farm that used generative AI to spread disinformation to global users has been disrupted by a joint FBI-international cybersecurity forces operation. Affiliates of a Russian state-sponsored media organization Russia Today (RT)…CSOONLINE.COM
10 JulChinese State Actor APT40 Exploits N-Day Vulnerabilities Within Hourssubmitted by kid to cybersecurity 1 points | 0 comments https://www.infosecurity-magazine.com/news/chinese-state-exploits/INFOSECURITY-MAGAZINE.COM
10 JulCrypto Thefts Double to $1.4 Billion, TRM Labs FindsCryptocurrency exchange hacks and exploits are on the rise, with $1.38bn stolen in the first half of 2024, double the amount stolen in 2023. While it is lower than the record-breaking $2bn stolen in 2022, the surge may be due to higher token prices.INFOSECURITY-MAGAZINE.COM
10 Jul KEVMicrosoft July 2024 Patch Tuesday Fixes 142 Flaws, 4 Zero-DaysAs part of Microsoft's July 2024 Patch Tuesday, 142 flaws were addressed, including two zero-days actively exploited and two publicly disclosed. Five critical vulnerabilities were fixed, all related to remote code execution.BLEEPINGCOMPUTER.COM
10 JulSmash-and-Grab ExtortionThe Problem The “2024 Attack Intelligence Report” from the staff at Rapid7 [1] is a well-researched, well-written report that is worthy of careful study. Some key takeaways are:  53% of the over 30 new vulnerabilities that were widely exploited in 2023 and at the start of 20…THEHACKERNEWS.COM
10 Jul KEVMicrosoft's July Update Patches 143 Flaws, Including Two Actively ExploitedMicrosoft has released patches to address a total of 143 security flaws as part of its monthly security updates, two of which have come under active exploitation in the wild. Five out of the 143 flaws are rated Critical, 136 are rated Important, and four are rated Moderate in sev…THEHACKERNEWS.COM
10 JulChinese APT40 Is Ready To Exploit New Vulnerabilities Within Hours Of ReleaseMultiple international cybersecurity agencies jointly warn of a PRC state-sponsored cyber group, linked to the Ministry of State Security and known by various names like  APT40, Leviathan.  The group, based in Hainan Province, has targeted organizations globally, includ…GBHACKERS.COM
10 JulCitrix Patches Critical NetScaler Console VulnerabilityCitrix rolls out patches for multiple security vulnerabilities, including critical and high-severity issues in the NetScaler product line. The post Citrix Patches Critical NetScaler Console Vulnerability appeared first on SecurityWeek .SECURITYWEEK.COM
10 JulRADIUS VulnerabilityNew attack against the RADIUS authentication protocol: The Blast-RADIUS attack allows a man-in-the-middle attacker between the RADIUS client and server to forge a valid protocol accept message in response to a failed authentication request. This forgery could give the attacker ac…SCHNEIER.COM
10 Jul KEVWindows MSHTML zero-day used in malware attacks for over a yearMicrosoft fixed a Windows zero-day vulnerability that has been actively exploited in attacks for eighteen months to launch malicious scripts while bypassing built-in security features. [...]BLEEPINGCOMPUTER.COM
10 JulThe Stark Truth Behind the Resurgence of Russia’s Fin7The Russia-based cybercrime group dubbed "Fin7," known for phishing and malware attacks that have cost victim organizations an estimated $3 billion in losses since 2013, was declared dead last year by U.S. authorities. But experts say Fin7 has roared back to life in 2024 -- setti…KREBSONSECURITY.COM
10 JulEvolve data breach impacted upward of 7.64 million consumersThe number of persons affected by a recent data breach at Evolve Bank & Trust exceeds 7.64 million, a document submitted to the Office of the Maine Attorney General this week by the law firm representing the financial services organization reveals. According to the document, …CSOONLINE.COM
10 JulAustralia Flags Persistent Chinese Cyberespionage HackingNation-State Group APT40 Routinely Exploits Publicly Known Software Flaws The Australian cybersecurity agency is blaming a Chinese state-backed cyberespionage group, tracked as APT40, for persistent cyberattacks on Australian organizations to steal sensitive information. The grou…DATABREACHTODAY.CO.UK
10 JulGitLab: Critical bug lets attackers run pipelines as other usersGitLab warned today that a critical vulnerability in its product's GitLab Community and Enterprise editions allows attackers to run pipeline jobs as any other user. [...]BLEEPINGCOMPUTER.COM
10 JulResearchers Discover New Malware Aimed at Mining SectorRemote Access Trojan 'Poco RAT' Targets Mining, Manufacturing Sectors, Says Report A new report published by Cofense Intelligence identifies a malware called "Poco RAT" that is actively targeting mining and manufacturing sectors across Latin America through a simple remote access…DATABREACHTODAY.CO.UK
10 JulWidely Used RADIUS Authentication Flaw Enables MITM Attacks'Don't Panic,' Say Developers Security researchers identified an attack method against a commonly used network authentication protocol that dates back to the dial-up internet and relies on an obsolete hashing function. Researchers say "a well-resourced attacker" could make it pra…DATABREACHTODAY.CO.UK
📋 SECURITY BULLETINS 3[−]
10 Jul"Privatephoneshop" and "Myntex" are scam, selling insecure devices, and harrassing a GrapheneOS developerssubmitted by boredsquirrel to cybersecurity 1 points | 0 comments https://grapheneos.social/users/GrapheneOS/statuses/112756387037171909 Background & Licensing How comes GrapheneOS people find themselves in situations like these often? Their software is all permissively licen…GRAPHENEOS.SOCIAL
10 JulICS Patch Tuesday: Siemens, Schneider Electric, CISA Issue AdvisoriesSeveral ICS vendors released advisories on Tuesday to inform customers about vulnerabilities found in industrial and OT products. The post ICS Patch Tuesday: Siemens, Schneider Electric, CISA Issue Advisories appeared first on SecurityWeek .SECURITYWEEK.COM
10 JulMicrosoft Patch Tuesday July 2024 - Four Critical Vulnerabilities Patchedsubmitted by kid to cybersecurity 1 points | 0 comments https://isc.sans.edu/diary/Microsoft%20Patch%20Tuesday%20July%202024/31058ISC.SANS.EDU
📢 SECURITY ADVISORIES 13[−]
10 JulAs CISOs Grapple with the C-Suite, Job Satisfaction Takes a HitResearch shows that 75% of CISOs are considering a job change due to various challenges and pressures. CISOs often face accountability for cyber incidents and compliance failures, leading to discontent.CYBERSECURITYDIVE.COM
10 JulDigital solidarity vs. digital sovereignty: Which side are you on?The landscape of international cyber policy continues to evolve rapidly, reflecting the dynamic nature of technology and global geopolitics. Central to this evolution are two competing concepts: digital solidarity and digital sovereignty. The U.S. Department of State, through its…SECURITYINTELLIGENCE.COM
10 JulCan AI be Meaningfully Regulated, or is Regulation a Deceitful Fudge?Few people understand AI, nor how to use nor control it, nor where it is going. Yet politicians wish to regulate it. The post Can AI be Meaningfully Regulated, or is Regulation a Deceitful Fudge? appeared first on SecurityWeek .SECURITYWEEK.COM
10 JulFrom Policy to Practice in Security Culture: What Security Frameworks RecommendRecently I had to prepare for a governance, risk and compliance conference. I promptly realized that although I used to be quite immersed in this field as an ISO 27k implementation consultant and even a short stint as a Payment Card Industry (PCI QSA) auditor years ago, it has be…KNOWBE4.COM
10 JulAfter Customers Get Breached, Snowflake Refines SecurityMandatory Multifactor Authentication Among New Features Given to Administrators In the wake of multiple customers of Snowflake collectively losing terabytes of data to attackers, the cloud-based data warehousing platform has rolled out a swath of cybersecurity improvements, inclu…DATABREACHTODAY.CO.UK
10 JulJapan warns of attacks linked to North Korean Kimsuky hackersJapan's Computer Emergency Response Team Coordination Center (JPCERT/CC) is warning that Japanese organizations are being targeted in attacks by the North Korean 'Kimsuky' threat actors. [...]BLEEPINGCOMPUTER.COM
10 JulCISA urges devs to weed out OS command injection vulnerabilities​CISA and the FBI urged software companies on Wednesday to review their products and eliminate path OS command injection vulnerabilities before shipping. [...]BLEEPINGCOMPUTER.COM
🔥 INCIDENT REPORTING 7[−]
10 JulThreat Actors Claiming Breach of KFC DatabaseA group of threat actors has claimed responsibility for breaching the database of fast-food giant KFC. The announcement was made via a post on the social media platform X by the user @MonThreat, who is known for disseminating information about cybersecurity incidents. The claim h…GBHACKERS.COM
10 JulThe Heritage Foundation - 72,004 breached accountsIn July 2024, hacktivists published almost 2GB of data taken from The Heritage Foundation and their media arm, The Daily Signal . The data contained 72k unique email addresses, primarily used for commenting on articles (along with names, IP addresses and the comments left) and by…HAVEIBEENPWNED.COM
10 JulIt’s Time to Reassess Your Cybersecurity PrioritiesA cyber resilience strategy is vital for business continuity and can provide a range of benefits before, during, and after a cyberattack. The post It’s Time to Reassess Your Cybersecurity Priorities appeared first on SecurityWeek .SECURITYWEEK.COM
10 JulTrue Protection or False Promise? The Ultimate ITDR Shortlisting GuideIt’s the age of identity security. The explosion of driven ransomware attacks has made CISOs and security teams realize that identity protection lags 20 years behind their endpoints and networks. This realization is mainly due to the transformation of lateral movement from fine a…THEHACKERNEWS.COM
10 JulNew Eldorado Ransomware Attacking Windows And Linux SystemsRansomware-as-a-service (RaaS) has evolved into sophisticated enterprise-like model. From 2022 to 2023, ransomware programs advertised on the dark web increased by half, with 27 ads identified. The RAMP forum was made the main hub of hiring for ransomware. Attacks published on sp…GBHACKERS.COM
10 JulMost Security Pros Admit Shadow SaaS and AI UseA recent Next DLP poll revealed that 73% of cybersecurity professionals used unauthorized apps, including AI, last year. Top concerns were data loss, lack of control, and breaches, with 10% admitting to a breach due to these tools.INFOSECURITY-MAGAZINE.COM
10 JulMicrosoft emails that warned customers of Russian hacks criticized for looking like spam and phishingCybersecurity experts are criticizing Microsoft for data breach notification emails that are confusing customers. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
🕵️ THREAT INTELLIGENCE 15[−]
10 JulISC Stormcast For Wednesday, July 10th, 2024 https://isc.sans.edu/podcastdetail/9046, (Wed, Jul 10th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
10 JulX-Files Stealer Attacking Windows Users to Steal PasswordsCybersecurity experts have identified a new malware strain, dubbed “XFiles Stealer,” which is actively targeting Windows users to steal passwords and other sensitive information. The discovery was made public by MonThreat, a prominent cybersecurity research group, via…GBHACKERS.COM
10 JulPersistent npm Campaign Shipping Trojanized jQueryApproximately 68 malicious packages were created between May 26 and June 23, 2024, with deceptive names like cdnjquery and jquertyi. These packages were manually crafted, unlike automated attacks, allowing the threat actor to steal website form data.PHYLUM.IO
10 JulScammers Offering Fraud-as-a-service to Other Scammers to Drain Victims FundsScammers no longer need to possess technical expertise or devise intricate fraud schemes. The rise of Fraud-as-a-Service (FaaS) has revolutionized scam execution, making it easier for even the most inexperienced fraudsters to prey on unsuspecting victims. This article delves into…GBHACKERS.COM
10 JulNew Golang Botnet "Zergeca" Discovered, Delivers Brutal DDoS Attackssubmitted by kid to cybersecurity 1 points | 0 comments https://hackread.com/golang-botnet-zergeca-ddos-attacks/HACKREAD.COM
10 JulUS Disrupts AI-Powered Russian Bot Farm on XThe US and allies blame Russian state-sponsored threat actors for using Meliorator AI software to create a social media bot farm. The post US Disrupts AI-Powered Russian Bot Farm on X appeared first on SecurityWeek .SECURITYWEEK.COM
10 JulPasskeys Available for Passkeys high-risk Users in the Advanced Protection ProgramGoogle has announced the integration of passkeys into its Advanced Protection Program (APP). This development aims to provide an easier and more secure alternative to traditional passwords, enhancing protection against common cyber threats such as phishing, malware, and unauthori…GBHACKERS.COM
10 JulBSides SF 2024 - 61 videossubmitted by ashar to security_cpe 1 points | 0 comments https://bsidessf.org/ Playlist BSides San Francisco 2024 youtube.com/playlist?list=PLbZzXF2qC3RtlV2pwcvdbs…INFOSEC.PUB
10 JulRussian Spear Phishing Campaigns Target NATO EntitiesResearchers at Mandiant (part of Google Cloud) warn that Russian government threat actors continue to target NATO member countries with spear phishing attacks. APT29 in particular has been targeting the technology sector in order to launch supply chain attacks.KNOWBE4.COM
10 JulHouthi-Aligned APT Targets Mideast Militaries With 'GuardZoo' Spywaresubmitted by kid to cybersecurity 1 points | 0 comments https://www.darkreading.com/threat-intelligence/houthi-aligned-apt-targets-middle-east-militaries-spywareDARKREADING.COM
10 JulAI Provides an Rx for Cybersecurity in HealthcareTapan Mehta discusses the challenges, opportunities and future of AI in protecting healthcare infrastructure and data. The post AI Provides an Rx for Cybersecurity in Healthcare appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
10 JulVMware Patches Critical SQL-Injection Flaw in Aria AutomationVMware warns that authenticated malicious users could enter specially crafted SQL queries and perform unauthorized read/write operations in the database. The post VMware Patches Critical SQL-Injection Flaw in Aria Automation appeared first on SecurityWeek .SECURITYWEEK.COM
10 JulCytactic Snags $16M Seed Funding for Cyber Crisis Management TechnologyIsraeli startup raises $16 million in seed funding to build what is being described as a “cyber crisis readiness and management” platform. The post Cytactic Snags $16M Seed Funding for Cyber Crisis Management Technology appeared first on SecurityWeek .SECURITYWEEK.COM
10 JulSingapore to Phase Out One-Time Passwords in BankingMonetary Authority Responds to Surge in Phishing Scams That Impersonate Banks The Monetary Authority of Singapore said banks will phase out one-time passwords for bank account logins over the next three months for customers who use digital tokens to authenticate their identity. T…DATABREACHTODAY.CO.UK
10 JulBitMEX Pleads Guilty to Violating Anti-Money Laundering LawsCryptocurrency Exchange Platform 'Willfully Flouted US Anti-Money Laundering Laws' The once-leading cryptocurrency exchange platform known as BitMEX pleaded guilty Wednesday to willfully violating the Bank Secrecy Act and anti-money laundering laws to effectively serve as a money…DATABREACHTODAY.CO.UK
🌐 CYBER THREAT LANDSCAPE 6[−]
10 JulViperSoftX Malware Disguises as eBooks on Torrents to Spread Stealthy AttacksThe sophisticated malware known as ViperSoftX has been observed being distributed as eBooks over torrents. "A notable aspect of the current variant of ViperSoftX is that it uses the Common Language Runtime (CLR) to dynamically load and run PowerShell commands, thereby creating a …THEHACKERNEWS.COM
10 JulUK Government Advises Best Practices for Embedded Device SecurityThe cybersecurity arm of the UK government, RITICS, has released a new guide to assist companies in enhancing the security of their operational technology (OT) and industrial control system (ICS) hardware.SCMAGAZINE.COM
10 JulTicket Heist network of 700 domains sells fake Olympic Games ticketsA large-scale fraud campaign with over 700 domain names is likely targeting Russian-speaking users looking to purchase tickets for the Summer Olympics in Paris. [...]BLEEPINGCOMPUTER.COM
10 JulTicket Heist fraud gang uses 700 domains to sell fake Olympics ticketsA large-scale fraud campaign with over 700 domain names is likely targeting Russian-speaking users looking to purchase tickets for the Summer Olympics in Paris. [...]BLEEPINGCOMPUTER.COM
10 JulViperSoftX malware covertly runs PowerShell using AutoIT scriptingThe latest variants of the ViperSoftX info-stealing malware use the common language runtime (CLR) to load and execute PowerShell commands within AutoIt scripts to evade detection. [...]BLEEPINGCOMPUTER.COM
🎙️ PODCASTS 1[−]
10 JulUnderstanding IoT security risks and how to mitigate them | Cybersecurity podcastAs security challenges loom large on the IoT landscape, how can we effectively counter the risks of integrating our physical and digital worlds?WELIVESECURITY.COM
📡 INFOSEC NEWS 15[−]
10 JulCrypto Analysts Expose HuiOne Guarantee's $11 Billion Cybercrime TransactionsCryptocurrency analysts have shed light on an online marketplace called HuiOne Guarantee that's widely used by cybercriminals in Southeast Asia, particularly those linked to pig butchering scams. "Merchants on the platform offer technology, data, and money laundering services, an…THEHACKERNEWS.COM
10 JulGoogle Advanced Protection Program gets passkeys for high-risk usersGoogle announced today that passkeys are now available for high-risk users when enrolling in the Advanced Protection Program, which provides the strongest level of account security. [...]BLEEPINGCOMPUTER.COM
10 JulGoogle Adds Passkeys to Advanced Protection Program for High-Risk UsersGoogle on Wednesday announced that it's making available passkeys for high-risk users to enroll in its Advanced Protection Program (APP). "Users traditionally needed a physical security key for APP — now they can choose a passkey to secure their account," Shuvo Chatterjee, produc…THEHACKERNEWS.COM
10 JulUS Senate NDAA 2025 Boosts Military Cyber and AI InitiativesThe Senate Armed Services Committee presented the NDAA for fiscal year 2025, totaling $923.3 billion for defense funding. This includes $878.4 billion for the Pentagon and $33.4 billion for national security programs under the Department of Energy.BANKINFOSECURITY.COM
10 JulTicket Heist Network of 700 Domains Sells Fake Olympic Games TicketsQuoIntelligence discovered the operation called Ticket Heist, with convincing websites selling fake Olympic tickets. The prices on these websites are much higher than the official ones.BLEEPINGCOMPUTER.COM
10 JulRegional Transport Office Themed Phishing Campaign Targets Android Users In IndiaPhishing messages impersonating the Regional Transport Office have been circulating since 2024, claiming traffic violations and prompting users to download a malicious APK named "VAHAN PARIVAHAN.apk".CYBLE.COM
10 JulUS Busts Russian AI-Driven Disinformation OperationThe Department of Justice investigated around 1,000 accounts on social media platform X, previously Twitter, which were used by the Kremlin to spread pro-Moscow propaganda created by the AI-driven Meliorator software.BANKINFOSECURITY.COM
10 JulFinding Honeypot Data Clusters Using DBSCAN: Part 1, (Wed, Jul 10th)Sometimes data needs to be transformed or different tools need to be used so that it can be compared with other data. Some honeypot data is easy to compare since there is no customized information such as randomly generated file names, IP addresses, etc. ISC.SANS.EDU
10 JulSophos ZTNA now supports on-premise Microsoft ADThe gateway image updates are available from Sophos Central. There is no need to update your ZTNA agents.SOPHOS.COM
10 JulMicrosoft fixes Windows 11 bug causing reboot loops, taskbar freezesMicrosoft has fixed a known issue causing restart loops and taskbar problems on Windows 11 systems after installing the June KB5039302 preview update. [...]BLEEPINGCOMPUTER.COM
10 JulAnnouncing The Bug Bounty Program Pack 1.0PACKETSTORMSECURITY.COM
10 JulHuione Guarantee exposed as a $11 billion marketplace for cybercrimeThe seemingly legitimate online marketplace Huione Guarantee is being used as a platform for laundering money from online scams, especially "pig butchering" investment fraud, researchers say. [...]BLEEPINGCOMPUTER.COM
10 JulMicrosoft 365, Office users hit by wave of ‘30088-27’ update errorsOver the last month, Microsoft 365 and Microsoft Office users have been experiencing "30088-27" errors when attempting to update the application. [...]BLEEPINGCOMPUTER.COM