76Articles
8Categories
2024-07-12Date
🚨 CISA KEV 1[−]
12 Jul KEVTop 10 open source software risks — and how to mitigate themCalls for a critical look at how open-source software (OSS) is secured and used have been increasing after a number of recent scares exposed vulnerabilities and risks, in particular the XZ Utils incident that revealed a backdoor inserted into a widely used OSS for compression and…CSOONLINE.COM
🐛 COMMON VULNERABILITIES AND EXPOSURES 5[−]
12 JulMultiple Threat Actors Exploit PHP Flaw CVE-2024-4577 to Deliver MalwareThe PHP vulnerability, tracked as CVE-2024-4577, with a CVSS score of 9.8, allows attackers to execute commands on Windows systems using Chinese and Japanese language settings.SECURITYAFFAIRS.COM
12 JulKnown SSH-Snake bites more victims with multiple OSS exploitationCRYSTALRAY, a threat actor known to have used Secure Shell (SSH) based malware to gain access into victim systems in the past, has scaled operations to over 1,500 victims using multiple open source software (OSS) tools, according to a Sysdig study. After gaining access, the threa…CSOONLINE.COM
12 JulCritical Exim Mail Server Vulnerability Exposes Millions to Malicious AttachmentsA critical security issue has been disclosed in the Exim mail transfer agent that could enable threat actors to deliver malicious attachments to target users' inboxes. The vulnerability, tracked as CVE-2024-39929, has a CVSS score of 9.1 out of 10.0. It has been addressed in vers…THEHACKERNEWS.COM
12 JulAttacks against the "Nette" PHP framework CVE-2020-15227, (Fri, Jul 12th)Today, I noticed some exploit attempts against an older vulnerability in the "Nette Framework", CVE-2020-15227 [1]. ISC.SANS.EDU
⚠️ VULNERABILITY DISCLOSURE 25[−]
12 JulWeekly Update 408Presently sponsored by: 1Password Extended Access Management: Secure every sign-in for every app on every device. I get the frustration and anger those working at organisations that have been breached feel, and I've seen it firsthand in my communications with them on so many…TROYHUNT.COM
12 JulExim vulnerability affecting 1.5 million servers lets attackers attach malicious filessubmitted by BrikoX to cybersecurity 1 points | 1 comments https://arstechnica.com/security/2024/07/more-than-1-5-million-email-servers-running-exim-vulnerable-to-critical-attacks/ Based on past attacks, It wouldn’t be surprising to see active targeting this time too.ARSTECHNICA.COM
12 JulCoyote Banking Trojan Attacking Windows Users To Steal Login DetailsHackers use Banking Trojans to steal sensitive financial information. These Trojans can also intercept and modify transactions, allowing hackers to drain bank accounts or make unauthorized purchases. BlackBerry cybersecurity researchers recently detected that the Coyote banking t…GBHACKERS.COM
12 JulWhat is the CIA triad? A principled framework for defining infosec policiesWhat is the CIA triad? The CIA triad components, defined The CIA triad, which stands for confidentiality, integrity, and availability,is a widely used information security model for guiding an organization’s efforts and policies aimed at keeping its data secure. The model has not…CSOONLINE.COM
12 JulVeeam Flaw Becomes Ransomware Vector a Year After PatchingA new ransomware gang known as EstateRansomware is exploiting a Veeam vulnerability that was patched over a year ago to spread file-encrypting malware and demand ransom payments.THEREGISTER.COM
12 JulEver Wonder How Hackers Really Steal Passwords? Discover Their Tactics in This WebinarIn today's digital age, passwords serve as the keys to our most sensitive information, from social media accounts to banking and business systems. This immense power brings with it significant responsibility—and vulnerability. Most people don't realize their credentials have been…THEHACKERNEWS.COM
12 JulmSpy Data Breach: Millions of Customers’ Data ExposedmSpy, a widely used phone spyware application, has suffered a significant data breach, exposing the sensitive information of millions of its customers. The breach, which Brainstack, mSpy’s parent company, has not publicly acknowledged, has raised serious concerns about spyw…GBHACKERS.COM
12 JulMacau Government Websites Hit with Cyberattack by Suspected Foreign HackersThe attack, identified as a distributed denial-of-service attack (DDoS), affected websites of security services, police, fire and rescue services, and the academy for public security forces.THERECORD.MEDIA
12 JulAT&T Details Massive Breach of Subscribers' Call LogsOngoing Law Enforcement Investigation Led to Delay in Public Breach Notification Attackers have stolen logs of call and text interactions pertaining to nearly every one of AT&T's millions of wireless customers, as well as customers of mobile virtual network operators who use …DATABREACHTODAY.CO.UK
12 JulYear-Old Veeam Vulnerability Exploited in Fresh Ransomware AttacksAkira and EstateRansomware cybercrime gangs have been exploiting a year-old Veeam Backup & Replication vulnerability in recent attacks. The post Year-Old Veeam Vulnerability Exploited in Fresh Ransomware Attacks appeared first on SecurityWeek .SECURITYWEEK.COM
12 JulJapanese Space Agency Spots Unspecified Zero-Day AttacksJAXA was targeted with zero-day exploits during its investigation with Microsoft into a 2023 cyberattack. The attack mainly affected its Active Directory system, prompting JAXA to shut down networks to prevent data compromise.THEREGISTER.COM
12 JulAustralian Defence Force Private and Husband Charged with Espionage for RussiaTwo Russian-born Australian citizens have been arrested and charged in the country for spying on behalf of Russia as part of a "complex" law enforcement operation codenamed BURGAZADA. This includes a 40-year-old woman, an Australian Defence Force (ADF) Army Private, and her husba…THEHACKERNEWS.COM
12 JulAT&T Details Massive Breach of Customers' Call and Text LogsOngoing Law Enforcement Investigation Led to Delay in Public Breach Notification Attackers have stolen logs of call and text interactions pertaining to nearly every one of AT&T's millions of wireless customers, as well as customers of mobile virtual network operators who use …DATABREACHTODAY.CO.UK
12 JulMore Vulnerability Shenanigans - PSW #834Bats in your headset, Windows Wifi driver vulnerabilities, Logitech's dongles, lighthttpd is heavy with vulnerabilities, node-ip's not vulnerability, New Intel CPU non-attacks, Blast Radius, Flipper Zero alternatives, will OpenSSH be exploited, emergency Juniper patches, and the …YOUTUBE.COM
12 JulAT&T Discloses Breach of Customer DataOn July 12, AT&T released a public statement on unauthorized access of customer data from a third-party cloud platform. AT&T also provided recommendations and resources for affected customers.     CISA encourages customers to review the following AT&am…CISA.GOV
12 JulDarkGate Malware Exploits Samba File Shares in Short-Lived CampaignCybersecurity researchers have shed light on a short-lived DarkGate malware campaign that leveraged Samba file shares to initiate the infections. Palo Alto Networks Unit 42 said the activity spanned the months of March and April 2024, with the infection chains using servers runni…THEHACKERNEWS.COM
12 JulCritical Exim Flaw Allows Attackers to Deliver Malicious Executables to MailboxesSuccessful exploitation could allow attackers to deliver executable attachments to inboxes. The post Critical Exim Flaw Allows Attackers to Deliver Malicious Executables to Mailboxes appeared first on SecurityWeek .SECURITYWEEK.COM
12 JulHackers Steal Phone, SMS Records for Nearly All AT&T CustomersAT&T Corp. disclosed today that a new data breach has exposed phone call and text message records for roughly 110 million people -- nearly all of its customers. AT&T said it delayed disclosing the incident in response to "national security and public safety concerns," n…KREBSONSECURITY.COM
12 JulCRYSTALRAY Group Targets 1,500 Organizations in 6 MonthsRelatively New Threat Actor Uses Open-Source Tools, Focuses on US and China A relatively new threat actor has compromised over 1,500 organizations worldwide since February, using open-source security tools to automate and streamline attack processes. Security researchers have tra…DATABREACHTODAY.CO.UK
12 JulCritical Exim bug bypasses security filters on 1.5 million mail serversCensys warns that over 1.5 million Exim mail transfer agent (MTA) instances are unpatched against a critical vulnerability that lets threat actors bypass security filters. [...]BLEEPINGCOMPUTER.COM
12 JulFriday Squid Blogging: 1994 Lair of Squid GameI didn’t know : In 1994, Hewlett-Packard released a miracle machine: the HP 200LX pocket-size PC. In the depths of the device, among the MS-DOS productivity apps built into its fixed memory, there lurked a first-person maze game called Lair of Squid . […] In Lair of S…SCHNEIER.COM
12 JulZeus Banking Malware Player Gets 9-Year Prison TermUkrainian Hacker Vyacheslav Penchukov Was on FBI's 'Most Wanted' List for a Decade Ukrainian hacker Vyacheslav Penchukov, who helped lead two different cybercrime groups that relied on Zeus and IcedID malware to steal bank details, has been sentenced to nearly 10 years in prison,…DATABREACHTODAY.CO.UK
12 JulDetecting Living Off The Land attacks with WazuhThreat actors commonly use Living Off The Land (LOTL) techniques to evade detection. Learn more from Wazuh about how its open source XDR/SIEM #cybersecurity platform can detect LOTL attacks. [...]BLEEPINGCOMPUTER.COM
📢 SECURITY ADVISORIES 3[−]
12 JulCISA Red Team Exercise Finds Critical Vulnerabilities in Federal Civilian AgencyCISA says a SILENTSHIELD red team assessment found gaping holes in the security posture of a federal civilian executive branch organization. The post CISA Red Team Exercise Finds Critical Vulnerabilities in Federal Civilian Agency appeared first on SecurityWeek .SECURITYWEEK.COM
12 JulISMG Editors: How Should We Handle Ransomware Code Flaws?Also: Uncertainty in US Cyber, AI Policy; Fake Gen AI That Distributes Malware In the latest weekly update, ISMG editors discussed how the industry should handle ransomware vulnerabilities, the rise of fake generative AI assistants that spread malware, and the implications that r…DATABREACHTODAY.CO.UK
12 JulWhite House Calls for Defending Critical InfrastructureAdministration Continues to Shift Software Security Responsibilities to Developers The Biden administration is calling on government agencies and departments to file fiscal year 2026 budget proposals that focus on defending critical infrastructure, dismantling threat actors and i…DATABREACHTODAY.CO.UK
🔥 INCIDENT REPORTING 16[−]
12 JulHackers Using ClickFix Social Engineering Tactics to Deploy MalwareCybersecurity researchers at McAfee Labs have uncovered a sophisticated new method of malware delivery, dubbed the “ClickFix” infection chain. This novel attack strategy leverages advanced social engineering techniques to manipulate unsuspecting users into executing m…GBHACKERS.COM
12 JulRansomware Gangs Invest in Custom Data Stealing MalwareRansomware gangs are now creating custom data-stealing malware instead of just encrypting files. Mature crime organizations are investing in bespoke data theft tools, according to a Cisco Talos report on the top 14 ransomware groups.THEREGISTER.COM
12 JulAdvance Auto Parts Cyber Attack: Over 2 Million Users Data ExposedRALEIGH, NC—Advance Stores Company, Incorporated, a prominent commercial entity in the automotive industry, has recently been the victim of a cyber attack. The breach, which occurred on April 14, 2024, was discovered on June 10, 2024, and has compromised the personal information …GBHACKERS.COM
12 JulRansomHub ransomware – what you need to knowDespite first appearing earlier this year, RansomHub is already considered one of the most prolific ransomware groups in existence. Read more in my article on the Tripwire State of Security blog.TRIPWIRE.COM
12 JulAT&T says criminals stole phone records of ‘nearly all’ customers in new data breachThe stolen data includes 110 million AT&T customer phone numbers, calling and text records, and some location-related data. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
12 JulAT&T Data Breach: ‘Nearly All’ Wireless Customers Exposed in Massive HackData breach exposed records of call and text interactions for nearly all AT&T’s wireless customers and has been linked to the recent attacks targeting Snowflake customers. The post AT&T Data Breach: ‘Nearly All’ Wireless Customers Exposed in Massive Hack appeared first o…SECURITYWEEK.COM
12 JulMassive AT&T data breach exposes call logs of 109 million customersAT&T is warning of a massive data breach where threat actors stole the call logs for approximately 109 million customers, or nearly all of its mobile customers, from an online database on the company's Snowflake account. [...]BLEEPINGCOMPUTER.COM
12 JulMillions Impacted by Breach at Advance Auto Parts Linked to Snowflake IncidentAdvance Auto Parts says the personal information of 2.3 million was compromised after hackers accessed its Snowflake account. The post Millions Impacted by Breach at Advance Auto Parts Linked to Snowflake Incident appeared first on SecurityWeek .SECURITYWEEK.COM
12 JulIn Other News: Apple’s Spyware Warning, CDK Global Ransom Payment, Sibanye CyberattackNoteworthy stories that might have slipped under the radar: Microsoft details Rockwell HMI vulnerabilities, smart grills hacked, Predator spyware activity drops. The post In Other News: Apple’s Spyware Warning, CDK Global Ransom Payment, Sibanye Cyberattack appeared first on Secu…SECURITYWEEK.COM
12 JulMobile surveillance software firm mSpy suffers data breachMobile surveillance software firm mSpy has suffered a breach that exposed sensitive information from millions of users. Customer support tickets dating back around 10 years were hacked and leaked by as yet unidentified attackers. The leaked dataset from mSpy’s Zendesk-powered cus…CSOONLINE.COM
12 JulWhat the AT&T phone records data breach means for youThe giant U.S. telco lost the information of around 110 million customers. Here’s what you need to know. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
12 JulRite Aid confirms data breach after June ransomware attackPharmacy giant Rite Aid confirmed a data breach after suffering a cyberattack in June, which was claimed by the RansomHub ransomware operation. [...]BLEEPINGCOMPUTER.COM
12 JulAT&T confirms arrest in data breach of more than 110 million customersWhen confirming details of a massive data breach of about 110 million customers, AT&T on Friday also revealed that it became apparently the first enterprise to be given permission to initially keep breach details secret, and then was cleared to publish. The incident itself—wh…CSOONLINE.COM
12 JulShould ransomware payments be banned? – Week in security with Tony AnscombeThe issue of whether to ban ransomware payments is a hotly debated topic in cybersecurity and policy circles. What are the implications of outlawing these payments, and would the ban be effective?WELIVESECURITY.COM
🕵️ THREAT INTELLIGENCE 13[−]
12 JulJoiners, Movers, Leavers, and Failures: Why is Identity Management Still Struggling? -... - ESW #367I'm always thrilled to chat with ex-analysts, and Henrique Teixeira can cover a lot of ground with us on the topic of identity management and governance. The more I talk to folks about IAM/IGA, the more I'm shocked at how little has changed. If anything, it seems like we've gone …YOUTUBE.COM
12 JulRockyou2024 is a scam, Google has a whoopsie, and AI is giving folks indigestion - ESW #367In this week's enterprise security news, 1. Seed rounds are getting huge 2. Lots of funding for niche security vendors 3. Rapid7 acquires Noetic Cyber 4. but Rapid7 is also rumored to sell itself! 5. Slack battles infostealers 6. The loss of Chevron deference impacts cyber 7. Sho…YOUTUBE.COM
12 JulISC Stormcast For Friday, July 12th, 2024 https://isc.sans.edu/podcastdetail/9050, (Fri, Jul 12th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
12 JulU.S. Seizes Domains Used by AI-Powered Russian Bot Farm for DisinformationThe U.S. Department of Justice (DoJ) said it seized two internet domains and searched nearly 1,000 social media accounts that Russian threat actors allegedly used to covertly spread pro-Kremlin disinformation in the country and abroad on a large scale. "The social media bot farm …THEHACKERNEWS.COM
12 JulJapan Warns of Attacks Linked to North Korean Kimsuky HackersThe attacks were detected earlier this year, with indicators of compromise shared by AhnLab Security Intelligence Center. The attackers initiate their attacks with phishing emails containing malicious attachments disguised as documents.BLEEPINGCOMPUTER.COM
12 JulThe NSA Has a Long-Lost Lecture by Adm. Grace HopperThe NSA has a video recording of a 1982 lecture by Adm. Grace Hopper titled “Future Possibilities: Data, Hardware, Software, and People.” The agency is (so far) refusing to release it. Basically, the recording is in an obscure video format. People at the NSA can’…SCHNEIER.COM
12 JulHowto unlock KeepassDX with your Secure Elementsubmitted by boredsquirrel to cybersecurity 1 points | 0 comments Google Pixel phones, especially with GrapheneOS, are worlds more secure than other technologies. Every user account is decrypted with a key generated by the secure element, and the pin is just used to unlock that k…SH.ITJUST.WORKS
12 JulBrands are changing cybersecurity strategies due to AI threats Over the past 18 months, AI has changed how we do many things in our work and professional lives — from helping us write emails to affecting how we approach cybersecurity. A recent Voice of SecOps 2024 study found that AI was a huge reason for many shifts in cybersecu…SECURITYINTELLIGENCE.COM
12 Jul🚨 The REAL Cost of Security Vulnerabilities! 🛡️💸 | Interview with Jason Kikta 🎙️Ever wondered what security vulnerabilities are really costing you? 💰 Join hosts Paul Asadoorian and John Loucaides as they dive deep with expert Jason Kikta on the latest episode of Below the Surface Podcast. 🎧 Get insights on how to protect your assets and understand the true i…YOUTUBE.COM
12 JulOff-Topic Fridaysubmitted by shellsharks to cybersecurity 1 points | 0 comments Wanna chat about something non-infosec amongst those of us who frequent /c/cybersecurity? Here’s your chance! (Keep things civil & respectful please)INFOSEC.PUB
12 JulAutobahn, APT 40, Meliorator, RADIUS, AT&T, Apple, Josh Marpet, and More... - SWN #397Wir fahren auf der AutoBahn, APT 40, Meliorator, RADIUS, AT&T, Apple, Josh Marpet, and More on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-397YOUTUBE.COM
12 JulFedNow's First Year: Mixed Bag of Achievements, ChallengesNew Payment Rail Enrolled 800 FIs, But Transaction Volumes Lag Expectations In July 2023, the U.S. payments industry marked a major milestone with the launch of FedNow, the Federal Reserve's instant payment service for depository institutions. This long-anticipated development pr…DATABREACHTODAY.CO.UK
🌐 CYBER THREAT LANDSCAPE 1[−]
12 JulExploring Compiled V8 JavaScript Usage in MalwareCompiled V8 JavaScript in Google's engine converts JavaScript into low-level bytecode, making analysis and detection difficult. Attacks using this bytecode ensure compatibility with the V8 engine for successful execution.RESEARCH.CHECKPOINT.COM
📡 INFOSEC NEWS 12[−]
12 JulCytactic Raises $16M in Seed FundingCytactic, an Israel-based provider of a platform pioneering cyber crisis readiness and management, raised $16M in a seed funding round led by Evolution Equity Partners. It intends to use the funds to expand operations and development efforts.FINSMES.COM
12 JulThe Stark Truth Behind the Resurgence of Russia’s FIN7FIN7, a cybercrime group responsible for billions in losses, was dismantled by U.S. authorities in 2023. However, they resurfaced in 2024 with Stark Industries Solutions, hosting thousands of fake websites mimicking renowned companies.KREBSONSECURITY.COM
12 JulNetgear warns users to patch auth bypass, XSS router flawsNetgear warned customers to update their devices to the latest available firmware, which patches stored cross-site scripting (XSS) and authentication bypass vulnerabilities in several WiFi 6 router models. [...]BLEEPINGCOMPUTER.COM
12 JulSIEM benefits for medium-sized business | Kaspersky official blogWhat cyberthreats are relevant to growing businesses, and how SIEM helps protect against themKASPERSKY.COM
12 JulNetgear warns users to patch auth bypass, XSS router flawsNetgear warned customers to update their devices to the latest available firmware, which patches stored cross-site scripting (XSS) and authentication bypass vulnerabilities in several WiFi 6 router models. [...]BLEEPINGCOMPUTER.COM
12 JulGaining Better Visibility Into Medical Devices, IoT, OTThe deployment of an asset management platform is helping Main Line Health gain deeper visibility and better security over the 100,000-plus medical devices and IoT gear used throughout the group's multiple hospitals and medical facilities, said CISO Aaron Weismann, who discusses …DATABREACHTODAY.CO.UK
12 JulDNS hijacks target crypto platforms registered with SquarespaceA wave of coordinated DNS hijacking attacks targets decentralized finance (DeFi) cryptocurrency domains using the Squarespace registrar, redirecting visitors to phishing sites hosting wallet drainers. [...]BLEEPINGCOMPUTER.COM