12Articles
5Categories
2024-07-13Date
⚠️ VULNERABILITY DISCLOSURE 4[−]
13 JulExim Vulnerability Affecting 1.5M Servers Lets Attackers Attach Malicious FilesSecurity researchers have identified a critical vulnerability affecting over 1.5 million Exim email servers, making them vulnerable to attacks that can deliver executable attachments to user accounts.ARSTECHNICA.COM
13 JulMillions of Exim Servers Still Exposed to Critical FlawNearly 5 Million Servers May be Affected, Only 82 Have Been Patched A critical vulnerability in Exim Mail Transfer Agent enables threat actors to bypass email security filters and deliver malicious attachments directly to user inboxes. Nearly 5 million servers could be vulnerable…DATABREACHTODAY.CO.UK
13 JulResurrecting Internet Explorer -- the nasty threat impacting potentially millions of Windows 10 and 11 userssubmitted by BrikoX to cybersecurity 1 points | 0 comments https://betanews.com/2024/07/10/resurrecting-internet-explorer-the-nasty-threat-impacting-potentially-millions-of-windows-10-and-11-users/ Check Point Research (CPR) has identified a critical zero-day spoofing attack expl…BETANEWS.COM
13 JulHackers use PoC exploits in attacks 22 minutes after releaseThreat actors are quick to weaponize available proof-of-concept (PoC) exploits in actual attacks, sometimes as quickly as 22 minutes after exploits are made publicly available. [...]BLEEPINGCOMPUTER.COM
🔥 INCIDENT REPORTING 1[−]
13 JulAT&T Confirms Data Breach Affecting Nearly All Wireless CustomersAmerican telecom service provider AT&T has confirmed that threat actors managed to access data belonging to "nearly all" of its wireless customers as well as customers of mobile virtual network operators (MVNOs) using AT&T's wireless network. "Threat actors unlawfully acc…THEHACKERNEWS.COM
🕵️ THREAT INTELLIGENCE 2[−]
13 JulChina's APT41 Crew Adds Stealthy Malware to its ToolboxDodgeBox deploys MoonWalk backdoor as a DAT file post-execution. The backdoor shares evasion techniques with DodgeBox and uses Google Drive for command-and-control communication.THEREGISTER.COM
13 Jul16-bit Hash Collisions in .xls Spreadsheets, (Sat, Jul 13th)A couple years ago, in diary entry " Unprotecting Malicious Documents For Inspection " I explain how .xls spreadsheets are password protected (but not encrypted). And in follow-up diary entry " Maldocs: Protection Passwords ", I talk about an update to my oledump plugin plugin&#x…ISC.SANS.EDU
🌐 CYBER THREAT LANDSCAPE 1[−]
13 JulCoyote Banking Trojan Targets LATAM with a Focus on Brazilian Financial InstitutionsA .NET banking Trojan named Coyote has been identified as a threat to Brazilian financial institutions. It uses a unique execution chain involving the abuse of legitimate software to harvest user financial information.BLOGS.BLACKBERRY.COM
📡 INFOSEC NEWS 4[−]
13 JulMalicious NuGet Campaign Uses Homoglyphs and IL Weaving to Fool DevsThis new set of packages, consisting of approximately 60 packages and 290 versions, showcases a more sophisticated approach compared to earlier attacks revealed in October 2023, according to ReversingLabs.REVERSINGLABS.COM
13 JulNew FishXProxy Phishing Kit Making Phishing Accessible to Script KiddiesFishXProxy is designed to evade detection and maximize credential theft attempts, equipped with features like traffic management to hide link destinations and a cross-project tracking capability for persistent targeting.HACKREAD.COM
13 JulHow to protect your startup from email scamsBusiness email compromise attacks are on the rise. Here's how you can stay ahead of the hackers. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
13 JulMicrosoft fixes bug causing Windows Update automation issuesMicrosoft has resolved a known issue caused by the June 2024 KB5039302 preview update, causing update problems when using Windows Update automation scripts on Windows 11 systems. [...]BLEEPINGCOMPUTER.COM