88Articles
9Categories
2024-07-15Date
🚨 CISA KEV 1[−]
15 Jul KEVCISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its  Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2024-36401 OSGeo GeoServer GeoTools Eval Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cybe…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 4[−]
15 Jul39 hardware vulnerabilities: A guide to the threatsIn January 2018, the entire computer industry was put on alert by two new processor vulnerabilities dubbed Meltdown and Spectre that defeated the fundamental OS security boundaries separating kernel and user space memory. The flaws stemmed from a performance feature of modern CPU…CSOONLINE.COM
15 JulMicrosoft Says Windows Not Impacted by regreSSHion as Second OpenSSH Bug Is FoundA second remote code execution vulnerability, tracked as CVE-2024-6409, was found in OpenSSH during an analysis of the regreSSHion flaw. The post Microsoft Says Windows Not Impacted by regreSSHion as Second OpenSSH Bug Is Found appeared first on SecurityWeek .SECURITYWEEK.COM
15 JulCritical Cellopoint Secure Email Gateway Flaw Let Attackers Execute Arbitrary CodeA critical vulnerability has been discovered in the Cellopoint Secure Email Gateway, identified as CVE-2024-6744. This flaw assigned a CVSS score of 9.8, poses a severe risk to organizations using this email security solution. CVE-2024-6744: A Critical Vulnerability According to …GBHACKERS.COM
15 JulCVE-2024-38112: Void Banshee Targets Windows Users Through Zombie Internet Explorer in Zero-Day AttacksOur threat hunters discovered CVE-2024-38112, which was used as a zero-day by APT group Void Banshee, to access and execute files through the disabled Internet Explorer using MSHTML. We promptly identified and reported this zero-day vulnerability to Microsoft, and it has been pat…TRENDMICRO.COM
⚠️ VULNERABILITY DISCLOSURE 11[−]
15 JulAT&T’s massive breach of metadata is a criminal treasure trove — as spy agencies knowLast week we learned via an SEC 8K filing that data has once again been stolen from AT&T . In this instance, the information was call data records (CDRs), which were purloined by threat actors between April 14 and April 25, 2024, from an “AT&T workspace on a third-party c…CSOONLINE.COM
15 JulCredential-Stealing OSS 'Crystalray' Attacks Jump 10XCrystalray's attack chain involves using various OSS tools for reconnaissance, scanning, and exploiting vulnerabilities. The group was first discovered in February using the "SSH-Snake" tool to exploit vulnerabilities in Atlassian Confluence.DARKREADING.COM
15 JulDarkGate Malware Exploiting Excel Files And SMB File SharesDarkGate, a Malware-as-a-Service (MaaS) platform, experienced a surge in activity since September 2023, employing various distribution methods, including email attachments, malicious ads, and compromised Samba shares. Initially a human-operated command-and-control infrastructure,…GBHACKERS.COM
15 JulBeware Of Weaponized EBooks That Deliver AsyncRATEBooks are popular, and their popularity lucrative threat actors the most, as they are widely shared digital assets that can easily circumvent security measures. Threat actors exploit users’ trust in seemingly harmless documents by embedding malware in eBook files or disgui…GBHACKERS.COM
15 JulCISA Urges Software Makers to Eliminate OS Command Injection FlawsThe US government is pressuring software manufacturers to address operating system command injection vulnerabilities following high-profile threat actor campaigns exploiting these flaws in 2024.INFOSECURITY-MAGAZINE.COM
15 JulGoogle eyes security startup Wiz for $23B in its largest-ever acquisitionGoogle parent Alphabet is reportedly in advanced talks to acquire Wiz, a New York-based cybersecurity startup, in a deal valued at about $23 billion, according to the Wall Street Journal . If finalized, the deal would be nearly double Google’s previous record purchase of Motorola…CSOONLINE.COM
15 JulCRYSTALRAY Hackers Infect Over 1,500 Victims Using Network Mapping ToolA threat actor that was previously observed using an open-source network mapping tool has greatly expanded their operations to infect over 1,500 victims. Sysdig, which is tracking the cluster under the name CRYSTALRAY, said the activities have witnessed a 10x surge, adding it inc…THEHACKERNEWS.COM
15 JulHacker allegedly paid $370,000 ransom to delete stolen AT&T dataAT&T reportedly paid hackers over $370,000 to delete sensitive data stolen in a breach the telecom giant disclosed on July 12 that compromised call records of tens of millions of its customers. The hacker, a Shinyhunters affiliate, had stolen the data exploiting unsecured Sno…CSOONLINE.COM
15 JulGoogle’s Kurian approached Wiz, $23B deal could take a week to land, source saysAlphabet, Google’s parent company, is in advanced talks to acquire Wiz for $23 billion, a person close to the company told TechCrunch. The deal discussions were previously reported by the Wall Street Journal. Wiz, a cybersecurity startup founded in 2020, was approached a fe…TECHCRUNCH.COM
15 JulFrom Reactive to Proactive: Cyber Insurance is Driving Optimal Security Investments for OrganizationsNew data shows that only 3 percent of organizations are solely relying on their current cyber defenses when adding on cyber insurance, indicating that organizations are beginning to understand the true value and place of a cyber insurance policy.KNOWBE4.COM
15 JulPhishing Continues to Be the Primary Entry to Ransomware AttacksPhishing remains a top initial access vector for ransomware actors, according to researchers at Cisco Talos. The threat actors often use phishing to steal legitimate credentials so they can use employee accounts without raising suspicion.KNOWBE4.COM
📋 SECURITY BULLETINS 2[−]
15 JulPalo Alto Networks Fixed a Critical Bug in the Expedition ToolPalo Alto Networks has released security updates to address five vulnerabilities in its products, including a critical flaw in the Expedition tool that could enable admin account takeover.SECURITYAFFAIRS.COM
15 JulJune Windows Server updates break Microsoft 365 Defender featuresMicrosoft has confirmed that Windows Server updates from last month's Patch Tuesday break some Microsoft 365 Defender features that use the network data reporting service. [...]BLEEPINGCOMPUTER.COM
📢 SECURITY ADVISORIES 8[−]
15 JulWhite House Calls for Defending Critical InfrastructureThe Office of Management and Budget has issued a memorandum outlining the administration's cybersecurity priorities for fiscal year 2026, aligning with the national cybersecurity strategy.BANKINFOSECURITY.COM
15 JulMy First Book is 20 Years Old TodayOn this day in 2004, Addison-Wesley/Pearson published my first book, The Tao of Network Security Monitoring: Beyond Intrusion Detection . This post from 2017 explains the differences between my first four books and why I wrote Tao .  Today, I'm always thrilled when I hear th…TAOSECURITY.BLOGSPOT.COM
15 JulProtecting Trained Models in Privacy-Preserving Federated LearningThis post is part of a series on privacy-preserving federated learning. The series is a collaboration between NIST and the UK government’s Responsible Technology Adoption Unit (RTA), previously known as the Centre for Data Ethics and Innovation. Learn more and read all the posts …NIST.GOV
15 JulCISA Red Team’s Operations Against a Federal Civilian Executive Branch Organization Highlights the Necessity of Defense-in-DepthThe US Cybersecurity and Infrastructure Security Agency (CISA) conducted a red team exercise at an unnamed federal agency in 2023, exposing serious security failings that left critical assets vulnerable.CISA.GOV
🔥 INCIDENT REPORTING 16[−]
15 JulNew HardBit Ransomware 4.0 Uses Passphrase Protection to Evade DetectionCybersecurity researchers have shed light on a new version of a ransomware strain called HardBit that comes packaged with new obfuscation techniques to deter analysis efforts. "Unlike previous versions, HardBit Ransomware group enhanced the version 4.0 with passphrase protection,…THEHACKERNEWS.COM
15 JulThreat Actor Claiming Breach of Coingecko Database, 1.9M Email AddressA threat actor has claimed responsibility for breaching the database of CoinGecko, a leading cryptocurrency data aggregator. The alleged breach has reportedly compromised 1.9 million email addresses, raising significant concerns about data security in the cryptocurrency industry.…GBHACKERS.COM
15 JulClickFix Deception: A Social Engineering Tactic to Deploy MalwareMcAfee Labs has uncovered a unique malware delivery method called the “Clickfix” infection chain, which starts with users being directed to compromised websites and instructed to paste a script into a PowerShell terminal.MCAFEE.COM
15 JulAkira Ransomware Attacking Airline Industry With Legitimate ToolsAirlines often become the target of hackers as they contain sensitive personal and financial details of passengers as well as travel schedules and loyalty programs. Since airlines are attractive to threat actors, disrupting their operations can be quite damaging to their economic…GBHACKERS.COM
15 JulSeveral DOD IT Programs Still Don’t Have a Cyber Strategy, Watchdog FindsThe U.S. Government Accountability Office's annual assessment of the Defense Department's IT spending revealed that several programs lack approved cybersecurity strategies, leaving them vulnerable to potential cyberattacks.NEXTGOV.COM
15 JulCybersecurity crisis communication: What to doCybersecurity experts tell organizations that the question is not if they will become the target of a cyberattack but when. Often, the focus of response preparedness is on the technical aspects — how to stop the breach from continuing, recovering data and getting the busine…SECURITYINTELLIGENCE.COM
15 JulMatch Systems’ CEO Andrei Kutin Provides Insight on DMM Bitcoin BreachOn May 31, 2024, as a result of the hacking 4502.9 BTC (worth approximately $308M) were stolen from the Japanese exchange Bitcoin.DMM.com. The cybersecurity agency Match Systems conducted the current situation of the case. Japanese cryptocurrency exchange DMM Bitcoin was recently…GBHACKERS.COM
15 JulAT&T Breach Linked to American Hacker, Telecom Giant Paid $370k Ransom: ReportsThe massive AT&T breach has been linked to an American hacker living in Turkey and reports say the telecom giant paid a $370,000 ransom. The post AT&T Breach Linked to American Hacker, Telecom Giant Paid $370k Ransom: Reports appeared first on SecurityWeek .SECURITYWEEK.COM
15 JulSEXi ransomware rebrands to APT INC, continues VMware ESXi attacksThe SEXi ransomware operation, known for targeting VMware ESXi servers, has rebranded under the name APT INC and has targeted numerous organizations in recent attacks. [...]BLEEPINGCOMPUTER.COM
15 JulNew BugSleep malware implant deployed in MuddyWater attacksThe Iranian-backed MuddyWatter hacking group has partially switched to using a new custom-tailored malware implant to steal files and run commands on compromised systems. [...]BLEEPINGCOMPUTER.COM
15 JulAT&T Allegedly Pays Ransom After Snowflake Account BreachPaying Criminals for a Promise to Delete Data Is Part of the Problem What will it take for victims of ransomware, extortion and other types of cybercrime to stop directly funding their attackers? The latest breached business to pay a ransom to its attackers appears to be AT&T…DATABREACHTODAY.CO.UK
15 JulSynnovis Attack Halts 8,000 NHS Patient Procedures So FarRansomware Hit on Pathology Firm Still Disrupting Organ Transplants, Blood Supply Nearly 8,000 National Health Service patient procedures including organ transplants and cancer treatments have been canceled, postponed or diverted to other facilities in London over the past six we…DATABREACHTODAY.CO.UK
15 JulSolving the Complexities of Cyber Insurance for SMBs - Brian Fritton - BSW #356Cyber insurance underwriting is all over the map. With such a variation in application requirements, how should small and medium businesses prepare to receive the best policy for the price? Brian Fritton joins Business Security Weekly to discuss a systematic approach to preparing…YOUTUBE.COM
15 JulDisney hacked? NullBulge claims to have stolen 1.1 TB of data from internal Slack channelsA group of hacktivists claims to have breached the IT systems of Disney, and stolen a gigantic 1.1 terabytes worth of data from the entertainment giant's internal Slack messaging channels. The hacking group, which calls itself NullBulge, posted on an underground hacking forum tha…BITDEFENDER.COM
15 JulCrack the Code on Ransomware: Empowering Your Last Line of DefenseCybercriminals are maximizing the potential damage to your organization to boost their profits. A staggering   91% of reported ransomware attacks included a data exfiltration effort . Now is the time to prepare your defenses.KNOWBE4.COM
🕵️ THREAT INTELLIGENCE 20[−]
15 JulISC Stormcast For Monday, July 15th, 2024 https://isc.sans.edu/podcastdetail/9052, (Mon, Jul 15th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
15 JulProtected OOXML Spreadsheets, (Mon, Jul 15th)I was asked a question about the protection of an .xlsm spreadsheet. I&#;x26;#;39;ve written before on the protection of .xls spreadsheets, for example in diary entries " Unprotecting Malicious Documents For Inspection " and " 16-bit Hash Collisions in…ISC.SANS.EDU
15 JulWhite House to Require Increased Cybersecurity Protocols for R&D InstitutionsFederal research agencies will now require covered institutions to implement cybersecurity programs for research and development security due to threats from China. The goal is to increase awareness of security threats and enable apt responses.FEDSCOOP.COM
15 JulMalicious NuGet Campaign Tricking Developers To Inject Malicious CodeHackers often target NuGet as it’s a popular package manager for .NET, which developers widely use to share and consume reusable code. Threat actors can distribute malicious code to many projects by compromising the NuGet packages. In August 2023, ReversingLabs detected a m…GBHACKERS.COM
15 JulMY TAKE: Study shows most folks haven’t considered bequeathing their ‘digital’ inheritancesIn our digital age, managing passwords effectively is crucial not just for our security while we’re alive, but also for ensuring our digital legacies are secure after we’re gone. Related : Understanding digital footprints A recent study by All About … (more…) The post…LASTWATCHDOG.COM
15 JulGuardZoo Android Malware Attacking military personnel via WhatsApp To Steal Sensitive DataA Houthi-aligned group has been deploying Android surveillanceware called GuardZoo since October 2019 to target military personnel in the Middle East by leveraging social engineering tactics and using military-themed lures to trick victims into downloading the malware. Based on a…GBHACKERS.COM
15 JulViperSoftX Weaponizing AutoIt & CLR For Stealthy PowerShell ExecutionViperSoftX is an advanced malware that has become more complicated since its recognition in 2020, to the extent that eBooks are used on Torrent sites to spread across systems. Unlike other kinds of malware developers who mainly focus on developing new code instead of improving ev…GBHACKERS.COM
15 JulSingapore Banks to Phase out OTPs for Bank Account Logins Within 3 MonthsThe Monetary Authority of Singapore (MAS) and The Association of Banks in Singapore (ABS) announced today that major retail banks will phase out the use of One-Time Passwords (OTPs) for bank account logins within the next three months. This change will apply to customers who have…GBHACKERS.COM
15 JulUkrainian Sentenced to Prison in US for Role in Zeus, IcedID Malware OperationsVyacheslav Igorevich Penchukov was sentenced to nine years in prison for his role in the Zeus and IcedID malware operations. The post Ukrainian Sentenced to Prison in US for Role in Zeus, IcedID Malware Operations appeared first on SecurityWeek .SECURITYWEEK.COM
15 JulMentorship Monday - Discussions for career and learning!submitted by shellsharks to cybersecurity 1 points | 0 comments Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? …INFOSEC.PUB
15 JulData of Millions of mSpy Customers Leaked OnlineOver 310 GB of data from mSpy, including 2.4 million email addresses and other user data, was leaked online. The post Data of Millions of mSpy Customers Leaked Online appeared first on SecurityWeek .SECURITYWEEK.COM
15 JulIoT Security Firm Exein Raises $16.3 MillionIoT cybersecurity company Exein has raised €15 million (~$16.3 million) in a Series B funding round led by 33N. The post IoT Security Firm Exein Raises $16.3 Million appeared first on SecurityWeek .SECURITYWEEK.COM
15 JulSystem of Trust: Addressing Supply Chain Risks | Below the SurfaceDiscover key insights on mitigating supply chain risks from cybersecurity expert Robert Martin in this episode of the Below the Surface Podcast. Learn about the "System of Trust" and its crucial role in securing supply chains against emerging threats. Don't miss this essential di…YOUTUBE.COM
15 JulAtos Secures 1.675 Billion Euros in Financing to Stay AfloatBanks, Bondholders Help French Firm Restructure Debt Ahead of Government Takeover French IT consultancy Atos has raised 1.675 billion euros to restructure its debt as the company prepares to finalize a takeover bid by the French government. About 800 million euros will go toward …DATABREACHTODAY.CO.UK
15 JulHacking Scientific CitationsSome scholars are inflating their reference counts by sneaking them into metadata: Citations of scientific work abide by a standardized referencing system: Each reference explicitly mentions at least the title, authors’ names, publication year, journal or conference name, a…SCHNEIER.COM
15 JulEmployees Say OpenAI Shields Whistleblowers From RegulatorsComplaint Seeks SEC Investigation of Whistleblower Practices, Financial Penalty Whistleblowers from OpenAI have reportedly complained to the Securities and Exchange Commission that the company unlawfully restricted employees from alerting regulators of the artificial intelligence…DATABREACHTODAY.CO.UK
15 JulBoard and CEO Understanding of CyberSecurity as CISOs Grapple with the C-Suite - BSW #356In the leadership and communications section, The Board’s understanding of cybersecurity, What does your CEO need to know about cybersecurity?, As CISOs grapple with the C-suite, job satisfaction takes a hit, and more! Visit https://www.securityweekly.com/bsw for all the latest e…YOUTUBE.COM
15 JulHacktivists Dump Disney Slack Data Online Over AI ProjectsDisney’s Data Targeted for Using Artists’ Work in AI Systems, Hacking Group Says An apparent hacktivist group known as NullBulge claimed to have released a major data trove of sensitive information from Disney’s third-party digital workplace collaboration platform, Slack, after r…DATABREACHTODAY.CO.UK
15 JulDOD Failing to Fix Critical Cybersecurity Gaps, Report SaysGAO: Department Lacks Cybersecurity Strategies for Major Business IT Programs The U.S. Department of Defense still hasn't addressed a series of critical cybersecurity gaps in its information technology business programs, according to an annual assessment conducted by the Governme…DATABREACHTODAY.CO.UK
🌐 CYBER THREAT LANDSCAPE 4[−]
15 JulZeus Banking Malware Player Gets Nine-Year Prison TermVyacheslav Igorevich Penchukov, a criminal who used Zeus and IcedID malware to steal millions of dollars from victims, has been sentenced to almost a decade in prison and ordered to pay $73 million in restitution by a Nebraska federal court judge.BANKINFOSECURITY.COM
15 Jul10,000 Victims a Day: Infostealer Garden of Low-Hanging FruitImagine you could gain access to any Fortune 100 company for $10 or less, or even for free. Terrifying thought, isn’t it? Or exciting, depending on which side of the cybersecurity barricade you are on. Well, that’s basically the state of things today. Welcome to the infostealer g…THEHACKERNEWS.COM
15 JulFacebook ads for Windows desktop themes push info-stealing malwareCybercriminals use Facebook business pages and advertisements to promote fake Windows themes that infect unsuspecting users with the SYS01 password-stealing malware. [...]BLEEPINGCOMPUTER.COM
15 JulOver 4000 Domains Used By FIN7 Actors Mimic Popular BrandsBy targeting famous brands like tech firms and financial industry players, FIN7 actors deploy redirects, multi-stage phishing campaigns, and impersonate open directories to spread malware.CYBERSECURITYNEWS.COM
📡 INFOSEC NEWS 22[−]
15 JulExein Raised $16.3 Million Series B to Stop Robotic Arms Going HaywireExein, a Rome-based startup, is addressing the critical issue of device security in the IoT space. The company recently secured €15 million (~$16.3 million) in a Series B funding round led by cybersecurity-focused VC 33N.TECHCRUNCH.COM
15 JulSingapore Banks to Phase Out OTPs for Online Logins Within 3 MonthsRetail banking institutions in Singapore have three months to phase out the use of one-time passwords (OTPs) for authentication purposes when signing into online accounts to mitigate the risk of phishing attacks. The decision was announced by the Monetary Authority of Singapore (…THEHACKERNEWS.COM
15 JulSignal Downplays Encryption Key Flaw, Fixes it After X DramaSignal has now taken steps to address the issue by integrating Electron's SafeStorage API to secure the data store from offline attacks. The new implementation is currently being tested and will soon be available in a Beta version.BLEEPINGCOMPUTER.COM
15 JulNATO Set to Build New Cyber Defense CenterThe new cyber-defense facility, dubbed NATO Integrated Cyber Defence Centre (NICC), will be located in Belgium at SHAPE and will consist of civilian and military experts from member states.INFOSECURITY-MAGAZINE.COM
15 JulKaspersky Premium takes top spot in anti-phishing tests | Kaspersky official blogAV-Comparatives tested 15 anti-phishing products and solutions, with Kaspersky Premium emerging victorious.KASPERSKY.COM
15 JulGoogle Reportedly in Talks to Acquire Cloud Security Company Wiz for $23BAlphabet, Google's parent company, is in advanced talks to acquire cloud security provider Wiz for around $23 billion. Wiz recently raised $1 billion at a $12 billion valuation and has a total of $1.9 billion in funding.TECHCRUNCH.COM
15 JulNetgear Warns Users to Patch Auth Bypass, XSS Router FlawsNetgear released firmware patches to fix stored XSS and authentication bypass flaws in the XR1000 Nighthawk gaming router and CAX30 Nighthawk AX6 6-Stream cable modem routers, respectively.BLEEPINGCOMPUTER.COM
15 JulIndustry Moves for the week of July 15, 2024 - SecurityWeekExplore industry moves and significant changes in the industry for the week of July 15, 2024. Stay updated with the latest industry trends and shifts.SECURITYWEEK.COM
15 JulResearchers: Weak Security Defaults Enabled Squarespace Domains HijacksAt least a dozen organizations with domain names at domain registrar Squarespace saw their websites hijacked last week. Squarespace bought all assets of Google Domains a year ago, but many customers still haven't set up their new accounts. Experts say malicious hackers learned th…KREBSONSECURITY.COM
15 JulMicrosoft shares temp fix for Windows 11 Photos not launchingMicrosoft has provided a temporary workaround for a known issue preventing the Microsoft Photos app from launching on some Windows 11 systems. [...]BLEEPINGCOMPUTER.COM
15 JulMalvertising Campaign Lures Mac Users with Fake Microsoft Teams AdThe malicious ad campaign employed advanced filtering techniques to evade detection and appeared as a top search result for Microsoft Teams. It redirected users through deceptive links despite displaying microsoft.com as its URL.THECYBEREXPRESS.COM
15 JulGitHub Token Leak Exposes Python's Core Repositories to Potential AttacksCybersecurity researchers said they discovered an accidentally leaked GitHub token that could have granted elevated access to the GitHub repositories of the Python language, Python Package Index (PyPI), and the Python Software Foundation (PSF) repositories. JFrog, which found the…THEHACKERNEWS.COM
15 JulWhy Google Is Eyeing a $23B Buy of Cloud Security Phenom WizLargest Deal in Cyber History Would Help Google Rival Microsoft, Limit Partnerships Despite all the platformization buzz, there are very few vendors with market-leading capabilities in at least three disparate security technology categories. That could change if Google forges ahe…DATABREACHTODAY.CO.UK
15 JulKaspersky is shutting down its business in the United StatesRussian cybersecurity company and antivirus software provider Kaspersky Lab will start shutting down operations in the United States on July 20. [...]BLEEPINGCOMPUTER.COM
15 JulSophos Firewall: Secure by DesignSophos Firewall has been designed from the start with security in mind.SOPHOS.COM
15 JulCybersecurity Can Be a Businesses EnablerAndres Andreu Discusses How to Make an Organization Secure - and Successful To make cybersecurity a business enabler, cybersecurity teams need to focus on opening things up in a secure fashion so that the functionality and productivity of the business can flourish. Hearst's Andre…DATABREACHTODAY.CO.UK
15 JulHello, is it me you’re looking for? How scammers get your phone numberYour humble phone number is more valuable than you may think. Here’s how it could fall into the wrong hands – and how you can help keep it out of the reach of fraudsters.WELIVESECURITY.COM