🐛 COMMON VULNERABILITIES AND EXPOSURES 1[−]
22 JulSonicOS IPSec VPN Vulnerability Let Attackers Cause Dos ConditionSonicWall has disclosed a critical heap-based buffer overflow vulnerability in its SonicOS IPSec VPN. This flaw, identified as CVE-2024-40764, can potentially allow unauthenticated, remote attackers to cause a Denial of Service (DoS) condition. The vulnerability has been rated wi…GBHACKERS.COM
⚠️ VULNERABILITY DISCLOSURE 19[−]
22 JulInternships can be a gold mine for cybersecurity hiringWillem Westerhof just might be the Cinderella of cybersecurity interns. The Dutchman had worked as a physiotherapist, made pies in a bakery, and toiled in overnight shifts at food and beverage stands in Amsterdam’s Schiphol airport before embarking upon a cyber internship at univ…CSOONLINE.COM
22 JulCISA Says Malicious Hackers are 'Taking Advantage' of CrowdStrike OutageThe U.S. cybersecurity agency CISA warned against clicking on suspicious links to prevent email compromise. Cybercriminals are already impersonating CrowdStrike in phishing emails, asking for payment to "fix the CrowdStrike apocalypse."TECHCRUNCH.COM
22 JulSocGholish Malware Exploits BOINC Project for Covert CyberattacksThe JavaScript downloader malware known as SocGholish (aka FakeUpdates) is being used to deliver a remote access trojan called AsyncRAT as well as a legitimate open-source project called BOINC. BOINC, short for Berkeley Open Infrastructure Network Computing Client, is an open-sou…THEHACKERNEWS.COM
22 JulAnalyzing Container Escape Techniques in Cloud EnvironmentsWhile containers offer efficiency, they are vulnerable to attacks exploiting misconfigurations. Attackers can execute code or escalate privileges, endangering organizational security.UNIT42.PALOALTONETWORKS.COM
22 JulAttackers Abuse Swap File to Steal Credit CardsAttackers recently abused the swap file in a Magento e-commerce site to steal credit card information. Despite multiple cleanup attempts, the malware persisted until analysts discovered it.SUCURI.NET
22 Jul5 critical IT policies every organization should have in placeFor many enterprises, IT infrastructures have broadened to the extent that they seemingly have no boundaries. Many employees are working remotely or via a hybrid model. Cloud-based services have become the norm. Edge computing and the internet of things are continuing to grow. Th…CSOONLINE.COM
22 JulData Breach Increases by Over 1,000% AnnuallyThe Identity Theft Resource Center® (ITRC), a nationally recognized nonprofit organization established to support identity crime victims, released its U.S. data breach findings for the second quarter (Q2) and the first half (H1) of 2024. The results are staggering, revealing a dr…GBHACKERS.COM
22 JulEmojis Are To Express Emotions, But CyberCriminals For AttacksThere are 3,664 emojis that can be used to express emotions, ideas, or objects in digital communication. While seemingly harmless, criminals are increasingly exploiting emojis for covert communication in illegal activities. This allows them to conduct transactions and target vict…GBHACKERS.COM
22 JulData of 13 million MediSecure customers compromised in ransomware attackApproximately 12.9 million Australians using the MediSecure prescription delivery service suffered a loss of personal information from an April ransomware attack, MediSecure said in a statement . The electronic prescription provider said it has now ceased its investigations of th…CSOONLINE.COM
22 JulFake Websites, Phishing Appear in Wake of CrowdStrike OutageAuthorities Warn About Domains Targeting Victims Seeking to Restore Windows Devices Cybercriminals are exploiting the chaos created by the CrowdStrike outage by launching fake websites and phishing campaigns to trick victims into downloading malware or divulging sensitive informa…DATABREACHTODAY.CO.UK
22 JulTelegram zero-day allowed sending malicious Android APKs as videosA Telegram for Android zero-day vulnerability dubbed 'EvilVideo' allowed attackers to send malicious Android APK payloads disguised as video files. [...]BLEEPINGCOMPUTER.COM
22 JulPolice infiltrates, takes down DigitalStress DDoS-for-hire serviceDDoS-for-hire service DigitalStress was taken down on July 2 in a joint law enforcement operation led by the United Kingdom's National Crime Agency (NCA). [...]BLEEPINGCOMPUTER.COM
22 JulTechCrunch Minute: What caused last week’s major tech outage?Late last week, there was a worldwide tech outage that affected everything from airports to banks to healthcare. Flights were grounded across the United States. So, what actually happened? The source of all those problems seems to be a popular cybersecurity company called CrowdSt…TECHCRUNCH.COM
22 JulKey considerations for adopting a platform approach to cybersecurityIt’s no secret that the cybersecurity platform conversation is top of mind for many right now. Yet a platform approach to cybersecurity has existed for decades, and there’s long been a debate across industries about choosing best-of-breed products versus using a unified platform.…CSOONLINE.COM
22 JulPhishing Attacks Will Likely Follow Last Week’s Global IT OutageOrganizations should expect to see phishing attacks exploiting the global IT outage that occurred last Friday, the Business Post reports.KNOWBE4.COM
22 JulTelegram Android Vulnerability "EvilVideo" Sends Malware as Videossubmitted by kid to cybersecurity 5 points | 1 comments https://hackread.com/telegram-android-vulnerability-evilvideo-malware-videos/HACKREAD.COM
22 JulNCSWIC Planning Training, and Exercise Committee releases the Human Factors Resource GuideCISA.GOV
22 JulA Vulnerability in Cisco Secure Email Gateway Could Allow for Remote Code ExecutionA vulnerability has been discovered in Cisco Secure Email Gateway that could allow for remote code execution. Cisco Secure Email Gateway is an email security product that uses signature analysis and machine learning to identify and block malicious emails before they reach recipie…CISECURITY.ORG
22 JulCursed tapes: Exploiting the EvilVideo vulnerability on Telegram for AndroidESET researchers discovered a zero-day Telegram for Android exploit that allows sending malicious files disguised as videosWELIVESECURITY.COM
📋 SECURITY BULLETINS 1[−]
22 JulSeveral Linux Kernel Azure Vulnerabilities Fixed in UbuntuCanonical released security updates to fix various vulnerabilities in the Linux kernel for Microsoft Azure Cloud systems on Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. These flaws could lead to denial of service, data leakage, or arbitrary code execution.TUXCARE.COM
📢 SECURITY ADVISORIES 6[−]
22 JulWhite House mandates stricter cybersecurity for R&D institutionsFederal cyber regulation is edging further into research and development (R&D) and higher education. A recent memo from the Office of Science and Technology Policy (OSTP) states that certain covered institutions will be required to implement cybersecurity programs for R&D…SECURITYINTELLIGENCE.COM
🔥 INCIDENT REPORTING 23[−]
22 JulNew Linux Variant of Play Ransomware Targeting VMWare ESXi SystemsCybersecurity researchers have discovered a new Linux variant of a ransomware strain known as Play (aka Balloonfly and PlayCrypt) that's designed to target VMWare ESXi environments. "This development suggests that the group could be broadening its attacks across the Linux platfor…THEHACKERNEWS.COM
22 JulWorst Cyber Event in History: CrowdStrike Update Causes Global Chaos. Cyber Security Today Special Edition for Monday, July 22, 2024Join Jim Love on a special edition of Cybersecurity Today and Hashtag Trending as he delves into the recent CrowdStrike incident that led to a global IT meltdown. With over 8.5 million Windows devices affected by a faulty CrowdStrike Falcon update, this event is being compared to…CYBERSECURITYTODAY.LIBSYN.COM
22 JulUK Police Arrested 17-year-old Boy Responsible for MGM Resorts HackUK police have arrested a 17-year-old boy from Walsall in connection with a notorious cyber hacking group. This group has targeted significant organizations worldwide, including MGM Resorts in the United States, with sophisticated ransomware attacks. Arrest Made in Coordinated Ef…GBHACKERS.COM
22 JulUK Arrests Suspected Scattered Spider Hacker Linked to MGM AttackA 17-year-old boy from Walsall has been arrested by UK police for his involvement in the 2023 MGM Resorts ransomware attack, connected to the Scattered Spider hacking group. The arrest was made with assistance from the NCA and the FBI.BLEEPINGCOMPUTER.COM
22 JulRussian Nationals Plead Guilty to Participating in the LockBit Ransomware GroupTwo Russian nationals, Ruslan Magomedovich Astamirov and Mikhail Vasiliev, pleaded guilty in a federal court in Newark for their roles in the LockBit ransomware operation.SECURITYAFFAIRS.COM
22 JulCalifornia Officials Say Largest Trial Court in US Victim of Ransomware AttackThe Superior Court of Los Angeles County, the largest trial court in the US, has been the victim of a ransomware attack. The post California Officials Say Largest Trial Court in US Victim of Ransomware Attack appeared first on SecurityWeek .SECURITYWEEK.COM
22 JulCrowdStrike Incident Leveraged for Malware Delivery, Phishing, ScamsThe major IT outage caused by CrowdStrike is being leveraged by threat actors for phishing, scams, and malware delivery. The post CrowdStrike Incident Leveraged for Malware Delivery, Phishing, Scams appeared first on SecurityWeek .SECURITYWEEK.COM
22 JulBeware Of Fake Browser Updates That Installs Malicious BOINC InfrastructreSocGholish malware, also known as FakeUpdates, has exhibited new behavior since July 4th, 2024, as the infection chain still begins with a compromised website prompting a fake browser update. Downloading the update triggers malicious code that fetches additional malware. Unlike p…GBHACKERS.COM
22 JulHackers Claim Breach of Daikin: 40 GB of Confidential Data ExposedDaikin, the world’s largest air conditioner manufacturer, has become the latest target of the notorious Meow hacking group. The USA branch of Daikin has been listed as a victim, with hackers demanding a ransom of $40,000. The incident has raised significant concerns about c…GBHACKERS.COM
22 JulHackers Registered 500k+ Domains Using Algorithms For Extensive Cyber AttackHackers often register new domains for phishing attacks, spreading malware, and other deceitful activities. Such domains are capable of pretending to be trusted entities, which helps to make individuals disclose their sensitive details or download harmful content. Cybersecurity r…GBHACKERS.COM
22 JulLinx emerges from stealth with $33M to lock down the new security perimeter: IdentityIdentity management is one of the most common fulcrums around which security breaches have pivoted in the last several years, and one of the main reasons it’s the gift that keeps on giving to malicious hackers is that it’s a nightmare for organizations to track. A security startu…TECHCRUNCH.COM
22 JulUS Sanctions Russian Hacktivists for Targeting Critical InfrastructureUS has announced sanctions against two CARR hacktivists for roles in cyberattacks targeting critical infrastructure. The post US Sanctions Russian Hacktivists for Targeting Critical Infrastructure appeared first on SecurityWeek .SECURITYWEEK.COM
22 JulLos Angeles Superior Court shuts down after ransomware attackThe largest trial court in the United States, the Superior Court of Los Angeles County, closed all 36 courthouse locations on Monday to restore systems affected by a Friday ransomware attack. [...]BLEEPINGCOMPUTER.COM
22 JulEnd-user cybersecurity errors that can cost you millionsAn innocent mistake can lead to a corporate nightmare. Learn from Specops Software about five of the most frequent cybersecurity blunders that can let attackers breach a network. [...]BLEEPINGCOMPUTER.COM
22 JulSafety Equipment Giant Cadre Holdings Hit by CyberattackSafety equipment product maker Cadre Holdings was hit by a cyberattack that has impacted some of the company’s operations. The post Safety Equipment Giant Cadre Holdings Hit by Cyberattack appeared first on SecurityWeek .SECURITYWEEK.COM
22 JulTwo Members of LockBit Ransomware Group Plead Guilty in US CourtA Russian national and a dual Canadian and Russian national pleaded guilty in the US for roles in LockBit ransomware attacks. The post Two Members of LockBit Ransomware Group Plead Guilty in US Court appeared first on SecurityWeek .SECURITYWEEK.COM
22 JulResponse and Remediation: How CIOs Reacted to IT OutageCIOs Recommend Resilience Strategies in the Wake of Global CrowdStrike Outage Global CIOs said the fallout from the CrowdStrike outage could have been mitigated by investing in comprehensive data resilience that can help restore corrupted data through orchestrated recovery. It ca…DATABREACHTODAY.CO.UK
22 JulNew Play ransomware Linux version targets VMware ESXi VMsPlay ransomware is the latest ransomware gang to start deploying a dedicated Linux locker for encrypting VMware ESXi virtual machines. [...]BLEEPINGCOMPUTER.COM
22 JulUS sanctions Russian hacktivists who breached water facilitiesThe US government has imposed sanctions on two Russian cybercriminals for cyberattacks targeting critical infrastructure. [...]BLEEPINGCOMPUTER.COM
22 JulE-Prescription Vendor Breach Affects 12.9 Million AussiesMediSecure Data Theft Has an Impact on Nearly Half of Australia's Population Hackers stole sensitive information belonging to roughly half of Australia's population during an April ransomware attack against e-prescription firm MediSecure, which says it can't afford the incident's…DATABREACHTODAY.CO.UK
22 JulGreece’s Land Registry agency breached in wave of 400 cyberattacksThe Land Registry agency in Greece has announced that it suffered a limited-scope data breach following a wave of 400 cyberattacks targeting its IT infrastructure over the last week. [...]BLEEPINGCOMPUTER.COM
22 JulTwo Russians Sanctioned Over Cyberattacks On US Critical InfrastructurePACKETSTORMSECURITY.COM
🕵️ THREAT INTELLIGENCE 14[−]
22 JulISC Stormcast For Monday, July 22nd, 2024 https://isc.sans.edu/podcastdetail/9062, (Mon, Jul 22nd)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
22 JulChina Claims Volt Typhoon was a False Flag Inside Job ConspiracyBeijing has claimed that the Volt Typhoon attack gang, accused by Five Eyes nations of being a Beijing-backed threat to critical infrastructure, was actually fabricated by the US intelligence community.THEREGISTER.COM
22 JulSnake Mimics a SpiderThis is a fantastic video. It’s an Iranian spider-tailed horned viper ( Pseudocerastes urarachnoides ). Its tail looks like a spider, which the snake uses to fool passing birds looking for a meal.SCHNEIER.COM
22 JulMicrosoft Sees 8.5M Systems Hit by Faulty CrowdStrike UpdateCybersecurity Vendor Reports 'A Significant Number Are Back Online and Operational' Microsoft said the faulty update CrowdStrike pushed Friday to its Falcon endpoint detection and response software affected 8.5 million Windows hosts, leading to what appears to be the largest IT o…DATABREACHTODAY.CO.UK
22 JulCTI2024 Cyber Threat Intelligence Conference FIRSTsubmitted by ashar to security_cpe 1 points | 0 comments https://youtube.com/playlist?list=PLBAUUhONOrO9hZ9-PFOGVhtIc56yjLQOO&si=2uD5S-Hk-R9JRPOx 16 videosINFOSEC.PUB
22 JulAd-injecting malware posing as DwAdsafe ad blocker uses Microsoft-signed driversubmitted by kid to cybersecurity 3 points | 0 comments https://www.helpnetsecurity.com/2024/07/22/dwadsafe-ad-blocker-hotpage-malware/HELPNETSECURITY.COM
22 Jul[AL-091] Ongoing Phishing Campaign Targeting CrowdStrike Userssubmitted by kid to cybersecurity 2 points | 0 comments https://www.csa.gov.sg/alerts-advisories/alerts/2024/al-2024-091CSA.GOV.SG
22 JulFake Hot Fix for CrowdStrike ''crowdstrike-hotfix.zip'' Spreads Remcos RATsubmitted by kid to cybersecurity 5 points | 0 comments https://hackread.com/fake-hot-fix-crowdstrike-crowdstrike-hotfix-zip-remcos-rat/HACKREAD.COM
22 JulApplication Security Startup Heeler Raises $8.5 Million in Seed FundingHeeler Security has raised $8.5 million in seed funding for its ProductDNA application security technology. The post Application Security Startup Heeler Raises $8.5 Million in Seed Funding appeared first on SecurityWeek .SECURITYWEEK.COM
22 JulSuspected Scattered Spider Member Arrested in UKUK authorities have arrested a 17-year-old suspected of being a member of the Scattered Spider cybercrime gang. The post Suspected Scattered Spider Member Arrested in UK appeared first on SecurityWeek .SECURITYWEEK.COM
22 JulMentorship Monday - Discussions for career and learning!submitted by shellsharks to cybersecurity 1 points | 0 comments Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? …INFOSEC.PUB
22 JulLinx Security Raises $33M to Tackle Digital Identity ThreatsNew York startup with roots in Israel banks a hefty $33 million early stage funding round. The post Linx Security Raises $33M to Tackle Digital Identity Threats appeared first on SecurityWeek .SECURITYWEEK.COM
22 Jul[Security Masterminds Podcast] Securing Software Over 50 Years: Reflections from an Industry VeteranDoes the challenge of keeping up with cybersecurity trends sound familiar? You may have been told to update your antivirus software and hope for the best, only to find that your digital assets are still at risk.KNOWBE4.COM
22 JulCrowdStrike's Response to Outage Will Minimize Lost BusinessTechnical Analysts Emphasize Need for Enhanced Security Testing, Quality Assurance CrowdStrike must enhance testing and validation procedures and address deficiencies in its current quality assurance processes to minimize attrition. CrowdStrike should conduct a technical retrospe…DATABREACHTODAY.CO.UK
🌐 CYBER THREAT LANDSCAPE 6[−]
22 JulCIA AI director Lakshmi Raman claims the agency is taking a ‘thoughtful approach’ to AIAs a part of TechCrunch’s ongoing Women in AI series, which seeks to give AI-focused women academics and others their well-deserved — and overdue — time in the spotlight, TechCrunch interviewed Lakshmi Raman, the director of AI at the CIA. We talked about her path to direct…TECHCRUNCH.COM
22 JulFake CrowdStrike Fixes Target Companies With Malware, Data WipersMalicious campaigns have emerged, including one targeting BBVA bank customers with a fake CrowdStrike Hotfix that installs remote access tools. Another attack involves a data wiper distributed under the guise of a CrowdStrike update.BLEEPINGCOMPUTER.COM
22 JulScams at the Paris Olympics | Kaspersky official blogWhat kind of scams await spectators of the 2024 Summer Olympics in Paris?KASPERSKY.COM
22 JulFake Grand Theft Auto VI Beta Download Spreads MalwareBitdefender researchers found suspicious Facebook ads promoting fake beta versions for free download on PC. These ads promise early access to a non-existent GTA VI beta with attractive features and release dates, using stolen gameplay footage.HACKREAD.COM
22 JulExperts Uncover Chinese Cybercrime Network Behind Gambling and Human TraffickingThe relationship between various TDSs and DNS associated with Vigorish Viper and the final landing experience for the user A Chinese organized crime syndicate with links to money laundering and human trafficking across Southeast Asia has been using an advanced "technology suite" …THEHACKERNEWS.COM
🎙️ PODCASTS 1[−]
22 JulCrowdStrike’s fallout, Harris’s stance on tech and Yandex’s rise from the ashesOn today’s episode of Equity, Rebecca Bellan did a deep dive into the CrowdStrike outage that affected around 8.5 million Windows devices around the world, causing disruptions in air travel, banking, hospitals, media outlets, federal agencies and businesses of all kinds. The outa…TECHCRUNCH.COM
📡 INFOSEC NEWS 16[−]
22 JulUS Sanctions Two Members of Russian ‘Cyber Army’ Hacktivist GroupThe U.S. sanctioned two members of the Russian hacktivist group Cyber Army of Russia Reborn (CARR) for carrying out cyber operations against critical U.S. infrastructure. CARR has launched low-impact DDoS attacks in Ukraine and its allies since 2022.THERECORD.MEDIA
22 JulIndustry Moves for the week of July 22, 2024 - SecurityWeekExplore industry moves and significant changes in the industry for the week of July 22, 2024. Stay updated with the latest industry trends and shifts.SECURITYWEEK.COM
22 JulHow to Set up an Automated SMS Analysis Service with AI in TinesThe opportunities to use AI in workflow automation are many and varied, but one of the simplest ways to use AI to save time and enhance your organization’s security posture is by building an automated SMS analysis service. Workflow automation platform Tines provides a good exampl…THEHACKERNEWS.COM
22 JulMSPs & MSSPs: How to Increase Engagement with Your Cybersecurity Clients Through vCISO ReportingAs a vCISO, you are responsible for your client's cybersecurity strategy and risk governance. This incorporates multiple disciplines, from research to execution to reporting. Recently, we published a comprehensive playbook for vCISOs, “Your First 100 Days as a vCISO – 5 Steps to …THEHACKERNEWS.COM
22 JulPINEAPPLE and FLUXROOT Hacker Groups Abuse Google Cloud for Credential PhishingA Latin America (LATAM)-based financially motivated actor codenamed FLUXROOT has been observed leveraging Google Cloud serverless projects to orchestrate credential phishing activity, highlighting the abuse of the cloud computing model for malicious purposes. "Serverless architec…THEHACKERNEWS.COM
22 JulSpain arrests three for using DDoSia hacktivist platformThe Spanish authorities have arrested three individuals for using DDoSia, a distributed denial of service platform operated by pro-Russian hacktivists, to conduct DDoS attacks against governments and organizations in NATO countries. [...]BLEEPINGCOMPUTER.COM
22 JulCrowdStrike: The Monday After, (Mon, Jul 22nd)Last Friday, after Crowdstrike released a bad sensor configuration update that caused widespread crashes of Windows systems. The most visible effects of these crashes appear to have been mitigated. I am sure many IT workers had to spend the weekend remediating the issue.
ISC.SANS.EDU
22 JulOnDemand | The Value of Search Powered AI: Unleashing Insights and EfficiencyDATABREACHTODAY.CO.UK
22 JulCrowdStrike Disruption Restoration Is Taking TimeMicrosoft's Tool Requires Physical Access, a 'Time-Consuming and Laborious Task' Microsoft's statement that a faulty CrowdStrike update affected less than 1% of active Windows systems doesn't tell the full story, since large organizations in critical sectors make up a disproporti…DATABREACHTODAY.CO.UK
22 JulGoogle rolls back decision to kill third-party cookies in ChromeGoogle has scrapped its plan to kill third-party cookies in Chrome and will instead introduce a new browser experience to allows users to limit how these cookies are used. [...]BLEEPINGCOMPUTER.COM
22 JulWhy NDR is Key to Cyber 'Pest Control'Intruders are drawn to enterprise IT environments the way mice are attracted to houses. And once either kind of invader is inside, they can be hard to get out. Network detection and response (NDR) lets you trace intruders’ pathways to find out where they’re coming in—and seal the…TRENDMICRO.COM