122Articles
9Categories
2024-07-25Date
🚨 CISA KEV 1[−]
25 Jul KEVCISA Adds Two Known Exploited Vulnerabilities to CatalogThe vulnerabilities are as follows: CVE-2012-4792, a decade-old vulnerability in Internet Explorer allowing remote code execution, and CVE-2024-39891, an information disclosure flaw in Twilio Authy.CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 24[−]
25 JulCritical Docker Engine Flaw Allows Attackers to Bypass Authorization PluginsDocker is warning of a critical flaw impacting certain versions of Docker Engine that could allow an attacker to sidestep authorization plugins (AuthZ) under specific circumstances. Tracked as CVE-2024-41110, the bypass and privilege escalation vulnerability carries a CVSS score …THEHACKERNEWS.COM
25 JulOkta Browser Plugin Reflected Cross-Site Scripting CVE-2024-0981Okta Browser Plugin versions 6.5.0 through 6.31.0 are vulnerable to cross-site scripting, prompting users to save credentials in Okta Personal. The issue was fixed in version 6.32.0 for Chrome, Edge, Firefox, and Safari.TRUST.OKTA.COM
25 JulDocker re-fixes a critical authorization bypass vulnerabilityOpen source containerization platform Docker has urged users to patch a critical vulnerability affecting certain versions of the Docker Engine that allows privilege escalation using specially crafted API requests. Tagged as CVE-2024-41110 , the vulnerability was first discovered …CSOONLINE.COM
25 JulDocker Patches Critical AuthZ Plugin Bypass Vulnerability Dating Back to 2018The critical vulnerability in Docker Engine, identified as CVE-2024-41110 with a severity score of 10/10, was first discovered in 2018 and reappeared due to a missed patch in January 2019. It allows attackers to bypass authorization plugins.DOCKER.COM
25 JulChromium: CVE-2024-6988 Use after free in DownloadsThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
25 JulChromium: CVE-2024-6989 Use after free in LoaderThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
25 JulChromium: CVE-2024-6999 Inappropriate implementation in FedCMThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
25 JulChromium: CVE-2024-6998 Use after free in User EducationThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
25 JulChromium: CVE-2024-6996 Race in FramesThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
25 JulChromium: CVE-2024-6997 Use after free in TabsThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
25 JulChromium: CVE-2024-6994 Heap buffer overflow in LayoutThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
25 JulChromium: CVE-2024-6993This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
25 JulChromium: CVE-2024-6995 Inappropriate implementation in FullscreenThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
25 JulChromium: CVE-2024-6992This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
25 JulChromium: CVE-2024-7005 Insufficient validation of untrusted input in Safe BrowsingThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
25 JulChromium: CVE-2024-6991 Use after free in DawnThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
25 JulChromium: CVE-2024-7004 Insufficient validation of untrusted input in Safe BrowsingThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
25 JulChromium: CVE-2024-7003 Inappropriate implementation in FedCMThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
25 JulChromium: CVE-2024-7001 Inappropriate implementation in HTMLThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
25 JulChromium: CVE-2024-7000 Use after free in CSSThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
25 JulHuge Increase in Scanning for CVE-2017-9841 With Large Variability in Scanning InfrastructureThe rather old CVE-2017-9841, an RCE in PHPUnit, suddenly jumps to the top of our list, with an increase of nearly 400% since last month. We dig into the scanning infrastructure.F5.COM
25 JulHuge Increase in Scanning for CVE-2017-9841 With Large Variability in Scanning InfrastructureThe rather old CVE-2017-9841, an RCE in PHPUnit, suddenly jumps to the top of our list, with an increase of nearly 400% since last month. We dig into the scanning infrastructure.F5.COM
⚠️ VULNERABILITY DISCLOSURE 25[−]
25 JulExplore Talent - 5,371,574 breached accountsIn July 2024, a data breach attributed to Explore Talent was publicly posted to a popular hacking forum . Containing 5.7M rows with 5.4M unique email addresses, the incident has been described by various sources as occurring between early 2022 to 2023 and also contains names, pho…HAVEIBEENPWNED.COM
25 JulHow attackers evade your EDR/XDR system — and what you can do about itA recent global survey noted that CISOs and their organizations may be too reliant on endpoint detection and response (EDR) and extended detection and response (XDR) systems , as attackers are increasingly evaded them. That’s due in part to the fact that evading EDR/XDR systems h…CSOONLINE.COM
25 JulCISA Warns of Exploitable Vulnerabilities in Popular BIND 9 DNS SoftwareThe Internet Systems Consortium (ISC) has released patches to address multiple security vulnerabilities in the Berkeley Internet Name Domain (BIND) 9 Domain Name System (DNS) software suite that could be exploited to trigger a denial-of-service (DoS) condition. "A cyber threat ac…THEHACKERNEWS.COM
25 JulRussia-Linked Brute-Force Campaign Targets EU via Microsoft InfrastructureThe attackers are primarily targeting High-Value Targets (HVTs) in key infrastructure cities like Edinburgh and Dublin. Over half of the attack IPs are from Moscow, with the rest traced back to Amsterdam and Brussels.HEIMDALSECURITY.COM
25 JulXWorm Hidden With Process Hollowing, (Thu, Jul 25th)XWorm is not a brand-new malware family&#;x26;#;x5b; 1 &#;x26;#;x5d;. It&#;x26;#;39;s a common RAT (Remote Access Tool) re-use regularly in new campaigns. Yesterday, I found a sample that behaves …ISC.SANS.EDU
25 JulFraudsters Abuse Legitimate Blockchain Protocols to Steal Your Cryptocurrency WalletResearch conducted by Check Point has revealed how fraudsters are exploiting legitimate blockchain protocols to carry out sophisticated scams. The Uniswap Protocol and Safe.global are among the platforms targeted by these attackers.RESEARCH.CHECKPOINT.COM
25 JulResearchers Reveal ConfusedFunction Vulnerability in Google Cloud PlatformCybersecurity researchers have disclosed a privilege escalation vulnerability impacting Google Cloud Platform's Cloud Functions service that an attacker could exploit to access other services and sensitive data in an unauthorized manner. Tenable has given the vulnerability the na…THEHACKERNEWS.COM
25 JulProject 2025 could escalate US cybersecurity risks, endanger more AmericansThe Heritage Foundation’s nearly 1,000-page Project 2025 report is what the conservative DC-based think tank hails as a game plan for Donald Trump to follow in running the US government if he wins in November. Among the thirty-four authors of the document, more than half are appo…CSOONLINE.COM
25 JulInfisical: Open-source secret management platform - Help Net SecurityInfisical is an open-source secret management platform used by developers to centralize application configurations and secrets like API keys and database credentials, as well as manage internal PKI.HELPNETSECURITY.COM
25 JulMajor Russian Banks Hit with DDoS Attacks as Ukraine Claims ResponsibilitySeveral major Russian banks were hit by DDoS attacks that disrupted their mobile apps and websites. State-owned VTB and Russian Agricultural Bank confirmed the attacks, with VTB attributing it to a foreign source.THERECORD.MEDIA
25 JulMicrosoft’s Windows Hello for Business Flaw Let Attackers Bypass AuthenticationResearchers have uncovered a vulnerability in Microsoft’s Windows Hello for Business (WHfB) that allows attackers to bypass its robust authentication mechanism. This flaw, which downgrades the authentication process to a less secure method, has raised concerns about the sec…GBHACKERS.COM
25 JulTag-100 Hacker Group Exploiting Citrix NetScaler & F5 BIG-IP Vulnerabilitiessubmitted by kid to cybersecurity 1 points | 0 comments https://cybersecuritynews.com/tag-100-exploits-citrix-vulnerabilities/CYBERSECURITYNEWS.COM
25 JulUS CISA Urges BIND 9 Users to Address New DNS Exploitssubmitted by kid to cybersecurity 1 points | 0 comments https://www.bankinfosecurity.in/us-cisa-urges-bind-9-users-to-address-new-dns-exploits-a-25838BANKINFOSECURITY.IN
25 JulAnyone can Access Deleted and Private Repository Data on GitHub ◆ Truffle Security Co.submitted by vsis to cybersecurity 1 points | 0 comments https://trufflesecurity.com/blog/anyone-can-access-deleted-and-private-repo-data-github tl;dr - If a project has been forked or is a fork, you can bruteforce short commit id to see commits from other projects. It doesn’t ma…TRUFFLESECURITY.COM
25 JulBIND Updates Resolve High-Severity DoS VulnerabilitiesThe latest BIND security updates address remotely exploitable vulnerabilities leading to denial-of-service. The post BIND Updates Resolve High-Severity DoS Vulnerabilities appeared first on SecurityWeek .SECURITYWEEK.COM
25 JulAI Accelerates Code Development Faster Than Security Teams can Keep upAccording to a Seemplicity survey, AI is speeding up code development faster than security teams can keep up, leading to concerns about vulnerability management. 91% of organizations are increasing their security budgets.HELPNETSECURITY.COM
25 JulMS Patch Tuesday: Which Vulnerabilities Really Need Prioritizing. - Douglas McKee - PSW #836Doug and the Security Weekly crew talk about vulnerabilities, are we patching the right things? This is the burning question. We will try to answer it. Segment Resources: https://blog.sonicwall.com/en-us/2024/04/patch-tuesday-which-vulnerabilities-really-need-prioritizing/ Visit …YOUTUBE.COM
25 JulCrowdstrike: The Aftermath - PSW #836Segment description coming soon!The Crowdstrike incident: what happened and what we can do better, people forget what 0-Day really means, shutting off the heat in January, honeypot evasion and non-functional exploits, what not to use to read eMMC, what if we don't patch DoS relat…YOUTUBE.COM
25 JulCISA Releases Two Industrial Control Systems AdvisoriesCISA released two Industrial Control Systems (ICS) advisories on July 25, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-207-01 Siemens SICAM Products ICSA-24-207-02 Positron Broadcast Signal…CISA.GOV
25 JulProgress warns of critical RCE bug in Telerik Report ServerProgress Software has warned customers to patch a critical remote code execution security flaw in the Telerik Report Server that can be used to compromise vulnerable devices. [...]BLEEPINGCOMPUTER.COM
25 JulFBI, CISA, and Partners Release Advisory Highlighting North Korean Cyber Espionage ActivityToday, CISA—in partnership with the Federal Bureau of Investigation (FBI)—released a joint Cybersecurity Advisory,   North Korea State-Sponsored Cyber Group Conducts Global Espionage Campaign to Advance Regime’s Military and Nuclear Programs . The advisory was coauthored wit…CISA.GOV
25 JulConfusedFunction: A Privilege Escalation Vulnerability Impacting GCP Cloud FunctionsResearchers have uncovered a vulnerability in Google Cloud Platform's Cloud Functions service called ConfusedFunction. This flaw allows an attacker to escalate their privileges to access other services and sensitive data in an unauthorized manner.TENABLE.COM
25 Jul KEVCritical ServiceNow RCE flaws actively exploited to steal credentialsThreat actors are chaining together ServiceNow flaws using publicly available exploits to breach government agencies and private firms in data theft attacks. [...]BLEEPINGCOMPUTER.COM
25 JulCryptohack Roundup: Tornado Cash Sees Uptick in UseAlso: WazirX Updates; Fractal ID Breach Every week, ISMG rounds up cybersecurity incidents in digital assets. This week, Tornado Cash saw an uptick in use, updates on the WazirX exploit were released, Fractal ID and LI.FI published breach postmortems, and the U.S. moved to recove…DATABREACHTODAY.CO.UK
25 JulChainguard Raises $140M to Drive AI Support, Global GrowthCompany Seeks to Expand Globally and Grow Its US Public Sector Presence A supply chain security firm led by an ex-Google Cloud engineer closed a Series C round to assist AI workloads and expand its open-source software catalog. Chainguard raised $140 million just eight months aft…DATABREACHTODAY.CO.UK
📋 SECURITY BULLETINS 1[−]
25 JulCrowdStrike Outage Losses Will Hit Healthcare, Banking Hard$5.4 Billion in Losses Estimated for 500 Largest Public US Firms - Except Microsoft Expect the healthcare and banking sectors to record the greatest direct losses in the U.S. as a result of the global disruptions caused by a faulty CrowdStrike software update crashing Windows sys…DATABREACHTODAY.CO.UK
📢 SECURITY ADVISORIES 6[−]
25 JulYour KnowBe4 Compliance Plus Fresh Content Updates from July 2024Check out the July updates in Compliance Plus so you can stay on top of featured compliance training content.KNOWBE4.COM
🔥 INCIDENT REPORTING 18[−]
25 JulCondo.com - 1,481,555 breached accountsIn June 2019, now defunct website Condo.com suffered a data breach that was later redistributed as part of a larger corpus of data . The impacted data included 1.5M email addresses alongside names, phone numbers and for a small number of records, physical addresses.HAVEIBEENPWNED.COM
25 JulPhone Lines Down in Multiple Courts Across California After Ransomware AttackPhone lines down in multiple courts across California after ransomware attack on state’s largest trial court in Los Angeles County. The post Phone Lines Down in Multiple Courts Across California After Ransomware Attack appeared first on SecurityWeek .SECURITYWEEK.COM
25 JulMandiant: North Korean Hackers Targeting Healthcare, EnergyState-Sponsored Hacking Group Andariel Tied to Active and Sophisticated Campaigns A North Korean hacking group notorious for carrying out large-scale cyberattacks against government institutions and critical infrastructure, and developing ransomware, is expanding operations to ta…DATABREACHTODAY.CO.UK
25 JulMandiant Shines Spotlight on APT45 Behind North Korea’s Digital Military MachineA fresh Mandiant report documents North Korea's APT45 as a distinct hacking team conducting cyberespionage and ransomware operations. The post Mandiant Shines Spotlight on APT45 Behind North Korea’s Digital Military Machine appeared first on SecurityWeek .SECURITYWEEK.COM
25 JulNorth Korean Fake IT Worker FAQFrequently Asked Questions About KnowBe4's Fake IT Worker Blog   July 23, 2024, I wrote a blog post about how KnowBe4 inadvertently hired a skillful North Korean IT worker who used the stolen identity of a US citizen. He participated in several rounds of video interviews and…KNOWBE4.COM
25 JulData breach exposes US spyware maker behind Windows, Mac, Android and Chromebook malwareExclusive: The Minnesota-based spyware maker Spytech snooped on thousands of devices before it was hacked earlier this year. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
25 JulPro-Palestinian Actor Levels 6-Day DDoS Attack on UAE Banksubmitted by BrikoX to cybersecurity 1 points | 0 comments https://www.darkreading.com/cyberattacks-data-breaches/pro-palestinian-actor-levels-six-day-ddos-on-uae-bank DDoS attack campaign averaged 4.5 million requests per second, putting the bank under attack 70% of the time.DARKREADING.COM
25 JulNorth Korean Hackers Shift from Cyber Espionage to Ransomware AttacksA North Korea-linked threat actor known for its cyber espionage operations has gradually expanded into financially-motivated attacks that involve the deployment of ransomware, setting it apart from other nation-state hacking groups linked to the country. Google-owned Mandiant is …THEHACKERNEWS.COM
25 JulSEXi / APT Inc ransomware – what you need to knowA cybercrime group has gained notoriety for attacking VMware ESXi servers since February 2024. Learn more about the SEXi / APT Inc ransomware in my article on the Tripwire State of Security blog.TRIPWIRE.COM
25 JulUS offers $10M for tips on DPRK hacker linked to Maui ransomware attacksThe U.S. State Department is offering a reward of up to $10 million for information that could lead to the identification or location of a North Korean military hacker. [...]BLEEPINGCOMPUTER.COM
25 JulUS Indicts Alleged North Korean Ransomware AttackerUnited States Charges North Korean Hacker for Attacks on Hospitals and Healthcare The U.S. is offering a $10 million reward for information leading to the arrest of suspected North Korean hacker Rim Jong Hyok after authorities indicted him for involvement in the regime's Andariel…DATABREACHTODAY.CO.UK
25 JulCISO's True Role: It's Not About Preventing Every Breach! 🛡️ #CyberSecurity #CISOIn this clip from this week's Business Security Weekly podcast, Sumedh highlights the real responsibility of a CISO. It's not about stopping every breach but managing cyber risk effectively and speaking the business language. Discover why quantifying risk is crucial for modern cy…YOUTUBE.COM
25 JulThe CrowdStrike Outage and Market-Driven BrittlenessFriday’s massive internet outage, caused by a mid-sized tech company called CrowdStrike, disrupted major airlines, hospitals, and banks. Nearly 7,000 flights were canceled . It took down 911 systems and factories, courthouses, and television stations. Tallying the total cos…SCHNEIER.COM
25 JulNorth Korean Charged in Ransomware Attacks on American HospitalsA man who allegedly carried out attacks for a North Korean military intelligence agency has been indicted in a conspiracy to hack healthcare firms, NASA, military bases and other entities. The post North Korean Charged in Ransomware Attacks on American Hospitals appeared first on…SECURITYWEEK.COM
25 JulBreach Roundup: ICANN Warns .top Domain About PhishingAlso: Russian DDoS Hacktivists; Verizon Settles With US FTC and Windows 10 This week, ICANN warned of phishing, BreachForums data was leaked, police arrested alleged pro-Russian hackers, the U.K shut down a DDoS booter site, the EU gave Meta a deadline, Russia decried U.S. sancti…DATABREACHTODAY.CO.UK
25 JulCybercrooks Continue to Capitalize on CrowdStrike OutageHackers Spread Malicious Recovery Files and Certificates Friday's global computer outage caused by an update gone wrong from cybersecurity firm CrowdStrike continues to bring out hucksters seeking to capitalize on the incident. Hackers began milking it almost immediately, and sel…DATABREACHTODAY.CO.UK
25 JulSoftware Maker MCG Health Settles Data Breach Suit for $8.8MLitigation Alleges Vendor Took 2 Years to Discover Data Theft After Hack Software vendor MCG Health has agreed to pay $8.8 million to settle a consolidated proposed federal class action lawsuit involving a 2020 hacking incident. The suit claims the company took two years to ident…DATABREACHTODAY.CO.UK
25 JulUK Blood Stocks Drop After Ransomware HackNHS Blood and Transplant Urges Hospitals to Restrict the Use of O-Negative Blood The U.K. National Health Service is urging hospitals across the country to limit the use of rare O-negative type blood after a ransomware attack on a British laboratory service provider crippled bloo…DATABREACHTODAY.CO.UK
🕵️ THREAT INTELLIGENCE 23[−]
25 JulMVP 14Presently sponsored by: Automox: Worklets are a big toolbox of small Bash and PowerShell scripts to automate and secure all your endpoints. Check them out! Just over 13 years ago, Microsoft gave me my first "Most Valuable Professional" award . Out of the blue, as far as…TROYHUNT.COM
25 JulISC Stormcast For Thursday, July 25th, 2024 https://isc.sans.edu/podcastdetail/9068, (Thu, Jul 25th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
25 JulUkraine Hackers Hit Major Russian banks with DDoS attacksSeveral prominent Russian bank clients experienced issues with their mobile apps and websites. According to Downdetector, complaints began to surge around 09:30 Moscow time. The affected banks included Gazprombank, Alfa-Bank, VTB, and Rosbank. By midday, Post Bank clients also re…GBHACKERS.COM
25 JulLW ROUNDTABLE: CrowdStrike outage reveals long road ahead to achieve digital resiliencyLast week, CrowdStrike, one of the cybersecurity industry’s most reputable solution providers, inadvertently caused more disruption across the Internet than all the threat actors active online at the time. Related: Microsoft blames outage on EU A flawed update to CrowdStrike̵…LASTWATCHDOG.COM
25 JulGoogle Boosts Chrome Protections Against Malicious FilesGoogle has announced improved protections for Chrome users when downloading files from the internet. The post Google Boosts Chrome Protections Against Malicious Files appeared first on SecurityWeek .SECURITYWEEK.COM
25 JulNvidia Patches High-Severity Vulnerabilities in AI, Networking ProductsNvidia has patched high-severity vulnerabilities in its Jetson, Mellanox OS, OnyX, Skyway, and MetroX products. The post Nvidia Patches High-Severity Vulnerabilities in AI, Networking Products appeared first on SecurityWeek .SECURITYWEEK.COM
25 JulLummaC2 Malware Using Steam Gaming Platform as C2 ServerCybersecurity experts have uncovered a sophisticated variant of the LummaC2 malware that leverages the popular Steam gaming platform as a Command-and-Control (C2) server. This new tactic marks a significant evolution in the malware’s distribution and operational mechanisms,…GBHACKERS.COM
25 JulData Wallets Using the Solid ProtocolI am the Chief of Security Architecture at Inrupt, Inc. , the company that is commercializing Tim Berners-Lee’s Solid open W3C standard for distributed data ownership. This week, we announced a digital wallet based on the Solid architecture. Details are here , but basically…SCHNEIER.COM
25 JulNetwork of 3,000 GitHub Accounts Used for Malware DistributionStargazer Goblin has created a network of over 3,000 GitHub accounts to distribute malware through phishing repositories. The post Network of 3,000 GitHub Accounts Used for Malware Distribution appeared first on SecurityWeek .SECURITYWEEK.COM
25 JulAPT45: North Korea’s Digital Military Machinesubmitted by kid to cybersecurity 2 points | 0 comments https://cloud.google.com/blog/topics/threat-intelligence/apt45-north-korea-digital-military-machineCLOUD.GOOGLE.COM
25 Jul'Stargazer Goblin' Amasses Thousands of Rogue GitHub Accounts to Spread MalwareStargazer Goblin has been distributing various malware families like Atlantida Stealer, Lumma, and Rhadamanthys, since at least August 2022. The threat actor charges users to "star" repositories with fake accounts, increasing their credibility.DARKREADING.COM
25 JulUnveiling the latest banking trojan threats in LATAMThis post was made possible through the research contributions of Amir Gendler. In our most recent research in the Latin American (LATAM) region, we at IBM Security Lab have observed a surge in campaigns linked with malicious Chrome extensions. These campaigns primarily target La…SECURITYINTELLIGENCE.COM
25 JulSenator: Top Banks Only Reimburse 38% of Unauthorized ClaimsBank Execs at Senate Hearing Defend Zelle Reimbursements, Payment Fraud Programs During a hearing Tuesday, U.S. Sen. Richard Blumenthal, D-Conn., revealed that Bank of America, JPMorgan Chase and Wells Fargo only reimbursed 38% of unauthorized Zelle transaction claims - leaving c…DATABREACHTODAY.CO.UK
25 JulGoogle Chrome Warns of Malicious Files While DownloadingGoogle Chrome has introduced a revamped download experience with comprehensive warnings about potentially malicious files. This update is part of Chrome’s ongoing effort to keep users secure while interacting with downloaded content. Last year, Google Chrome unveiled a rede…GBHACKERS.COM
25 JulThreat Actors Claiming Leak of IOC list with 250M Data, CrowdStrike RespondedA hacktivist entity known as USDoD has asserted that it has leaked CrowdStrike’s “entire threat actor list” and claims to possess the company’s “entire IOC [indicators of compromise] list,” which purportedly contains over 250 million data points. Details of the Alleged Leak On Ju…GBHACKERS.COM
25 JulChainguard Raises $140 Million, Expands Tech to Secure AI WorkloadsSoftware supply chain security startup Chainguard raises a $140 million Series C round that values the company at $1.2 billion. The post Chainguard Raises $140 Million, Expands Tech to Secure AI Workloads appeared first on SecurityWeek .SECURITYWEEK.COM
25 JulNorth Korean Hacker Group Targeting Healthcare, Energy SectorsNorth Korean hackers, specifically the Andariel hacking group, are now targeting the healthcare, energy, and financial sectors according to a Mandiant report. This group is believed to be associated with North Korea's Reconnaissance General Bureau.BANKINFOSECURITY.COM
25 JulMajor Russian banks hit with DDoS attacks as Ukraine claims responsibilitysubmitted by kid to cybersecurity 10 points | 1 comments https://therecord.media/major-russian-banks-ddos-attack-ukraineTHERECORD.MEDIA
25 JulRobot dog trained to jam wireless devices during police raidsThe US Department of Homeland Security has unveiled a dog-like robot that it says has been adapted to jam the connectivity of smart home devices. Read more in my article on the Hot for Security blog.BITDEFENDER.COM
25 JulThe Real Cost of Cybersecurity: A Money Talk 💰 | Business Security WeeklyJoin Matt Alderman and Sumedh Thakar as they break down the financial side of cybersecurity on Business Security Weekly. Discover why understanding the cost to mitigate risks is crucial for effective communication and decision-making in the industry. Watch now to learn how every …YOUTUBE.COM
25 JulOnyx Sleet uses array of malware to gather intelligence for North KoreaOn July 25, 2024, the United States Department of Justice (DOJ) indicted an individual linked to the North Korean threat actor that Microsoft tracks as Onyx Sleet. Microsoft Threat Intelligence collaborated with the Federal Bureau of Investigation (FBI) in tracking activity assoc…MICROSOFT.COM
25 JulProof of Concept: How Can We Outpace Deepfake Threats?Sam Curry and Heather West on Authentication, AI Labelling and Adaptive Security As deepfakes evolve, they pose significant cybersecurity risks and require adaptable security measures. In this episode of "Proof of Concept," Sam Curry of Zscaler and Heather West of Venable discuss…DATABREACHTODAY.CO.UK
🌐 CYBER THREAT LANDSCAPE 7[−]
25 JulEchoes of Braodo Tales from the Cyber UnderworldThe Braodo Stealer, a Vietnamese-based malware, is infiltrating victims' systems to steal sensitive information like credentials and banking details for identity theft and financial harm.LABS.K7COMPUTING.COM
25 Jul6 Types of Applications Security Testing You Must Know AboutWhile the specifics for security testing vary for applications, web applications, and APIs, a holistic and proactive applications security strategy is essential for all three types. There are six core types of testing that every security professional should know about to secure t…THEHACKERNEWS.COM
25 JulReport: Malware Attacks Surge 30% in First Half of 2024The 2024 Mid-Year Cyber Threat Report from SonicWall revealed a 30% increase in malware-based threats compared to 2023, with a significant spike in attacks from March to May, including 78,923 new variants observed in the first half of 2024.INFOSECURITY-MAGAZINE.COM
25 JulFrench police push PlugX malware self-destruct payload to clean PCsThe French police and Europol are pushing out a "disinfection solution" that automatically removes the PlugX malware from infected devices in France. [...]BLEEPINGCOMPUTER.COM
25 JulPKfail Secure Boot bypass lets attackers install UEFI malwareHundreds of UEFI products from 10 vendors are susceptible to compromise due to a critical firmware supply-chain issue known as PKfail, which allows attackers to bypass Secure Boot and install malware. [...]BLEEPINGCOMPUTER.COM
📡 INFOSEC NEWS 17[−]
25 JulHacker claims theft of Piramal Group’s employee dataA hacker claims to be selling data relating to thousands of current and former employees of India's Piramal Group. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
25 JulNew Chrome Feature Scans Password-Protected Files for Malicious ContentGoogle said it's adding new security warnings when downloading potentially suspicious and malicious files via its Chrome web browser. "We have replaced our previous warning messages with more detailed ones that convey more nuance about the nature of the danger and can help users …THEHACKERNEWS.COM
25 JulPhish-Friendly Domain Registry “.top” Put on NoticeICANN has warned the Chinese company responsible for the “.top” domain registry to improve its system for managing phishing reports or risk losing its license. ".top" was found to be a popular choice for phishing websites, behind only “.com.”KREBSONSECURITY.COM
25 JulWebinar: Securing the Modern Workspace: What Enterprises MUST Know about Enterprise Browser SecurityThe browser is the nerve center of the modern workspace. Ironically, however, the browser is also one of the least protected threat surfaces of the modern enterprise. Traditional security tools provide little protection against browser-based threats, leaving organizations exposed…THEHACKERNEWS.COM
25 JulLakera Raises $20 Million to Secure GenAI ApplicationsLakera has raised $20 million in a Series A funding round. Led by European VC Atomico, with participation from Citi Ventures, Dropbox Ventures, and existing investors including redalpine, this investment brings Lakera’s total funding to $30 million.HELPNETSECURITY.COM
25 JulMeta Removes 63,000 Instagram Accounts Linked to Nigerian Sextortion ScamsMeta Platforms on Wednesday said it took steps to remove around 63,000 Instagram accounts in Nigeria that were found to target people with financial sextortion scams. "These included a smaller coordinated network of around 2,500 accounts that we were able to link to a group of ar…THEHACKERNEWS.COM
25 JulPro-Palestinian Actor Levels Six-Day DDoS Attack on UAE BankBlackMeta, known for targeting organizations in Israel, UAE, and the US, used a cybercrime service called InfraShutdown to target a UAE bank for $500-$625 a week. The attach lasted 100 hours in total.DARKREADING.COM
25 JulA shield of trust: managing cybersecurity risks through an evidence-based approach | Kaspersky official blogThe world needs a global cybersecurity risk-management strategy. Eugene Kaspersky proposes a unified approach to managing cybersecurity risks in various areas of IT security.KASPERSKY.COM
25 JulVanta Raises $150M Series C, Now Valued at $2.45BVanta's Series C funding was led by Sequoia Capital. Other participating investors include Growth Equity at Goldman Sachs Alternatives and J.P. Morgan, along with existing partners like Atlassian Ventures and Y Combinator.TECHCRUNCH.COM
25 JulSophos MDR for Microsoft Defender: Gaining momentum with Microsoft-specific service enhancementsSophos Managed Detection and Response (MDR) delivers robust defenses and maximizes your Microsoft technology investments.SOPHOS.COM
25 JulWhy Multivendor Cybersecurity Stacks Are Increasingly ObsoleteMultivendor tech stacks are costly and complex to integrate and manage. Learn more from Cynet about how an All-in-One approach reduces costs for MSPs and SMEs, while offering increased security. [...]BLEEPINGCOMPUTER.COM
25 JulTransparentTribe’s Spear-Phishing Targeting Indian Government DepartmentsThe malicious file, disguised as “Recommendation for the award of President’s.docm,” contained a VBA script that executed the CrimsonRAT remote control program, capable of stealing sensitive information.NSFOCUSGLOBAL.COM
25 JulMeta nukes massive Instagram sextortion network of 63,000 accountsMeta has removed 63,000 Instagram accounts from Nigeria that were involved in sextortion scams, including a coordinated network of 2,500 accounts linked to 20 individuals targeting primarily adult men in the United States. [...]BLEEPINGCOMPUTER.COM
25 JulWindows 11 KB5040527 update fixes Windows Backup failuresMicrosoft has released the optional KB5040527 preview cumulative update for Windows 11 23H2 and 22H2, which includes fixes for Windows Backup and upgrade failures. [...]BLEEPINGCOMPUTER.COM