🚨 CISA KEV 2[−]
30 Jul KEVCritical ServiceNow vulnerabilities expose businesses to data breachesThree critical vulnerabilities in the ServiceNow IT service management platform have been disclosed and reported to have been under active exploitation. The vulnerabilities have exposed sensitive information from over 105 organizations including government agencies, data centers,…CSOONLINE.COM
30 Jul KEVCISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2024-37085 VMware ESXi Authentication Bypass Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber acto…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 4[−]
30 Jul KEVVMware ESXi Flaw Exploited by Ransomware Groups for Admin AccessA recently patched security flaw impacting VMware ESXi hypervisors has been actively exploited by "several" ransomware groups to gain elevated permissions and deploy file-encrypting malware. The attacks involve the exploitation of CVE-2024-37085 (CVSS score: 6.8), an Active Direc…THEHACKERNEWS.COM
30 JulRaspAP Flaw Let Hackers Escalate Privileges with Raspberry Pi DevicesThe flaw, identified as CVE-2024-41637, affects RaspAP versions before 3.1.5 and has a severity score of 9.9. The vulnerability stems from improper access controls, enabling attackers to escalate privileges from www-data to root.0XZON.DEV
30 JulCritical OpenSSH “regreSSHion” Vulnerability Impacted macOS Systems, Patch NowA serious flaw in OpenSSH servers, dubbed “regreSSHion,” affects macOS systems and could allow a remote attacker to execute arbitrary code. A few weeks ago, Qualys’ threat research unit discovered this vulnerability, which has been identified as regreSSHion and …GBHACKERS.COM
30 JulProgress Patched New MOVEit File Transfer Flaw that Allows Privilege EscalationProgress, the company behind MOVEit Transfer, has issued a critical security alert addressing a newly discovered vulnerability in its MOVEit Transfer product. The flaw, CVE-2024-6576, has been classified as a high-severity issue, with a CVSS score of 7.3 indicating a significant …GBHACKERS.COM
⚠️ VULNERABILITY DISCLOSURE 21[−]
30 JulCrowdStrike crisis gives CISOs opportunity to rethink key strategiesAt 4 a.m. UTC on July 19, cybersecurity giant CrowdStrike sent out what it thought was a routine content configuration update to its Falcon product, which analyzes internet connections for malicious behavior. A worldwide IT outage of unprecedented severity and scale then unfolded…CSOONLINE.COM
30 JulMicrosoft Warns of Ransomware Gangs Abusing VMware ESXi Authentication Bypass in AttacksRansomware operators like Black Basta and Akira have already used this vulnerability in attacks, with Storm-0506 deploying Black Basta ransomware on the ESXi hypervisors of a North American engineering firm.BLEEPINGCOMPUTER.COM
30 JulHackers Exploiting ESXi Hypervisor Auth Bypass Flaw For Ransomware AttacksHackers prefer ransomware attacks primarily because they offer the highest chance of financial gain. By locking victims’ information systems and asking for payment to release them, ransomware attacks lock victims’ information systems and demand payment to unlock them.…GBHACKERS.COM
30 JulProofpoint’s Email Protection Let Attackers Send Millions Of Phishing EmailsHackers use phishing emails to mislead recipients into providing personal data like usernames, passwords, credit card numbers, or social security numbers. This method exploits human emotions and trust, allowing a threat actor to compromise an account, steal an identity, or dissem…GBHACKERS.COM
30 JulHeap exploitation, glibc internals and nifty tricks.This is a writeup of a heap pwn challenge at HitconCTF Qualifiers 2024, which explains some glibc malloc internals and some heap exploitation tricks that can be used for getting a shell!QUARKSLAB.COM
30 JulStudy: Average Cost of a Data Breach Rises to $4.9 MillionInvolving Law Enforcement After Ransomware Attacks Drives Down Costs, Study Finds Data breaches continue to grow more costly, with the average cost of a breach hitting an all-time high of $4.9 million, driven by greater business disruption and post-breach customer support and rem…DATABREACHTODAY.CO.UK
30 JulDriving the Business of Infosec Through the GRC Program - Greg Bee - CSP #185Join us as we discuss the organization’s GRC program and how GRC helps drive the business of information security from internal and external perspectives to integrate security into the culture, while maintaining compliance with regulations imposed for insurance and public compani…YOUTUBE.COM
30 JulMassive Phishing Campaign Exploiting Proofpoint’s Email Protection to Dispatch Millions of Perfectly Spoofed EmailsThe campaign began in January 2024 and peaked at 14 million emails in June. The emails were designed to steal sensitive information and included authentic-looking signatures to bypass security measures.LABS.GUARD.IO
30 JulApple Releases Security Updates for Multiple ProductsApple released security updates to address vulnerabilities in Safari, iOS, iPadOS, macOS, watchOS, tvOS, and visionOS. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review …CISA.GOV
30 JulCirrus: Open-source Google Cloud forensic collection - Help Net Securitysubmitted by MajorTom to cybersecurity 1 points | 0 comments https://www.helpnetsecurity.com/2024/07/29/cirrus-open-source-google-cloud-forensic-evidence-collection/ Cirrus is a command-line tool written in Python to facilitate environment access and evidence collection across Go…INFOSEC.PUB
30 JulPhishers exploited Proofpoint weakness to spoof emails from IBM, Nike, and morePhishing campaigns that spoof well-known global brands such as Disney, IBM, Nike, Best Buy, and Coca-Cola to trick recipients into clicking on malicious emails should be a thing of the past. We trust this assumption thanks to a suite of mature email authentication technologies da…CSOONLINE.COM
30 JulAI-Powered Deepfake Tools Becoming More Accessible Than EverTrend Micro research uncovers new cybercrime tools posing increased threats to security, highlighting the rapid evolution of AI-powered hacking services and their potential for mass exploitationTRENDMICRO.COM
30 JulRansomware Gangs Exploit VMware ESXi FlawBug Allows Attackers to Add New Users to a Group With Full Admin Privileges Ransomware hackers discovered a way to gain full administrative privileges on VMware ESXi hypervisors connected to Microsoft's Active Directory, a finding that resulted in extortion demands from cybercrim…DATABREACHTODAY.CO.UK
30 JulCISA warns of VMware ESXi bug exploited in ransomware attacksCISA has ordered U.S. Federal Civilian Executive Branch (FCEB) agencies to secure their servers against a VMware ESXi authentication bypass vulnerability exploited in ransomware attacks. [...]BLEEPINGCOMPUTER.COM
30 JulLineaje raises $20M to help organizations combat software supply chain threatsThe software supply chain faces threats from all sides. A 2024 report by the Ponemon Institute found that over half of organizations have experienced a software supply chain attack, with 54% having experienced one within the past year. Supply chain attacks typically target servic…TECHCRUNCH.COM
30 JulUbook - 699,908 breached accountsIn July 2024, 700k unique email addresses from the audiobook platform Ubook were posted to a popular hacking forum . Allegedly scraped from the service, the data appears to be sourced from the Ubook Exchange (UBX) and also includes names, genders, dates of birth and links to prof…HAVEIBEENPWNED.COM
30 JulCyberRiskTV Live Coverage from BlackHat 2024 - Day 2CyberRisk Alliance broadcasting live from the CyberRiskTV Studio, Four Seasons Hotel Las Vegas, at BlackHat 2024! *Schedule:* 9:00am-9:15am PT - Daily Show Intro ft. Bill Brenner & Paul Wagenseil 9:30am-9:45am PT - "Let’s Get Real About Where AI can Help SecOps" ft. Mike Lyborg, …YOUTUBE.COM
30 JulImproving the security of Chrome cookies on WindowsPosted by Will Harris, Chrome Security Team Cybercriminals using cookie theft infostealer malware continue to pose a risk to the safety and security of our users. We already have a number of initiatives in this area including Chrome’s download protection using Safe Browsing, Devi…SECURITY.GOOGLEBLOG.COM
📋 SECURITY BULLETINS 2[−]
30 JulApple Rolls Out Security Updates for iOS, macOSApple has released security patches for dozens of vulnerabilities in iOS, macOS, tvOS, visionOS, watchOS, and Safari. The post Apple Rolls Out Security Updates for iOS, macOS appeared first on SecurityWeek .SECURITYWEEK.COM
30 JulProviding Security Updates to Automobile SoftwareAuto manufacturers are just starting to realize the problems of supporting the software in older models: Today’s phones are able to receive updates six to eight years after their purchase date. Samsung and Google provide Android OS updates and security updates for seven years. Ap…SCHNEIER.COM
📢 SECURITY ADVISORIES 9[−]
30 JulThe Power and Peril of RMM ToolsAs more people work remotely, IT departments must manage devices distributed over different cities and countries relying on VPNs and remote monitoring and management (RMM) tools for system administration. However, like any new technology, RMM tools can also be used maliciou…THEHACKERNEWS.COM
30 JulThe AI Fix #9: When AI detectors fail (spectacularly), and OpenAI’s five steps to SkynetIn episode nine of "The AI Fix", our hosts learn about the world's most dangerous vending machine, a cartoonist who hypnotises himself with AI, and OpenAI's plans to eat Google's lunch. Graham tells Mark about a pig-farming professor, and Mark tests Graham's tolerance with OpenAI…GRAHAMCLULEY.COM
30 JulGoogle Cloud CISO Phil Venables: ‘I’m short-term pessimistic, long-term optimistic’SecurityWeek fireside chat: Google Cloud CISO on CISA’s secure-by-design initiatives, government regulations, holding vendors accountable, and transformational security leadership. The post Google Cloud CISO Phil Venables: ‘I’m short-term pessimistic, long-term optimistic’ …SECURITYWEEK.COM
30 JulAI Pulse: Brazil Gets Bold with Meta, Interpol’s Red Flag & moreThe second edition of AI Pulse is all about AI regulation: what’s coming, why it matters, and what might happen without it. We look at Brazil’s hard não to Meta, how communities are pushing back against AI training data use, Interpol’s warnings about AI deepfakes, and more.TRENDMICRO.COM
30 JulForever mouse, RPC, WhatsApp, NIST, PKFail, 0Auth, Josh Marpet, and More... - SWN #402Forever Mouse, RPC, WhatsApp, NIST, PKFail, 0Auth, Josh Marpet, and More, on this Edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-402YOUTUBE.COM
30 JulGUEST ESSAY: CrowdStrike outage fallout — stricter regulations required to achieve resiliencyWhat does the recent CrowdStrike outage tell us about the state of digital resiliency? Related: CrowdStrike’s consolation backfires On a resiliency scale of one to 10, most enterprises are at about two. This was clear over the weekend when over … (more…) The post GUES…LASTWATCHDOG.COM
30 JulDigiCert Certificate RevocationsDigiCert, a certificate authority (CA) organization , is revoking a subset of transport layer security (TLS) certificates due to a non-compliance issue with domain control verification (DCV). Revocation of these certificates may cause temporary disruptions to websites, services, …CISA.GOV
🔥 INCIDENT REPORTING 21[−]
30 JulNew SideWinder Cyber Attacks Target Maritime Facilities in Multiple CountriesThe nation-state threat actor known as SideWinder has been attributed to a new cyber espionage campaign targeting ports and maritime facilities in the Indian Ocean and Mediterranean Sea. The BlackBerry Research and Intelligence Team, which discovered the activity, said targets of…THEHACKERNEWS.COM
30 JulSurging data breach disruption drives costs to record highsSecurity teams are getting better at detecting and responding to breach incursions, but attackers are inflicting greater pain on organizations’ bottom lines. IBM’s recent Cost of a Data Breach Report 2024 found the global average breach hit a record $4.88 million. Tha…SECURITYINTELLIGENCE.COM
30 JulThreat Actor Allegedly Claiming Breach of CyeprA threat actor has allegedly claimed responsibility for breaching Cyepro Solutions, a company known for its cloud solutions tailored to the automotive sales industry. The breach, reportedly in July 2024, has potentially compromised the personal information of approximately 97,000…GBHACKERS.COM
30 JulThreat Actor Allegedly Claiming Hack of Microsoft Employee’s Device A threat actor has taken to social media to claim responsibility for hacking into a Microsoft employee’s device. The announcement was made via a Telegram post, accompanied by a video purportedly showing the breach’s aftermath, as per a tweet by ThreatMon, a Cybe…GBHACKERS.COM
30 JulUkraine Claims Cyber Attack Disrupted Russian ATMs and Banking Systemsubmitted by kid to cybersecurity 1 points | 0 comments https://hackread.com/ukraine-cyber-attack-disrupted-russian-atm-banking/HACKREAD.COM
30 JulUK govt links 2021 Electoral Commission breach to Exchange serverThe United Kingdom's Information Commissioner's Office (ICO) revealed today that the Electoral Commission was breached in August 2021 because it failed to patch its on-premise Microsoft Exchange Server against ProxyShell vulnerabilities. [...]BLEEPINGCOMPUTER.COM
30 Julubook Suffered Data Breach, 710,000 Users’ Data ExposedThe popular audiobook and podcast platform uBook has been affected by a data breach that exposed the personal information of 710,000 users. According to a tweet by ThreatMon, the breach, which occurred in July 2024, was announced by a member of a dark web forum, raising serious c…GBHACKERS.COM
30 JulThe State of Ransomware in Healthcare 2024402 healthcare IT/cybersecurity leaders share their latest ransomware experiences, revealing fresh insights into the realities facing the healthcare sector today.SOPHOS.COM
30 JulHealthEquity data breach affects 4.3 million peopleHealthEquity said the March data breach included personal information and protected health data on millions of people. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
30 JulChange Healthcare Begins to Notify Millions Affected by HackChange Healthcare has started the process of notifying millions of Americans affected by a massive cyberattack and data theft that occurred more than five months ago. The company is sending individual breach notification letters on a rolling basis.BANKINFOSECURITY.COM
30 JulHow a Rapid Response Update Broke 8 Million Laptops!Adrian Sanabria explains how a rapid response content update caused chaos, affecting over eight million laptops in less than half an hour. Discover the critical flaw in the update process and the solution that could prevent future incidents. Catch the full segment here: https://w…YOUTUBE.COM
30 JulColumbus investigates whether data was stolen in ransomware attackThe City of Columbus, Ohio, says it's investigating whether personal data was stolen in a ransomware attack on July 18, 2024 that disrupted the City's services. [...]BLEEPINGCOMPUTER.COM
30 JulNews Alert: Adaptive Shield to showcase new ITDR platform for SaaS at Black Hat USALas Vegas, Nev., July 30, 2024, CyberNewsWire — Amid rising breaches including Snowflake, the platform helps security teams proactively detect and respond to identity-centric threats in business-critical SaaS applications. Adaptive Shield , a leader in SaaS Security, today …LASTWATCHDOG.COM
30 JulOrganizations Prepare for More Evolved AI-Based Cyber Attacks as Deepfakes Become Top ConcernNew data on how the threat of AI in cyber crime is being seen as a growing risk provides insight into how organizations are shifting from reaction to prevention.KNOWBE4.COM
30 JulDark Angels Ransomware Group Scores Record-Breaking $75 Million PaydayIn the ever-evolving world of cybercrime, ransomware attacks continue to be a lucrative business for cybercriminals.KNOWBE4.COM
30 JulTrellix's Dual AI Strategy: Combating and Using AI in CyberCEO Bryan Palma on Cobalt Strike Takedown and Generative AI's Role in Cyber Defense Bryan Palma, CEO of Trellix, shares insights into the company's involvement in cybercrime takedowns and the integration of generative AI into the company's XDR platform. He discusses how Trellix W…DATABREACHTODAY.CO.UK
30 JulJudge Allows Lawsuit Against EHR Vendor in Hack to ProceedSeveral Claims Dismissed, But Other Allegations in Breach Case Get a Green Light A federal judge has dismissed several claims but has given the green light for plaintiffs to move forward with other allegations in a proposed class action filed against electronic health records ven…DATABREACHTODAY.CO.UK
30 JulBlack Basta ransomware switches to more evasive custom malwareThe Black Basta ransomware gang has shown resilience and an ability to adapt to a constantly shifting space, using new custom tools and tactics to evade detection and spread throughout a network. [...]BLEEPINGCOMPUTER.COM
30 JulDark Angels ransomware receives record-breaking $75 million ransomA Fortune 50 company paid a record-breaking $75 million ransom payment to the Dark Angels ransomware gang, according to a report by Zscaler ThreatLabz. [...]BLEEPINGCOMPUTER.COM
30 JulSpytech - 5,645 breached accountsIn July 2024, spyware maker Spytech suffered a data breach that exposed data collected as recently as the previous month . Designed to "invisibly record everything users do", the breach exposed information related to both purchasers and targets of the product. Target da…HAVEIBEENPWNED.COM
🕵️ THREAT INTELLIGENCE 25[−]
30 JulISC Stormcast For Tuesday, July 30th, 2024 https://isc.sans.edu/podcastdetail/9074, (Tue, Jul 30th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
30 JulDigiCert to Revoke Thousands of Certificates Following Domain Validation ErrorDigiCert, a leading digital certificate provider, has announced the revocation of thousands of certificates due to a domain validation error. This decision follows the discovery of a critical issue in their Domain Control Validation (DCV) process, which has affected approximately…GBHACKERS.COM
30 JulZeroTier Raises $13.5 Million in Series A FundingVirtual networking provider ZeroTier has raised $13.5 million in a Series A funding round led by Battery Ventures. The post ZeroTier Raises $13.5 Million in Series A Funding appeared first on SecurityWeek .SECURITYWEEK.COM
30 JulCyber Insurance Provider Cowbell Raises $60 MillionZurich Insurance Group has invested $60 million in cyber insurance firm Cowbell to help it scale operations and deliver new products. The post Cyber Insurance Provider Cowbell Raises $60 Million appeared first on SecurityWeek .SECURITYWEEK.COM
30 JulThousands Download New Mandrake Android Spyware Version From Google PlayFive Android applications containing the Mandrake spyware have been downloaded over 32,000 times from Google Play since 2022. The post Thousands Download New Mandrake Android Spyware Version From Google Play appeared first on SecurityWeek .SECURITYWEEK.COM
30 JulHacker Attacking Bank Users With AI-powered Phishing Tools and Android MalwareCybersecurity firm Group-IB has uncovered a sophisticated cybercrime operation targeting Spanish banking customers. The criminal group GXC Team has been using AI-powered phishing tools and Android malware to steal sensitive banking information. This article delves into the GXC Te…GBHACKERS.COM
30 JulAcidPour Malware Attacking Linux Data Storage Devices To Wipe Out DataIn March 2024, a new variant of the AcidRain wiper malware dubbed “AcidPour” was noticed. It targets Linux data storage devices and permanently erases data from the targeted systems, making them inoperative. It targets crucial sectors of Linux devices such as SCSI SATA, Memory Te…GBHACKERS.COM
30 JulCyber Threat Intelligence: Illuminating the Deep, Dark Cybercriminal UndergroundLearn about critical threats that can impact your organization and the bad actors behind them from Cybersixgill’s threat experts. Each story shines a light on underground activities, the threat actors involved, and why you should care, along with what you can do to mitigate risk.…THEHACKERNEWS.COM
30 JulSocGholish Malware Attacking Windows Users Using Fake Browser UpdateThe SocGholish downloader has been in operation since 2017 and it is still evolving. This malware, which poses as a browser update, is favored by multiple threat groups such as the Russian-operated Evil Corp (Manatee Tempest) and the Initial Access Broker TA569 (Mustard Tempest).…GBHACKERS.COM
30 Jul1 million HotJar users vulnerable to XSS attackssubmitted by kid to cybersecurity 1 points | 0 comments https://www.scmagazine.com/news/1-million-hotjar-users-vulnerable-to-xss-attacksSCMAGAZINE.COM
30 Jul'Zeus' Hacker Group Strikes Israeli Olympic Athletes in Data Leaksubmitted by kid to cybersecurity 2 points | 0 comments https://www.darkreading.com/threat-intelligence/zeus-hacker-group-strikes-israeli-olympic-athletes-data-leakDARKREADING.COM
30 JulWalmart Discovers New PowerShell Backdoor Linked to Zloader Malwaresubmitted by kid to cybersecurity 4 points | 0 comments https://www.infosecurity-magazine.com/news/walmart-powershell-backdoor-zloader/INFOSECURITY-MAGAZINE.COM
30 JulCyberheistNews Vol 14 #31 How The Whole World Now Knows About Fake North Korean IT WorkersKNOWBE4.COM
30 JulIndian APT Targeting Mediterranean Ports and Maritime FacilitiesThe SideWinder APT has been targeting ports and maritime facilities in the Indian Ocean and Mediterranean Sea in recent attacks. The post Indian APT Targeting Mediterranean Ports and Maritime Facilities appeared first on SecurityWeek .SECURITYWEEK.COM
30 JulAI, Cybersecurity Top Investment Areas for Industrial Organizations: CiscoCisco has published its inaugural State of Industrial Networking report, based on a survey of 1,000 individuals. The post AI, Cybersecurity Top Investment Areas for Industrial Organizations: Cisco appeared first on SecurityWeek .SECURITYWEEK.COM
30 JulSoftware Supply Chain Security Firm Lineaje Raises $20M in Series A FundingSoftware supply chain security startup Lineaje has raised $20 million in a Series A funding round that brings the total to $27 million. The post Software Supply Chain Security Firm Lineaje Raises $20M in Series A Funding appeared first on SecurityWeek .SECURITYWEEK.COM
30 JulA CISO's Perspective on AI, Appsec, and Changing Behaviors - Paul Davis - ASW #293Modern appsec isn't modern because security tools got shifted in one direction or another, or because teams are finding and fixing more vulns. It's modern because appsec is meeting developer needs and supporting the business. Paul Davis talks about how AI is (and isn't) changing …YOUTUBE.COM
30 JulADHD Struggles in Cybersecurity & Security News RoundupBalancing priorities in cybersecurity can be challenging, especially without ADHD! Join Katie, Darwin, and Adrian as they discuss the importance of focusing on top priorities and staying efficient in the ever-evolving world of security. Plus, a quick look at the latest in funding…YOUTUBE.COM
30 JulSideWinder Utilizes New Infrastructure to Target Ports and Maritime Facilities in the Mediterranean SeaThe recent attacks by the SideWinder APT group use phishing lures related to emotional topics like sexual harassment and salary cuts to trick victims into opening booby-trapped Microsoft Word documents.BLOGS.BLACKBERRY.COM
30 JulNew Phishing Kit Uses Voice Call Generator to Impersonate Spanish BanksA new cybercriminal group is selling “a sophisticated AI-powered phishing-as-a-service platform” that targets 36 Spanish banks, according to researchers at Group-IB.KNOWBE4.COM
30 JulAccount Takeover Fraud Declines in Financial ServicesTighter Security Controls Help Stop Fraud, But Fake IDs and Web Scraping Are Rising Account takeover fraud in the financial services industry is declining in contrast with other industries such as retail and hospitality. Researchers at Human Security attribute the nearly 50% redu…DATABREACHTODAY.CO.UK
30 JulMeta Prompt Guard Is Vulnerable to Prompt Injection AttacksResearchers Add Spaces in 'Ignore Previous Instructions' Prompt to Bypass Security A machine learning model that Meta released last week to prevent prompt injection attacks is vulnerable to prompt injection attacks, researchers said. There is as yet no definitive solution to the …DATABREACHTODAY.CO.UK
30 JulNew Microsoft whitepaper shares how to prepare your data for secure AI adoptionIn our newly released whitepaper, we share strategies to prepare for the top data challenges and new data security needs in the age of AI. The post New Microsoft whitepaper shares how to prepare your data for secure AI adoption appeared first on Microsoft Security Blog .MICROSOFT.COM
30 JulCyberRiskTV Live Coverage from BlackHat 2024 - Day 1CyberRisk Alliance broadcasting live from the CyberRiskTV Studio, Four Seasons Hotel Las Vegas, at BlackHat 2024! *Schedule:* 10:00am-10:15am PT Daily Show Intro ft. Bill Brenner & Paul Wagenseil 10:30am-10:45am PT - "Operational Resilience in Healthcare" ft. Marty Momdjian, Exec…YOUTUBE.COM
30 JulCyberRiskTV Live Coverage from BlackHat 2024 - Day 3CyberRisk Alliance broadcasting live from the CyberRiskTV Studio, Four Seasons Hotel Las Vegas, at BlackHat 2024! *Schedule:* 9:30am-9:45am PT - Daily Show Intro ft. Bill Brenner & Paul Wagenseil 10:00am-10:15am PT - "Cyber Resilience and the C-Suite Navigating Innovation and Ris…YOUTUBE.COM
🌐 CYBER THREAT LANDSCAPE 10[−]
30 JulLive Webinar Today | Accelerate your SOC with AI-driven security analytics with Elastic and Google CloudDATABREACHTODAY.CO.UK
30 JulOneDrive Phishing Scam Tricks Users into Running Malicious PowerShell ScriptCybersecurity researchers are warning about a new phishing campaign that targets Microsoft OneDrive users with the aim of executing a malicious PowerShell script. "This campaign heavily relies on social engineering tactics to deceive users into executing a PowerShell script, ther…THEHACKERNEWS.COM
30 JulMalware Campaign Lures Users With Fake W2 FormA malicious campaign targeting users searching for W2 forms began on June 21, 2024, with a JavaScript file dropping a Brute Ratel Badger DLL into the user's AppData. This initiated the installation of a Latrodectus backdoor.GBHACKERS.COM
30 JulCybercriminals Target Polish Businesses with Agent Tesla and Formbook MalwareCybersecurity researchers have detailed widespread phishing campaigns targeting small and medium-sized businesses (SMBs) in Poland during May 2024 that led to the deployment of several malware families like Agent Tesla, Formbook, and Remcos RAT. Some of the other regions targeted…THEHACKERNEWS.COM
30 JulNew Mandrake Spyware Found in Google Play Store Apps After Two YearsA new iteration of a sophisticated Android spyware called Mandrake has been discovered in five applications that were available for download from the Google Play Store and remained undetected for two years. The applications attracted a total of more than 32,000 installations befo…THEHACKERNEWS.COM
30 JulCrafty ClickFix-Style Phishing Campaign Targets Microsoft OneDrive UsersThe attackers use social engineering tactics to get users to run a PowerShell script, compromising their systems. The scam starts with an email containing an HTML file that tricks the recipient into clicking on a button to fix a fake DNS issue.SECURITYAFFAIRS.COM
30 JulNew PowerShell Backdoor Linked to Zloader MalwareThe newly discovered backdoor has limited samples available on VirusTotal, making detection more difficult. It operates by collecting system information and sending it to a command and control server, awaiting further instructions.INFOSECURITY-MAGAZINE.COM
30 JulGoogle Chrome adds app-bound encryption to block infostealer malwareGoogle Chrome has added app-bound encryption for better cookie protection on Windows systems and improved defenses against information-stealing malware attacks. [...]BLEEPINGCOMPUTER.COM
30 JulMassive SMS stealer campaign infects Android devices in 113 countriesA malicious campaign targeting Android devices worldwide utilizes thousands of Telegram bots to infect devices with SMS-stealing malware and steal one-time 2FA passwords (OTPs) for over 600 services. [...]BLEEPINGCOMPUTER.COM
30 JulPhishing targeting Polish SMBs continues via ModiLoaderESET researchers detected multiple, widespread phishing campaigns targeting SMBs in Poland during May 2024, distributing various malware familiesWELIVESECURITY.COM
📡 INFOSEC NEWS 16[−]
30 JulMicrosoft 365 Users Targeted by Phishers Abusing Microsoft FormsThe phishing campaigns involve sending fake emails that appear to be from Microsoft, leading recipients to malicious Microsoft Forms impersonating Microsoft 365 or Adobe login pages.HELPNETSECURITY.COM
30 JulAttackers Bypassed Google’s Email Verification to Create Workspace Accounts, Access Third-Party ServicesThe issue, which began in late June, affected a few thousand Workspace accounts that were created without domain verification. Google has since fixed the problem and added more security measures to prevent similar bypasses in the future.KREBSONSECURITY.COM
30 JulHotjar, Business Insider Vulnerabilities Expose OAuth Data RisksCritical vulnerabilities within Hotjar and Business Insider have been uncovered by security researchers, posing risks for enterprises. These vulnerabilities highlight a broader issue with XSS flaws reintroduced by new technologies, increasing risks.INFOSECURITY-MAGAZINE.COM
30 JulFake leaks of passwords and seed phrases are scammers' new weapons | Kaspersky official blogThe scammers lure their victims by imitating insider leaks of crypto wallet credentials.KASPERSKY.COM
30 JulMicrosoft 365 and Azure outage takes down multiple servicesMicrosoft is investigating an ongoing and widespread outage blocking access to some Microsoft 365 and Azure services. [...]BLEEPINGCOMPUTER.COM
30 JulIs your password policy working? Key cybersecurity KPIs to measureAre your password policies having a positive impact on the cybersecurity posture of your org? Learn more from Specops Software about how to align password policies with wider cybersecurity KPIs. [...]BLEEPINGCOMPUTER.COM
30 JulDigiCert mass-revoking TLS certificates due to domain validation bugDigiCert is warning that it will be mass-revoking SSL/TLS certificates due to a bug in how the company verified if a customer owned or operated a domain and requires impacted customers to reissue certificates within 24 hours. [...]BLEEPINGCOMPUTER.COM
30 JulEuropean Central Bank Concludes Banking Cyber Stress TestThe European Central Bank has completed a cyber stress test for the banking sector, finding that while banks have strong response frameworks, there is still room for improvement in recovery capabilities.BANKINFOSECURITY.COM
30 JulCowbell Secures $60 Million Series C Funding From Zurich Insurance GroupThis investment will allow Cowbell to expand its operations, enter key global markets, enhance cyber resilience services, introduce innovative products, and strengthen partnerships.DARKREADING.COM
30 JulUS State Department Says UN Cybercrime Treaty Must Include Human Rights ProtectionsThe U.S. State Department emphasized the importance of including human rights protections in the upcoming United Nations cybercrime treaty. The final round of negotiations for the treaty, which began on Monday and will conclude on August 9, 2024.THERECORD.MEDIA
30 JulMeta's AI Safety System Manipulated by Space Bar Characters to Enable Prompt InjectionA bug hunter discovered a bypass in Meta's Prompt-Guard-86M model by inserting character-wise spaces between English alphabet characters, rendering the classifier ineffective in detecting harmful content.THEREGISTER.COM
30 JulApple Patches Everything. July 2024 Edition, (Tue, Jul 30th)Yesterday, Apple released patches across all of its operating systems. A standalone patch for Safari was released to address WebKit problems in older macOS versions. Apple does not provide CVSS scores or severity ratings. The ratings below are based on my reading of the impact. H…ISC.SANS.EDU
30 JulIt took some serious nerve for Wiz to walk away from Google’s $23B offerFor one thing, Wiz could have seen Google’s offer as validation that it's better off staying independent. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
30 JulIsraeli athletes doxed at Olympic Games by Zeus hacking groupOn Friday posts were published on the internet containing what appeared to be the personal information of Israeli Olympic athletes. Read more in my article on the Hot for Security blog.BITDEFENDER.COM