🐛 COMMON VULNERABILITIES AND EXPOSURES 2[−]
2 AugHackers Actively Exploiting WordPress Plugin Arbitrary File Upload VulnerabilityHackers have been actively exploiting a critical vulnerability in the WordPress plugin 简数采集器 (Keydatas). The vulnerability, CVE-2024-6220, allows unauthenticated threat actors to upload arbitrary files to a vulnerable site, potentially leading to remote code execution and complet…GBHACKERS.COM
2 AugSecurity Bypass Vulnerability Found in Rockwell Automation Logix ControllersA high-severity security bypass vulnerability tracked as CVE-2024-6242 has been found and fixed in Rockwell Automation Logix controllers. The post Security Bypass Vulnerability Found in Rockwell Automation Logix Controllers appeared first on SecurityWeek .SECURITYWEEK.COM
⚠️ VULNERABILITY DISCLOSURE 13[−]
2 AugWeekly Update 411Presently sponsored by: 1Password Extended Access Management: Secure every sign-in for every app on every device. The ongoing scourge that is spyware (or, as it is commonly known, "stalkerware"), and the subsequent breaches that so often befall them continue to amaze me…TROYHUNT.COM
2 AugEight-year-old “Sitting Ducks” DNS weakness exploited to hijack web domains with impunityThe vast global Domain Name System (DNS) is so fundamental to the way the web works that service providers and their customers are sure to configure and manage it carefully. That’s the theory — now for the reality. In a small but far from harmless number of cases, the global DNS …CSOONLINE.COM
2 Aug12 wide-impact firmware vulnerabilities and threatsNowadays all major operating systems and software programs receive automatic security updates that help users secure their systems against the barrage of vulnerabilities discovered every month. But this is still not the case for billions of embedded devices that impact our everyd…CSOONLINE.COM
2 Aug KEVCISA Warns of Avtech Camera Vulnerability Exploited in WildAn Avtech camera vulnerability that likely remains unfixed has been exploited in the wild, according to CISA. The post CISA Warns of Avtech Camera Vulnerability Exploited in Wild appeared first on SecurityWeek .SECURITYWEEK.COM
2 AugMirai Botnet targeting OFBiz Servers Vulnerable to Directory TraversalEnterprise Resource Planning (ERP) Software is at the heart of many enterprising supporting human resources, accounting, shipping, and manufacturing. These systems can become very complex and difficult to maintain. They are often highly customized, which can make patching difficu…THEHACKERNEWS.COM
2 AugNew Windows Backdoor BITSLOTH Exploits BITS for Stealthy CommunicationCybersecurity researchers have discovered a previously undocumented Windows backdoor that leverages a built-in feature called Background Intelligent Transfer Service (BITS) as a command-and-control (C2) mechanism. The newly identified malware strain has been codenamed BITSLOTH by…THEHACKERNEWS.COM
2 AugBitdefender Vulnerability Let Attackers Trigger SSRF Attackssubmitted by kid to cybersecurity 1 points | 0 comments https://cybersecuritynews.com/bitdefender-ssrf-vulnerability/CYBERSECURITYNEWS.COM
2 AugWebinar: Discover the All-in-One Cybersecurity Solution for SMBsIn today's digital battlefield, small and medium businesses (SMBs) face the same cyber threats as large corporations, but with fewer resources. Managed service providers (MSPs) are struggling to keep up with the demand for protection. If your current cybersecurity strategy feels …THEHACKERNEWS.COM
2 AugWho are the two Russian convicts released in the US-Russia prisoner swap?In what is being lauded as a historic feat, the Biden administration, on Thursday, concluded a prisoner swap with the Kremlin, as part of an exchange deal that involved five other countries. The deal allowed the White House to bring home 16 US citizens from Russia, including thre…CSOONLINE.COM
2 Aug7 network security startups to watchEnterprise cybersecurity protections are failing to keep pace with the evolving threat landscape, which now includes everything from the weaponization of AI to state-sponsored hacking groups to the metastasizing of run-of-the-mill vulnerabilities (misconfigurations, unpatched dev…NETWORKWORLD.COM
2 AugCryptonator seized for laundering ransom payments, stolen cryptoU.S. and German law enforcement seized the domain of the crypto wallet platform Cryptonator, used by ransomware gangs, darknet marketplaces, and other illicit services, and indicted its operator. [...]BLEEPINGCOMPUTER.COM
2 AugPhishing Attacks Continue to Leverage URL Shorteners to Obfuscate Malicious LinksAnalysis of current phishing attacks by security researchers have uncovered an increase in the use of trusted shortlink services.KNOWBE4.COM
2 AugEnhancing Cyber Resilience: Insights from CISA Red Team Assessment of a US Critical Infrastructure Sector OrganizationEXECUTIVE SUMMARY The Cybersecurity and Infrastructure Security Agency (CISA) conducted a red team assessment (RTA) at the request of a critical infrastructure organization. During RTAs, CISA’s red team simulates real-world malicious cyber operations to assess an organization’s c…CISA.GOV
📋 SECURITY BULLETINS 2[−]
2 AugMicrosoft confirms cyber attack cause outage and it's own defences may have made the impact worse: Cybersecurity Today for Friday, August 2, 2024In this episode of Cybersecurity Today, host Jim Love explores the aftermath of Microsoft's 10-hour global outage due to a DDoS attack, the Canadian Privacy Commissioner's investigation into Ticketmaster, the severe impact of a ransomware attack on U.S. blood bank OneBlood, and t…CYBERSECURITYTODAY.LIBSYN.COM
2 AugCrowdStrike sued by investors over massive global IT outageCybersecurity company CrowdStrike has been sued by investors who say it provided false claims about its Falcon platform after a bad security update led to a massive global IT outage causing the stock price to tumble almost 38%. [...]BLEEPINGCOMPUTER.COM
📢 SECURITY ADVISORIES 3[−]
2 AugRussia, Moldova Targeted by Obscure Hacking Group in New Cyberespionage CampaignA cyberespionage group known as XDSpy targeted Russia and Moldova with new malware. The group sent phishing emails to Russian targets, including a tech company and an organization in Transnistria.THERECORD.MEDIA
2 AugLeaked GitHub Python TokenHere’s a disaster that didn’t happen : Cybersecurity researchers from JFrog recently discovered a GitHub Personal Access Token in a public Docker container hosted on Docker Hub, which granted elevated access to the GitHub repositories of the Python language, Python Pa…SCHNEIER.COM
🔥 INCIDENT REPORTING 11[−]
2 AugLuLu - 190,506 breached accountsIn July 2024, the Emirati-based LuLu retail store suffered a data breach . The impacted data included 190k email addresses and associated phone numbers which were subsequently shared on a popular hacking forum.HAVEIBEENPWNED.COM
2 AugAPT41 Likely Compromised Taiwanese Government-Affiliated Research Institute with ShadowPad and Cobalt StrikeA government-affiliated research organization in Taiwan was attacked by APT41 hackers, a notorious Chinese hacking group known for targeting sensitive technologies. The breach, starting in July 2023, was identified by Cisco Talos researchers.TALOSINTELLIGENCE.COM
2 AugGoogle Chrome Adds App-Bound Encryption to Block Infostealer MalwareGoogle Chrome has implemented app-bound encryption to enhance cookie protection on Windows and defend against infostealer malware. This new feature encrypts data tied to app identity, similar to macOS's Keychain, to prevent unauthorized access.BLEEPINGCOMPUTER.COM
2 AugNew BlankBot Android Trojan Can Steal User DataThe BlankBot Android trojan exfiltrates user data, executes C&C commands, and supports custom injections, keylogging, and screen recording. The post New BlankBot Android Trojan Can Steal User Data appeared first on SecurityWeek .SECURITYWEEK.COM
2 AugGlobal Cyber Attacks See Highest Increases in the Last Two YearsNew analysis of Q2 2024 cyber attacks shows the number of attacks experienced weekly by organizations globally is on the rise.KNOWBE4.COM
2 AugPharma giant Cencora is alerting millions about its data breachThe pharma giant won't say how many patients were affected by its February data breach. A count by TechCrunch confirms that over a million people are affected. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
2 AugHow Generative AI Revolutionizes SOC: Insights from Greg NotchIn this clip from Enterprise Security Weekly, Greg Notch discusses the transformative potential of generative AI in security operations centers (SOCs). He highlights how AI can enhance explainability and pattern recognition, making it easier to understand and respond to security …YOUTUBE.COM
2 AugAPT41 Hackers Use ShadowPad, Cobalt Strike in Taiwanese Institute Cyber AttackA Taiwanese government-affiliated research institute that specializes in computing and associated technologies was breached by nation-state threat actors with ties to China, according to new findings from Cisco Talos. The unnamed organization was targeted as early as mid-July 202…THEHACKERNEWS.COM
2 AugCybersecurity Compass: An Integrated Cyber Defense StrategyExplore how the Cybersecurity Compass can guide various security professionals' and stakeholders' decision-making before, during, and after a breach.TRENDMICRO.COM
2 AugAttackers leverage Cloudflare tunnels to obscure malware distributionCybercriminals regularly abuse free services to host malware or to set up command-and-control (C2) infrastructure because they know connections to such services won’t raise suspicion inside networks. Such is the case with TryCloudflare.com, which was recently abused in a widespre…CSOONLINE.COM
2 AugAI and automation reducing breach costs – Week in security with Tony AnscombeOrganizations that leveraged AI and automation in security prevention cut the cost of a data breach by US$2.22 million compared to those that didn't deploy these technologies, according to IBMWELIVESECURITY.COM
🕵️ THREAT INTELLIGENCE 26[−]
2 AugOver 35k Domains Hijacked in ‘Sitting Ducks’ AttacksThreat actors have hijacked over 35,000 domains in five years because DNS providers fail to properly verify domain ownership. The post Over 35k Domains Hijacked in ‘Sitting Ducks’ Attacks appeared first on SecurityWeek .SECURITYWEEK.COM
2 AugCybersecurity M&A Roundup: 25 Deals Announced in July 2024Roundup of the more than two dozen cybersecurity-related merger and acquisition (M&A) deals announced in July 2024. The post Cybersecurity M&A Roundup: 25 Deals Announced in July 2024 appeared first on SecurityWeek .SECURITYWEEK.COM
2 AugU.S. Releases High-Profile Russian Hackers in Diplomatic Prisoner ExchangeIn a historic prisoner exchange between Belarus, Germany, Norway, Russia, Slovenia, and the U.S., two Russian nationals serving time for cybercrime activities have been freed and repatriated to their country. This includes Roman Valerevich Seleznev and Vladislav Klyushin, who are…THEHACKERNEWS.COM
2 AugISC Stormcast For Friday, August 2nd, 2024 https://isc.sans.edu/podcastdetail/9080, (Fri, Aug 2nd)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
2 AugNCA Shuts Down Major Fraud Platform that Triggers 1.8 Million Scam CallsToday, the National Crime Agency (NCA) revealed the successful shutdown of Russian Coms, a sophisticated fraud platform responsible for defrauding thousands of victims worldwide. Established in 2021, this platform facilitated over 1.3 million scam calls to 500,000 unique UK phone…GBHACKERS.COM
2 AugBSides Joburg 2024submitted by ashar to security_cpe 1 points | 0 comments https://bsidesjoburg.co.za/wp-content/uploads/2024/03/JOBURG-Logo.png Born in 2009, BSides Security Conferences are community-driven events for cybersecurity professionals. They offer a welcoming space for individuals to pr…INFOSEC.PUB
2 AugThreat Intelligence: A Blessing and a Curse?Access to timely and accurate threat intelligence is essential for organizations, but it can be overwhelming to navigate the vast amount of available data and feeds. Balancing comprehensive information with relevance is crucial.HELPNETSECURITY.COM
2 AugMicrosoft Patched a Critical Edge Flaw that Led to Arbitrary Code ExecutionMicrosoft has addressed several critical vulnerabilities in its Chromium-based Edge browser. Users of the affected versions are strongly advised to update to the latest version to mitigate potential security risks. According to the Asec Ahnlab reports, the vulnerabilities were fo…GBHACKERS.COM
2 AugCloudflare Tunnels Abused for Malware DeliveryThreat actors are abusing Cloudflare’s TryCloudflare feature to create one-time tunnels for the distribution of remote access trojans. The post Cloudflare Tunnels Abused for Malware Delivery appeared first on SecurityWeek .SECURITYWEEK.COM
2 Augt2/2024 - Hacking a Satellite for Fun and Profit (Mario Polino)submitted by ashar to security_cpe 1 points | 0 comments https://t2.fi/wp-content/uploads/2020/07/cropped-t2_logo-content.png Hacking a Satellite for Fun and Profit Mario Polino @ mhackeroni A light-hearted and entertaining dive into our victorious adventure at Hack-A-Sat! Our pr…INFOSEC.PUB
2 AugSocial Media Malvertising Campaign Promotes Fake AI Editor Website for Credential TheftA recent malvertising campaign has been exposed, where threat actors take over social media pages, rebranding them as popular AI photo editors and posting malicious links to fake websites.TRENDMICRO.COM
2 AugStackExchange Abused to Spread Malicious PyPI Packages as AnswersThreat actors used StackExchange to promote malicious PyPi packages, including 'spl-types,' 'raydium,' 'sol-structs,' 'sol-instruct,' and 'raydium-sdk,' which steal data from browsers, messaging apps, and cryptocurrency wallets.BLEEPINGCOMPUTER.COM
2 AugProtect AI Raises $60 Million in Series B FundingAI and ML security provider Protect AI has raised $60 million in a Series B funding round led by Evolution Equity Partners. The post Protect AI Raises $60 Million in Series B Funding appeared first on SecurityWeek .SECURITYWEEK.COM
2 AugOff-Topic Fridaysubmitted by shellsharks to cybersecurity 1 points | 0 comments Wanna chat about something non-infosec amongst those of us who frequent /c/cybersecurity? Here’s your chance! (Keep things civil & respectful please)INFOSEC.PUB
2 AugNews alert: Security Risk Advisors launchs VECTR Enterprise Edition for ‘purple team’ benchmarkingPhiladelphia, PA, Aug. 1, 2024, CyberNewsWire — Security Risk Advisors (SRA) announces the launch of VECTR Enterprise Edition , a premium version of its widely-used VECTR platform for purple teams and adversary management program reporting and benchmarking. VECTR Enterprise…LASTWATCHDOG.COM
2 AugNew Research: Smaller Companies Receiving Higher Rates Of Phishing EmailsResearchers at Barracuda have found that smaller companies tend to receive a higher rate of phishing attacks spread across the organization, according to a report looking at the phishing attack surfaces of companies of different sizes.KNOWBE4.COM
2 AugThe European Union’s World-First Artificial Intelligence Rules Are Officially Taking EffectEU officials say the Artificial Intelligence Act will protect the “fundamental rights” of citizens while also encouraging investment and innovation in the booming AI industry. The post The European Union’s World-First Artificial Intelligence Rules Are Officially Taking Effect app…SECURITYWEEK.COM
2 AugIn Other News: European Banks Put to Test, Voting DDoS Attacks, Tenable Exploring SaleNoteworthy stories that might have slipped under the radar: over 100 European banks undergo cyber resilience test, DDoS attacks don’t impact voting, and Tenable exploring a potential sale. The post In Other News: European Banks Put to Test, Voting DDoS Attacks, Tenable Exploring …SECURITYWEEK.COM
2 Aug10 Security Researcher Qualities Marketers Should Adopt - Dani Woolf - ESW #370There's plenty of content out there detailing how vendors fall short: - scummy, aggressive sales tactics - overuse of jargon and buzzwords - sneaky sales tactics - dumping on competitors - products that fall far short of claims - ambulance chasing So what *should* they doing? In …YOUTUBE.COM
2 AugCybersecurity's Love Affair with Distractions - Fred Wilmot - ESW #370Remember 20 years ago? When we were certain SIEMs would grant our cybersecurity teams superpowers? Or 10 years ago, when we were sure that NGAV would put an end to malware as we knew it? Or 15 years ago, when we were sure that application control would put an end to malware as we…YOUTUBE.COM
2 AugFunding, Cato, Code42, DoS Robots, and Blackhat Prep - ESW #370This week, in the enterprise security news, 1. over half a billion in funding, as everyone gets their pre-Blackhat announcements out! 2. Mimecast picks up Code42 3. Will Cato Networks IPO? 4. Canarytokens update 5. We still have some crowdstrike fallout to discuss 6. CISO respons…YOUTUBE.COM
2 AugAPT28 Targets Diplomats with HeadLace Malware via Car Sale Phishing LureA Russia-linked threat actor has been linked to a new campaign that employed a car for sale as a phishing lure to deliver a modular Windows backdoor called HeadLace. "The campaign likely targeted diplomats and began as early as March 2024," Palo Alto Networks Unit 42 said in a re…THEHACKERNEWS.COM
2 AugPrisoner Swap Includes Russian Hackers and KGB AssassinIncluded among the U.S. prisoners being sent back to Russia in the swap are two prominent convicted hackers, both of whom were serving lengthy sentences, and a KGB assassin.KNOWBE4.COM
2 AugTaco Bell AI, Azure, Scams, AI Emails, IBM, Crowdstrike, Aaran Leyland, and More... - SWN #403Taco Bell AI, Azure, Scams, AI Emails, IBM, Crowdstrike, I try to be more succinct, Aaran Leyland, and More on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-403YOUTUBE.COM
2 AugFriday Squid Blogging: Treating Squid ParasitesA newly discovered parasite that attacks squid eggs has been treated . Blog moderation policy.SCHNEIER.COM
2 AugThe Promise and Perils of Building AI Into Your Business ApplicationsA comprehensive security solution will help you confidently build AI-powered apps by securing your journey to AI, from design to build to run. The post The Promise and Perils of Building AI Into Your Business Applications appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
🌐 CYBER THREAT LANDSCAPE 3[−]
2 AugCybercriminals Abusing Cloudflare Tunnels to Evade Detection and Spread MalwareCybersecurity companies are warning about an uptick in the abuse of Clouflare's TryCloudflare free service for malware delivery. The activity, documented by both eSentire and Proofpoint, entails the use of TryCloudflare to create a one-time tunnel that acts as a conduit to relay …THEHACKERNEWS.COM
2 AugFake AI editor ads on Facebook push password-stealing malwareA Facebook malvertising campaign targets users searching for AI image editing tools and steals their credentials by tricking them into installing fake apps that mimic legitimate software. [...]BLEEPINGCOMPUTER.COM
📡 INFOSEC NEWS 20[−]
2 AugCredo AI Raises $21M to Help Enterprises Deploy AI Safely and ResponsiblyCredo AI, a startup specializing in artificial intelligence governance software, recently closed a $21 million Series B funding round led by CrimsoNox Capital, Mozilla Ventures, and FPV Ventures.SILICONANGLE.COM
2 AugMalicious Package Hidden in PyPI DiscoveredThe FortiGuard Labs team has discovered a malicious PyPI package that poses a significant risk to individuals and institutions by potentially leaking credentials and sensitive information.FORTINET.COM
2 AugU.S. Trades Cybercriminals to Russia in Prisoner SwapTwenty-four prisoners were freed today in an international prisoner swap between Russia and Western countries. Among the eight Russians repatriated were five convicted cybercriminals. In return, Russia has reportedly released 16 prisoners, including Wall Street Journal reporter E…KREBSONSECURITY.COM
2 AugHomebrew Security Audit Finds 25 VulnerabilitiesA security audit sponsored by the Open Tech Fund in August 2023 revealed 25 vulnerabilities in Homebrew. The audit found issues that could have allowed attackers to execute code, modify builds, control CI/CD workflows, and access sensitive data.BREW.SH
2 AugSuspects in 'Russian Coms' Spoofing Service Arrested in London, as NCA Announces TakedownThe caller ID spoofing service, which was established in 2021, is believed to have caused financial losses in the tens of millions and had around 170,000 victims in Britain.THERECORD.MEDIA
2 AugCrowdStrike Investors File Class Action Suit Following Global IT OutageThe Plymouth County Retirement Association claims the company misrepresented the effectiveness of its software platform and quality control procedures. The lawsuit alleges that CrowdStrike did not adequately test its software.CYBERSECURITYDIVE.COM
2 AugUK Cops Shut Down Global Call Spoofing Outlet That Scammed 170k-Plus VictimsPACKETSTORMSECURITY.COM
2 AugTechCrunch Minute: Why did Wiz walk away from $23 billion?As widely reported, Wiz recently said no to a $23 billion acquisition offer from Google. At that price, it would have been Google’s biggest acquisition ever. It’s possible the Google team got cold feet during due diligence, or there may have been concerns that regulators wo…TECHCRUNCH.COM
2 AugDuckDuckGo blocked in Indonesia over porn, gambling search resultsPrivacy-focused search engine DuckDuckGo has been blocked in Indonesia by its government after citizens reportedly complained about pornographic and online gambling content in its search results. [...]BLEEPINGCOMPUTER.COM
2 AugEven Linux users should take a look at this Microsoft KB article., (Fri, Aug 2nd)Secure boot has been a standard feature since at least Windows 8. As the name implies, the feature protects the boot process. The integrity of the boot process is ensured by digitally signing any software ("firmware") used during the boot process. As with any digital signature, t…ISC.SANS.EDU
2 AugWhat is an adversary-in-the-middle attack, and how is it used in phishing?Cybercriminals are using AitM techniques to compromise accounts of company executives. How do they do this, and how to protect against it?KASPERSKY.COM
2 AugGoogle Chrome warns uBlock Origin may soon be disabledGoogle Chrome is now encouraging uBlock Origin users who have updated to the latest version to switch to other ad blockers before Manifest v2 extensions are disabled [...]BLEEPINGCOMPUTER.COM
2 AugUS sues TikTok for violating children privacy protection lawsThe U.S. Department of Justice has filed a lawsuit against social media platform TikTok and its parent company, ByteDance, alleging widespread violations of children's privacy laws. [...]BLEEPINGCOMPUTER.COM
2 AugGoogle Chrome bug breaks drag and drop from Downloads bubbleA recent Google Chrome update has broken the drag-and-drop feature in the Downloads bubble that previously allowed you to drag and drop downloaded files onto any website or tab in the browser. [...]BLEEPINGCOMPUTER.COM
2 AugWhat Are Scrapers and Why Should You Care?AI-driven data miners and scraper bots are everywhere, and many of them are NOT harmless.F5.COM
2 AugWhat Are Scrapers and Why Should You Care?Data miners and scraper bots are everywhere, feeding AI LLMs and more, and many of them are NOT harmless.F5.COM
2 AugWhat Are Scrapers and Why Should You Care?Data miners and scraper bots are everywhere, feeding AI LLMs and more, and many of them are NOT harmless.F5.COM