83Articles
8Categories
2024-08-08Date
🐛 COMMON VULNERABILITIES AND EXPOSURES 15[−]
8 AugCritical Security Flaw in WhatsUp Gold Under Active Attack - Patch NowA critical security flaw impacting Progress Software WhatsUp Gold is seeing active exploitation attempts, making it essential that users move quickly to apply the latest. The vulnerability in question is CVE-2024-4885 (CVSS score: 9.8), an unauthenticated remote code execution bu…THEHACKERNEWS.COM
8 AugRoundcube Flaws Allow Easy Email Account Compromise (CVE-2024-42009, CVE-2024-42008)Roundcube's vulnerabilities (CVE-2024-42009, CVE-2024-42008) allow attackers to compromise email accounts easily. The two cross-site scripting flaws could lead to the theft of emails, contacts, and passwords, and the sending of unauthorized emails.HELPNETSECURITY.COM
8 AugWindows Downgrade Attack Risks Exposing Patched Systems to Old VulnerabilitiesMicrosoft said it is developing security updates to address two loopholes that it said could be abused to stage downgrade attacks against the Windows update architecture and replace current versions of the Windows files with older versions. The vulnerabilities are listed below - …THEHACKERNEWS.COM
8 AugBack to the future: Windows Update is now a trojan horse for hackersA recent discovery has revealed a serious flaw in Microsoft’s Windows Update. Instead of protecting computers, it can be tricked into installing older, vulnerable operating system versions. This allows hackers to bypass security measures and attack computers even if they have the…CSOONLINE.COM
8 AugCritical Progress WhatsUp Gold RCE Flaw Now Under Active ExploitationThreat actors are actively exploiting a critical remote code execution vulnerability in Progress WhatsUp Gold 23.1.2 and older versions, identified as CVE-2024-4885 with a CVSS v3 score of 9.8.BLEEPINGCOMPUTER.COM
8 AugChromium: CVE-2024-7550 Type Confusion in V8This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
8 AugChromium: CVE-2024-7536 Use after free in WebAudioThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
8 AugChromium: CVE-2024-7533 Use after free in SharingThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
8 AugChromium: CVE-2024-7532 Out of bounds memory access in ANGLEThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
8 AugChromium: CVE-2024-7535 Inappropriate implementation in V8This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
8 AugChromium: CVE-2024-7534 Heap buffer overflow in LayoutThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
8 AugCVE-2024-38200 Microsoft Office Spoofing VulnerabilityInformation published.MSRC.MICROSOFT.COM
⚠️ VULNERABILITY DISCLOSURE 26[−]
8 AugEU’s DORA regulation explained: New risk management requirements for financial firmsWhat is the Digital Operational Resilience Act (DORA)? The Digital Operational Resilience Act (DORA) is designed to “consolidate and upgrade ICT [information and communications technology] risk requirements” across the financial entities to ensure all firms are “subject to a comm…CSOONLINE.COM
8 AugSEC Ends Probe Into MOVEit Attacks Impacting 95 Million PeopleThe SEC has closed its investigation into Progress Software's handling of a zero-day flaw in MOVEit Transfer. Progress Software announced in a recent SEC filing that no enforcement action will be recommended by the Division of Enforcement.BLEEPINGCOMPUTER.COM
8 AugAWS Patches Vulnerabilities Potentially Allowing Account TakeoversAWS has patched vulnerabilities in several products, including flaws that could have been exploited to take over accounts. The post AWS Patches Vulnerabilities Potentially Allowing Account Takeovers appeared first on SecurityWeek .SECURITYWEEK.COM
8 AugResearcher Discovers Downgrade Attack Abusing Windows Update ProcessA security researcher at SafeBreach demonstrated at the Black Hat 2024 conference that two zero-day vulnerabilities can be exploited in downgrade attacks to revert fully updated Windows systems back to older versions, reintroducing vulnerabilities.SAFEBREACH.COM
8 AugRonin Network Hacked, $12 Million Returned by “White Hat” HackersRonin Network was hacked, resulting in the withdrawal of $12 million by "white hat" hackers who returned the stolen funds. The hackers exploited an undocumented vulnerability on the Ronin bridge, withdrawing 4,000 ETH and 2 million USDC.BLEEPINGCOMPUTER.COM
8 Aug0.0.0.0 Day: Exploiting Localhost APIs From the Browsersubmitted by kid to cybersecurity 1 points | 0 comments https://www.oligo.security/blog/0-0-0-0-day-exploiting-localhost-apis-from-the-browserOLIGO.SECURITY
8 AugFBI and CISA Uncover Updated TTPs and Activity of the BlackSuit Ransomware GroupThe BlackSuit ransomware group gains access through phishing campaigns, RDP, and vulnerability exploits, using tools like Chisel and Mimikatz for communication and credential theft.SECURITYAFFAIRS.COM
8 Aug2024 Phishing Insights: What 11.9 Million User Behaviors Reveal About Your RiskYour secret weapon to combat cyber threats might be just under your nose! Cybercriminals continue to exploit vulnerabilities while upping their game with new and more sinister attack methods. The human firewall is your cybersecurity ace in the hole.KNOWBE4.COM
8 AugNexera DeFi Protocol Hacked: $1.8M Stolen in Major Smart Contract Exploitsubmitted by kid to cybersecurity 3 points | 0 comments https://hackread.com/nexera-defi-protocol-hacked-smart-contract-exploit/HACKREAD.COM
8 AugCritical AWS Vulnerabilities Allow S3 Attack Bonanzasubmitted by kid to cybersecurity 3 points | 0 comments https://www.darkreading.com/remote-workforce/critical-aws-vulnerabilities-allow-s3-attack-bonanzaDARKREADING.COM
8 AugVulnerabilities Exposed Widely Used Solar Power Systems to Hacking, DisruptionVulnerabilities found in solar power systems could have been exploited by hackers to cause disruption and possibly blackouts. The post Vulnerabilities Exposed Widely Used Solar Power Systems to Hacking, Disruption appeared first on SecurityWeek .SECURITYWEEK.COM
8 AugSTAC6451 Hacker Hijacking Microsoft SQL Servers to Compromise OrganizationsA sophisticated threat activity cluster, STAC6451, has been identified targeting Microsoft SQL servers. This cluster, primarily observed by Sophos Managed Detection and Response (MDR) teams, has compromised organizations by exploiting SQL server vulnerabilities. The attackers hav…GBHACKERS.COM
8 AugADT confirms data breach after customer info leaked on hacking forumADT Inc. disclosed via a Form 8-K filing at the U.S. Securities and Exchange Commission (SEC) that hackers have gained access to its systems, which hold customer order details. [...]BLEEPINGCOMPUTER.COM
8 Aug0.0.0.0 Day: 18-Year-Old Browser Vulnerability Impacts MacOS and Linux DevicesCybersecurity researchers have discovered a new "0.0.0.0 Day" impacting all major web browsers that malicious websites could take advantage of to breach local networks. The critical vulnerability "exposes a fundamental flaw in how browsers handle network requests, potentially gra…THEHACKERNEWS.COM
8 AugCISA Releases One Industrial Control Systems AdvisoryCISA released one Industrial Control Systems (ICS) advisory on August 8, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-221-01 Dorsett Controls InfoScan CISA encourages users and administrato…CISA.GOV
8 Aug18-year-old security flaw in Firefox and Chrome exploited in attacksA vulnerability disclosed 18 years ago, dubbed "0.0.0.0 Day", allows malicious websites to bypass security in Google Chrome, Mozilla Firefox, and Apple Safari and interact with services on a local network. [...]BLEEPINGCOMPUTER.COM
8 AugPhishers have figured out that everyone is afraid of HRThe most effective subject lines for phishing attacks are focused on things that employees tend to be scared to ignore, such as “HR”, “IT”, and “DropBox file shared”, based on a Q2 2024 top-clicked phishing report issued Wednesday from KnowBe4. “HR is the scariest phishing tool i…CSOONLINE.COM
8 AugCrowdStrike Dismisses Claims of Exploitability in Falcon Sensor BugCrowdStrike dismissed claims that the Falcon EDR sensor bug could be exploited for privilege escalation or remote code execution. The post CrowdStrike Dismisses Claims of Exploitability in Falcon Sensor Bug appeared first on SecurityWeek .SECURITYWEEK.COM
8 AugExploit released for Cisco SSM bug allowing admin password changesCisco warns that exploit code is now available for a maximum severity vulnerability that lets attackers change any user password on unpatched Cisco Smart Software Manager On-Prem (Cisco SSM On-Prem) license servers. [...]BLEEPINGCOMPUTER.COM
8 Aug KEVCISA warns about actively exploited Apache OFBiz RCE flawThe U.S. Cybersecurity & Infrastructure Security Agency is warning of two vulnerabilities exploited in attacks, including a path traversal impacting Apache OFBiz. [...]BLEEPINGCOMPUTER.COM
8 AugNew Phishing Campaign Targets Israeli Organizations To Deliver MalwareA new phishing campaign is targeting Israeli organizations to deliver the RHADAMANTHYS information-stealing malware, Cyber Security News reports.KNOWBE4.COM
8 AugS3 shadow buckets leave AWS accounts open to compromiseResearchers have found a new way to attack AWS services or third-party projects that automatically provision AWS S3 storage buckets. Dubbed Shadow Resource, the new attack vector can result in AWS account takeover, remote code execution, or sensitive data leaks. Researchers from …CSOONLINE.COM
8 AugCisco warns of critical RCE zero-days in end of life IP phonesCisco is warning of multiple critical remote code execution zero-days in the web-based management interface of the end-of-life Small Business SPA 300 and SPA 500 series IP phones. [...]BLEEPINGCOMPUTER.COM
8 AugSecurity bugs in ransomware leak sites helped save six companies from paying hefty ransomsThe vulnerabilities allowed one security researcher to peek inside the leak sites without having to log in. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
8 AugChained for attack: OpenVPN vulnerabilities discovered leading to RCE and LPEMicrosoft researchers found multiple vulnerabilities in OpenVPN that could lead to an attack chain allowing remote code execution and local privilege escalation. This attack chain could enable attackers to gain full control over targeted endpoints, potentially resulting in data b…MICROSOFT.COM
📋 SECURITY BULLETINS 2[−]
8 AugTor Browser 13.5.2 Released: What’s New!The Tor Project has announced the release of Tor Browser 13.5.2, now available for download from the Tor Browser download page and the distribution directory. This latest version brings crucial security updates and several enhancements to improve user experience and security. Key…GBHACKERS.COM
8 AugCritical Cisco Small Business IP Phone Flaws Exposes Users to Remote AttacksCisco has issued a security advisory warning users of its Small Business SPA300 and SPA500 Series IP Phones about multiple critical vulnerabilities that could allow remote attackers to execute arbitrary commands or cause denial of service (DoS) conditions. These vulnerabilities a…GBHACKERS.COM
📢 SECURITY ADVISORIES 6[−]
8 AugFBI and CISA Warn of BlackSuit Ransomware That Demands Up to $500 MillionThe ransomware strain known as BlackSuit has demanded as much as $500 million in ransoms to date, with one individual ransom demand hitting $60 million. That's according to an updated advisory from the U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal B…THEHACKERNEWS.COM
8 AugBest Practices for Cisco Device ConfigurationIn recent incidents, CISA has seen malicious cyber actors acquire system configuration files by leveraging available protocols or software on devices, such as abusing the legacy Cisco Smart Install feature. CISA recommends organizations disable Smart Install and review NSA’s Smar…CISA.GOV
8 AugCISA warns of hackers abusing Cisco Smart Install featureCISA recommends disabling the legacy Cisco Smart Install feature after seeing it abused by threat actors in recent attacks to steal sensitive data, such as system configuration files. [...]BLEEPINGCOMPUTER.COM
🔥 INCIDENT REPORTING 7[−]
8 Aug2.9 billion hit in one of the largest data breaches ever — full names, addresses and SSNs exposedsubmitted by return2ozma to cybersecurity 1 points | 0 comments https://www.tomsguide.com/computing/online-security/29-billion-hit-in-one-of-largest-data-breaches-ever-full-names-addresses-and-ssns-exposedTOMSGUIDE.COM
8 AugBotnet 7777: Are You Betting on a Compromised Router?submitted by kid to cybersecurity 1 points | 0 comments https://www.team-cymru.com/post/botnet-7777-are-you-betting-on-a-compromised-routerTEAM-CYMRU.COM
8 AugEasterly: Potential Chinese cyberattack could unfold like CrowdStrike errorsubmitted by kid to cybersecurity 3 points | 0 comments https://cyberscoop.com/easterly-crowdstrike-china-volt-typhoon/CYBERSCOOP.COM
8 AugHome security giant ADT says it was hackedThe home security company says attackers accessed databases containing customer home addresses, email addresses, and phone numbers. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
8 AugAfter the Dust Settles: Post-Incident ActionsAfter a cybersecurity incident, what should organizations do to learn from it and improve their security posture for the future? The post After the Dust Settles: Post-Incident Actions appeared first on SecurityWeek .SECURITYWEEK.COM
8 AugHow to Weaponize Microsoft Copilot for Cyberattackerssubmitted by kid to cybersecurity 1 points | 0 comments https://www.darkreading.com/application-security/how-to-weaponize-microsoft-copilot-for-cyberattackersDARKREADING.COM
8 AugSEC Report Provides Insight into Key Tronic Ransomware Costs Totaling Over $17 MillionThe financial repercussions of the May 2024 ransomware attack on the electronics manufacturing services firm Key Tronic underscores just how costly these attacks are.KNOWBE4.COM
🕵️ THREAT INTELLIGENCE 14[−]
8 AugAlibaba's T-Head C910 RISC-V chips blow away all securitysubmitted by Alphane_Moon to cybersecurity 2 points | 0 comments https://www.theregister.com/2024/08/07/riscv_business_thead_c910_vulnerable/ cross-posted from: lemmy.world/post/18403918 Research Paper: RISCVuzz: Discovering Architectural CPU Vulnerabilities via Differential Hard…THEREGISTER.COM
8 AugRecord Breaking DDoS Attack 419 TB of Malicious Traffic Within 24-HoursA record-breaking Distributed Denial of Service (DDoS) attack unleashed 419 terabytes of malicious traffic over 24 hours. This unprecedented event, which began at 8:05 UTC on July 15, 2024, targeted a financial services company in Israel, showcasing the evolving threat landscape …GBHACKERS.COM
8 AugMusk’s X under scrutiny in Europe for data privacy practicesElon Musk’s X platform faces legal action in Ireland, with the Data Protection Commission (DPC) filing High Court proceedings over concerns related to the handling of European users’ personal data. DPC has raised concerns about X’s use of public posts from the European Union and …COMPUTERWORLD.COM
8 AugISC Stormcast For Thursday, August 8th, 2024 https://isc.sans.edu/podcastdetail/9088, (Thu, Aug 8th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
8 AugPhishing Attacks Can bypass Microsoft 365 Email Safety Warningssubmitted by kid to cybersecurity 2 points | 0 comments https://hackread.com/phishing-bypass-microsoft-365-email-safety-warnings/HACKREAD.COM
8 AugUS Offering $10 Million Reward for Iranian ICS HackersThe US is offering up to $10 million for Iranian individuals accused of hacking water utility industrial control systems last year. The post US Offering $10 Million Reward for Iranian ICS Hackers appeared first on SecurityWeek .SECURITYWEEK.COM
8 AugCloud Storage From Microsoft, Google Used in Malware AttacksSymantec's Threat Hunter Team has observed various espionage operations utilizing cloud services, like the backdoors GoGra and Grager targeting organizations in South Asia, South East Asia, Taiwan, Hong Kong, and Vietnam.THEREGISTER.COM
8 AugCritical Solar Power Grid Vulnerabilities Risk Global Blackoutssubmitted by kid to cybersecurity 1 points | 0 comments https://hackread.com/solar-power-grid-vulnerabilities-risk-global-blackouts/HACKREAD.COM
8 AugStolen Credentials Have Turned SaaS Apps Into Attackers’ PlaygroundsSaaS app log analysis highlights the rapid smash and grab raid: in, steal, and leave in 30 minutes. The post Stolen Credentials Have Turned SaaS Apps Into Attackers’ Playgrounds appeared first on SecurityWeek .SECURITYWEEK.COM
8 AugImmutability in Cybersecurity: A Layer of Security Amidst Complexity and MisconceptionsIn modern security parlance, ‘immutable’ has three primary associations: immutable servers, immutable backup, and immutable data. The post Immutability in Cybersecurity: A Layer of Security Amidst Complexity and Misconceptions appeared first on SecurityWeek .SECURITYWEEK.COM
8 AugUniversity Professors Targeted by North Korean Cyber Espionage GroupThe North Korea-linked threat actor known as Kimsuky has been linked to a new set of attacks targeting university staff, researchers, and professors for intelligence gathering purposes. Cybersecurity firm Resilience said it identified the activity in late July 2024 after it obser…THEHACKERNEWS.COM
8 AugThings Not to Miss at BH/DC/Bsides - PSW #838Learn what is most interesting at hacker summer camp this year! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-838YOUTUBE.COM
8 AugDowngrades and Attacking Security Things - PSW #838This week, Downgrade attacks, bootloader fun, check your firmware before you wreck your firmware, you've got mail server issues, Ivanti is the new Rhianna, you should update your BIOS, Openwrt dominates, and attacking the security tools for fun and profit! Visit https://www.secur…YOUTUBE.COM
8 AugUS dismantles laptop farm used by undercover North Korean IT workers​​The U.S. Justice Department arrested a Nashville man charged with helping North Korean IT workers obtain remote work at companies across the United States and operating a laptop farm they used to pose as U.S.-based individuals. [...]BLEEPINGCOMPUTER.COM
🌐 CYBER THREAT LANDSCAPE 2[−]
8 AugOver $40 million recovered and arrests made within days of firm realising it had fallen for Business Email Compromise scamAccording to the FBI, billions of dollars have been lost through Business Email Compromise (BEC) attacks in recent years, so you may well think that there is little in the way of good news. However, it has been revealed this week that police managed to recover more than US $40 mi…TRIPWIRE.COM
📡 INFOSEC NEWS 11[−]
8 AugUnlock the Future of Cybersecurity: Exclusive, Next Era AI Insights and Cutting-Edge Training at SANS Network Security 2024The Immersive Experience Happening This September in Las Vegas!In an era of relentless cybersecurity threats and rapid technological advancement, staying ahead of the curve is not just a necessity, but critical. SANS Institute, the premier global authority in cybersecurity traini…THEHACKERNEWS.COM
8 AugHow to protect yourself from surveillance that uses AirTag beacons or similar devices (on either Android or iOS) | Kaspersky official blogTools to detect surveillance via Bluetooth tags are now available for both Android and iOS.KASPERSKY.COM
8 AugMicrosoft 365 Anti-Phishing Feature can be Bypassed with CSSA flaw in Microsoft 365's anti-phishing feature allows attackers to hide the 'First Contact Safety Tip' warning in Outlook emails using CSS, increasing the risk of users falling for malicious emails.BLEEPINGCOMPUTER.COM
8 AugNew Phishing Scam Uses Google Drawings and WhatsApp Shortened LinksCybersecurity researchers have discovered a novel phishing campaign that leverages Google Drawings and shortened links generated via WhatsApp to evade detection and trick users into clicking on bogus links designed to steal sensitive information. "The attackers chose a group of t…THEHACKERNEWS.COM
8 AugAutomated Security Validation: One (Very Important) Part of a Complete CTEM FrameworkThe last few years have seen more than a few new categories of security solutions arise in hopes of stemming a never-ending tidal wave of risks. One of these categories is Automated Security Validation (ASV), which provides the attacker’s perspective of exposures and equips secur…THEHACKERNEWS.COM
8 AugAlibaba's T-Head C910 RISC-V Chips Found Vulnerable to GhostWrite AttackAlibaba's T-Head C910 RISC-V CPUs have been found to have serious security flaws by computer security researchers at the CISPA Helmholtz Center for Information Security in Germany.THEREGISTER.COM
8 AugMicrosoft: Exchange 2016 reaches extended end of support in October​Microsoft reminded today that Exchange 2016 will reach the end of extended support next year on October 14 and shared guidance for admins who need to decommission outdated servers. [...]BLEEPINGCOMPUTER.COM
8 AugBlack Hat USA 2024: How cyber insurance is shaping cybersecurity strategiesCyber insurance is not only a safety net, but it can also be a catalyst for advancing security practices and standardsWELIVESECURITY.COM