🐛 COMMON VULNERABILITIES AND EXPOSURES 3[−]
9 AugMongoDB Vulnerabilities Let Attackers Escalate PrivilegesMongoDB has disclosed a critical vulnerability that could allow attackers to escalate privileges on systems running certain versions of MongoDB. This vulnerability, CVE-2024-7553, affects multiple versions of MongoDB Server, C Driver, and PHP Driver. The flaw stems from incorrect…GBHACKERS.COM
9 AugCritical 1Password flaws may allow hackers to snatch your passwords (CVE-2024-42219, CVE-2024-42218)submitted by kid to cybersecurity 1 points | 0 comments https://www.helpnetsecurity.com/2024/08/09/cve-2024-42219-cve-2024-42218/HELPNETSECURITY.COM
9 Aug5 key takeaways from Black Hat USA 2024The infosecurity world came together in Las Vegas this week for Black Hat USA 2024 , offering presentations and product announcements that will give CISOs plenty to consider. Here are the top takeaways CISOs should keep in mind when adapting their cybersecurity strategies going f…CSOONLINE.COM
⚠️ VULNERABILITY DISCLOSURE 33[−]
9 AugA Dive into Earth Baku’s Latest CampaignSince late 2022, Earth Baku has broadened its scope from the Indo-Pacific region to Europe, the Middle East, and Africa. Their latest operations demonstrate sophisticated techniques, such as exploiting public-facing applications like IIS servers for initial access and deploying t…TRENDMICRO.COM
9 AugCISA Warns of Hackers Exploiting Legacy Cisco Smart Install FeatureThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has disclosed that threat actors are abusing the legacy Cisco Smart Install (SMI) feature with the aim of accessing sensitive data. The agency said it has seen adversaries "acquire system configuration files by leve…THEHACKERNEWS.COM
9 AugOne of the largest data breaches in history? Cyber Security Today for Friday, August 9th, 2024Massive Data Breach, Outlook's Phishing Risk, and Windows Downgrade Attack Vulnerabilities In this episode of Cybersecurity Today, host Jim Love delves into one of the largest data breaches in history involving 2.9 billion records leaked without user consent by National Public Da…CYBERSECURITYTODAY.LIBSYN.COM
9 AugHackers Exploit iOS Settings to Trigger Fake iOS Updates on Hijacked DevicesA sophisticated mobile attack vector involves a deceptive iOS update that masquerades as the legitimate iOS 18, tricking users into installing malicious code. The persistence mechanism allows threat actors to maintain covert control over the compromised device, facilitating…GBHACKERS.COM
9 AugExclusive: CrowdStrike eyes Action1 for $1B amid fallout from Falcon update mishapCybersecurity giant CrowdStrike is in talks to acquire Action1, a cloud-based patch management and vulnerability remediation company for close to $1 billion. According to a source close to the matter who requested anonymity, Alex Vovk, CEO and co-founder of Action1 shared this ne…CSOONLINE.COM
9 AugWindows Zero-day Flaw Let Hackers Downgrade Fully Updated Systems To Old VulnerabilitiesEvery software and operating system vendor has been implementing security measures to protect their products. This is due to the fact that threat actors require a lot of time to find a zero-days but require less time to find a readily available exploit for a vulnerable software. …GBHACKERS.COM
9 AugGhostWrite Vulnerability Let Hackers Read And Write Any Part Of The Computer’s MemorySuch is the industry, that RISC-V, an open and extensible instruction set architecture (ISA) has now invaded the CPU market, opening up many opportunities for new entrants. It has gained a lot of traction through Linux kernel support as well as being adopted by consumer devices a…GBHACKERS.COM
9 AugResearchers Unveil AWS Vulnerabilities, New 'Shadow Resource' Attack VectorThe vulnerabilities were promptly patched by AWS after being reported by Aqua Security researchers. These flaws in services like CloudFormation, CodeStar, and Service Catalog could potentially lead to a full account takeover if exploited.TECHTARGET.COM
9 AugVulnerability Allowed Eavesdropping via Sonos Smart SpeakersSonos has patched vulnerabilities in its smart speakers, including a serious flaw that could have been exploited to eavesdrop on users. The post Vulnerability Allowed Eavesdropping via Sonos Smart Speakers appeared first on SecurityWeek .SECURITYWEEK.COM
9 AugOpenWrt Dominates, but Vulnerabilities Persist in OT/IoT Router FirmwareA Forescont study showed that outdated software components in OT/IoT cellular routers and SOHO routers are linked to known vulnerabilities, with an average of 20 exploitable n-days affecting the kernel in widely used firmware images.HELPNETSECURITY.COM
9 AugRustScan: Open-Source Port ScannerRustScan is a fast and versatile open-source port scanner with Adaptive Learning for optimal performance. It can scan all 65,000 ports in 3 seconds and supports a scripting engine for customization.HELPNETSECURITY.COM
9 Aug6 IT risk assessment frameworks comparedTechnology is one of the greatest assets companies have, essential to running or supporting many business processes. It’s also one of the biggest risks. That’s why IT risk assessment frameworks are vital. IT risk assessments enable organizations to evaluate the risks their system…CSOONLINE.COM
9 AugNot SOCRadar - 282,478,425 breached accountsIn August 2024, over 332M rows of email addresses were posted to a popular hacking forum. The post alleged the addresses were scraped from cybersecurity firm SOCRadar, however an investigation on their behalf concluded that "the actor merely utilised functionalities inherent…HAVEIBEENPWNED.COM
9 AugRansomware Drill Targets Healthcare in Operation 911A ransomware drill focused on healthcare called Operation 911 was conducted at Black Hat USA 2024 by Las Vegas law enforcement, the FBI, and Semperis. During the drill, a simulated ransomware attack targeted a fictitious hospital.INFOSECURITY-MAGAZINE.COM
9 Aug KEVCISA Warns of Cisco Smart Install Feature Actively Exploited by HackersThe Cybersecurity and Infrastructure Security Agency (CISA) has raised alarms over malicious cyber actors’ active exploitation of the Cisco Smart Install feature. This legacy feature, originally designed to simplify the deployment of new switches, is now being leveraged by …GBHACKERS.COM
9 AugPhishing Attack Exploits Google, WhatsApp to Steal DataThe attack begins with a phishing email that directs recipients to what appears to be an Amazon account verification link. However, this link is a deceptive graphic hosted on Google Drawings, a component of the Google Workspace suite.INFOSECURITY-MAGAZINE.COM
9 AugNew Ransomware Groups Emerge Despite CrackdownsAccording to a report by Rapid7, a total of 21 new or rebranded groups have emerged since January 2024, alongside existing groups like LockBit, which has survived law enforcement crackdowns.INFOSECURITY-MAGAZINE.COM
9 AugCritical Jenkins Vulnerabilities Expose Servers To RCE AttackJenkins, an open source automation server, has been found to have two security issues, one of which is a critical flaw that, if exploited, might lead to remote code execution (RCE). An attacker may be able to read arbitrary files from the Jenkins controller file system, which cou…GBHACKERS.COM
9 AugWarnings Issued Over Cisco Device Hacking, Unpatched VulnerabilitiesCISA is warning organizations about abuse of Cisco Smart Install feature, as Cisco is notifying customers about critical phone vulnerabilities it’s not patching. The post Warnings Issued Over Cisco Device Hacking, Unpatched Vulnerabilities appeared first on SecurityWeek .SECURITYWEEK.COM
9 AugConfusion Attacks Vulnerability In Apache HTTP Server Allow Attackers To Gain Root Access RemotelyThe Apache HTTP Server relies on hundreds of independently developed modules to handle client requests, sharing a complex data structure for communication. While modularity promotes specialization, the lack of standardized interfaces, coupled with the massive scale of the system,…GBHACKERS.COM
9 AugNorth Korean Kimusky Group Attacking University ProfessorsKimsuky, a North Korean APT group, employs targeted phishing campaigns, leveraging DMARC exploitation to conceal social engineering, infiltrate university networks, and steal research for the Reconnaissance General Bureau. It aligns with North Korea’s goal of intelligence a…GBHACKERS.COM
9 Aug0.0.0.0 Day – 18 Yr Old Vulnerability Allow Attackers to Bypass All Browser SecurityThreat actors often target and exploit security flaws in web browsers, as exploiting flaws in web browsers enables them to gain unauthorized access and perform several illicit activities. Not only that, threat actors also get a wide attack surface with minimal effort by exploitin…GBHACKERS.COM
9 AugThreat Actors Exploiting Windows Systems To Deploy Multiple MalwaresA sophisticated phishing campaign targeting Windows systems leverages multiple evasion techniques, including Python obfuscation, shellcode generation, and loading, to deploy a payload of malware. This multi-stage attack, disguised as a customer service request, delivers mal…GBHACKERS.COM
9 AugNew Flaws in Sonos Smart Speakers Allow Hackers to Eavesdrop on UsersCybersecurity researchers have uncovered weaknesses in Sonos smart speakers that could be exploited by malicious actors to clandestinely eavesdrop on users. The vulnerabilities "led to an entire break in the security of Sonos's secure boot process across a wide range of devices a…THEHACKERNEWS.COM
9 AugMalware force-installs Chrome extensions on 300,000 browsers, patches DLLsAn ongoing and widespread malware campaign force-installed malicious Google Chrome and Microsoft Edge browser extensions in over 300,000 browsers, modifying the browser's executables to hijack homepages and steal browsing history. [...]BLEEPINGCOMPUTER.COM
9 AugMicrosoft discloses Office zero-day, still working on a patchMicrosoft has disclosed a high-severity zero-day vulnerability affecting Office 2016 and later, which is still waiting for a patch. [...]BLEEPINGCOMPUTER.COM
9 AugAI Red Teaming and AI Safety - Amanda Minnich - ESW #371In this interview we explore the new and sometimes strange world of redteaming AI. I have SO many questions, like what *is* AI safety? We'll discuss her presence at Black Hat, where she delivered two days of training and participated on an AI safety panel. We'll also discuss the …YOUTUBE.COM
9 AugNew AMD SinkClose flaw helps install nearly undetectable malwareAMD is warning about a high-severity CPU vulnerability named SinkClose that impacts multiple generations of its EPYC, Ryzen, and Threadripper processors. The vulnerability allows attackers with Kernel-level (Ring 0) privileges to gain Ring -2 privileges and install malware that b…BLEEPINGCOMPUTER.COM
9 AugCSC ServiceWorks discloses data breach after 2023 cyberattackCSC ServiceWorks, a leading provider of commercial laundry services, has disclosed a data breach after the personal information of an undisclosed number of individuals was exposed in a 2023 cyberattack. [...]BLEEPINGCOMPUTER.COM
9 AugMicrosoft Reveals Four OpenVPN Flaws Leading to Potential RCE and LPEMicrosoft on Thursday disclosed four medium-severity security flaws in the open-source OpenVPN software that could be chained to achieve remote code execution (RCE) and local privilege escalation (LPE). "This attack chain could enable attackers to gain full control over targeted …THEHACKERNEWS.COM
9 Aug[WHOA] - This 'Unpatch Attack' Is A New One To Me!In a startling revelation at Black Hat 2024, SafeBreach security researcher Alon Leviev demonstrated a critical vulnerability in Windows systems, dubbed the "Windows Downdate" attack.KNOWBE4.COM
9 AugMicrosoft discloses unpatched Office flaw that exposes NTLM hashesMicrosoft has disclosed a high-severity vulnerability affecting Office 2016 that could expose NTLM hashes to a remote attacker. [...]BLEEPINGCOMPUTER.COM
📢 SECURITY ADVISORIES 7[−]
9 AugCISA Releases Guide to Enhance Software Security EvaluationsCISA has released a guide to enhance how organizations evaluate software manufacturers' security practices, emphasizing product security over enterprise security measures for defending against cyber threats.INFOSECURITY-MAGAZINE.COM
9 AugConsumer Reports Study Finds Data Removal Services are Often IneffectiveConsumer Reports cautioned against relying too heavily on data removal services, as many fall short of expectations despite high costs. The study highlighted the need for better protection of consumer data and stricter regulations on data brokers.THERECORD.MEDIA
9 AugLeaked MDM Credentials Exposes Commonly Laptops And Smartphones For HackingMobile Device Management (MDM) is a device management solution for laptops, tablets, and smartphones used by organizations to enable them to control and protect their employees’ mobile devices. Moreover, MDM has been developed with various tools that administrators can use …GBHACKERS.COM
9 AugRussia blocks Signal for 'violating' anti-terrorism lawsRussia's telecommunications watchdog Roskomnadzor has restricted access to the Signal encrypted messaging service for what it describes as violations of Russian anti-terrorism and anti-extremism legislation. [...]BLEEPINGCOMPUTER.COM
🔥 INCIDENT REPORTING 9[−]
9 AugDISPOSSESSOR And RADAR Ransomware Emerging With RaaS ModelRansomware affiliates are forming alliances to recoup losses from unreliable partners. A prominent example involves ALPHV extorting $22 million from Change Healthcare but withholding funds from its data exfiltration affiliate. To remedy this, the affiliate has reportedly pa…GBHACKERS.COM
9 AugRansomware Attack Costs loanDepot Almost $27 MillionThe $27 million in costs included insurance recoveries, investigation and remediation costs, customer notifications, legal fees, and settlement costs for a class-action lawsuit.SECURITYBOULEVARD.COM
9 AugPhysical Security Firm ADT Confirms Hack and Data BreachADT has confirmed that hackers have stolen information after 30,000 customer records were leaked recently. The post Physical Security Firm ADT Confirms Hack and Data Breach appeared first on SecurityWeek .SECURITYWEEK.COM
9 AugRussian cyber spies stole data and emails from UK government systemssubmitted by kid to cybersecurity 1 points | 0 comments https://securityaffairs.com/166795/intelligence/russia-hacked-uk-government-systems.htmlSECURITYAFFAIRS.COM
9 AugNumber of Incidents Affecting GitHub, Bitbucket, GitLab, and Jira Continues to RiseThe number of incidents affecting GitHub, Bitbucket, GitLab, and Jira is on the rise, leading to outages, human errors, cyberattacks, data breaches, ransomware, security vulnerabilities, and data loss for DevSecOps teams, according to GitProtect.io.HELPNETSECURITY.COM
9 AugHow to Weaponize Microsoft Copilot for CyberattackersCopilot is an AI-based chatbot used by enterprises to streamline tasks, but it can also be manipulated by attackers to steal data and conduct phishing scams without leaving a trace.DARKREADING.COM
9 AugHow a cybersecurity researcher befriended, then doxed, the leader of LockBit ransomware gangJon DiMaggio used sockpuppet accounts, then his own identity, to infiltrate LockBit and gain the trust of its alleged admin, Dmitry Khoroshev. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
9 AugEcovacs home robots can be hacked to spy on their owners, researchers sayResearchers found flaws that could allow anyone to spy on the owners of Ecovacs home robots by hijacking their cameras and microphones. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
🕵️ THREAT INTELLIGENCE 21[−]
9 AugISC Stormcast For Friday, August 9th, 2024 https://isc.sans.edu/podcastdetail/9090, (Fri, Aug 9th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
9 AugAuthorities Dismantled North Korean Remote IT Worker Laptop FarmAuthorities have dismantled a “laptop farm” in Nashville, Tennessee, allegedly used to support the Democratic People’s Republic of Korea’s (DPRK) weapons program. Matthew Isaac Knoot, 38, has been charged with multiple offenses, including conspiracy to cause damage to…GBHACKERS.COM
9 AugDOJ Charges Nashville Man for Helping North Koreans Get U.S. Tech JobsThe U.S. Department of Justice (DoJ) on Thursday charged a 38-year-old individual from Nashville, Tennessee, for allegedly running a "laptop farm" to help get North Koreans remote jobs with American and British companies. Matthew Isaac Knoot is charged with conspiracy to cause da…THEHACKERNEWS.COM
9 AugMicrosoft researchers report Iran hackers targeting US officials before electionsubmitted by kid to cybersecurity 1 points | 0 comments https://www.reuters.com/technology/cybersecurity/microsoft-researchers-report-iran-hackers-targeting-us-officials-before-election-2024-08-09/REUTERS.COM
9 AugDelta: CrowdStrike’s offer for help too little, too latesubmitted by kid to cybersecurity 1 points | 0 comments https://www.theregister.com/2024/08/08/delta_crowdstrikes_offer_for_help/THEREGISTER.COM
9 Aug[Crosspost from !appsec] Looking for a new training/certification. People who did OSWA (Web-200 by OffSec), how was it?submitted by N7x to cybersecurity 1 points | 0 comments https://www.offsec.com/courses/web-200/INFOSEC.PUB
9 AugNew APT Actor240524 Weaponizing Official Documents To Deliver MalwareA new APT group, dubbed Actor240524, launched a spear-phishing campaign targeting Azerbaijani and Israeli diplomats on July 1, 2024, where the attackers employed a malicious Word document containing Azerbaijani-language content disguised as official documentation to lure victims.…GBHACKERS.COM
9 AugOff-Topic Fridaysubmitted by shellsharks to cybersecurity 1 points | 0 comments Wanna chat about something non-infosec amongst those of us who frequent /c/cybersecurity? Here’s your chance! (Keep things civil & respectful please)INFOSEC.PUB
9 AugIranian Hackers Targeting 2024 US Election CampaignsMicrosoft has released a report detailing Iran’s efforts to influence the upcoming 2024 US presidential election. The report highlights the increasing activity of groups linked to the Iranian government, aiming to sway voters and create controversy, particularly in key swin…GBHACKERS.COM
9 AugUS Offers $10 Million for Information on Iranian Hackers Behind CyberAv3ngers Water Utility AttacksThe U.S. State Department has offered a $10 million reward for information on six Iranian government hackers who allegedly targeted U.S. water utilities last fall. These individuals were previously sanctioned for targeting critical infrastructure.THERECORD.MEDIA
9 AugPeople-Search Site Removal Services Largely IneffectiveConsumer Reports has a new study of people-search site removal services, concluding that they don’t really work: As a whole, people-search removal services are largely ineffective. Private information about each participant on the people-search sites decreased after using t…SCHNEIER.COM
9 AugIn Other News: KnowBe4 Product Flaws, SEC Ends MOVEit Probe, SOCRadar Responds to Hacking ClaimsNoteworthy stories that might have slipped under the radar: KnowBe4 product vulnerabilities, SOCRadar responds to hacker's claims, and SEC ends the MOVEit hack probe. The post In Other News: KnowBe4 Product Flaws, SEC Ends MOVEit Probe, SOCRadar Responds to Hacking Claims appeare…SECURITYWEEK.COM
9 AugIran Is Accelerating Cyber Activity That Appears Meant to Influence the US Election, Microsoft SaysIranian actors have spent recent months creating fake news sites and impersonating activists, laying the groundwork to stoke division and potentially sway American voters this fall. The post Iran Is Accelerating Cyber Activity That Appears Meant to Influence the US Election, Micr…SECURITYWEEK.COM
9 AugMore AI funding, Crowdstrike ripples continue, GPT yourself - ESW #371, in the enterprise security news, 1. AI is still getting a ton of funding! 2. Netwrix acquires PingCastle 3. Tenable looks for a buyer 4. SentinelOne hires Alex Stamos as their new CISO 5. Crowdstrike doesn’t appreciate satire when it’s at their expense 6. Intel begins one of th…YOUTUBE.COM
9 AugInterviewing Black Hat Startup Spotlight Winner, Knostic - Sounil Yu - ESW #371We chat with Sounil Yu, co-founder of LLM access control startup, Knostic. We discuss both the experience of participating in Black Hat's startup competition, and what his company, Knostic, is all about. Knostic was one of four finalists for Black Hat's Startup Spotlight competit…YOUTUBE.COM
9 Aug0.0.0.0, Blacksuit, OpenAI, AWS, Cisco Phones, Win 10, Aaran Leyland, and More... - SWN #4050.0.0.0, Blacksuit, OpenAI, AWS, Cisco Phones, Win 10, Aaran Leyland, and More on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-405YOUTUBE.COM
9 AugFriday Squid Blogging: SQUID Is a New Computational Tool for Analyzing Genomic AIYet another SQUID acronym : SQUID, short for Surrogate Quantitative Interpretability for Deepnets, is a computational tool created by Cold Spring Harbor Laboratory (CSHL) scientists. It’s designed to help interpret how AI models analyze the genome . Compared with other anal…SCHNEIER.COM
9 AugNot Just Us: North Korean Remote IT Fraudster Arrested in TennesseeJust when we thought we had something special with our very own North Korean hacker , it turns out this type of fraud has made it to the Volunteer State.KNOWBE4.COM
9 Aug512-bit RSA key in home energy system gives control of “virtual power plant” - sh.itjust.workssubmitted by sugar_in_your_tea to cybersecurity 1 points | 0 comments https://sh.itjust.works/post/23452913SH.ITJUST.WORKS
9 AugA Whopping 33% of Young American Are Exposed to Political Lies on TikTokExcellent reporting by the Wall Street Journal! They wrote about a disturbing trend. "Amid a deluge of election news and memes on TikTok, WSJ found thousands of videos with political lies and hyperbole.KNOWBE4.COM
9 AugHow can 2FA be disabled without permission and what can I do about it?submitted by lightscription to secops 1 points | 0 comments I use FreeOTP+ which is supposed to be developed by people from the Fedora project and is protected by fingerprint on Pixel. I discovered that my 2FA was disabled on lemmy.world after I logged out and then logged back in…LEMMY.WORLD
📡 INFOSEC NEWS 12[−]
9 AugIreland's DPC Takes Twitter to Court Over AI User Data ConcernsIreland's Data Protection Commission (DPC) has taken Twitter to court over concerns regarding the use of AI user data. The DPC is specifically worried about the personal data of millions of European users being used to train AI systems for Grok.INFOSECURITY-MAGAZINE.COM
9 AugRussia's Kursk Region Suffers ‘Massive’ DDoS Attack Amid Ukraine OffensiveKursk region in Russia was hit by a large-scale DDoS attack during Ukraine's cross-border incursion, affecting government, business websites, and critical services. NetBlocks reported disruptions in internet connectivity linked to the attacks.THERECORD.MEDIA
9 AugSports Venues Must Vet Their Vendors to Maintain SecurityThe sports and entertainment industries face unique cybersecurity challenges due to the rapid technological advancements being implemented. Cyber-physical systems like augmented reality and smart sensors increase security concerns.HELPNETSECURITY.COM
9 AugPro-Iran Groups Lay Groundwork For Chaos And Violence As US Election Meddling IntensifiesPACKETSTORMSECURITY.COM
9 AugPhishing-as-a-Service through Telegram botCybercriminals use a Telegram bot to sell subscriptions to phishing services for hacking Microsoft 365 accounts, including bypassing two-factor authentication.KASPERSKY.COM
9 AugHow to ask Google to remove deepfake porn results from Google SearchThe internet is full of deepfakes — and most of them are nudes. According to a report from Home Security Heroes, deepfake porn makes up 98% of all deepfake videos online. Thanks to easy-to-use and freely available generative AI tools, the number of deepfakes online — …TECHCRUNCH.COM
9 AugBlack Hat USA 2024 recap – Week in security with Tony AnscombeUnsurprisingly, many discussions focused on the implications of the recent CrowdStrike outage, including the lessons it may have offered for bad actorsWELIVESECURITY.COM
9 AugBlack Hat USA 2024: All eyes on election securityIn this high-stakes year for democracy, the importance of robust election safeguards and national cybersecurity strategies cannot be understatedWELIVESECURITY.COM