65Articles
7Categories
2024-08-16Date
🐛 COMMON VULNERABILITIES AND EXPOSURES 1[−]
16 AugCopy2Pwn Zero-Day Exploited to Bypass Windows ProtectionsZDI details a zero-day named Copy2Pwn and tracked as CVE-2024-38213, which cybercriminals exploited to bypass MotW protections in Windows. The post Copy2Pwn Zero-Day Exploited to Bypass Windows Protections appeared first on SecurityWeek .SECURITYWEEK.COM
⚠️ VULNERABILITY DISCLOSURE 17[−]
16 Aug11 top bug bounty programs launched in 2024Bug bounty programs remain a crucial component of cybersecurity strategies in 2024, offering organisations the ability to draw in help from a diverse pool of cybersecurity professionals and researchers. The schemes offer continuous testing against emerging threats. What are bug b…CSOONLINE.COM
16 AugDeepfake Technology advancements pose a real and present threat: Cyber Security Today for Friday, August 16, 2024Cybersecurity Insights: Paris Olympics and Deepfake Technologies In this episode, host Jim Love discusses proactive cybersecurity measures taken during the Paris 2024 Olympics to combat threats such as domain abuse, counterfeit shops, unauthorized live streaming, cryptocurrency s…CYBERSECURITYTODAY.LIBSYN.COM
16 AugGoogle Pixel Devices Shipped with Vulnerable App, Leaving Millions at RiskA large percentage of Google's own Pixel devices shipped globally since September 2017 included dormant software that could be used to stage nefarious attacks and deliver various kinds of malware. The issue manifests in the form of a pre-installed Android app called "Showcase.apk…THEHACKERNEWS.COM
16 Aug KEVSolarWinds Web Help Desk Vulnerability Possibly Exploited as Zero-DayThe US cybersecurity agency CISA warns that a recent SolarWinds Web Help Desk vulnerability has been exploited in the wild. The post SolarWinds Web Help Desk Vulnerability Possibly Exploited as Zero-Day appeared first on SecurityWeek .SECURITYWEEK.COM
16 AugGitHub Vulnerability 'ArtiPACKED' Exposes Repositories to Potential TakeoverThe GitHub vulnerability named 'ArtiPACKED' exposes repositories to potential takeovers. This attack vector in GitHub Actions artifacts could allow malicious actors to compromise services by leaking tokens due to misconfigurations and security flaws.THEHACKERNEWS.COM
16 AugNew Windows IPv6 Zero-Click VulnerabilityThe press is reporting a critical Windows vulnerability affecting IPv6. As Microsoft explained in its Tuesday advisory, unauthenticated attackers can exploit the flaw remotely in low-complexity attacks by repeatedly sending IPv6 packets that include specially crafted packets. Mic…SCHNEIER.COM
16 AugThe Hidden Security Gaps in Your SaaS Apps: Are You Doing Due Diligence?SaaS applications have become indispensable for organizations aiming to enhance productivity and streamline operations. However, the convenience and efficiency these applications offer come with inherent security risks, often leaving hidden gaps that can be exploited. Conducting …THEHACKERNEWS.COM
16 AugMeta Warns of Troll Networks From Russia, Iran Ahead of US ElectionsMeta has warned of troll networks originating from Russia and Iran ahead of the US elections. According to a report by Meta, Russia remains the top source of disrupted troll networks on Facebook and Instagram, followed closely by Iran.THERECORD.MEDIA
16 AugWhat if someone creates a clone of my app for phishing?submitted by positive_intentions to cybersecurity 3 points | 0 comments https://github.com/positive-intentions/chat im working on a decentralized chat app similar to Simplex with the additional detail that it’s mainly presented as a webapp. Simplex recently posted on their subred…SH.ITJUST.WORKS
16 AugConsolidation vs. Optimization: Which Is More Cost-Effective for Improved Security?Security leaders are facing big decisions about how they use their monetary and people resources to better secure their environments. The post Consolidation vs. Optimization: Which Is More Cost-Effective for Improved Security? appeared first on SecurityWeek .SECURITYWEEK.COM
16 AugWestern, Russian Civil Society Targeted in Sophisticated Phishing AttacksMultiple Russian, Belarusian, and Western entities perceived as Russia’s enemies have been targeted in two recent spear-phishing campaigns. The post Western, Russian Civil Society Targeted in Sophisticated Phishing Attacks appeared first on SecurityWeek .SECURITYWEEK.COM
16 AugIn Other News: 400 CNAs, Crash Reports, Schlatter CyberattackNoteworthy stories that might have slipped under the radar: there are 400 CVE Numbering Authorities, crash reports can be a valuable source of information, and Schlatter was hit by a cyberattack. The post In Other News: 400 CNAs, Crash Reports, Schlatter Cyberattack appeared firs…SECURITYWEEK.COM
16 AugCISA warns critical SolarWinds RCE bug is exploited in attacksCISA warned on Thursday that attackers are exploiting a recently patched critical vulnerability in SolarWinds' Web Help Desk solution for customer support. [...]BLEEPINGCOMPUTER.COM
16 AugAttackers Exploit Public .env Files to Breach Cloud and Social Media AccountsA large-scale extortion campaign has compromised various organizations by taking advantage of publicly accessible environment variable files (.env) that contain credentials associated with cloud and social media applications. "Multiple security missteps were present in the course…THEHACKERNEWS.COM
16 AugOperational Resilience in Healthcare & Zscaler Uncovers Record-Breaking Ransom - ESW #372Many cybersecurity experts are calling recent attacks on healthcare more sophisticated than ever. One attack disrupted prescription drug orders for over a third of the U.S. and has cost $1.5 billion in incident response and recovery services. Separately, an operator of over 140 h…YOUTUBE.COM
16 AugDevo Launches New Capabilities & Revolutionizing Cyber Resilience - Rakesh Nair, Rekha... - ESW #372Devo, the security analytics company, recently launched data orchestration, a data analytics cloud, and security operations center (SOC) workflow enhancements. Enterprise security teams are struggling with growing data volumes—and they’re also up against headcount and budget cons…YOUTUBE.COM
📢 SECURITY ADVISORIES 3[−]
16 AugIt’s Time to Stop Thinking of Threat Groups as Supervillains, Experts SayCISA Director Jen Easterly highlighted the importance of not glamorizing threat actors, urging defenders to focus on detecting and responding to malicious tactics rather than being fixated on the threat groups themselves.CYBERSECURITYDIVE.COM
🔥 INCIDENT REPORTING 8[−]
16 AugMassive Cyberattack Hit Central Bank of IranA major cyberattack struck the Central Bank of Iran and other Iranian banks, causing disruptions. The incident, reported by Iranian news outlets and Iran International, resulted in the crippling of the banks' computer systems.SECURITYAFFAIRS.COM
16 AugRansomware Group Behind Major Indonesian Attack Wears Many MasksResearchers have linked Brain Cipher to at least three other groups operating under different names. Despite its global reach, the group's tactics are not particularly sophisticated.DARKREADING.COM
16 AugM&A Activity can Amplify Ransomware Insurance Losses, Research FindsM&A activity can increase ransomware insurance losses, with the severity of claims rising over 400% from 2022 to 2023, according to research by cyber risk company Resilience.CYBERSECURITYDIVE.COM
16 AugAn Analysis of Common Malware LoadersIn 2024, loaders were involved in nearly 40% of critical security incidents, with popular ones being SocGholish, GootLoader, and Raspberry Robin, aiming to deliver malware like ransomware, according to Reliaquest.RELIAQUEST.COM
16 AugRansomware Attackers Introduce New EDR Killer to Disable Protection on Compromised HostsA cybercrime group linked to RansomHub ransomware has been seen using a new EDR-killing tool, named EDRKillShifter, to disable endpoint detection and response software on compromised hosts.SOPHOS.COM
16 AugReport: Ransomware Gangs Rake in More Than $450 Million in First Half of 2024Ransomware groups have earned over $450 million in H1 2024 by extorting victims through cryptocurrency payments, according to a report by Chainalysis. It has risen from the previous year, with a record ransom payment of $75 million reported.THERECORD.MEDIA
16 AugBiotech Company Hacked in 2023 Pays States $4.5 Million Over Breached DataThe state attorneys general of New York, New Jersey, and Connecticut reached an agreement with Enzo Biochem, which revealed the incident to the federal government in May 2023.THERECORD.MEDIA
16 AugNational Public Data confirms breach exposing Social Security numbersBackground check service National Public Data confirms that hackers breached its systems after threat actors leaked a stolen database with millions of social security numbers and other sensitive personal information. [...]BLEEPINGCOMPUTER.COM
🕵️ THREAT INTELLIGENCE 16[−]
16 AugHow does one protect themselves from BYOVD attacks?submitted by yokonzo to cybersecurity 2 points | 0 commentsSH.ITJUST.WORKS
16 AugISC Stormcast For Friday, August 16th, 2024 https://isc.sans.edu/podcastdetail/9100, (Fri, Aug 16th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
16 AugHighly-Personalized Phishing Campaign Targets Russian Government DissidentsA spear-phishing campaign targeting Russian government dissidents and Western organizations, attributed to the Russian FSB and threat actor COLDRIVER, uses personalized social engineering tactics to gain access to online accounts.THECYBEREXPRESS.COM
16 AugNew Cyber Threat Targets Azerbaijan and Israel Diplomats, Stealing Sensitive DataA new threat actor has emerged targeting diplomats from Azerbaijan and Israel, aiming to steal sensitive data. Identified as Actor240524, they use spear-phishing emails to target diplomats and have the ability to steal secrets and modify files.THEHACKERNEWS.COM
16 AugKiteworks Captures $456M at a $1B+ Valuation to Help Secure Sensitive DataKiteworks (formerly Accellion) secured $456 million in private equity funding. The investment from Insight Partners and Sixth Street Growth will support Kiteworks' acquisitions, including four smaller enterprise startups since 2022.TECHCRUNCH.COM
16 AugGoogle Warns of Iranian Hackers Targeting Affiliates of Both US Presidential CampaignsIranian hackers linked to the government of Iran have increased their phishing attacks on high-profile individuals in the U.S. and Israel, including those affiliated with U.S. presidential campaigns, according to Google.THERECORD.MEDIA
16 AugNew Banshee Stealer macOS Malware Priced at $3,000 Per MonthRussian cybercriminals are advertising a new macOS malware, Banshee Stealer, capable of stealing passwords, browser data, and crypto wallets. The post New Banshee Stealer macOS Malware Priced at $3,000 Per Month appeared first on SecurityWeek .SECURITYWEEK.COM
16 AugRussian Hackers Using Fake Brand Sites to Spread DanaBot and StealC MalwareCybersecurity researchers have shed light on a sophisticated information stealer campaign that impersonates legitimate brands to distribute malware like DanaBot and StealC. The activity cluster, orchestrated by Russian-speaking cybercriminals and collectively codenamed Tusk, is s…THEHACKERNEWS.COM
16 AugCloud Misconfigurations Expose 110,000 Domains to Extortion in Widespread CampaignSecurity researchers at Palo Alto Networks discover a threat actor extorting organizations after compromising their cloud environments using inadvertently exposed environment variables. The post Cloud Misconfigurations Expose 110,000 Domains to Extortion in Widespread Campaign ap…SECURITYWEEK.COM
16 AugRussian Hacker Jailed 3+ Years for Selling Stolen Credentials on Dark WebA 27-year-old Russian national has been sentenced to over three years in prison for peddling financial information, login credentials, and other personally identifying information (PII) on a now-defunct dark web marketplace called Slilpp. Georgy Kavzharadze, 27, of Moscow, Russia…THEHACKERNEWS.COM
16 AugQuestion about Cyberark and it's link to Israëlsubmitted by cyborganism to cybersecurity 1 points | 0 comments Companies are increasingly migrating to Cyberark products. However I’m concerned about this company being an Israeli company and being closely tied to the Israeli government and army. I think using their products rai…SH.ITJUST.WORKS
16 AugHighlights from BlackHat/DefCon, Vulnerabilities, and Cyber Marketing Challenges - ESW #372In this conversation, the hosts discuss patchless patching, vulnerabilities in the Windows TCP/IP stack, and the trustworthiness of Microsoft. They highlight the challenges of marketing in the cybersecurity industry and the importance of building trust with customers. The convers…YOUTUBE.COM
16 AugWhy Training is Critical to Implementing Cisco HyperShieldThe imminent release of Cisco HyperShield this month marks a pivotal evolution in the cybersecurity landscape. As an “AI-native” security architecture, HyperShield promises to redefine traditional security protocols through its automated proactive cybersecurity measur…GBHACKERS.COM
16 Aug[PROVED] Unsuspecting Call Recipients Are Super Vulnerable to AI VishingHeads-up: I just proved that unsuspecting call recipients are super vulnerable to AI vishingKNOWBE4.COM
16 AugQuantum AI Drones, Ransomhub, Pixel, Mad Liberator, the return of Russ Beauchemin... - SWN #407Quantum AI Drones, Ransomhub, Pixel, Mad Liberator, the return of Russ Beauchemin, and More on the Security Weekly News Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-407YOUTUBE.COM
16 AugFriday Squid Blog: The Market for Squid Oil Is GrowingHow did I not know before now that there was a market for squid oil ? The squid oil market has experienced robust growth in recent years, expanding from $4.56 billion in 2023 to $4.94 billion in 2024 at a compound annual growth rate (CAGR) of 8.5%. The growth in the historic peri…SCHNEIER.COM
🌐 CYBER THREAT LANDSCAPE 2[−]
16 AugNew Banshee Stealer Targets 100+ Browser Extensions on Apple macOS SystemsCybersecurity researchers have uncovered new stealer malware that's designed to specifically target Apple macOS systems. Dubbed Banshee Stealer, it's offered for sale in the cybercrime underground for a steep price of $3,000 a month and works across both x86_64 and ARM64 architec…THEHACKERNEWS.COM
16 AugMulti-Stage ValleyRAT Targets Chinese Users with Advanced TacticsChinese-speaking users are the target of an ongoing campaign that distributes malware known as ValleyRAT. "ValleyRAT is a multi-stage malware that utilizes diverse techniques to monitor and control its victims and deploy arbitrary plugins to cause further damage," Fortinet FortiG…THEHACKERNEWS.COM
📡 INFOSEC NEWS 18[−]
16 Aug[Guest Diary] 7 minutes and 4 steps to a quick win: A write-up on custom tools, (Fri, Aug 16th)[This is a Guest Diary by Justin Leibach, an ISC intern as a part of the SANS.edu BACS [1] degree program] ISC.SANS.EDU
16 AugLeaked Environment Variables Allow Large-Scale Extortion Operation of Cloud EnvironmentsCybercriminals are infiltrating organizations' cloud storage containers, stealing sensitive data, and sometimes being paid off by the victims to keep the data private. According to Palo Alto Networks, the attackers likely used automation techniques.UNIT42.PALOALTONETWORKS.COM
16 AugDDoS Attack Volume Rises, Peak Power Reaches 1.7 TbpsAccording to Gcore, the number of DDoS attacks in the first half of 2024 increased by 46% compared to the same period in 2023, reaching a total of 830,000 attacks. The peak attack power also rose to 1.7 terabits per second.HELPNETSECURITY.COM
16 AugWindows 11 will finally give you greater control over HDR featuresMicrosoft has released Windows 11 Build 27686 with some hidden HDR-related changes. [...]BLEEPINGCOMPUTER.COM
16 AugMicrosoft Edge PDF reader is getting more Copilot AI featuresMicrosoft is improving Copilot integration in the Edge browser with AI-powered smart keywords. This will allow the AI to generate important keywords from the PDF and then help you analyze each topic. [...]BLEEPINGCOMPUTER.COM
16 AugRussian Citizen Sentenced in US for Selling Stolen Financial Data on Criminal MarketplaceA Russian citizen, known by various online names like “TeRorPP,” has been sentenced to 40 months in a U.S. prison for selling financial data and login credentials on the criminal marketplace Slilpp.THERECORD.MEDIA
16 AugThe AI Balancing Act: Unlocking Potential, Dealing with Security Issues, ComplexityMany organizations struggle with AI literacy, cautious adoption, and risks of immature implementation, leading to disruptions in security, including data threats and AI misuse.HELPNETSECURITY.COM
16 AugReport: 56% of Security Professionals Worry About AI-Powered ThreatsAI professionals have concerns about their jobs being replaced by AI tools, with 56% of security professionals worried about AI-powered threats, as reported by Pluralsight.HELPNETSECURITY.COM
16 AugAre you blocking "keyboard walk" passwords in your Active Directory?A common yet overlooked type of weak password are keyboard walk patterns. Learn more from Specops Software on finding and blocking keyboard walk passwords in your organization. [...]BLEEPINGCOMPUTER.COM
16 AugDigiCert Announces Acquisition of VercaraDigiCert has announced the acquisition of Vercara to offer customers a unified DNS and certificate management experience. Vercara provides cloud-based services like managed DNS and DDoS security to protect networks and applications.SECURITYINFOWATCH.COM
16 AugDoppelgänger Operation Rushes to Secure Itself Amid Ongoing Detections, German Agency SaysEuropean hosting companies were found to be supporting the Kremlin-linked disinformation campaign, prompting Doppelgänger operators to quickly back up their systems and data.THERECORD.MEDIA
16 AugMicrosoft: Enable MFA or lose access to admin portals in OctoberMicrosoft warned Entra global admins on Thursday to enable multi-factor authentication (MFA) for their tenants until October 15 to ensure users don't lose access to admin portals. [...]BLEEPINGCOMPUTER.COM
16 AugOpenAI shuts down election influence operation using ChatGPTOpenAI has banned a cluster of ChatGPT accounts linked to an Iranian influence operation that was generating content about the U.S. presidential election, according to a blog post on Friday. The company says the operation created AI-generated articles and social media posts, thou…TECHCRUNCH.COM
16 AugMicrosoft shares workaround for Outlook crashing after opening​​​​Microsoft has shared a workaround for a known issue affecting Microsoft 365 customers and causing classic Outlook to crash after opening or when starting up in Safe mode. [...]BLEEPINGCOMPUTER.COM
16 AugHow a BEC scam cost a company $60 Million – Week in security with Tony AnscombeBusiness email compromise (BEC) has once again proven to be a costly issue, with a company losing $60 million in a wire transfer fraud schemeWELIVESECURITY.COM