MATLOCK.CA
92Articles
10Categories
2024-08-23Date
🚨
SolarWinds fixes critical developer oversightSolarWinds has issued a hotfix to patch up a security oversight that could allow remote access to sensitive credentials hardcoded in its Web Help Desk (WHD) product. The vulnerability, tracked as CVE-2024-28987 , has been rated β€œcritical” with a CVSS score of 9.1 out of 10. β€œThe …
KEVCSOONLINE.COM — 23 Aug 2024
🚨
CISA Adds One Known Exploited Vulnerability to Catalog for Versa Networks DirectorCISA has added one new vulnerability to its  Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2024-39717 Versa Director Dangerous File Type Upload Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cy…
KEVCISA.GOV — Fri, 23 Aug 24 1
πŸ›
Critical GitHub Enterprise Server Flaw Patched, Admin Access at Risk
SECURITYONLINE.INFO — 23 Aug 2024
πŸ›
PoC Exploit Released for RCE 0-day CVE-2024-41992 in Arcadyan FMIMG51AX000J Model
SECURITYONLINE.INFO — 23 Aug 2024
πŸ›
Microsoft Patches Critical Copilot Studio Vulnerability Exposing Sensitive Data
THEHACKERNEWS.COM — 23 Aug 2024
πŸ›
GitHub fixes critical Enterprise Server bug granting admin privileges
CSOONLINE.COM — 23 Aug 2024
πŸ›
SonicWall Issues Urgent Patch for Critical Firewall Vulnerability
SECURITYONLINE.INFO — 23 Aug 2024
πŸ›
Chinese APT group Velvet Ant deployed custom backdoor on Cisco Nexus switches
CSOONLINE.COM — 23 Aug 2024
πŸ›
WordPress users not on Windows urged to update due to critical LiteSpeed Cache flaw
CSOONLINE.COM — 23 Aug 2024
πŸ›
Dell Power Manager Privilege Escalation Vulnerability
GBHACKERS.COM — 23 Aug 2024
πŸ›
Iran-based Cyber Actors Enabling Ransomware Attacks on US Organizations
CISA.GOV — 23 Aug 2024
⚠️
Equiniti settles SEC charges stemming from a pair of cyber intrusions
CSOONLINE.COM — 23 Aug 2024
⚠️
Cybercriminals Exploit File Sharing Services to Advance Phishing Attacks
HELPNETSECURITY.COM — 23 Aug 2024
⚠️
SolarWinds Leaks Credentials in Hotfix for Exploited Web Help Desk Flaw
SECURITYWEEK.COM — 23 Aug 2024
⚠️
New Opportunistic Campaign Exploit Log4j Vulnerability for Cryptomining and System Compromise
SECURITYLABS.DATADOGHQ.COM — 23 Aug 2024
⚠️
The Trouble with Procurement Departments, Resellers and Stripe
TROYHUNT.COM — 23 Aug 2024
⚠️
Main Line Health deploys chaos engineering to bolster healthcare resilience
KEVCSOONLINE.COM — 23 Aug 2024
⚠️
Leveraging Ancient Tactics for Modern Malware
HYAS.COM — 23 Aug 2024
⚠️
Google Chrome Update Fixes Flaw Exploited in the Wild
KEVDARKREADING.COM — 23 Aug 2024
⚠️
Google Patches Ninth Chrome Zero Day Of 2024
PACKETSTORMSECURITY.COM — 23 Aug 2024
⚠️
Kanister Vulnerability Opens Door to Cluster-Level Privilege Escalation
SECURITYONLINE.INFO — 23 Aug 2024
⚠️
PG_MEM Malware Targets PostgreSQL Databases for Crypto Mining
AQUASEC.COM — 23 Aug 2024
⚠️
US oil giant Halliburton confirms cyberattack behind systems shutdown
BLEEPINGCOMPUTER.COM — 23 Aug 2024
⚠️
Critical Vulnerabilities Uncovered in Progress WhatsUp Gold
SECURITYONLINE.INFO — 23 Aug 2024
⚠️
Secure Web Gateways Have Failed Us & Using AI to Prevent the Next CrowdStrike Outage -... - ESW #373
YOUTUBE.COM — 2024-08-23
⚠️
Let’s Get Real About Where AI can Help SecOps & AI, Automation & Low-Code - Mike Lybor... - ESW #373
YOUTUBE.COM — 2024-08-23
⚠️
Secure Web Gateways Have Failed Us & Using AI to Prevent the Next CrowdStrike Outage -... - ESW #373
YOUTUBE.COM — 2024-08-23
⚠️
The Number of Email-Based Cyber Attacks Detected Surge 239% in 1H 2024
KNOWBE4.COM — 23 Aug 2024
⚠️
American Radio Relay League confirms $1 million ransom payment
BLEEPINGCOMPUTER.COM — 23 Aug 2024
⚠️
Slack Patches Prompt Injection Flaw in AI Tool Set
DATABREACHTODAY.CO.UK — 2024-08-23
⚠️
Multiple Vulnerabilities in SolarWinds Web Help Desk Could Allow for Remote Code Execution
CISECURITY.ORG — 23 Aug 2024
⚠️
Cybersicherheitsvorschriften: So erfΓΌllen Sie Ihre Compliance-Anforderungen
CSOONLINE.COM — 23 Aug 2024
⚠️
Chrome Zero-day Vulnerability Actively Exploited in the Wild
KEVGBHACKERS.COM — 23 Aug 2024
⚠️
Progress WhatsUp Gold Vulnerabilities Let Attackers Inject SQL Commands
KEVGBHACKERS.COM — 23 Aug 2024
πŸ“‹
Microsoft shares temp fix for Linux boot issues on dual-boot systems
BLEEPINGCOMPUTER.COM — 23 Aug 2024
πŸ“’
Microsoft Edge security advisory (AV24-476)
CYBER.GC.CA — 2024-08-23
πŸ“’
SonicWall security advisory (AV24-477)
CYBER.GC.CA — 2024-08-23
πŸ”₯
Popular search terms are leveraged in cyber attacks: Cyber Security Today for Friday, August 23, 2024
CYBERSECURITYTODAY.LIBSYN.COM — 23 Aug 2024
πŸ”₯
From Cybercrime to Terrorism, FBI Director Says America Faces Many Elevated Threats β€˜All at Once’
SECURITYWEEK.COM — 23 Aug 2024
πŸ”₯
New Qilin Ransomware Attack Uses VPN Credentials, Steals Chrome Data
THEHACKERNEWS.COM — 23 Aug 2024
πŸ”₯
How Paris Olympic authorities battled cyberattacks, and won gold
SECURITYINTELLIGENCE.COM — 23 Aug 2024
πŸ”₯
Qilin Ransomware Caught Stealing Credentials Stored in Google Chrome
SOPHOS.COM — 23 Aug 2024
πŸ”₯
New macOS Malware "Cthulhu Stealer" Targets Apple Users' Data
THEHACKERNEWS.COM — 23 Aug 2024
πŸ”₯
Karakurt Ransomware Group Suspect Appears in US Courtroom
DATABREACHTODAY.CO.UK — 2024-08-23
πŸ”₯
Halliburton shuts down systems after cyberattack
TECHCRUNCH.COM — 23 Aug 2024
πŸ”₯
Medibank to Spend AU$126M on Post-Breach Security Upgrade
DATABREACHTODAY.CO.UK — 2024-08-23
πŸ”₯
ISMG Editors: CISO Disclosure Rules Changing Post-SolarWinds
DATABREACHTODAY.CO.UK — 2024-08-23
πŸ”₯
Feds to Health Sector: Don't Skimp on Physical Security
DATABREACHTODAY.CO.UK — 2024-08-23
πŸ”₯
Banking Lobby Asks Ginnie Mae to Modify Cyber Reporting Rule
DATABREACHTODAY.CO.UK — 2024-08-23
πŸ•΅οΈ
Surveillance Watch
SCHNEIER.COM — 2024-08-23
πŸ•΅οΈ
ISC Stormcast For Friday, August 23rd, 2024 https://isc.sans.edu/podcastdetail/9110, (Fri, Aug 23rd)
ISC.SANS.EDU — 23 Aug 2024
πŸ•΅οΈ
New macOS Malware "Cthulhu Stealer" Targets Apple Users' Data
THEHACKERNEWS.COM — 23 Aug 2024
πŸ•΅οΈ
New macOS Malware TodoSwift Linked to North Korean Hacking Groups
THEHACKERNEWS.COM — 23 Aug 2024
πŸ•΅οΈ
FBI Exposing Sensitive Data via Improper Handling of Storage Devices: Audit
SECURITYWEEK.COM — 23 Aug 2024
πŸ•΅οΈ
Russian Member of Karakurt Cyber Extortion Gang Charged in US
SECURITYWEEK.COM — 23 Aug 2024
πŸ•΅οΈ
Take a Selfie Using a NY Surveillance Camera
SCHNEIER.COM — 2024-08-23
πŸ•΅οΈ
Hacker Tried to Dodge Child Support by Breaking Into Registry to Fake His Death, Prosecutors Say
SECURITYWEEK.COM — 23 Aug 2024
πŸ•΅οΈ
US, Allies Release Guidance on Event Logging and Threat Detection
SECURITYWEEK.COM — 23 Aug 2024
πŸ•΅οΈ
Degraded Performance Issue Sparks Concern Among CrowdStrike Customers
SECURITYWEEK.COM — 23 Aug 2024
πŸ•΅οΈ
Malvertising Campaign Impersonates Dozens of Google Products
KNOWBE4.COM — 23 Aug 2024
πŸ•΅οΈ
Deceptive AI: A New Wave of Cyber Threats
KNOWBE4.COM — 23 Aug 2024
πŸ•΅οΈ
Russian laundering millions for Lazarus hackers arrested in Argentina
BLEEPINGCOMPUTER.COM — 23 Aug 2024
πŸ•΅οΈ
Greasy Opal's CAPTCHA solver still serving cybercrime after 16 years
BLEEPINGCOMPUTER.COM — 23 Aug 2024
πŸ•΅οΈ
In Other News: FAA Improving Cyber Rules, Android Malware Enables ATM Withdrawals, Data Theft via Slack AI
SECURITYWEEK.COM — 23 Aug 2024
πŸ•΅οΈ
Off-Topic Friday
INFOSEC.PUB — 23 Aug 2024
πŸ•΅οΈ
Defenders Get A MoonPeak At North Korea's Malware Backbone
PACKETSTORMSECURITY.COM — 23 Aug 2024
πŸ•΅οΈ
MoonPeak Malware From North Korean Actors Unveils New Details on Attacker Infrastructure
TALOSINTELLIGENCE.COM — 23 Aug 2024
πŸ•΅οΈ
DOJ Lawsuit Accuses Georgia Tech of Cybersecurity Failures
DATABREACHTODAY.CO.UK — 2024-08-23
πŸ•΅οΈ
The end of the road for some cyber startups & making detection actually work! - ESW #373
YOUTUBE.COM — 2024-08-23
πŸ•΅οΈ
Faking your own death, Fake Reviews, Solar Winds, Recall, Winux, Kubernetes, and More - SWN #409
YOUTUBE.COM — 2024-08-23
πŸ•΅οΈ
Business Email Compromise Scams Rise 20%, Making up Nearly Half of all Spam Emails
KNOWBE4.COM — 23 Aug 2024
πŸ•΅οΈ
Friday Squid Blogging: Self-Healing Materials from Squid Teeth
SCHNEIER.COM — 2024-08-23
🌐
Hardware Backdoor in Millions of Shanghai Fudan Microelectronics RFID Cards Allows Cloning
SECURITYAFFAIRS.COM — 23 Aug 2024
🌐
New PEAKLIGHT Dropper Deployed in Attacks Targeting Windows with Malicious Movie Downloads
THEHACKERNEWS.COM — 23 Aug 2024
🌐
Learn with Region 8’s Webinar Program
CISA.GOV — Fri, 23 Aug 24 1
🌐
NGate Android Malware Relays NFC Traffic to Steal Credit Card Data
WELIVESECURITY.COM — 23 Aug 2024
πŸŽ™οΈ
Episode 360 looks at fake Taylor Swift, Nvidia un the docs, TV ads and much more! | Kaspersky official blog
KASPERSKY.COM — 23 Aug 2024
πŸ“‘
Latvian Hacker Extradited to U.S. for Role in Karakurt Cybercrime Group
THEHACKERNEWS.COM — 23 Aug 2024
πŸ“‘
Fraudulent Slack Ad Shows Malvertiser’s Patience and Skills
MALWAREBYTES.COM — 23 Aug 2024
πŸ“‘
Focus on What Matters Most: Exposure Management and Your Attack Surface
THEHACKERNEWS.COM — 23 Aug 2024
πŸ“‘
New Phishing Campaign Targets US Government Organizations
SECURITYONLINE.INFO — 23 Aug 2024
πŸ“‘
Webinar: Experience the Power of a Must-Have All-in-One Cybersecurity Platform
THEHACKERNEWS.COM — 23 Aug 2024
πŸ“‘
Pandas Errors: What encoding are my logs in?, (Fri, Aug 23rd)
ISC.SANS.EDU — 23 Aug 2024
πŸ“‘
Local Networks Go Global When Domain Names Collide
KREBSONSECURITY.COM — 23 Aug 2024
πŸ“‘
SolarWinds Leaks Credentials In Hotfix
PACKETSTORMSECURITY.COM — 23 Aug 2024
πŸ“‘
How To Manipulate The Execution Flow Of TOCTOU Attacks
PACKETSTORMSECURITY.COM — 23 Aug 2024
πŸ“‘
How to hack wireless bicycle gears | Kaspersky official blog
KASPERSKY.COM — 23 Aug 2024
πŸ“‘
Is AI Making Banking Safer or Just More Complicated?
DATABREACHTODAY.CO.UK — 2024-08-23
πŸ“‘
Hackers now use AppDomain Injection to drop CobaltStrike beacons
BLEEPINGCOMPUTER.COM — 23 Aug 2024
πŸ“‘
New Windows 10 22H2 beta fixes memory leaks and crashes
BLEEPINGCOMPUTER.COM — 23 Aug 2024
πŸ“‘
A Tangled Web We Weave: When Reported M&A Never Materializes
DATABREACHTODAY.CO.UK — 2024-08-23
πŸ“‘
PWA phishing on Android and iOS – Week in security with Tony Anscombe
WELIVESECURITY.COM — 23 Aug 2024