matlock.ca // THREAT INTELLIGENCE

101Articles

9Categories

2024-08-28Date

🚨

CISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2024-7965 Google Chromium V8 Inappropriate Implementation Vulnerability These types of vulnerabilities are frequent attack vectors for m…

KEVCISA.GOV — Wed, 28 Aug 24 1

🐛

Cryptojacking via CVE-2023-22527: Dissecting a Full-Scale Cryptomining Ecosystem

TRENDMICRO.COM — 28 Aug 2024

🐛

Critical WPML Plugin Flaw Exposes WordPress Sites to Remote Code Execution

THEHACKERNEWS.COM — 28 Aug 2024

🐛

CISA Flags Critical Apache OFBiz Flaw Amid Active Exploitation Reports

KEVTHEHACKERNEWS.COM — 28 Aug 2024

🐛

Rockwell Automation ThinManager Flaw Let Attackers Execute Remote Code

GBHACKERS.COM — 28 Aug 2024

🐛

Critical Apache OFBiz Vulnerability CVE-2024-38856 Identified and Actively Exploited

KEVTHECYBEREXPRESS.COM — 28 Aug 2024

🐛

Cryptojacking via CVE-2023-22527: Dissecting a Full-Scale Cryptomining Ecosystem

TRENDMICRO.COM — 28 Aug 2024

🐛

Critical plugin flaw opens over a million WordPress sites to RCE attacks

CSOONLINE.COM — 28 Aug 2024

🐛

Fortra Issues Patch for High-Risk FileCatalyst Workflow Security Vulnerability

THEHACKERNEWS.COM — 28 Aug 2024

🐛

BlackByte ransomware gang exploits more orgs than previously known

CSOONLINE.COM — 28 Aug 2024

🐛

Attackers Exploit Critical Atlassian Confluence Flaw for Cryptojacking

DARKREADING.COM — 28 Aug 2024

🐛

Analysis of two arbitrary code execution vulnerabilities affecting WPS Office

WELIVESECURITY.COM — 28 Aug 2024

⚠️

What is OWASP? A standard bearer for better web application security

CSOONLINE.COM — 28 Aug 2024

⚠️

Four Internet Service Providers are breached by sophisticated cyber attack. Cyber Security Today for Wednesday, August 28, 2024

CYBERSECURITYTODAY.LIBSYN.COM — 28 Aug 2024

⚠️

New QR Code Phishing Campaign Exploits Microsoft Sway to Steal Credentials

THEHACKERNEWS.COM — 28 Aug 2024

⚠️

Sport 2000 - 3,189,643 breached accounts

HAVEIBEENPWNED.COM — 28 Aug 2024

⚠️

Researchers Disclosed 20 Vulnerabilities Exploited To Attack ML Used In Orgs

GBHACKERS.COM — 28 Aug 2024

⚠️

Microsoft Fixes ASCII Smuggling Flaw That Enabled Data Theft from Microsoft 365 Copilot

PLEDGETIMES.COM — 28 Aug 2024

⚠️

How not to hire a North Korean IT spy

CSOONLINE.COM — 28 Aug 2024

⚠️

Airtags Locator Device used to Grab the Stolen Parcel

GBHACKERS.COM — 28 Aug 2024

⚠️

South Korean APT Group Exploits WPS Office Zero-Day for Espionage

INFOSECURITY-MAGAZINE.COM — 28 Aug 2024

⚠️

Second Apache OFBiz Vulnerability Exploited in Attacks

KEVSECURITYWEEK.COM — 28 Aug 2024

⚠️

BlackByte Ransomware Exploits VMware ESXi Flaw in Latest Attack Wave

THEHACKERNEWS.COM — 28 Aug 2024

⚠️

PSA: Github currently has spambot/ malware links problem.

LEMY.LOL — 28 Aug 2024

⚠️

China's Volt Typhoon Exploits Zero-Day Flaw in Versa's SD-WAN Director Servers

DARKREADING.COM — 28 Aug 2024

⚠️

PoC Exploit for Zero-Click Vulnerability Made Available to the Masses

DARKREADING.COM — 28 Aug 2024

⚠️

Versa Director Zero-day Vulnerability Let Attackers Upload Malicious Files

GBHACKERS.COM — 28 Aug 2024

⚠️

Pootry EDR Killer Malware Wipes Out Security Tools From Windows Machine

GBHACKERS.COM — 28 Aug 2024

⚠️

Cisco snaps up AI security player Robust Intelligence

NETWORKWORLD.COM — 28 Aug 2024

⚠️

CISA and Partners Release Advisory on Iran-based Cyber Actors Enabling Ransomware Attacks on US Organizations

CISA.GOV — Wed, 28 Aug 24 1

⚠️

TDECU MOVEit Data Breach, 500,000+ members’ Personal Data Exposed

GBHACKERS.COM — 28 Aug 2024

⚠️

Chinese Nation-State Attackers Tied to Versa Zero-Day Hit

DATABREACHTODAY.CO.UK — 2024-08-28

⚠️

BlackByte Blends Known Tactics With New Encryptor Variant and Vulnerability Exploits to Support Ongoing Attacks

TALOSINTELLIGENCE.COM — 28 Aug 2024

⚠️

APT-C-60 Group Exploit WPS Office Flaw to Deploy SpyGlace Backdoor

THEHACKERNEWS.COM — 28 Aug 2024

⚠️

WPS Office Zero-Day Exploited by South Korea-Linked Cyberspies

SECURITYWEEK.COM — 28 Aug 2024

⚠️

WPS Office Zero Day Exploited By South Korea Linked Cyber Spies

PACKETSTORMSECURITY.COM — 28 Aug 2024

⚠️

DICK’s Sporting Goods says confidential data exposed in cyberattack

BLEEPINGCOMPUTER.COM — 28 Aug 2024

⚠️

Censys Finds Hundreds of Exposed Servers as Volt Typhoon APT Targets ISPs, MSPs

SECURITYWEEK.COM — 28 Aug 2024

⚠️

Google increases Chrome bug bounty rewards up to $250,000

BLEEPINGCOMPUTER.COM — 28 Aug 2024

⚠️

DICK’s shuts down email, locks employee accounts after cyberattack

BLEEPINGCOMPUTER.COM — 28 Aug 2024

⚠️

Google Now Offering Up to $250,000 for Chrome Vulnerabilities

SECURITYWEEK.COM — 28 Aug 2024

⚠️

Tool used by ransomware groups now seen killing EDR: Report

CSOONLINE.COM — 28 Aug 2024

⚠️

US Law Enforcement Cracks Down on AI-Led Child Abuse Content

DATABREACHTODAY.CO.UK — 2024-08-28

⚠️

US offers $2.5 million reward for hacker linked to Angler Exploit Kit

BLEEPINGCOMPUTER.COM — 28 Aug 2024

⚠️

Telegram Founder Pavel Durov Charged by French Court

DATABREACHTODAY.CO.UK — 2024-08-28

⚠️

Microsoft Copilot Fixes ASCII Smuggling Vulnerability

DATABREACHTODAY.CO.UK — 2024-08-28

⚠️

Unpatchable 0-day in surveillance cam is being exploited to install Mirai

ARSTECHNICA.COM — 28 Aug 2024

⚠️

South Korean hackers exploited WPS Office zero-day to deploy malware

BLEEPINGCOMPUTER.COM — 28 Aug 2024

⚠️

Hitachi Energy Vulnerabilities Plague SCADA Power Systems

DARKREADING.COM — 28 Aug 2024

📢

Rising Tides: Runa Sandvik on Creating Work that Makes a Difference

SECURITYWEEK.COM — 28 Aug 2024

📢

Fortra fixes critical FileCatalyst Workflow hardcoded password issue

BLEEPINGCOMPUTER.COM — 28 Aug 2024

📢

Fortra security advisory (AV24-486)

CYBER.GC.CA — 2024-08-28

📢

Google Chrome security advisory (AV24-487)

CYBER.GC.CA — 2024-08-28

📢

Iranian Hackers Target US in Ransomware and Espionage Attacks

DATABREACHTODAY.CO.UK — 2024-08-28

🔥

950,000 Impacted by Young Consulting Data Breach

SECURITYWEEK.COM — 28 Aug 2024

🔥

Email Compromise Remains Top Threat Incident Type for the Third Quarter in a Row

KNOWBE4.COM — 28 Aug 2024

🔥

Largest Healthcare Data Breaches of 2023

CYBERSECURITY-INSIDERS.COM — 28 Aug 2024

🔥

32 Million Sensitive Records Exposed From Service Management Provider

GBHACKERS.COM — 28 Aug 2024

🔥

Hunters International Ransomware Gang Threatens To Leak US Marshals Data

PACKETSTORMSECURITY.COM — 28 Aug 2024

🔥

Iranian hackers work with ransomware gangs to extort breached orgs

BLEEPINGCOMPUTER.COM — 28 Aug 2024

🔥

SeaTac Airport Cyber Attack: What You Need to Know Before Flying!

YOUTUBE.COM — 2024-08-28

🔥

PoorTry Windows driver evolves into a full-featured EDR wiper

BLEEPINGCOMPUTER.COM — 28 Aug 2024

🔥

Nothing to Smile About: Hacks on Dental Practices Swell

DATABREACHTODAY.CO.UK — 2024-08-28

🔥

The art and science behind Microsoft threat hunting: Part 3

MICROSOFT.COM — 28 Aug 2024

🕵️

Vega-Lite with Kibana to Parse and Display IP Activity over Time, (Tue, Aug 27th)

ISC.SANS.EDU — 28 Aug 2024

🕵️

ISC Stormcast For Wednesday, August 28th, 2024 https://isc.sans.edu/podcastdetail/9116, (Wed, Aug 28th)

ISC.SANS.EDU — 28 Aug 2024

🕵️

Patchwork Actors Using Weaponized Encrypted Zip Files to Attack Orgs

GBHACKERS.COM — 28 Aug 2024

🕵️

US Offering $2.5 Million Reward for Belarusian Malware Distributor

SECURITYWEEK.COM — 28 Aug 2024

🕵️

How Lessons Learned From the 2016 Campaign Led US Officials to Be More Open About Iran Hack

SECURITYWEEK.COM — 28 Aug 2024

🕵️

Matthew Green on Telegram’s Encryption

SCHNEIER.COM — 2024-08-28

🕵️

Check Point Acquires Cybersecurity Startup Cyberint

CYBERSCOOP.COM — 28 Aug 2024

🕵️

‘ASCII Smuggling’ attack exposes sensitive Microsoft Copilot data

SCMAGAZINE.COM — 28 Aug 2024

🕵️

Phishing Attacks Are Increasingly Targeting Social Media and Smartphone Users

KNOWBE4.COM — 28 Aug 2024

🕵️

Malware Delivered via Malicious Pidgin Plugin, Signal Fork

SECURITYWEEK.COM — 28 Aug 2024

🕵️

Check Point to Acquire External Cyber Risk Management Firm Cyberint

SECURITYWEEK.COM — 28 Aug 2024

🕵️

What are You Working on Wednesday

INFOSEC.PUB — 28 Aug 2024

🕵️

Research Unveils Eight Android And iOS That Leaks Users Sensitive Data

GBHACKERS.COM — 28 Aug 2024

🕵️

LinkedIn Hires Former Twitter Security Chief Lea Kissner as New CISO

SECURITYWEEK.COM — 28 Aug 2024

🕵️

New LummaC2 Malware Variant Uses PowerShell, Obfuscation to Steal Data

HACKREAD.COM — 28 Aug 2024

🕵️

Peach Sandstorm deploys new custom Tickler malware in long-running intelligence gathering operations

MICROSOFT.COM — 28 Aug 2024

🕵️

New Tickler malware used to backdoor US govt, defense orgs

BLEEPINGCOMPUTER.COM — 28 Aug 2024

🕵️

Telegram Founder Set to Appear Before French Court

DATABREACHTODAY.CO.UK — 2024-08-28

🕵️

New Tickler malware used to backdoor US govt, defense orgs

BLEEPINGCOMPUTER.COM — 28 Aug 2024

🕵️

True Zero Trust Should Mean VPN Retirement

DATABREACHTODAY.CO.UK — 2024-08-28

🕵️

Cisco Bolsters AI Security by Buying Robust Intelligence

DATABREACHTODAY.CO.UK — 2024-08-28

🌐

New Phishing Campaign Steals VPN Credentials Using Social Engineering Methods

SECURITYBOULEVARD.COM — 28 Aug 2024

🌐

Malware Delivered Via Malicious Pidgin Plugin, Signal Fork

PACKETSTORMSECURITY.COM — 28 Aug 2024

🌐

Stealing cash using NFC relay – Week in Security with Tony Anscombe

WELIVESECURITY.COM — 28 Aug 2024

🎙️

Save 25% on InfoSec World 2024! 🎉 Cybersecurity Event of the Year!

YOUTUBE.COM — 2024-08-28

📡

University criticised for using Ebola outbreak lure in phishing test

BITDEFENDER.COM — 28 Aug 2024

📡

CoinSwitch sues WazirX to recover trapped funds

TECHCRUNCH.COM — 28 Aug 2024

📡

How to protect and preserve your data in Telegram in 2024 | Kaspersky official blog

KASPERSKY.COM — 28 Aug 2024

📡

Microsoft's Sway Serves as Launchpad for 'Quishing' Campaign

DARKREADING.COM — 28 Aug 2024

📡

Seeking a Job in Cybersecurity? Protect Yourself From Scams

DATABREACHTODAY.CO.UK — 2024-08-28

📡

How AI Is Deciphering Lost Scrolls From The Roman Empire

PACKETSTORMSECURITY.COM — 28 Aug 2024

📡

From Copilot To Copirate: How Data Thieves Could Hijack Microsoft's Chatbot

PACKETSTORMSECURITY.COM — 28 Aug 2024

📡

Cybercrime And Sabotage Cost German Firms $300 Billion In Past Year

PACKETSTORMSECURITY.COM — 28 Aug 2024

📡

It's down to the wire—but you don’t have to miss mWISE

BLEEPINGCOMPUTER.COM — 28 Aug 2024

📡

Ex-Twitter CISO Lea Kissner appointed as LinkedIn security chief

TECHCRUNCH.COM — 28 Aug 2024

📡

Employee arrested for locking Windows admins out of 254 servers in extortion plot

BLEEPINGCOMPUTER.COM — 28 Aug 2024

📡

When Get-Out-The-Vote Efforts Look Like Phishing

KREBSONSECURITY.COM — 28 Aug 2024