🚨 CISA KEV 1[−]
29 Aug KEVCISA Adds Google Chromium V8 Bug to its Known Exploited Vulnerabilities CatalogGoogle released a security update this week to address the actively exploited Chrome zero-day vulnerability. The vulnerability, CVE-2024-7965, is an inappropriate implementation issue in Chrome's V8 JavaScript engine.SECURITYAFFAIRS.COM
🐛 COMMON VULNERABILITIES AND EXPOSURES 6[−]
29 AugCritical Vulnerability in Perl Module Installer Let Attackers Intercept TrafficA critical vulnerability has been identified in App::cpanminus (cpanm), a widely used tool for downloading and installing Perl modules. This vulnerability, CVE-2024-45321, exposes users to potential cyber threats. It allows attackers to intercept and manipulate traffic during mod…GBHACKERS.COM
29 AugUnpatched AVTECH IP Camera Flaw Exploited by Hackers for Botnet AttacksA years-old high-severity flaw impacting AVTECH IP cameras has been weaponized by malicious actors as a zero-day to rope them into a botnet. CVE-2024-7029 (CVSS score: 8.7), the vulnerability in question, is a "command injection vulnerability found in the brightness function of A…THEHACKERNEWS.COM
29 AugCritical Fortra FileCatalyst Workflow Vulnerability Patched (CVE-2024-6633)The flaw, known as CVE-2024-6633, involves the use of default credentials for the HSQL database, which could compromise the software's confidentiality, integrity, and availability.HELPNETSECURITY.COM
29 Aug KEVGoogle ups bug bounties for ‘high quality’ Chrome huntersGoogle has announced new compensation incentives for people who find vulnerabilities in the Chrome browser as part of the company’s Chrome Vulnerability Reward Program (VRP). The increases to its Chrome bug reward structure follow increases Google made last month for “ exceptiona…CSOONLINE.COM
29 Aug KEV#StopRansomware: RansomHub RansomwareSummary Note: This joint Cybersecurity Advisory is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observ…CISA.GOV
29 AugIranian threat actors targeting businesses and governments, CISA, Microsoft warnWarnings went out this week to infosec leaders about two groups of Iranian threat actors attacking American and other organizations. The US Cybersecurity and Infrastructure Security Agency (CISA), the FBI and the Defense Department’s Cyber Crime Centre said a group of Iranian hac…CSOONLINE.COM
⚠️ VULNERABILITY DISCLOSURE 19[−]
29 Aug5 best practices for running a successful threat-informed defense in cybersecurityIf you’ve been in cybersecurity for the past five to 10 years, you’ve probably heard the term “threat-informed defense.” Simply stated, a threat-informed defense focuses security teams, technologies, and budgets on those threats most likely to impact a particular organization, in…CSOONLINE.COM
29 AugWireshark 4.4.0 Released – What’s New!The Wireshark Foundation has announced the release of Wireshark 4.4.0, marking a significant update to the popular open-source network protocol analyzer. This latest version introduces a range of new features, improvements, and bug fixes, enhancing the tool’s capabilities i…GBHACKERS.COM
29 AugHundreds of LLM Servers Expose Corporate, Health & Other Online DataFlowise, a popular low-code tool backed by Y Combinator, was particularly at risk due to an authentication bypass vulnerability that allowed access to sensitive information such as GitHub tokens and API keys in plaintext.DARKREADING.COM
29 AugThe US offers a $2.5M bounty for the arrest of Angler Exploit Kit co-distributorThe US Department of State is offering a reward of $2.5 million for information leading to the arrest of Volodymyr Kadariya, the cybercriminal associated with an alleged scheme to transmit the Angler Exploit Kit (AEK) along with other malware . “The US Department of State is offe…CSOONLINE.COM
29 AugHow AitM Phishing Attacks Bypass MFA and EDR—and How to Fight BackAttackers are increasingly using new phishing toolkits (open-source, commercial, and criminal) to execute adversary-in-the-middle (AitM) attacks. AitM enables attackers to not just harvest credentials but steal live sessions, allowing them to bypass traditional phishing preventio…THEHACKERNEWS.COM
29 AugRussian government hackers found using exploits made by spyware companies NSO and IntellexaGoogle said the findings were an example of how exploits developed by spyware makers can end up in the hands of "dangerous threat actors." © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
29 AugRussian APT29 hackers use iOS, Chrome exploits created by spyware vendorsThe Russian state-sponsored APT29 hacking group has been observed using the same iOS and Android exploits created by commercial spyware vendors in a series of cyberattack between November 2023 and July 2024. [...]BLEEPINGCOMPUTER.COM
29 AugGoogle Catches Russian APT Reusing Exploits From Spyware Merchants NSO Group, IntellexaGoogle TAG publishes evidence showing identical or striking similarities between exploits used by Russia's APT29 and commercial spyware vendors. The post Google Catches Russian APT Reusing Exploits From Spyware Merchants NSO Group, Intellexa appeared first on SecurityWeek .SECURITYWEEK.COM
29 AugUnpatchable Zero Day In Surveillance Cam Is Being Exploited To Install MiraiPACKETSTORMSECURITY.COM
29 AugCISA Releases Three Industrial Control Systems AdvisoriesCISA released three Industrial Control Systems (ICS) advisories on August 29, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-242-01 Rockwell Automation ThinManager ThinServer ICSA-24-242-02 D…CISA.GOV
29 Aug$2.5 million reward offered for hacker linked to notorious Angler Exploit KitWho doesn't fancy earning US $2.5 million? That's the reward that's on offer from US authorities for information leading to the arrest and/or conviction of the man who allegedly was a key figure behind the development and distribution of the notorious Angler Exploit Kit. Read mor…TRIPWIRE.COM
29 AugMalware exploits 5-year-old zero-day to infect end-of-life IP camerasThe Corona Mirai-based malware botnet is spreading through a 5-year-old remote code execution (RCE) zero-day in AVTECH IP cameras, which have been discontinued for years and will not receive a patch. [...]BLEEPINGCOMPUTER.COM
29 AugRussian Hackers Exploit Safari and Chrome Flaws in High-Profile CyberattackCybersecurity researchers have flagged multiple in-the-wild exploit campaigns that leveraged now-patched flaws in Apple Safari and Google Chrome browsers to infect mobile users with information-stealing malware. "These campaigns delivered n-day exploits for which patches were ava…THEHACKERNEWS.COM
29 AugBuilding AI BOMs - Helen Oakley - PSW #841Larry and Helen walk us through the AI supply chain landscape. Learn what goes into building and using AI models and the dangers that could lurk within. Segment Resources: * Community efforts on AIBOM topic: https://github.com/aibom-squad Visit https://www.securityweekly.com/psw …YOUTUBE.COM
29 AugCISA and Partners Release Advisory on RansomHub RansomwareToday, CISA—in partnership with the Federal Bureau of Investigation (FBI), Multi-State Information Sharing and Analysis Center (MS-ISAC), and Department of Health and Human Services (HHS)—released a joint Cybersecurity Advisory, #StopRansomware: RansomHub Ransomware . This a…CISA.GOV
29 AugFBI: RansomHub ransomware breached 210 victims since Februarysubmitted by IllNess to securitynews 1 points | 0 comments https://www.bleepingcomputer.com/news/security/fbi-ransomhub-ransomware-breached-210-victims-since-february/ This relatively new ransomware-as-a-service (RaaS) operation extorts victims in exchange for not leaking stolen …INFOSEC.PUB
29 AugBreach Roundup: Ex-Verizon Worker Cops to Spying for ChinaAlso: Turn in Volodymyr Kadariya, Get $2.5 Million from Uncle Sam This week, an ex-Verizon employee pleaded guilty, SonicWall fixed critical flaws,South Korean hackers exploited a zero-day, U.S. retailer Dick's Sporting Goods was breached, the U.S. government offered a big reward…DATABREACHTODAY.CO.UK
29 AugThe North American Have I Been Pwned TourPresently sponsored by: 1Password Extended Access Management: Secure every sign-in for every app on every device. It was 2019 that I was last in North America, spending time in San Francisco, Los Angeles, Vegas, Denver, Minnesota, New York and Seattle. The year before, it was Mon…TROYHUNT.COM
📋 SECURITY BULLETINS 2[−]
29 AugICS/OT Security Firms Announce Product UpdatesDragos has announced the latest release of its OT security platform, and Nozomi Networks has teamed up with Mandiant for threat intelligence. The post ICS/OT Security Firms Announce Product Updates appeared first on SecurityWeek .SECURITYWEEK.COM
29 AugCisco Patches Multiple NX-OS Software VulnerabilitiesCisco on Wednesday announced NX-OS software updates that resolve multiple vulnerabilities, including a high-severity DoS bug. The post Cisco Patches Multiple NX-OS Software Vulnerabilities appeared first on SecurityWeek .SECURITYWEEK.COM
📢 SECURITY ADVISORIES 5[−]
29 AugCISA Launches New Portal to Improve Cyber Reportingsubmitted by IllNess to securitynews 1 points | 0 comments https://www.cisa.gov/news-events/news/cisa-launches-new-portal-improve-cyber-reporting Today, the Cybersecurity and Infrastructure Security Agency (CISA) announces its cyber incident reporting form moved to the new CISA S…INFOSEC.PUB
29 AugCalifornia AI Safety Bill Passes Key MarkerProposed Legislation Divides Tech World, AI Experts, Lawmakers California state lawmakers on Wednesday handed off a bill establishing first-in-the-nation safety standards for advanced artificial intelligence models to their Senate counterparts after weathering opposition from the…DATABREACHTODAY.CO.UK
29 AugNIS2 Directive: Focusing on Critical Infrastructure SecurityCompliance Expert on Readiness, Compliance and Rapid Incident Reporting The NIS2 Directive focuses on addressing gaps and strengthening the security of network and information systems across the European Union. NIS2 mandates rapid incident reporting and holds senior management ac…DATABREACHTODAY.CO.UK
🔥 INCIDENT REPORTING 17[−]
29 AugCrowdStrike Debuts Safeguards, Seeks to Blunt Outage ImpactCEO George Kurtz on New Recovery Techniques and Controls Implemented Post-Incident CEO George Kurtz said CrowdStrike has blunted the business impact from the massive July 19 outage and is implementing changes to prevent a repeat occurrence. CrowdStrike is boosting the resilience …DATABREACHTODAY.CO.UK
29 AugResearchers Unmasked the Notorious Threat Actor USDoDCrowdStrike researchers have uncovered the identity of the hacker USDoD, also known as EquationCorp, responsible for multiple high-profile data breaches. According to a report from TecMundo, USDoD is a man named Luan BG from Brazil.SECURITYAFFAIRS.COM
29 AugUS Sees Iranian Hackers Working Closely With Ransomware GroupsIranian state-sponsored APT Lemon Sandstorm is working closely with ransomware groups on monetizing network intrusions. The post US Sees Iranian Hackers Working Closely With Ransomware Groups appeared first on SecurityWeek .SECURITYWEEK.COM
29 AugCrypto scammers who hacked McDonald’s Instagram account say they stole $700,000Hackers who seized control of the official Instagram account of McDonald's claim that they managed to steal US $700,000 from unsuspecting investors by promoting a fake cryptocurrency. Read more in my article on the Hot for Security blog.BITDEFENDER.COM
29 AugRansomware Gang Leaks Data Allegedly Stolen From Microchip TechnologyThe Play ransomware group has published gigabytes of data allegedly stolen from US semiconductor supplier Microchip Technology. The post Ransomware Gang Leaks Data Allegedly Stolen From Microchip Technology appeared first on SecurityWeek .SECURITYWEEK.COM
29 AugThreat Group 'Bling Libra' Pivots to Extortion for Cloud AttacksThe threat group known as Bling Libra, previously linked to the Ticketmaster data breach, has shifted to the double extortion strategy in cloud attacks, according to researchers at Palo Alto Networks' Unit 42.DARKREADING.COM
29 Aug‘Big-game hunting’ – Ransomware gangs are focusing on more lucrative attacks2024 looks set to be the highest-grossing year yet for ransomware gangs, due - in no small part - to emboldened cybercriminals causing costly disruption at larger companies. Read more in my article on the Exponential-e blog.EXPONENTIAL-E.COM
29 AugU.S. Agencies Warn of Iranian Hacking Group's Ongoing Ransomware AttacksU.S. cybersecurity and intelligence agencies have called out an Iranian hacking group for breaching multiple organizations across the country and coordinating with affiliates to deliver ransomware. The activity has been linked to a threat actor dubbed Pioneer Kitten, which is als…THEHACKERNEWS.COM
29 AugIran-based Cyber Actors Enabling Ransomware Attacks on US OrganizationsThe Pioneer Kitten attackers are monetizing their access to compromised organizations' networks by selling domain admin credentials and full domain control privileges on cybercrime marketplaces.CISA.GOV
29 AugFewer, High-Profile Ransomware Attacks Are Yielding Higher RansomsAnalysis of cryptocurrency payments made on the blockchain highlights shifts in the size and frequency of ransomware attacks and may paint a bleak picture for the remainder of the year.KNOWBE4.COM
29 AugDick’s Sporting Goods Discloses CyberattackThe sporting goods retail chain said hte incident exposed portions of the its IT systems containing confidential information. The post Dick’s Sporting Goods Discloses Cyberattack appeared first on SecurityWeek .SECURITYWEEK.COM
29 AugFlying through Sea-Tac’s hacked airportSeveral days after the Port of Seattle announced a “possible” cyberattack on its systems, Sea-Tac Airport is still largely offline, causing chaos among travelers and acting as a standing warning against taking security lightly. Ask me how I know. The outage resulting …TECHCRUNCH.COM
29 AugVietnamese Human Rights Group Targeted in Multi-Year Cyberattack by APT32A non-profit supporting Vietnamese human rights has been the target of a multi-year campaign designed to deliver a variety of malware on compromised hosts. Cybersecurity company Huntress attributed the activity to a threat cluster known as APT32, a Vietnamese-aligned hacking crew…THEHACKERNEWS.COM
29 AugFBI: RansomHub ransomware breached 210 victims since FebruarySince surfacing in February 2024, RansomHub ransomware affiliates have breached over 200 victims from a wide range of critical U.S. infrastructure sectors. [...]BLEEPINGCOMPUTER.COM
29 AugFlorida Department of Health Informs RansomHub Hack VictimsCybercriminal Group Claims to Have Published 100 Gigabytes of Agency's Stolen Data Two months after RansomHub claimed to have published 100GBs of its stolen data on the dark web, the Florida Department of Health is notifying citizens that their sensitive information has been comp…DATABREACHTODAY.CO.UK
29 AugHalliburton cyberattack linked to RansomHub ransomware gangThe RansomHub ransomware gang is behind the recent cyberattack on oil and gas services giant Halliburton, which disrupted the company's IT systems and business operations. [...]BLEEPINGCOMPUTER.COM
🕵️ THREAT INTELLIGENCE 22[−]
29 AugNew Tickler malware used to backdoor US govt, defense orgssubmitted by IllNess to securitynews 2 points | 1 comments https://www.bleepingcomputer.com/news/security/APT33-Iranian-hacking-group-uses-new-tickler-malware-to-backdoor-us-govt-defense-orgs/INFOSEC.PUB
29 AugCrowdStrike Estimates the Tech Meltdown Caused by Its Bungling Left a $60 Million Dent in Its SalesMassive outage spooked customers that had been expected to close deals totaling $60 million during the final few weeks of CrowdStrike’s fiscal Q2. The post CrowdStrike Estimates the Tech Meltdown Caused by Its Bungling Left a $60 Million Dent in Its Sales appeared first on Securi…SECURITYWEEK.COM
29 AugISC Stormcast For Thursday, August 29th, 2024 https://isc.sans.edu/podcastdetail/9118, (Thu, Aug 29th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
29 AugCheck Point to Acquire Cyberint Technologies to Enhance OperationsCheck Point® Software Technologies Ltd. (NASDAQ: CHKP), a leading cybersecurity solutions provider, has announced a definitive agreement to acquire Cyberint Technologies Ltd. This acquisition aims to bolster Check Point’s Security Operations Center (SOC) capabilities and expand i…GBHACKERS.COM
29 AugThreat Actors Target the Middle East Using Fake Palo Alto GlobalProtect ToolThreat actors are targeting users in the Middle East by distributing sophisticated malware disguised as the Palo Alto GlobalProtect tool.TRENDMICRO.COM
29 AugLive Patching DLLs with Python, (Thu, Aug 29th)In my previous diary[ 1 ], I explained why Python became popular for attackers. One of the given reason was that, from Python scripts, it's possible to call any Windows API and, therefore, perform low-level activities on the system. In another script, besides a clas…ISC.SANS.EDU
29 AugIranian Hackers Use New Tickler Malware to Collect Intel From US, UAEThe Iran-linked state-sponsored hacker group tracked as Peach Sandstorm has started using a new backdoor in attacks aimed at the US and UAE. The post Iranian Hackers Use New Tickler Malware to Collect Intel From US, UAE appeared first on SecurityWeek .SECURITYWEEK.COM
29 AugQuishing Campaign Abuses Microsoft Sway to Host Phishing PagesThreat actors are abusing the Microsoft Sway service to host phishing pages leveraged in QR phishing attacks targeting Office 365 users. The post Quishing Campaign Abuses Microsoft Sway to Host Phishing Pages appeared first on SecurityWeek .SECURITYWEEK.COM
29 AugBeckhoff TwinCAT/BSD Vulnerabilities Expose PLCs to Tampering, DoS AttacksBeckhoff Automation has patched several vulnerabilities in its TwinCAT/BSD operating system for industrial PCs. The post Beckhoff TwinCAT/BSD Vulnerabilities Expose PLCs to Tampering, DoS Attacks appeared first on SecurityWeek .SECURITYWEEK.COM
29 AugUniqkey Raises €5.35 Million for Business Password Management SolutionsEuropean password management startup Uniqkey has raised €5.35 million (~$5.9 million) from BackingMinds. The post Uniqkey Raises €5.35 Million for Business Password Management Solutions appeared first on SecurityWeek .SECURITYWEEK.COM
29 AugIran’s APT42 Targets WhatsApp Users With Spear-Phishing AttacksResearchers at Meta have published details on Iranian spear-phishing attacks targeting WhatsApp accounts. The activity is attributed to APT42, a threat actor tied to Iran’s Islamic Revolutionary Guard Corps (IRGC).KNOWBE4.COM
29 AugHow to embrace Secure by Design principles while adopting AIThe rapid rise of generative artificial intelligence (gen AI) technologies has ushered in a transformative era for industries worldwide. Over the past 18 months, enterprises have increasingly integrated gen AI into their operations, leveraging its potential to innovate and stream…SECURITYINTELLIGENCE.COM
29 AugCybersecurity Maturity: A Must-Have on the CISO’s AgendaUndertaking a cybersecurity maturity review helps leaders establish a benchmark from which to build a proactive improvement strategy. The post Cybersecurity Maturity: A Must-Have on the CISO’s Agenda appeared first on SecurityWeek .SECURITYWEEK.COM
29 AugTelegram CEO allowed platform to be abused by criminals, French prosecutors allegeDays on from his arrest at Paris Le Bourget airport last Saturday, it looks as if Telegram founder and CEO Pavel Durov will be spending more time in France than he bargained for. On Wednesday, French prosecutors formally charged Durov with being complicit in allowing the Telegram…CSOONLINE.COM
29 AugAdm. Grace Hopper’s 1982 NSA Lecture Has Been PublishedThe “ long lost lecture ” by Adm. Grace Hopper has been published by the NSA. (Note that there are two parts.) It’s a wonderful talk: funny, engaging, wise, prescient. Remember that talk was given in 1982, less than a year before the ARPANET switched to TCP/IP a…SCHNEIER.COM
29 AugWhy Your Home Router is a Major IoT Security Risk | IoT Threats ExplainedMost people don't realize their home router is an IoT device, vulnerable to attacks if not secured properly. In this clip, Paddy Harrington explains the common mistakes people make with their home routers and why they're a prime target for cybercriminals. Learn the top IoT securi…YOUTUBE.COM
29 AugCryptohack Roundup: SEC Sends Wells Notice to OpenSeaAlso: WazirX Seeks Moratorium to Restructure Debt After Hack This week, the SEC sent OpenSea a Wells notice, WazirX sought protection from creditors, Ryan Salame reconsidered his guilty plea, objections to the FTX bankruptcy reorganization plan were filed, U.S. police recovered p…DATABREACHTODAY.CO.UK
29 AugFake Palo Alto GlobalProtect used as lure to backdoor enterprisesThreat actors target Middle Eastern organizations with malware disguised as the legitimate Palo Alto GlobalProtect Tool that can steal data and execute remote PowerShell commands to infiltrate internal networks further. [...]BLEEPINGCOMPUTER.COM
29 AugF5, Intel team up to boost AI delivery, securityF5 this week said it’s working with Intel to offer customers a way to develop and securely deliver AI-based inference models and workloads. Specifically, the companies will combine the security and traffic-management capabilities from F5’s NGINX Plus suite with Intel’s distributi…NETWORKWORLD.COM
29 AugFortinet expands security lineup with sovereign SASEThe concept of the secure access service edge ( SASE ) is one that many organizations have embraced in recent years. A challenge for some enterprise adopters, however, is a lack of control, as some SASE technologies rely on a vendor managing data in the cloud. That’s a challenge …NETWORKWORLD.COM
29 AugI want ALL The Firmware - PSW #841This week: I want all the firmware, its not just TP-Link, CVEs for malware, BLE and your health, faking your own death, serial ports, stealthy Linux malware, call this number, finding all the Wordpress plugin vulnerabilities! Visit https://www.securityweekly.com/psw for all the l…YOUTUBE.COM
📡 INFOSEC NEWS 10[−]
29 AugDurex India spilled customers’ private order dataDurex India has exposed its sensitive customer data, including their full names, email IDs and order details. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
29 AugFrench Authorities Charge Telegram CEO with Facilitating Criminal Activities on PlatformFrench prosecutors on Wednesday formally charged CEO Pavel Durov with facilitating a litany of criminal activity on the popular messaging platform and placed him under formal investigation following his arrest Saturday. Russian-born Durov, who is also a French citizen, has been c…THEHACKERNEWS.COM
29 AugNew Unicode QR Code Phishing Scam Bypasses Traditional SecurityCybercriminals are using Unicode QR codes in a new type of phishing attack that can bypass traditional security measures, putting users at risk of visiting malicious websites and having their data stolen.HACKREAD.COM
29 AugAWS Load Balancer Plagued by Authentication Bypass FlawMiggo has uncovered a security flaw in AWS Load Balancer that could allow cybercriminals to bypass authentication and authorization services, potentially affecting over 15,000 applications.SECURITYBOULEVARD.COM
29 AugAI Pulse: Sticker Shock, Rise of the Agents, Rogue AIThis issue of AI Pulse is all about agentic AI: what it is, how it works, and why security needs to be baked in from the start to prevent agentic AI systems from going rogue once they’re deployed.TRENDMICRO.COM
29 AugSophos Firewall v21 early access is now availableEnjoy exciting enhancements and top-requested features.SOPHOS.COM
29 AugDeep-TEMPEST: image hijacking via HDMI | Kaspersky official blogUruguayan researchers have demonstrated how to recover text displayed on a monitor by reconstructing its image from spurious HDMI noise.KASPERSKY.COM
29 AugWindows 10 KB5041582 update released with 5 changes and fixesMicrosoft has released the August 2024 preview update for Windows 10, version 22H2, with fixes for issues causing system freezes and memory leaks. [...]BLEEPINGCOMPUTER.COM