matlock.ca // THREAT INTELLIGENCE — 2024-09-11

92Articles

9Categories

2024-09-11Date

🚨

CISA adds SonicWall SonicOS, ImageMagick, and Linux Kernel Bugs to its Known Exploited Vulnerabilities catalog. The ImageMagick vulnerability (CVE-2016-3714) could allow remote code execution through crafted images. Linux Kernel flaw (CVE-2017-1000253) enables privilege escalation for unpatched systems.

KEVSECURITYAFFAIRS.COM — 11 Sep 2024

🐛

Ivanti Releases Urgent Security Updates for Endpoint Manager Vulnerabilities

THEHACKERNEWS.COM — 11 Sep 2024

🐛

FreeBSD Issues Urgent Security Advisory for CVE-2024-43102 (CVSS 10)

SECURITYONLINE.INFO — 11 Sep 2024

🐛

Microsoft warns of bug reversing updates on old Windows 10, patches critical flaws

CSOONLINE.COM — 11 Sep 2024

🐛

Critical Command Injection Flaw in Zyxel NAS Devices, Hotfixes Released for End-of-Support Products

SECURITYONLINE.INFO — 11 Sep 2024

🐛

Siemens Industrial Edge Management Vulnerable to Authorization Bypass Attacks

GBHACKERS.COM — 11 Sep 2024

🐛

Siemens Issues Critical Security Advisory for User Management Component (UMC)

SECURITYONLINE.INFO — 11 Sep 2024

🐛

Researchers Hacked Car EV Chargers To Execute Arbitrary Code

GBHACKERS.COM — 11 Sep 2024

⚠️

Bug Left Some Windows PCs Dangerously Unpatched – Krebs on Security

INFOSEC.PUB — 11 Sep 2024

⚠️

Opus Security Elevates Vulnerability Management With its AI-Powered Multi-Layered Prioritization Engine

GBHACKERS.COM — 11 Sep 2024

⚠️

Immediate threats or long-term security? Deciding where to focus is the modern CISO’s dilemma

CSOONLINE.COM — 11 Sep 2024

⚠️

12 dark web monitoring tools

CSOONLINE.COM — 11 Sep 2024

⚠️

Microsoft Issues Patches for 79 Flaws, Including 3 Actively Exploited Windows Flaws

KEVTHEHACKERNEWS.COM — 11 Sep 2024

⚠️

Data Breach at Golf Course Management Firm KemperSports Impacts 62,000

SECURITYWEEK.COM — 11 Sep 2024

⚠️

Windows Elevation of Privilege Flaw Exploited by QakBot Malware, PoC Published

SECURITYONLINE.INFO — 11 Sep 2024

⚠️

Evaluating the Effectiveness of Reward Modeling of Generative AI Systems

SCHNEIER.COM — 2024-09-11

⚠️

Microsoft Discloses 4 Zero-Days in September Update

DARKREADING.COM — 11 Sep 2024

⚠️

OpenZiti: Secure, Open-Source Networking for Your Applications

HELPNETSECURITY.COM — 11 Sep 2024

⚠️

Singapore Police Arrest Six Hackers Linked to Global Cybercrime Syndicate

THEHACKERNEWS.COM — 11 Sep 2024

⚠️

Forget the Talent Gap – It’s an Experience Gap

KNOWBE4.COM — 11 Sep 2024

⚠️

Criminal IP and IPLocation.io Join Forces for Enhanced IP Analysis

BLEEPINGCOMPUTER.COM — 11 Sep 2024

⚠️

Threat Actors Exploiting Legitimate Software For Stealthy Cyber Attacks

GBHACKERS.COM — 11 Sep 2024

⚠️

Microsoft Says Windows Update Zero-Day Being Exploited To Undo Security Fixes

PACKETSTORMSECURITY.COM — 11 Sep 2024

⚠️

Adobe fixes Acrobat Reader zero-day with public PoC exploit

BLEEPINGCOMPUTER.COM — 11 Sep 2024

⚠️

Bashing Windows Bugs, Take 2: Microsoft Restores Nixed Fixes

DATABREACHTODAY.CO.UK — 2024-09-11

⚠️

Tech Stack Uniformity has Become a Systemic Vulnerability

HELPNETSECURITY.COM — 11 Sep 2024

⚠️

Geopolitical Tensions Fuel Growth in Cross-Border Fraud

DATABREACHTODAY.CO.UK — 2024-09-11

⚠️

Legal Firms Increasingly Targeted by Phishing Attacks, Ransomware

KNOWBE4.COM — 11 Sep 2024

⚠️

TLS security subverted due to CA use of outdated WHOIS servers

CSOONLINE.COM — 11 Sep 2024

⚠️

NoName Apparently Allies With RansomHub Operation

DATABREACHTODAY.CO.UK — 2024-09-11

⚠️

Election Experts Still Demanding More Federal Cyber Support

DATABREACHTODAY.CO.UK — 2024-09-11

📋

Adobe Security Update, Multiple Vulnerabilities Patched

GBHACKERS.COM — 11 Sep 2024

📋

Chrome 128 Update Resolves High-Severity Vulnerabilities

SECURITYWEEK.COM — 11 Sep 2024

📋

ICS Patch Tuesday: Advisories Published by Siemens, Schneider, ABB, CISA

SECURITYWEEK.COM — 11 Sep 2024

📢

New RansomHub Attack Killing Kaspersky’s TDSSKiller To Disable EDR

GBHACKERS.COM — 11 Sep 2024

📢

Live Webinar | From Compliance to Culture: Leveraging ISO 27001 and Global Standards for Security Excellence

DATABREACHTODAY.CO.UK — 2024-09-11

📢

Google Chrome security advisory (AV24-512)

CYBER.GC.CA — 2024-09-11

📢

[Control systems] ABB security advisory (AV24-513)

CYBER.GC.CA — 2024-09-11

📢

Compliance and Risk Management Startup Datricks Raises $15 Million

SECURITYWEEK.COM — 11 Sep 2024

📢

Intel security advisory (AV24-514)

CYBER.GC.CA — 2024-09-11

📢

Cisco security advisory (AV24-515)

CYBER.GC.CA — 2024-09-11

📢

Palo Alto Networks security advisory (AV24-516)

CYBER.GC.CA — 2024-09-11

🔥

1.7 million credit card records leaked by payment gateway. Cyber Security Today for Wednesday, September 11, 2024

CYBERSECURITYTODAY.LIBSYN.COM — 11 Sep 2024

🔥

CosmicBeetle Upgrades Arsenal with New ScRansom Ransomware to Target SMBs

WELIVESECURITY.COM — 11 Sep 2024

🔥

DHS Cyber Review Board Will Announce Next Investigation ‘Soon’

THERECORD.MEDIA — 11 Sep 2024

🔥

PIXHELL Attack Allows Air-Gap Jumping via Noise From Screens

SECURITYWEEK.COM — 11 Sep 2024

🔥

DDoS Attacks Double With Governments Most Targeted

INFOSECURITY-MAGAZINE.COM — 11 Sep 2024

🔥

NPD Breach Underscores The Need For Stronger Digital Identities

PACKETSTORMSECURITY.COM — 11 Sep 2024

🔥

Google Introduces ‘Air-Gapped’ Backup Vault to Thwart Ransomware

SECURITYWEEK.COM — 11 Sep 2024

🕵️

ISC Stormcast For Wednesday, September 11th, 2024 https://isc.sans.edu/podcastdetail/9134, (Wed, Sep 11th)

ISC.SANS.EDU — 11 Sep 2024

🕵️

German Cyber Agency Investigating APT28 Phishing Campaign

BANKINFOSECURITY.COM — 11 Sep 2024

🕵️

Python Libraries Used for Malicious Purposes, (Wed, Sep 11th)

ISC.SANS.EDU — 11 Sep 2024

🕵️

New Android Spyware As TV Streaming App Steals Sensitive Data From Devices

GBHACKERS.COM — 11 Sep 2024

🕵️

Hacker pleads guilty after arriving on plane from Ukraine with a laptop crammed full of stolen credit card details

BITDEFENDER.COM — 11 Sep 2024

🕵️

Developers Beware: Lazarus Group Uses Fake Coding Tests to Spread Malware

THEHACKERNEWS.COM — 11 Sep 2024

🕵️

Microsoft Adds Support for Post-Quantum Algorithms in SymCrypt Library

SECURITYWEEK.COM — 11 Sep 2024

🕵️

Ivanti Patches Critical Vulnerabilities in Endpoint Manager

SECURITYWEEK.COM — 11 Sep 2024

🕵️

DockerSpy: Search for images on Docker Hub, extract sensitive information - Help Net Security

HELPNETSECURITY.COM — 11 Sep 2024

🕵️

Rogue WHOIS server gives researcher superpowers no one should ever have

ARSTECHNICA.COM — 11 Sep 2024

🕵️

Quad7 botnet evolves to more stealthy tactics to evade detection

SECURITYAFFAIRS.COM — 11 Sep 2024

🕵️

ColorTokens Strengthens Zero Trust With PureID Acquisition

DATABREACHTODAY.CO.UK — 2024-09-11

🕵️

Chinese ‘Crimson Palace’ Espionage Campaign Keeps Hacking Southeast Asian Governments

THERECORD.MEDIA — 11 Sep 2024

🕵️

Losses From Investment Scams have Increased Six-Fold Since 2021

KNOWBE4.COM — 11 Sep 2024

🕵️

Chinese hackers linked to cybercrime syndicate arrested in Singapore

BLEEPINGCOMPUTER.COM — 11 Sep 2024

🕵️

Intel Informs Customers About Over a Dozen Processor Vulnerabilities

SECURITYWEEK.COM — 11 Sep 2024

🕵️

Beyond Immature Rhetoric: The Case Against Mockery and Ambulance Chasing in the Security Industry

SECURITYWEEK.COM — 11 Sep 2024

🕵️

Chinese Hackers Linked To Syndicate Arrested In Singapore

PACKETSTORMSECURITY.COM — 11 Sep 2024

🕵️

SplxAI Raises $2 Million to Protect AI Chatbot Apps

SECURITYWEEK.COM — 11 Sep 2024

🕵️

Mental Health Records Database Found Exposed on Web

DATABREACHTODAY.CO.UK — 2024-09-11

🕵️

French Cyber Agency Warns of APT28 Hacks Against Think Tanks

DATABREACHTODAY.CO.UK — 2024-09-11

🕵️

Fake password manager coding test used to hack Python developers

BLEEPINGCOMPUTER.COM — 11 Sep 2024

🌐

Earth Preta Upgrades Attack Strategy via Removable Drives

THECYBEREXPRESS.COM — 11 Sep 2024

🌐

Quad7 Botnet Targets More SOHO and VPN Routers, Media Servers

BLEEPINGCOMPUTER.COM — 11 Sep 2024

🌐

Quad7 Botnet Expands to Target SOHO Routers and VPN Appliances

THEHACKERNEWS.COM — 11 Sep 2024

🌐

6 common Geek Squad scams and how to defend against them

WELIVESECURITY.COM — 11 Sep 2024

📡

Experts Demonstrate How to Bypass WhatsApp View Once Feature

SECURITYAFFAIRS.COM — 11 Sep 2024

📡

Gallup Poll Bugs Open Door to XSS Attacks

DARKREADING.COM — 11 Sep 2024

📡

UK: National Crime Agency, Responsible for Fighting Cybercrime, ‘On Its Knees,’ Warns Report

THERECORD.MEDIA — 11 Sep 2024

📡

Reputation Hijacking With JamPlus: A Maneuver To Bypass Smart App Control (SAC)

CYBLE.COM — 11 Sep 2024

📡

FBI Report Says Cryptocurrency Scams Surged in 2023

BANKINFOSECURITY.COM — 11 Sep 2024

📡

Why Is It So Challenging to Go Passwordless?

THEHACKERNEWS.COM — 11 Sep 2024

📡

AI Cybersecurity Needs to be as Multi-Layered as the System it’s Protecting

HELPNETSECURITY.COM — 11 Sep 2024

📡

Proposed Underwater Datacenter Surprises Regulators Who Hadn't Heard About It

PACKETSTORMSECURITY.COM — 11 Sep 2024

📡

Hacker Steals Data On 300k From Avis

PACKETSTORMSECURITY.COM — 11 Sep 2024

📡

When You Pay A Ransom And The Decryptor Doesn't Work

PACKETSTORMSECURITY.COM — 11 Sep 2024

📡

Security Budgets Continue Modest Growth, but Staff Hiring Slows Considerably, Research Finds

CYBERSECURITYDIVE.COM — 11 Sep 2024

📡

DragonRank Black Hat SEO Campaign Targeting IIS Servers Across Asia and Europe

THEHACKERNEWS.COM — 11 Sep 2024

📡

DoJ Distributes $18.5 Million to Western Union Fraud Victims

INFOSECURITY-MAGAZINE.COM — 11 Sep 2024

📡

WordPress.org to require 2FA for plugin developers by October

BLEEPINGCOMPUTER.COM — 11 Sep 2024

📡

Alert notification as phishing bait | Kaspersky official blog

KASPERSKY.COM — 11 Sep 2024

📡

UK’s ICO and NCA Sign Memorandum to Boost Reporting and Resilience

INFOSECURITY-MAGAZINE.COM — 11 Sep 2024

📡

Why Hellman & Friedman Wants to Unload Checkmarx for $2.5B

DATABREACHTODAY.CO.UK — 2024-09-11