94Articles
9Categories
2024-09-13Date
🚨 CISA KEV 3[−]
13 Sep KEV20 dollars exposes a huge flaw in Internet security: Cyber Security Today for Friday the 13th September, 2024Cyber Security Today: TfL Data Breach, Critical Vulnerabilities, and Insider Threats Join host Jim Love in 'Cyber Security Today' as we delve into the latest cyber security incidents and updates. Learn about Transport for London's data breach affecting thousands of customers, cri…CYBERSECURITYTODAY.LIBSYN.COM
13 Sep KEVCISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its  Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2024-8190 Ivanti Cloud Services Appliance OS Command Injection Vulnerability These types of vulnerabilities are frequent attack vectors for ma…CISA.GOV
13 Sep KEVIvanti Releases Security Update for Cloud Services ApplianceIvanti has released a security update addressing an OS command injection vulnerability (CVE-2024-8190) affecting Ivanti Cloud Services Appliance (CSA) 4.6 (all versions before patch 519). A cyber threat actor could exploit this vulnerability to take control of an affected system.…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 16[−]
13 SepChromium: CVE-2024-8636 Heap buffer overflow in SkiaThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.MSRC.MICROSOFT.COM
13 SepChromium: CVE-2024-8639 Use after free in AutofillThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.MSRC.MICROSOFT.COM
13 SepChromium: CVE-2024-8638 Type Confusion in V8This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.MSRC.MICROSOFT.COM
13 SepChromium: CVE-2024-8637 Use after free in Media RouterThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2021) for more information.MSRC.MICROSOFT.COM
13 SepDocker Desktop Vulnerabilities Let Attackers Execute Remote CodeDocker has addressed critical vulnerabilities in Docker Desktop that could allow attackers to execute remote code. These vulnerabilities, identified as CVE-2024-8695 and CVE-2024-8696, highlight the ongoing risks associated with software extensions and the importance of timely up…GBHACKERS.COM
13 Sep KEVHackers Exploiting Apache OFBiz RCE Vulnerability in the WildA critical vulnerability in the Apache OFBiz framework has been actively exploited by hackers. The flaw designated CVE-2024-45195, allows for unauthenticated remote code execution (RCE), posing a threat to organizations relying on OFBiz for their operations. CVE-2024-45195 –…GBHACKERS.COM
13 SepBeware Of Weaponized Excel Document That Delivers Fileless Remcos RATA recent advanced malware campaign leverages a phishing attack to deliver a seemingly benign Excel file that exploits CVE-2017-0199. By exploiting this vulnerability in Microsoft Office, attackers are able to embed malicious code within the file using OLE objects.  It utiliz…GBHACKERS.COM
13 SepCitrix Workspace App Vulnerable to Privilege Escalation AttacksCitrix released a security bulletin (CTX691485) detailing two critical vulnerabilities in the Citrix Workspace app for Windows. These vulnerabilities, identified as CVE-2024-7889 and CVE-2024-7890, pose significant security risks. They allow local privilege escalation that could …GBHACKERS.COM
13 SepAdobe Completes Fix for Reader Bug with Known PoC ExploitAdobe has completed a fix for a critical bug in Reader with a known Proof of Concept (PoC) exploit for CVE-2024-41869. The update also addresses another critical flaw, CVE-2024-45112, in various versions of Acrobat and Reader.HELPNETSECURITY.COM
13 SepProgress WhatsUp Gold Exploited Just Hours After PoC Release for Critical FlawMalicious actors are likely leveraging publicly available proof-of-concept (PoC) exploits for recently disclosed security flaws in Progress Software WhatsUp Gold to conduct opportunistic attacks. The activity is said to have commenced on August 30, 2024, a mere five hours after a…THEHACKERNEWS.COM
13 SepTwo Critical RCE Flaws Discovered in Docker DesktopTwo critical remote code execution (RCE) flaws, identified as CVE-2024-8695 and CVE-2024-8696, have been uncovered in Docker Desktop, a popular tool for containerized application development.SECURITYONLINE.INFO
13 SepUpdate: Hackers Target Apache OFBiz RCE Flaw CVE-2024-45195 After PoC Exploit ReleasedHackers are targeting an RCE vulnerability (CVE-2024-45195) in Apache OFBiz after the release of a Proof of Concept (PoC) exploit. Malicious requests have been detected, with attacks focusing on the financial services industry and business sectors.SECURITYONLINE.INFO
13 SepSolarWinds Reveals RCE Flaw in Access Rights ManagerSolarWinds has disclosed two vulnerabilities in their Access Rights Manager (ARM) software: CVE-2024-28990 (CVSS 6. 3) allows for a hardcoded credential authentication bypass, while CVE-2024-28991 (CVSS 9. 0) enables remote code execution.SECURITYONLINE.INFO
13 SepCritical Severity Flaw Exposes Siemens Industrial SystemsThis flaw, tracked as CVE-2024-35783 and with a CVSS score of 9.4, affects SIMATIC Process Historian, PCS 7, and WinCC, allowing attackers to gain elevated privileges and execute arbitrary commands.SECURITYONLINE.INFO
13 SepApple Vision Pro Vulnerability Exposed Virtual Keyboard Inputs to AttackersDetails have emerged about a now-patched security flaw impacting Apple's Vision Pro mixed reality headset that, if successfully exploited, could allow malicious attackers to infer data entered on the device's virtual keyboard. The attack, dubbed GAZEploit, has been assigned the C…THEHACKERNEWS.COM
13 Sep KEVNewly patched Ivanti CSA flaw under active exploitationIT management solutions provider Ivanti confirmed that a high-severity flaw patched this week in an older version of its Cloud Service Appliance (CSA) has been exploited in attacks. The vulnerability was fixed as part of the company’s September security update, which also include…CSOONLINE.COM
⚠️ VULNERABILITY DISCLOSURE 25[−]
13 SepThe US is Preparing Criminal Charges in Iran Hack Targeting Trump, AP Sources SayThe prospect of criminal charges comes as the Justice Department has raised alarms about aggressive efforts by countries including Russia and Iran to meddle in the presidential election. The post The US is Preparing Criminal Charges in Iran Hack Targeting Trump, AP Sources Say ap…SECURITYWEEK.COM
13 SepToo many companies use non-enterprise grade remote access tools in their OT networks, says ClarotyIn May 2020, Iranian attackers attempted to alter chlorine levels in drinking water in a cyber attack against an Israeli water utility, and in February 2021, a hacker actually accessed a Florida city’s water treatment plant monitoring software and changed the level of sodium hydr…CSOONLINE.COM
13 SepMastercard acquires Recorded Future: How will threat intelligence transform the payments industry?As cyber criminals grow ever more crafty with their tactics, enterprises are increasingly turning to threat intelligence , which — much like military threat intelligence — involves collecting, processing and analyzing data to determine behaviors, motives, and target areas. To hel…CSOONLINE.COM
13 SepNew Linux Malware Campaign Exploits Oracle Weblogic to Mine CryptocurrencyCybersecurity researchers have uncovered a new malware campaign targeting Linux environments to conduct illicit cryptocurrency mining. The activity, which specifically singles out the Oracle Weblogic server, is designed to deliver malware dubbed Hadooken, according to cloud secur…THEHACKERNEWS.COM
13 SepGitLab Updates Resolve Critical Pipeline Execution VulnerabilityGitLab has released security updates to resolve multiple vulnerabilities in GitLab CE/EE, including a critical-severity pipeline execution flaw. The post GitLab Updates Resolve Critical Pipeline Execution Vulnerability appeared first on SecurityWeek .SECURITYWEEK.COM
13 SepAflac’s shift to passkeys brings big business benefitsAt supplemental insurance provider Aflac, safeguarding information collected on behalf of employees and the customers and businesses they serve is a key tenet of the company’s culture, says Tim Callahan, global CISO. “Cybercriminals are innovative, willing to take risks, and have…CSOONLINE.COM
13 SepUnderstanding and Mitigating the Risks of Email ForwardingEmail forwarding, while a seemingly harmless and convenient feature, can pose significant risks to data security and compliance. When misused or left unchecked, email forwarding can lead to inadvertent data leaks, exposing sensitive information to unauthorized parties and resulti…CSOONLINE.COM
13 SepTrickMo Android Trojan Exploits Accessibility Services for On-Device Banking FraudCybersecurity researchers have uncovered a new variant of an Android banking trojan called TrickMo that comes packed with new capabilities to evade analysis and display fake login screens to capture victims' banking credentials. "The mechanisms include using malformed ZIP files i…THEHACKERNEWS.COM
13 SepFortinet confirms a breach that likely leaked 440 GB of customer dataFortinet has confirmed a data breach that has allegedly compromised 440 GB of Azure SharePoint files containing Fortinet customer data. The company, in a Thursday blog , said it suffered a security breach that has compromised a “limited” number of customer files without involving…CSOONLINE.COM
13 SepChinese-speaking Hackers Linked to DragonRank SEO Manipulator ServiceBy exploiting web app services, the attackers deploy a web shell to launch malware and gather credentials, compromising IIS servers to spread the BadIIS malware. The malware facilitates proxy ware and SEO fraud by manipulating search engine rankings.TALOSINTELLIGENCE.COM
13 SepIn Other News: Possible Adobe Reader Zero-Day, Hijacking Mobi TLD, WhatsApp View Once ExploitNoteworthy stories that might have slipped under the radar: a possible Adobe Reader zero-day, researchers mistakenly hijack .mobi TLD, and an exploited WhatsApp View Once bypass. The post In Other News: Possible Adobe Reader Zero-Day, Hijacking Mobi TLD, WhatsApp View Once Exploi…SECURITYWEEK.COM
13 SepApple Patches Vision Pro Vulnerability to Prevent GAZEploit AttacksApple has released a patch for Vision Pro after researchers showed how an attacker can obtain passwords typed by looking at keys. The post Apple Patches Vision Pro Vulnerability to Prevent GAZEploit Attacks appeared first on SecurityWeek .SECURITYWEEK.COM
13 SepCISA Releases Analysis of FY23 Risk and Vulnerability AssessmentsCISA has released an analysis and infographic detailing the findings from the 121 Risk and Vulnerability Assessments (RVAs) conducted across multiple critical infrastructure sectors in fiscal year 2023 (FY23). The analysis details a sample attack path including tactics and steps …CISA.GOV
13 SepFake Recruiter Coding Tests Target Developers With Malicious Python PackagesThe Lazarus Group has been targeting developers in a new VMConnect campaign, using fake job interviews to trick them into downloading malicious software packages from open-source repositories.REVERSINGLABS.COM
13 SepFortinet confirms customer data breachOn Thursday, cybersecurity giant Fortinet disclosed a breach involving customer data.  In a statement posted online, Fortinet said an individual intruder accessed “a limited number of files” stored on a third-party shared cloud drive belonging to Fortinet, which included dat…TECHCRUNCH.COM
13 SepNew cryptomining campaign infects WebLogic servers with Hadooken malwareA new attack campaign compromises misconfigured Oracle WebLogic servers and deploys a backdoor program called Hadooken along with a cryptocurrency mining program, apparently to take advantage of weak administrative passwords and gain access, according to researchers from Aqua Sec…CSOONLINE.COM
13 SepCybersecurity at the speed of Formula One - Darren Guccione, Harry Wilson - ESW #375Ever wondered what it's like to be responsible for the cybersecurity of a sports team? How about when that sports team is one of the world's most successful Formula One teams? I can't describe how excited we are to share this interview. This interview is basically two huge F1 ner…YOUTUBE.COM
13 SepCybersecurity has too many distractions and can the White House fix BGP? - ESW #375This week, in the enterprise security news, 1. Cribl, Zafran, and US states raise funding 2. Cisco, Check Point, Salesforce, and Absolute Software acquire cybersecurity startups 3. AI Security products are picking up steam 4. You probably shouldn’t be too worried about Yubikey cl…YOUTUBE.COM
13 SepNew Office of the CISO Paper: Organizing Security for Digital TransformationSo some of you are thinking “ewwww … another security transformation paper” and this is understandable. A lot of people (and now … a lot of robots too) have written vague, hand-wavy “leadership” papers on how to transform security, include security into digital transformation or …MEDIUM.COM
13 Sep KEVIvanti warns high severity CSA flaw is now exploited in attacksIvanti confirmed on Friday that a high severity vulnerability in its Cloud Services Appliance (CSA) solution is now actively exploited in attacks. [...]BLEEPINGCOMPUTER.COM
13 SepRemote Access Tool Sprawl Increases OT RisksOver-Deployment of Tools Raises Security and Operational Concerns Excessive deployment of remote access tools in operational technology environments expands attack surfaces and creates operational challenges, warn security researchers from Claroty. Remote access tools are essenti…DATABREACHTODAY.CO.UK
13 SepApple Suddenly Drops NSO Group Spyware LawsuitApple said there's “too significant a risk” of exposing the anti-exploit work needed to fend off the very adversaries involved in the case. The post Apple Suddenly Drops NSO Group Spyware Lawsuit appeared first on SecurityWeek .SECURITYWEEK.COM
13 SepTfL requires in-person password resets for 30,000 employees after hack​Transport for London (TfL) says that all staff (roughly 30,000 employees) must attend in-person appointments to verify their identities and reset passwords following a cybersecurity incident disclosed almost two weeks ago. [...]BLEEPINGCOMPUTER.COM
13 SepCosmicBeetle joins the ranks of RansomHub affiliates – Week in security with Tony AnscombeESET research also finds that CosmicBeetle attempts to exploit the notoriety of the LockBit ransomware gang to advance its own endsWELIVESECURITY.COM
13 SepA new path for Kyber on the webPosted by David Adrian, David Benjamin, Bob Beck & Devon O'Brien, Chrome Team We previously posted about experimenting with a hybrid post-quantum key exchange, and enabling it for 100% of Chrome Desktop clients. The hybrid key exchange used both the pre-quantum X25519 algorithm, …SECURITY.GOOGLEBLOG.COM
📢 SECURITY ADVISORIES 4[−]
13 SepUS Sanctions Russian Media for Secretly Funding Ukraine WarBiden Administration Hits Russian Media with Additional Sanctions for Covert Operations The U.S. Department of State announced additional sanctions Friday against the Kremlin news outlet RT after officials received new information from employees of the organization that revealed …DATABREACHTODAY.CO.UK
13 SepIrish Data Protection Commission Probes Google's AI ModelInquiry Launched to Determine the Company's Compliance With GDPR The Irish data regulator launched an investigation to determine Google's compliance with a European privacy law when it was developing its PaLM 2 artificial intelligence model. Google launched the multilingual gener…DATABREACHTODAY.CO.UK
🔥 INCIDENT REPORTING 14[−]
13 SepFortinet Confirms Data Breach Following Hacker’s Claim of 440GB Data TheftFortinet, a leading cybersecurity firm, has confirmed a data breach involving a third-party cloud service after a hacker, known by the alias “Fortibitch,” claimed to have stolen 440GB of data. The breach primarily affects a small number of Fortinet’s Asia-Pacifi…GBHACKERS.COM
13 SepFortinet Data Breach Impacts Customer InformationFortinet has confirmed suffering a data breach impacting customers after a hacker leaked files allegedly stolen from the company. The post Fortinet Data Breach Impacts Customer Information appeared first on SecurityWeek .SECURITYWEEK.COM
13 SepNew Linux Malware "Hadooken' Targets Oracle WebLogic ApplicationsA new Linux malware named Hadooken is targeting Oracle WebLogic servers, dropping Tsunami malware and deploying a cryptominer. WebLogic servers are vulnerable to cyberattacks due to flaws like deserialization and weak access controls.AQUASEC.COM
13 SepNew ‘Hadooken’ Linux Malware Targets WebLogic ServersThe recently observed Hadooken malware targeting Oracle WebLogic applications is linked to multiple ransomware families. The post New ‘Hadooken’ Linux Malware Targets WebLogic Servers appeared first on SecurityWeek .SECURITYWEEK.COM
13 SepUK Teen Arrested Over Transport for London HackA 17-year-old from England has been arrested by the NCA over the recent cyberattack on Transport for London. The post UK Teen Arrested Over Transport for London Hack appeared first on SecurityWeek .SECURITYWEEK.COM
13 SepHacker Tricks ChatGPT to Get Details for Making Homemade BombsA hacker known as Amadon has reportedly managed to bypass the safety protocols of ChatGPT, a popular AI chatbot developed by OpenAI, to generate instructions for creating homemade explosives. This incident raises significant questions about generative AI technologies’ secur…GBHACKERS.COM
13 SepSay Goodbye to Phishing: Must-Haves to Eliminate Credential TheftEven as cyber threats become increasingly sophisticated, the number one attack vector for unauthorized access remains phished credentials (Verizon DBIR, 2024). Solving this problem resolves over 80% of your corporate risk, and a solution is possible.  However, most tools ava…THEHACKERNEWS.COM
13 SepThe Dark Nexus Between Harm Groups and ‘The Com’A cyberattack that shut down some of the top casinos in Las Vegas last year quickly became one of the most riveting security stories of 2023: It was the first known case of native English-speaking hackers in the United States and Britain teaming up with ransomware gangs based in …KREBSONSECURITY.COM
13 Sep17-Year-Old Arrested in Connection with Cyber Attack Affecting Transport for LondonBritish authorities on Thursday announced the arrest of a 17-year-old male in connection with a cyber attack affecting Transport for London (TfL). "The 17-year-old male was detained on suspicion of Computer Misuse Act offenses in relation to the attack, which was launched on TfL …THEHACKERNEWS.COM
13 SepIs Paying Hackers Funding Terrorism?🔥Ever wonder if paying a ransomware demand is the right move? 💻 Some cybersecurity experts argue that paying hackers might be fueling something bigger—terrorism. In this video, we dive into why paying ransoms might be more dangerous than you think and what you should do instead. 🔥…YOUTUBE.COM
13 SepRansomHub claims Kawasaki cyberattack, threatens to leak stolen dataKawasaki Motors Europe has announced that it's recovering from a cyberattack that disrupted service disruptions as the RansomHub ransomware gang threatens to leak stolen data. [...]BLEEPINGCOMPUTER.COM
13 SepChinese-Speaking Hackers Manipulate SEO Rankings GloballyThreat Actor Advertises SEO Services in Chinese and English A Chinese search engine optimization operation hacked more than 35 web servers and stole credentials in a campaign to boost the online rankings of malicious porn sites. Researchers from Cisco Talos dubbed the threat clus…DATABREACHTODAY.CO.UK
13 Sep23andMe to pay $30 million in genetics data breach settlementDNA testing giant 23andMe has agreed to pay $30 million to settle a lawsuit over a data breach that exposed the personal information of 6.4 million customers in 2023. [...]BLEEPINGCOMPUTER.COM
13 SepPort of Seattle hit by Rhysida ransomware in August attackPort of Seattle, the United States government agency overseeing Seattle's seaport and airport, confirmed on Friday that the Rhysida ransomware operation was behind a cyberattack impacting its systems over the last three weeks. [...]BLEEPINGCOMPUTER.COM
🕵️ THREAT INTELLIGENCE 20[−]
13 SepISC Stormcast For Friday, September 13th, 2024 https://isc.sans.edu/podcastdetail/9136, (Fri, Sep 13th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
13 SepSquareX, Awarded Rising Star Category in CybersecAsia Readers’ Choice Awards 2024SquareX has been named a winner of the prestigious Rising Star category in CybersecAsia Readers’ Choice Awards 2024 Awards, due to its outstanding achievements in its innovative browser security solutions. For the past 5 years, this award has been honouring cybersecurity or…GBHACKERS.COM
13 Sep1.3 Million Android TV Boxes Infected by Vo1d MalwareDoctor Web warns of the new Vo1d Android malware infecting roughly 1.3 million TV boxes running older OS versions. The post 1.3 Million Android TV Boxes Infected by Vo1d Malware appeared first on SecurityWeek .SECURITYWEEK.COM
13 SepHouse Report Shows Chinese Cranes a Security Risk to US PortsA joint report from the Committees on China and Homeland Security warns of the security risks posed by Chinese cranes in US ports. The post House Report Shows Chinese Cranes a Security Risk to US Ports appeared first on SecurityWeek .SECURITYWEEK.COM
13 SepUK Data Centers Gain Critical Infrastructure Status, Raising Green Belt ControversyThe designation of UK data centers as Critical National Infrastructure strengthens cyber defenses, but a proposed £3.75B data center on protected Green Belt land sparks debate. The post UK Data Centers Gain Critical Infrastructure Status, Raising Green Belt Controversy appeared f…SECURITYWEEK.COM
13 SepIranian APT Hackers Target Iraqi Government in New Espionage CampaignThe group deployed sophisticated malware named Veaty and Spearal against Iraqi targets, using distinctive command and control mechanisms, including a custom email-based channel identified within the Veaty malware.THERECORD.MEDIA
13 SepWhat can businesses learn from the rise of cyber espionage?It’s not just government organizations that need to worry about cyber espionage campaigns — the entire business world is also a target. Multipolarity has been a defining trend in geopolitics in recent years. Rivalries between the world’s great powers continue to…SECURITYINTELLIGENCE.COM
13 SepAttackers Using HTTP Response Headers to Redirect Victims to Phishing PagesResearchers at Palo Alto Networks’ Unit 42 warn that attackers are using refresh entries in HTTP response headers to automatically redirect users to phishing pages without user interaction.KNOWBE4.COM
13 SepKali Linux 2024.3 Released With New Hacking ToolsKali Linux 2024.3, the most recent iteration of Offensive Security’s highly regarded Debian-based distribution designed for ethical hacking and penetration testing, has been released. This new release is a major update that includes 11 new hacking tools and focuses on behin…GBHACKERS.COM
13 SepOff-Topic Fridaysubmitted by shellsharks to cybersecurity 2 points | 0 comments Wanna chat about something non-infosec amongst those of us who frequent /c/cybersecurity? Here’s your chance! (Keep things civil & respectful please)INFOSEC.PUB
13 SepNorth Korean hackers target Python devs with malware disguised as coding tests — hack has been underway for a yearsubmitted by BrikoX to cybersecurity 2 points | 0 comments https://www.tomshardware.com/tech-industry/cyber-security/python-developers-targeted-by-north-korean-lazarus-group-with-fake-jobs-and-malware-disguised-as-coding-tests Fake Python job opportunities used to attack programm…TOMSHARDWARE.COM
13 SepBlack Hat/DEF CON 2024: Latest Insights on Security and AIISMG Compendium Showcases More Than 50 Interviews on Threats, Emerging Solutions Welcome to Information Security Media Group's Black Hat and DEF CON 2024 Compendium featuring latest insights from the industry's top cybersecurity researchers and ethical hackers, as well as perspec…DATABREACHTODAY.CO.UK
13 SepOktane 2024 and the Current State of Identity Security - Harish Peri - ESW #375We are a month away from Oktane -- the biggest identity event of the year. Okta is bringing thousands of identity industry thought leaders, IT and security executives, and other tech leaders together on October 15-17 to discuss the changing landscape for security and identity, ho…YOUTUBE.COM
13 SepMy TedXBillings TalkOver the summer, I gave a talk about AI and democracy at TedXBillings. The recording is <a href="https://www.youtube.com/watch?v=uqC4nb7fLpY”>live . Please share. I’m hoping for more than 200 views….SCHNEIER.COM
13 SepLi-On, Lazarus, Whatsup, Scattered Spider, Hadooken, Dead People, Aaran Leyland... - SWN #413Through the Fire and Li-On Flames, Lazarus, Whatsup, Scattered Spider, Hadooken, Dead People, Aaran Leyland, and More on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-413YOUTUBE.COM
13 SepPost-CrowdStrike Fallout: Microsoft Redesigning EDR Vendor Access to Windows KernelMicrosoft is revamping how anti-malware tools interact with the Windows kernel to avoid another CrowdStrike faulty update catastrophe. The post Post-CrowdStrike Fallout: Microsoft Redesigning EDR Vendor Access to Windows Kernel appeared first on SecurityWeek .SECURITYWEEK.COM
13 SepISMG Editors: Will Microsoft Rethink Windows Security?Also: Mastercard's Big Acquisition and US Election Security Efforts In the latest weekly update, ISMG editors discussed the fallout from the CrowdStrike global IT outage on endpoint security tools, Mastercard's monumental acquisition of Recorded Future to bolster its cybersecurit…DATABREACHTODAY.CO.UK
13 SepFriday Squid Blogging: Squid as a Legislative Negotiating TacticThis is an odd story of serving squid during legislative negotiations in the Philippines.SCHNEIER.COM
13 SepStrider Secures $55M to Fuel AI Growth and Global ExpansionSeries C Funds to Fuel AI Research, Government Sector Investment and Global Growth Strider Technologies has raised $55 million in a Series C funding round to strengthen its AI capabilities and fuel global expansion efforts. The money will enhance the company’s AI-driven insights,…DATABREACHTODAY.CO.UK
13 Sep1.3 million Android-based TV boxes backdoored; researchers still don’t know howsubmitted by BrikoX to cybersecurity 3 points | 0 comments https://arstechnica.com/security/2024/09/researchers-still-dont-know-how-1-3-million-android-streaming-boxes-were-backdoored/ Infection corrals devices running AOSP-based firmware into a botnet.ARSTECHNICA.COM
🌐 CYBER THREAT LANDSCAPE 2[−]
13 SepNew Linux malware Hadooken targets Oracle WebLogic serversHackers are targeting Oracle WebLogic servers to infect them with a new Linux malware named "Hadooken, which launches a cryptominer and a tool for distributed denial-of-service (DDoS) attacks. [...]BLEEPINGCOMPUTER.COM
🎙️ PODCASTS 1[−]
13 SepTransatlantic Cable podcast episode 363 | Kaspersky official blogEpisode 363 has brain rot, stolen mobiles in China and streaming fraud!KASPERSKY.COM
📡 INFOSEC NEWS 9[−]
13 SepFinding Honeypot Data Clusters Using DBSCAN: Part 2, (Fri, Sep 13th)In an earlier diary [1], I reviewed how using tools like DBSCAN [2] can be useful to group similar data. I used DBSCAN to try and group similar commands submitted to Cowrie [3] and URL paths submitted to the DShield web honeypot [4]. DBSCAN…ISC.SANS.EDU
13 SepThe Secrets to Safeguarding Your Digital Identity!🔐 Your digital identity is more vulnerable than you think! In this short, we uncover the crucial steps to defining, activating, and protecting your online presence. From managing privileges to real-time threat detection, learn how identity security is evolving and why it’s more i…YOUTUBE.COM
13 SepEliminating the Need for Stored Credentials in HealthcareAuthentication requiring stored credentials is not only vulnerable to phishing and other compromises, but using these credentials can also be cumbersome for busy clinicians, said Tina Srivastava, co-founder of Badge, a provider of deviceless, tokenless authentication technology.DATABREACHTODAY.CO.UK