MATLOCK.CA
117Articles
10Categories
2024-09-17Date
🚨
CISA Adds Four Known Exploited Vulnerabilities to CatalogCISA has added four new vulnerabilities to its  Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2014-0497 Adobe Flash Player Integer Underflow Vulnerability CVE-2013-0643  Adobe Flash Player Incorrect Default Permissions Vulnerabi…
KEVCISA.GOV — Tue, 17 Sep 24 1
🐛
SolarWinds Issues Patch for Critical ARM Vulnerability Enabling RCE Attacks
THEHACKERNEWS.COM — 17 Sep 2024
🐛
Spring Framework Path Traversal Vulnerability Threatens Millions
SECURITYONLINE.INFO — 17 Sep 2024
🐛
CISA Warns of Windows MSHTML & Progress WhatsUp Gold Flaw Exploited Widely
GBHACKERS.COM — 17 Sep 2024
🐛
Microsoft re-categorizes fixed Trident bug as zero day
CSOONLINE.COM — 17 Sep 2024
🐛
CVE backlog update: The NVD struggles as attackers change tactics
KEVSECURITYINTELLIGENCE.COM — 17 Sep 2024
🐛
Zero-Click Calendar Invite: Critical macOS Vulnerability Chain Uncovered
SECURITYONLINE.INFO — 17 Sep 2024
🐛
Critical Vulnerability in AutoGPT Puts Over 166,000 Projects at Risk
SECURITYONLINE.INFO — 17 Sep 2024
🐛
CVE-2024-38183 GroupMe Elevation of Privilege Vulnerability
MSRC.MICROSOFT.COM — 17 Sep 2024
🐛
CVE-2024-43460 Dynamics 365 Business Central Elevation of Privilege Vulnerability
MSRC.MICROSOFT.COM — 17 Sep 2024
⚠️
Preparing for the next big cyber threat
KEVCSOONLINE.COM — 17 Sep 2024
⚠️
Entro Security Labs Releases Non-Human Identities Research Security Advisory
CSOONLINE.COM — 17 Sep 2024
⚠️
AI-SPM buyer’s guide: 9 security posture management tools to protect your AI infrastructure
CSOONLINE.COM — 17 Sep 2024
⚠️
Woo Skimmer Uses Style Tags and Image Extension to Steal Card Details
SUCURI.NET — 17 Sep 2024
⚠️
'Void Banshee' Exploits Second Microsoft Zero-Day
DARKREADING.COM — 17 Sep 2024
⚠️
DoJ: Chinese Man Used Spear-Phishing to Obtain Software From NASA, Military
SECURITYWEEK.COM — 17 Sep 2024
⚠️
Recent WhatsUp Gold Vulnerabilities Possibly Exploited in Ransomware Attacks
KEVSECURITYWEEK.COM — 17 Sep 2024
⚠️
Ransomware whistleblower: Columbus could have avoided its mistakes
CSOONLINE.COM — 17 Sep 2024
⚠️
Hackers Exploiting Selenium Grid Tool To Deploy Exploit Kit & Proxyjacker
GBHACKERS.COM — 17 Sep 2024
⚠️
Python Developers Targeted with Malware During Fake Job Interviews
SCHNEIER.COM — 2024-09-17
⚠️
Apple Vision Pro Vulnerability Exposed Virtual Keyboard Inputs to Attackers
THEHACKERNEWS.COM — 17 Sep 2024
⚠️
Researchers Seize Part of Internet Infrastructure by Exploiting an Expired WHOIS Domain
DARKREADING.COM — 17 Sep 2024
⚠️
European digital identity: this is how the EU’s big bet is evolving
CSOONLINE.COM — 17 Sep 2024
⚠️
D-Link Fixes Critical RCE, Hardcoded Credential Flaws in WiFi 6 Routers
BLEEPINGCOMPUTER.COM — 17 Sep 2024
⚠️
Trends and Dangers in Open-Source Software Dependencies
HELPNETSECURITY.COM — 17 Sep 2024
⚠️
Dependency Confusion Could Have Led to RCE in Google Cloud Platform
SECURITYWEEK.COM — 17 Sep 2024
⚠️
PKfail Secure Boot bypass remains a significant risk two months later
BLEEPINGCOMPUTER.COM — 17 Sep 2024
⚠️
CISA and FBI Release Secure by Design Alert on Eliminating Cross-Site Scripting Vulnerabilities
CISA.GOV — Tue, 17 Sep 24 1
⚠️
Navigating the future of OT security
CSOONLINE.COM — 17 Sep 2024
⚠️
The vCISO’s role in Incident Response Accountability - William Klusovsky - CSP #192
YOUTUBE.COM — 2024-09-17
⚠️
Supply Chain Attack on Google Cloud Composer Could Have Resulted in Remote Code Execution
TENABLE.COM — 17 Sep 2024
⚠️
CISA Releases Three Industrial Control Systems Advisories
CISA.GOV — Tue, 17 Sep 24 1
⚠️
Remotely Exploding Pagers
SCHNEIER.COM — 2024-09-17
⚠️
Update: PoC Exploit Released for Windows Hyper-V Zero-Day Vulnerability
KEVSECURITYONLINE.INFO — 17 Sep 2024
⚠️
Exploiting Chamilo during a Red Team engagement
QUARKSLAB.COM — 2024-09-17
⚠️
Bringing Secure Coding Concepts to Developers - Dustin Lehr - ASW #299
YOUTUBE.COM — 2024-09-17
⚠️
VMware Patches Remote Code Execution Flaw Found in Chinese Hacking Contest
SECURITYWEEK.COM — 17 Sep 2024
⚠️
Construction firms breached in brute force attacks on accounting software
BLEEPINGCOMPUTER.COM — 17 Sep 2024
⚠️
Exploding Hezbollah Pagers Not Likely a Cybersecurity Attack
DATABREACHTODAY.CO.UK — 2024-09-17
⚠️
Broadcom fixes critical RCE bug in VMware vCenter Server
BLEEPINGCOMPUTER.COM — 17 Sep 2024
⚠️
Microsoft fixes Authenticator design flaw after eight years overwriting accounts
CSOONLINE.COM — 17 Sep 2024
⚠️
Can CISA’s Federal Cybersecurity Alignment Plan Really Work?
DATABREACHTODAY.CO.UK — 2024-09-17
⚠️
UK Orgs Tout Government Help in Ransomware Incidents
DATABREACHTODAY.CO.UK — 2024-09-17
⚠️
Zero-Click RCE Bug in macOS Calendar Exposes iCloud Data
DARKREADING.COM — 17 Sep 2024
⚠️
ESET Research Podcast: EvilVideo
WELIVESECURITY.COM — 17 Sep 2024
📋
Warning to ServiceNow admins: Block publicly available KB articles
CSOONLINE.COM — 17 Sep 2024
📢
Chinese Hackers Charged for Multi-Year Spear-Phishing Attacks
GBHACKERS.COM — 17 Sep 2024
📢
Scattered Spider Ensnares Cloud Admins Using Social Engineering Techniques
DARKREADING.COM — 17 Sep 2024
📢
Apple security advisory (AV24-525)
CYBER.GC.CA — 2024-09-17
📢
Chrome Switching to NIST-Approved ML-KEM Quantum Encryption
BLEEPINGCOMPUTER.COM — 17 Sep 2024
📢
HPE security advisory (AV24-526)
CYBER.GC.CA — 2024-09-17
📢
CISA urges software devs to weed out XSS vulnerabilities
BLEEPINGCOMPUTER.COM — 17 Sep 2024
🔥
Ticketmaster boss who repeatedly hacked rival firm sentenced
BITDEFENDER.COM — 17 Sep 2024
🔥
23:59, Time to Exfiltrate!, (Tue, Sep 17th)
ISC.SANS.EDU — 17 Sep 2024
🔥
Key Russian Hacker Group Attacking Users With .NET Built Ransomware
GBHACKERS.COM — 17 Sep 2024
🔥
UK Labels Data Centers as Critical National Infrastructure
GOVINFOSECURITY.COM — 17 Sep 2024
🔥
Kransom Ransomware Disguised as a Game Through DLL Side-Loading
HACKREAD.COM — 17 Sep 2024
🔥
Record $65m Settlement for Hacked Patient Photos
INFOSECURITY-MAGAZINE.COM — 17 Sep 2024
🔥
17-Year-Old Arrested in Connection with Cyber Attack Affecting Transport for London
THEHACKERNEWS.COM — 17 Sep 2024
🔥
BlackCloak Raises $17 Million to Protect Executives, High-Profile Individuals
SECURITYWEEK.COM — 17 Sep 2024
🔥
23andMe Pledges $30 Million to the 6.4 Million People Affected by Data Breach
THERECORD.MEDIA — 17 Sep 2024
🔥
Wait... Did Pagers Get Hacked To Blow People Up?
PACKETSTORMSECURITY.COM — 17 Sep 2024
🔥
Ransomware gangs now abuse Microsoft Azure tool for data theft
BLEEPINGCOMPUTER.COM — 17 Sep 2024
🔥
AT&T pays $13 million FCC settlement over 2023 data breach
BLEEPINGCOMPUTER.COM — 17 Sep 2024
🔥
Temu denies breach after hacker claims theft of 87 million data records
BLEEPINGCOMPUTER.COM — 17 Sep 2024
🕵️
ISC Stormcast For Tuesday, September 17th, 2024 https://isc.sans.edu/podcastdetail/9140, (Tue, Sep 17th)
ISC.SANS.EDU — 17 Sep 2024
🕵️
Will potential security gaps derail Microsoft’s Copilot?
COMPUTERWORLD.COM — 17 Sep 2024
🕵️
Creating An AI Honeypot To Engage With Attackers Sophisticatedly
GBHACKERS.COM — 17 Sep 2024
🕵️
North Korean Hackers Attacking LinkedIn Users to Deliver RustDoor Malware
GBHACKERS.COM — 17 Sep 2024
🕵️
Ipset Hash is full, cannot add more elements
KBIN.MELROY.ORG — 17 Sep 2024
🕵️
[Cybersecurity Awareness Month] Prepare for All Manner of Cyber Threats Like the Heroes of ‘The Inside Man’
KNOWBE4.COM — 17 Sep 2024
🕵️
Apple Drops Spyware Case Against NSO Group, Citing Risk of Threat Intelligence Exposure
THEHACKERNEWS.COM — 17 Sep 2024
🕵️
Hydden Raises $4.4M in Seed Funding for Identity Security Platform
SECURITYWEEK.COM — 17 Sep 2024
🕵️
Element Security Emerges From Stealth With CTEM Solution, $5M in Funding
SECURITYWEEK.COM — 17 Sep 2024
🕵️
CyberheistNews Vol 14 #38 [CODE RED] A Must-See New Webinar: How To Block North Korean Infiltrators
KNOWBE4.COM — 17 Sep 2024
🕵️
Over 1,000 ServiceNow instances found leaking corporate KB data
BLEEPINGCOMPUTER.COM — 17 Sep 2024
🕵️
Cost of Cybercrime Estimated 15.6 Trillion in 2029
KNOWBE4.COM — 17 Sep 2024
🕵️
Software Security Firm RunSafe Raises $12 Million in Series B Funding
SECURITYWEEK.COM — 17 Sep 2024
🕵️
The AI Threat: Deepfake or Deep Fake? Unraveling the True Security Risks
SECURITYWEEK.COM — 17 Sep 2024
🕵️
D-Link Patches Critical Router Vulnerabilities
SECURITYWEEK.COM — 17 Sep 2024
🕵️
North Korean Hackers Target Cryptocurrency Users on LinkedIn with RustDoor Malware
THEHACKERNEWS.COM — 17 Sep 2024
🕵️
C/side Raises $6 Million to Secure the Browser Supply Chain
SECURITYWEEK.COM — 17 Sep 2024
🕵️
Hezbollah Members Among Hundreds Wounded after Pagers Explode in Lebanon and Syria, Officials Say
SECURITYWEEK.COM — 17 Sep 2024
🕵️
Intezer Raises $33M to Extend AI-Powered SOC Platform
SECURITYWEEK.COM — 17 Sep 2024
🕵️
Back to the office, Void Banshee, ServiceNow, Taiwan, Dlink, C++, Aaran Leyland... - SWN #414
YOUTUBE.COM — 2024-09-17
🕵️
A TLD Takeover, An LLM CTF, A Firmware Flaw, 6 Truths of Cyber Risk - ASW #299
YOUTUBE.COM — 2024-09-17
🕵️
BlackCloak Raises $17M to Boost Cybersecurity for Executives
DATABREACHTODAY.CO.UK — 2024-09-17
🕵️
Hundreds of Pagers Exploded in Lebanon and Syria in a Deadly Attack. Here’s What We Know.
SECURITYWEEK.COM — 17 Sep 2024
🕵️
Apple Moves to Dismiss Suit Against Spyware Firm NSO Group
DATABREACHTODAY.CO.UK — 2024-09-17
🕵️
Remote attack on pagers used by Hezbollah caused 9 deaths and thousands of injuries
SECURITYAFFAIRS.COM — 17 Sep 2024
🌐
Binance Warns of Rising Clipper Malware Attacks Targeting Cryptocurrency Users
THEHACKERNEWS.COM — 17 Sep 2024
🌐
Malware Campaign Locks Browser in Kiosk Mode to Steal Google Credentials
BLEEPINGCOMPUTER.COM — 17 Sep 2024
🌐
U.S. Treasury Sanctions Executives Linked to Intellexa Predator Spyware Operation
THEHACKERNEWS.COM — 17 Sep 2024
🌐
Rising Clipper Malware Attacks Target Cryptocurrency Users
THEHACKERNEWS.COM — 17 Sep 2024
🌐
Predator Spyware Kingpins Added To US Sanctions List
PACKETSTORMSECURITY.COM — 17 Sep 2024
🌐
Malware Attack Targets US-Taiwan Defense Conference
PACKETSTORMSECURITY.COM — 17 Sep 2024
🌐
US Hits Intellexa Spyware Maker With More Sanctions
THERECORD.MEDIA — 17 Sep 2024
🎙️
The AI Fix #16: GPT-4o1, AI time travelers, and where’s my driverless car?
GRAHAMCLULEY.COM — 17 Sep 2024
📡
How Google and Yahoo’s shift to stricter email standards proved a windfall for this Armenian startup
TECHCRUNCH.COM — 17 Sep 2024
📡
Stealthy Fileless Attack Targets Attendees Of Upcoming US-Taiwan Defense Industry Event
CYBLE.COM — 17 Sep 2024
📡
How to Investigate ChatGPT activity in Google Workspace
THEHACKERNEWS.COM — 17 Sep 2024
📡
Metabase Q Raises $11M in Series A Extension Funding
FINSMES.COM — 17 Sep 2024
📡
The Dark Nexus Between Harm Groups and ‘The Com’ – Krebs on Security
KREBSONSECURITY.COM — 17 Sep 2024
📡
Strider Secures $55M to Fuel AI Growth and Global Expansion
BANKINFOSECURITY.COM — 17 Sep 2024
📡
Russia’s RT News Agency Has ‘Cyber Operational Capabilities,’ Assists in Military Procurement, State Department Says
THERECORD.MEDIA — 17 Sep 2024
📡
Hacker Tricked ChatGPT Into Providing Detailed Instructions to Make a Homemade Bomb
SECURITYAFFAIRS.COM — 17 Sep 2024
📡
Google Chrome Switches to ML-KEM for Post-Quantum Cryptography Defense
THEHACKERNEWS.COM — 17 Sep 2024
📡
Meta to Train AI Models Using Public U.K. Facebook and Instagram Posts
THEHACKERNEWS.COM — 17 Sep 2024
📡
The cybersecurity labor gap now stands at 4M+ open jobs. Intezer has raised $33M for AI tools to plug it
TECHCRUNCH.COM — 17 Sep 2024
📡
Cisco’s second layoff of 2024 affects thousands of employees
TECHCRUNCH.COM — 17 Sep 2024
📡
D-Link Patches Critical Router Vulnerabilities
PACKETSTORMSECURITY.COM — 17 Sep 2024
📡
France Uses Tough, Untested Cybercrime Law To Target Durov
PACKETSTORMSECURITY.COM — 17 Sep 2024
📡
EchoStrike: Generate Undetectable Reverse Shells, Perform Process Injection
HELPNETSECURITY.COM — 17 Sep 2024
📡
riverside darren guccione on f1 and brand alignment with wi enterprise security
YOUTUBE.COM — 2024-09-17
📡
Securing Data Growth in the Cloud Era: Strategies for Cyber Resilience
DATABREACHTODAY.CO.UK — 2024-09-17
📡
Cloudflare outage cuts off access to websites in some regions
BLEEPINGCOMPUTER.COM — 17 Sep 2024
📡
Discord launches end-to-end encrypted voice and video chats
TECHCRUNCH.COM — 17 Sep 2024