126Articles
10Categories
2024-09-19Date
🚨 CISA KEV 3[−]
19 Sep KEVThe Known Exploited Vulnerability catalogue, aka the KEV - Tod Beardsley - PSW #843Gain insights into the CISA KEV straight from one of the folks at CISA, Tod Beardsley, in this episode of Below the Surface. Learn how KEV was created, where the data comes from, and how you should use it in your environment. This segment is sponsored by Eclypsium. Visit https://…YOUTUBE.COM
19 Sep KEVIvanti Releases Admin Bypass Security Update for Cloud Services ApplianceIvanti has released a security update to address an admin bypass vulnerability ( CVE-2024-8963 ) affecting Ivanti Cloud Services Appliance (CSA) version 4.6.  A cyber threat actor could exploit this vulnerability in conjunction with CVE-2024-8190 –detailed in a Sept. 13 Ivan…CISA.GOV
19 Sep KEVCISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its  Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2024-8963 Ivanti Cloud Services Appliance (CSA) Path Traversal Vulnerability These types of vulnerabilities are frequent attack vectors for ma…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 18[−]
19 SepGitLab Patches Critical SAML Authentication Bypass Flaw in CE and EE EditionsGitLab has released patches to address a critical flaw impacting Community Edition (CE) and Enterprise Edition (EE) that could result in an authentication bypass. The vulnerability is rooted in the ruby-saml library (CVE-2024-45409, CVSS score: 10.0), which could allow an attacke…THEHACKERNEWS.COM
19 SepGitLab Releases Critical Security Patch for CVE-2024-45409 (CVSS 10) VulnerabilityGitLab has released a critical security patch for the CVE-2024-45409 vulnerability (CVSS 10). It impacts both GitLab Community Edition (CE) and Enterprise Edition (EE) and originates from the Ruby-SAML library used for SAML authentication.SECURITYONLINE.INFO
19 SepUpdate: PoC Exploit Released for Unauthenticated RCE in Veeam Backup & ReplicationSecurity researcher Sina Kheirkhah has published a PoC exploit for CVE-2024-40711 in Veeam Backup & Replication, a critical vulnerability with a CVSS score of 9.8. The flaw allows unauthenticated RCE, posing a threat to enterprise environments.SECURITYONLINE.INFO
19 SepPatch Issued for Critical VMware vCenter Flaw Allowing Remote Code ExecutionBroadcom has released a patch for a critical security flaw in VMware vCenter Server, allowing remote code execution through a heap overflow vulnerability in the DCE/RPC protocol (CVE-2024-38812).THEHACKERNEWS.COM
19 SepMicrosoft Confirms CVE-2024-37985 as Zero-Day Bug in WindowsMicrosoft has confirmed CVE-2024-37985 as a zero-day bug in Windows with a CVSS score of 5.9. It is a Windows Kernel information disclosure vulnerability, allowing attackers to access heap memory from a privileged process on a vulnerable server.SECURITYONLINE.INFO
19 SepPoC Exploit Released for CVE-2024-7965 Zero-Day Chrome VulnerabilityA proof-of-concept (PoC) exploit has been released for a critical zero-day vulnerability identified as CVE-2024-7965, affecting Google’s Chrome browser. This vulnerability explicitly targets the V8 JavaScript engine and is exclusive to ARM64 architectures. The release of th…GBHACKERS.COM
19 Sep KEVCISA: Oracle Vulnerabilities From ‘Miracle Exploit’ Targeted in AttacksCISA is warning organizations that two Oracle vulnerabilities tracked as CVE-2022-21445 and CVE-2020-14644 are being exploited in the wild. The post CISA: Oracle Vulnerabilities From ‘Miracle Exploit’ Targeted in Attacks appeared first on SecurityWeek .SECURITYWEEK.COM
19 SepCVE-2024-38221 Microsoft Edge (Chromium-based) Spoofing VulnerabilityInformation published.MSRC.MICROSOFT.COM
19 SepChromium: CVE-2024-8904 Type Confusion in V8This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
19 SepChromium: CVE-2024-8908 Inappropriate implementation in AutofillThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
19 SepChromium: CVE-2024-8909 Inappropriate implementation in UIThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
19 SepChromium: CVE-2024-8905 Inappropriate implementation in V8This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
19 SepChromium: CVE-2024-8907 Insufficient data validation in OmniboxThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
19 SepChromium: CVE-2024-8906 Incorrect security UI in DownloadsThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
19 SepCVE-2024-38207 Microsoft Edge (HTML-based) Memory Corruption VulnerabilityUpdated CWE value. This is an informational change only.MSRC.MICROSOFT.COM
⚠️ VULNERABILITY DISCLOSURE 32[−]
19 SepEarth Baxia Uses Spear-Phishing and GeoServer Exploit to Target APACWe observed Earth Baxia carrying out targeted attacks against APAC countries that involved advanced techniques like spear-phishing and customized malware, with data suggesting that the group operates from China.TRENDMICRO.COM
19 SepCyber Attack on Dr.Web Forces Servers DisconnectionCybersecurity firm Dr.Web faced a targeted cyber attack on its infrastructure on September 14. The incident prompted the company to disconnect its servers as a precautionary measure. Despite the disruption, no users protected by Dr.Web’s systems were affected. Dr.Web specia…GBHACKERS.COM
19 SepAuthorities Seized Ghost Communication Platform Used by Cyber CriminalsAuthorities have successfully dismantled “Ghost,” an encrypted communication platform allegedly used by cybercriminals worldwide. The operation, led by the Australian Federal Police (AFP) and involving international law enforcement agencies, marks a major victory in t…GBHACKERS.COM
19 SepRansomware Gangs Now Abuse Microsoft Azure Tool for Data TheftRansomware groups such as BianLian and Rhysida are now exploiting Microsoft Azure tools like Storage Explorer and AzCopy to steal data from compromised networks and store it in Azure Blob storage.BLEEPINGCOMPUTER.COM
19 SepGitLab Patches Critical Authentication Bypass VulnerabilityGitLab has patched a critical-severity SAML authentication bypass affecting both Community Edition (CE) and Enterprise Edition (EE) instances. The post GitLab Patches Critical Authentication Bypass Vulnerability appeared first on SecurityWeek .SECURITYWEEK.COM
19 SepCompanies skip security hardening in rush to adopt AISecurity analysis of assets hosted on major cloud providers’ infrastructure shows that many companies are opening security holes in a rush to build and deploy AI applications. Common findings include use of default and potentially insecure settings for AI-related services, deploy…CSOONLINE.COM
19 SepUpdate: PKfail Secure Boot Bypass Remains a Significant Risk Two Months LaterApproximately nine percent of tested firmware images use non-production cryptographic keys that are publicly known, making Secure Boot devices vulnerable to UEFI bootkit malware attacks.BLEEPINGCOMPUTER.COM
19 SepClever 'GitHub Scanner' campaign abusing repos to push malwareA clever threat campaign is abusing GitHub repositories to distribute malware targeting users who frequent an open source project repository or are subscribed to email notifications from it. A malicious GitHub user opens a new "issue" on an open source repository falsely claiming…BLEEPINGCOMPUTER.COM
19 SepMicrosoft warns of ransomware attacks on US healthcareRansomware group Vanilla Tempest is targeting US healthcare providers using the INC ransomware service, according to Microsoft. “Microsoft observed the financially motivated threat actor tracked as Vanilla Tempest using INC ransomware for the first time to target the healthcare s…CSOONLINE.COM
19 SepHealthcare's Diagnosis is Critical: The Cure is Cybersecurity HygieneCybersecurity in healthcare has never been more urgent. As the most vulnerable industry and largest target for cybercriminals, healthcare is facing an increasing wave of cyberattacks. When a hospital's systems are held hostage by ransomware, it’s not just data at risk — it’s the …THEHACKERNEWS.COM
19 Sep KEVCISA Warns of Actively Exploited Adobe Flash Player VulnerabilitiesThe CISA has directed federal agencies to remove Flash Player by October 8, 2024, to safeguard sensitive data and critical operations. Adobe officially ended Flash Player support in 2020, recognizing its security risks.SECURITYONLINE.INFO
19 SepEarth Baxia Uses Spear-Phishing and GeoServer Exploit to Target APAC RegionIn this campaign aimed at the APAC region, Earth Baxia used a new backdoor named EAGLEDOOR, which supports multiple communication protocols for information gathering and payload delivery.TRENDMICRO.COM
19 SepNeed better network performance? Adopt better secure networking strategiesMany organizations consider digital acceleration a key initiative because those in the C-Suite and IT leadership understand that to be competitive they must have a high-performance network. However, it can be difficult to know what to focus on because many different factors impac…CSOONLINE.COM
19 SepTor Claims Network is Safe Following Enforcement Infiltration to Expose CriminalsThe anonymity of the Tor network has been scrutinized in a recent investigation by German law enforcement agencies. Despite these revelations, the Tor Project maintains that its network remains secure for users. This article delves into the details of the investigation, its impli…GBHACKERS.COM
19 SepCISA Releases Six Industrial Control Systems AdvisoriesCISA released six Industrial Control Systems (ICS) advisories on September 19, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-263-01 Rockwell Automation RSLogix 5 and RSLogix 500 ICSA-24-263-…CISA.GOV
19 SepNew TeamTNT Cryptojacking Campaign Targets CentOS Servers with RootkitThe cryptojacking operation known as TeamTNT has likely resurfaced as part of a new campaign targeting Virtual Private Server (VPS) infrastructures based on the CentOS operating system. "The initial access was accomplished via a Secure Shell (SSH) brute force attack on the victim…THEHACKERNEWS.COM
19 SepFBI Shuts Down Chinese BotnetThe FBI has shut down a botnet run by Chinese hackers: The botnet malware infected a number of different types of internet-connected devices around the world, including home routers, cameras, digital video recorders, and NAS drives. Those devices were used to help infiltrate sens…SCHNEIER.COM
19 SepPolice dismantles phone unlocking ring linked to 483,000 victimsA joint law enforcement operation has dismantled an international criminal network that used the iServer automated phishing-as-a-service platform to unlock the stolen or lost mobile phones of 483,000 victims worldwide. [...]BLEEPINGCOMPUTER.COM
19 SepGermany seizes 47 crypto exchanges used by ransomware gangsGerman law enforcement seized 47 cryptocurrency exchange services hosted in the country that facilitated illegal money laundering activities for cybercriminals, including ransomware gangs. [...]BLEEPINGCOMPUTER.COM
19 SepVMware Releases Security Advisory for VMware Cloud Foundation and vCenter ServerVMware released a security advisory addressing vulnerabilities in the VMware Cloud Foundation and the vCenter Server. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the foll…CISA.GOV
19 SepExploding Pagers - PSW #843Apple drops a lawsuit to avoid exposing secrets, what does it mean for the security industry if MS locks down the kernel?, exploding pagers, more things from the past: Adobe Flash exploits, robots get rid of your data, PKFail is still a thing, Android TV malware is back: now with…YOUTUBE.COM
19 SepHackers Exploit Default Credentials in FOUNDATION Software to Breach Construction FirmsThreat actors have been observed targeting the construction sector by infiltrating the FOUNDATION Accounting Software, according to new findings from Huntress. "Attackers have been observed brute-forcing the software at scale, and gaining access simply by using the product’s defa…THEHACKERNEWS.COM
19 SepNews alert: Aembit’s 2024 survey report highlights major gaps in securing ‘Non-Human Identities’Silver Spring, MD, Sept. 19, 2024, CyberNewsWire — Aembit , the non-human identity and access management (IAM) company, today released its 2024 Non-Human Identity Security Report , a definitive survey highlighting how organizations currently manage and protect non-human ide…LASTWATCHDOG.COM
19 SepCryptohack Roundup: Delta Prime, Ethena ExploitsAlso: US SEC Settles With Prager Metis, Rari Capital This week, Delta Prime and Ethena were hacked, Lazarus' funds were frozen, the SEC settled with Prager Metis and Rari Capital, Sam Bankman-Fried sought a new trial, the SEC accused NanoBit and CoinW6 of scams, the CTFC sought t…DATABREACHTODAY.CO.UK
19 SepIvanti warns of another critical CSA flaw exploited in attacksToday, Ivanti warned that threat actors are exploiting another Cloud Services Appliance (CSA) vulnerability in attacks targeting a limited number of customers. [...]BLEEPINGCOMPUTER.COM
19 SepTor says it’s "still safe" amid reports of police deanonymizing usersThe Tor Project is attempting to assure users that the network is still safe after a recent investigative report warned that law enforcement from Germany and other countries are working together to deanonymize users through timing attacks. [...]BLEEPINGCOMPUTER.COM
19 SepReveal of Chinese-controlled botnet is another warning to CISOs to keep up with asset and patch managementA Chinese-controlled botnet of tens of thousands of unpatched internet-connected firewalls, network attached storage devices, internet-connected surveillance cameras, and small office/home office routers has been revealed by the cyber agencies of the Five Eyes alliance: the US, t…CSOONLINE.COM
19 SepRaptor Train Botnet Infects 260,000 Devices GloballyChinese Botnet Targets US Critical Infrastructure and Taiwan A Chinese state-sponsored botnet called Raptor Train has infected more than 260,000 IoT and office network devices to target critical infrastructure globally. The hackers used zero-days and known vulnerabilities to comp…DATABREACHTODAY.CO.UK
19 SepBreach Roundup: Cyberwar Is Too Hot for InsurersAlso: A Phishing Network Takedown, Another Ivanti Critical Flaw and Meta Bans RT Munich Re said it can't insure cyberwar, it was Rhysida that hit the Seattle airport, Meta banned RT, Ivanti disclosed a flaw, hackers exploited construction software, AT&T settled with FCC, Tran…DATABREACHTODAY.CO.UK
19 SepTor Says Platform Is Safe After German Police InterceptionGerman Law Enforcement Reportedly Deanonymized Tor User in 2021 The Tor Project on Wednesday reassured users that they remain anonymous after media reported that German police successfully used Tor to trace the alleged administrator of a child pornography site. Tor users can cont…DATABREACHTODAY.CO.UK
19 Sep KEVCISA warns of actively exploited Apache HugeGraph-Server bugThe U.S. Cybersecurity and Infrastructure Agency (CISA) has added five flaws to its Known Exploited Vulnerabilities (KEV) catalog, among which is a remote code execution (RCE) flaw impacting Apache HugeGraph-Server. [...]BLEEPINGCOMPUTER.COM
📋 SECURITY BULLETINS 2[−]
19 SepAtlassian Patches Vulnerabilities in Bamboo, Bitbucket, Confluence, CrowdAtlassian’s September 2024 monthly security bulletin details multiple high-severity vulnerabilities in four products. The post Atlassian Patches Vulnerabilities in Bamboo, Bitbucket, Confluence, Crowd appeared first on SecurityWeek .SECURITYWEEK.COM
19 SepApple’s new macOS Sequoia update breaks cybersecurity tools, experts sayOn Monday, Apple released its latest computer operating system update called macOS 15, or Sequoia. And, somehow, the software update has broken the functionality of several security tools made by CrowdStrike, SentinelOne, Microsoft, and others, according to posts on social media,…TECHCRUNCH.COM
📢 SECURITY ADVISORIES 4[−]
19 Sep KEVDeepfakes break through as business threatDeepfakes targeting enterprise financial data used to be a hypothetical concern, but that’s no longer the case, as criminal deepfakers now target more than a quarter of all companies, according to a recent survey. About 15% of executives say cybercriminals have targeted their com…CSOONLINE.COM
19 SepCISA chief AI officer follow-up: Current state of the role (and where it’s heading)At the beginning of August, CISA announced that it had appointed Lisa Einstein, Senior Advisor of its artificial intelligence division, as its new chief AI officer. This announcement came following several new initiatives in the last couple of years focused on gaining a clearer u…SECURITYINTELLIGENCE.COM
19 SepCISA Releases Cyber Defense Alignment Plan for Federal AgenciesCISA has laid out the FOCAL plan, which aligns the collective operational defense capabilities across federal agencies. The post CISA Releases Cyber Defense Alignment Plan for Federal Agencies appeared first on SecurityWeek .SECURITYWEEK.COM
19 SepManaging Cybersecurity and Privacy Risks in the Age of Artificial Intelligence: Launching a New Program at NISTThe rapid proliferation of Artificial Intelligence (AI) promises significant value for industry, consumers, and broader society, but as with many technologies, new risks from these advancements in AI must be managed to realize it’s full potential. The NIST AI Risk Management Fram…NIST.GOV
🔥 INCIDENT REPORTING 16[−]
19 SepCraig Newmark pledges $100M to fight hacking by foreign governmentsCraigslist founder Craig Newmark plans to donate $100 million to further strengthen U.S. cybersecurity, addressing what he sees as a growing threat from foreign governments, he tells the WSJ. Half the funds will focus on protecting power grids and other infrastructure from cybera…TECHCRUNCH.COM
19 SepUS Disrupts ‘Raptor Train’ Botnet of Chinese APT Flax TyphoonThe US government has announced the disruption of Raptor Train, a Flax Typhoon botnet powered by hacked consumer devices. The post US Disrupts ‘Raptor Train’ Botnet of Chinese APT Flax Typhoon appeared first on SecurityWeek .SECURITYWEEK.COM
19 SepMicrosoft Warns of New INC Ransomware Targeting U.S. Healthcare SectorMicrosoft has revealed that a financially motivated threat actor has been observed using a ransomware strain called INC for the first time to target the healthcare sector in the U.S. The tech giant's threat intelligence team is tracking the activity under the name Vanilla Tempest…THEHACKERNEWS.COM
19 SepSnowflake Moves to MFA, 14-Character PasswordsSnowflake, a cloud-based data warehousing platform, has implemented default multifactor authentication and a minimum 14-character password requirement following cyberattacks in June affecting multiple customers.BANKINFOSECURITY.COM
19 SepMicrosoft Warns of New INC Ransomware Targeting U.S. Healthcare SectorMicrosoft said Vanilla Tempest has been active since at least July 2022, with previous attacks targeting education, healthcare, IT, and manufacturing sectors using various ransomware families such as BlackCat, Quantum Locker, Zeppelin, and Rhysida.THEHACKERNEWS.COM
19 SepPicus Security, founded by Turkish 3 mathematicians, raises $45M after simulating 1B cyberattacksFor as long as coding has existed, we have had a plethora of methods — white-hat testers, software, and more — to validate that code works as it was intended. These days, all that has been kicked into high gear: the growing sophistication of security breaches has turned the proce…TECHCRUNCH.COM
19 SepMicrosoft: US Healthcare Sector Targeted by INC Ransomware AffiliateMicrosoft has observed the threat actor Vanilla Tempest targeting US healthcare organizations with INC ransomware. The post Microsoft: US Healthcare Sector Targeted by INC Ransomware Affiliate appeared first on SecurityWeek .SECURITYWEEK.COM
19 SepHackers Demand $6 Million for Files Stolen From Seattle Airport Operator in CyberattackThe Port of Seattle, which owns and runs the airport, has decided not to pay, the official said. The post Hackers Demand $6 Million for Files Stolen From Seattle Airport Operator in Cyberattack appeared first on SecurityWeek .SECURITYWEEK.COM
19 SepChinese spies spent 4 months in aerospace firm’s serversubmitted by ptz to cybersecurity 5 points | 1 comments https://www.theregister.com/2024/09/18/chinese_spies_found_on_us_hq_firm_network/ Chinese state-sponsored spies have been spotted inside a global engineering firm’s network, having gained initial entry using an admin portal’…THEREGISTER.COM
19 Sep'SambaSpy' RAT's Multiple Features Pack Hefty Punchsubmitted by kid to cybersecurity 3 points | 0 comments https://www.darkreading.com/cyberattacks-data-breaches/sambaspy-rat-packs-hefty-punchDARKREADING.COM
19 SepThreat Actor Allegedly Claims Breach of Federal Bank Customer DataA threat actor on a well-known dark web forum has allegedly claimed responsibility for a significant data breach involving the Indian financial institution, Federal Bank. The breach reportedly exposes sensitive information of hundreds of thousands of customers, raising serious co…GBHACKERS.COM
19 SepResearchers Detailed Raptor Train Botnet That 60,000+ Compromised DevicesResearchers discovered a large, Chinese state-sponsored IoT botnet, “Raptor Train,” that compromised over 200,000 SOHO and IoT devices. Operated by Flax Typhoon, the botnet leveraged a sophisticated control system, “Sparrow,” to manage its extensive networ…GBHACKERS.COM
19 SepHackers Using Supershell Malware To Attack Linux SSH ServersResearchers identified an attack campaign targeting poorly secured Linux SSH servers, where the attack leverages Supershell, a cross-platform reverse shell backdoor written in Go, granting attackers remote control of compromised systems. Following the initial infection, attackers…GBHACKERS.COM
19 SepWherever There's Ransomware, There's Service Account Compromise. Are You Protected?Until just a couple of years ago, only a handful of IAM pros knew what service accounts are. In the last years, these silent Non-Human-Identities (NHI) accounts have become one of the most targeted and compromised attack surfaces. Assessments report that compromised service accou…THEHACKERNEWS.COM
19 SepHuntStand - 2,795,947 breached accountsIn March 2024, millions of records scraped from the hunting and land management service HuntStand were publicly posted to a popular hacking forum . The data included 2.8M unique email addresses with many records also containing name, date of birth and country.HAVEIBEENPWNED.COM
🕵️ THREAT INTELLIGENCE 22[−]
19 SepTime-to-Live Analysis of DShield Data with Vega-Lite, (Wed, Sep 18th)Since posting a diary about Vega-Lite [ 1 ], I have "played" with other queries that might be interesting and the first one that I wanted to explore since the DShield SIEM [ 2 ] capture and parse the iptables logs and store the Time-to-Live (TTL) for analysis.…ISC.SANS.EDU
19 SepISC Stormcast For Thursday, September 19th, 2024 https://isc.sans.edu/podcastdetail/9144, (Thu, Sep 19th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
19 SepSecurity Validation Firm Picus Security Raises $45 MillionAttack simulation firm has raised $45 million in growth funding, bringing the total amount raised to $80 million. The post Security Validation Firm Picus Security Raises $45 Million appeared first on SecurityWeek .SECURITYWEEK.COM
19 SepCybersecurity Awareness: Reflecting on 20 Years of Defense Evolution and Preparing for Future ThreatsThreats have become more complex as the threat surface has expanded and it is now about the evolution of protecting a business and its ecosystem. The post Cybersecurity Awareness: Reflecting on 20 Years of Defense Evolution and Preparing for Future Threats appeared first on Secur…SECURITYWEEK.COM
19 SepAembit Unveils 2024 Survey Report Highlighting Major Gaps in Securing Non-Human IdentitiesAembit, the non-human identity and access management (IAM) company, today released its 2024 Non-Human Identity Security Report, a definitive survey highlighting how organizations currently manage and protect non-human identities (NHIs) – such as applications, scripts, and service…GBHACKERS.COM
19 SepBeyond Analyst Reports: KnowBe4's Undeniable Leadership in Human Risk ManagementAnalyst reports aim to provide market insights. But when it comes to Human Risk Management (HRM), we’ve noticed that they often fall short of capturing the full picture. You already know that we are the undisputed leader in the essential areas that have been standard features in …KNOWBE4.COM
19 SepWebdav Malicious File Hosting Powering Stealthy Malware AttacksA new method of attack has emerged that leverages WebDAV technology to host malicious files. This approach, which facilitates the distribution of the Emmenhtal loader—also known as PeakLight—has been under scrutiny since December 2023. The loader is notorious for its stealthy, me…GBHACKERS.COM
19 SepNew Brazilian-Linked SambaSpy Malware Targets Italian Users via Phishing EmailsA previously undocumented malware called SambaSpy is exclusively targeting users in Italy via a phishing campaign orchestrated by a suspected Brazilian Portuguese-speaking threat actor. "Threat actors usually try to cast a wide net to maximize their profits, but these attackers a…THEHACKERNEWS.COM
19 SepShould CIOs and CISOs Wear One Hat?Essen Health Care's Hiren Dave Makes the Case for Integration of CIO-CISO Roles As cloud computing, DevOps and automation continue to evolve, the lines between IT functions are fading, making security integral to these processes. Hiren Dave, CIO and CISO at Essen Health Care, sha…DATABREACHTODAY.CO.UK
19 SepIranian Hackers Tried but Failed to Interest Biden’s Campaign in Stolen Trump Info, FBI SaysIranian hackers sought to interest President Joe Biden’s campaign in information stolen from rival Donald Trump’s campaign. The post Iranian Hackers Tried but Failed to Interest Biden’s Campaign in Stolen Trump Info, FBI Says appeared first on SecurityWeek .SECURITYWEEK.COM
19 SepOpnova Banks Seed Capital to Tackle Security, IT AutomationSerial entrepreneur Sinan Eren is back with Opnova, a startup working on automating security workflows with limited human supervision. The post Opnova Banks Seed Capital to Tackle Security, IT Automation appeared first on SecurityWeek .SECURITYWEEK.COM
19 SepCyber Insurers Are Intensely Scrutinizing Healthcare ClientsAs threat actors continue to evolve their attacks to circumvent security measures, cyber insurers are raising the bar for prospective healthcare security clients. Underwriters are increasing their scrutiny and adding new coverage requirements, said Chris Henderson of cybersecurit…DATABREACHTODAY.CO.UK
19 SepThreat Actors Forcing victims Into Entering Login Credentials For StealingRecent intelligence indicates a new technique employed by stealers to trick victims into entering credentials directly into a browser, enabling subsequent theft from the browser’s credential store. This method, used in conjunction with StealC malware, was first observed in …GBHACKERS.COM
19 SepSambaSpy Using Weaponized PDF Files to Attack Windows UsersSambaSpy Attacking Windows Users With Weaponized PDF FilesResearchers discovered a targeted cybercrime campaign in May 2024 that exclusively focused on Italian victims, which was unusual as attackers typically aim for broader targets to increase profits. However, this campaign im…GBHACKERS.COM
19 SepHow Mastercard Benefits From the $2.65B Recorded Future DealEVP Johan Gerber on How Threat Intelligence Can Prevent Fraud, Protect Payments Mastercard's proposed purchase of Recorded Future for $2.65 billion will bring advanced threat intelligence into its payment systems. EVP Johan Gerber explains how this move improves fraud detection a…DATABREACHTODAY.CO.UK
19 SepSocial media companies engaged in 'vast surveillance,' FTC finds, calling status quo 'unacceptable'submitted by return2ozma to cybersecurity 1 points | 0 comments https://www.nbcnews.com/tech/security/social-media-companies-engaged-vast-surveillance-ftc-finds-calling-sta-rcna171814NBCNEWS.COM
19 SepUS FTC Reveals Social Media and Streaming's Vast SurveillanceNew Report Accuses 9 Platforms of Surveillance of Users, Points to Privacy Concerns The U.S. Federal Trade Commission on Thursday published a report detailing how the largest social media and streaming services surveil both users and nonusers across the web while collecting vast …DATABREACHTODAY.CO.UK
19 SepFake Job Lures Target Employees of Aerospace, Energy FirmsBAE Systems Among Companies in the Sights of North Korean Cyberespionage Group A North Korean cyberespionage group is posing as job recruiters and targeting aerospace and energy sector employees with lucrative job offers, according to Mandiant. The hackers use email and WhatsApp …DATABREACHTODAY.CO.UK
19 SepMicrosoft: Russian Cyber Proxies Targeting Harris CampaignMicrosoft Says Russia-Linked Cyber Actors Are Supporting Trump by Attacking Harris Microsoft warned the Kremlin is targeting the 2024 presidential election campaign of Vice President Kamala Harris with its wide-ranging election interference operations. Russian groups likely align…DATABREACHTODAY.CO.UK
19 SepThe Hidden AI Risk Lurking In Your BusinessThe adoption of unsanctioned GenAI applications can lead to a broad range of cybersecurity issues, from data leakage to malware. The post The Hidden AI Risk Lurking In Your Business appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
19 SepPicus Security Receives $45M to Enhance Exposure ManagementRiverwood Capital Leads Investment in Security Validation Firm to Grow in Americas Picus Security has received $45 million in funding led by Riverwood Capital. The investment will accelerate product development in exposure management, including attack surface management and autom…DATABREACHTODAY.CO.UK
19 SepJoin us at Microsoft Ignite 2024 and learn to build a security-first culture with AIJoin us in November 2024 in Chicago for Microsoft Ignite to connect with industry leaders and learn about our newest solutions and innovations. The post Join us at Microsoft Ignite 2024 and learn to build a security-first culture with AI appeared first on Microsoft Security Blog …MICROSOFT.COM
🌐 CYBER THREAT LANDSCAPE 7[−]
19 SepBlackCloak Raises $17M to Boost Cybersecurity for ExecutivesUsing the fresh funding, the company plans to improve its threat modeling and deepfake protection services to safeguard high-profile individuals from cyber threats in their personal lives.BANKINFOSECURITY.COM
19 SepWhat's Next for Secure Communication After Exploding Pagers?No OpSec Measure Is Bulletproof to the Effects of a Corrupted Supply Chain Secure communications in an age of network insecurity has focused mostly on encryption and fears of surveillance tracking. But as this week revealed to the dismay of terrorists and criminals alike, no OpSe…DATABREACHTODAY.CO.UK
19 SepThis Windows PowerShell Phish Has Scary PotentialMany GitHub users this week received a novel phishing email warning of critical security holes in their code. Those who clicked the link for details were asked to distinguish themselves from bots by pressing a combination of keyboard keys that causes Microsoft Windows to download…KREBSONSECURITY.COM
19 SepA Single IP is Scanning Intensely, and Yields a List of Malware LoadersOverall scanning for CVEs we track is down, but one specific scanner caught our attention. We dig into what it’s doing.F5.COM
19 SepA Single IP is Scanning Intensely, and Yields a List of Malware LoadersOverall scanning for CVEs we track is down, but one specific scanner caught our attention. We dig into what it’s doing.F5.COM
🎙️ PODCASTS 1[−]
19 SepInfluencing the influencers | Unlocked 403 cybersecurity podcast (ep. 6)How do analyst relations professionals 'sort through the noise' and help deliver the not-so-secret sauce for a company's success? We spoke with ESET's expert to find out.WELIVESECURITY.COM
📡 INFOSEC NEWS 21[−]
19 SepRunSafe Security Raises $12M to Drive Global Expansion and Product DevelopmentThe Series B funding was led by Critical Ventures and SineWave Venture Partners, with other key investors joining in to support RunSafe's mission to protect critical systems from global threats.SILICONANGLE.COM
19 SepMarko Polo Cybercrime Gang Targets Cryptocurrency Users, Influencers With ScamsThe group primarily focuses on online gaming personalities, cryptocurrency influencers, and technology professionals, enticing them with fake job opportunities on social media that lead to downloading malicious software.THERECORD.MEDIA
19 SepMysterious "LOVE" packet storms flood the internet since 2020Internet intelligence firm GreyNoise reports that it has been tracking large waves of "Noise Storms" containing spoofed internet traffic since January 2020. However, despite extensive analysis, it has not concluded its origin and purpose. [...]BLEEPINGCOMPUTER.COM
19 SepMastering Communication: The Secret to Success in Life & Business!🎯 Want to level up your life and business? It's all about mastering communication! In this short, we break down how building strong connections and honing your communication skills can lead to success not just in business, but in every part of life. From empathy to effective lead…YOUTUBE.COM
19 SepIdentifying Rogue AIThis is the third blog in an ongoing series on Rogue AI. Keep following for more technical guidance, case studies, and insights.TRENDMICRO.COM
19 SepHow to reduce cyber risk during employee onboardingOnboarding new employees is an important time for any organization but comes with a unique set of security risks. Learn more from Specops Software about these risks and how to mitigate them. [...]BLEEPINGCOMPUTER.COM
19 SepGoogle rolls out automatic passkey syncing via Password ManagerPasskeys, the digital credentials that let you sign into apps and websites without entering a password, are getting easier to use for Chrome users. Starting today, you can save passkeys to Google’s password manager, Google Password Manager, built into Chrome on Windows, mac…TECHCRUNCH.COM
19 SepSpearphishing tricks in mass emails | Kaspersky official blogAn example of spearphishing tricks used in a mass email: text in images, PDF files, QR codes, ghost spoofing, DocuSign imitation, and Cloudflare verification.KASPERSKY.COM
19 SepCrypto Fraud EXPOSED: $5.6 Billion Vanished in 2023!In 2023, crypto investors in the U.S. lost a staggering $5.6 billion to fraud, according to an FBI report. 🚨 The biggest culprit? Investment scams like pump-and-dump schemes, where the value skyrockets briefly before crashing, leaving investors with massive losses. Shockingly, th…YOUTUBE.COM
19 SepFTC exposes massive surveillance of kids, teens by social media giantsA Federal Trade Commission (FTC) staff report has found that social media and video streaming companies have been engaging in widespread user surveillance, particularly of children and teens, with insufficient privacy protections and earning billions of dollars annually by moneti…BLEEPINGCOMPUTER.COM
19 SepGoogle Password Manager now automatically syncs your passkeysGoogle announced that starting today, passkeys added to Google Password Manager will automatically sync between Windows, macOS, Linux, Android, and ChromeOS devices for logged-in users. [...]BLEEPINGCOMPUTER.COM
19 SepUnexplained ‘Noise Storms’ flood the Internet, puzzle expertsInternet intelligence firm GreyNoise reports that it has been tracking large waves of "Noise Storms" containing spoofed internet traffic since January 2020. However, despite extensive analysis, it has not concluded its origin and purpose. [...]BLEEPINGCOMPUTER.COM
19 SepMicrosoft Edge will flag extensions causing performance issuesMicrosoft is testing a new feature in the Edge browser called the "extension performance detector," which warns you when browser extensions cause performance issues on web pages you visit. [...]BLEEPINGCOMPUTER.COM
19 SepFake GitHub Site Targeting Developers, (Thu, Sep 19th)Our reader "RoseSecurity" forwarded received the following malicious email: ISC.SANS.EDU
19 SepChipmaker Qualcomm lays off hundreds of workers in San DiegoThis is the chipmaker's second round of layoffs over the past year, while the company recorded billions in revenue. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
19 SepSuspects behind $230 million cryptocurrency theft arrested in MiamiTwo suspects were arrested in Miami this week and charged with conspiracy to steal and launder over $230 million in cryptocurrency using crypto exchanges and mixing services. [...]BLEEPINGCOMPUTER.COM