🐛 COMMON VULNERABILITIES AND EXPOSURES 7[−]
20 SepCritical Ivanti Cloud Appliance Vulnerability Exploited in Active CyberattacksIvanti has revealed that a critical security flaw impacting Cloud Service Appliance (CSA) has come under active exploitation in the wild. The new vulnerability, assigned the CVE identifier CVE-2024-8963, carries a CVSS score of 9.4 out of a maximum of 10.0. It was "incidentally a…THEHACKERNEWS.COM
20 SepGitLab Urges Organization to Patch for Authentication Bypass VulnerabilityGitLab has issued an urgent call to action for organizations using its platform to patch a critical authentication bypass vulnerability. This security flaw, CVE-2024-45409, affects instances configured with SAML-based authentication. The vulnerability could potentially allow unau…GBHACKERS.COM
20 SepIvanti Warns of Second CSA Vulnerability Exploited in AttacksIn addition to the Ivanti CSA flaw CVE-2024-8190, another vulnerability affecting the same product, tracked as CVE-2024-8963, has been exploited. The post Ivanti Warns of Second CSA Vulnerability Exploited in Attacks appeared first on SecurityWeek .SECURITYWEEK.COM
20 SepCVE-2023-48788 Exploited: Researcher Details Cyberattacks on Fortinet FortiClient EMSCybersecurity researchers at Darktrace have discovered cybercriminals exploiting Fortinet’s FortiClient EMS. The attackers targeted a critical vulnerability, CVE-2023-48788, to gain unauthorized access through an SQL injection flaw.SECURITYONLINE.INFO
20 SepAcronis Backup Plugins Hit by CVE-2024-8767: CVSS 9.9 Severity AlertAcronis Backup Plugins have been affected by a critical security flaw, CVE-2024-8767 (CVSS 9.9). The vulnerability impacts Linux-based plugins for cPanel & WHM, Plesk, and DirectAdmin, potentially leading to data breaches and unauthorized operations.SECURITYONLINE.INFO
20 SepCISA Releases Six Advisories for Industrial Control SystemsThe Cybersecurity and Infrastructure Security Agency (CISA) has issued six advisories concerning vulnerabilities: These advisories highlight critical industrial control system vulnerabilities. Rockwell Automation’s RSLogix 5 and RSLogix 500 software Rockwell Automation̵…GBHACKERS.COM
20 SepVersa Networks Releases Advisory for a Vulnerability in Versa Director, CVE-2024-45229Versa Networks has released an advisory for a vulnerability ( CVE-2024-45229 ) affecting Versa Director. A cyber threat actor could exploit this vulnerability to exercise unauthorized REST APIs. CISA urges organizations to apply necessary updates, hunt for any malicious activity,…CISA.GOV
⚠️ VULNERABILITY DISCLOSURE 14[−]
20 SepWhat is pretexting? Definition, examples, and attacksPretexting definition Pretextingis form of social engineering in which an attacker fabricates a story to convince a victim to give up valuable information or access to a service or system. The distinguishing feature of a pretexting attack is that the scammer comes up with a story…CSOONLINE.COM
20 SepWant to know how the bad guys attack AI systems? MITRE’S ATLAS can show youIt’s one thing to understand that artificial intelligence introduces new and rapidly evolving threats, but it’s quite another — incredibly daunting — task to stay on top of what those threats look like, where they’re coming from, and how severe they are. The Adversarial Threat La…CSOONLINE.COM
20 SepCybercriminals Exploit CAPTCHA to Deliver Malware: Experts Issue WarningThese counterfeit CAPTCHA tests prompt users to execute seemingly harmless commands, which actually lead to the installation of the dangerous Lumma Stealer malware on Windows devices.SECURITYONLINE.INFO
20 SepTor Responds to Reports of German Police Deanonymizing UsersThe Tor Project has responded to claims that German law enforcement has found a way to deanonymize users. The post Tor Responds to Reports of German Police Deanonymizing Users appeared first on SecurityWeek .SECURITYWEEK.COM
20 SepLaw Enforcement Dismantles Phishing Platform Used for Unlocking Stolen PhonesThe iServer phishing-as-a-service platform was used by Spanish-speaking criminals to harvest credentials and unlock stolen and lost phones. The post Law Enforcement Dismantles Phishing Platform Used for Unlocking Stolen Phones appeared first on SecurityWeek .SECURITYWEEK.COM
20 SepHacker selling 7 TB of Star Health Insurance’s customer data using TelegramSensitive customer data from Star Health and Allied Insurance, India’s largest standalone health insurer, has been leaked via chatbots on the messaging platform Telegram, raising serious concerns about data security and privacy in the healthcare sector, a Reuters report said. Thi…CSOONLINE.COM
20 SepMFA adoption is catching up but is not quite thereWhile the adoption of multifactor authentication has picked up in the face of growing identity threats, it isn’t quite where it should be, according to Osterman Research. The study, which surveyed a number of cybersecurity professionals from over a hundred US-based organizations,…CSOONLINE.COM
20 SepEuropol Shuts Down Major Phishing Scheme Targeting Mobile Phone CredentialsLaw enforcement authorities have announced the takedown of an international criminal network that leveraged a phishing platform to unlock stolen or lost mobile phones. The phishing-as-a-service (PhaaS) platform, called iServer, is estimated to have claimed more than 483,000 victi…THEHACKERNEWS.COM
20 SepPhishing Attacks Abuse Content Creation and Collaboration PlatformsResearchers at Barracuda have observed an increase in phishing attacks that abuse popular content creation and collaboration platforms. These include online graphic design platforms and document-sharing services widely used by educational institutions and businesses.KNOWBE4.COM
20 SepLLMjacking: How attackers use stolen AWS credentials to enable LLMs and rack up costs for victimsThe black market for access to large language models (LLMs) is growing, with attackers increasingly abusing stolen cloud credentials to query AI runtime services such as Amazon Bedrock in a practice known as LLMjacking, according to research from security firm Sysdig. Observed …CSOONLINE.COM
20 SepDo phishing tests do more harm than good? - Wolfgang Goerlich - ESW #376A month ago, my friend Wolfgang Goerlich posted a hot take on LinkedIn that is less and less of a hot take these days. He posted, ["our industry needs to kill the phish test"](https://www.linkedin.com/posts/jwgoerlich_infosec-cybersecurity-activity-7226985516217352195-tpRS),and I…YOUTUBE.COM
20 SepSpeed, Flexibility, and AI: The Case for Migrating from Legacy SOAR Systems - Whitney ... - ESW #376In this episode, we explore some compelling reasons for transitioning from traditional SOAR tools to next-generation SOAR platforms. Discover how workflow automation and orchestration offers unparalleled speed and flexibility, allowing organizations to stay ahead of evolving secu…YOUTUBE.COM
20 SepExploiting Exploiting Exchange PowerShell After ProxyNotShell: Part 3 – DLL Loading Chain for RCEPACKETSTORMSECURITY.COM
20 SepGerman police dismantles illegal crypto exchangesThe German Federal Criminal Police Office (BKA), in cooperation with the Central Office for Combating Internet Crime (ZIT), has dealt a severe blow to the “infrastructure of digital money launderers in the underground economy,” it said Friday. As part of the “Final Exchange” camp…CSOONLINE.COM
📋 SECURITY BULLETINS 1[−]
20 SepWindows Server 2025 previews security updates without restartsMicrosoft announced today that Hotpatching is now available in public preview for Windows Server 2025, allowing installation of security updates without restarting. [...]BLEEPINGCOMPUTER.COM
📢 SECURITY ADVISORIES 8[−]
20 SepIranian APT UNC1860 Linked to MOIS Facilitates Cyber Intrusions in Middle EastAn Iranian advanced persistent threat (APT) threat actor likely affiliated with the Ministry of Intelligence and Security (MOIS) is now acting as an initial access facilitator that provides remote access to target networks. Google-owned Mandiant is tracking the activity cluster u…THEHACKERNEWS.COM
20 SepNew cybersecurity advisory highlights defense-in-depth strategiesIn 2023, the Cybersecurity and Infrastructure Security Agency (CISA) conducted a red team operation against an FCEB (Federal Civilian Executive Branch) organization. In July 2024, CISA released a new CSA that detailed the findings of this assessment along with key findings releva…SECURITYINTELLIGENCE.COM
20 SepLondon Cybersecurity Summit: Building Cyber ResilienceSecurity Leaders Explored Trends in Identity Threats, Post-Brexit Compliance and AI At the annual Cybersecurity Summit: London, Information Security Media Group recently brought together top cybersecurity professionals, executives and thought leaders to find solutions to the late…DATABREACHTODAY.CO.UK
20 SepENISA Warns About Hacktivist, Ransomware CrossoverHacktivists Are Likely to Increasingly Adopt Cybercrime Tactics, Report Says Ransomware hacks and self-declared hacktivist denial-of-services attacks were the most prolific threat to European Union members over the 12-month period ending in June, the EU cyber agency warned, addin…DATABREACHTODAY.CO.UK
20 SepWho Will Take the Lead in Setting Healthcare AI Regulations?It's yet to be determined whether a handful of states or the federal government will lead the charge in adopting comprehensive regulations involving the use of artificial intelligence in healthcare, said regulatory attorney Betsy Hodge, a partner in law firm Akerman.DATABREACHTODAY.CO.UK
20 SepFBI, CISA warning over false claims of hacked voter data – Week in security with Tony AnscombeWith just weeks to go before the US presidential election, the FBI and the CISA are warning about attempts to sow distrust in the electoral processWELIVESECURITY.COM
🔥 INCIDENT REPORTING 13[−]
20 SepSupply chain targets 3,000 users. Cyber Security Today for Friday, September 20, 2024Cybersecurity Today: Supply Chain Attacks, Data Breaches, and Botnet Threat Disruptions In this episode of 'Cybersecurity Today,' host Jim Love covers pressing issues in the cybersecurity world, including a supply chain attack in Lebanon, a major data breach at AT&T resulting…CYBERSECURITYTODAY.LIBSYN.COM
20 SepHertz Car Rental Platform Leaks 60,000 Insurance Claim ReportsHertz, a well-known car rental company, has inadvertently exposed over 60,000 insurance claim reports. This breach has raised serious concerns about the company’s data security practices and left customers questioning the safety of their personal information. Discovery of t…GBHACKERS.COM
20 SepHackers Allegedly Claim Breach of Dell Employee DatabaseA hacking group has allegedly claimed responsibility for breaching the Dell employee database. The claim was made public on a well-known hacking forum, where the group asserted that they had accessed sensitive information belonging to approximately 10,800 Dell employees and partn…GBHACKERS.COM
20 SepHacker Claims "Minor" Data Breach at DELL; Leaks Over 10,000 Employee Detailssubmitted by kid to cybersecurity 1 points | 0 comments https://hackread.com/hacker-dell-data-breach-employee-details-leak/HACKREAD.COM
20 SepHow Ransomhub Ransomware Uses EDRKillShifter to Disable EDR and Antivirus ProtectionsTrend Micro tracked this group as Water Bakunawa, behind the RansomHub ransomware, employs various anti-EDR techniques to play a high-stakes game of hide and seek with security solutions.TRENDMICRO.COM
20 SepUNC1860 and the Temple of Oats: Iran’s Hidden Hand in Middle Eastern NetworksUNC1860 has been observed using victim networks as staging areas for additional operations, targeting entities in Saudi Arabia and Qatar. They overlap with APT34, assisting in lateral movement within compromised organizations.CLOUD.GOOGLE.COM
20 SepHackers Deliver Popular Crypto-Miner Through Malicious Email Auto Replies, Researchers SayHackers are distributing a popular crypto-miner via malicious email auto-replies, as per researchers. They compromised email accounts to send innocent automatic replies with links to crypto-mining malware, specifically XMRig.THERECORD.MEDIA
20 SepOnline Scams Are Shortening Their Cycles and Making More MoneyNew analysis of blockchain activity shows scammers are needing less time to obtain crypto payments and are seeing higher payoffs per scam.KNOWBE4.COM
20 SepCybersecurity: is the talent gap a myth? Is the industry delusional? - ESW #376This week, the cybersecurity industry's most basic assumptions under scrutiny. Following up our conversation with Wolfgang Goerlich, where he questions the value of phishing simulations, we discuss essays that call into question: - the maturity of the industry - the supposed "tal…YOUTUBE.COM
20 SepDell investigates data breach claims after hacker leaks employee infoDell has confirmed to BleepingComputer that they are investigating recent claims that it suffered a data breach after a threat actor leaked the data for over 10,000 employees. [...]BLEEPINGCOMPUTER.COM
20 SepISMG Editors: How to Survive a Major Ransomware AttackCyberEdBoard Members and ISMG Editors on Incident Response, AI and Defense Trends This week, CyberEdBoard members Jon Staniforth and Helmut Spöcker joined ISMG editors to unpack the hot topics at ISMG's London Cybersecurity Summit 2024, including ransomware lessons learned, AI tr…DATABREACHTODAY.CO.UK
20 SepDisney ditching Slack after massive July data breachThe Walt Disney Company is reportedly ditching Slack after a July data breach exposed over 1TB of confidential messages and files posted to the company's internal communication channels. [...]BLEEPINGCOMPUTER.COM
20 SepProtecting Your Data and Company From CyberthreatsWhy Cybersecurity Is a Public Imperative Data is one of the most valuable assets in today's digital age. Cyberthreats come in many forms, such as phishing attacks, ransomware, data breaches and malware infections, and failing to protect your data can cause severe financial, reput…DATABREACHTODAY.CO.UK
🕵️ THREAT INTELLIGENCE 16[−]
20 SepISC Stormcast For Friday, September 20th, 2024 https://isc.sans.edu/podcastdetail/9146, (Fri, Sep 20th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
20 SepGleaming Pisces Poisoned Python Packages Campaign Delivers PondRAT Linux and MacOS BackdoorsUnit 42 researchers have discovered an ongoing campaign involving tainted Python packages distributing Linux and macOS backdoors, known as PondRAT, linked to Gleaming Pisces, a North Korean threat actor targeting supply chain vendors.UNIT42.PALOALTONETWORKS.COM
20 SepExperts Warn of China-Linked APT's Raptor Train IoT BotnetThe attribution of the Raptor Train botnet to a Chinese nation-state actor is based on various factors, including operational timelines, targeting sectors aligned with Chinese interests, and the use of the Chinese language.SECURITYAFFAIRS.COM
20 SepNorth Korean APT Bypasses DMARC for Cyber Espionagesubmitted by kid to cybersecurity 3 points | 0 comments https://www.darkreading.com/threat-intelligence/north-korean-apt-bypasses-dmarc-email-cyber-espionage-attacksDARKREADING.COM
20 Sepfwd:cloudsec Europe 2024submitted by ashar to security_cpe 1 points | 0 comments https://infosec.pub/pictrs/image/8179da4b-25c5-4d14-9c0a-61f97d7f5122.png Schedule Live stream videoINFOSEC.PUB
20 SepKubernetes Container Isolation Startup Edera Raises $5 MillionEdera has raised $5 million in seed funding to help organizations secure Kubernetes containers and AI workloads. The post Kubernetes Container Isolation Startup Edera Raises $5 Million appeared first on SecurityWeek .SECURITYWEEK.COM
20 SepIn Other News: Disney Ditches Slack, Binance Malware Warning, Defense Conference TargetedNoteworthy stories that might have slipped under the radar: Disney will stop using Slack following a hack, Binance warns of malware, and US-Taiwan defense conference targeted by hackers. The post In Other News: Disney Ditches Slack, Binance Malware Warning, Defense Conference Tar…SECURITYWEEK.COM
20 SepNoise Storms: Massive Amounts of Spoofed Web Traffic Linked to ChinaGreyNoise has observed millions of spoofed IPs flooding internet providers with web traffic primarily focusing on TCP connections. The post Noise Storms: Massive Amounts of Spoofed Web Traffic Linked to China appeared first on SecurityWeek .SECURITYWEEK.COM
20 SepGoogle Now Syncing Passkeys Across Desktop, Android DevicesUsers can now save passkeys to Google Password Manager on computers running Windows, macOS, and Linux, in addition to Android devices. The post Google Now Syncing Passkeys Across Desktop, Android Devices appeared first on SecurityWeek .SECURITYWEEK.COM
20 SepUN Experts Urge United Nations to Lay Foundations for Global Governance of Artificial IntelligenceLeft ungoverned, AI’s benefits could be limited to a handful of countries, companies and individuals, and pose risks to peace and security. The post UN Experts Urge United Nations to Lay Foundations for Global Governance of Artificial Intelligence appeared first on SecurityWeek .SECURITYWEEK.COM
20 SepClever Social Engineering Attack Using CaptchasThis is really interesting. It’s a phishing attack targeting GitHub users, tricking them to solve a fake Captcha that actually runs a script that is copied to the command line. Clever.SCHNEIER.COM
20 SepDelay Upgrading to macOS Sequoia, Security Experts RecommendNot Yet Compatible: Many Third-Party Endpoint Security, Authentication, VPN Tools Multiple makers of third-party Apple security tools, including CrowdStrike and SentinelOne, are warning users not to upgrade to the new macOS 15 Sequoia, pending needed OS bug fixes. Users have also…DATABREACHTODAY.CO.UK
20 SepUkraine Bans Telegram Messenger App on State-Issued Devices Because of Russian Security ThreatUkraine issued the Telegram ban for the official devices of government employees, military personnel, security and defense workers, and critical infrastructure employees. The post Ukraine Bans Telegram Messenger App on State-Issued Devices Because of Russian Security Threat appea…SECURITYWEEK.COM
20 SepTraining AI on Social Media: What Could Go Wrong?Unfiltered Training Data Can Cause Safety Issues, Spread Misinformation LinkedIn this week joined its peers in using social media posts as training data for AI models, raising concerns of trustworthiness and safety. The question for AI developers is not whether companies use the …DATABREACHTODAY.CO.UK
20 SepShroombots, pagers, Tor, Raptor Train, GRU, Blue Light, Aaran Leyland, and More... - SWN #415Shroombots, pagers, Tor, Raptor Train, GRU, Blue Light, Aaran Leyland, and More on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-415YOUTUBE.COM
20 SepQuantum Risks Pose New Threats for US Federal CybersecurityExperts Say Feds May Face Cost and Timeline Challenges in Quantum Readiness The United States is preparing for an age of quantum computing as federal agencies roll out initiatives designed to boost "quantum readiness," and as experts warn the government may face issues that delay…DATABREACHTODAY.CO.UK
🌐 CYBER THREAT LANDSCAPE 2[−]
20 SepInnovation or Risk: Where Would You Invest $1 Million?🤔 Imagine having $1 million to invest... Would you spend it on cutting-edge AI innovation or on securing your company from cyber threats? 💼 In today’s fast-paced business world, balancing innovation and risk is crucial. But if you can't communicate the importance of cybersecurity…YOUTUBE.COM
20 SepUkraine bans Telegram on military, govt devices over security risksUkraine's National Coordination Centre for Cybersecurity (NCCC) has restricted the use of the Telegram messaging app within government agencies, military units, and critical infrastructure, citing national security concerns. [...]BLEEPINGCOMPUTER.COM
📡 INFOSEC NEWS 17[−]
20 SepChrome Users Can Now Sync Passkeys Across Devices with New Google PIN FeatureGoogle on Thursday unveiled a Password Manager PIN to let Chrome web users sync their passkeys across Windows, macOS, Linux, ChromeOS, and Android devices. "This PIN adds an additional layer of security to ensure your passkeys are end-to-end encrypted and can't be accessed by any…THEHACKERNEWS.COM
20 SepPasswordless AND Keyless: The Future of (Privileged) Access ManagementIn IT environments, some secrets are managed well and some fly under the radar. Here’s a quick checklist of what kinds of secrets companies typically manage, including one type they should manage: Passwords [x] TLS certificates [x] Accounts [x] SSH keys ??? The secrets listed abo…THEHACKERNEWS.COM
20 SepClickbaity or genius? 'BF cheated on you' QR codes pop up across UKA new wave of QR codes has popped up across UK claiming to share a video of a boyfriend who "cheated" on a girl named Emily last night. Clickbaity or genius? [...]BLEEPINGCOMPUTER.COM
20 SepBuilding Your Own AI Assistant in Minutes! 😱Microsoft just dropped a game-changer with Copilot Agents! You can now build fully autonomous AI assistants in minutes using their Agent Builder and Copilot Studio. Imagine automating tasks in BizChat or SharePoint like never before. Whether you're into tech or just love automati…YOUTUBE.COM
20 SepLife Imitates xkcd Comic As Florida Gang Beats Crypto Password From RetireePACKETSTORMSECURITY.COM
20 SepmacOS Sequoia change breaks networking for VPN, antivirus softwareUsers of macOS 15 'Sequoia' are reporting network connection errors when using certain endpoint detection and response (EDR) or virtual private network (VPN) solutions, and web browsers. [...]BLEEPINGCOMPUTER.COM
20 SepInternet surveillance firm Sandvine says it’s leaving 56 “non-democratic” countriesSandvine sold its internet surveillance products to authoritarian regimes, including Belarus, Egypt, Eritrea, the United Arab Emirates, and Uzbekistan. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
20 SepMicrosoft ends development of Windows Server Update Services (WSUS)Microsoft has officially announced that Windows Server Update Services (WSUS) is now deprecated, but plans to maintain current functionality and continue publishing updates through the channel. [...]BLEEPINGCOMPUTER.COM