🐛 COMMON VULNERABILITIES AND EXPOSURES 5[−]
23 SepFreeBSD RCE Vulnerability Let Attackers Execute Malicious CodeFreeBSD has disclosed a critical remote code execution (RCE) vulnerability affecting its bhyve hypervisor. This vulnerability, CVE-2024-41721, could allow attackers to execute malicious code on the host system. The advisory, which was announced on September 19, 2024, credits Syna…GBHACKERS.COM
23 SepCritical Flaw in Microchip ASF Exposes IoT Devices to Remote Code Execution RiskA critical security flaw has been disclosed in the Microchip Advanced Software Framework (ASF) that, if successfully exploited, could lead to remote code execution. The vulnerability, tracked as CVE-2024-7490, carries a CVSS score of 9.5 out of a maximum of 10.0. It has been desc…THEHACKERNEWS.COM
23 SepCritical Grafana Plugin SDK Flaw Exposes Sensitive InformationThis flaw, tracked as CVE-2024-8986 with a CVSS score of 9.1, could lead to the unintentional exposure of sensitive information, such as repository credentials, due to the build metadata being included in compiled binaries.SECURITYONLINE.INFO
23 SepCritical Dragonfly2 Flaw Due to Hardcoded Key Threatens Admin AccessThe flaw, tracked as CVE-2023-27584, stems from a hard-coded cryptographic key used in the authentication process, posing a serious risk of unauthorized access, including admin-level privileges.SECURITYONLINE.INFO
23 SepFreeBSD Issues Critical Security Advisory for CVE-2024-41721 (CVSS 9.8)The flaw, CVE-2024-41721, in bhyve's USB emulation functionality could lead to malicious code execution, posing a serious threat to systems running vulnerable versions of FreeBSD.SECURITYONLINE.INFO
⚠️ VULNERABILITY DISCLOSURE 22[−]
23 SepTor browser anonymity cracked by German police: Cyber Security Today for Monday, September 23, 2024Security Risks with Apple's OS Update, Disney Ditches Slack, and GitHub Hack Alert In this episode of Cyber Security Today, host Jim Love discusses pressing issues in the cybersecurity landscape: Apple's latest macOS update, Sequoia version 15, causing compatibility issues with m…CYBERSECURITYTODAY.LIBSYN.COM
23 SepChinese Hackers Exploit GeoServer Flaw to Target APAC Nations with EAGLEDOOR MalwareA suspected advanced persistent threat (APT) originating from China targeted a government organization in Taiwan, and possibly other countries in the Asia-Pacific (APAC) region, by exploiting a recently patched critical security flaw impacting OSGeo GeoServer GeoTools. The intrus…THEHACKERNEWS.COM
23 Sep10 things CISOs wished they knew from the startBecoming a first-time CISO can be overwhelming. From day one, these professionals, often external hires, must keep the organization secure while juggling a large set of challenges. On one hand, there’s the immediate pressure to defend against a growing array of cyber threats. On …CSOONLINE.COM
23 SepPolice Dismantles Phone Unlocking Ring Linked to 483,000 VictimsThis scheme was uncovered in 2022 during "Operation Kaerb," involving global enforcement agencies. The criminals mimicked popular mobile platforms to conduct phishing attacks.BLEEPINGCOMPUTER.COM
23 SepLumma Stealer Malware Campaign Exploits Fake CAPTCHA PagesThe Lumma Stealer malware is being distributed through deceptive human verification pages that trick Windows users into running malicious PowerShell commands, leading to sensitive information theft.CLOUDSEK.COM
23 SepHacker selling Dell employees’ data after a second alleged data breachDell Technologies has allegedly suffered two data breaches since Thursday amounting to a breach of over 3.5GB of data belonging to at least 10,000 company employees. A hacker using the alias “grep” had claimed the first breach by posting a sample of the stolen dataset on BreachFo…CSOONLINE.COM
23 SepKeycloak Vulnerability Puts SAML Authentication at RiskThe vulnerability lies in Keycloak's XMLSignatureUtil class, which incorrectly verifies SAML signatures, disregarding the vital "Reference" element that specifies the signed portion of the document.SECURITYONLINE.INFO
23 SepVersa Networks Patches Vulnerability Exposing Authentication TokensVersa Networks has released patches for a Versa Director vulnerability for which proof-of-concept (PoC) code exists. The post Versa Networks Patches Vulnerability Exposing Authentication Tokens appeared first on SecurityWeek .SECURITYWEEK.COM
23 SepHackers Mimic as Company’s HR to Trick EmployeesHackers are now impersonating company Human Resources (HR) departments to deceive employees into revealing sensitive information. This latest phishing tactic highlights the increasing sophistication of cyber threats, leveraging trust and urgency to exploit corporate environments.…GBHACKERS.COM
23 SepCERT/CC Warns of Unpatched Critical Vulnerability in Microchip ASFMicrochip Advanced Software Framework (ASF) 3 is affected by a critical vulnerability that could lead to remote code execution. The post CERT/CC Warns of Unpatched Critical Vulnerability in Microchip ASF appeared first on SecurityWeek .SECURITYWEEK.COM
23 SepESET Patches Privilege Escalation Vulnerabilities in Windows, macOS ProductsESET has released patches for two local privilege escalation vulnerabilities in security products for Windows and macOS. The post ESET Patches Privilege Escalation Vulnerabilities in Windows, macOS Products appeared first on SecurityWeek .SECURITYWEEK.COM
23 SepMove Over, Cobalt Strike. Splinter's The New Post Exploit Menace In TownPACKETSTORMSECURITY.COM
23 SepHacking the “Bike Angels” System for Moving BikesharesI always like a good hack. And this story delivers. Basically, the New York City bikeshare program has a system to reward people who move bicycles from full stations to empty ones. By deliberately moving bikes to create artificial problems, and exploiting exactly how the system c…SCHNEIER.COM
23 SepFake Paystubs Are Draining Billions From LendersHow AI Could Solve Failings of Traditional Employment and Income Verification Fake paystub generators and unscrupulous businesses have made it easy for fraudsters to exploit outdated employment and income verification systems that account for $3.6 billion in losses for auto lende…DATABREACHTODAY.CO.UK
23 SepUS Pushes Ban on Chinese, Russian Tech in Connected VehiclesCommerce Department Moves to Regulate Foreign Vehicle Tech Amid Security Fears The White House is proposing new regulations on connected vehicles that would prohibit manufacturers from importing software or hardware from the People's Republic of China and Russia, citing an ever-i…DATABREACHTODAY.CO.UK
23 SepSome Kaspersky customers receive surprise forced-update to new antivirus softwareAfter U.S. ban, Kaspersky's American customers were automatically migrated to UltraAV antivirus, in some cases without the customers' knowledge. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
23 SepHalf of all Financial Services Cyber Attacks Start with a Very Costly PhishNew analysis of attacks on the financial sector shows that the combination of phishing emails and compromised credentials is a recurring — and financially impactful — threat.KNOWBE4.COM
23 SepTelegram now shares users’ IP and phone number on legal requestsTelegram will now share users' phone numbers and IP addresses with law enforcement if they are found to be violating the platform's rules following a valid legal request. [...]BLEEPINGCOMPUTER.COM
23 SepAuthentication and Authorization in the AI Era - Shiven Ramji - BSW #365AI is bringing productivity gains like we’ve never seen before -- with users, security teams and developers already reaping the benefits. However, AI is also bolstering existing threats to application security and user identity -- even enabling new, personalized attacks to emerge…YOUTUBE.COM
23 SepRockwell Automation PLC Software Contains RCE FlawAttackers Could Shut Down Operations Or Cause Physical Damage A severe vulnerability in Rockwell Automation software used to configure programmable logic controllers could allow attackers to remotely execute malicious code. The vulnerability is rated 8.8 on the CVSS v4 scale. The…DATABREACHTODAY.CO.UK
23 SepUnauthenticated RCE vs all GNU/Linux systems to be fully disclosed in 2 weeks with no working fix yetsubmitted by treasure to cybersecurity 1 points | 0 comments https://nitter.poast.org/evilsocket/status/1838169889330135132SH.ITJUST.WORKS
23 SepTelegram Pledges Closer Cooperation With PoliceEmbattled CEO Pavel Durov Says Telegram Will Released IP Addresses, Phone Numbers Embattled Telegram CEO Pavel Durov signaled a more cooperative relationship with law enforcement, telling users Monday the messaging service will provide IP addresses and phone numbers "in response …DATABREACHTODAY.CO.UK
📢 SECURITY ADVISORIES 11[−]
23 SepCISA Plan Aligns Cybersecurity Across Federal Agenciessubmitted by IllNess to securitynews 1 points | 0 comments https://www.darkreading.com/cybersecurity-operations/cisa-releases-plan-to-align-cybersecurity-across-federal-agenciesINFOSEC.PUB
23 SepClear as mud: global rules around AI are starting to take shape but remain a little fuzzyThe state of AI legislation, rules, and regulations around the world is clear as mud. That’s not surprising, given that dozens, if not hundreds of governments are all trying to find their footing in the fastest-growing technological advancement around. The United States is pushin…CSOONLINE.COM
23 SepAnswering the Board's Questions While UnitedHealth Group 'Starts Over' - BSW #365In the leadership and communications segment, CISA Releases Cyber Defense Alignment Plan for Federal Agencies, UnitedHealth Group CISO: We had to ‘start over’ after Change Healthcare attack, 20 Essential Strategies for Leadership Development Success, and more! Visit https://www.s…YOUTUBE.COM
23 SepUS proposes ban on connected vehicle tech from China, RussiaToday, the Biden administration announced new proposed measures to defend the United States' national security from potential threats linked to connected vehicle technologies originating from China and Russia. [...]BLEEPINGCOMPUTER.COM
23 SepCybersecurity and compliance: The dynamic duo of 2024Graham Cluley Security News is sponsored this week by the folks at ManageEngine. Thanks to the great team there for their support! It’s almost the end of 2024, and one thing is clear: cybersecurity and compliance are no longer optional; they’re inseparable pillars of surviv…GRAHAMCLULEY.COM
🔥 INCIDENT REPORTING 13[−]
23 SepGameVN - 1,369,485 breached accountsIn May 2016, the Vietnamese gaming forum GameVN suffered a data breach that was later redistributed as part of a larger corpus of data . Data breached from the XenForo-based forum included 1.4M unique email addresses, usernames, IP addresses and salted MD5 password hashes.HAVEIBEENPWNED.COM
23 SepGermany Seizes Leak Site of ‘Vanir’ Ransomware OperationGerman authorities have seized the leak site used by a ransomware group known as "Vanir" in a move to disrupt their operations. The site was used to post information about victims, including a German company.THERECORD.MEDIA
23 SepAT&T Pays $13 Million FCC Settlement Over 2023 Data BreachThe breach occurred when threat actors gained access to customer data of about 9 million AT&T wireless accounts stored by a vendor. This exposed sensitive customer information like account numbers, phone numbers, and email addresses.BLEEPINGCOMPUTER.COM
23 SepHackers Claim Second Dell Data Breach in One Weeksubmitted by kid to cybersecurity 3 points | 0 comments https://hackread.com/dell-hit-by-second-security-breach-in-week/SH.ITJUST.WORKS
23 SepMore Than $44 Million in Cryptocurrency Stolen From Singaporean Platform BingxSingaporean cryptocurrency platform BingX was hit by a cyberattack resulting in the theft of over $44 million. The attack was detected by two blockchain security firms, leading to a temporary suspension of withdrawals and emergency asset transfers.THERECORD.MEDIA
23 SepDOJ, FBI Need Better Metrics for Tracking Ransomware Disruption Efforts, Audit FindsAn audit found that both the DOJ and FBI need to improve in three key areas to enhance their fight against ransomware. While the FBI reported an improvement in taking action within 72 hours in 47% of incidents, there is still room for progress.THERECORD.MEDIA
23 SepEducate Your Users About Malicious SEO Poisoning AttacksSince the beginning of computers, social engineering has been the number one way that computers and networks have been compromised. Social engineering is involved in 70% to 90% of all successful data breaches .KNOWBE4.COM
23 SepHow Microsoft Is Beefing Up Security With 34,000 EngineersAfter Review Board Criticism, Microsoft Targets Culture, Governance, Engineering After high-profile security incidents, Microsoft has dedicated 34,000 engineers to advancing security across all platforms, focusing on identity protection and rapid response. The company is embeddin…DATABREACHTODAY.CO.UK
23 SepNew Mallox ransomware Linux variant based on leaked Kryptina codeAn affiliate of the Mallox ransomware operation, also known as TargetCompany, was spotted using a slightly modified version of the Kryptina ransomware to attack Linux systems. [...]BLEEPINGCOMPUTER.COM
23 SepPennsylvania Firm to Pay $65M for Cancer Patient Photo HackLehigh Valley Health Network Will Pay 134,000 Victims of Ransomware Attack and Leak A Pennsylvania-based healthcare system that was hacked by ransomware group BlackCat in 2023 and extorted over stolen exam photos of breast cancer patients posted to a data leak site has agreed to …DATABREACHTODAY.CO.UK
23 SepCrypto scammers hack OpenAI’s press account on XOpenAI’s official press account on X was hacked by cryptocurrency scammers. Or, at least that’s what appears to have happened. Late Tuesday afternoon, OpenAI Newsroom, an account OpenAI recently launched to spotlight product- and policy-related announcements, tweeted …TECHCRUNCH.COM
🕵️ THREAT INTELLIGENCE 19[−]
23 SepGlobal infostealer malware operation targets crypto users, gamerssubmitted by IllNess to securitynews 3 points | 0 comments https://www.bleepingcomputer.com/news/security/global-infostealer-malware-operation-targets-crypto-users-gamers/ The threat actors use a variety of distribution channels, including malvertising, spearphishing, and brand i…INFOSEC.PUB
23 SepISC Stormcast For Monday, September 23rd, 2024 https://isc.sans.edu/podcastdetail/9148, (Mon, Sep 23rd)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
23 SepNew PondRAT Malware Hidden in Python Packages Targets Software DevelopersThreat actors with ties to North Korea have been observed using poisoned Python packages as a way to deliver a new malware called PondRAT as part of an ongoing campaign. PondRAT, according to new findings from Palo Alto Networks Unit 42, is assessed to be a lighter version of POO…THEHACKERNEWS.COM
23 SepmacOS Sequoia Update Breaks Multiple Security ToolsApple’s latest operating system update, macOS 15, also known as Sequoia, has disrupted the functionality of several prominent security tools. Users and developers have taken to social media and Mac-focused Slack channels to express their frustration over the issues caused b…GBHACKERS.COM
23 SepHacktivist group Twelve is back and targets Russian entitiessubmitted by kid to cybersecurity 4 points | 0 comments https://securityaffairs.com/168746/hacking/twelve-group-targets-russian-entities.htmlSH.ITJUST.WORKS
23 SepNew PondRAT Malware Hidden in Python Packages Targets Software Developerssubmitted by kid to cybersecurity 3 points | 0 comments https://thehackernews.com/2024/09/new-pondrat-malware-hidden-in-python.htmlSH.ITJUST.WORKS
23 SepCybersecurity Products Conking Out After macOS Sequoia UpdatemacOS Sequoia updates are causing cybersecurity software failures and breaking network connectivity for many. The post Cybersecurity Products Conking Out After macOS Sequoia Update appeared first on SecurityWeek .SECURITYWEEK.COM
23 SepTHN Cybersecurity Recap: Last Week's Top Threats and Trends (September 16-22)Hold on tight, folks, because last week's cybersecurity landscape was a rollercoaster! We witnessed everything from North Korean hackers dangling "dream jobs" to expose a new malware, to a surprising twist in the Apple vs. NSO Group saga. Even the seemingly mundane world of domai…THEHACKERNEWS.COM
23 SepZscaler: There are 200 Malicious Lookalike Domains for Every 1 Impersonated BrandAnalysis of typosquatting and brand impersonation activity across 500 of the most visited domains provides insight in to how these techniques come together to effectively deceive.KNOWBE4.COM
23 SepMentorship Monday - Discussions for career and learning!submitted by shellsharks to cybersecurity 2 points | 0 comments Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? …INFOSEC.PUB
23 SepBan Sought for Chinese, Russian Software and Hardware Used in Autonomous Vehicles on US RoadsIn extreme situations, a foreign adversary could shut down or take simultaneous control of multiple vehicles operating in the United States, causing crashes and blocking roads. The post Ban Sought for Chinese, Russian Software and Hardware Used in Autonomous Vehicles on US Roads …SECURITYWEEK.COM
23 SepNecro Trojan Infects Google Play Apps With Millions of DownloadsThe Necro trojan was found in two Android applications in Google Play with a combined downloads count of over 11 million. The post Necro Trojan Infects Google Play Apps With Millions of Downloads appeared first on SecurityWeek .SECURITYWEEK.COM
23 SepSecuring our future: September 2024 progress update on Microsoft’s Secure Future Initiative (SFI)Since the Secure Future Initiative (SFI) began, we’ve dedicated the equivalent of 34,000 full-time engineers to SFI—making it the largest cybersecurity engineering effort in history. And now, we’re sharing key updates and milestones from the first SFI Progress Report. The post …MICROSOFT.COM
23 SepMandiant Offers Clues to Spotting and Stopping North Korean Fake IT WorkersMandiant shines the spotlight on the growing infiltration of US and Western companies by North Korean fake IT workers. The post Mandiant Offers Clues to Spotting and Stopping North Korean Fake IT Workers appeared first on SecurityWeek .SECURITYWEEK.COM
23 SepScammers Abuse Virtual Shopping Lists to Trick Walmart CustomersThreat actors are abusing virtual shopping lists to trick Walmart customers into transferring money or disclosing personal information, according to researchers at Malwarebytes. Links to the lists are distributed via Google Ads that impersonate Walmart support.KNOWBE4.COM
23 SepNorth Korea Targets Software Supply Chain Via PyPIBackdoored Python Packages Likely Work of 'Gleaming Pisces,' Says Palo Alto A North Korean hacking group with a history of a stealing cryptocurrency is likely behind a raft of poisoned Python packages targeting developers working on the Linux and macOS operating systems in an app…DATABREACHTODAY.CO.UK
23 Sep11 million devices infected with botnet malware hosted in Google Playsubmitted by neme to cybersecurity 3 points | 1 comments https://arstechnica.com/security/2024/09/11-million-devices-infected-with-botnet-malware-hosted-in-google-play/SH.ITJUST.WORKS
23 Sep4 More EU Nations Join US-Led Initiative to Counter SpywareAustria, Estonia, Lithuania and the Netherlands Join the Coalition Formed in March Four more European Union nations have joined a United States government-led initiative lanched in March to tackle spyware misuse globally. The move came amid growing criticisms of the European Comm…DATABREACHTODAY.CO.UK
23 SepNews alert: DigiCert acquires Vercara to enhance cloud-based DNS management, DDoS protectionLEHI, Utah – ?September 23, 2024 – DigiCert, backed by Clearlake Capital Group, L.P. (together with its affiliates, “Clearlake”), Crosspoint Capital Partners L.P. (“Crosspoint”), and TA Associates Management L.P. (“TA”), today announced it has completed its acquisition of Vercara…LASTWATCHDOG.COM
🌐 CYBER THREAT LANDSCAPE 4[−]
23 SepSambaSpy RAT Targets Italian Users in a Unique Malware CampaignThis unique malware campaign stood out for its precise targeting of Italian victims, with checks implemented to ensure the system language was set to Italian before infecting the device.SECURITYONLINE.INFO
23 SepNecro Trojan infects 11 million Android devices | Kaspersky official blogKaspersky experts have discovered a new version of the Necro Trojan that’s infected millions of Android devices.KASPERSKY.COM
23 SepAndroid malware 'Necro' infects 11 million devices via Google PlayA new version of the Necro Trojan malware for Android was installed on 11 million devices through Google Play in malicious SDK supply chain attacks. [...]BLEEPINGCOMPUTER.COM
23 SepKaspersky deletes itself, installs UltraAV antivirus without warningStarting Thursday, Kaspersky deleted its anti-malware software from computers across the United States and replaced it with UltraAV's antivirus solution without warning. [...]BLEEPINGCOMPUTER.COM
📡 INFOSEC NEWS 17[−]
23 SepPhishing links with @ sign and the need for effective security awareness building, (Mon, Sep 23rd)While going over a batch of phishing e-mails that were delivered to us here at the Internet Storm Center during the first half of September, I noticed one message which was somewhat unusual. Not because it was untypically sophisticated or because it used some completely new techn…ISC.SANS.EDU
23 SepGSMA Plans End-to-End Encryption for Cross-Platform RCS MessagingThe GSM Association is working on implementing end-to-end encryption for Rich Communications Services (RCS) messaging between Android and iOS. This important step aims to enhance user protection and secure messages across platforms.THEHACKERNEWS.COM
23 SepIndustry Moves for the week of September 23, 2024 - SecurityWeekExplore industry moves and significant changes in the industry for the week of September 23, 2024. Stay updated with the latest industry trends and shifts.SECURITYWEEK.COM
23 SepPicus Security Raises $45M in FundingPicus Security, a San Francisco, CA-based security validation company, raised $45M in funding. The round, which brought total funds raised to $80M, was led by Riverwood Capital, with participation from existing investor Earlybird Digital East Fund.FINSMES.COM
23 SepUS DoJ Charged Two Men With Stealing and Laundering $230 Million Worth of CryptocurrencyTwo suspects, Malone Lam and Jeandiel Serrano, were arrested by the US Department of Justice for stealing and laundering over $230 million worth of cryptocurrency in Miami.SECURITYAFFAIRS.COM
23 SepDiscord Introduces DAVE Protocol for End-to-End Encryption in Audio and Video CallsPopular social messaging platform Discord has announced that it's rolling out a new custom end-to-end encrypted (E2EE) protocol to secure audio and video calls. The protocol has been dubbed DAVE, short for Discord's audio and video end-to-end encryption ("E2EE A/V"). As part of t…THEHACKERNEWS.COM
23 SepWhy 'Never Expire' Passwords Can Be a Risky DecisionPassword resets can be frustrating for end users. Nobody likes being interrupted by the ‘time to change your password’ notification – and they like it even less when the new passwords they create are rejected by their organization’s password policy. IT teams share the pain, with …THEHACKERNEWS.COM
23 SepHow to manage shadow IT and reduce your attack surfaceIn today's fast-paced business environment, employees increasingly turn to unauthorized IT solutions, called Shadow IT, to streamline their work and boost productivity. This article explores the prevalence of shadow IT, the risks it poses and discusses strategies for managing it.…BLEEPINGCOMPUTER.COM
23 SepApple's Latest macOS Release Is Breaking Security Software, Network ConnectionsPACKETSTORMSECURITY.COM
23 SepSecret Calculator Hack Brings ChatGPT To The TI-84, Enabling Easy CheatingPACKETSTORMSECURITY.COM
23 SepWait... Did My AI Just Rickroll Our Customers?!Imagine asking your AI assistant for a simple video tutorial... and getting Rickrolled instead! 😂 That's exactly what happened when Lindy, our AI, pulled the ultimate prank on our customers. We didn’t even have a tutorial, but Lindy sent them that video! Is AI getting too smart f…YOUTUBE.COM
23 SepSophos named a Leader in the 2024 Gartner®️ Magic Quadrant™️ for Endpoint Protection PlatformsSophos has been recognized by Gartner as a Leader in the Endpoint Protection Platforms (EPP) category for the 15th consecutive time.SOPHOS.COM
23 SepFirst TikTok, now smart cars: How Biden’s new proposed ban will affect U.S. automakersThe White House issued a long-anticipated proposal Monday that would ban Chinese smart cars because internet-connected vehicles pose a national security risk. The proposal, made amid an escalating trade war, could affect U.S. automakers and suppliers that rely on certain hardware…TECHCRUNCH.COM
23 SepBridging the Security Execution Gap: Strategies for Effective Data Security Posture Management (DSPM)DATABREACHTODAY.CO.UK
23 SepSophos Firewall v21: VPN and routing enhancementsHow to make the most of the new features in Sophos Firewall v21.SOPHOS.COM