58Articles
7Categories
2024-10-04Date
🐛 COMMON VULNERABILITIES AND EXPOSURES 3[−]
4 OctNational Vulnerability Database backlog, update on CIRA study: Cyber Security Today for Friday, October 4, 2024Cybersecurity Today: NVD Backlogs & Emerging Threats Host Jim Love discusses the backlog in the National Vulnerability Database and its implications for cybersecurity, highlighting two new Linux vulnerabilities. The episode also covers a sophisticated malware, Perfctl, attacking …CYBERSECURITYTODAY.LIBSYN.COM
4 OctWordPress LiteSpeed Cache Plugin Security Flaw Exposes Sites to XSS AttacksA new high-severity security flaw has been disclosed in the LiteSpeed Cache plugin for WordPress that could enable malicious actors to execute arbitrary JavaScript code under certain conditions. The flaw, tracked as CVE-2024-47374 (CVSS score: 7.2), has been described as a stored…THEHACKERNEWS.COM
4 Oct KEVHackers steal sensitive customer data from thousands of online stores that use Adobe toolsDistinct groups of cybercriminals have been exploiting the CosmicSting flaw in Adobe’s Commerce and Magento software to steal customers’ payment information. According to research by Sansec, miscreants have used the flaw, also tracked as CVE-2024-34102, to hack at least 5% of all…CSOONLINE.COM
⚠️ VULNERABILITY DISCLOSURE 14[−]
4 OctLinux Malware perfctl Attacking Millions of Linux ServersResearchers have uncovered a sophisticated Linux malware, dubbed “perfctl,” actively targeting millions of Linux servers worldwide. This malicious software exploits over 20,000 types of server misconfigurations, posing a significant threat to any Linux server connecte…GBHACKERS.COM
4 OctOver 80% of phishing sites now target mobile devicesMobile-targeted phishing (M-ishing) attacks are seeing a significant rise with more than four out of every five phishing sites now specifically targeting mobile devices, according to a report by Zimperium Labs. The study, which analyzed research data from Zimperium’s Labs team, f…CSOONLINE.COM
4 OctCloudflare Thwarts Largest-Ever 3.8 Tbps DDoS Attack Targeting Global SectorsCloudflare has disclosed that it mitigated a record-breaking distributed denial-of-service (DDoS) attack that peaked at 3.8 terabits per second (Tbps) and lasted 65 seconds. The web infrastructure and security company said it fended off "over one hundred hyper-volumetric L3/4 DDo…THEHACKERNEWS.COM
4 OctDOJ seizes 41 Russian-controlled domains in cyber-espionage crackdownThe US Department of Justice (DOJ) has seized 41 internet domains used by Russian intelligence agents and their allies for cyberattacks on the US. This marks a major move to block state-sponsored cybercriminals from stealing sensitive information. “These Russian domains were bein…CSOONLINE.COM
4 OctISMG Editors: Russian Cybercrime Syndicates Under SiegeAlso: U.S. Healthcare Cyber Bill, Insights from ISMG's Canada Summit In the latest weekly update, ISMG editors discussed recent international law enforcement efforts against Russian cybercrime organizations, the latest U.S. cybersecurity bill aimed at protecting the healthcare se…DATABREACHTODAY.CO.UK
4 OctSurvey of CUPS exploit attempts, (Fri, Oct 4th)It is about a week since the release of the four CUPS remote code execution vulnerabilities. After the vulnerabilities became known, I configured one of our honeypots that watches a larger set of IPs to specifically collect UDP packets to port 631. Here is a quick summary of the …ISC.SANS.EDU
4 OctCybersecurity Career Paths: from touring musician to purple teaming at Meta - Jayson G... - ESW #378Our latest in a series of interviews discussing cybersecurity career paths, today we talk to Jayson Grace his path into cybersecurity and his experience building red teams at national labs and purple teams at Meta. We also talk about his community impact, giving talks and buildin…YOUTUBE.COM
4 OctSecure the Browser & Vulnerability and Exposure Management - Brian Contos, Neko Papez - ESW #378The way we use browsers has changed, so has the way we need to secure them. Using a secure enterprise browser to execute content away from the endpoint, inside a secure cloud browser is a dramatically more effective and cost-effective approach to protect users and secure access. …YOUTUBE.COM
4 OctMass Retail Hacks Affect Adobe Commerce and Magento Stores4,387 Online Merchants Compromised, Including Cisco and National Geographic Stores Thousands of online stores running Adobe Commerce and Magento software have been hacked since the summer and infected with digital payment skimmers by attackers targeting a vulnerability known as C…DATABREACHTODAY.CO.UK
4 Oct KEVNothing Is Safe - PSW #845Automated tank gauges are leaking more than just fuel, while CUPS is serving up a steaming hot brew of vulnerabilities. Meanwhile, Supermicro's BMC firmware is giving away root access like it's going out of style. If you thought your Kia was safe, think again - all it takes is a …YOUTUBE.COM
4 OctIvanti Confirms Exploitation of an Old Critical VulnRemote Code Execution Bug Exploited in Limited Attacks Ivanti confirmed that hackers are exploiting an SQL injection vulnerability in its Ivanti Endpoint Manager enabling remote code execution, despite the company addressing the issue with a patch in May. The flaw allows unauthen…DATABREACHTODAY.CO.UK
4 OctNew report reveals a rise in phishing attacks, as commodity campaigns, advanced persistent threats, and impersonation attacks escalatesubmitted by kid to cybersecurity 2 points | 0 comments https://uk.finance.yahoo.com/news/report-reveals-rise-phishing-attacks-090000477.html 28% increase in phishing emails sent between April 1st – June 30th vs January 1st – March 31st, 2024 82% of phishing toolkits mentioned de…SH.ITJUST.WORKS
4 OctRussia arrests US-sanctioned Cryptex founder, 95 other linked suspects​Russian law enforcement detained almost 100 suspects linked to the Cryptex cryptocurrency exchange, the UAPS anonymous payment service, and 33 other online services and platforms used to make illegal payments and sell stolen credentials. [...]BLEEPINGCOMPUTER.COM
4 OctHighline Public Schools confirms ransomware behind shutdownOn Thursday, K-12 school district Highline Public Schools confirmed that a ransomware attack forced it to shut down all schools in early September. [...]BLEEPINGCOMPUTER.COM
📢 SECURITY ADVISORIES 3[−]
4 OctUK nuclear site Sellafield fined $440,000 for cybersecurity shortfallsNuclear waste processing facility Sellafield has been fined £332,500 ($440k) by the Office for Nuclear Regulation (ONR) for failing to adhere to cybersecurity standards and putting sensitive nuclear information at risk over four years, from 2019 to 2023. [...]BLEEPINGCOMPUTER.COM
🔥 INCIDENT REPORTING 10[−]
4 OctMicrosoft, DOJ Dismantle Domains Used by Russian FSB-Linked Hacking GroupMicrosoft and the U.S. Department of Justice (DOJ) have successfully dismantled a network of domains a Russian hacking group linked to the Federal Security Service (FSB) uses. This collaborative effort is critical in countering cyber threats targeting democratic institutions worl…GBHACKERS.COM
4 OctNordkoreanische Cyberspione ködern EntwicklerNordkoreanische Hacker werden immer kreativer, wenn es darum geht, Daten zu ergaunern FOTOGRIN – shutterstock.com Softwareentwickler sind wertvolle Ziele für staatlich unterstützte Angreifer, da ihre Computer oft sensible Informationen und Zugangsdaten enthalten. Solche Daten kön…CSOONLINE.COM
4 OctPrince Ransomware Hits UK and US via Royal Mail Phishing ScamA new ransomware campaign targeting individuals and organizations in the UK and the US has been identified. The attack, known as the “Prince Ransomware,” utilizes a phishing scam that impersonates the British postal carrier Royal Mail. This campaign highlights the gro…GBHACKERS.COM
4 OctPrince Ransomware Hits UK and US via Royal Mail Phishing Scamsubmitted by kid to cybersecurity 1 points | 0 comments https://gbhackers.com/prince-ransomware-hits-uk-us/SH.ITJUST.WORKS
4 OctCriminals Are Testing Their Ransomware in Africasubmitted by kid to cybersecurity 1 points | 0 comments https://www.darkreading.com/cyberattacks-data-breaches/criminals-test-ransomware-africaSH.ITJUST.WORKS
4 OctOutlast game development delayed after Red Barrels cyberattackCanadian video game developer Red Barrels is warning that the development of its Outlast games will likely be delayed after the company suffered a cyberattack impacting its internal IT systems and data. [...]BLEEPINGCOMPUTER.COM
4 OctMedical Group Pays $240K Fine for 3 Ransomware AttacksNonprofit Group Hit 3 Times in 3 Weeks in 2018, Affecting PHI of 85,000 Patients Federal regulators have hit a California physician services organization with a $240,000 HIPAA civil penalty following an investigation into three ransomware attacks that occurred within a three-week…DATABREACHTODAY.CO.UK
4 OctRussia Arrests 100 in Cryptex Crypto Exchange CrackdownUS-Sanctioned Crypto Exchange Founder Sergey Ivanov Included in Sweeping Arrests Russia’s primary federal investigative agency announced a rare and sweeping investigation into the United States-sanctioned cryptocurrency exchange Cryptex and other platforms used to carry out illeg…DATABREACHTODAY.CO.UK
4 OctThe complexities of attack attribution – Week in security with Tony AnscombeAs highlighted by new ESET research this week, attributing a cyberattack to a specific threat actor is a complex affairWELIVESECURITY.COM
🕵️ THREAT INTELLIGENCE 20[−]
4 OctISC Stormcast For Friday, October 4th, 2024 https://isc.sans.edu/podcastdetail/9166, (Fri, Oct 4th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
4 OctWeltweite Störung bei Microsoft-Dienstendennizn – shutterstock.com Am Dienstag (30. Juli) waren mehrere Dienste von Microsoft von einer weltweiten Netzwerkstörung betroffen. Nutzer berichteten von Problemen bei Anwendungen wie Outlook, Teams und OneDrive. Auch in Unternehmen, die Microsofts Cloud-Dienst Azure nutzen, k…CSOONLINE.COM
4 OctCloud Penetration Testing Checklist – 2024Cloud Penetration Testing is a method of actively checking and examining the Cloud system by simulating the attack from the malicious code. Cloud computing is the shared responsibility of the Cloud provider and the client who earn the service from the provider. Due to the impact …GBHACKERS.COM
4 OctAre we getting better at quantifying risk management?As cyber threats grow more sophisticated and pervasive, the need for effective risk management has never been greater. The challenge lies not only in defining risk mitigation strategy but also in quantifying risk in ways that resonate with business leaders. The ability to transla…SECURITYINTELLIGENCE.COM
4 OctOff-Topic Fridaysubmitted by shellsharks to cybersecurity 1 points | 0 comments Wanna chat about something non-infosec amongst those of us who frequent /c/cybersecurity? Here’s your chance! (Keep things civil & respectful please)INFOSEC.PUB
4 OctU.S. and Microsoft Seize 107 Russian Domains in Major Cyber Fraud CrackdownMicrosoft and the U.S. Department of Justice (DoJ) on Thursday announced the seizure of 107 internet domains used by state-sponsored threat actors with ties to Russia to facilitate computer fraud and abuse in the country. "The Russian government ran this scheme to steal Americans…THEHACKERNEWS.COM
4 OctApple fixes password-blurting VoiceOver bugsubmitted by kid to cybersecurity 2 points | 0 comments https://www.theregister.com/2024/10/04/apple_voiceover_password_bug/SH.ITJUST.WORKS
4 OctSecurity Needs to Be Simple and Secure By Default: GoogleGoogle Pushes for Gen AI and Platformization to Counter Sophisticated Threats Google asserts that platformization and consolidation can help contain today's sophisticated threats. Embedding generative AI into security is also required as the industry moves from assisted AI to sem…DATABREACHTODAY.CO.UK
4 OctPalo Alto Networks: 5x Leader in the Gartner Magic Quadrant for SD-WANPalo Alto Networks is named a Leader five-times in a row with furthest on completeness of vision in the 2024 Gartner Magic Quadrant for SD-WAN report. The post Palo Alto Networks: 5x Leader in the Gartner Magic Quadrant for SD-WAN appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
4 OctCybersecurity best practices are the worst, AI indegestion, real time doxxing - ESW #378This week in the enterprise security news, we've got: 1. Torq, Tamnoon, and Defect Dojo raise funding 2. Checkmarx acquires ZAP 3. Commvault acquires Clumio 4. Would you believe San Francisco is NOT the most funded metro area for cybersecurity? 5. Auto-doxxing Smart glasses are n…YOUTUBE.COM
4 OctFinancial Services Industry Experiences a Massive Increase in Brand AbuseIndustry analysis of the domains used behind phishing and brand impersonation attacks show financial institutions are being leveraged at an alarming rate.KNOWBE4.COM
4 OctInfostealer Threat Group “Marko Polo” Evolving Into an “Empire”New research by Recorded Future provides insight into how advanced and sophisticated the threat group Marko Polo has become since launching in 2022.KNOWBE4.COM
4 OctPerfctl, Pig Butchering, Ivanti, Zimbra, BabyLockerKZ, AI gone Wild, Aaran Leyland... - SWN #419Perfctl, Warm Cookie, Pig Butchering, Ivanti, Zimbra, BabyLockerKZ, AI gone Wild, Aaran Leyland, and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-419YOUTUBE.COM
4 OctEx-CEO Adam Geller Returns to Product Leadership at ZscalerFormer Exabeam CEO Aims to Strengthen Data-Driven Strategy for Security Operations Adam Geller discusses his shift from Exabeam CEO back to product leadership at Zscaler, where he plans to use the company's vast data insights and security operations to drive growth. Geller emphas…DATABREACHTODAY.CO.UK
4 OctTransatlantic Cable podcast episode 365 | Kaspersky official blogEpisode 365 has chatbots, CAPTCHA, Trump and yet more GDPR woes!KASPERSKY.COM
4 OctMeta Hit Again With Targeted Advertising Limits In EuropeEuropean Court of Justice Says Meta May Not Indefinitely Retain User Data Targeted advertising may face additional restrictions following a ruling by the top European Union court that social media giant Meta cannot indefinitely retain user data. Nor can it use data for advertisin…DATABREACHTODAY.CO.UK
4 OctFriday Squid Blogging: Map of All Colossal Squid SightingsInteresting map , from this paper . Blog moderation policy.SCHNEIER.COM
4 OctIrish DPC Probes Ryanair Over Facial RecognitionCompany Has Long Running Fight Against Fare Scrappers The Irish data regulator launched an investigation into Dublin-based ultra low-cost carrier Ryanair to identify potential privacy violations related to the company's use of third-party facial recognition technology, stepping i…DATABREACHTODAY.CO.UK
4 OctIllumio, ColorTokens, Cisco Lead Microsegmentation RankingsIllumio, Akamai Stay Atop Forrester Wave, While ColorTokens, Cisco Join Leaderboard Illumio and Akamai remained atop Forrester's microsegmentation rankings, while ColorTokens and Cisco climbed into the leader space.The microsegmentation market has expanded beyond traditional on-p…DATABREACHTODAY.CO.UK
4 OctSerhiy Tokarev Told About Roosh’s Investment in the French Freelance PlatformUkrainian Roosh Ventures has invested in the French freelance platform Jump. This was announced by tech entrepreneur and co-founder of the Roosh investment fund, Serhiy Tokarev, on his LinkedIn page: “Thrilled to announce that Roosh Ventures is backing Jump, a platform that…GBHACKERS.COM
🌐 CYBER THREAT LANDSCAPE 1[−]
📡 INFOSEC NEWS 7[−]
4 OctSellafield nuclear site hit with £332,500 fine after “significant cybersecurity shortfalls”The UK's Sellafield nuclear waste processing and storage site has been fined £332,500 by regulators after its IT systems were found to have been left vulnerable to hackers and unauthorised access for years. Read more in my article on the Hot for Security blog.BITDEFENDER.COM
4 OctHow to Get Going with CTEM When You Don't Know Where to StartContinuous Threat Exposure Management (CTEM) is a strategic framework that helps organizations continuously assess and manage cyber risk. It breaks down the complex task of managing security threats into five distinct stages: Scoping, Discovery, Prioritization, Validation, and Mo…THEHACKERNEWS.COM
4 OctGoogle removes Kaspersky's antivirus software from Play StoreOver the weekend, Google removed Kaspersky's Android security apps from the Google Play store and disabled the Russian company's developer accounts. [...]BLEEPINGCOMPUTER.COM