78Articles
7Categories
2024-10-07Date
🐛 COMMON VULNERABILITIES AND EXPOSURES 6[−]
7 Oct19.6K+ Public Zimbra Installations Vulnerable to Code Execution Attacks – CVE-2024-45519A critical vulnerability in Zimbra’s postjournal service, identified as CVE-2024-45519, has left over 19,600 public Zimbra installations exposed to remote code execution attacks. This vulnerability, with a CVSS score of 9.8, allows unauthenticated attackers to execute arbit…GBHACKERS.COM
7 OctHow ‘perfctl’ malware infected millions of Linux servers undetected for yearsSecurity researchers warn that a malware campaign dubbed perfctl has infected millions of Linux servers over the past three to four years by attempting to exploit around 20,000 misconfigurations that expose credentials or insecure admin interfaces. Equipped with a backdoor, perfe…CSOONLINE.COM
7 OctStealthy Malware Has Infected Thousands of Linux Systems for Yearssubmitted by irreticent to cybersecurity 2 points | 0 comments https://web.archive.org/web/20241006122015/https://www.wired.com/story/perfctl-stealthy-malware-infected-linux-systems/ cross-posted from: group.lt/post/2667251 Thousands of machines running Linux have been infected b…SH.ITJUST.WORKS
7 OctCritical Apache Avro SDK Flaw Allows Remote Code Execution in Java ApplicationsA critical security flaw has been disclosed in the Apache Avro Java Software Development Kit (SDK) that, if successfully exploited, could allow the execution of arbitrary code on susceptible instances. The flaw, tracked as CVE-2024-47561, impacts all versions of the software prio…THEHACKERNEWS.COM
7 OctRCE Vulnerability (CVE-2024-30052) Allow Attackers To Exploit Visual Studio via Dump FilesThe researcher investigated the potential security risks associated with debugging dump files in Visual Studio by focusing on vulnerabilities that could be exploited without relying on memory corruption or specific PDB file components.  After analyzing various libraries used…GBHACKERS.COM
7 OctHow ‘perfctl’ malware infected Linux servers undetected for yearsSecurity researchers warn that a malware campaign dubbed perfctl has targeted millions of Linux servers over the past three to four years by attempting to exploit around 20,000 misconfigurations that expose credentials or insecure admin interfaces. Equipped with a backdoor, perfe…CSOONLINE.COM
⚠️ VULNERABILITY DISCLOSURE 13[−]
7 OctRussia finally cracks down on cyber crimes: Cyber Security Today for Monday, October 7th, 2024Cybersecurity Today: Cloudflare's DDoS Victory, Russian Hacker Arrests, and Truth Social Scams In this episode of Cybersecurity Today, host Jim Love discusses Cloudflare's successful mitigation of the largest recorded DDoS attack, showcasing the company's advanced defense capabil…CYBERSECURITYTODAY.LIBSYN.COM
7 OctChief risk storyteller: How CISOs are developing yet another skillMastering the art of risk storytelling is essential for CISOs not just for engagement, but for driving meaningful action across the organization. The right story should emphasize cybersecurity risks with the end-goal of grabbing attention that leads to action. “What gets talked a…CSOONLINE.COM
7 OctTHN Cybersecurity Recap: Top Threats and Trends (Sep 30 - Oct 6)Ever heard of a "pig butchering" scam? Or a DDoS attack so big it could melt your brain? This week's cybersecurity recap has it all – government showdowns, sneaky malware, and even a dash of app store shenanigans. Get the scoop before it's too late! ⚡ Threat of the Week Double Tr…THEHACKERNEWS.COM
7 OctGoogle Blocks Unsafe Android App Sideloading in India for Improved Fraud ProtectionGoogle has announced that it's piloting a new security initiative that automatically blocks sideloading of potentially unsafe Android apps in India, after similar tests in Singapore, Thailand, and Brazil. The enhanced fraud protection feature aims to keep users safe when they att…THEHACKERNEWS.COM
7 OctNew Gorilla Botnet Launches Over 300,000 DDoS Attacks Across 100 CountriesCybersecurity researchers have discovered a new botnet malware family called Gorilla (aka GorillaBot) that is a variant of the leaked Mirai botnet source code. Cybersecurity firm NSFOCUS, which identified the activity last month, said the botnet "issued over 300,000 attack comman…THEHACKERNEWS.COM
7 OctCacti Network Monitoring Tool Vulnerability Let Attackers Execute Remote CodeA critical security vulnerability has been identified in the Cacti network monitoring tool that could allow attackers to execute remote code on affected systems. The vulnerability, detailed in the recent release of Cacti version 1.2.28, highlights the need for system administrato…GBHACKERS.COM
7 OctMalware attack on State Data Center in India puts some citizen services at a standstillIndia’s hill state of Uttarakhand’s entire IT infrastructure came to a standstill on Friday after malware was detected on systems at the State Data Center. The shutdown impacted several critical services, including government websites, the Chief Minister’s helpline, and land regi…CSOONLINE.COM
7 OctFeds Probe Chinese 'Salt Typhoon' Hack of Major TelcosVerizon, AT&T and Lumen's Systems for Lawful Broadband Wiretaps Reportedly Breached The U.S. government is reportedly probing suspected national security breaches tied to Chinese nation-state hackers infiltrating broadband providers' infrastructure used to comply with court-a…DATABREACHTODAY.CO.UK
7 OctAmerican Water shuts down online services after cyberattackAmerican Water, the largest publicly traded U.S. water and wastewater utility company, was forced to shut down some of its systems after a Thursday cyberattack. [...]BLEEPINGCOMPUTER.COM
7 OctFree Phishing Platform Has Created More than 140,000 Spoofed WebsitesA free phishing-as-a-service (PhaaS) platform named Sniper Dz has assisted in the creation of more than 140,000 phishing sites over the past year, according to researchers at Palo Alto Networks. The service allows unskilled criminals to spin up sophisticated phishing sites that s…KNOWBE4.COM
7 OctQualcomm patches high-severity zero-day exploited in attacksQualcomm has released security patches for a zero-day vulnerability in the Digital Signal Processor (DSP) service that impacts dozens of chipsets. [...]BLEEPINGCOMPUTER.COM
7 OctUS Judge Blocks California's Law Curbing Election DeepfakesMan Who Made Viral Deepfake of Kamala Harris Wins Preliminary Injunction A U.S. federal judge mostly stopped from going into effect a newly-enacted California law restricting the use of election-related deepfakes, ruling Wednesday the statute likely violates American freedom of s…DATABREACHTODAY.CO.UK
7 OctADT discloses second breach in 2 months, hacked via stolen credentialsHome and small business security company ADT disclosed it suffered a breach after threat actors gained access to its systems using stolen credentials and exfiltrated employee account data. [...]BLEEPINGCOMPUTER.COM
📢 SECURITY ADVISORIES 9[−]
7 OctCanada East Summit: From Ransomware to Growing CISO LiabilityCanadian Cybersecurity Leaders Brace for Changing Security Landscape and Regulations At the recent Cybersecurity Summit: Canada East, hosted by Information Security Media Group, cybersecurity leaders, industry experts and top executives discussed the surge in ransomware attacks, …DATABREACHTODAY.CO.UK
7 OctFeds Warn Health Sector of New 'Trinity' Ransomware ThreatsGang Hits Victims with 'Sophisticated' Exfiltration, Encryption Extortion Attacks Health sector entities have yet another ransomware group to worry about, warn U.S. federal authorities. Trinity, a relatively new sophisticated threat actor, is hitting a variety of critical industr…DATABREACHTODAY.CO.UK
7 OctMicrosoft Defender for Cloud remediated threats 30% faster than other solutions, according to Forrester TEI™ studyForrester found that Microsoft Defender for Cloud markedly enhanced the security, compliance, and operational efficiency of each company participating. The post Microsoft Defender for Cloud remediated threats 30% faster than other solutions, according to Forrester TEI™ study appe…MICROSOFT.COM
🔥 INCIDENT REPORTING 17[−]
7 OctChinese Group Hacked US Court Wiretap SystemsChinese hackers have infiltrated the networks of major U.S. broadband providers, gaining access to systems used for court-authorized wiretapping. According to a Reuters report, the attack targeted the networks of Verizon Communications, AT&T, and Lumen Technologies. The breac…GBHACKERS.COM
7 OctModernization of Authentication: Webinar on MFA, Passwords, and the Shift to PasswordlessThe interest in passwordless authentication has increased due to the rise of hybrid work environments and widespread digitization. This has led to a greater need for reliable data security and user-friendly interfaces. Without these measures, organizations are at risk of experien…THEHACKERNEWS.COM
7 OctComcast says customer data stolen in ransomware attack on debt collection agencyThe ransomware attack on a U.S. debt collection agency also affects customers of CF Medical and Truist Bank. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
7 OctMITRE Launches AI Incident Sharing Initiativesubmitted by kid to cybersecurity 1 points | 0 comments https://ai-incidents.mitre.org/ MITRE’s Center for Threat-Informed Defense has launched the AI Incident Sharing initiative, collaborating with over 15 companies to enhance AI system defenses. The initiative, part of the Secu…SH.ITJUST.WORKS
7 OctComcast confirms 237K affected in feisty breach notificationsubmitted by kid to cybersecurity 2 points | 0 comments https://www.theregister.com/2024/10/04/comcast_fcbs_ransomware_theft/SH.ITJUST.WORKS
7 OctMedusaLocker ransomware variant paired with ‘paid_memes’ toolkitsubmitted by kid to cybersecurity 1 points | 0 comments https://blog.talosintelligence.com/threat-actor-believed-to-be-spreading-new-medusalocker-variant-since-2022/SH.ITJUST.WORKS
7 OctAT&T, Verizon reportedly hacked to target US govt wiretapping platformMultiple U.S. broadband providers, including Verizon, AT&T, and Lumen Technologies, have been breached by a Chinese hacking group tracked as Salt Typhoon, the Wall Street Journal reports. [...]BLEEPINGCOMPUTER.COM
7 OctKyiv's hackers launched an unprecedented cyber attack on Russian state media VGTRK on Putin's birthdaysubmitted by kid to cybersecurity 2 points | 0 comments https://securityaffairs.com/169486/cyber-warfare-2/kyivs-hackers-hit-russian-state-media.htmlSH.ITJUST.WORKS
7 OctAT&T, Verizon reportedly hacked to target US govt wiretapping platformsubmitted by kid to cybersecurity 2 points | 0 comments https://www.bleepingcomputer.com/news/security/atandt-verizon-reportedly-hacked-to-target-us-govt-wiretapping-platform/ The purpose of the attack appears to be for intelligence collection as the hackers might have had access…SH.ITJUST.WORKS
7 OctThe 30-year-old internet backdoor law that came back to biteChina reportedly hacked the wiretap systems required by U.S. internet providers under a 1994 U.S. wiretapping law. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
7 OctUniversal Music Group Admits Data Breachsubmitted by kid to cybersecurity 3 points | 0 comments https://www.infosecurity-magazine.com/news/umg-data-breach-680-us-residents/SH.ITJUST.WORKS
7 OctMoneyGram says hackers stole customers’ personal information and transaction dataThe money transfer giant said hackers also stole some customer Social Security numbers during the September cyberattack. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
7 OctLEGO's website hacked to push cryptocurrency scamOn Friday night, cryptocurrency scammers briefly hacked the LEGO website to promote a fake Lego token that could be purchased with Ethereum. [...]BLEEPINGCOMPUTER.COM
7 OctMoneyGram confirms hackers stole customer data in cyberattackMoneyGram has confirmed that hackers stole customers' personal information and transaction data in a September cyberattack that caused a five-day outage. [...]BLEEPINGCOMPUTER.COM
7 OctMind the (air) gap: GoldenJackal gooses government guardrailsESET Research analyzed two separate toolsets for breaching air-gapped systems, used by a cyberespionage threat actor known as GoldenJackalWELIVESECURITY.COM
🕵️ THREAT INTELLIGENCE 18[−]
7 OctISC Stormcast For Monday, October 7th, 2024 https://isc.sans.edu/podcastdetail/9168, (Mon, Oct 7th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
7 OctMicrosoft & DOJ Dismantles Hundreds of Websites Used by Russian HackersMicrosoft and the U.S. Department of Justice (DOJ) have disrupted the operations of Star Blizzard, a notorious Russian hacking group. This collaborative effort marks a significant step in safeguarding global democratic processes from cyber threats. Unsealing the Operation The Uni…GBHACKERS.COM
7 OctLargest Recorded DDoS Attack is 3.8 TbpsCLoudflare just blocked the current record DDoS attack: 3.8 terabits per second . (Lots of good information on the attack, and DDoS in general, at the link.) News article .SCHNEIER.COM
7 OctNorth Korea's Secret IT Army and How to Combat ItOrganizations around the world are unknowingly recruiting and hiring fake employees and contractors from North Korea. These sophisticated operatives aim to earn high salaries while potentially stealing money and confidential information.KNOWBE4.COM
7 OctFunction of each type of computer virussubmitted by gafanhoto to cybersecurity 0 points | 0 comments https://chat-to.dev/post?id=733INFOSEC.PUB
7 OctMentorship Monday - Discussions for career and learning!submitted by shellsharks to cybersecurity 2 points | 0 comments Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? …INFOSEC.PUB
7 Oct19.6K+ Public Zimbra Installations Vulnerable to Code Execution Attackssubmitted by kid to cybersecurity 1 points | 0 comments https://gbhackers.com/zimbra-installations-code-execution-attack/SH.ITJUST.WORKS
7 OctHybrid Analysis Utilizes Criminal IP’s Robust Domain Data for Better Malware DetectionCriminal IP, a renowned Cyber Threat Intelligence (CTI) search engine developed by AI SPERA, has partnered with Hybrid Analysis, a platform that provides advanced malware analysis and threat intelligence, to enhance threat research. This collaboration integrates Criminal IP’s adv…GBHACKERS.COM
7 OctHybrid Analysis Bolstered by Criminal IP’s Comprehensive Domain IntelligenceAI SPERA announced that its domain and IP address threat intel platform, Criminal IP, is now integrated with Hybrid Analysis. Learn more from Criminal IP about how this brings additional insights to Hybrid Analysis. [...]BLEEPINGCOMPUTER.COM
7 OctFrom IT to Boardroom: NIS2 Reshapes Cybersecurity RolesSchellman CEO Avani Desai on Preparing Executives for New Security Responsibilities With the NIS2 Directive fast approaching, cybersecurity has evolved from a technical challenge to a critical business priority. Avani Desai, CEO at Schellman, highlights the growing responsibility…DATABREACHTODAY.CO.UK
7 OctNews alert: Hybrid Analysis adds Criminal IP’s real-time domain scans, boosts malware detectionTorrance, Calif., Oct. 7, 2024, CyberNewswire — Criminal IP , a renowned Cyber Threat Intelligence (CTI) search engine developed by AI SPERA , has partnered with Hybrid Analysis , a platform that provides advanced malware analysis and threat intelligence, to … (more…)…LASTWATCHDOG.COM
7 OctAmerican Water warns of billing outages after finding hackers in its systemssubmitted by BrikoX to cybersecurity 2 points | 0 comments https://techcrunch.com/2024/10/07/american-water-warns-of-billing-outages-after-finding-hackers-in-its-systems/ The company said it discovered “unauthorized activity” within its networks on October 3 and promptly moved to…SH.ITJUST.WORKS
7 OctWhat Bletchley Park Can Teach Us About Building a Strong Security CultureDuring World War II, a group of brilliant minds led by Alan Turing gathered at Bletchley Park in England to crack the German Enigma code. This wasn't just a technological challenge, it was a race against time that required diverse skills, innovative thinking, and collaboration. T…KNOWBE4.COM
7 OctOkta Classic customers told to check logs for sign-on bypasssubmitted by kid to cybersecurity 3 points | 0 comments https://www.scworld.com/news/okta-classic-customers-told-to-check-logs-for-sign-on-bypassSH.ITJUST.WORKS
7 OctC'est La Vie: French Atos Acquisition Bid ExpiresParties Vow to Continue Negotiations Time ran out for a non-binding takeover bid from the French government for the cybersecurity business of beleaguered Parisian IT consultancy Atos. Among the world's largest manage security service providers, the financially-struggling firm is …DATABREACHTODAY.CO.UK
7 OctDHS Warns Election Security Risks May Persist Into 2025DHS Says Adversaries May Stoke Voter Fraud Fears Long After Election Day The latest Homeland Security threat assessment lists this year’s election cycle as a top concern for 2025 and a potential trigger for domestic terrorism. The agency says foreign adversaries and violent extre…DATABREACHTODAY.CO.UK
7 OctUkrainian Pleads Guilty for Role in Raccoon Stealer MalwareMark Sokolovsky Admits to Felony Conspiracy Charge in U.S. Federal Court A Ukrainian national pleaded guilty Monday in U.S. federal court to one count of conspiracy to commit computer intrusion in connection with his role in the malware-as-a-service Raccoon info stealer criminal …DATABREACHTODAY.CO.UK
7 OctIronNet Settles Securities Fraud Class Action Suit for $6.6MSettlement Addresses Claims of False Revenue Forecasts, Investor Misrepresentation IronNet and several former executives agreed to a $6.6 million settlement, ending a class action lawsuit accusing the company of misleading investors with inflated revenue projections. The settleme…DATABREACHTODAY.CO.UK
🌐 CYBER THREAT LANDSCAPE 1[−]
7 OctUkrainian pleads guilty to operating Raccoon Stealer malwareUkrainian national Mark Sokolovsky has pleaded guilty to his involvement in the Raccoon Stealer malware-as-a-service (MaaS) cybercrime operation. [...]BLEEPINGCOMPUTER.COM
📡 INFOSEC NEWS 14[−]
7 OctE.U. Court Limits Meta's Use of Personal Facebook Data for Targeted AdsEurope's top court has ruled that Meta Platforms must restrict the use of personal data harvested from Facebook for serving targeted ads even when users consent to their information being used for advertising purposes, a move that could have serious consequences for ad-driven com…THEHACKERNEWS.COM
7 OctKaspersky apps are no longer available on Google Play: what to do? | Kaspersky official blogKaspersky apps have been removed from Google Play: what does this mean for users, do the apps still work, and how to get and update them now.KASPERSKY.COM
7 OctVulnerable APIs and Bot Attacks Costing Businesses Up to $186 Billion AnnuallyOrganizations are losing between $94 - $186 billion annually to vulnerable or insecure APIs (Application Programming Interfaces) and automated abuse by bots. That’s according to The Economic Impact of API and Bot Attacks report from Imperva, a Thales company. The report highlight…THEHACKERNEWS.COM
7 OctAmerican Water warns of billing outages after finding hackers in its systemsThe company said it discovered “unauthorized activity” within its networks on October 3 and promptly moved to disconnect affected systems. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
7 OctYour robot vacuum cleaner might be spying on youWhen Sean Kelly bought a top-of-the-line vacuum cleaner, he imagined he was making a safe purchase. Little did he know that the cleaning machine scuttling about his family's feet contained a security flaw that could let anyone see and hear their every move. Read more in my articl…BITDEFENDER.COM
7 OctmacOS Sequoia: System/Network Admins, Hold On!, (Mon, Oct 7th)It&#;x26;#;39;s always tempting to install the latest releases of your preferred software and operating systems. After all, that&#;x26;#;39;s the message we pass to our beloved users: "Patch, patch, and patch again!". L…ISC.SANS.EDU
7 OctApple fixes bugs in macOS Sequoia that broke some cybersecurity toolsApple said the new macOS release "improves compatibility with third-party security software," after the first operating systems release broke several cybersecurity tools. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
7 OctMicrosoft: Word deletes some documents instead of saving themMicrosoft warns that a new bug may cause Word for Windows to delete some documents instead of saving them. [...]BLEEPINGCOMPUTER.COM