94Articles
9Categories
2024-10-16Date
🐛 COMMON VULNERABILITIES AND EXPOSURES 5[−]
16 OctGitHub Patches Critical Flaw in Enterprise Server Allowing Unauthorized Instance AccessGitHub has released security updates for Enterprise Server (GHES) to address multiple issues, including a critical bug that could allow unauthorized access to an instance. The vulnerability, tracked as CVE-2024-9487, carries a CVS score of 9.5 out of a maximum of 10.0 "An attacke…THEHACKERNEWS.COM
16 Oct KEVCISA Warns of Active Exploitation in SolarWinds Help Desk Software VulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw impacting SolarWinds Web Help Desk (WHD) software to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. Tracked as CVE-2024-28987 (CV…THEHACKERNEWS.COM
16 OctNorth Korean ScarCruft Exploits Windows Zero-Day to Spread RokRAT MalwareThe North Korean threat actor known as ScarCruft has been linked to the zero-day exploitation of a now-patched security flaw in Windows to infect devices with malware known as RokRAT. The vulnerability in question is CVE-2024-38178 (CVSS score: 7.5), a memory corruption bug in th…THEHACKERNEWS.COM
16 OctVerseuchte Open-Source-Pakete explodierenEinem neuen Bericht des Software-Supply-Chain-Management-Unternehmens Sonatype zufolge dringt Malware alarmierend schnell in das Ökosystem der Open-Source-Softwareentwicklung ein. Das Unternehmen hat seit November 2023 über 500.000 neue bösartige Pakete in den beliebten Java-, Ja…CSOONLINE.COM
16 OctVMware Patches High-Severity SQL Injection Flaw in HCX PlatformVMware patches CVE-2024-38814 and warns that attackers with non-administrator privileges can execute remote code on the HCX manager. The post VMware Patches High-Severity SQL Injection Flaw in HCX Platform appeared first on SecurityWeek .SECURITYWEEK.COM
⚠️ VULNERABILITY DISCLOSURE 27[−]
16 OctWhat is the cost of a data breach?For modern businesses regardless of industry or size, the monetary impact of a data breach is substantial. IBM’s latest Cost of a Data Breach report discovered that, from March 2023 to February 2024, the average cost of a data breach globally reached an all-time high of $4.88 mil…CSOONLINE.COM
16 OctCISOs grapple with a growing concern: Stress-related substance abuseA few years ago, Olivia Rose lived on adrenaline as an “always-on” corporate CISO. Constant meetings made it hard for her to finish what she had started, and she spent significant time managing a team while also managing upwards to leadership. The constant juggling act was “exhau…CSOONLINE.COM
16 OctCISA Releases ICS Advisories to Mitigate Cyber AttacksThe Cybersecurity and Infrastructure Security Agency (CISA) released two critical Industrial Control Systems (ICS) advisories on October 15, 2024. These advisories provide essential information about current security issues, vulnerabilities, and potential exploits affecting ICS. …GBHACKERS.COM
16 OctCISA Warns of Active Exploitation in SolarWinds Help Desk Software Vulnerabilitysubmitted by AmbiguousProps to cybersecurity 1 points | 0 comments https://thehackernews.com/2024/10/cisa-warns-of-active-exploitation-in.htmlSH.ITJUST.WORKS
16 OctOrganizations Warned of Exploited SolarWinds Web Help Desk VulnerabilityCISA warns that a critical-severity hardcoded credentials vulnerability in SolarWinds Web Help Desk is exploited in attacks. The post Organizations Warned of Exploited SolarWinds Web Help Desk Vulnerability appeared first on SecurityWeek .SECURITYWEEK.COM
16 OctGoogle Pays Out $36,000 for Severe Chrome VulnerabilityGoogle has released Chrome 130 in the stable channel to resolve 17 vulnerabilities, including 13 reported by external researchers. The post Google Pays Out $36,000 for Severe Chrome Vulnerability appeared first on SecurityWeek .SECURITYWEEK.COM
16 OctFrom Misuse to Abuse: AI Risks and AttacksAI from the attacker’s perspective: See how cybercriminals are leveraging AI and exploiting its vulnerabilities to compromise systems, users, and even other AI applications Cybercriminals and AI: The Reality vs. Hype “AI will not replace humans in the near future. But humans who …THEHACKERNEWS.COM
16 OctOkta’s new security standard to be adopted by Google, MicrosoftIdentity and access management (IAM) solutions provider Okta has announced a new, open-source identity security standard for SaaS providers, calling it the Interoperability Profile for Secure Identity in the Enterprise (IPSIE). The new security framework, set to be adopted by Mic…CSOONLINE.COM
16 OctMicrosoft Patches Vulnerabilities in Power Platform, Imagine Cup SiteMicrosoft has patched ‘critical’ privilege escalation and information disclosure vulnerabilities in Power Platform, Dataverse and the Imagine Cup website. The post Microsoft Patches Vulnerabilities in Power Platform, Imagine Cup Site appeared first on SecurityWeek .SECURITYWEEK.COM
16 OctVarsity Brands Data Breach Impacts 65,000 PeopleApparel giant Varsity Brands has disclosed some information about a data breach impacting more than 65,000 individuals. The post Varsity Brands Data Breach Impacts 65,000 People appeared first on SecurityWeek .SECURITYWEEK.COM
16 OctNavigating the ethics of AI in cybersecurityEven if we’re not always consciously aware of it, artificial intelligence is now all around us. We’re already used to personalized recommendation systems in e-commerce, customer service chatbots powered by conversational AI and a whole lot more. In the realm of inform…SECURITYINTELLIGENCE.COM
16 OctMalicious ads exploited Internet Explorer zero day to drop malwareThe North Korean hacking group ScarCruft launched a large-scale attack in May that leveraged an Internet Explorer zero-day flaw to infect targets with the RokRAT malware and exfiltrate data. [...]BLEEPINGCOMPUTER.COM
16 OctCISA, FBI, NSA, and International Partners Release Advisory on Iranian Cyber Actors Targeting Critical Infrastructure Organizations Using Brute ForceToday, CISA—with the Federal Bureau of Investigation (FBI), the National Security Agency (NSA), and international partners—released joint Cybersecurity Advisory Iranian Cyber Actors Brute Force and Credential Access Activity Compromises Critical Infrastructure . This advisory pro…CISA.GOV
16 OctHackers Abuse EDRSilencer Tool to Bypass Security and Hide Malicious ActivityThreat actors are attempting to abuse the open-source EDRSilencer tool as part of efforts to tamper endpoint detection and response (EDR) solutions and hide malicious activity. Trend Micro said it detected "threat actors attempting to integrate EDRSilencer in their attacks, repur…THEHACKERNEWS.COM
16 OctCISA and FBI Release Joint Guidance on Product Security Bad Practices for Public CommentToday, the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) released joint guidance on Product Security Bad Practices , a part of CISA’s Secure by Design initiative. This joint guidance supplies an overview of exceptionally ris…CISA.GOV
16 OctCritical Kubernetes Image Builder flaw gives SSH root access to VMsA critical vulnerability in Kubernetes could allow unauthorized SSH access to a virtual machine running an image created with the Kubernetes Image Builder project. [...]BLEEPINGCOMPUTER.COM
16 OctTrickMo Trojan Variants Target Device Unlock CodesNew Variants Steal PINs, Affect 13,000+ Users and Exploit Accessibility Features A new variant of an Android banking Trojan called TrickMo is tricking victims into providing their phone unlock code, enabling hackers to sustain operations, warn cybersecurity researchers. The malwa…DATABREACHTODAY.CO.UK
16 OctHelping Your Team Cope With the Stress of a Cyber IncidentSecurity Teams Need Support, Mental Health Resources and a Focus on Resilience Managing the aftermath of a cybersecurity incident can be grueling, and the intense pressure placed on these individuals can take a toll. Stress in the cybersecurity field, particularly post-incident, …DATABREACHTODAY.CO.UK
16 Oct KEVSolarWinds Web Help Desk flaw is now exploited in attacksCISA has added three flaws to its 'Known Exploited Vulnerabilities' (KEV) catalog, among which is a critical hardcoded credentials flaw in SolarWinds Web Help Desk (WHD) that the vendor fixed in late August 2024. [...]BLEEPINGCOMPUTER.COM
16 OctChinese Threat Actor Targets OpenAI With Spear-Phishing AttacksOpenAI has disclosed that its employees were targeted by spear-phishing attacks launched by a suspected Chinese state-sponsored threat actor.KNOWBE4.COM
16 OctGoogle: 70% of exploited flaws disclosed in 2023 were zero-daysMandiant security analysts warn of a worrying new trend of threat actors demonstrating a better capability to discover and exploit zero-day vulnerabilities in software. [...]BLEEPINGCOMPUTER.COM
16 OctAttackers repurpose EDRSilencer to evade detectionAttackers have weaponized yet another tool developed for penetration testing and red team exercises to enhance their attacks. The tool, dubbed EDRSilencer, leverages the Windows Filtering Platform (WFP) to block the network communication of EDR software agents, preventing them fr…CSOONLINE.COM
16 OctFortinet Edge Devices Under Attack - AgainHackers May Have Reverse-Engineered February Patch Hackers may have circumvented a months-old patch for Fortinet gateway devices leading to a warning from the U.S. federal government over its active exploitation. Some security researchers say a February patch may not have fully s…DATABREACHTODAY.CO.UK
16 OctIranian Hackers Using Brute Force on Critical InfrastructureAdvisory Warns Iranian Threat Actors Use 'Push Bombing' to Target Critical Sectors Iranian cyber actors are increasingly using brute force techniques, such as password spraying and multifactor authentication push bombing, to target critical infrastructure sectors, according to a …DATABREACHTODAY.CO.UK
16 OctHackers breach Pokémon game developer, source code and personal information leaks onlineIn what appears to be one of the biggest leaks in Pokémon history, troves of information related to multiple incarnations of the video game has leaked online - creating ripples of excitement and concern throughout the fanbase. Read more in my article on the Hot for Security blog.BITDEFENDER.COM
16 OctRisky Business #766 – China hacks America's lawful intercept systemsOn this week’s show Patrick Gray and Adam Boileau discuss the week’s infosec news, including: Chinese spooks all up in western telco lawful intercept Jerks ruin the Internet Archive’s day Microsoft drops a great report with a bad chart The feds make their own crypto currency and …RISKY.BIZ
📋 SECURITY BULLETINS 1[−]
16 OctChrome Security Update, 17 Vulnerabilities PatchedGoogle has announced a significant security update for its Chrome browser, addressing 17 vulnerabilities in the latest build. The update, which affects the Stable and Extended Stable channels, will roll out over the coming days and weeks for Windows, Mac, and Linux users. Update …GBHACKERS.COM
📢 SECURITY ADVISORIES 12[−]
16 OctUK Reports 50% Spike in 'Nationally Significant' IncidentsNew NCSC Chief Also Warns of Three-Fold Increase in Severe Cyberattacks The U.K. experienced a 50% spike in cybersecurity incidents posing national security risks this year, according to NCSC CEO Richard Horne. Growing advancements in emerging tech are widening the gap between of…DATABREACHTODAY.CO.UK
16 OctProtecting children from grooming | Unlocked 403 cybersecurity podcast (ep. 7)“Hey, wanna chat?” This innocent phrase can take on a sinister meaning when it comes from an adult to a child online and even be the start of a predatory relationshipWELIVESECURITY.COM
🔥 INCIDENT REPORTING 10[−]
16 OctFake LockBit, Real Damage: Ransomware Samples Abuse AWS S3 to Steal DataThis article uncovers a Golang ransomware abusing AWS S3 for data theft, and masking as LockBit to further pressure victims. The discovery of hard-coded AWS credentials in these samples led to AWS account suspensions.TRENDMICRO.COM
16 OctVolkswagen Says IT Infrastructure Not Affected After Ransomware Gang Claims Data Theftsubmitted by kid to cybersecurity 1 points | 0 comments https://www.securityweek.com/volkswagen-says-it-infrastructure-not-affected-after-ransomware-gang-claims-data-theft/SH.ITJUST.WORKS
16 OctPennsylvania food bank claimed as latest ransomware victimsubmitted by kid to cybersecurity 1 points | 0 comments https://cybernews.com/news/central-pennsylvania-food-bank-fog-ransomware-attack/SH.ITJUST.WORKS
16 OctMicrosoft Customers Facing 600 Million Cyber Attack Launched Every DayMicrosoft’s customers are under constant cyber assault, facing millions of attacks daily from various threat actors as nation-states and cybercrime gangs are increasingly collaborating, escalating the severity and frequency of attacks.  They had observed a concerning t…GBHACKERS.COM
16 OctCisco Investigating Breach And Sale Of DataPACKETSTORMSECURITY.COM
16 OctChange Healthcare Attack Cost Estimate Reaches Nearly $2.9BMost IT Restored, But UHG Is Still Catching Up and Aiming to Win Back Clients UnitedHealth Group has raised its estimates to nearly $2.9 billion for the total costs this fiscal year of the cyberattack on its Change Healthcare IT services unit. UHG said it is also working to catch…DATABREACHTODAY.CO.UK
16 OctUSDoD hacker behind National Public Data breach arrested in BrazilA notorious hacker named USDoD, who is linked to the National Public Data and InfraGard breaches, has been arrested by Brazil's Polícia Federal in "Operation Data Breach". [...]BLEEPINGCOMPUTER.COM
16 OctIranian hackers act as brokers selling critical infrastructure accessIranian hackers are breaching critical infrastructure organizations to collect credentials and network data that can be sold on cybercriminal forums to enable cyberattacks from other threat actors. [...]BLEEPINGCOMPUTER.COM
🕵️ THREAT INTELLIGENCE 25[−]
16 OctISC Stormcast For Wednesday, October 16th, 2024 https://isc.sans.edu/podcastdetail/9182, (Wed, Oct 16th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
16 OctPasskey News: FIDO Unveils New Specifications, Amazon Announces 175 Million UsersFIDO Alliance has published new specifications for securely moving passkeys across providers, as Amazon announced 175 million passkey users. The post Passkey News: FIDO Unveils New Specifications, Amazon Announces 175 Million Users appeared first on SecurityWeek .SECURITYWEEK.COM
16 OctOracle Patches Over 200 Vulnerabilities With October 2024 CPUOracle has released 334 new security patches to address roughly 220 unique CVEs as part of its October 2024 Critical Patch Update. The post Oracle Patches Over 200 Vulnerabilities With October 2024 CPU appeared first on SecurityWeek .SECURITYWEEK.COM
16 OctGitHub Patches Critical Flaw in Enterprise Server Allowing Unauthorized Instance Accesssubmitted by AmbiguousProps to cybersecurity 1 points | 0 comments https://thehackernews.com/2024/10/github-patches-critical-flaw-in.htmlSH.ITJUST.WORKS
16 Oct5 Techniques for Collecting Cyber Threat IntelligenceTo defend your organization against cyber threats, you need a clear picture of the current threat landscape. This means constantly expanding your knowledge about new and ongoing threats. There are many techniques analysts can use to collect crucial cyber threat intelligence. Let’…THEHACKERNEWS.COM
16 OctAI Models in Cybersecurity: From Misuse to AbuseExploring differences in AI models on security measures and unveiling threat actor tactics. The post AI Models in Cybersecurity: From Misuse to Abuse appeared first on SecurityWeek .SECURITYWEEK.COM
16 OctCheating at ConkersThe men’s world conkers champion is accused of cheating with a steel chestnut.SCHNEIER.COM
16 OctNorth Korea Hackers Get Cash Fast in Linux Cyber Heistssubmitted by kid to cybersecurity 1 points | 0 comments https://www.darkreading.com/cyber-risk/north-korea-hackers-cash-linux-cyber-heistsSH.ITJUST.WORKS
16 OctDane Stuckey Joins OpenAI as CISOFormer Palantir CISO joins ChatGPT maker OpenAI to lead cybersecurity efforts. The post Dane Stuckey Joins OpenAI as CISO appeared first on SecurityWeek .SECURITYWEEK.COM
16 OctKnowBe4 Named a Leader in the Fall 2024 G2 Grid Report for Security Orchestration, Automation, and Response (SOAR) SoftwareWe are excited to announce that KnowBe4 has been named a leader in the Fall  2024 G2 Grid Report for Security Orchestration, Automation, and Response (SOAR) for the PhishER platform for the 14th consecutive quarter!KNOWBE4.COM
16 OctWhat are You Working on Wednesdaysubmitted by shellsharks to cybersecurity 1 points | 0 comments Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.INFOSEC.PUB
16 OctHackers Abuse EDRSilencer Red Team Tool To Evade DetectionEDRSilencer, a red team tool, interferes with EDR solutions by blocking network communication for associated processes using the WFP, which makes it harder to identify and remove malware, as EDRs cannot send telemetry or alerts. The code demonstrates a technique where malware can…GBHACKERS.COM
16 OctOT Risk Management Firm DeNexus Raises $17.5 MillionDeRisk is an AI and ML-driven data analytics platform that focuses on managing the cyber risk to the underserved operational technology of critical industries. The post OT Risk Management Firm DeNexus Raises $17.5 Million appeared first on SecurityWeek .SECURITYWEEK.COM
16 OctNorth Korean Hackers Continue to Target Job SeekersA North Korean threat actor is launching social engineering attacks against job seekers in the tech industry, according to researchers at Palo Alto Networks’ Unit 42.KNOWBE4.COM
16 OctNetskope extends data security with Dasera acquisitionNetskope today announced it has broadened its data protection capabilities by integrating data security posture management (DSPM) technology into its Netskope One Platform via its acquisition of Dasera. The integration will help the company deliver advanced security across web, S…NETWORKWORLD.COM
16 OctGenAI in Cybersecurity — Threats and DefensesThe Unit 42 Threat Frontier: Prepare for Emerging AI Risks report explains how generative AI (GenAI) is reshaping the cybersecurity landscape. The post GenAI in Cybersecurity — Threats and Defenses appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
16 OctNew Fido standard for passkeys will make it easier to change servicesThe organization Fido Alliance has developed a proposal for a new standard for passkeys, i.e. alternatives to passwords such as hardware keys, facial recognition, fingerprints or PIN codes. The big news in the proposal is that it will be possible to use the same passkeys even if …CSOONLINE.COM
16 OctAndroid 15 Rolling Out With New Theft, Application Protection FeaturesGoogle has released Android 15 with new security features to keep devices and sensitive applications better protected. The post Android 15 Rolling Out With New Theft, Application Protection Features appeared first on SecurityWeek .SECURITYWEEK.COM
16 OctCritical Kubernetes Image Builder flaw gives SSH root access to VMssubmitted by kid to cybersecurity 2 points | 0 comments https://www.bleepingcomputer.com/news/security/critical-kubernetes-image-builder-flaw-gives-ssh-root-access-to-vms/SH.ITJUST.WORKS
16 OctUS Indicts Sudanese Brothers for Anonymous Sudan AttacksFBI Disrupted DDoS Group in March Two Sudanese brothers are under criminal indictment in the United States for their role in distributed denial-of-service attacks launched under the moniker of Anonymous Sudan. Among the group's targets were a major Los Angeles hospital and Micros…DATABREACHTODAY.CO.UK
16 OctSonar Adds Code Architecture Insights With Structure101 BuyNew Features From Structure101 Simplify Code Structure, Future-Proof Development Sonar has integrated Structure 101's design expertise into its platform, enhancing code architecture and reducing dependency issues. This update helps developers streamline workflows and minimize lon…DATABREACHTODAY.CO.UK
16 OctThe Number of Malicious Emails Reaching Inboxes Is DecliningNew research shows that less malicious emails are getting past security scanners to the inbox, but also provides details about how phishing emails are becoming increasingly dangerous.KNOWBE4.COM
16 OctCode Execution, Data Tampering Flaw in Nvidia NeMo Gen-AI FrameworkArtificial intelligence tech giant Nvidia issues a warning for code execution and data tampering security problems in the NeMo platform. The post Code Execution, Data Tampering Flaw in Nvidia NeMo Gen-AI Framework appeared first on SecurityWeek .SECURITYWEEK.COM
16 OctEssential Tools for Building Successful Security AnalyticsBy collecting, analyzing, and leveraging data from security events, security analytics empowers teams to proactively detect anomalies and pinpoint vulnerabilities to mitigate targeted attacks, insider threats, and advanced persistent threats (APTs).DATABREACHTODAY.CO.UK
🌐 CYBER THREAT LANDSCAPE 3[−]
16 OctAstaroth Banking Malware Resurfaces in Brazil via Spear-Phishing AttackA new spear-phishing campaign targeting Brazil has been found delivering a banking malware called Astaroth (aka Guildma) by making use of obfuscated JavaScript to slip past security guardrails. "The spear-phishing campaign's impact has targeted various industries, with manufactur…THEHACKERNEWS.COM
🎙️ PODCASTS 1[−]
16 OctSmashing Security podcast #389: WordPress vs WP Engine, and the Internet Archive is downWordPress's emperor, Matt Mullenweg, demands a hefty tribute from WP Engine, and a battle erupts, leaving millions of websites hanging in the balance. Meanwhile, the Internet Archive, a digital library preserving our online history, is under siege from hackers. All this and more …GRAHAMCLULEY.COM
📡 INFOSEC NEWS 10[−]
16 OctSecurity and privacy settings in Nike Run Club | Kaspersky official blogHow to configure privacy in the Nike Run Club tracking app so that your personal data isn't visible to everyone.KASPERSKY.COM
16 OctFrom QR to compromise: The growing “quishing” threatAttackers leverage QR codes in PDF email attachments to spearphish corporate credentials from mobile devicesSOPHOS.COM
16 OctFIDO Alliance Drafts New Protocol to Simplify Passkey Transfers Across Different PlatformsThe FIDO Alliance said it's working to make passkeys and other credentials more easier to export across different providers and improve credential provider interoperability, as more than 12 billion online accounts become accessible with the passwordless sign-in method. To that en…THEHACKERNEWS.COM
16 OctUnderstand these seven password attacks and how to stop themHackers are always looking for new ways to crack passwords and gain access to your organization's data and systems. In this post, Specops Software discusses the seven most common password attacks and provide tips on how to defend against them. [...]BLEEPINGCOMPUTER.COM
16 OctUS disrupts Anonymous Sudan DDoS operation, indicts 2 Sudanese brothersThe United States Department of Justice unsealed an indictment today against two Sudanese brothers suspected of being the operators of Anonymous Sudan, a notorious and dangerous hacktivist group known for conducting over 35,000 DDoS attacks in a year. [...]BLEEPINGCOMPUTER.COM
16 OctThe Top 10 Not So Common SSH Usernames and Passwords, (Wed, Oct 16th)Our list of "Top" ssh usernames and password is pretty static. Well known defaults, like "root" and "admin" are at the top of the list. But there are always some usernames and password in the list that are not as well known, or only showed up more recently. I will focus in this d…ISC.SANS.EDU