matlock.ca // THREAT INTELLIGENCE — 2024-10-31

96Articles

10Categories

2024-10-31Date

🚨

CISA’s guides can help you demand – and receive – secure software from the get-goYour team is in charge of identifying and procuring new software for your firm, so you check out the options in the marketplace, read reviews, and test the software. But how do you know it’s secure? Not a day goes by that there isn’t an incident reported that reminds us that we’r…

KEVCSOONLINE.COM — 31 Oct 2024

🐛

LiteSpeed Cache Plugin Vulnerability Poses Significant Risk to WordPress Websites

THEHACKERNEWS.COM — 31 Oct 2024

🐛

Take action now to plug Windows Themes vulnerability, says expert

CSOONLINE.COM — 31 Oct 2024

🐛

Chromium: CVE-2024-10488 Use after free in WebRTC

MSRC.MICROSOFT.COM — 31 Oct 2024

🐛

Chromium: CVE-2024-10487: Out of bounds write in Dawn

MSRC.MICROSOFT.COM — 31 Oct 2024

⚠️

CyberPanel Vulnerabilities Exploited in Ransomware Attacks Shortly After Disclosure

SECURITYWEEK.COM — 31 Oct 2024

⚠️

OT security becoming a mainstream concern

CSOONLINE.COM — 31 Oct 2024

⚠️

The rise of the vCISO: From niche to necessity?

CSOONLINE.COM — 31 Oct 2024

⚠️

Digital Detritus: The engine of Pacific Rim and a call to the industry for action

SOPHOS.COM — 31 Oct 2024

⚠️

Yahoo Discloses NetIQ iManager Flaws Allowing Remote Code Execution

SECURITYWEEK.COM — 31 Oct 2024

⚠️

Fortinet launches its first standalone endpoint DLP product

NETWORKWORLD.COM — 31 Oct 2024

⚠️

Windows Themes 0-Day Bug Exposes Users To NTLM Credential Theft

PACKETSTORMSECURITY.COM — 31 Oct 2024

⚠️

Yahoo Discloses NetIQ iManager Flaws Allowing Remote Code Execution

PACKETSTORMSECURITY.COM — 31 Oct 2024

⚠️

5 wichtige Handlungsempfehlungen für CISOs

CSOONLINE.COM — 31 Oct 2024

⚠️

LottieFiles Issues Warning About Compromised "lottie-player" npm Package

THEHACKERNEWS.COM — 31 Oct 2024

⚠️

CISA Releases Four Industrial Control Systems Advisories

CISA.GOV — Thu, 31 Oct 24 1

⚠️

qBittorrent fixes flaw exposing users to MitM attacks for 14 years

BLEEPINGCOMPUTER.COM — 31 Oct 2024

⚠️

Sophos Used Custom Implants to Surveil Chinese Hackers Targeting Firewall Zero-Days

SECURITYWEEK.COM — 31 Oct 2024

⚠️

New LightSpy Spyware Version Targets iPhones with Increased Surveillance Tactics

THEHACKERNEWS.COM — 31 Oct 2024

⚠️

Fraudsters exploit US General Election fever, FBI warns

TRIPWIRE.COM — 31 Oct 2024

⚠️

Privilege escalation through TPM Sniffing when BitLocker PIN is enabled

SH.ITJUST.WORKS — 31 Oct 2024

⚠️

14-Year Vulnerability in qBittorrent Leaves Millions Exposed to RCE Attacks

SH.ITJUST.WORKS — 31 Oct 2024

⚠️

Suspected pro-Ukraine cyberattack knocks out parking enforcement in Russian city.

SH.ITJUST.WORKS — 31 Oct 2024

⚠️

Cryptohack Roundup: US Claws Back Stolen Crypto

DATABREACHTODAY.CO.UK — 2024-10-31

⚠️

EDR Is Dead, EDR Is Not Dead - PSW #849

YOUTUBE.COM — 2024-10-31

⚠️

ISMG Editors: Law Enforcement's Ransomware Crackdown

DATABREACHTODAY.CO.UK — 2024-10-31

⚠️

Hackers target critical zero-day vulnerability in PTZ cameras

BLEEPINGCOMPUTER.COM — 31 Oct 2024

⚠️

Elections vs. Corporate Security: Why It's Not the Same

YOUTUBE.COM — 2024-10-31

⚠️

Sophos Discloses Half Decade of Sustained Chinese Attack

DATABREACHTODAY.CO.UK — 2024-10-31

⚠️

Foreign Threat Actor Conducting Large-Scale Spear-Phishing Campaign with RDP Attachments

CISA.GOV — Thu, 31 Oct 24 1

⚠️

Sophos reveals 5-year battle with Chinese hackers attacking network devices

BLEEPINGCOMPUTER.COM — 31 Oct 2024

⚠️

Chinese threat actor Storm-0940 uses credentials from password spray attacks from a covert network

MICROSOFT.COM — 31 Oct 2024

⚠️

7 cybersecurity trends and tips for small and medium businesses to stay protected

MICROSOFT.COM — 31 Oct 2024

⚠️

Breach Roundup: S&P Says Poor Remediation A Material Risk

DATABREACHTODAY.CO.UK — 2024-10-31

📋

Microsoft wants $30 if you want to delay Windows 11 switch

BLEEPINGCOMPUTER.COM — 31 Oct 2024

📢

Google Chrome security advisory (AV24-625)

CYBER.GC.CA — 2024-10-31

📢

Roger Grimes on Prioritizing Cybersecurity Advice

SCHNEIER.COM — 2024-10-31

📢

Microsoft now a Leader in three major analyst reports for SIEM

TECHCOMMUNITY.MICROSOFT.COM — 31 Oct 2024

🔥

Enterprise Identity Threat Report 2024: Unveiling Hidden Threats to Corporate Identities

THEHACKERNEWS.COM — 31 Oct 2024

🔥

Mystic Valley Elder Services Data Breach Impacts 87,000 People

SECURITYWEEK.COM — 31 Oct 2024

🔥

North Korean govt hackers linked to Play ransomware attack

SH.ITJUST.WORKS — 31 Oct 2024

🔥

2024 looks set to be another record-breaking year for ransomware — and it’s likely going to get worse

TECHCRUNCH.COM — 31 Oct 2024

🔥

Pacific Rim: Learning to eat soup with a knife

SOPHOS.COM — 31 Oct 2024

🔥

Large Peruvian bank warns of data theft after dark web post emerges.

SH.ITJUST.WORKS — 31 Oct 2024

🔥

North Korean Nation State Threat Actor Using Play Ransomware

PACKETSTORMSECURITY.COM — 31 Oct 2024

🔥

Over a thousand online shops hacked to show fake product listings

BLEEPINGCOMPUTER.COM — 31 Oct 2024

🔥

LottieFiles hacked in supply chain attack to steal users’ crypto

BLEEPINGCOMPUTER.COM — 31 Oct 2024

🔥

Medusa Ransomware Hack of Pathology Lab Affects 1.8 Million

DATABREACHTODAY.CO.UK — 2024-10-31

🔥

Microsoft: Chinese hackers use Quad7 botnet to steal credentials

BLEEPINGCOMPUTER.COM — 31 Oct 2024

🔥

Stalker Online - 1,385,472 breached accounts

HAVEIBEENPWNED.COM — 31 Oct 2024

🔥

Month in security with Tony Anscombe – October 2024 edition

WELIVESECURITY.COM — 31 Oct 2024

🕵️

October 2024 Activity with Username chenzilong, (Thu, Oct 31st)

ISC.SANS.EDU — 31 Oct 2024

🕵️

ISC Stormcast For Thursday, October 31st, 2024 https://isc.sans.edu/podcastdetail/9204, (Thu, Oct 31st)

ISC.SANS.EDU — 31 Oct 2024

🕵️

Prosecutors Seek a 17-Year Prison Term for Pentagon Secrets Leaker Jack Teixeira

SECURITYWEEK.COM — 31 Oct 2024

🕵️

API Security Matters: The Risks of Turning a Blind Eye

SECURITYWEEK.COM — 31 Oct 2024

🕵️

Designing a Future-focused Cybersecurity Investment Strategy

SECURITYWEEK.COM — 31 Oct 2024

🕵️

Hackers steal 15,000 cloud credentials from exposed Git config files

SH.ITJUST.WORKS — 31 Oct 2024

🕵️

Honeypot Surprise: Researchers Catch Attackers Exposing 15,000 Stolen Credentials in S3 Bucket

SECURITYWEEK.COM — 31 Oct 2024

🕵️

Animation Tool Lottie Player Hit by Supply Chain Attack, Causes $723K Bitcoin Theft.

SH.ITJUST.WORKS — 31 Oct 2024

🕵️

Quishing: A growing threat hiding in plain sight

SECURITYINTELLIGENCE.COM — 31 Oct 2024

🕵️

Pacific Rim: Inside the Counter-Offensive—The TTPs Used to Neutralize China-Based Threats

SOPHOS.COM — 31 Oct 2024

🕵️

Banking on AI to Defend the Financial Services Sector

PALOALTONETWORKS.COM — 31 Oct 2024

🕵️

BSides PDX, Portland

INFOSEC.PUB — 31 Oct 2024

🕵️

Threat actors use copyright infringement phishing lure to deploy infostealers.

SH.ITJUST.WORKS — 31 Oct 2024

🕵️

Tracking World Leaders Using Strava

SCHNEIER.COM — 2024-10-31

🕵️

Phish ’n’ Ships Fakes Online Shops to Steal Money and Credit Card Information.

SH.ITJUST.WORKS — 31 Oct 2024

🕵️

Every Doggo Has Its Day: Unleashing the Xiū Gǒu Phishing Kit.

SH.ITJUST.WORKS — 31 Oct 2024

🕵️

Detectify Eyes AppSec Expansion After Insight Partners Buy

DATABREACHTODAY.CO.UK — 2024-10-31

🕵️

Shadow IT and Security Debt - Dave Lewis - PSW #849

YOUTUBE.COM — 2024-10-31

🕵️

Cyble Sensors Detect New Attacks On LightSpeed, GutenKit WordPress Plugins.

SH.ITJUST.WORKS — 31 Oct 2024

🕵️

Shadow IT and Security Debt - Dave Lewis - PSW #849

YOUTUBE.COM — 2024-10-31

🕵️

[PDF] New Tradecraft of Iranian Cyber Group Aria Sepehr Ayandehsazan aka Emennet Pasargad.

SH.ITJUST.WORKS — 31 Oct 2024

🕵️

Cybercriminals Are Stealing Cookies to Bypass Multifactor Authentication.

SH.ITJUST.WORKS — 31 Oct 2024

🕵️

Zenity Gets $38M Series B for Agentic AI Security Expansion

DATABREACHTODAY.CO.UK — 2024-10-31

🕵️

Mac Malware Threat: Hackers Seek Cryptocurrency Holders

DATABREACHTODAY.CO.UK — 2024-10-31

🌐

LottieFiles hit in npm supply chain attack targeting users' crypto

BLEEPINGCOMPUTER.COM — 31 Oct 2024

🌐

Noma is building tools to spot security issues with AI apps

TECHCRUNCH.COM — 31 Oct 2024

🌐

FakeCall Malware Menaces Android Devices

PACKETSTORMSECURITY.COM — 31 Oct 2024

🌐

LottieFiles Supply Chain Attack Exposes Users To Wallet Drainer

PACKETSTORMSECURITY.COM — 31 Oct 2024

🌐

Backdoor in coding test on GitHub | Kaspersky official blog

KASPERSKY.COM — 31 Oct 2024

🎙️

Smashing Security podcast #391: The secret Strava service, deepfakes, and crocodiles

GRAHAMCLULEY.COM — 31 Oct 2024

📡

Pacific Rim timeline: Information for defenders from a braid of interlocking attack campaigns

SOPHOS.COM — 31 Oct 2024

📡

From the frontlines: Our CISO’s view of Pacific Rim

SOPHOS.COM — 31 Oct 2024

📡

Pacific Rim: What’s it to you?

SOPHOS.COM — 31 Oct 2024

📡

Chinese Attackers Accessed Canadian Government Networks For Five Years

PACKETSTORMSECURITY.COM — 31 Oct 2024

📡

Prosecutors Seek A 17-Year Prison Term For Pentagon Secrets Leaker Jack Teixeira

PACKETSTORMSECURITY.COM — 31 Oct 2024

📡

Cynet delivers 426% ROI in Forrester Total Economic Impact Study

BLEEPINGCOMPUTER.COM — 31 Oct 2024

📡

Microsoft fixes Windows 10 bug causing apps to stop working

BLEEPINGCOMPUTER.COM — 31 Oct 2024

📡

$15,000 Just for Internet?! Rural America’s Fiber Problem

YOUTUBE.COM — 2024-10-31

📡

Windows 11 Task Manager says no apps are active after preview update

BLEEPINGCOMPUTER.COM — 31 Oct 2024

📡

LiteSpeed Cache WordPress plugin bug lets hackers get admin access

BLEEPINGCOMPUTER.COM — 31 Oct 2024

📡

OneDrive and Teams—It’s ALL Just SharePoint? 😲

YOUTUBE.COM — 2024-10-31

📡

The Only Thing Constant In Life Is... Not AppSec. What's Next in 2025

DATABREACHTODAY.CO.UK — 2024-10-31

📡

Windows 11 Task Manager bug shows wrong number of running processes

BLEEPINGCOMPUTER.COM — 31 Oct 2024

📡

Microsoft delays Windows Recall again, now by December

BLEEPINGCOMPUTER.COM — 31 Oct 2024

📡

AI Pulse: Election Deepfakes, Disasters, Scams & more

TRENDMICRO.COM — 31 Oct 2024