🚨 CISA KEV 1[−]
6 Nov KEVKicking dependency: Why cybersecurity needs a better model for handling OSS vulnerabilitiesMost cybersecurity professionals are accustomed by now to the widespread adoption of open-source software (OSS) and the ever-growing threat of software supply chain attacks that target the OSS ecosystem. What we don’t seem to be getting better at is the management of dependencies…CSOONLINE.COM
⚠️ VULNERABILITY DISCLOSURE 19[−]
6 NovMan arrested in Canada allegedly linked to Snowflake data theftsCanadian authorities responding to a US request have arrested a man in southern Ontario for his alleged role in hacks of over 100 organizations that use the Snowflake cloud database. Following a request by the United States, a man was arrested on a provisional arrest warrant on W…CSOONLINE.COM
6 NovMicrosoft Authenticator passkey support to be native in JanuaryMicrosoft has positioned itself as a strong convert to passkeys, with a promise to deliver passkey support in its Microsoft Authenticator app in mid-January 2025. Even though all enterprises will have access, not all are prepared to embrace passkeys, at least not by January. For …CSOONLINE.COM
6 NovGoogle Cloud to Enforce Multi-Factor Authentication by 2025 for All UsersGoogle's cloud division has announced that it will enforce mandatory multi-factor authentication (MFA) for all users by the end of 2025 as part of its efforts to improve account security. "We will be implementing mandatory MFA for Google Cloud in a phased approach that will roll …THEHACKERNEWS.COM
6 NovSecurity associations CISOs should know aboutSecurity organizations help CISOs gain valuable industry certifications, tap into peer insights, stay in touch with changing technology, and offer networking opportunities. Here are some CISOs can join or follow to stay in the know. ISC2 International Information System Security …CSOONLINE.COM
6 NovAI Finds Zero Day Vulnerability For First Time: Cyber Security Today for Wednesday, November 6, 2024AI Finds Zero Day Vulnerability, MFA Mandatory on Google Cloud, French Energy Firm Hacked In today's episode of Cyber Security Today, host Jim Love discusses Google's AI-driven system Big Sleep discovering the first ever AI-identified zero day vulnerability in the SQLite database…CYBERSECURITYTODAY.LIBSYN.COM
6 NovNokia-Daten im Darknet aufgetauchtIn einem Hackerforum werden Quellcode und andere sensible Daten von Nokia zum Verkauf angeboten. JRdes – Shutterstock.com Der bekannte Bedrohungsakteur IntelBroker behauptet in einem Hackerforum , an eine umfangreiche Datensammlung von Nokia gekommen zu sein. Der Einbruch sei dem…CSOONLINE.COM
6 NovToxicPanda Banking Malware Attacking Banking Users To Steal LoginsRecent research has uncovered a new strain of malware developed for Android devices, initially misidentified as TgToxic. Despite sharing some bot command similarities, this malware, now dubbed ToxicPanda, exhibits significant code divergence from its original source. It lacks key…GBHACKERS.COM
6 NovSchneider Electric suffers data breach, exposing critical project and user dataA hacker group known as “Grep” has reportedly infiltrated Schneider Electric’s internal project tracking system, stealing about 40 GB of data in the latest cyberattack targeting the French multinational. Grep, which has rebranded itself as the “Hellcat ransomware gang,” claimed i…CSOONLINE.COM
6 NovCRON#TRAP Campaign Attacks Windows Machine With Weaponized Linux Virtual MachineWeaponized Linux virtual machines are used for offensive cybersecurity purposes, such as “penetration testing” or “exploiting vulnerabilities.” These setups often use the tools and frameworks that are designed for ethical hacking. Securonix researchers rec…GBHACKERS.COM
6 Nov22,000 IPs Taken Down in Global Cybercrime CrackdownOver 22,000 malicious IPs were taken down in a law enforcement operation against phishing, infostealers, and ransomware. The post 22,000 IPs Taken Down in Global Cybercrime Crackdown appeared first on SecurityWeek .SECURITYWEEK.COM
6 NovVEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute MalwareAn ongoing threat campaign dubbed VEILDrive has been observed taking advantage of legitimate services from Microsoft, including Teams, SharePoint, Quick Assist, and OneDrive, as part of its modus operandi. "Leveraging Microsoft SaaS services — including Teams, SharePoint, Quick A…THEHACKERNEWS.COM
6 NovCisco bug lets hackers run commands as root on UWRB access pointsCisco has fixed a maximum severity vulnerability that allows attackers to run commands with root privileges on vulnerable Ultra-Reliable Wireless Backhaul (URWB) access points that provide connectivity for industrial wireless automation. [...]BLEEPINGCOMPUTER.COM
6 NovWie Hacker ML für Angriffe nutzensrcset="https://b2b-contenthub.com/wp-content/uploads/2024/11/shutterstock_1255043227.jpg?quality=50&strip=all 4500w, https://b2b-contenthub.com/wp-content/uploads/2024/11/shutterstock_1255043227.jpg?resize=300%2C168&quality=50&strip=all 300w, https://b2b-contenthub.c…CSOONLINE.COM
6 NovHackers increasingly use Winos4.0 post-exploitation kit in attacksHackers are increasingly targeting Windows users with the malicious Winos4.0 framework, distributed via seemingly benign game-related apps. [...]BLEEPINGCOMPUTER.COM
6 NovA Vulnerability in Cisco Unified Industrial Wireless Software for Ultra-Reliable Wireless Backhaul Access Point Could Allow for Remote Code ExecutionA vulnerability has been discovered in Cisco Unified Industrial Wireless Software for Ultra-Reliable Wireless Backhaul Access Point that could allow for remote code execution. Cisco Unified Industrial Wireless Software for Ultra-Reliable Wireless Backhaul Access Point is Cisco’s …CISECURITY.ORG
6 NovTrump's Return: Impact on Health Sector Cyber, HIPAA RegsExperts on Potential Data Security and HIPAA Privacy Changes in Trump's Second Term With Donald Trump set to return to the White House to serve another four-year term as U.S. president, what might the healthcare sector expect to see when it comes to his next administration's cybe…DATABREACHTODAY.CO.UK
6 NovAnton’s Alert Fatigue: The StudyMention “alert fatigue” to a SOC analyst. They would immediately recognize what you are talking about. Now, take your time machine to 2002. Find a SOC analyst (much fewer of those around, to be sure, but there are some!) and ask him about alert fatigue — he would definitely under…MEDIUM.COM
6 NovZero Trust Workshop: Advance your knowledge with an online resourceAs part of Microsoft’s ongoing efforts to support security modernization and the Zero Trust principles, we’ve launched Zero Trust Workshop, an online self-service resource. Read our latest blog post for details. The post Zero Trust Workshop: Advance your knowledge with an on…MICROSOFT.COM
6 NovRisky Business #769 -- Sophos drops implants on Chinese exploit devsOn this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: Sophos drops implants on Chinese firewall exploit devs Microsoft workshops better just-in-time Windows admin privileges Snowflake hacker arrested in Canada Okta has a fun, but not …RISKY.BIZ
📢 SECURITY ADVISORIES 9[−]
6 NovTeams, Slack & Co. absichern: So wird das Collaboration-Tool kein Security-AlbtraumCollaboration Tools wie Microsoft Teams und Slack erleichtern die Zusammenarbeit mit internen und externen Partnern enorm, bergen jedoch auch Risiken. Foto: Ascannio – shutterstock.com Schnelle und effiziente Zusammenarbeit ist in der heutigen Geschäftswelt unerlässlich, aber die…CSOONLINE.COM
6 NovGermany drafts law to protect researchers who find security flawsThe Federal Ministry of Justice in Germany has drafted a law to provide legal protection to security researchers who discover and responsibly report security vulnerabilities to vendors. [...]BLEEPINGCOMPUTER.COM
6 NovNew 2024 NIST requirements for password strength and storageWhat the 2024 NIST standard requires for passwords, biometrics, one-time passwords, and multi-factor authentication.KASPERSKY.COM
6 NovHow Trump's Victory May Spark Tech and Cyber Policy ShiftFormer President’s Win Could Bring Major Changes to U.S. Cyber Policy, Experts Say Republican Donald Trump's return to the White House in January could bring significant changes to technology and cybersecurity policy in the United States, potentially reshaping federal approaches …DATABREACHTODAY.CO.UK
6 Nov10 Key Cyber Policy Questions as Trump Preps for PresidencyBurning Issues Include Russian Hacking, China's Hitting Critical Infrastructure Four years since Trump's last term, the cyber picture looks - in many ways - markedly different. How will the incoming administration tackle Russian disinformation and cyber operations against NATO, r…DATABREACHTODAY.CO.UK
🔥 INCIDENT REPORTING 11[−]
6 NovINTERPOL Disrupts Over 22,000 Malicious Servers in Global Crackdown on CybercrimeINTERPOL on Tuesday said it took down more than 22,000 malicious servers linked to various cyber threats as part of a global operation. Dubbed Operation Synergia II, the coordinated effort ran from April 1 to August 31, 2024, targeting phishing, ransomware, and information steale…THEHACKERNEWS.COM
6 NovRansomware Attack Disrupts Georgia Hospital’s Access to Health RecordsMemorial Hospital and Manor’s access to its Electronic Health Record system was disrupted following a ransomware attack. The post Ransomware Attack Disrupts Georgia Hospital’s Access to Health Records appeared first on SecurityWeek .SECURITYWEEK.COM
6 NovWas your last DocuSign-ed bill legitimate? Check againThreat actors are abusing the APIs of trusted e-signing services platform DocuSign to send out convincing invoices in a new phishing campaign. In a research published this week, Cybersecurity firm, Wallarm, revealed that the campaign deviates from conventional phishing methods, w…CSOONLINE.COM
6 NovCyberattack Blamed for Statewide Washington Courts OutageUnauthorized activity detected on the Washington courts network, which led to websites and other services becoming unavailable. The post Cyberattack Blamed for Statewide Washington Courts Outage appeared first on SecurityWeek .SECURITYWEEK.COM
6 NovIoT Devices in Password-Spraying BotnetMicrosoft is warning Azure cloud users that a Chinese controlled botnet is engaging in “highly evasive” password spraying. Not sure about the “highly evasive” part; the techniques seem basically what you get in a distributed password-guessing attack: ̶…SCHNEIER.COM
6 NovMicrochip Technology Reports $21.4 Million Cost From Ransomware AttackMicrochip Technology’s latest financial report reveals the company’s expenses due to the recent cybersecurity incident. The post Microchip Technology Reports $21.4 Million Cost From Ransomware Attack appeared first on SecurityWeek .SECURITYWEEK.COM
6 NovRise Of Ransomware-As-A-Service Leads To Decline Of Custom ToolsRansomware-as-a-Service (RaaS) platforms have revolutionized the ransomware market. Unlike traditional standalone ransomware sales, RaaS offers a subscription-based model where attackers can access pre-built ransomware tools and infrastructure without significant upfront costs. T…GBHACKERS.COM
6 NovNorth Korean Hackers Employing New Tactic To Acruire Remote JobsNorth Korean threat actors behind the Contagious Interview and WageMole campaigns have refined their tactics, enhancing the obfuscation of their scripts to evade detection. InvisibleFerret now boasts a dynamic RMM configuration and OS-specific persistence mechanisms, while Contag…GBHACKERS.COM
6 NovChinese Hackers Tied to US National Security EavesdroppingCyberEspionage 'Salt Typhoon' Operation Infiltrated Telcos' Infrastructure The impact of a major U.S. national security breach attributed to China reportedly continues to expand, as investigators probe the infiltration of telecommunications infrastructure and eavesdropping on nat…DATABREACHTODAY.CO.UK
6 NovWashington courts' systems offline following weekend cyberattackCourt systems across Washington state have been down since Sunday when officials said "unauthorized activity" was detected on their networks. [...]BLEEPINGCOMPUTER.COM
6 NovChina's Volt Typhoon Reportedly Breached Singtel In Test Run For US AttackPACKETSTORMSECURITY.COM
🕵️ THREAT INTELLIGENCE 22[−]
6 NovISC Stormcast For Wednesday, November 6th, 2024 https://isc.sans.edu/podcastdetail/9210, (Wed, Nov 6th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
6 NovSAINTCON 2024 -submitted by ashar to security_cpe 1 points | 0 comments SAINTCON 2024 Playlist SAINTCON 2024 Schedule Presentations given during SAINTCON 2024, an information security conference in Provo, UTINFOSEC.PUB
6 NovGoogle Patches High-Severity Vulnerabilities in ChromeGoogle has released a new update for its Chrome browser, addressing two high-severity vulnerabilities. The Stable channel has now been updated to version 130.0.6723.116/.117 for Windows and Mac and version 130.0.6723.116 for Linux. The update will be rolled out to users over the …GBHACKERS.COM
6 NovSouth Korea Fines Meta $15 Million for Illegally Collecting Information on Facebook UsersSouth Korea’s privacy watchdog has fined Meta 21.6 billion won ($15 million) for illegally collecting sensitive personal information from Facebook users. The post South Korea Fines Meta $15 Million for Illegally Collecting Information on Facebook Users appeared first on SecurityW…SECURITYWEEK.COM
6 NovPLCHound Aims to Improve Detection of Internet-Exposed ICSGeorgia Tech researchers have developed PLCHound, an algorithm that uses AI to improve the identification of internet-exposed ICS. The post PLCHound Aims to Improve Detection of Internet-Exposed ICS appeared first on SecurityWeek .SECURITYWEEK.COM
6 NovAzure API Management Vulnerabilities Let Attackers Escalate PrivilegesRecent discoveries by Binary Security have revealed critical vulnerabilities in Azure API Management (APIM) that could allow attackers with minimal privileges to escalate their access and take full control over the APIM service. These vulnerabilities were reported to Microsoft, l…GBHACKERS.COM
6 NovBridging the Security Execution Gap: Strategies for Effective Data Security Posture Management (DSPM)This webinar will provide a comparative analysis of DSPM versus other data security approaches, helping participants understand the unique advantages and integration aspects of DSPM in the cloud-native security ecosystem.DATABREACHTODAY.CO.UK
6 NovResearcher Discloses 36 Vulnerabilities Found in IBM Security Verify Accesssubmitted by kid to cybersecurity 2 points | 0 comments https://www.securityweek.com/researcher-discloses-32-vulnerabilities-found-in-ibm-security-verify-access/SH.ITJUST.WORKS
6 NovAndroid Botnet ToxicPanda Bashes Banks Across Europe, LatAmsubmitted by kid to cybersecurity 2 points | 0 comments https://www.darkreading.com/application-security/android-botnet-toxicpanda-bashes-banks-europe-latin-americaSH.ITJUST.WORKS
6 NovHookBot Malware Use Overlay Attacks Impersonate As Popular Brands To Steal DataThe HookBot malware family employs overlay attacks to trick users into revealing sensitive information by impersonating various brands and apps to gain trust. It also utilizes C2 servers to receive updates and evolve continuously. A builder tool empowers threat actors to create c…GBHACKERS.COM
6 NovResearchers Detailed Credential Abuse CycleThe United States Department of Justice has unsealed an indictment against Anonymous Sudan, a hacking group responsible for distributed denial-of-service attacks. LameDuck, a new threat actor, has carried out several massive distributed denial of service (DDoS) attacks to affect …GBHACKERS.COM
6 NovCrowdStrike to Acquire Adaptive Shield in Reported $300 Million DealCrowdStrike is acquiring Israeli SaaS security firm Adaptive Shield to boost the capabilities of its Falcon cybersecurity platform. The post CrowdStrike to Acquire Adaptive Shield in Reported $300 Million Deal appeared first on SecurityWeek .SECURITYWEEK.COM
6 NovWhat Telegram’s recent policy shift means for cyber crimeSince its launch in August 2013, Telegram has become the go-to messaging app for privacy-focused users. To start using the app, users can sign up using either their real phone number or an anonymous number purchased from the Fragment blockchain marketplace. In the case of the lat…SECURITYINTELLIGENCE.COM
6 NovShaking Up Security — The Power of AI-Native SOCsDiscover how AI-native SOCs revolutionize cybersecurity, reducing alert fatigue and improving threat detection. Transform your security operations with AI. The post Shaking Up Security — The Power of AI-Native SOCs appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
6 NovGoogle Cloud Rolling Out Mandatory MFA for All UsersStarting this month, Google Cloud will be rolling out mandatory MFA for all users who sign in with a password. The post Google Cloud Rolling Out Mandatory MFA for All Users appeared first on SecurityWeek .SECURITYWEEK.COM
6 NovWhat are You Working on Wednesdaysubmitted by shellsharks to cybersecurity 1 points | 0 comments Weekly thread to discuss whatever you’re working on, big or small, at work or in your free time.INFOSEC.PUB
6 NovTariffs, Pygmy Goat, Schneider, SQLite, Deepfakes, Military AI, Josh Marpet... - SWN #428Tariffs, Pygmy Goat, Schneider, SQLite and Dixie Flatline, Deepfakes, Military AI, Josh Marpet, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-428YOUTUBE.COM
6 NovCan Hackers Really Hide Attacks in Pictures? 🤔Did you know hackers can use pictures to launch attacks? It’s called steganography! They hide malicious code in the tiniest bits of an image’s pixels, making the attack almost invisible. APT32, a notorious hacker group, does this using their custom algorithms to pack serious dama…YOUTUBE.COM
6 NovKeep Learning or Keep Losing: There's No Finish LineSecurity Professionals Must Continually Hone Technical and Communication Skills In cybersecurity, there's no such thing as "done learning." The field's dynamic nature - driven by rapid technological advances and evolving threats - demands that professionals stay adaptable and pro…DATABREACHTODAY.CO.UK
6 NovCrowdStrike Bolsters SaaS Security With Adaptive Shield BuyPurchasing Israeli Startup Will Expand SaaS Security and Identity Threat Protection CrowdStrike has agreed to acquire SaaS security leader Adaptive Shield to deliver identity-based protection across cloud and hybrid environments. The acquisition offers clients comprehensive SaaS …DATABREACHTODAY.CO.UK
6 NovMeta Loosens AI Rules for US Military UsePolicy Shift Allows Military Contractors, Security Agencies Access to its AI Model Meta revised its policy to permit U.S. defense contractors and national security agencies to use its AI model, Llama, previously restricted from military applications, announcing that it has partne…DATABREACHTODAY.CO.UK
6 NovCyberEdBoard Profiles in Leadership: Martyn BoothDunhumby CISO on Building Resilience and Tackling Transformation Martyn Booth has found that leadership means resilience, adaptability and fostering a collaborative, diverse team. Leading transformation efforts at global customer data science firm Dunhumby, Booth stressed the val…DATABREACHTODAY.CO.UK
🌐 CYBER THREAT LANDSCAPE 3[−]
6 NovBengal cat lovers in Australia get psspsspss’d in Google-driven Gootloader campaignThe Internet is full of cats—and in this case, malware-delivering fake cat websites used for very targeted search engine optimization.SOPHOS.COM
6 NovNew Winos 4.0 Malware Infects Gamers Through Malicious Game Optimization AppsCybersecurity researchers are warning that a command-and-control (C&C) framework called Winos is being distributed within gaming-related applications like installation tools, speed boosters, and optimization utilities. "Winos 4.0 is an advanced malicious framework that offers …THEHACKERNEWS.COM
6 NovNew SteelFox malware hijacks Windows PCs using vulnerable driverA new malicious package called 'SteelFox' mines for cryptocurrency and steals credit card data by using the "bring your own vulnerable driver" technique to get SYSTEM privileges on Windows machines. [...]BLEEPINGCOMPUTER.COM
📡 INFOSEC NEWS 8[−]
6 Nov[Guest Diary] Insights from August Web Traffic Surge, (Wed, Nov 6th)[This is a Guest Diary by Trevor Coleman, an ISC intern as part of the SANS.edu Bachelor&#;39;s Degree in Applied Cybersecurity (BACS) program [1].
ISC.SANS.EDU
6 NovSouth Korea Fines Meta $15.67M for Illegally Sharing Sensitive User Data with AdvertisersMeta has been fined 21.62 billion won ($15.67 million) by South Korea's data privacy watchdog for illegally collecting sensitive personal information from Facebook users, including data about their political views and sexual orientation, and sharing it with advertisers without th…THEHACKERNEWS.COM
6 Nov9 Steps to Get CTEM on Your 2025 Budgetary RadarBudget season is upon us, and everyone in your organization is vying for their slice of the pie. Every year, every department has a pet project that they present as absolutely essential to profitability, business continuity, and quite possibly the future of humanity itself. And n…THEHACKERNEWS.COM
6 NovMicrosoft Notepad to get AI-powered rewriting tool on Windows 11Microsoft has started testing AI-powered Notepad text rewriting and Paint image generation tools four decades after the two programs were released in the 1980s. [...]BLEEPINGCOMPUTER.COM
6 NovJane Goodall: Reasons for hope | Starmus highlightsThe trailblazing scientist shares her reasons for hope in the fight against climate change and how we can tackle seemingly impossible problems and keep going in the face of adversityWELIVESECURITY.COM