⚠️ VULNERABILITY DISCLOSURE 6[−]
11 NovMysterious iPhone Reboots Frustrate Law Enforcement: Cyber Security Today for Monday, November 11, 2024CyberSecurity Today: Zip File Attacks, iPhone Reboots, and LLM Vulnerabilities In today's episode, host Jim Love discusses hackers leveraging zip file concatenation to evade detection, mysterious iPhone reboots hindering police investigations, and Mozilla's Odin's in-depth analys…CYBERSECURITYTODAY.LIBSYN.COM
11 NovSecurity Flaws in Popular ML Toolkits Enable Server Hijacks, Privilege EscalationCybersecurity researchers have uncovered nearly two dozen security flaws spanning 15 different machine learning (ML) related open-source projects. These comprise vulnerabilities discovered both on the server- and client-side, software supply chain security firm JFrog said in an a…THEHACKERNEWS.COM
11 NovCybercriminals Use Excel Exploit to Spread Fileless Remcos RAT MalwareCybersecurity researchers have discovered a new phishing campaign that spreads a new fileless variant of known commercial malware called Remcos RAT. Remcos RAT "provides purchases with a wide range of advanced features to remotely control computers belonging to the buyer," Fortin…THEHACKERNEWS.COM
11 NovDoD Zero Trust Strategy proves security benchmark years ahead of schedule with Microsoft collaborationThe Navy implementation scored a 100 percent success rate, meeting DoD requirements on all 91 Target-Level activities tested. The post DoD Zero Trust Strategy proves security benchmark years ahead of schedule with Microsoft collaboration appeared first on Microsoft Security Blog…MICROSOFT.COM
11 NovCriminals Use Search Engine Poisoning to Boost Phishing PagesResearchers at Malwarebytes warn that cybercriminals are using search engine poisoning to boost phishing pages to the top of Bing’s search results.KNOWBE4.COM
11 Nov200,000 SelectBlinds customers have their card details skimmed in malware attackSelectBlinds, a popular online retailer of blinds and shades, has disclosed a security breach that has impacted 206,238 of its customers. Hackers successfully managed to embed malware onto the company's website, capable of stealing sensitive information, including credit card det…BITDEFENDER.COM
📋 SECURITY BULLETINS 1[−]
11 NovHPE Issues Critical Security Patches for Aruba Access Point VulnerabilitiesHewlett Packard Enterprise (HPE) has released security updates to address multiple vulnerabilities impacting Aruba Networking Access Point products, including two critical bugs that could result in unauthenticated command execution. The flaws affect Access Points running Instant …THEHACKERNEWS.COM
📢 SECURITY ADVISORIES 2[−]
11 NovThe ROI of Security Investments: How Cybersecurity Leaders Prove ItCyber threats are intensifying, and cybersecurity has become critical to business operations. As security budgets grow, CEOs and boardrooms are demanding concrete evidence that cybersecurity initiatives deliver value beyond regulation compliance. Just like you wouldn’t buy a car …THEHACKERNEWS.COM
11 NovBeyond the checkbox: Demystifying cybersecurity complianceIn an era of escalating digital threats, cybersecurity compliance goes beyond ticking a legal box – it’s a crucial shield safeguarding assets, reputation, and the very survival of your businessWELIVESECURITY.COM
🔥 INCIDENT REPORTING 2[−]
11 NovAmazon confirms employee data stolen after hacker claims MOVEit breachAmazon has confirmed that employee data was compromised after a “security event” at a third-party vendor. In a statement given to TechCrunch on Monday, Amazon spokesperson Adam Montgomery confirmed that employee information had been involved in a data breach. “Amazon and AWS syst…TECHCRUNCH.COM
11 NovHot Topic - 56,904,909 breached accountsIn October 2024, retailer Hot Topic suffered a data breach that exposed 57 million unique email addresses . The impacted data also included physical addresses, phone numbers, purchases, genders, dates of birth and partial credit data containing card type, expiry and last 4 digits…HAVEIBEENPWNED.COM
🕵️ THREAT INTELLIGENCE 5[−]
11 NovPDF Object Streams, (Mon, Nov 11th)The first thing to do, when analyzing a potentially malicious PDF, is to look for the /Encrypt name as explained in diary entry Analyzing an Encrypted Phishing PDF .
ISC.SANS.EDU
11 NovISC Stormcast For Monday, November 11th, 2024 https://isc.sans.edu/podcastdetail/9216, (Mon, Nov 11th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
11 NovNews alert: Sweet Security rolls out its advanced runtime detection and response platform for AWSTel Aviv, Israel, Nov. 11, 2024, CyberNewswire — Sweet Security today announced the availability of its cloud-native detection and response platform on the Amazon Web Services (AWS) marketplace. Sweet’s solution unifies threat detection across cloud infrastructure, network,…LASTWATCHDOG.COM
11 NovMY TAKE: Technology breakthroughs, emerging standards are coalescing to assure IoT integrityThe Internet of Things is growing apace. Related: The Top 12 IoT protocols Deployment of 5G and AI-enhanced IoT systems is accelerating. This, in turn, is driving up the number of IoT-connected devices in our homes, cities, transportation systems and … (more…) The post MY T…LASTWATCHDOG.COM
11 NovRelease 1.32.4 · dani-garcia/vaultwardensubmitted by Branquinho to cybersecurity 19 points | 0 comments https://github.com/dani-garcia/vaultwarden/releases/tag/1.32.4 cross-posted from: lemmy.eco.br/post/8758930 If you’re using Vaultwarden, you should update because of security fixes.INFOSEC.PUB
🌐 CYBER THREAT LANDSCAPE 2[−]
11 NovNew GootLoader Campaign Targets Users Searching for Bengal Cat Laws in AustraliaIn an unusually specific campaign, users searching about the legality of Bengal Cats in Australia are being targeted with the GootLoader malware. "In this case, we found the GootLoader actors using search results for information about a particular cat and a particular geography b…THEHACKERNEWS.COM
11 NovTrend Micro and Japanese Partners Reveal Hidden Connections Among SEO Malware OperationsTrend Micro researchers, in collaboration with Japanese authorities, analyzed links between SEO malware families used in SEO poisoning attacks that lead users to fake shopping sites.TRENDMICRO.COM
🎙️ PODCASTS 1[−]
11 NovRisky Biz Soap Box: Why black box email security is deadIn this edition of the Risky Business Soap Box we’re talking all about email security with Sublime Security co-founder Josh Kamdjou. Email security is one of the oldest product categories in security, but as you’ll hear, Josh thinks the incumbents are just doing it wrong. He join…RISKY.BIZ
📡 INFOSEC NEWS 1[−]
11 NovTHN Recap: Top Cybersecurity Threats, Tools, and Practices (Nov 04 - Nov 10)⚠️ Imagine this: the very tools you trust to protect you online—your two-factor authentication, your car’s tech system, even your security software—turned into silent allies for hackers. Sounds like a scene from a thriller, right? Yet, in 2024, this isn’t fiction; it’s the new cy…THEHACKERNEWS.COM