124Articles
10Categories
2024-11-12Date
🚨 CISA KEV 1[−]
12 Nov KEVCISA Adds Five Known Exploited Vulnerabilities to CatalogCISA has added five new vulnerabilities to its  Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2021-26086  Atlassian Jira Server and Data Center Path Traversal Vulnerability CVE-2014-2120  Cisco Adaptive Security Appliance (…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 90[−]
12 Nov KEVMicrosoft November 2024 Patch Tuesday, (Tue, Nov 12th)This month, Microsoft is addressing a total of 83 vulnerabilities. Among these, 3 are classified as critical, 2 have been exploited in the wild, and another 2 have been disclosed prior to Patch Tuesday. Organizations are encouraged to prioritize these updates to mitigate potentia…ISC.SANS.EDU
12 NovCitrix Releases Security Updates for NetScaler and Citrix Session RecordingCitrix released security updates to address multiple vulnerabilities in NetScaler ADC, NetScaler Gateway, and Citrix Session Recording. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.      CISA encourages user…CISA.GOV
12 NovCISA, FBI, NSA, and International Partners Release Joint Advisory on 2023 Top Routinely Exploited VulnerabilitiesToday, the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), National Security Agency (NSA), and international partners released joint Cybersecurity Advisory, 2023 Top Routinely Exploited Vulnerabilities . This advisory supplies d…CISA.GOV
12 NovCVE-2024-43602 Azure CycleCloud Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-43630 Windows Kernel Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-43450 Windows DNS Spoofing VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-43451 NTLM Hash Disclosure Spoofing VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-43452 Windows Registry Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-5535 OpenSSL: CVE-2024-5535 SSL_select_next_proto buffer overreadWe are republishing this OpenSSL CVE to document that the latest version Microsoft Defender for Endpoint has been updated to protect against this OpenSSL library vulnerability.MSRC.MICROSOFT.COM
12 NovCVE-2024-49044 Visual Studio Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-49056 Airlift.microsoft.com Elevation of Privilege VulnerabilityAuthentication bypass by assumed-immutable data on airlift.microsoft.com allows an authorized attacker to elevate privileges over a network.MSRC.MICROSOFT.COM
12 NovCVE-2024-43633 Windows Hyper-V Denial of Service VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-43636 Win32k Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-43641 Windows Registry Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-43642 Windows SMB Denial of Service VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-49026 Microsoft Excel Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-49027 Microsoft Excel Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-49028 Microsoft Excel Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-49029 Microsoft Excel Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-49030 Microsoft Excel Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-49033 Microsoft Word Security Feature Bypass VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-49048 TorchGeo Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
12 NovCVE-2024-43499 .NET and Visual Studio Denial of Service VulnerabilityInformation published.MSRC.MICROSOFT.COM
⚠️ VULNERABILITY DISCLOSURE 13[−]
12 NovCriminals Exploiting FBI Emergency Data RequestsI’ve been writing about the problem with lawful-access backdoors in encryption for decades now: that as soon as you create a mechanism for law enforcement to bypass encryption, the bad guys will use it too. Turns out the same thing is true for non-technical backdoors: The a…SCHNEIER.COM
12 NovMultiple Vulnerabilities in Ivanti Endpoint Manager Could Allow for Remote Code ExecutionMultiple vulnerabilities have been discovered in Ivanti Endpoint Manager, the most severe of which could allow for remote code execution. Ivanti Endpoint Manager is a client-based unified endpoint management software. Successful exploitation could allow for remote code execution …CISECURITY.ORG
12 NovCritical Patches Issued for Microsoft Products, November 12, 2024Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, o…CISECURITY.ORG
12 NovMicrosoft Patch Tuesday, November 2024 EditionMicrosoft today released updates to plug at least 89 security holes in its Windows operating systems and other software. November's patch batch includes fixes for two zero-day vulnerabilities that are already being exploited by attackers, as well as two other flaws that were publ…KREBSONSECURITY.COM
12 NovNew Flaws in Citrix Virtual Apps Enable RCE Attacks via MSMQ MisconfigurationCybersecurity researchers have disclosed new security flaws impacting Citrix Virtual Apps and Desktop that could be exploited to achieve unauthenticated remote code execution (RCE) The issue, per findings from watchTowr, is rooted in the Session Recording component that allows sy…THEHACKERNEWS.COM
12 NovNew Ymir Ransomware Exploits Memory for Stealthy Attacks; Targets Corporate NetworksCybersecurity researchers have flagged a new ransomware family called Ymir that was deployed in an attack two days after systems were compromised by a stealer malware called RustyStealer. "Ymir ransomware introduces a unique combination of technical features and tactics that enha…THEHACKERNEWS.COM
12 NovFortinet Releases Security Updates for Multiple ProductsFortinet has released security updates to address vulnerabilities in multiple products, including FortiOS. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following advi…CISA.GOV
12 NovMicrosoft Releases November 2024 Security UpdatesMicrosoft released security updates to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following and apply necessary update…CISA.GOV
12 NovAdobe Releases Security Updates for Multiple ProductsAdobe released security updates to address multiple vulnerabilities in Adobe software. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.   CISA encourages users and administrators to review the following Adobe Security Bu…CISA.GOV
12 NovCISA Releases Five Industrial Control Systems AdvisoriesCISA released five Industrial Control Systems (ICS) advisories on November 12, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-317-01 Subnet Solutions PowerSYSTEM Center ICSA-24-317-02 Hitachi…CISA.GOV
12 Nov[FREE RESOURCE KIT] Stay Cyber Safe this Holiday Season with Our Free 2024 Resource Kit!Isn’t it typical for bad actors to strike when we’re distracted and busy during this time of year?KNOWBE4.COM
12 NovWinter Fuel Payment scam targets UK citizens via SMSScammers have leapt at the opportunity to exploit vulnerable UK residents by sending bogus messages telling them they need to take action to receive help with their winter heating bills. Read more in my article on the Tripwire State of Security blog.TRIPWIRE.COM
12 NovToward greater transparency: Publishing machine-readable CSAF filesWelcome to the third installment in our series on transparency at the Microsoft Security Response Center (MSRC). In this ongoing discussion, we talk about our commitment to providing comprehensive vulnerability information to our customers. At MSRC, our mission is to protect our …MSRC.MICROSOFT.COM
📋 SECURITY BULLETINS 2[−]
12 NovIvanti Releases Security Updates for Multiple ProductsIvanti released security updates to address vulnerabilities in Ivanti Endpoint Manager (EPM), Ivanti Avalanche, Ivanti Connect Secure, Ivanti Policy Secure, and Ivanti Security Access Client. CISA encourages users and administrators to review the following Ivanti security advisor…CISA.GOV
12 NovADV240001 Microsoft SharePoint Server Defense in Depth UpdateMicrosoft has released an security update for Microsoft SharePoint Server. The update provides a defense in depth enhancement regarding redirections.MSRC.MICROSOFT.COM
📢 SECURITY ADVISORIES 1[−]
12 NovJCDC’s Collaborative Efforts Enhance Cybersecurity for the 2024 Olympic and Paralympic GamesThe Cybersecurity and Infrastructure Security Agency (CISA), through the Joint Cyber Defense Collaborative (JCDC), enabled proactive coordination and information sharing to bolster cybersecurity ahead of the 2024 Olympic and Paralympic Games in Paris. Recognizing the potential fo…CISA.GOV
🔥 INCIDENT REPORTING 2[−]
12 Nov5 Ways Behavioral Analytics is Revolutionizing Incident ResponseBehavioral analytics, long associated with threat detection (i.e. UEBA or UBA), is experiencing a renaissance. Once primarily used to identify suspicious activity, it’s now being reimagined as a powerful post-detection technology that enhances incident response processes. By leve…THEHACKERNEWS.COM
🕵️ THREAT INTELLIGENCE 9[−]
12 NovNew Phishing Tool GoIssue Targets GitHub Developers in Bulk Email CampaignsCybersecurity researchers are calling attention to a new sophisticated tool called GoIssue that can be used to send phishing messages at scale targeting GitHub users. The program, first marketed by a threat actor named cyberdluffy (aka Cyber D' Luffy) on the Runion forum earlier …THEHACKERNEWS.COM
12 NovNorth Korean Hackers Target macOS Using Flutter-Embedded MalwareThreat actors with ties to the Democratic People's Republic of Korea (DPRK aka North Korea) have been found embedding malware within Flutter applications, marking the first time this tactic has been adopted by the adversary to infect Apple macOS devices. Jamf Threat Labs, which m…THEHACKERNEWS.COM
12 NovISC Stormcast For Tuesday, November 12th, 2024 https://isc.sans.edu/podcastdetail/9218, (Tue, Nov 12th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
12 NovNation-State Threat Actors Rely on Social Engineering FirstA new report from ESET has found that most nation-state threat actors rely on spear phishing as a primary initial access technique.KNOWBE4.COM
12 NovStep-by-Step To Creating Your First Realistic Deepfake Video in a Few MinutesLearn how to step-by-step create your first realistic deepfake video in a few minutes.KNOWBE4.COM
12 NovGUEST ESSAY: The promise and pitfalls of using augmented reality– ‘AR’ — in cybersecurityAugmented reality use cases have become prevalent in our society. The technology, which first emerged primarily in the world of gaming and entertainment, now promises to reshape our reality with interactive information and immersive experiences. In short, AR is undoubtedly ……LASTWATCHDOG.COM
12 Nov6 Principles of Operational Technology Cybersecurity released by joint NSA initiativeToday’s critical infrastructure organizations rely on operational technology (OT) to help control and manage the systems and processes required to keep critical services to the public running. However, due to the highly integrated nature of OT deployments, cybersecurity has…SECURITYINTELLIGENCE.COM
12 NovExceptional User Experience — Every Application, Every TransactionPalo Alto Networks ADEM empowers IT teams and optimizes productivity with visibility into users, branch sites, apps and IT infrastructure. The post Exceptional User Experience — Every Application, Every Transaction appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
🌐 CYBER THREAT LANDSCAPE 1[−]
🎙️ PODCASTS 1[−]
12 NovThe AI Fix #24: Where are the alien AIs, and are we being softened up for superintelligence?In episode 24 of The AI Fix, Mark makes an unforgivable error about the Terminator franchise, our hosts wonder if a "seductive" government chatbot will make it easier to talk about tax, a radio station abandons its three month AI experiment after a week, and OpenAI parks its tank…GRAHAMCLULEY.COM
📡 INFOSEC NEWS 4[−]
12 NovSnowflake hackers identified and charged with stealing 50 billion AT&T recordsThe U.S. Department of justice indicted two hackers for breaking into the systems of AT&T and several other companies. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
12 NovHow to save web pages permanently or find content from deleted sites | Kaspersky official blogAll about tools for archiving websites and searching web page archives.KASPERSKY.COM
12 NovBeats by bot: The AI remix revolutionArtificial intelligence is reshaping the music landscape, turning listeners into creators and sparking new debates over creativity, copyright, and the future of musicWELIVESECURITY.COM