🚨 CISA KEV 1[−]
18 Nov KEVCISA Adds Three Known Exploited Vulnerabilities to CatalogCISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2024-1212 Progress Kemp LoadMaster OS Command Injection Vulnerability CVE-2024-0012 Palo Alto Networks PAN-OS Management Interface Authent…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 6[−]
18 NovVMware Discloses Exploitation of Hard-to-Fix vCenter Server FlawThe saga of VMWare’s critical CVE-2024-38812 vCenter Server bug has reached the “exploitation detected” stage. The post VMware Discloses Exploitation of Hard-to-Fix vCenter Server Flaw appeared first on SecurityWeek .SECURITYWEEK.COM
18 NovUrgent: Critical WordPress Plugin Vulnerability Exposes Over 4 Million SitesA critical authentication bypass vulnerability has been disclosed in the Really Simple Security (formerly Really Simple SSL) plugin for WordPress that, if successfully exploited, could grant an attacker to remotely gain full administrative access to a susceptible site. The vulner…THEHACKERNEWS.COM
18 NovCVE-2024-43639 Windows KDC Proxy Remote Code Execution VulnerabilityAdded FAQs to explain the mitigating circumstances for this vulnerability. KPSSVC is an additional feature Microsoft has been providing since Windows Server 2012. If customers do not have it configured in their environment, then this vulnerability is not exploitable. This is an i…MSRC.MICROSOFT.COM
18 NovZohocorp ManageEngine ADAudit Plus SQL Injection VulnerabilityZohocorp, the company behind ManageEngine, has released a security update addressing a critical SQL injection vulnerability in its ADAudit Plus software. The flaw, identified as CVE-2024-49574, affects all builds of ADAudit Plus before version 8123 and has been classified as high…GBHACKERS.COM
18 NovSonatype Nexus Repository Manager Hit by RCE & XSS VulnerabilitySonatype, the company behind the popular Nexus Repository Manager, has issued security advisories addressing two critical vulnerabilities affecting Nexus Repository 2.x OSS/Pro versions. These vulnerabilities, identified as CVE-2024-5082 and CVE-2024-5083, could potentially allow…GBHACKERS.COM
18 Nov KEVGeoVision 0-Day Vulnerability Exploited in the WildCybersecurity researchers have detected the active exploitation of a zero-day vulnerability in GeoVision devices, which the manufacturer no longer supports. The vulnerability, now designated as CVE-2024-11120, has been assigned a high-severity CVSS score of 9.8 and used by a soph…GBHACKERS.COM
⚠️ VULNERABILITY DISCLOSURE 26[−]
18 NovMost of 2023’s Top Exploited Vulnerabilities Were Zero-DaysZero-day vulnerabilities are more commonly used , according to the Five Eyes: Key Findings In 2023, malicious cyber actors exploited more zero-day vulnerabilities to compromise enterprise networks compared to 2022, allowing them to conduct cyber operations against higher-priority…SCHNEIER.COM
18 NovUnknown Attacker Tries To Frame Security Researcher: Cyber Security Today for Monday, November 18th, 2024Cybersecurity Today: GitHub Attacks & Microsoft's November Patch Tuesday Updates In this episode of Cybersecurity Today, host Jim Love highlights critical cybersecurity updates. The episode covers malicious attacks on GitHub projects, including an orchestrated attempt to frame Te…CYBERSECURITYTODAY.LIBSYN.COM
18 NovMultiple Vulnerabilities in Palo Alto PAN-OS Could Allow for Authentication BypassMultiple v ulnerabilities have been discovered in Palo Alto PAN-OS, the most severe of which could allow for authentication bypass. PAN-OS is the software that runs all Palo Alto Networks next-generation firewalls. Successful exploitation could allow for a uthentication b ypass w…CISECURITY.ORG
18 NovChinese hackers exploit Fortinet VPN zero-day to steal credentialsChinese threat actors use a custom post-exploitation toolkit named 'DeepData' to exploit a zero-day vulnerability in Fortinet's FortiClient Windows VPN client that steal credentials. [...]BLEEPINGCOMPUTER.COM
18 Nov KEVPalo Alto Networks patches two firewall zero-days used in attacksPalo Alto Networks has finally released security updates for an actively exploited zero-day vulnerability in its Next-Generation Firewalls (NGFW). [...]BLEEPINGCOMPUTER.COM
18 NovCritical RCE bug in VMware vCenter Server now exploited in attacksBroadcom warned today that attackers are now exploiting two VMware vCenter Server vulnerabilities, one of which is a critical remote code execution flaw. [...]BLEEPINGCOMPUTER.COM
18 NovDiscontinued GeoVision Products Targeted in Botnet Attacks via Zero-DayA zero-day vulnerability affecting five discontinued GeoVision product models has been exploited by a botnet. The post Discontinued GeoVision Products Targeted in Botnet Attacks via Zero-Day appeared first on SecurityWeek .SECURITYWEEK.COM
18 NovPalo Alto Networks Releases IoCs for New Firewall Zero-DayPalo Alto Networks has released IoCs for the attacks exploiting a newly uncovered firewall zero-day vulnerability. The post Palo Alto Networks Releases IoCs for New Firewall Zero-Day appeared first on SecurityWeek .SECURITYWEEK.COM
18 NovFortinet VPN Zero-Day Exploited in Malware Attacks Remains Unpatched: ReportThe DeepData malware framework was seen exploiting a Fortinet VPN client for Windows zero-day that remains unpatched. The post Fortinet VPN Zero-Day Exploited in Malware Attacks Remains Unpatched: Report appeared first on SecurityWeek .SECURITYWEEK.COM
18 NovTHN Recap: Top Cybersecurity Threats, Tools, and Practices (Nov 11 - Nov 17)What do hijacked websites, fake job offers, and sneaky ransomware have in common? They’re proof that cybercriminals are finding smarter, sneakier ways to exploit both systems and people. This week makes one thing clear: no system, no person, no organization is truly off-limits. A…THEHACKERNEWS.COM
18 NovFake Discount Sites Exploit Black Friday to Hijack Shopper InformationA new phishing campaign is targeting e-commerce shoppers in Europe and the United States with bogus pages that mimic legitimate brands with the goal of stealing their personal information ahead of the Black Friday shopping season. "The campaign leveraged the heightened online sho…THEHACKERNEWS.COM
18 NovNSO Group Exploited WhatsApp to Install Pegasus Spyware Even After Meta's LawsuitLegal documents released as part of an ongoing legal tussle between Meta's WhatsApp and NSO Group have revealed that the Israeli spyware vendor used multiple exploits targeting the messaging app to deliver Pegasus, including one even after it was sued by Meta for doing so. They a…THEHACKERNEWS.COM
18 NovExploit attempts for unpatched Citrix vulnerability, (Mon, Nov 18th)Last week, Watchtowr Labs released details describing a new and so far unpatched vulnerability in Citrix&#39&#x3b;s remote access solution [1]. Specifically, the vulnerability affects the "Virtual Apps and Desktops." This solution allows "s…ISC.SANS.EDU
18 Nov KEVCitrix Virtual Apps & Desktops Zero-Day Vulnerability Exploited in the WildA critical new vulnerability has been discovered in Citrix’s Virtual Apps and Desktops solution, which is widely used to facilitate secure remote access to desktop applications now exploited in the wild. The vulnerability, which remains unpatched, was detailed last week by Watcht…GBHACKERS.COM
18 NovInside Water Barghest’s Rapid Exploit-to-Market Strategy for IoT DevicesIn this blog entry, we discuss Water Barghest's exploitation of IoT devices, transforming them into profitable assets through advanced automation and monetization techniques.TRENDMICRO.COM
18 NovMusk’s anticipated cost-cutting hacks could weaken American cybersecurityDonald Trump has named loyalist and the richest man in the world, Elon Musk, along with former presidential candidate Vivek Ramaswamy, to spearhead an initiative called the Department of Government Efficiency, or DOGE. DOGE, named in a nod to Musk’s favorite meme currency, aims t…CSOONLINE.COM
18 NovWarum Ursachen für Security Breaches unbekannt bleibensrcset="https://b2b-contenthub.com/wp-content/uploads/2024/11/shutterstock_2450604701.jpg?quality=50&strip=all 8256w, https://b2b-contenthub.com/wp-content/uploads/2024/11/shutterstock_2450604701.jpg?resize=300%2C168&quality=50&strip=all 300w, https://b2b-contenthub.c…CSOONLINE.COM
18 NovSo, you don’t have a chief information security officer? 9 signs your company needs oneThe threat of cyberattacks keeps many US CEOs awake at night, but fewer than half of them have a CISO to check under their company’s bed for digital monsters. Cyber-attacks were ranked as the No. 2 geopolitical concern in the Conference Board’s 2024 CEO survey . Yet only 45% of A…CSOONLINE.COM
18 Nov10 Kennzahlen, die CISOs weiterbringenGeht es um Security-Kennzahlen, sollten CISOs sich auf das Wesentliche fokussieren. Foto: Vadym Nechyporenko – shutterstock.com Die Security-Performance zu messen , gehört vielleicht nicht zu den aufregendsten Aufgaben eines CISOs – kann allerdings sehr nützlich sein, um eine gan…CSOONLINE.COM
18 NovSecurity Update - Release 1.32.5 · dani-garcia/vaultwardensubmitted by Branquinho to cybersecurity 7 points | 0 comments https://github.com/dani-garcia/vaultwarden/releases/tag/1.32.5 This release further fixed some CVE Reports reported by a third party security auditor and we recommend everybody to update to the latest version as soon …INFOSEC.PUB
18 NovInside Water Barghest’s Rapid Exploit-to-Market Strategy for IoT Devicessubmitted by kid to cybersecurity 5 points | 0 comments https://www.trendmicro.com/en_us/research/24/k/water-barghest.html Water Barghest, which comprised over 20,000 IoT devices by October 2024, monetizes IoT devices by exploiting vulnerabilities and quickly enlisting them for s…SH.ITJUST.WORKS
18 NovSecurity Update - Release 1.32.5 · dani-garcia/vaultwardensubmitted by Branquinho to cybersecurity 10 points | 0 comments https://github.com/dani-garcia/vaultwarden/releases/tag/1.32.5 This release further fixed some CVE Reports reported by a third party security auditor and we recommend everybody to update to the latest version as soon…SH.ITJUST.WORKS
18 NovNSO Group Exploited WhatsApp to Install Pegasus Spyware Even After Meta's Lawsuitsubmitted by kid to cybersecurity 41 points | 4 comments https://thehackernews.com/2024/11/nso-group-exploited-whatsapp-to-install.htmlSH.ITJUST.WORKS
18 NovWarning: DEEPDATA Malware Exploiting Unpatched Fortinet Flaw to Steal VPN Credentialssubmitted by kid to cybersecurity 7 points | 0 comments https://thehackernews.com/2024/11/warning-deepdata-malware-exploiting.htmlSH.ITJUST.WORKS
18 NovZero-Day Exploitation Targeting Palo Alto Networks Firewallsubmitted by kid to cybersecurity 14 points | 1 comments https://www.rapid7.com/blog/post/2024/11/15/etr-zero-day-exploitation-targeting-palo-alto-networks-firewall-management-interfaces/SH.ITJUST.WORKS
18 NovExploit attempts for unpatched Citrix vulnerabilitysubmitted by Joker to cybersecurity 15 points | 0 comments https://isc.sans.edu/diary/31446SH.ITJUST.WORKS
📢 SECURITY ADVISORIES 5[−]
18 NovCISA Launches New Learning Platform to Enhance Training and Education U.S. Veterans and Other StakeholdersCISA.GOV
18 NovUS charges Phobos ransomware admin after South Korea extraditionEvgenii Ptitsyn, a Russian national and suspected administrator of the Phobos ransomware operation, was extradited from South Korea and is facing cybercrime charges in the United States. [...]BLEEPINGCOMPUTER.COM
18 NovBeyond Compliance: The Advantage of Year-Round Network Pen TestingIT leaders know the drill—regulators and cyber insurers demand regular network penetration testing to keep the bad guys out. But here’s the thing: hackers don’t wait around for compliance schedules. Most companies approach network penetration testing on a set schedule, with the m…THEHACKERNEWS.COM
18 NovCISA Director Jen Easterly to depart agency on January 20CISA's director will depart the agency after three years at the helm, as part of the "seamless transition" of government power. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
18 NovPhobos Ransomware Administrator Extradited from South Korea to Face Cybercrime Chargessubmitted by Joker to cybersecurity 5 points | 0 comments https://www.justice.gov/opa/pr/phobos-ransomware-administrator-extradited-south-korea-face-cybercrime-charges The Justice Department unsealed criminal charges today against Evgenii Ptitsyn, 42, a Russian national, for alle…SH.ITJUST.WORKS
🔥 INCIDENT REPORTING 11[−]
18 NovUS space tech giant Maxar discloses employee data breachHackers breached U.S. satellite maker Maxar Space Systems and accessed personal data belonging to its employees, the company informs in a notification to impacted individuals. [...]BLEEPINGCOMPUTER.COM
18 NovRansomware Attack on Oklahoma Medical Center Impacts 133,000Great Plains Regional Medical Center says the personal information of 133,000 individuals was compromised in a ransomware attack. The post Ransomware Attack on Oklahoma Medical Center Impacts 133,000 appeared first on SecurityWeek .SECURITYWEEK.COM
18 NovAnnieMac Data Breach Impacts 171,000 PeopleAnnieMac Home Mortgage is informing over 171,000 individuals that their data has been compromised in a hacker attack. The post AnnieMac Data Breach Impacts 171,000 People appeared first on SecurityWeek .SECURITYWEEK.COM
18 NovLibrary of Congress Says an Adversary Hacked Some EmailsThe Library of Congress has notified lawmakers of a “cyber breach” of its IT system by an adversary and a hack of emails. The post Library of Congress Says an Adversary Hacked Some Emails appeared first on SecurityWeek .SECURITYWEEK.COM
18 NovAI training software firm iLearningEngines says it lost $250,000 in recent cyberattackThe US-based firm said hackers misdirected a $250,000 wire transfer payment that it hasn't been able to recover. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
18 NovAPT32 Attack Chain: Simple Hack, MASSIVE Threat!Explore the APT32 Ocean Lotus attack chain—a stealthy blend of clever hacking tactics that packs a punch. John Hammond breaks down how APT32's sneaky use of DLL side-loading, among other methods, turns seemingly simple hacks into a massive threat. Learn why these 'flashy' Advance…YOUTUBE.COM
18 NovWhy Your Password Can’t Save You From THIS Hack 🔒😱Think your account is safe because you change your password? Think again! Hackers are now using OAuth applications to maintain access, even if passwords are updated. In this video, we dive into how this happens and why a compromised user account can give attackers persistent acce…YOUTUBE.COM
18 NovAI company tells SEC that $250,000 stolen in cyberattacksubmitted by Joker to cybersecurity 12 points | 0 comments https://therecord.media/ai-company-loses-250000-in-bec-cyberattackSH.ITJUST.WORKS
18 NovBabble Babble Babble Babble Babble Babble BabbleLoadersubmitted by Joker to cybersecurity 3 points | 1 comments https://intezer.com/blog/research/babble-babble-babble-babble-babble-babble-babbleloader/ Archive The pace of innovation and development in the malware detection market is relentless, the same goes for the development of m…SH.ITJUST.WORKS
18 NovBritish software company Microlise confirms hackers compromised corporate datasubmitted by Joker to cybersecurity 6 points | 0 comments https://therecord.media/microlise-british-software-company-data-breachSH.ITJUST.WORKS
🕵️ THREAT INTELLIGENCE 11[−]
18 NovWhy Custom IOCs Are Necessary for Advanced Threat Hunting and DetectionThe ability to internalize and operationalize customized threat intelligence as part of a holistic security system is no longer a luxury; it's a necessity. The post Why Custom IOCs Are Necessary for Advanced Threat Hunting and Detection appeared first on SecurityWeek .SECURITYWEEK.COM
18 Nov300 Drinking Water Systems in US Exposed to Disruptive, Damaging Hacker AttacksEPA flags security vulnerabilities in more than 300 drinking water systems that serve roughly 110 million individuals. The post 300 Drinking Water Systems in US Exposed to Disruptive, Damaging Hacker Attacks appeared first on SecurityWeek .SECURITYWEEK.COM
18 NovT-Mobile Also Targeted in Chinese Telecom Hacking CampaignT-Mobile has also been targeted by the Chinese group Salt Typhoon in a major espionage campaign targeting US telecom companies. The post T-Mobile Also Targeted in Chinese Telecom Hacking Campaign appeared first on SecurityWeek .SECURITYWEEK.COM
18 NovISC Stormcast For Monday, November 18th, 2024 https://isc.sans.edu/podcastdetail/9222, (Mon, Nov 18th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
18 NovMentorship Monday - Discussions for career and learning!submitted by shellsharks to cybersecurity 5 points | 0 comments Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? …INFOSEC.PUB
18 NovSimultaneously resettable zero knowledge protocol in Public Key modelsubmitted by Joker to cybersecurity 8 points | 1 comments https://cybersecurity.springeropen.com/articles/10.1186/s42400-024-00253-5SH.ITJUST.WORKS
18 NovSecurity Brief: ClickFix Social Engineering Technique Floods Threat Landscapesubmitted by Joker to cybersecurity 12 points | 1 comments https://www.proofpoint.com/us/blog/threat-insight/security-brief-clickfix-social-engineering-technique-floods-threat-landscapeSH.ITJUST.WORKS
18 NovLet's Encrypt is 10 years old today !submitted by pcouy to cybersecurity 60 points | 4 comments http://letsencrypt.org/ publication croisée depuis : lemmy.pierre-couy.fr/post/805239 Happy birthday to Let’s Encrypt ! Huge thanks to everyone involved in making HTTPS available to everyone for free !SH.ITJUST.WORKS
18 NovFortra Reports Alarming Increase In Abuse Of Cloudflare Servicessubmitted by kid to cybersecurity 8 points | 0 comments https://informationsecuritybuzz.com/fortra-reports-abuse-of-cloudflare-ser/SH.ITJUST.WORKS
18 NovQuickBooks popup scam still being delivered via Google adssubmitted by Joker to cybersecurity 8 points | 0 comments https://www.malwarebytes.com/blog/scams/2024/11/quickbooks-popup-scam-still-being-delivered-via-google-ads Accounting software QuickBooks, by Intuit, is a popular target for India-based scammers, only rivaled for top spot …SH.ITJUST.WORKS
18 NovInside Bitdefender Labs’ Investigation of a Malicious Facebook Ad Campaign Targeting Bitwarden Userssubmitted by Joker to cybersecurity 29 points | 3 comments https://www.bitdefender.com/en-gb/blog/labs/inside-bitdefender-labs-investigation-of-a-malicious-facebook-ad-campaign-targeting-bitwarden-usersSH.ITJUST.WORKS
🌐 CYBER THREAT LANDSCAPE 4[−]
18 NovNew Stealthy BabbleLoader Malware Spotted Delivering WhiteSnake and Meduza StealersCybersecurity researchers have shed light on a new stealthy malware loader called BabbleLoader that has been observed in the wild delivering information stealer families such as WhiteSnake and Meduza. BabbleLoader is an "extremely evasive loader, packed with defensive mechanisms,…THEHACKERNEWS.COM
📡 INFOSEC NEWS 12[−]
18 NovBrave on iOS adds new "Shred" button to wipe site-specific dataBrave Browser 1.71 for iOS introduces a new privacy-focused feature called "Shred," which allows users to easily delete site-specific mobile browsing data. [...]BLEEPINGCOMPUTER.COM
18 NovFake Bitwarden ads on Facebook push info-stealing Chrome extensionFake Bitwarden password manager advertisements on Facebook are pushing a malicious Google Chrome extension that collects and steals sensitive user data from the browser. [...]BLEEPINGCOMPUTER.COM
18 NovMicrosoft 365 Admin portal abused to send sextortion emailsThe Microsoft 365 Admin Portal is being abused to send sextortion emails, making the emails appear trustworthy and bypassing email security platforms. [...]BLEEPINGCOMPUTER.COM
18 NovIndustry Moves for the week of November 18, 2024 - SecurityWeekExplore industry moves and significant changes in the industry for the week of November 18, 2024. Stay updated with the latest industry trends and shifts.SECURITYWEEK.COM
18 NovThe Problem of Permissions and Non-Human Identities - Why Remediating Credentials Takes Longer Than You ThinkAccording to research from GitGuardian and CyberArk, 79% of IT decision-makers reported having experienced a secrets leak, up from 75% in the previous year's report. At the same time, the number of leaked credentials has never been higher, with over 12.7 million hardcoded credent…THEHACKERNEWS.COM
18 NovGmail's New Shielded Email Feature Lets Users Create Aliases for Email PrivacyGoogle appears to be readying a new feature called Shielded Email that allows users to create email aliases when signing up for online services and better combat spam. The feature was first reported by Android Authority last week following a teardown of the latest version of Goog…THEHACKERNEWS.COM
18 NovUnlocking Cybersecurity Talent: The Power of ApprenticeshipsCybersecurity is a fast-growing field, with a constant need for skilled professionals. But unlike other professions — like medicine or aviation — there’s no clear-cut pathway to qualifying for cybersecurity positions. For employers and job seekers alike, this can make the journey…NIST.GOV
18 NovSpace tech giant Maxar confirms hacker accessed employees’ personal dataMaxar has 2,600 employees — with more than half having security clearances to work on classified U.S. government projects. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
18 Nov300 Drinking Systems In US Exposed To Disruptive, Damaging Hacker AttacksPACKETSTORMSECURITY.COM
18 NovSimple tips for a safer digital life | Kaspersky official blogFive tips to enhance your cybersecurity.KASPERSKY.COM
18 NovWhat is “Scam Likely”? Putting the phone down on unwanted callsTired of dodging all those 'Scam Likely' calls? Here's what’s behind the label and how to stay one step ahead of phone scammers.WELIVESECURITY.COM