🐛 COMMON VULNERABILITIES AND EXPOSURES 1[−]
6 DecChromium: CVE-2024-12053 Type Confusion in V8This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
⚠️ VULNERABILITY DISCLOSURE 29[−]
6 DecState-Provided Software Helped Stop Cyber Attack in Texassubmitted by Amoxtli to cybersecurity 1 points | 0 comments https://www.govtech.com/security/state-provided-software-helped-stop-cyber-attack-in-texasSH.ITJUST.WORKS
6 DecCISOs still cautious about adopting autonomous patch management solutionsFailing to patch vulnerabilities keeps biting CISOs. The most recent evidence: Last month, the Five Eyes cybersecurity agencies in the US, the UK, Australia, Canada, and New Zealand reported that the top 15 vulnerabilities routinely exploited last year included one that dated bac…CSOONLINE.COM
6 DecWindows NTLM Zero-Day Vulnerability Exposes User CredentialsA critical zero-day vulnerability affecting all modern Windows Workstation and Server versions has been discovered. The flaw enables attackers to steal NTLM credentials with minimal user interaction, posing a significant security risk. It impacts systems from Windows 7 and Server…GBHACKERS.COM
6 DecCritical Vulnerability Discovered in SailPoint IdentityIQA critical directory traversal vulnerability in the SailPoint IdentityIQ IAM platform exposes restricted files to attackers. The post Critical Vulnerability Discovered in SailPoint IdentityIQ appeared first on SecurityWeek .SECURITYWEEK.COM
6 DecData deletion enters the ransomware chatRansomware remains one of the biggest cyber threats to companies today. In a survey by security provider Cohesity , 83% of respondents said they were affected by a ransomware attack in the first half of 2024. According to security experts, there is no relief in sight for 2025 eit…CSOONLINE.COM
6 DecMultiple ICS Advisories Released by CISA Detailing Exploits & VulnerabilitiesThe Cybersecurity and Infrastructure Security Agency (CISA) has released two advisories highlighting significant security vulnerabilities in Industrial Control Systems (ICS) software and hardware. These vulnerabilities, identified in AutomationDirect’s C-More EA9 Programmin…GBHACKERS.COM
6 Dec8 biggest cybersecurity threats manufacturers faceThe manufacturing sector’s rapid digital transformation, complex supply chains, and reliance on third-party vendors make for a challenging cyber threat environment for CISOs. Manufacturers — often prime targets for state-sponsored malicious actors and ransomware gangs — face the …CSOONLINE.COM
6 DecEuropol Dismantled 50+ Servers Used For Fake Online Shopping WebsitesEuropol, in collaboration with law enforcement across Europe, has taken down a sophisticated cybercriminal network responsible for large-scale online fraud. Over 50 servers were seized, a trove of digital evidence was secured, and two primary suspects are now in pretrial detentio…GBHACKERS.COM
6 DecURL File NTLM Hash Disclosure Vulnerability (0day) - and Free Micropatches for itsubmitted by Joker to cybersecurity 1 points | 0 comments https://blog.0patch.com/2024/12/url-file-ntlm-hash-disclosure.htmlINFOSEC.PUB
6 DecRockwell Automation Warns of Multiple Code Execution Vulnerabilities in ArenaRockwell Automation has issued a critical security advisory addressing multiple remote code execution (RCE) vulnerabilities discovered in its Arena® software. These vulnerabilities, reported by the Zero Day Initiative (ZDI), expose systems to potential exploitation by adversaries…GBHACKERS.COM
6 DecDjango Security Update, Patch for DoS & SQL Injection VulnerabilityThe Django team has issued critical security updates for versions 5.1.4, 5.0.10, and 4.2.17. These updates address two vulnerabilities: a potential denial-of-service (DoS) attack in the strip_tags() method and a high-severity SQL injection risk in Oracle databases. All developers…GBHACKERS.COM
6 DecFCC calls for urgent cybersecurity overhaul amid Salt Typhoon espionage caseIn the wake of the Salt Typhoon cyberespionage campaign allegedly linked to China, Federal Communications Commission (FCC) Chairwoman Jessica Rosenworcel has proposed immediate measures to strengthen the cybersecurity of US telecommunications infrastructure. The FCC’s action came…CSOONLINE.COM
6 DecPoC Exploit Published for Unpatched Mitel MiCollab VulnerabilityWatchTowr has published proof-of-concept (PoC) code for an unpatched vulnerability in the Mitel MiCollab enterprise collaboration platform. The post PoC Exploit Published for Unpatched Mitel MiCollab Vulnerability appeared first on SecurityWeek .SECURITYWEEK.COM
6 DecURL File NTLM Hash Disclosure Vulnerability (0day) - and Free Micropatches for itsubmitted by kid to cybersecurity 1 points | 0 comments https://blog.0patch.com/2024/12/url-file-ntlm-hash-disclosure.htmlSH.ITJUST.WORKS
6 DecGoogle Open Sources Security Patch Validation Tool for AndroidGoogle has announced the open source availability of Vanir, a patch validation tool for Android platform developers. The post Google Open Sources Security Patch Validation Tool for Android appeared first on SecurityWeek .SECURITYWEEK.COM
6 DecRussian hackers abuse Cloudflare tunneling service to drop GammaDrop malwareIn a new campaign, a Russia-backed advanced persistent threat ( APT ) group is seen abusing Cloudflare tunnels to deliver its proprietary GammaLoad malware. The threat actor, tracked as BlueAlpha, was observed by the cybersecurity research firm Insikt Group to be exploiting this …CSOONLINE.COM
6 DecResearchers Uncover Flaws in Popular Open-Source Machine Learning FrameworksCybersecurity researchers have disclosed multiple security flaws impacting open-source machine learning (ML) tools and frameworks such as MLflow, H2O, PyTorch, and MLeap that could pave the way for code execution. The vulnerabilities, discovered by JFrog, are part of a broader co…THEHACKERNEWS.COM
6 DecEU’s first ever report on the state of cybersecurity in the Unionsubmitted by kid to cybersecurity 2 points | 0 comments https://www.enisa.europa.eu/news/eus-first-ever-report-on-the-state-of-cybersecurity-in-the-union The risk assessment conducted on a Union level revealed substantial cyber threat level to the EU, highlighting discovered vuln…SH.ITJUST.WORKS
6 DecCapibaraZero Firmware With ESP32-S3 Hardware Enables Low Cost Flipper Zero alternativeThe open-source tech landscape continues to innovate, and the release of the CapibaraZero firmware marks another breakthrough. Designed for ESP32-S3-based hardware platforms, CapibaraZero provides a low-cost alternative to the highly popular—but expensive—Flipper Zero, a multifun…GBHACKERS.COM
6 DecNeue EU-Gesetze zur CyberabwehrDie neuen Cybersicherheitsgesetze der EU konzentrieren sich darauf, Bedrohungen zu erkennen, auf Zwischenfälle zu reagieren und Dienste zu zertifizieren. Ivan Marc – Shutterstock.com Das neue EU-Gesetzpaket besteht aus dem sogenannten „Cybersolidaritätsgesetz“ (Cyber Solidarity A…CSOONLINE.COM
6 DecRussian BlueAlpha APT Exploits Cloudflare Tunnels to Distribute Custom MalwareBlueAlpha, a Russian state-sponsored group, is actively targeting Ukrainian individuals and organizations by using spearphishing emails with malicious HTML attachments to deliver GammaLoad malware. To evade detection, BlueAlpha is leveraging Cloudflare Tunnels to conceal th…GBHACKERS.COM
6 DecThe Rise of Phishing Attacks: How New Domain Extensions Are Fueling Cyber CrimeIn recent years, the world of cybersecurity has witnessed a concerning trend: a significant increase in phishing attacks.KNOWBE4.COM
6 DecWhy Controversial Phishing Emails Do Not WorkFrequently, when a cybersecurity training manager sends out a controversial simulated phishing attack message that angers a bunch of employees and ends up making headlines, we get called by the media to comment on the story.KNOWBE4.COM
6 DecStopping 0day Exploits Doesn't Require AI or Superhuman Speed - Rob Allen - ESW #386When focused on cybersecurity through a vulnerability management lens, it's tempting to see the problem as a race between exploit development and patching speed. This is a false narrative, however. While there are hundreds of thousands of vulnerabilities, each requiring unique ex…YOUTUBE.COM
6 DecResearchers Uncover Flaws in Popular Open-Source Machine Learning Frameworkssubmitted by kid to cybersecurity 4 points | 0 comments https://thehackernews.com/2024/12/researchers-uncover-flaws-in-popular.htmlSH.ITJUST.WORKS
6 DecNew Windows zero-day exposes NTLM credentials, gets unofficial patchA new zero-day vulnerability has been discovered that allows attackers to capture NTLM credentials by simply tricking the target into viewing a malicious file in Windows Explorer. [...]BLEEPINGCOMPUTER.COM
6 DecSpyware Campaign Targets Sino Minority Groups via WeChatPossible Chinese-state sponsored Exploit Kit Using Browser Flaws to Deploy Spyware A possible Chinese-state threat group is targeting vulnerabilities in messaging apps to deliver spyware in cross-platform devices used by members of ethnic minorities targeted for repression by Bei…DATABREACHTODAY.CO.UK
6 DecFriday Squid Blogging: Safe Quick Undercarriage Immobilization DeviceFifteen years ago I blogged about a different SQUID. Here’s an update : Fleeing drivers are a common problem for law enforcement. They just won’t stop unless persuaded—persuaded by bullets, barriers, spikes, or snares. Each option is risky business. Shooting up a fug…SCHNEIER.COM
6 DecSupply chain compromise of Ultralytics AI library results in trojanized versionsAttackers have compromised Ultralytics YOLO packages published on PyPI, the official Python package index, by compromising the build environment of the popular library for creating custom machine learning models. The malicious code deployed cryptocurrency mining malware on system…CSOONLINE.COM
📢 SECURITY ADVISORIES 4[−]
6 DecSind Macs noch sicher?MacOS galt lange als „Malware-frei“. Eine Studie legt nahe: Diese Zeiten sind längst vorbei. Zyracuze | shutterstock.com MacOS und das Apple-Ökosystem allgemein gelten sowohl unter Benutzern als auch unter Experten als sicher . Nun deuten die Daten des (auf Macs spezialisierten) …CSOONLINE.COM
6 DecIn Other News: Cloudflare Abuse, UK and EU Cybersecurity Reports, FBI Gen-AI AlertNoteworthy stories that might have slipped under the radar: ENISA and NCSC release cybersecurity reports, abuse of Cloudflare services, FBI warns of gen-AI enabling fraud. The post In Other News: Cloudflare Abuse, UK and EU Cybersecurity Reports, FBI Gen-AI Alert appeared first o…SECURITYWEEK.COM
6 DecIRS Warns of Holiday-Themed Shopping ScamsThe US Internal Revenue Service (IRS) has issued an advisory warning taxpayers to be on the lookout for holiday-themed shopping scams.KNOWBE4.COM
🔥 INCIDENT REPORTING 11[−]
6 DecMassive Telecom Hack Hits US Carriers: Cyber Security Today for Friday, December 6, 2024Massive Telecom Hack and the Future of Cybersecurity In this episode of Cybersecurity Today, host Jim Love covers a series of crucial topics including a major cyber attack by Chinese hackers on U.S. telecom networks labeled as the biggest in history, the challenges tied to hardwa…CYBERSECURITYTODAY.LIBSYN.COM
6 DecChinese Hackers Breach US Firm, Maintain Network Access for Monthssubmitted by kid to cybersecurity 1 points | 0 comments https://hackread.com/chinese-hackers-breach-us-firm-network-for-months/SH.ITJUST.WORKS
6 DecAtrium Health Data Breach Impacts 585,000 PeopleAtrium Health has notified the HHS of a data breach impacting 585,000 individuals, and the incident may be related to online tracking. The post Atrium Health Data Breach Impacts 585,000 People appeared first on SecurityWeek .SECURITYWEEK.COM
6 DecDeutschland noch immer schlecht auf Cyberangriffe vorbereitetsrcset="https://b2b-contenthub.com/wp-content/uploads/2024/12/shutterstock_2523718547.jpg?quality=50&strip=all 5184w, https://b2b-contenthub.com/wp-content/uploads/2024/12/shutterstock_2523718547.jpg?resize=300%2C168&quality=50&strip=all 300w, https://b2b-contenthub.c…CSOONLINE.COM
6 Dec"Pwned", The Book, Is Now Available for FreePresently sponsored by: Cyberattacks are guaranteed. Is your recovery? Protect your data in the cloud. Join Rubrik’s Cloud Resilience Summit. Nearly four years ago now, I set out to write a book with Charlotte and Rob It was the stories behind the stories, the things that drove m…TROYHUNT.COM
6 DecCybersecurity from Santa, office surveillance, Apple work/life balance issues, & more - ESW #386This week, in the enterprise security news, 1. Funding and acquisition news slows down as we get into the “I’m more focused on holiday shopping season” 2. North Pole Security picked an appropriate time to raise some seed funding 3. Breaking news, it’s still super easy to exfiltra…YOUTUBE.COM
6 DecBlue Yonder SaaS giant breached by Termite ransomware gangThe Termite ransomware gang has officially claimed responsibility for the November breach of software as a service (SaaS) provider Blue Yonder. [...]BLEEPINGCOMPUTER.COM
6 DecUltralytics AI model hijacked to infect thousands with cryptominerThe popular Ultralytics YOLO11 AI model was compromised in a supply chain attack to deploy cryptominers on devices running versions 8.3.41 and 8.3.42 from the Python Package Index (PyPI) [...]BLEEPINGCOMPUTER.COM
6 DecDutch Counter-Ransomware Initiative Led to Global TakedownsProject Mellissa Contributed Toward Disruptive Actions A Dutch public and private sector anti-ransomware initiative has contributed to ransomware disruptions globally, found an assessment from the University of Leiden. "Project Melissa" was launched in 2023 by Cybersafe Netherlan…DATABREACHTODAY.CO.UK
6 DecInsider Breach, Email Attacks Net $1.7M in HIPAA FinesIncidents at Pain Management Firm, Pediatric Hospital Affect 50,000 People An insider breach at a Florida pain management firm and an email breach at a Colorado pediatric hospital have resulted in more than $1.7 million in fines for HIPAA violations found by federal investigators…DATABREACHTODAY.CO.UK
6 DecHere's Where Top Cybersecurity Vendors Stand as 2025 NearsPalo Alto, CrowdStrike, Zscaler Eye Firewall, SIEM Replacement, Incident Recovery Three of the world's largest pure-play cybersecurity vendors recently reported earnings, grappling with SIEM and firewall displacement opportunities along with rebounding from a massive outage. Palo…DATABREACHTODAY.CO.UK
🕵️ THREAT INTELLIGENCE 35[−]
6 DecNews alert: One Identity wins 2024 Cyber Defense Award: Hot Company – PAM categoryAlisa Viejo, Calif., Dec. 5, 2024, CyberNewswire — One Identity proudly announces it has been named a winner in the Hot Company: Privileged Access Management (PAM) category in the 12th annual Cyber Defense Awards by Cyber Defense Magazine (CDM), the … (more…) The post…LASTWATCHDOG.COM
6 DecISC Stormcast For Friday, December 6th, 2024 https://isc.sans.edu/podcastdetail/9244, (Fri, Dec 6th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
6 Dec KEVDie besten Hacker-FilmeVorsicht, dieses Film-Listicle kann zu Prokrastination verführen! Nomad Soul | shutterstock.com Security-Profis und -Entscheider mit Hang zur Filmkunst müssen auch nach Feierabend nicht auf ihr Leib-und-Magen-Thema verzichten – einer Fülle cineastischer Ergüsse sei Dank. Das Film…CSOONLINE.COM
6 DecResearchers Released hrtng IDA Pro Plugin for Malware Analyst to Make Reverse Engineering EasyThe Global Research and Analysis Team (GReAT) has announced the release of hrtng, a cutting-edge plugin for IDA Pro, one of the most prominent tools for reverse engineering. Designed specifically to enhance the efficiency of malware analysis, hrtng provides analysts with powerful…GBHACKERS.COM
6 DecHackers Leveraging Cloudflare Tunnels, DNS Fast-Flux to Hide GammaDrop MalwareThe threat actor known as Gamaredon has been observed leveraging Cloudflare Tunnels as a tactic to conceal its staging infrastructure hosting a malware called GammaDrop. The activity is part of an ongoing spear-phishing campaign targeting Ukrainian entities since at least early 2…THEHACKERNEWS.COM
6 DecBSides Ottawa 2024submitted by ashar to security_cpe 1 points | 0 comments https://infosec.pub/pictrs/image/a72edceb-710d-4e33-aee0-07d93ebb2c6d.jpeg BSides Ottawa 2024 Schedule BSides Ottawa 2024 videos BSides Ottawa 2024 - Day 1 Keynote and Speakers BSides Ottawa 2024 - Day 2 Keynote and Speaker…INFOSEC.PUB
6 DecMore_eggs MaaS Expands Operations with RevC2 Backdoor and Venom LoaderThe threat actors behind the More_eggs malware have been linked to two new malware families, indicating an expansion of its malware-as-a-service (MaaS) operation. This includes a novel information-stealing backdoor called RevC2 and a loader codenamed Venom Loader, both of which a…THEHACKERNEWS.COM
6 DecUnveiling RevC2 and Venom Loadersubmitted by Joker to cybersecurity 1 points | 0 comments https://www.zscaler.com/blogs/security-research/unveiling-revc2-and-venom-loaderINFOSEC.PUB
6 DecRecently Charged Scattered Spider Suspect Did Poor Job at Covering TracksA California teen suspected of being a Scattered Spider member left a long trail of evidence and even used an FBI service to launder money. The post Recently Charged Scattered Spider Suspect Did Poor Job at Covering Tracks appeared first on SecurityWeek .SECURITYWEEK.COM
6 DecRussian programmer says FSB agents planted spyware on his Android phonesubmitted by kid to cybersecurity 1 points | 0 comments https://techcrunch.com/2024/12/05/russian-programmer-says-fsb-agents-planted-spyware-on-his-android-phone/SH.ITJUST.WORKS
6 DecNew QR Code-Based C2 Attack Lets Hackers Bypass All Type of Browser Isolation Securitysubmitted by kid to cybersecurity 1 points | 0 comments https://cybersecuritynews.com/qr-code-based-c2-attack-bypass-browser-isolation-security/SH.ITJUST.WORKS
6 DecMore_eggs MaaS Expands Operations with RevC2 Backdoor and Venom Loadersubmitted by kid to cybersecurity 1 points | 0 comments https://thehackernews.com/2024/12/moreeggs-maas-expands-operations-with.htmlSH.ITJUST.WORKS
6 DecBypassing WAFs with the phantom $Version cookiesubmitted by kid to cybersecurity 1 points | 0 comments https://portswigger.net/research/bypassing-wafs-with-the-phantom-version-cookieSH.ITJUST.WORKS
6 DecChina bans use of Intel, AMD and Nvidia Processor Chips for security concernssubmitted by kid to cybersecurity 4 points | 0 comments https://www.cybersecurity-insiders.com/china-bans-use-of-intel-amd-and-nvidia-processor-chips-for-security-concerns/SH.ITJUST.WORKS
6 DecMicrosoft spots another China spy crew stealing US datasubmitted by kid to cybersecurity 1 points | 0 comments https://www.theregister.com/2024/12/06/chinese_cyberspy_us_data/SH.ITJUST.WORKS
6 DecRussia's 'BlueAlpha' APT Hides in Cloudflare Tunnelssubmitted by kid to cybersecurity 1 points | 0 comments https://www.darkreading.com/cloud-security/russias-bluealpha-apt-cloudflare-tunnelsSH.ITJUST.WORKS
6 DecMultiple SonicWall Vulnerabilities Let Attackers Execute Remote CodeSonicWall has issued a critical alert regarding multiple vulnerabilities in its Secure Mobile Access (SMA) 100 series SSL-VPN appliances. These vulnerabilities could allow attackers to execute remote code, bypass authentication, or compromise system integrity. SonicWall urges use…GBHACKERS.COM
6 DecDetecting Pegasus InfectionsThis tool seems to do a pretty good job. The company’s Mobile Threat Hunting feature uses a combination of malware signature-based detection, heuristics, and machine learning to look for anomalies in iOS and Android device activity or telltale signs of spyware infection. Fo…SCHNEIER.COM
6 DecCryptohack Roundup: Solana npm Package Attack's Wallet RisksAlso, Man Who Stole $3.5M of Cloud Computing to Mine $1M in Crypto Pleads Guilty This week, Solana npm package attack, a Brazilian banking giant entered crypto trading and a Nebraska man pleaded guilty to cryptojacking. Australia tightened rules for crypto businesses and crypto l…DATABREACHTODAY.CO.UK
6 DecSonicWall Patches 6 Vulnerabilities in Secure Access GatewaySonicWall has released patches for multiple high-severity flaws in the SMA100 SSL-VPN secure access gateway. The post SonicWall Patches 6 Vulnerabilities in Secure Access Gateway appeared first on SecurityWeek .SECURITYWEEK.COM
6 DecEthyca Raises $10 Million for Data Privacy PlatformData privacy solutions provider Ethyca has raised $10 million in a funding round led by Aspenwood Ventures and AVP. The post Ethyca Raises $10 Million for Data Privacy Platform appeared first on SecurityWeek .SECURITYWEEK.COM
6 DecYour KnowBe4 Fresh Content Updates from November 2024Check out the 84 new pieces of training content added in November, alongside the always fresh content update highlights, events and new features.KNOWBE4.COM
6 DecHow TikTok is reframing cybersecurity effortsYou might think of TikTok as the place to go to find out new recipes and laugh at silly videos. And as a cybersecurity professional, TikTok’s potential data security issues are also likely to come to mind. However, in recent years, TikTok has worked to promote cybersecurity…SECURITYINTELLIGENCE.COM
6 DecRussian Hackers Hijacked Pakistani Actor Servers For C2 CommunicationSecret Blizzard, a Russian threat actor, has infiltrated 33 command-and-control (C2) servers belonging to the Pakistani group Storm-0156, which allows Secret Blizzard to access networks of Afghan government entities and Pakistani operators. They have deployed their own malw…GBHACKERS.COM
6 DecSophisticated Celestial Stealer Targets Browsers to Steal Login CredentialsResearchers discovered Celestial Stealer, a JavaScript-based MaaS infostealer targeting Windows systems that, evading detection with obfuscation and anti-analysis techniques, steals data from various browsers, applications, and cryptocurrency wallets. It operates as an Electron o…GBHACKERS.COM
6 DecUnwrapping Cybersecurity: A Festive "Die Hard" GuideIt is the holiday season. Think twinkling lights, the scent of pine, and cyber threats lurking in the shadows, waiting to pounce quicker than Bruce Willis can say, “Yippee ki yay.”KNOWBE4.COM
6 DecFBI Warns of Cybercriminals Using Generative AI to Launch Phishing AttacksThe US Federal Bureau of Investigation (FBI) warns that threat actors are increasingly using generative AI to increase the persuasiveness of social engineering attacks.KNOWBE4.COM
6 DecTop Five Industries Most Frequently Targeted by Phishing AttacksResearchers analyzed phishing attacks from Q3 2023 to Q3 2024 and identified the top five industries targeted by subject-customized emails, which often leverage personal information like names, emails, phone numbers, or company names to bypass security measures. Employing r…GBHACKERS.COM
6 DecAnnouncing the Adaptive Prompt Injection Challenge (LLMail-Inject)We are excited to introduce LLMail-Inject, a new challenge focused on evaluating state-of-the-art prompt injection defenses in a realistic simulated LLM-integrated email client. In this challenge, participants assume the role of an attacker who sends an email to a user. The user …MSRC.MICROSOFT.COM
6 DecOff-Topic Fridaysubmitted by shellsharks to cybersecurity 2 points | 0 comments Wanna chat about something non-infosec amongst those of us who frequent /c/cybersecurity? Here’s your chance! (Keep things civil & respectful please)INFOSEC.PUB
6 DecTackling Barriers on the Road To Cyber Resilience - Theresa Lanowitz - ESW #386In this final installment of a trio of discussions with Theresa Lanowitz about Cyber Resilience, we put it all together and attempt to figure out what the road to cyber resilience looks like, and what barriers security leaders will have to tackle along the way. We'll discuss: - H…YOUTUBE.COM
6 DecTrump's AI, Crypto Czar David Sacks Faces Conflict ScrutinyDavid Sacks Appointed as Trump's AI and Crypto Czar Amid Growing Industry Concerns President-elect Donald Trump's appointment of former PayPal executive David Sacks to serve as the inaugural White House czar for artificial intelligence and cryptocurrency is already raising signif…DATABREACHTODAY.CO.UK
6 DecDeloitte, e-Tattoos, Cp3o, Chemonics, IPv6, 6, Chinese Emperors, Aaran Leyland... - SWN #435Deloitte, e-Tattoos, Web 3.0, Cp3o, Chemonics, IPv6, the Number 6, Chinese Emperors, Aaran Leyland, and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-435YOUTUBE.COM
6 DecAction against ‘phone phishing’ gang in Belgium and the Netherlands: eight arrestssubmitted by Joker to cybersecurity 1 points | 0 comments https://www.eurojust.europa.eu/news/action-against-phone-phishing-gang-belgium-and-netherlands-eight-arrestsINFOSEC.PUB
6 DecHoliday Season Cyber Threats (Part 1): Phishing, Fake Shops and Bogus Bookingssubmitted by Joker to cybersecurity 1 points | 0 comments https://intel471.com/blog/holiday-season-cyber-threats-part-1-phishing-fake-shops-and-bogus-bookingsINFOSEC.PUB
🌐 CYBER THREAT LANDSCAPE 3[−]
6 DecKaspersky SIEM improvements in Q4 2024 | Kaspersky official blogDetection of tactics T1547.002, T1547.005, T1556.002, T1037.003 and other improvements to the Kaspersky Unified Monitoring and Analysis Platform.KASPERSKY.COM
6 DecCrypto-stealing malware posing as a meeting app targets Web3 prosCybercriminals are targeting people working in Web3 with fake business meetings using a fraudulent video conferencing platform that infects Windows and Macs with crypto-stealing malware. [...]BLEEPINGCOMPUTER.COM
6 DecFSB Uses Trojan App to Monitor Russian Programmer Accused of Supporting UkraineA Russian programmer accused of donating money to Ukraine had his Android device secretly implanted with spyware by the Federal Security Service (FSB) after he was detained earlier this year. The findings come as part of a collaborative investigation by First Department and the U…THEHACKERNEWS.COM
📰 CYBERSECURITY BRIEFINGS 1[−]
6 DecAnnual Market Roundup: Cybersecurity’s Big Moves! 🛡️Curious about what’s next in the cybersecurity world? 🛡️ Join us as we break down the biggest moves in the industry with expert insights from our annual market roundup! 🚀 From IPOs to unicorn startups and predictions for 2024 and beyond, this is your chance to stay ahead of the c…YOUTUBE.COM
📡 INFOSEC NEWS 9[−]
6 DecConquering the Complexities of Modern BCDRThe modern business landscape is thrilling yet daunting. Rapidly evolving technology, persistent cyberthreats and escalating operational complexities make data protection and seamless business continuity challenging for businesses of all sizes. Your organization needs robust secu…THEHACKERNEWS.COM
6 DecWeaponized AI: Hot for Fraud, Not for Election InterferenceFBI Sees Rising AI-Enabled Fraud; Meta Reports Scant Election Interference Use Artificial intelligence: What's it good for? Per the old song about war, the answer isn't "absolutely nothing," but so far it also isn't "absolutely everything." New findings pinpoint where generative …DATABREACHTODAY.CO.UK
6 DecRemote Job Scams: Are You Really Safe?Remote jobs sound perfect, right? But how do you know if the opportunity is real or just a scam? With fake job ads on the rise, it’s getting harder to tell what’s legit. This short dives into the dangers of remote job applications, from sketchy job ads to fake recruiters. Don’t f…YOUTUBE.COM
6 DecHow Hackers Use Corrupted Files to Bypass Security 🛡️Hackers are now using corrupted files to sneak past your security! These broken MS Office docs and archive files bypass antivirus systems, but the danger doesn’t stop there. MS Word and WinRAR repair these files automatically, exposing you to phishing scams. Watch to learn how to…YOUTUBE.COM
6 DecA16z-backed Toka wants to help US agencies hack into security cameras and other IoT devicesAn Israeli startup specializing in penetrating IoT devices says it's hiring to "support new business growth" in the US government market. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
6 DecProtecting the C-Suite in the Wake of UHC CEO's MurderThe torrents of public hostility directed at health insurers in the aftermath of UnitedHealthCare CEO Brian Thompson's murder are serious signs of intensifying cyber and physical threats facing the C-suites of healthcare and many other sectors, said Chris Pierson, founder and CEO…DATABREACHTODAY.CO.UK
6 DecMicrosoft expands Recall preview to Intel and AMD Copilot+ PCsMicrosoft is now testing its AI-powered Recall feature on AMD and Intel-powered Copilot+ PCs enrolled in the Windows 11 Insider program. [...]BLEEPINGCOMPUTER.COM
6 DecSnyk hits $300M ARR but isn’t rushing to go publicSeveral factors indicate that Snyk, most recently valued at $7.4 billion, could IPO soon. But the CEO told us why it might not. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM