195Articles
10Categories
2024-12-10Date
🚨 CISA KEV 1[−]
10 Dec KEVCISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its  Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2024-49138 Microsoft Windows Common Log File System (CLFS) Driver Heap-Based Buffer Overflow Vulnerability These types of vulnerabilities are …CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 79[−]
10 DecMauri Ransomware Leverages Apache ActiveMQ Vulnerability to Deploy CoinMinersThe Apache ActiveMQ server is vulnerable to remote code execution (CVE-2023-46604), where attackers can exploit this vulnerability by manipulating serialized class types in the OpenWire protocol to load malicious class configurations from external sources. Successful exploitation…GBHACKERS.COM
10 DecDell Warns of Critical Code Execution Vulnerability in Power ManagerDell Technologies has issued a security advisory, DSA-2024-439, to alert users of a critical vulnerability in its Dell Power Manager software. The vulnerability, identified as CVE-2024-49600, could allow malicious attackers to execute arbitrary code and gain elevated privileges o…GBHACKERS.COM
10 DecCritical SAP Vulnerabilities Let Attackers Upload Malicious PDF FilesSAP has issued Security Note 3536965 to address multiple high-severity vulnerabilities in the Adobe Document Services of SAP NetWeaver AS for JAVA. These vulnerabilities, identified as CVE-2024-47578, CVE-2024-47579, and CVE-2024-47580, allow attackers to manipulate or upload mal…GBHACKERS.COM
10 Dec KEVCleo File Transfer Tool Vulnerability Exploited in Wild Against EnterprisesCVE-2024-50623, an improperly patched vulnerability affecting Cleo file transfer tools, has been exploited in the wild. The post Cleo File Transfer Tool Vulnerability Exploited in Wild Against Enterprises appeared first on SecurityWeek .SECURITYWEEK.COM
10 DecCVE-2024-49059 Microsoft Office Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
10 DecCVE-2024-49069 Microsoft Excel Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
10 DecCVE-2024-49084 Windows Kernel Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
10 DecCVE-2024-49107 WmsRepair Service Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
10 DecCVE-2024-49117 Windows Hyper-V Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
10 DecCVE-2024-49142 Microsoft Access Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
10 DecCVE-2024-43600 Microsoft Office Elevation of Privilege VulnerabilityInformation published.MSRC.MICROSOFT.COM
10 DecCVE-2024-49063 Microsoft/Muzic Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
10 DecCVE-2024-49065 Microsoft Office Remote Code Execution VulnerabilityInformation published.MSRC.MICROSOFT.COM
10 DecMicrosoft Patch Tuesday: December 2024, (Tue, Dec 10th)Microsoft today released patches for 71 vulnerabilities. 16 of these vulnerabilities are considered critical. One vulnerability (CVE-2024-49138) has already been exploited, and details were made public before today&#;x26;#;39;s patch release. ISC.SANS.EDU
10 DecOpenWrt Update Flaw Exposed Devices to Malicious FirmwareEmbedded Device Operating Sytem Had Flaw Allowing Hacers to Bypass Integrity Check A critical flaw in the updating service of a popular Linux operating system for embedded devices could enable hackers to compromise firmware with malicious images. OpenWrt developers patched the vu…DATABREACHTODAY.CO.UK
10 DecIvanti Releases Security Updates for Multiple ProductsIvanti released security updates to address vulnerabilities in Ivanti Cloud Service Application, Ivanti Desktop and Server Management (DSM), Ivanti Connect Secure and Police Secure, Ivanti Sentry, and Ivanti Patch SDK. CISA encourages users and administrators to review the follow…CISA.GOV
10 DecAttackers exploit zero-day RCE flaw in Cleo managed file transferSecurity researchers have warned about in-the-wild attacks that exploit a remote code execution vulnerability in managed file transfer (MFT) solutions developed by enterprise software vendor Cleo Communications.The impacted products include the latest versions of Cleo LexiCom, Cl…CSOONLINE.COM
⚠️ VULNERABILITY DISCLOSURE 43[−]
10 DecEDR-Software – ein KaufratgeberEDR-Software verhindert Endpunkt-Sicherheitsdebakel. Die richtige Lösung vorausgesetzt. SvetaZi | shutterstock.com Software im Bereich Endpoint Detection and Response (EDR) erfreut sich weiterhin steigender Beliebtheit – und wird mit zunehmender Reife immer effektiver. EDR-Lösung…CSOONLINE.COM
10 DecCybersecurity-Defizite bedrohen DeutschlandIn Deutschland erhält das Thema Cybersecurity immer noch nicht die nötige Aufmerksamkeit. Askhat Gilyakhov – Shutterstock.com Laut dem Fortinet Global Cybersecurity Skills Gap Report 2024 erlebten 2023 fast 90 Prozent der deutschen Unternehmen mindestens einen Sicherheitsvorfall,…CSOONLINE.COM
10 DecTop tips for CISOs running red teamsRed team is the de facto standard in offensive security testing when you want to know how all security investments — from technological controls to user training to response procedures — work together when subjected to a targeted attack. Unlike penetration testing , which aims to…CSOONLINE.COM
10 DecAuthorities Dismantled Hackers Who Stolen Millions Using AirBnBAn international cybercrime network responsible for stealing millions of euros across at least ten European countries has been dismantled in a joint operation by the Rotterdam Police Cybercrime Team and the Belgian police. The sophisticated criminal group employed phishing scheme…GBHACKERS.COM
10 DecHackers Target Android Users via WhatsApp to Steal Sensitive DataResearchers analyzed a malicious Android sample created using Spynote RAT, targeting high-value assets in Southern Asia, which, likely deployed by an unknown threat actor, aims to compromise sensitive information. Although the target’s precise location and nature have not b…GBHACKERS.COM
10 DecOngoing Phishing and Malware Campaigns in December 2024Cyber attackers never stop inventing new ways to compromise their targets. That's why organizations must stay updated on the latest threats.  Here's a quick rundown of the current malware and phishing attacks you need to know about to safeguard your infrastructure before the…THEHACKERNEWS.COM
10 DecCERT-UA Warns of Phishing Attacks Targeting Ukraine’s Defense and Security ForceThe Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new set of cyber attacks that it said were aimed at defense companies in the country as well as its security and defense forces. The phishing attacks have been attributed to a Russia-linked threat actor cal…THEHACKERNEWS.COM
10 DecHackers are exploiting a flaw in popular file-transfer tools to launch mass hacks, againThreat actors are exploiting a high-risk bug in Cleo software - and Huntress warns that fully-patched systems are vulnerable © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
10 DecMicrosoft NTLM Zero-Day to Remain Unpatched Until Aprilsubmitted by kid to cybersecurity 1 points | 0 comments https://www.darkreading.com/application-security/microsoft-ntlm-zero-day-remain-unpatched-aprilSH.ITJUST.WORKS
10 DecPhone Phishing Gang Busted: Eight Arrested in Belgium and NetherlandsBelgian and Dutch authorities have arrested eight suspects in connection with a "phone phishing" gang that primarily operated out of the Netherlands with an aim to steal victims' financial data and funds. As part of the international operation, law enforcement agencies carried ou…THEHACKERNEWS.COM
10 DecCisco Says Flaws in Industrial Routers, BGP Tool Remain Unpatched 8 Months After DisclosureCisco Talos has disclosed the details of apparently unpatched vulnerabilities in MC Technologies industrial routers and the GoCast BGP tool. The post Cisco Says Flaws in Industrial Routers, BGP Tool Remain Unpatched 8 Months After Disclosure appeared first on SecurityWeek .SECURITYWEEK.COM
10 DecAWS customers face massive breach amid alleged ShinyHunters regroupTerabytes of data belonging to thousands of AWS customers, including customer details, AWS credentials, and proprietary source code, were compromised in a large-scale cyber operation linked to the now-defunct ShinyHunters hacking group. Independent cybersecurity researchers, Noam…CSOONLINE.COM
10 DecWebinar Today: Inside a Hacker’s Playbook – How Cybercriminals Use DeepfakesJoin the live, eye-opening session that pulls back the curtain on how bad actors exploit social engineering tactics, like deepfake technology and Business Email Compromise (BEC). The post Webinar Today: Inside a Hacker’s Playbook – How Cybercriminals Use Deepfakes appeared …SECURITYWEEK.COM
10 DecThe Future of Network Security: Automated Internal and External PentestingIn today’s rapidly evolving threat landscape, safeguarding your organization against cyberattacks is more critical than ever. Traditional penetration testing (pentesting), while effective, often falls short due to its high costs, resource requirements, and infrequent implementati…THEHACKERNEWS.COM
10 DecEU cybersecurity rules for smart devices enter into forceRules for boosting the security of connected devices have entered into force in the European Union. The Cyber Resilience Act (CRA) puts obligations on product makers to provide security support to consumers, such as by updating their software to fix security vulnerabilities. Alth…TECHCRUNCH.COM
10 DecAstrix's $45B Series B Targets Non-Human Identity SecurityStartup Aims to Secure AI Agents, Expand Global Reach, Do User Access Management Astrix raises $45 million to advance AI agent security and expand its global presence. The company plans to double its workforce, focusing on anomaly detection and fingerprinting techniques for non-h…DATABREACHTODAY.CO.UK
10 DecSAP Patches Critical Vulnerability in NetWeaverSAP has released patches for 16 vulnerabilities, including a critical-severity SSRF bug in NetWeaver (Adobe Document Services). The post SAP Patches Critical Vulnerability in NetWeaver appeared first on SecurityWeek .SECURITYWEEK.COM
10 DecAstrix's $45M Series B Targets Non-Human Identity SecurityStartup Aims to Secure AI Agents, Expand Global Reach, Do User Access Management Astrix raises $45 million to advance AI agent security and expand its global presence. The company plans to double its workforce, focusing on anomaly detection and fingerprinting techniques for non-h…DATABREACHTODAY.CO.UK
10 DecNew Cleo zero-day RCE flaw exploited in data theft attacksHackers are actively exploiting a zero-day vulnerability in Cleo managed file transfer software to breach corporate networks and conduct data theft attacks. [...]BLEEPINGCOMPUTER.COM
10 DecPhishing Attacks Are Now Leveraging Google Ads to Hijack Employee PaymentsResearchers at Silent Push warn that a phishing campaign is using malicious Google Ads to conduct payroll redirect scams.KNOWBE4.COM
10 DecCloud Security at Risk: Tackling Misconfigurations Head-On - Nadia Mazzarolo - CSP #204In this episode, we dive into the critical role of proper configurations in cloud environments and why misconfigurations remain the leading cause of security breaches. From overly permissive access controls to unencrypted data stores and default credentials left unchanged, we exp…YOUTUBE.COM
10 DecLooking Back on 2024 - ASW #310We do our usual end of year look back on the topics, news, and trends that caught our attention. We covered some OWASP projects, the ongoing attention and promises of generative AI, and big events from the XZ Utils backdoor to Microsoft's Recall to Crowdstrike's outage. Segment r…YOUTUBE.COM
10 DecCISA Releases Seven Industrial Control Systems AdvisoriesCISA released seven Industrial Control Systems (ICS) advisories on December 10, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-345-01 MOBATIME Network Master Clock ICSA-24-345-02 Schneider El…CISA.GOV
10 DecCleo File Transfer Vulnerability Under Exploitation – Patch Pending, Mitigation UrgedUsers of Cleo-managed file transfer software are being urged to ensure that their instances are not exposed to the internet following reports of mass exploitation of a vulnerability affecting fully patched systems. Cybersecurity company Huntress said it discovered evidence of thr…THEHACKERNEWS.COM
10 DecBlack Hat Europe preview: Cryptographic protocol attacks and AI in the spotlightThis week in London Black Hat Europe will feature a diverse range of talks and presentations covering the latest developments in cybersecurity. The opening keynote on Wednesday will be delivered by Frédérick Douzet, a professor of geopolitics at the University of Paris 8, and dir…CSOONLINE.COM
10 DecAnton’s Security Blog Quarterly Q4 2024Amazingly, Medium has fixed the stats so my blog/podcast quarterly is back to life. As before , this covers both Anton on Security and my posts from Google Cloud blog , and our Cloud Security Podcast ( subscribe ). Meta AI creation, steampunk theme Top 10 posts with the most life…MEDIUM.COM
10 DecUS sanctions Chinese cybersecurity firm for firewall hacks targeting critical infrastructureThe U.S. sanctioned a Chinese cybersecurity company and one of its employees for exploiting a zero-day vulnerability in Sophos firewalls to target U.S. organizations. On Tuesday, the U.S. Treasury Department said Guan Tianfeng, an employee of Sichuan Silence, used the vulnerabili…TECHCRUNCH.COM
10 Dec KEVMicrosoft December 2024 Patch Tuesday fixes 1 exploited zero-day, 71 flawsToday is Microsoft's December 2024 Patch Tuesday, which includes security updates for 71 flaws, including one actively exploited zero-day vulnerability. [...]BLEEPINGCOMPUTER.COM
10 DecMicrosoft December 2024 Patch Tuesday fixes 1 exploited zero-day, 71 flawssubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/microsoft/microsoft-december-2024-patch-tuesday-fixes-1-exploited-zero-day-71-flaws/SH.ITJUST.WORKS
10 DecGoogle Cloud expands vulnerability detection for Artifact Registry using OSVPosted by Greg Mucci, Product Manager, Artifact Analysis, Oliver Chang, Senior Staff Engineering, OSV, and Charl de Nysschen, Product Manager OSV D evOps teams dedicated to securing their supply chain and predicting potential risks consistently face novel threats. Fortunately, th…SECURITY.GOOGLEBLOG.COM
10 DecMicrosoft Releases December 2024 Security UpdatesMicrosoft released security updates to address vulnerabilities in multiple Microsoft products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following and apply necess…CISA.GOV
10 DecAdobe Releases Security Updates for Multiple ProductsAdobe released security updates to address vulnerabilities in multiple Adobe software products including Adobe Acrobat, Adobe Illustrator, and Adobe InDesign. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected system.    CISA…CISA.GOV
10 DecHackers Exploit AWS Misconfigurations in Massive Data Breachsubmitted by kid to cybersecurity 1 points | 0 comments https://www.infosecurity-magazine.com/news/hackers-exploit-aws/SH.ITJUST.WORKS
10 DecIvanti warns of maximum severity CSA auth bypass vulnerabilityIvanti warned customers on Tuesday about a new maximum-severity authentication bypass vulnerability in its Cloud Services Appliance (CSA) solution. [...]BLEEPINGCOMPUTER.COM
10 DecUS Indicts, Sanctions Alleged Chinese Sophos Firewall HackerTianfeng Guan Allegedly Developed Zero-Day Exploit of Sophos XG Firewall The U.S. federal government rolled out its heavy guns Tuesday against a Chinese hacker allegedly at the center of a zero-day exploit used to hack firewalls made by Sophos, unsealing an indictment, rolling ou…DATABREACHTODAY.CO.UK
10 DecWPForms bug allows Stripe refunds on millions of WordPress sitesA vulnerability in WPForms, a WordPress plugin used in over 6 million websites, could allow subscriber-level users to issue arbitrary Stripe refunds or cancel subscriptions. [...]BLEEPINGCOMPUTER.COM
10 DecMicrosoft Ships Urgent Patch for Exploited Windows CLFS Zero-DayPatch Tuesday: Redmond patches 71 security flaws and calls immediate attention to an exploited Windows zero-day reported by CrowdStrike. The post Microsoft Ships Urgent Patch for Exploited Windows CLFS Zero-Day appeared first on SecurityWeek .SECURITYWEEK.COM
10 Dec“CP3O” pleads guilty to multi-million dollar cryptomining schemeA man faces up to 20 years in prison after pleading guilty to charges related to an illegal cryptomining operation that stole millions of dollars worth of cloud computing resources. Read more in my article on the Hot for Security blog.BITDEFENDER.COM
10 DecChina’s Propaganda Expansion: Inside the Rise of International Communication Centers (ICCs)submitted by Joker to cybersecurity 1 points | 0 comments https://www.recordedfuture.com/research/breaking-the-circle-chinese-communist-party-propaganda Summary > China is rapidly advancing its global propaganda strategies through international communication centers (ICCs), wi…INFOSEC.PUB
10 DecThreat Actors Exploit Flaw in Cleo File Transfer Tools ‘En Masse’submitted by Joker to cybersecurity 1 points | 0 comments https://www.vulnu.com/p/threat-actors-exploit-flaw-in-cleo-file-transfer-tools-en-masseINFOSEC.PUB
10 DecChina-Based Hacker Charged for Conspiring to Develop and Deploy Malware That Exploited Tens of Thousands of Firewalls Worldwidesubmitted by Joker to cybersecurity 1 points | 0 comments https://www.justice.gov/usao-ndin/pr/china-based-hacker-charged-conspiring-develop-and-deploy-malware-exploited-tens A federal court in Hammond, Indiana, unsealed an indictment today charging Guan Tianfeng, a citizen of th…INFOSEC.PUB
10 DecCitrix Acquisitions Boost Zero-Trust Defense for Hybrid WorkdeviceTrust, Strong Network Acquisitions Improve Zero Trust, Developer Protections Citrix enhances its security for hybrid work by acquiring deviceTrust and Strong Network. Purchasing these European startups boosts protection for VDI, DaaS and cloud development, empowering organi…DATABREACHTODAY.CO.UK
10 DecCritical Patches Issued for Microsoft Products, December 10, 2024Multiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged-on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, o…CISECURITY.ORG
📋 SECURITY BULLETINS 1[−]
10 DecMicrosoft Patch Tuesday December 2024, Patch for 16 Critical Security FlawsIn its final Patch Tuesday of 2024, Microsoft has released a significant security update addressing a total of 71 vulnerabilities, including 16 critical flaws. This December update marks a crucial milestone in Microsoft’s ongoing efforts to enhance the security of its produ…GBHACKERS.COM
📢 SECURITY ADVISORIES 5[−]
10 DecRomanian energy supplier Electrica hit by ransomwareFirst, the Romanian presidential election was annulled after being targeted with cyberattacks from foreign state-sponsored actors and a suspected Russian-controlled massive TikTok influence campaign. Now the Electrica Group, a major electricity provider with 3.8 million customers…CSOONLINE.COM
10 DecFinancial Sector Turning to Multi-Vendor Cloud StrategiesReport: Financial Orgs Shift to Multi-Cloud to Address Cyber Threats and Regulation Financial institutions are increasingly adopting multi-cloud strategies to mitigate rising cyber risks and comply with complex regulations, according to a new report. The move enhances flexibility…DATABREACHTODAY.CO.UK
10 DecNew Microsoft Purview features help protect and govern your data in the era of AIMicrosoft Purview delivers unified data security, governance, and compliance for the era of AI. Read about the new features. The post New Microsoft Purview features help protect and govern your data in the era of AI appeared first on Microsoft Security Blog .MICROSOFT.COM
🔥 INCIDENT REPORTING 19[−]
10 DecAPT-C-53 Weaponizing LNK Files To Deploy Malware Into Target SystemsGamaredon, a persistent threat actor since 2013, targets the government, defense, diplomacy, and media sectors of their victims, primarily through cyberattacks, to gain sensitive information and disrupt operations. It continues to employ sophisticated tactics, leveraging maliciou…GBHACKERS.COM
10 DecU.S. Subsidiary of a Japanese water Treatment Company Hit By Ransomware AttackKurita America Inc. (KAI), the North American subsidiary of Tokyo-based Kurita Water Industries Ltd., has confirmed it was the victim of a ransomware attack that compromised multiple servers and potentially leaked sensitive data. The attack was detected on Friday, November 29, 20…GBHACKERS.COM
10 DecBlack Basta Ransomware Leverages Microsoft Teams To Deliver Malicious PayloadsIn a resurgence since May 2024, the Black Basta ransomware campaign has exhibited a troubling escalation in its attack methods, incorporating a multi-stage infection chain that blends social engineering, a custom packer, a mix of malware payloads, and advanced delivery techniques…GBHACKERS.COM
10 DecNew Meeten Malware Attacking macOS And Windows Users To Steal LoginsA sophisticated crypto-stealing malware, Realst, has been targeting Web3 professionals, as the threat actors behind this campaign have employed AI-generated content to create fake companies, such as “Meetio,” to appear legitimate.  By tricking victims into partic…GBHACKERS.COM
10 DecFrom Vulnerabilities to Breaches: The Shiny Nemesis Cyber Operationsubmitted by Joker to cybersecurity 1 points | 0 comments https://www.vpnmentor.com/news/shiny-nemesis-report/INFOSEC.PUB
10 Dec'Operation Digital Eye' Attack Targets European IT Orgssubmitted by kid to cybersecurity 1 points | 0 comments https://www.darkreading.com/cyberattacks-data-breaches/operation-digital-eye-attack-targets-european-it-orgsSH.ITJUST.WORKS
10 DecDeloitte responds to ransomware claims, says one client system involvedsubmitted by kid to cybersecurity 1 points | 0 comments https://www.scworld.com/news/deloitte-responds-to-ransomware-claims-says-one-client-system-involvedSH.ITJUST.WORKS
10 DecRansomware attack hits leading heart surgery device makersubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/ransomware-attack-hits-leading-heart-surgery-device-maker/SH.ITJUST.WORKS
10 DecChinese hackers use Visual Studio Code tunnels for remote accessChinese hackers targeting large IT service providers in Southern Europe were seen abusing Visual Studio Code (VSCode) tunnels to maintain persistent access to compromised systems. [...]BLEEPINGCOMPUTER.COM
10 DecAxios and Unit 42’s Sam Rubin Discuss Disruptive CyberattacksSam Rubin, SVP of Consulting and Threat Intelligence at Unit 42, spoke with Sam Sabin, cybersecurity reporter at Axios, about destructive cyberattacks. The post Axios and Unit 42’s Sam Rubin Discuss Disruptive Cyberattacks appeared first on Palo Alto Networks Blog .PALOALTONETWORKS.COM
10 DecTermite-Bande bekennt sich zu Blue Yonder-HackDie Ransomware-Bande Termite ist offenbar für den Hackerangriff auf den SaaS-Anbieter Blue Yonder verantwortlich. DC Studio – Shutterstock.com Die Ransomware-Gruppe Termite hat jetzt die Verantwortung für den Angriff beim Software-as-a-Service (SaaS)-Anbieter Blue Yonder im Novem…CSOONLINE.COM
10 DecInside the incident: Uncovering an advanced phishing attackRecently, Varonis investigated a phishing campaign in which a malicious email enabled a threat actor to access the organization. This blog post will reveal the tactics used to avoid detection and share what was discovered during the investigation. [...]BLEEPINGCOMPUTER.COM
10 DecPhishing Holds the Top Spot as the Primary Entry Point for Ransomware AttacksNew analysis of ransomware attacks shows that phishing is the primary delivery method and organizations need to offer more effective security awareness training to mitigate the threat.KNOWBE4.COM
10 DecDefault Passwords Are STILL Getting Companies Hacked 🤦Default passwords are still causing massive security breaches in 2024 🤯. From high-risk user targeting to social engineering tricks, these six shocking lessons from the latest cybersecurity report will leave you rethinking your company’s defenses. Watch to learn how even Coke mac…YOUTUBE.COM
10 DecUS sanctions Chinese firm for hacking firewalls in ransomware attacks​The U.S. Treasury Department has sanctioned Sichuan Silence, a Chinese cybersecurity company, and one of its employees for their involvement in a series of Ragnarok ransomware attacks targeting U.S. critical infrastructure companies and many other victims worldwide in April 2020…BLEEPINGCOMPUTER.COM
10 DecHead Mare Intensifies Attacks On Russia With PhantomCoresubmitted by Joker to cybersecurity 2 points | 0 comments https://cyble.com/blog/head-mare-deploys-phantomcore-against-russia/ Key takeaways > - Cyble Research and Intelligence Labs (CRIL) has identified a campaign associated with the infamous group Head Mare aimed at targetin…INFOSEC.PUB
10 Dec3AM ransomware: what you need to knowThe 3AM ransomware first emerged in late 2023. Like other ransomware, 3AM exfiltrates victims' data (demanding a ransom is paid) and encrypts the copies left behind. Here's what you need to know. Read more in my article on the Tripwire State of Security blog.TRIPWIRE.COM
10 DecWyden proposes bill to secure US telecoms after Salt Typhoon hacksU.S. Senator Ron Wyden of Oregon announced a new bill to secure the networks of American telecommunications companies breached by Salt Typhoon Chinese state hackers earlier this year. [...]BLEEPINGCOMPUTER.COM
10 DecHospital Notifies 316,000 of Breach in Christmas 2023 HackCybercriminal Gang Money Message Claims Credit, Publishes Stolen Records A Massachusetts hospital is notifying 316,000 people that their information was compromised in a cyberattack discovered nearly a year ago on Christmas 2023. Cybercriminal group Money Message had claimed that…DATABREACHTODAY.CO.UK
🕵️ THREAT INTELLIGENCE 31[−]
10 DecISC Stormcast For Tuesday, December 10th, 2024 https://isc.sans.edu/podcastdetail/9248, (Tue, Dec 10th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
10 DecHackers Can Hijack Your Terminal Via Prompt Injection using LLM-powered AppsResearchers have uncovered that Large Language Models (LLMs) can generate and manipulate ANSI escape codes, potentially creating new security vulnerabilities in terminal-based applications. ANSI escape sequences are a standardized set of control characters used by terminal emulat…GBHACKERS.COM
10 DecHackers Attacking Global Sporting Championships Via Fake Domains To Steal LoginsCybercriminals online take advantage of well-known events to register malicious domains with keywords related to the event, with the intention of tricking users through phishing and other fraudulent schemes.  The analysis examines event-related abuse trends across domain reg…GBHACKERS.COM
10 DecLet’s Encrypt to End Support for Online Certificate Status Protocol (OCSP)Let’s Encrypt has officially announced its timeline to phase out support for the Online Certificate Status Protocol (OCSP). The nonprofit Certificate Authority (CA) plans to fully transition to Certificate Revocation Lists (CRLs) by mid-2025, citing privacy concerns and efficienc…GBHACKERS.COM
10 DecResearchers Uncovered Hackers Infrastructre Using Passive DNS TechniqueCybersecurity researchers have unveiled an advanced technique to uncover hackers’ operational infrastructure using passive DNS data. This groundbreaking method sheds light on how attackers establish and maintain their networks to perpetrate malicious activities while remain…GBHACKERS.COM
10 Dec$50 Million Radiant Capital Heist Blamed on North Korean HackersRadiant Capital says a North Korean threat actor stole $50 million in assets in a sophisticated October attack. The post $50 Million Radiant Capital Heist Blamed on North Korean Hackers appeared first on SecurityWeek .SECURITYWEEK.COM
10 DecZukunft schenken und die Hacker School unterstützenMitmachen und Zukunft schenken. In einer Zeit, in der IT-Technik und digitale Tools alle Facetten unseres Arbeitens und unseres Lebens beeinflussen, gehören digitale Skills einfach dazu. Es geht um Programmieren, Future Skills, KI-Kompetenz und IT-Berufsorientierung für die nächs…CSOONLINE.COM
10 DecMicrosoft Rolls Out Default NTLM Relay Attack MitigationsMicrosoft has rolled out new default security protections that mitigate NTLM relaying attacks across on-premises Exchange, AD CS, and LDAP services. The post Microsoft Rolls Out Default NTLM Relay Attack Mitigations appeared first on SecurityWeek .SECURITYWEEK.COM
10 DecOngoing Phishing and Malware Campaigns in December 2024submitted by kid to cybersecurity 1 points | 0 comments https://thehackernews.com/2024/12/ongoing-phishing-and-malware-campaigns.htmlSH.ITJUST.WORKS
10 DecMysterious Drone-Like Objects Disrupting Electronics in New Jerseysubmitted by kid to cybersecurity 2 points | 0 comments https://www.cybersecurity-insiders.com/mysterious-drone-like-objects-disrupting-electronics-in-new-jersey-is-it-a-new-cyber-threat-or-something-more/?SH.ITJUST.WORKS
10 DecRadiant links $50 million crypto heist to North Korean hackerssubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/radiant-links-50-million-crypto-heist-to-north-korean-hackers/SH.ITJUST.WORKS
10 DecRussian hacktivists target oil, gas and water sectors worldwidesubmitted by kid to cybersecurity 2 points | 0 comments https://www.scworld.com/news/russian-hacktivist-groups-target-oil-and-gas-and-water-sectors-worldwideSH.ITJUST.WORKS
10 DecOpenWrt supply chain attack scare prompts urgent upgradessubmitted by kid to cybersecurity 2 points | 0 comments https://www.theregister.com/2024/12/09/openwrt_firmware_vulnerabilities/SH.ITJUST.WORKS
10 DecHackers Weaponize Visual Studio Code Remote Tunnels for Cyber EspionageA suspected China-nexus cyber espionage group has been attributed to an attacks targeting large business-to-business IT service providers in Southern Europe as part of a campaign codenamed Operation Digital Eye. The intrusions took place from late June to mid-July 2024, cybersecu…THEHACKERNEWS.COM
10 DecWhatsApp patches View Once flaw exposing vanishing mediasubmitted by kid to cybersecurity 2 points | 0 comments https://www.theregister.com/2024/12/10/whatsapp_view_once/SH.ITJUST.WORKS
10 DecFull-Face Masks to Frustrate IdentificationThis is going to be interesting. It’s a video of someone trying on a variety of printed full-face masks. They won’t fool anyone for long, but will survive casual scrutiny. And they’re cheap and easy to swap.SCHNEIER.COM
10 DecAstrix Security Banks $45M Series B to Secure Non-Human IdentitiesTel Aviv company building software to secure non-human identities banks a $45 million funding round led by Menlo Ventures. The post Astrix Security Banks $45M Series B to Secure Non-Human Identities appeared first on SecurityWeek .SECURITYWEEK.COM
10 DecMicrosoft Bets $10,000 on Prompt Injection Protections of LLM Email ClientMicrosoft offers $10,000 in rewards to researchers who can manipulate a realistic simulated LLM-integrated email client. The post Microsoft Bets $10,000 on Prompt Injection Protections of LLM Email Client appeared first on SecurityWeek .SECURITYWEEK.COM
10 DecMicrosoft 365 outage takes down Office web apps, admin centersubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/microsoft/microsoft-365-outage-takes-down-office-web-apps-admin-center/SH.ITJUST.WORKS
10 DecVisual Studio Tunnels Abused For Stealthy Remote AccessIn an attack campaign dubbed “Operation Digital Eye,” a suspected China-nexus threat actor has been observed targeting business-to-business IT service providers in Southern Europe.  The attack operation lasted roughly three weeks, from late June to mid-July 2024.…GBHACKERS.COM
10 DecWhy identity threat detection and response matters: 5 key risksAs identity threat detection and response (ITDR) technology evolves, one of the most common queries we get is: “Why do we need ITDR if we leverage user behavior analytics (UBA) within our security operations (SecOps)?” To answer this question, we will take a look at t…SECURITYINTELLIGENCE.COM
10 DecRedLine Malware Weaponizing Pirated Corporate Softwares To Steal LoginsAttackers are distributing a malicious .NET-based HPDxLIB activator disguised as a new version, which is signed with a self-signed certificate, and targets entrepreneurs automating business processes and aims to compromise their systems. They are distributing malicious activators…GBHACKERS.COM
10 DecOWASP Stockholm Meetup Oct 2024 - Secure Software Development Eveningsubmitted by ashar to security_cpe 1 points | 0 comments https://infosec.pub/pictrs/image/a9a19689-cc30-43a3-a5d3-aeb6e424d4bc.png OWASP Stockholm Meetup Oct 2024 - Secure Software Development Evening part 1 - principles of secure development part 2 - Application security: AI gen…INFOSEC.PUB
10 DecManufacturing Companies Targeted with New Lumma Campaignsubmitted by Joker to cybersecurity 1 points | 0 comments https://any.run/cybersecurity-blog/manufacturing-companies-targeted-with-lumma/ The manufacturing industry has long been a target of cybercriminals. While data encryption has been a prevalent tactic in recent years, threat…INFOSEC.PUB
10 DecAI's Junk Vulns, Web3 Backdoor, LLM CTFs, 5 GenAI Mistakes, Top Ten for LLMs - ASW #310Curl and Python (and others) deal with bad vuln reports generated by LLMs, supply chain attack on Solana, comparing 5 genAI mistakes to OWASP's Top Ten for LLM Applications, a Rust survey, and more! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes:…YOUTUBE.COM
10 DecSatya Nadella's Vision for Microsoft: AI, AI and AICopilot Enhancements and Other Key Announcements From Microsoft Ignite 2024 Advanced AI took the center stage at Microsoft Ignite 2024. Reflecting on AI as the "most transformative technology of our time," CEO Satya Nadella set the tone for Microsoft's future where every facet of…DATABREACHTODAY.CO.UK
10 DecWald.ai Raises $4M in Seed Funding to Protect Data in Conversations With AI AssistantsWald.ai has raised $4 million in seed funding for a solution designed to ensure data protection when organizations use AI assistants. The post Wald.ai Raises $4M in Seed Funding to Protect Data in Conversations With AI Assistants appeared first on SecurityWeek .SECURITYWEEK.COM
10 DecAppLite: A New AntiDot Variant Targeting Mobile Employee Devicessubmitted by Joker to cybersecurity 2 points | 0 comments https://www.zimperium.com/blog/applite-a-new-antidot-variant-targeting-mobile-employee-devices/ Executive Summary > The zLabs team identified a sophisticated Mishing (mobile-targeted phishing) campaign that delivers mal…INFOSEC.PUB
10 DecAMD’s trusted execution environment blown wide open by new BadRAM attacksubmitted by kid to cybersecurity 1 points | 0 comments https://arstechnica.com/information-technology/2024/12/new-badram-attack-neuters-security-assurances-in-amd-epyc-processors/SH.ITJUST.WORKS
10 DecAdobe Patches Over 160 Vulnerabilities Across 16 ProductsAdobe has patched over 160 vulnerabilities across over a dozen products, including Reader, Illustrator, Photoshop and Connect. The post Adobe Patches Over 160 Vulnerabilities Across 16 Products appeared first on SecurityWeek .SECURITYWEEK.COM
🌐 CYBER THREAT LANDSCAPE 2[−]
10 DecFake Recruiters Distribute Banking Trojan via Malicious Apps in Phishing ScamCybersecurity researchers have shed light on a sophisticated mobile phishing (aka mishing) campaign that's designed to distribute an updated version of the Antidot banking trojan. "The attackers presented themselves as recruiters, luring unsuspecting victims with job offers," Zim…THEHACKERNEWS.COM
10 DecSophos AI to present on how to defang malicious AI models at Black Hat Europe“LLMbotomy” research reveals how Trojans can be injected into Large Language Models, and how to disarm them.SOPHOS.COM
🎙️ PODCASTS 3[−]
10 DecADV240002 Microsoft Office Defense in Depth UpdateMicrosoft has released an update for Microsoft Office that provides enhanced security as a defense in depth measure.MSRC.MICROSOFT.COM
10 DecThe AI Fix #28: Robot dogs with bombs, and who is David Mayer?In episode 28 of The AI Fix, the new version of ChatGPT does a surprisingly good job of telling Mark how to defend himself from a flame thrower-wielding robot dog in his living room, Graham loses 30,000 robots on the head of a pin, our hosts meet a human washing machine from the …GRAHAMCLULEY.COM
10 DecHow cyber-secure is your business? | Unlocked 403 cybersecurity podcast (ep. 8)As cybersecurity is a make-or-break proposition for businesses of all sizes, can your organization's security strategy keep pace with today’s rapidly evolving threats?WELIVESECURITY.COM
📡 INFOSEC NEWS 11[−]
10 DecSophos Named One of Computerworld’s 2025 Best Places to Work in ITSophos has been recognized as one of Computerworld’s 2025 Best Places to Work in IT, ranking fifth in the “Midsize Companies” category for its commitment to fostering innovation, offering competitive benefits, and creating opportunities for IT professionals to grow and thrive.SOPHOS.COM
10 DecMicrosoft 365 outage takes down Office web apps, admin centerMicrosoft is investigating a widespread and ongoing Microsoft 365 outage impacting Office web apps and the Microsoft 365 admin center. [...]BLEEPINGCOMPUTER.COM
10 DecCohesity completes its merger with Veritas; here’s how they’ll integrateData protection startup Cohesity completed its merger with Veritas’ enterprise data protection business, creating one entity with 12,000 customers that is valued at $7 billion. The deal was originally announced in February 2024. Cohesity valued Carlyle-owned Veritas’ …TECHCRUNCH.COM
10 DecMimecast’s Big Moves: Elevate, Code42 & Aware Explained!Mimecast is making waves in the cybersecurity world with three game-changing acquisitions: Elevate Security, Code42, and Aware. But what does this mean for human risk management and insider threat detection? In this short, we break down how these moves could redefine the industry…YOUTUBE.COM
10 DecUS Senator announces new bill to secure telecom companies in wake of Chinese hacksU.S. Democratic Senator Ron Wyden announced a new draft bill with the goal of securing American telephone networks and Americans’ communications in response to the massive hack of telecom providers allegedly done by Chinese government hackers.  In a press release on Tuesday,…TECHCRUNCH.COM
10 DecNearest Neighbor: remote attacks on Wi-Fi networksHow the Nearest Neighbor tactic can be used in remote attacks on an organization's wireless network — and how to protect yourself against this threat.KASPERSKY.COM
10 DecFTC distributes $72 million in Fortnite refunds from Epic GamesThe Federal Trade Commission (FTC) is distributing over $72 million in Epic Game Fortnite refunds for the company's use of dark patterns to trick players into making unwanted purchases. [...]BLEEPINGCOMPUTER.COM
10 DecWould You Code in Bed With THIS? 😂Would you actually code in bed with this tiny Raspberry Pi CM4 console? 🤔 It's a handheld mini-computer with a keyboard, screen, USB ports, HDMI output, and more! While it’s an impressive piece of tech, the keyboard and size might make coding a nightmare. 😂 Watch as we explore wh…YOUTUBE.COM
10 DecWindows 11 KB5048667 & KB5048685 cumulative updates releasedMicrosoft has released the Windows 11 KB5048667 and KB5048685 cumulative updates for versions 24H2 and 23H2 to fix security vulnerabilities and issues. [...]BLEEPINGCOMPUTER.COM
10 DecWindows 10 KB5048652 update fixes new motherboard activation bugMicrosoft has released the KB5048652 cumulative update for Windows 10 22H2, which contains six fixes, including a fix that prevented Windows 10 from activating when you change a device's motherboard. [...]BLEEPINGCOMPUTER.COM
10 DecNetwork security best practices for the holidaysTips to better protect your network while you take some well-deserved time off.SOPHOS.COM