matlock.ca // THREAT INTELLIGENCE

125Articles

8Categories

2024-12-11Date

🚨

U.S. CISA adds Microsoft Windows CLFS driver flaw to its Known Exploited Vulnerabilities catalogsubmitted by kid to cybersecurity 1 points | 0 comments https://securityaffairs.com/171851/hacking/u-s-cisa-adds-microsoft-windows-clfs-driver-flaw-to-its-known-exploited-vulnerabilities-catalog.html

KEVSH.ITJUST.WORKS — 11 Dec 2024

🐛

Patch Tuesday, December 2024 Edition

KREBSONSECURITY.COM — 11 Dec 2024

🐛

Ivanti Issues Critical Security Updates for CSA and Connect Secure Vulnerabilities

THEHACKERNEWS.COM — 11 Dec 2024

🐛

Vulnerability Symbiosis: vSphere?s CVE-2024-38812 and CVE-2024-38813 [Guest Diary], (Wed, Dec 11th)

ISC.SANS.EDU — 11 Dec 2024

🐛

US sanctions Chinese cybersecurity firm over global malware campaign

CSOONLINE.COM — 11 Dec 2024

🐛

WPForms Vulnerability Let Users Issues Subscription Payments

GBHACKERS.COM — 11 Dec 2024

🐛

Ivanti CSA Vulnerabilities Let Attackers Gain Admin Access

GBHACKERS.COM — 11 Dec 2024

🐛

Researcher Details CVE-2024-44131 - A Critical TCC Bypass in macOS and iOS

SH.ITJUST.WORKS — 11 Dec 2024

🐛

Google Chrome Patches High-Severity Vulnerabilities - CVE-2024-12381 & CVE-2024-12382

SH.ITJUST.WORKS — 11 Dec 2024

🐛

Windows RDP Service Flaw let Hackers Execute Remote Code

GBHACKERS.COM — 11 Dec 2024

🐛

Microsoft secretly stopped actors from snooping on your MFA codes

CSOONLINE.COM — 11 Dec 2024

⚠️

ISO und ISMS: Darum gehen Security-Zertifizierungen schief

CSOONLINE.COM — 11 Dec 2024

⚠️

Bug bounty programs can deliver significant benefits, but only if you’re ready

CSOONLINE.COM — 11 Dec 2024

⚠️

Salt Typhoon poses a serious supply chain risk to most organizations

CSOONLINE.COM — 11 Dec 2024

⚠️

U.S. Charges Chinese Hacker for Exploiting Zero-Day in 81,000 Sophos Firewalls

THEHACKERNEWS.COM — 11 Dec 2024

⚠️

Microsoft Fixes 72 Flaws, Including Patch for Actively Exploited CLFS Vulnerability

KEVTHEHACKERNEWS.COM — 11 Dec 2024

⚠️

From PoC to Attacker Interest in Hours: Real-Time Insights into Mitel MiCollab Vulnerabilities

INFOSEC.PUB — 11 Dec 2024

⚠️

Silent Push Unwraps the AIZ—Aggressive Inventory Zombies—Retail & Crypto Phishing Network Campaign

INFOSEC.PUB — 11 Dec 2024

⚠️

Dell Warns of Critical Code Execution Vulnerability in Power Manager

SH.ITJUST.WORKS — 11 Dec 2024

⚠️

Chinese EagleMsgSpy Spyware Found Exploiting Mobile Devices Since 2017

THEHACKERNEWS.COM — 11 Dec 2024

⚠️

Cleo Vulnerability Exploitation Linked to Termite Ransomware Group

SECURITYWEEK.COM — 11 Dec 2024

⚠️

Law enforcement shuts down 27 DDoS booters ahead of annual Christmas attacks

INFOSEC.PUB — 11 Dec 2024

⚠️

FYI OpenCVE 2.0 Opensource Vulnerability Management Platform is out

SH.ITJUST.WORKS — 11 Dec 2024

⚠️

Microsoft MFA AuthQuake Flaw Enabled Unlimited Brute-Force Attempts Without Alerts

THEHACKERNEWS.COM — 11 Dec 2024

⚠️

Researchers uncover Chinese spyware used to target Android devices

TECHCRUNCH.COM — 11 Dec 2024

⚠️

New Malware Technique Could Exploit Windows UI Framework to Evade EDR Tools

THEHACKERNEWS.COM — 11 Dec 2024

⚠️

US Charged Chinese Hackers for Exploiting Thousands of Firewall

GBHACKERS.COM — 11 Dec 2024

⚠️

Krispy Kreme discloses cyberattack that is disrupting online orders

TECHCRUNCH.COM — 11 Dec 2024

⚠️

Operation PowerOFF shuts down 27 DDoS-for-hire platforms

BLEEPINGCOMPUTER.COM — 11 Dec 2024

⚠️

Lookout Discovers New Chinese Surveillance Tool Used by Public Security

INFOSEC.PUB — 11 Dec 2024

⚠️

New Malware Technique Could Exploit Windows UI Framework to Evade EDR Tools

SH.ITJUST.WORKS — 11 Dec 2024

⚠️

Oasis Security Research Team Discovers Microsoft Azure MFA Bypass

INFOSEC.PUB — 11 Dec 2024

⚠️

Cardiac surgery device manufacturer falls prey to ransomware

CSOONLINE.COM — 11 Dec 2024

⚠️

Vulnerability impacting all versions of Cleo VLTrader, Harmony, and LexiCom software

CYBER.GC.CA — 2024-12-11

⚠️

Multiple Vulnerabilities in Ivanti Cloud Services Application (CSA) Could Allow for Remote Code Execution

CISECURITY.ORG — 11 Dec 2024

⚠️

The imperative for governments to leverage genAI in cyber defense

CSOONLINE.COM — 11 Dec 2024

⚠️

CISA Updates Toolkit with Seven New Resources to Promote Public Safety Communications and Cyber Resiliency

CISA.GOV — Wed, 11 Dec 24 1

⚠️

Apple Updates Everything (iOS, iPadOS, macOS, watchOS, tvOS, visionOS), (Wed, Dec 11th)

ISC.SANS.EDU — 11 Dec 2024

⚠️

New EagleMsgSpy Android spyware used by Chinese police, researchers say

BLEEPINGCOMPUTER.COM — 11 Dec 2024

⚠️

Ransomware Hackers Exploiting Cleo Software Zero-Day

DATABREACHTODAY.CO.UK — 2024-12-11

⚠️

Hunk Companion WordPress plugin exploited to install vulnerable plugins

BLEEPINGCOMPUTER.COM — 11 Dec 2024

⚠️

Risky Business #774 -- Cleo file transfer appliances under widespread attack

RISKY.BIZ — 11 Dec 2024

📋

Chrome Security Update, Patch For Multiple Vulnerabilities

GBHACKERS.COM — 11 Dec 2024

📋

December Patch Tuesday arrives bearing 71 gifts

SOPHOS.COM — 11 Dec 2024

📋

ICS Patch Tuesday: Security Advisories Released by Siemens, Schneider, CISA, Others

SECURITYWEEK.COM — 11 Dec 2024

📋

Is it a bad idea to go on with a pixel 4a?

SH.ITJUST.WORKS — 11 Dec 2024

📋

Apple Pushes Major iOS, macOS Security Updates

SECURITYWEEK.COM — 11 Dec 2024

📢

Disclosure Rules Lead To Less Disclosure: Cyber Security Today for Wednesday, December 11, 2024

CYBERSECURITYTODAY.LIBSYN.COM — 11 Dec 2024

📢

Financial Sector Turning to Multi-Cloud Strategies

DATABREACHTODAY.CO.UK — 2024-12-11

📢

Rumänien kommt digital weiterhin nicht zur Ruhe

CSOONLINE.COM — 11 Dec 2024

📢

Researchers Uncover Espionage Tactics of China-Based APT Groups in Southeast Asia

THEHACKERNEWS.COM — 11 Dec 2024

📢

Microsoft security advisory – December 2024 monthly rollup (AV24–701)

CYBER.GC.CA — 2024-12-11

📢

APT-C-60 Hackers Penetrate Org’s Network Using a Weapanized Google Drive link

GBHACKERS.COM — 11 Dec 2024

📢

Adobe security advisory (AV24–702)

CYBER.GC.CA — 2024-12-11

📢

Google Chrome security advisory (AV24-703)

CYBER.GC.CA — 2024-12-11

📢

Ivanti security advisory (AV24-704)

CYBER.GC.CA — 2024-12-11

📢

GitLab security advisory (AV24-706)

CYBER.GC.CA — 2024-12-11

📢

Atlassian security advisory (AV24-705)

CYBER.GC.CA — 2024-12-11

📢

[Control systems] Schneider Electric security advisory (AV24-707)

CYBER.GC.CA — 2024-12-11

📢

Apache security advisory (AV24-708)

CYBER.GC.CA — 2024-12-11

📢

Clearinghouse Pays $250K Settlement in Web Exposure Breach

DATABREACHTODAY.CO.UK — 2024-12-11

📢

AI Meets Fraud Prevention in LexisNexis-IDVerse Acquisition

DATABREACHTODAY.CO.UK — 2024-12-11

🔥

Holiday Season Cyber Threats (Part 2): Ransomware, Gift Cards, and Point-of-Sale breaches

INFOSEC.PUB — 11 Dec 2024

🔥

446,000 Impacted by Center for Vein Restoration Data Breach

SECURITYWEEK.COM — 11 Dec 2024

🔥

Hersteller von Geräten für die Herzchirurgie angegriffen

CSOONLINE.COM — 11 Dec 2024

🔥

On holiday: Most important policies for reduced staff

SECURITYINTELLIGENCE.COM — 11 Dec 2024

🔥

Krispy Kreme cyberattack impacts online orders and operations

BLEEPINGCOMPUTER.COM — 11 Dec 2024

🔥

Reserachers Uncovered Zloader DNS Tunneling Tactics For Stealthy C2 Communication

GBHACKERS.COM — 11 Dec 2024

🔥

Lynx ransomware behind Electrica energy supplier cyberattack

BLEEPINGCOMPUTER.COM — 11 Dec 2024

🔥

Krispy Kreme Discovers Cybersecurity Hole

DATABREACHTODAY.CO.UK — 2024-12-11

🔥

Manufacturing vs. U.S. SLED: Cybersecurity Showdown!

YOUTUBE.COM — 2024-12-11

🔥

No Doughnuts Today? Cyberattack Puts Krispy Kreme in a Sticky Situation

SECURITYWEEK.COM — 11 Dec 2024

🔥

Chinese APT Groups Targets European IT Companies

DATABREACHTODAY.CO.UK — 2024-12-11

🔥

Researchers Crack Microsoft Azure MFA in an Hour

SH.ITJUST.WORKS — 11 Dec 2024

🔥

Symmetrical Cryptography Pioneer Targets Post-Quantum Era

SH.ITJUST.WORKS — 11 Dec 2024

🔥

Microsoft Defender XDR demonstrates 100% detection coverage across all cyberattack stages in the 2024 MITRE ATT&CK® Evaluations: Enterprise

MICROSOFT.COM — 11 Dec 2024

🕵️

ISC Stormcast For Wednesday, December 11th, 2024 https://isc.sans.edu/podcastdetail/9250, (Wed, Dec 11th)

ISC.SANS.EDU — 11 Dec 2024

🕵️

Operation Digital Eye | Chinese APT Compromises Critical Digital Infrastructure via Visual Studio Code Tunnels

INFOSEC.PUB — 11 Dec 2024

🕵️

US Charges, Sanctions Chinese Man Accused of Sophos Firewall Hacking

SECURITYWEEK.COM — 11 Dec 2024

🕵️

Ivanti Patches Critical Flaws in Connect Secure, Cloud Services Application

SECURITYWEEK.COM — 11 Dec 2024

🕵️

Operation Digital Eye | Chinese APT Compromises Critical Digital Infrastructure via Visual Studio Code Tunnels

SH.ITJUST.WORKS — 11 Dec 2024

🕵️

Meeten Malware: A Cross-Platform Threat to Crypto Wallets on macOS and Windows

SH.ITJUST.WORKS — 11 Dec 2024

🕵️

Black Basta Gang Uses MS Teams, Email Bombing to Spread Malware

SH.ITJUST.WORKS — 11 Dec 2024

🕵️

Mitigating NTLM Relay Attacks by Default | MSRC Blog | Microsoft Security Response Center

SH.ITJUST.WORKS — 11 Dec 2024

🕵️

Jailbreaking LLM-Controlled Robots

SCHNEIER.COM — 2024-12-11

🕵️

Google’s Willow Chip Signals the Urgency of Post-Quantum Cryptography Migration

SECURITYWEEK.COM — 11 Dec 2024

🕵️

Atlassian, Splunk Patch High-Severity Vulnerabilities

SECURITYWEEK.COM — 11 Dec 2024

🕵️

Analysis of Nova: A Snake Keylogger Fork

INFOSEC.PUB — 11 Dec 2024

🕵️

Windows RDP Service Flaw let Hackers Execute Remote Code

SH.ITJUST.WORKS — 11 Dec 2024

🕵️

ZLoader Malware Returns With DNS Tunneling to Stealthily Mask C2 Comms

THEHACKERNEWS.COM — 11 Dec 2024

🕵️

Google Pays $55,000 for High-Severity Chrome Browser Bug

SECURITYWEEK.COM — 11 Dec 2024

🕵️

Nearly Half a Billion Emails in 2024 Were Malicious

KNOWBE4.COM — 11 Dec 2024

🕵️

From Silos to Synergy: Gen AI Aligns IT and Security Teams

DATABREACHTODAY.CO.UK — 2024-12-11

🕵️

BadRAM Attack Uses $10 Equipment to Break AMD Processor Protections

SECURITYWEEK.COM — 11 Dec 2024

🕵️

Hackers Deploy Weaponized LNK Files for Malicious Payload Delivery

GBHACKERS.COM — 11 Dec 2024

🕵️

News alert: DMD Diamond invites developers to participate in open beta for its v4 blockchain

LASTWATCHDOG.COM — 11 Dec 2024

🕵️

Cortex XDR Delivers Unmatched 100% Detection in MITRE ATT&CK Round 6

PALOALTONETWORKS.COM — 11 Dec 2024

🕵️

Evil ISPs, Deloitte, YOLO11, Microsoft, Gift Cards, Navix, Telegram, Josh Marpet... - SWN #436

YOUTUBE.COM — 2024-12-11

🕵️

Likely China-based Attackers Target High-profile Organizations in Southeast Asia

INFOSEC.PUB — 11 Dec 2024

🕵️

AuthQuake Flaw Allowed MFA Bypass Across Azure, Office 365 Accounts

SH.ITJUST.WORKS — 11 Dec 2024

🕵️

What are You Working on Wednesday

INFOSEC.PUB — 11 Dec 2024

🕵️

Trust Hijacked: The Subtle Art of Phishing Through Familiar Facades

INFOSEC.PUB — 11 Dec 2024

🕵️

Operation PowerOFF shuts down 27 DDoS-for-hire platforms

SH.ITJUST.WORKS — 11 Dec 2024

🕵️

Secret Blizzard Deploys Kazuar Backdoor in Ukraine Using Amadey Malware-as-a-Service

THEHACKERNEWS.COM — 11 Dec 2024

🕵️

Cybercriminals Impersonate Dubai Police to Defraud Consumers in the UAE - Smishing Triad in Action

INFOSEC.PUB — 11 Dec 2024

🕵️

Resecurity introduces Government Security Operations Center (GSOC) at NATO Edge 2024

GBHACKERS.COM — 11 Dec 2024

🕵️

DMD Diamond Launches Open Beta for v4 Blockchain Ahead of 2025 Mainnet

GBHACKERS.COM — 11 Dec 2024

🕵️

Teaching an Old Framework New Tricks: The Dangers of Windows UI Automation

INFOSEC.PUB — 11 Dec 2024

🕵️

Russian Turla hackers hit Starlink-connected devices in Ukraine

BLEEPINGCOMPUTER.COM — 11 Dec 2024

🕵️

Frequent freeloader part II: Russian actor Secret Blizzard using tools of other groups to attack Ukraine

INFOSEC.PUB — 11 Dec 2024

🕵️

Black Hat Europe: Chaos Puts Cybersecurity in the Hot Seat

DATABREACHTODAY.CO.UK — 2024-12-11

🕵️

Predictive AI and the Future of Fleet Maintenance

DATABREACHTODAY.CO.UK — 2024-12-11

🕵️

Russian cyber spies hide behind other hackers to target Ukraine

BLEEPINGCOMPUTER.COM — 11 Dec 2024

🕵️

US Defense Bill Includes Major Focus on Tech, AI and Cyber

DATABREACHTODAY.CO.UK — 2024-12-11

🕵️

Cheap Phone Scanner Shows Lots Of People Are Still Being Targeted By NSO Group Spyware

SH.ITJUST.WORKS — 11 Dec 2024

🕵️

Frequent freeloader part II: Russian actor Secret Blizzard using tools of other groups to attack Ukraine

MICROSOFT.COM — 11 Dec 2024

📡

Keeping it real: Sophos and the 2024 MITRE ATT&CK Evaluations: Enterprise

SOPHOS.COM — 11 Dec 2024

📡

Enron’s Bold Move: Crypto & Energy Sustainability

YOUTUBE.COM — 2024-12-11

📡

Russian government spies targeted Ukraine using tools developed by cybercriminals

TECHCRUNCH.COM — 11 Dec 2024

📡

Why Most People FAIL at Attack Surface Management!

YOUTUBE.COM — 2024-12-11

📡

Facebook, Instagram, WhatsApp hit by massive worldwide outage

BLEEPINGCOMPUTER.COM — 11 Dec 2024

📡

Microsoft lifts Windows 11 24H2 block on PCs with USB scanners

BLEEPINGCOMPUTER.COM — 11 Dec 2024

📡

How Cryptocurrency Turns to Cash in Russian Banks

KREBSONSECURITY.COM — 11 Dec 2024

📡

Cynet Delivers 100% Protection and 100% Detection Visibility in the 2024 MITRE ATT&CK Evaluation

BLEEPINGCOMPUTER.COM — 11 Dec 2024

📡

Cybersecurity Gadgets to Hack Your Holiday Gift List

DATABREACHTODAY.CO.UK — 2024-12-11