69Articles
8Categories
2024-12-13Date
🚨 CISA KEV 1[−]
13 Dec KEVCISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its  Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation.   CVE-2024-50623  Cleo Multiple Products Unrestricted File Upload Vulnerability These types of vulnerabilities are frequent attack vecto…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 2[−]
13 DecResearchers expose a surge in hacker interest in SAP systemsA review of four years of threat intelligence data, presented Friday at Black Hat by Yvan Genuer , a senior security researcher at Onapsis, reports a spike in hacker interest in breaking into enterprise resource planning (ERP) systems from SAP in 2020 that was sustained until the…CSOONLINE.COM
13 DecCritical OpenWrt Vulnerability Exposes Devices to Malicious Firmware InjectionA security flaw has been disclosed in OpenWrt's Attended Sysupgrade (ASU) feature that, if successfully exploited, could have been abused to distribute malicious firmware packages. The vulnerability, tracked as CVE-2024-54143, carries a CVSS score of 9.3 out of a maximum of 10, i…THEHACKERNEWS.COM
⚠️ VULNERABILITY DISCLOSURE 17[−]
13 Dec10 wichtige Security-Eigenschaften: So setzen Sie die Kraft Ihres IT-Sicherheitstechnik-Teams freiLesen Sie, worauf es bei der Zusammenarbeit zwischen Ihrem IT-Security- und Engineering-Team ankommt. Foto: Lipik Stock Media – shutterstock.com Security-Teams bestehen in erster Linie aus Mitarbeitern, die für den Betrieb und die Einhaltung von Vorschriften und Richtlinien zustä…CSOONLINE.COM
13 DecFBI Seizes Rydox Marketplace, Arrests Key AdministratorsThe Federal Bureau of Investigation (FBI) announced the seizure of Rydox, an illicit online marketplace that facilitated the buying and selling of stolen personal information and cybercrime tools. Alongside the crackdown, law enforcement arrested three key administrators linked t…GBHACKERS.COM
13 DecTop Phishing Exploits fo 2024: Cyber Security Today for Friday, December 13, 2024Top 5 Phishing Exploits of 2024: Abnormal Security Report and More | Cybersecurity Today In this episode of Cybersecurity Today, host Jim Love delves into Abnormal Security's end-of-year report outlining the top five phishing exploits of 2024 and their predictions for 2025. The e…CYBERSECURITYTODAY.LIBSYN.COM
13 DecCISA Issues Ten New Advisories on Industrial Control System VulnerabilitiesThe Cybersecurity and Infrastructure Security Agency (CISA) has issued ten critical advisories, highlighting vulnerabilities across Siemens’ industrial products. Released on December 12, 2024, these advisories expose multiple flaws in Siemens’ hardware and software platform…GBHACKERS.COM
13 DecDell Security Update, Patch for Multiple Critical VulnerabilitiesDell Technologies has released a security advisory addressing multiple critical vulnerabilities that could expose affected systems to exploitation by malicious actors. Customers are strongly encouraged to review the findings and update their systems accordingly. This update inclu…GBHACKERS.COM
13 DecHow to turn around a toxic cybersecurity cultureA toxic cybersecurity culture affects team turnover, productivity, and morale. Worse yet, it places enterprise systems and data at risk. In a toxic cybersecurity culture, everybody believes that cybersecurity is somebody else’s job, says Keri Pearlson, executive director for Cybe…CSOONLINE.COM
13 DecNigerian National Extradited to Nebraska for Wire Fraud ChargesUnited States Attorney Susan Lehr announced the extradition of Abiola Kayode, 37, from Nigeria to the District of Nebraska. The extradition follows a Conspiracy to Commit Wire Fraud indictment filed against Kayode in August 2019. This case highlights international cooperation in …GBHACKERS.COM
13 DecDeepSpeed: a tuning tool for large language modelsSophosAI’s framework for upgrading the performance of LLMs for cybersecurity tasks (or any other specific task) is now open source.SOPHOS.COM
13 DecPUMA creeps through Linux with a stealthy rootkit attackA new loadable kernel module (LKM) rootkit has been spotted in the wild compromising Linux systems with advanced stealth and privilege escalation features. PUMAKIT, as called by the Elastic Security researchers who discovered it during routine threat hunting on VirusTotal, was de…CSOONLINE.COM
13 DecPondering Portable Passwordless Passkeys in 2025 - Rew Islam - ESW #387In this segment, we discuss two new FIDO Alliance standards focused on credential portability. Specifically, if passwordless is going to catch on, we need to minimize friction and maximize usability. In practice, this means that passkeys must be portable! Rew Islam of Dashlane jo…YOUTUBE.COM
13 DecThe Hilarious SEO Problem with Google’s 'Santa' 😂Did you know Google developed its own app allow-listing tool for Mac called "Santa"? But here’s the funny part—searching “Google Santa” might just land you on a Christmas tracker instead! 😂 This open-source tool was created after the infamous Aurora attacks to fill a major securi…YOUTUBE.COM
13 DecUltralytics Supply-Chain AttackLast week, we saw a supply-chain attack against the Ultralytics AI library on GitHub. A quick summary : On December 4, a malicious version 8.3.41 of the popular AI library ultralytics ­—which has almost 60 million downloads—was published to the Python Package Index (P…SCHNEIER.COM
13 DecSophisticated Phishing Campaign Attempts to Bypass SEGsA widespread phishing campaign is attempting to steal credentials from employees working at dozens of organizations around the world, according to researchers at Group-IB.KNOWBE4.COM
13 DecCISA and EPA Release Joint Fact Sheet Detailing Risks Internet-Exposed HMIs Pose to WWS SectorToday, CISA and the Environmental Protection Agency (EPA) released Internet-Exposed HMIs Pose Cybersecurity Risks to Water and Wastewater Systems . This joint fact sheet provides Water and Wastewater Systems (WWS) facilities with recommendations for limiting the exposure of Human…CISA.GOV
13 DecCISA confirms critical Cleo bug exploitation in ransomware attacksCISA confirmed today that a critical remote code execution bug in Cleo Harmony, VLTrader, and LexiCom file transfer software is being exploited in ransomware attacks. [...]BLEEPINGCOMPUTER.COM
13 DecAuto parts giant LKQ says cyberattack disrupted Canadian business unitAutomobile parts giant LKQ Corporation disclosed that one of its business units in Canada was hacked, allowing threat actors to steal data from the company. [...]BLEEPINGCOMPUTER.COM
13 DecBlack Hat Europe 2024: Why a CVSS score of 7.5 may be a 'perfect' 10 in your organizationAggregate vulnerability scores don’t tell the whole story – the relationship between a flaw’s public severity rating and the specific risks it poses for your company is more complex than it seemsWELIVESECURITY.COM
📢 SECURITY ADVISORIES 7[−]
13 DecFBI Busts Rydox Marketplace with 7,600 PII Sales, Cryptocurrency Worth $225K SeizedThe U.S. Department of Justice (DoJ) on Thursday announced the shutdown of an illicit marketplace called Rydox ("rydox.ru" and "rydox[.]cc") for selling stolen personal information, access devices, and other tools for conducting cybercrime and fraud. In tandem, three Kosovo natio…THEHACKERNEWS.COM
13 DecRydox Cybercrime Marketplace Disrupted, Administrators ArrestedThe US announced the takedown of Rydox, a marketplace for stolen personal information, and the arrest of three administrators. The post Rydox Cybercrime Marketplace Disrupted, Administrators Arrested appeared first on SecurityWeek .SECURITYWEEK.COM
13 DecRussia blocks Viber in latest attempt to censor communicationsRussian telecommunications watchdog Roskomnadzor has blocked the Viber encrypted messaging app, used by hundreds of millions worldwide, for violating the country's legislation. [...]BLEEPINGCOMPUTER.COM
13 DecCISA warns water facilities to secure HMI systems exposed onlineCISA and the Environmental Protection Agency (EPA) warned water facilities today to secure Internet-exposed Human Machine Interfaces (HMIs) from cyberattacks. [...]BLEEPINGCOMPUTER.COM
13 DecWide World of Cyber: SentinelOne's Chris Krebs on Chinese cyber operationsIn this edition of the Wild World of Cyber podcast Patrick Gray sits down with SentinelOne’s Chief Intelligence and Public Policy Officer Chris Krebs to talk all about Chinese cyber operations. They look at the Salt Typhoon and Volt Typhoon campaigns, the last 20 years of Chinese…RISKY.BIZ
🔥 INCIDENT REPORTING 6[−]
13 DecVishing via Microsoft Teams Facilitates DarkGate Malware Intrusionsubmitted by Joker to cybersecurity 1 points | 0 comments https://www.trendmicro.com/en_us/research/24/l/darkgate-malware.html Summary > - The Trend Micro Managed Detection and Response (MDR) team analyzed an incident wherein an attacker used social engineering via a Microsoft…INFOSEC.PUB
13 DecHackers Possibly Stole Personal Data From Bitcoin ATM Operator Byte FederalByte Federal says the personal information of 58,000 was compromised after a GitLab flaw allowed attackers to access a server. The post Hackers Possibly Stole Personal Data From Bitcoin ATM Operator Byte Federal appeared first on SecurityWeek .SECURITYWEEK.COM
13 DecHow infostealers are used in targeted cyberattacksInfostealer capabilities and how to protect your organization against this threat.KASPERSKY.COM
13 DecEyecare & Healthtech Company Exposed Almost 5 Million Medical Recordssubmitted by Joker to cybersecurity 1 points | 0 comments https://www.vpnmentor.com/news/report-care1-breach/INFOSEC.PUB
13 DecHackers Steal 17M Patient Records in Attack on 3 HospitalsIT Outage, Downtime Procedures Affecting Services at California Healthcare Provider Cybercriminals claim they stole 17 million patient records from a southern California regional healthcare provider that is still struggling with IT and phone systems outages that have been disrupt…DATABREACHTODAY.CO.UK
13 DecCitrix shares mitigations for ongoing Netscaler password spray attacksCitrix Netscaler is the latest target in widespread password spray attacks targeting edge networking devices and cloud platforms this year to breach corporate networks. [...]BLEEPINGCOMPUTER.COM
🕵️ THREAT INTELLIGENCE 22[−]
13 DecISC Stormcast For Friday, December 13th, 2024 https://isc.sans.edu/podcastdetail/9254, (Fri, Dec 13th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
13 DecIranian Hackers Use IOCONTROL Malware to Target OT, IoT Devices in US, IsraelThe Iranian threat group CyberAv3ngers has used custom-built malware named IOCONTROL to target IoT and OT devices in the US and Israel. The post Iranian Hackers Use IOCONTROL Malware to Target OT, IoT Devices in US, Israel appeared first on SecurityWeek .SECURITYWEEK.COM
13 DecGermany Sinkholes Botnet of 30,000 BadBox-Infected DevicesGermany’s cybersecurity agency BSI has sinkholed a botnet of 30,000 devices shipped with BadBox malware pre-installed. The post Germany Sinkholes Botnet of 30,000 BadBox-Infected Devices appeared first on SecurityWeek .SECURITYWEEK.COM
13 DecMicrosoft Patches Vulnerabilities in Windows Defender, Update CatalogMicrosoft has patched potentially critical vulnerabilities in Update Catalog and Windows Defender on the server side. The post Microsoft Patches Vulnerabilities in Windows Defender, Update Catalog appeared first on SecurityWeek .SECURITYWEEK.COM
13 DecIran-Linked IOCONTROL Malware Targets SCADA and Linux-Based IoT PlatformsIran-affiliated threat actors have been linked to a new custom malware that's geared toward IoT and operational technology (OT) environments in Israel and the United States. The malware has been codenamed IOCONTROL by OT cybersecurity company Claroty, highlighting its ability to …THEHACKERNEWS.COM
13 DecIn Other News: Gen Digital Makes $1B Buy, Recall Captures Sensitive Data, MITRE ATT&CK EvaluationsNoteworthy stories that might have slipped under the radar: AV brand owner Gen Digital makes a $1 billion acquisition, Microsoft Recall captures sensitive data, MITRE releases ATT&CK evaluations. The post In Other News: Gen Digital Makes $1B Buy, Recall Captures Sensitive Da…SECURITYWEEK.COM
13 DecMaking smart cybersecurity spending decisions in 2025December is a month of numbers, from holiday countdowns to RSVPs for parties. But for business leaders, the most important numbers this month are the budget numbers for 2025. With cybersecurity a top focus for many businesses in 2025, it is likely to be a top-line item on many bu…SECURITYINTELLIGENCE.COM
13 DecUS Updates a Science and Technology Pact With China to Reflect Growing Rivalry and Security ThreatsThe new agreement has a narrower scope and additional safeguards to minimize the risk to national security. The post US Updates a Science and Technology Pact With China to Reflect Growing Rivalry and Security Threats appeared first on SecurityWeek .SECURITYWEEK.COM
13 DecThe 2024 Cybersecurity Market Review - Mike Privette - ESW #387For our second year now, Mike Privette, from _Return on Security_ and the _Security, Funded_ newsletter joins us to discuss the year's highlights and what's to come in the next 12 months. In some ways, it has been a return to form for funding, though some casualties of a tough ma…YOUTUBE.COM
13 DecAWS does IR, credit card canarytokens, shared responsibility, phishing tests do harm - ESW #387This week, in the enterprise security news, NOTE: We didn't get to 2, 3, 5, or 7 due to some technical difficulties and time constraints, but we'll hit them next week! The show notes have been updated to reflect what we actually discussed this week: https://www.scworld.com/podcas…YOUTUBE.COM
13 DecArtificial Intelligence Looms Large at Black Hat EuropeOpen Questions: What's Next Killer Use Case? Can Output Be Better Validated? The topic of AI reality versus hype, as well as what the next killer use cases might be, dominated the wrap-up "Locknote" panel at this year's annual Black Hat Europe in London, comprised of conference R…DATABREACHTODAY.CO.UK
13 DecCritical Vulnerabilities Found in Ruijie Reyee Cloud Management PlatformResearchers warn about critical vulnerabilities in Ruijie Networks’ Reyee cloud management platform and Reyee OS network devices. The post Critical Vulnerabilities Found in Ruijie Reyee Cloud Management Platform appeared first on SecurityWeek .SECURITYWEEK.COM
13 DecOff-Topic Fridaysubmitted by shellsharks to cybersecurity 1 points | 0 comments Wanna chat about something non-infosec amongst those of us who frequent /c/cybersecurity? Here’s your chance! (Keep things civil & respectful please)INFOSEC.PUB
13 DecDoJ Indicts 14 North Koreans for $88M IT Worker Fraud Scheme Over Six YearsThe U.S. Department of Justice (DoJ) has indicted 14 nationals belonging to the Democratic People's Republic of Korea (DPRK or North Korea) for their alleged involvement in a long-running conspiracy to violate sanctions and commit wire fraud, money laundering, and identity theft …THEHACKERNEWS.COM
13 Dec94% of U.K. Businesses Aren’t Adequately Prepared for AI-Driven Phishing ScamsA new report makes it clear that U.K. organizations need to do more security awareness training to ensure their employees don’t fall victim to the evolving use of AI.KNOWBE4.COM
13 DecResearchers: Iranian Custom Malware Targets Fuel SystemsAn Iranian state hacking group is using custom malware to compromise IoT and OT infrastructure in Israel and the United States. An attack wave from Islamic Revolutionary Guard Corps-affiliated "CyberAv3ngers" swept up fuel management systems made by U.S.-based firm Gilbarco Veede…DATABREACHTODAY.CO.UK
13 DecNudity, Krispy Kreme, Cleo, AIAPIs, NHI, North Korea, Jersey Drones, Josh Marpet - SWN #437Nudity, Krispy Kreme, Cleo, AIAPIs, non-human identities, North Korea, Jersey Drones, Josh Marpet, and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-437YOUTUBE.COM
13 DecFriday Squid Blogging: Biology and Ecology of the Colossal SquidGood survey paper . Blog moderation policy.SCHNEIER.COM
13 DecGerman BSI Disrupts Android Malware Infecting IoT DevicesAround 30,000 German IoT Infected from Backdroored Android Applications The German federal information security agency disrupted a botnet that infected thousands of backdoored digital picture frames and media players made with knock-off Android operating systems shipped from Chin…DATABREACHTODAY.CO.UK
13 DecISMG Editors: CEO Shooting Sparks AI Accountability DebateAlso: How Leading Cybersecurity Firms are Gearing up for 2025 In the latest weekly update, ISMG editors discussed the shooting death of the UnitedHealthcare CEO and its wider implications for AI-driven decision-making, market strategies for the top cybersecurity companies in 2025…DATABREACHTODAY.CO.UK
13 DecGoogle Advertising Out to Lunch? Simple Pivots Catch an Ongoing Malvertising Campaign Hiding in Plain Sightsubmitted by Joker to cybersecurity 1 points | 0 comments https://www.silentpush.com/blog/google-malvertising-campaign/ Key Findings > - Silent Push Threat Analysts have caught a threat actor’s ongoing series of malvertising campaigns blatantly abusing Google Search ads to tar…INFOSEC.PUB
13 DecBreaking the Air Gap Through Hardware Implantssubmitted by Joker to cybersecurity 1 points | 0 comments https://www.praetorian.com/blog/breaking-the-air-gap-through-hardware-implants/ Intro > Performing security assessments against Internet of Things (IoT) devices exposes you to a wide range of technologies, use cases, an…INFOSEC.PUB
🌐 CYBER THREAT LANDSCAPE 7[−]
13 DecVishing via Microsoft Teams Facilitates DarkGate Malware IntrusionIn this blog entry, we discuss a social engineering attack that tricked the victim into installing a remote access tool, triggering DarkGate malware activities and an attempted C&C connection.TRENDMICRO.COM
13 DecNew Linux Rootkit PUMAKIT Uses Advanced Stealth Techniques to Evade DetectionCybersecurity researchers have uncovered a new Linux rootkit called PUMAKIT that comes with capabilities to escalate privileges, hide files and directories, and conceal itself from system tools, while simultaneously evading detection. "PUMAKIT is a sophisticated loadable kernel m…THEHACKERNEWS.COM
13 DecGermany sinkholes BadBox malware pre-loaded on Android devicesGermany's Federal Office for Information Security (BSI) has disrupted the BadBox malware operation pre-loaded in over 30,000 Android IoT devices sold in the country. [...]BLEEPINGCOMPUTER.COM
13 DecGermany blocks BadBox malware loaded on 30,000 Android devicesGermany's Federal Office for Information Security (BSI) has disrupted the BadBox malware operation pre-loaded in over 30,000 Android IoT devices sold in the country. [...]BLEEPINGCOMPUTER.COM
13 DecCISO Secrets Revealed: Behind the Scenes of Cybersecurity Elite Meetups!Ever wondered what happens when the top minds in cybersecurity come together? In this short, we take you inside a CISO meetup—a world of shared secrets, challenges, and insights about staying ahead of cyber threats. From exchanging notes on the latest hacks to discussing career m…YOUTUBE.COM
13 DecRussian cyberspies target Android users with new spywareRussian cyberspies Gamaredon has been discovered using two Android spyware families named 'BoneSpy' and 'PlainGnome' to spy on and steal data from mobile devices. [...]BLEEPINGCOMPUTER.COM
13 DecRussian cyberspies target Android users with new spywareRussian cyberspies Gamaredon has been discovered using two Android spyware families named 'BoneSpy' and 'PlainGnome' to spy on and steal data from mobile devices. [...]BLEEPINGCOMPUTER.COM
📡 INFOSEC NEWS 7[−]
13 DecHow to Generate a CrowdStrike RFM Report With AI in TinesRun by the team at orchestration, AI, and automation platform Tines, the Tines library contains pre-built workflows shared by real security practitioners from across the community, all of which are free to import and deploy via the Community Edition of the platform.  Their b…THEHACKERNEWS.COM
13 DecWhy Security and Dev Teams Just Don’t Click 😵 #DeveloperLifeDevelopers and security teams have one major thing in common—they both want projects to succeed. But when it comes to using security tools, developers are often resistant. Why? Security tools can disrupt their workflow and slow down their process, and that's where the tension sta…YOUTUBE.COM
13 DecThe Strange Power of the Number 6 🧐What’s so special about the number 6? 🤔 From Qin Shi Huang, the first emperor of China, to its role in math, culture, and even conspiracies, the number 6 has fascinated minds for centuries. Did you know it’s tied to Chinese classical arts, military provinces, and more? Coincidenc…YOUTUBE.COM
13 DecFTC warns of online task job scams hooking victims like gamblingThe Federal Trade Commission (FTC) warns about a significant rise in gambling-like online job scams, known as "task scams," that draw people into earning cash through repetitive tasks, with the promises of earning more if they deposit their own money. [...]BLEEPINGCOMPUTER.COM
13 DecUnitedHealthcare’s Optum left an AI chatbot, used by employees to ask questions about claims, exposed to the internetOptum's AI chatbot was found exposed online at a time when the healthcare giant faces scrutiny for its use of AI to allegedly deny patient claims. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
13 DecBlack Hat Europe 2024: Hacking a car – or rather, its infotainment systemOur ‘computers on wheels’ are more connected than ever, but the features that enhance our convenience often come with privacy risks in towWELIVESECURITY.COM