🚨 CISA KEV 1[−]
16 Dec KEVCISA Adds Two Known Exploited Vulnerabilities to CatalogCISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2024-20767 Adobe ColdFusion Improper Access Control Vulnerability CVE-2024-35250 Microsoft Windows Kernel-Mode Driver Untrusted Pointe…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 3[−]
16 DecSAP-Systeme geraten zunehmend ins Visier von Cyber-Angreifernwidth="5000" height="2813" sizes="(max-width: 5000px) 100vw, 5000px"> Angriffe auf SAP-Systeme versprechen Hackern fette Beute. Shutterstock Ein Rückblick auf Bedrohungsdaten aus den zurückliegenden vier Jahren macht deutlich, dass immer mehr Cyberkriminelle SAP-Systeme ins Visie…CSOONLINE.COM
16 DecHackers Exploiting Apache Struts2 Vulnerability to Upload Malicious PayloadsHackers have begun exploiting a newly discovered vulnerability in Apache Struts2, a widely used open-source framework for developing Java web applications. The vulnerability, assigned the identifier CVE-2024-53677, has a critical CVSS score of 9.5, indicating its potential for se…GBHACKERS.COM
16 DecCVE Assigned to Cleo Vulnerability as Cl0p Ransomware Group Takes Credit for ExploitationThe Cl0p ransomware group has taken credit for exploitation of the Cleo product vulnerability tracked as CVE-2024-55956. The post CVE Assigned to Cleo Vulnerability as Cl0p Ransomware Group Takes Credit for Exploitation appeared first on SecurityWeek .SECURITYWEEK.COM
⚠️ VULNERABILITY DISCLOSURE 23[−]
16 DecCloud Access Security Broker – ein KaufratgeberLesen Sie, worauf es bei der Wahl eines Cloud Access Security Broker ankommt – und welche Anbieter was genau zu bieten haben. Jack the sparow | shutterstock.com Ein Cloud Access Security Broker ( CASB ) sitzt zwischen Enterprise-Endpunkten und Cloud-Ressourcen und fungiert dabei …CSOONLINE.COM
16 DecBlackBerry’s Critical Communications: The Triple Shield Available to Safeguard Organizations and GovernmentsFrom major IT outages and cyberattacks crippling critical infrastructure, to extreme weather testing global resilience, organizations face a relentless barrage of security and communications challenges, with the potential to also impact human safety. Against this backdrop, BlackB…CSOONLINE.COM
16 DecThe Hidden Risks of Mobile Calls and Messages: Why End-to-End Encryption is Just the Starting LineThe recent breaches of sovereign telecom networks in the United States, underscores how highly connected but fragmented public networks are increasingly vulnerable to sophisticated attacks. Another rising concern is the blind trust organizations and individuals put into consumer-…CSOONLINE.COM
16 DecSecurity leaders top 10 takeaways for 2024This year has been challenging for CISOs, with a growing burden of responsibility, the push to make cybersecurity a business enabler, the threat of legal liability for security incidents, and an expanding attack landscape. As the year comes to a close, CISOs reflect on some of th…CSOONLINE.COM
16 DecUkrainian Minors Recruited for Cyber Ops and Reconnaissance in Russian AirstrikesThe Security Service of Ukraine (SBU or SSU) has exposed a novel espionage campaign suspected to be orchestrated by Russia's Federal Security Service (FSB) that involves recruiting Ukrainian minors for criminal activities under the guise of "quest games." Law enforcement official…THEHACKERNEWS.COM
16 DecNew Linux Rootkit Avoids Detection: Cyber Security Today for Monday, December 16th, 2024PumaKit Linux Rootkit, Windows Defender Flaw, and Android Malware Outbreak! In today's episode of Cybersecurity Today, host Jim Love delves into the discovery of the advanced Linux rootkit PumaKit, critical vulnerabilities in Microsoft's Windows Defender, a new multi-platform mal…CYBERSECURITYTODAY.LIBSYN.COM
16 DecThe Insecure IoT Cloud Strikes Again: RCE on Ruijie Cloud-Connected Devicessubmitted by Joker to cybersecurity 1 points | 0 comments https://claroty.com/team82/research/the-insecure-iot-cloud-strikes-again-rce-on-ruijie-cloud-connected-devices Executive Summary > - Team82 has researched devices manufactured by Ruijie Networks and discovered 10 vulner…INFOSEC.PUB
16 DecFuture of proposed US cybersecurity healthcare bills in doubtSix months after Congressional hearings that promised action on the massive Change Healthcare ransomware attack and data theft, three pieces of proposed legislation to tighten cybersecurity requirements on healthcare providers are waiting to be dealt with. But Senators have left …CSOONLINE.COM
16 DecNew Glutton Malware Exploits Popular PHP Frameworks Like Laravel and ThinkPHPCybersecurity researchers have discovered a new PHP-based backdoor called Glutton that has been put to use in cyber attacks targeting China, the United States, Cambodia, Pakistan, and South Africa. QiAnXin XLab, which discovered the malicious activity in late April 2024, attribut…THEHACKERNEWS.COM
16 DecHow Threat Actors Exploit Brand Collaborations to Target Popular YouTube Channelssubmitted by Joker to cybersecurity 1 points | 0 comments https://www.cloudsek.com/blog/how-threat-actors-exploit-brand-collaborations-to-target-popular-youtube-channels Executive Summary > This report highlights a sophisticated malware campaign targeting businesses through em…INFOSEC.PUB
16 DecHackers Weaponizing Microsoft Teams to Gain Remote AccessRecent cybersecurity research has uncovered a concerning trend where hackers are exploiting Microsoft Teams to gain remote access to victim systems. Utilizing sophisticated social engineering tactics, these malicious actors pose as legitimate employees or trusted contacts, levera…GBHACKERS.COM
16 DecMicrosoft Confirms Critical Windows Defender Security Vulnerabilitysubmitted by kid to cybersecurity 2 points | 0 comments https://www.forbes.com/sites/daveywinder/2024/12/14/new-critical-windows-defender-vulnerability-confirmed-by-microsoft/SH.ITJUST.WORKS
16 DecRhode Island suffers major cyberattack, exposing personal data of thousandsRhode Island has suffered a severe cyberattack that has potentially exposed the personal data of hundreds of thousands of residents enrolled in state-run social services programs since 2016. Officials confirmed that RIBridges, the government system for programs like Medicaid and …CSOONLINE.COM
16 DecHackers Using New IoT/OT Malware IOCONTROL To Control IP Cameras, Routers, PLCs, HMIs And FirewallsRecent cyberattacks targeting critical infrastructure, including fuel management systems and water treatment facilities in Israel and the US, have been attributed to the Iranian-backed CyberAv3ngers. The attacks, leveraging a custom-built malware named IOCONTROL, exploit vu…GBHACKERS.COM
16 Dec900,000 People Impacted by ConnectOnCall Data BreachConnectOnCall has disclosed a data breach impacting the personal information of more than 900,000 individuals. The post 900,000 People Impacted by ConnectOnCall Data Breach appeared first on SecurityWeek .SECURITYWEEK.COM
16 Dec⚡ THN Weekly Recap: Top Cybersecurity Threats, Tools and TipsThis past week has been packed with unsettling developments in the world of cybersecurity. From silent but serious attacks on popular business tools to unexpected flaws lurking in everyday devices, there’s a lot that might have flown under your radar. Attackers are adapting old t…THEHACKERNEWS.COM
16 DecRydox cybercrime marketplace seixed by law enforcement, suspected admins arrestedRydox, an online marketplace used by cybercriminals to sell hacked personal information and tools to commit fraud, has been seized in an international law enforcement operation and its suspected administrators arrested. Read more in my article on the Hot for Security blog.BITDEFENDER.COM
16 DecUndocumented DrayTek Vulnerabilities Exploited to Hack Hundreds of OrgsUndocumented vulnerabilities in DrayTek devices were exploited in ransomware campaigns that compromised over 300 organizations. The post Undocumented DrayTek Vulnerabilities Exploited to Hack Hundreds of Orgs appeared first on SecurityWeek .SECURITYWEEK.COM
16 DecCISA Requests Public Comment for Draft National Cyber Incident Response Plan UpdateToday, CISA—through the Joint Cyber Defense Collaborative and in coordination with the Office of the National Cyber Director (ONCD)—released the National Cyber Incident Response Plan Update Public Comment Draft . The draft requests public comment on the National Cyber Incident Re…CISA.GOV
16 DecCatching the ghost in the machine: Adapting threat detection to cloud speedThe rapid adoption of cloud technology has transformed how businesses operate, offering scalability, agility, and opportunities for innovation. However, this transformation has also introduced a profound challenge: the “ghost in the machine”—elusive and dynamic threats that explo…CSOONLINE.COM
16 DecNew Android NoviSpy spyware linked to Qualcomm zero-day bugsThe Serbian government exploited Qualcomm zero-days to unlock and infect Android devices with a new spyware named 'NoviSpy,' used to spy on activists, journalists, and protestors. [...]BLEEPINGCOMPUTER.COM
16 DecGuarding against AI-powered threats requires a focus on cyber awarenessThreat actors will always find nefarious uses for new technologies, and AI is no exception. Attackers are primarily using AI to enhance the volume and velocity of their attacks. They’re also using the technology to make phishing communications more believable with perfect grammar…CSOONLINE.COM
16 DecRussia as a threat actor in the UKsubmitted by Joker to cybersecurity 1 points | 0 comments https://www.cyfirma.com/research/russia-as-a-threat-actor-in-the-uk/ Executive Summary The UK faces an escalating cyber threat landscape dominated by sophisticated Russian actors, including state-affiliated groups like San…INFOSEC.PUB
📢 SECURITY ADVISORIES 6[−]
16 DecData Governance in DevOps: Ensuring Compliance in the AI EraWith the evolution of modern software development, CI/CD pipeline governance has emerged as a critical factor in maintaining both agility and compliance. As we enter the age of artificial intelligence (AI), the importance of robust pipeline governance has only intensified. With t…THEHACKERNEWS.COM
16 DecAmazon refuses Microsoft 365 deployment because of lax cybersecurityAmazon CISO CJ Moses has publicly shamed Microsoft security, halting his employer’s deployment of Microsoft 365 for a full year as the vendor tries to fix a long list of security problems that Amazon identified. Industry security executives were of two minds about the move. Some …CSOONLINE.COM
🔥 INCIDENT REPORTING 12[−]
16 DecLW ROUNDTABLE: Lessons learned from the headline-grabbing cybersecurity incidents of 2024It’s all too clear that the cybersecurity community, once more, is facing elevated challenges as well as opportunities. Part one of a four-part series The world’s reliance on interconnected digital infrastructure continues to deepen, even as the threats facing it … (m…LASTWATCHDOG.COM
16 DecTelegram account hacked: what to do? | Kaspersky official blogMethods to recover access to a hacked Telegram accountKASPERSKY.COM
16 DecClop ransomware claims responsibility for Cleo data theft attackssubmitted by kid to cybersecurity 1 points | 0 comments https://www.bleepingcomputer.com/news/security/clop-ransomware-claims-responsibility-for-cleo-data-theft-attacks/SH.ITJUST.WORKS
16 DecAkira and RansomHub Surge as Ransomware Claims Reach All-Time Highsubmitted by kid to cybersecurity 1 points | 0 comments https://www.infosecurity-magazine.com/news/akira-ransomhub-ransomware-claims/SH.ITJUST.WORKS
16 DecSRP Federal Credit Union Ransomware Attack Impacts 240,000SRP Federal Credit Union says the personal information of 240,000 was stolen in a recent cyberattack claimed by a ransomware gang. The post SRP Federal Credit Union Ransomware Attack Impacts 240,000 appeared first on SecurityWeek .SECURITYWEEK.COM
16 DecNoviSpy Spyware Installed on Journalist's Phone After Unlocking It With Cellebrite ToolA Serbian journalist had his phone first unlocked by a Cellebrite tool and subsequently compromised by a previously undocumented spyware codenamed NoviSpy, according to a new report published by Amnesty International. "NoviSpy allows for capturing sensitive personal data from a t…THEHACKERNEWS.COM
16 DecMajor Auto Parts Firm LKQ Hit by CyberattackLKQ, a major provider of auto parts, told the SEC that a recent cyberattack caused disruptions at a Canadian business unit. The post Major Auto Parts Firm LKQ Hit by Cyberattack appeared first on SecurityWeek .SECURITYWEEK.COM
16 DecHopamedia - 23,835,870 breached accountsIn 2024, data relating to an unknown service referred to as "Hopamedia" and dating back to 2020 appeared in a publicly exposed database . The data included almost 24M records of email address, name, phone number, the country of the individual and their telecommunication…HAVEIBEENPWNED.COM
16 DecRhode Island confirms data breach after Brain Cipher ransomware attackRhode Island is warning that its RIBridges system, managed by Deloitte, suffered a data breach exposing residents' personal information after the Brain Cipher ransomware gang hacked its systems. [...]BLEEPINGCOMPUTER.COM
16 DecCoinLurker: The Stealer Powering the Next Generation of Fake Updatessubmitted by Joker to cybersecurity 1 points | 0 comments https://blog.morphisec.com/coinlurker-the-stealer-powering-the-next-generation-of-fake-updates The evolution of fake update campaigns has advanced significantly with the emergence of CoinLurker, a sophisticated stealer des…INFOSEC.PUB
16 DecSecurity ProbLLMs in xAI's Grok: A Deep Divesubmitted by Joker to cybersecurity 2 points | 0 comments https://embracethered.com/blog/posts/2024/security-probllms-in-xai-grok/ This post examines Grok’s vulnerabilities against modern LLM application security threats, including prompt injection, data exfiltration, conditional…INFOSEC.PUB
🕵️ THREAT INTELLIGENCE 20[−]
16 DecISC Stormcast For Monday, December 16th, 2024 https://isc.sans.edu/podcastdetail/9256, (Mon, Dec 16th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
16 DecGermany Disrupts BADBOX Malware on 30,000 Devices Using Sinkhole Actionsubmitted by kid to cybersecurity 2 points | 0 comments https://thehackernews.com/2024/12/germany-disrupts-badbox-malware-on.htmlSH.ITJUST.WORKS
16 DecOver 300,000 Prometheus Servers Vulnerable to DoS Attackssubmitted by kid to cybersecurity 2 points | 0 comments https://gbhackers.com/prometheus-dos-risk/SH.ITJUST.WORKS
16 DecWith 'TPUXtract,' Attackers Can Steal Orgs' AI Modelssubmitted by kid to cybersecurity 1 points | 0 comments https://www.darkreading.com/vulnerabilities-threats/tpuxtract-attackers-steal-ai-modelsSH.ITJUST.WORKS
16 DecCitrix shares mitigations for ongoing Netscaler password spray attackssubmitted by kid to cybersecurity 2 points | 0 comments https://www.bleepingcomputer.com/news/security/citrix-shares-mitigations-for-ongoing-netscaler-password-spray-attacks/SH.ITJUST.WORKS
16 DecVishing via Microsoft Teams Facilitates DarkGate Malware Intrusionsubmitted by kid to cybersecurity 1 points | 0 comments https://www.trendmicro.com/en_us/research/24/l/darkgate-malware.htmlSH.ITJUST.WORKS
16 DecResearchers Discover Malware Used by Nation-Sates to Attack OT Systemssubmitted by kid to cybersecurity 1 points | 0 comments https://www.infosecurity-magazine.com/news/malware-nation-sate-industrial/SH.ITJUST.WORKS
16 Dec390,000 WordPress accounts stolen from hackers in supply chain attacksubmitted by kid to cybersecurity 2 points | 0 comments https://www.bleepingcomputer.com/news/security/390-000-wordpress-accounts-stolen-from-hackers-in-supply-chain-attack/SH.ITJUST.WORKS
16 DecCanadian Eyecare Firm Care1 Exposes 2.2TB of Patient Recordssubmitted by kid to cybersecurity 3 points | 0 comments https://hackread.com/canadian-eyecare-firm-care1-exposes-patient-records/SH.ITJUST.WORKS
16 DecShort-Lived Certificates Coming to Let’s EncryptStarting next year : Our longstanding offering won’t fundamentally change next year, but we are going to introduce a new offering that’s a big shift from anything we’ve done before—short-lived certificates. Specifically, certificates with a lifetime of six…SCHNEIER.COM
16 DecHackers Abuse Google Ads To Attacking Graphic Design ProfessionalsResearchers identified a threat actor leveraging Google Search ads to target graphic design professionals, as the actor has launched at least 10 malvertising campaigns hosted on two specific IP addresses: 185.11.61[.]243 and 185.147.124[.]110, where these malicious ads, when clic…GBHACKERS.COM
16 DecKeepit Raises $50 Million for SaaS Data Protection SolutionDenmark-based data protection company Keepit has raised $50 million, which brings the total investment to $90 million. The post Keepit Raises $50 Million for SaaS Data Protection Solution appeared first on SecurityWeek .SECURITYWEEK.COM
16 DecWhy AI Adoption Stalls: Data, Talent and Strategy GapsBrett Barton of Unisys on Bridging the AI Readiness Gap for Competitive Advantage More than 93% of organizations believe AI will be a permanent part of their strategies but only 30% say their current adoption levels give them a competitive edge. This gap stems from data, talent a…DATABREACHTODAY.CO.UK
16 DecMalicious ad distributes SocGholish malware to Kaiser Permanente employeessubmitted by Joker to cybersecurity 1 points | 0 comments https://www.malwarebytes.com/blog/news/2024/12/malicious-ad-distributes-socgholish-malware-to-kaiser-permanente-employeesINFOSEC.PUB
16 DecMentorship Monday - Discussions for career and learning!submitted by shellsharks to cybersecurity 3 points | 0 comments Weekly thread for any and all career, learning and general guidance questions. Thinking of taking a training or going for a cert? Wondering how to level up your career? Wondering what NOT to do? Got other questions? …INFOSEC.PUB
16 DecCitrix Warns of Password Spraying Attacks Targeting NetScaler AppliancesCitrix issues warning on password spraying attacks targeting NetScaler and NetScaler Gateway appliances deployed by organizations worldwide. The post Citrix Warns of Password Spraying Attacks Targeting NetScaler Appliances appeared first on SecurityWeek .SECURITYWEEK.COM
16 DecDeceptionAds Delivers 1M+ Daily Impressions via 3,000 Sites, Fake CAPTCHA PagesCybersecurity researchers have shed light on a previously undocumented aspect associated with ClickFix-style attacks that hinge on taking advantage of a single ad network service as part of a malvertising-driven information stealer campaign dubbed DeceptionAds. "Entirely reliant …THEHACKERNEWS.COM
16 DecThe Rise of AI-Generated Professional HeadshotsIt’s clear that a person’s reputation is increasingly influenced by their online presence, which spans platforms like LinkedIn, corporate websites, and various professional networks. In today’s digital age, having a quality photograph is essential rather than optional. In the pas…GBHACKERS.COM
16 DecBlackBerry Sells Cylance to Arctic Wolf for $160 Million After Buying It for $1.4 BillionSecurity operations firm Arctic Wolf has acquired Cylance from BlackBerry for $160 million in cash and 5.5 million common shares. The post BlackBerry Sells Cylance to Arctic Wolf for $160 Million After Buying It for $1.4 Billion appeared first on SecurityWeek .SECURITYWEEK.COM
16 DecAgile Business, agile security: How AI and Zero Trust work togetherWe recently published a new whitepaper that examines the security challenges and opportunities from generative AI. The post Agile Business, agile security: How AI and Zero Trust work together appeared first on Microsoft Security Blog .MICROSOFT.COM
🌐 CYBER THREAT LANDSCAPE 4[−]
16 DecSerbian police used Cellebrite to unlock, then plant spyware, on a journalist’s phoneAmnesty said it found NoviSpy, an Android spyware linked to Serbian intelligence, on the phones of several members of Serbian civil society following police stops. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
16 DecIsraeli spyware maker Paragon bought by U.S. private equity giantThe company's spyware, dubbed Graphite, is capable of hacking phones and stealing private communications. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
16 DecESET Threat Report H2 2024: Key findingsESET Chief Security Evangelist Tony Anscombe looks at some of the report's standout findings and their implications for staying secure in 2025WELIVESECURITY.COM
16 DecESET Threat Report H2 2024A view of the H2 2024 threat landscape as seen by ESET telemetry and from the perspective of ESET threat detection and research expertsWELIVESECURITY.COM
📡 INFOSEC NEWS 8[−]
16 DecNew Investment Scam Leverages AI, Social Media Ads to Target Victims WorldwideCybersecurity researchers are calling attention to a new kind of investment scam that leverages a combination of social media malvertising, company-branded posts, and artificial intelligence (AI) powered video testimonials featuring famous personalities, ultimately leading to fin…THEHACKERNEWS.COM
16 DecIndustry Moves for the week of December 16, 2024 - SecurityWeekExplore industry moves and significant changes in the industry for the week of December 16, 2024. Stay updated with the latest industry trends and shifts.SECURITYWEEK.COM
16 DecHow Hackers Use Holiday Bonuses to Fool Employees!Think twice before you click! Hackers are getting smarter, using fake CEO emails to send "holiday bonus" links that steal your information. 🚨 Learn how to protect yourself with smart protocols and tools that block phishing attacks. Don’t let your team fall victim this season! Sta…YOUTUBE.COM
16 DecLive Webinar Tomorrow | Unlocking the Power of Automation in Modern Cyber DefenseDATABREACHTODAY.CO.UK
16 DecBlackBerry sells Cylance for $160M, a fraction of the $1.4B it paid in 2018Arctic Wolf has acquired Cylance, BlackBerry’s beleaguered cybersecurity business, for $160 million — a significant write-down from the $1.4 billion BlackBerry paid to acquire the company in 2018. Under the terms of the deal, which is expected to close in BlackBerry’s…TECHCRUNCH.COM
16 DecParents, STOP Trusting Social Media for This!Parents often believe that social media platforms are designed to protect their children—but is that really the case? 🚨 In this short video, we uncover the harsh truth about how social media companies prioritize profits over child safety. From false security measures to shocking …YOUTUBE.COM
16 DecCalled your doctor after-hours? ConnectOnCall hackers may have stolen your medical dataThe hackers stole names, phone numbers, dates of birth and information related to health conditions, treatments and prescriptions. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM