38Articles
10Categories
2024-12-17Date
🚨 CISA KEV 1[−]
17 Dec KEVCISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its  Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2024-55956 Cleo Multiple Products Unauthenticated File Upload Vulnerability These types of vulnerabilities are frequent attack vectors for mal…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 1[−]
17 Dec KEVCISA and FBI Raise Alerts on Exploited Flaws and Expanding HiatusRAT CampaignThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added two security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation in the wild. The list of flaws is below - CVE-2024-20767 (CVSS score: 7.4) - Adobe Cold…THEHACKERNEWS.COM
⚠️ VULNERABILITY DISCLOSURE 8[−]
17 DecAttackers Exploit Microsoft Teams and AnyDesk to Deploy DarkGate MalwareA new social engineering campaign has leveraged Microsoft Teams as a way to facilitate the deployment of a known malware called DarkGate. "An attacker used social engineering via a Microsoft Teams call to impersonate a user's client and gain remote access to their system," Trend …THEHACKERNEWS.COM
17 DecHackers Exploit Webview2 to Deploy CoinLurker Malware and Evade Security DetectionBogus software update lures are being used by threat actors to deliver a new stealer malware called CoinLurker. "Written in Go, CoinLurker employs cutting-edge obfuscation and anti-analysis techniques, making it a highly effective tool in modern cyber attacks," Morphisec research…THEHACKERNEWS.COM
17 DecCISA Releases Five Industrial Control Systems AdvisoriesCISA released five Industrial Control Systems (ICS) advisories on December 17, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-352-01 ThreatQuotient ThreatQ Platform ICSA-24-352-02 Hitachi Ene…CISA.GOV
17 DecCISA and ONCD Release Playbook for Strengthening Cybersecurity in Federal Grant Programs for Critical InfrastructureToday, CISA and the Office of the National Cyber Director (ONCD) published Playbook for Strengthening Cybersecurity in Federal Grant Programs for Critical Infrastructure to assist grant-making agencies to incorporate cybersecurity into their grant programs and assist grant-recipi…CISA.GOV
17 DecDarkGate Malware Distributed Via Microsoft Teams Voice PhishingThreat actors are using voice phishing (vishing) attacks via Microsoft Teams in an attempt to trick victims into installing the DarkGate malware, according to researchers at Trend Micro.KNOWBE4.COM
17 DecLink Trap: GenAI Prompt Injection AttackPrompt injection exploits vulnerabilities in generative AI to manipulate its behavior, even without extensive permissions. This attack can expose sensitive data, making awareness and preventive measures essential. Learn how it works and how to stay protected.TRENDMICRO.COM
17 DecAnalyzing FLUX#CONSOLE: Using Tax-Themed Lures, Threat Actors Exploit Windows Management Console to Deliver Backdoor Payloadssubmitted by Joker to cybersecurity 3 points | 1 comments https://www.securonix.com/blog/analyzing-fluxconsole-using-tax-themed-lures-threat-actors-exploit-windows-management-console-to-deliver-backdoor-payloads/INFOSEC.PUB
17 DecThe Mamont banker masquerades as an app for tracking bulk purchasessubmitted by Joker to cybersecurity 5 points | 0 comments https://securelist.com/mamont-banker-disguised-as-parcel-tracking-app/115006/ In late October 2024, a new scheme for distributing a certain Android banking Trojan called “Mamont” was uncovered. The victim would receive an …INFOSEC.PUB
📋 SECURITY BULLETINS 1[−]
17 DecYear in Review 2024: The major headlines and moments from Sophos this yearFrom cyber attacks across the geopolitical landscapes, to product updates that help small businesses, Sophos was there in 2024.SOPHOS.COM
📢 SECURITY ADVISORIES 4[−]
17 DecPython Delivering AnyDesk Client as RAT, (Tue, Dec 17th)RATs or “Remote Access Tools” are very popular these days. From an attacker's point of view, it's a great way to search and exfiltrate interesting data but also to pivot internally in the network. Besides malicious RATs, they are leg…ISC.SANS.EDU
17 DecCISA Issues BOD 25-01, Implementing Secure Practices for Cloud ServicesToday, CISA issued Binding Operational Directive (BOD) 25-01, Implementing Secure Practices for Cloud Services to safeguard federal information and information systems. This Directive requires federal civilian agencies to identify specific cloud tenants, implement assessment tool…CISA.GOV
🔥 INCIDENT REPORTING 7[−]
17 DecEven Great Companies Get Breached — Find Out Why and How to Stop ItEven the best companies with the most advanced tools can still get hacked. It’s a frustrating reality: you’ve invested in the right solutions, trained your team, and strengthened your defenses. But breaches still happen. So, what’s going wrong? The truth is, that attackers are co…THEHACKERNEWS.COM
17 DecCritical Infrastructure Under Siege: 42% Spike in Ransomware Attacks on UtilitiesRansomware attacks targeting utilities have surged by 42% over the past year, with spear phishing playing a major role in 81% of cases, according to a ReliaQuest study spanning November 2023 to October 2024.KNOWBE4.COM
17 DecTexas medical school says hackers stole sensitive health data of 1.4 million individualsThe university's incident website blocks search engines from listing the site, making it more difficult for affected individuals to find the website in search results. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
17 DecLW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025Continuing our look back at 2024, part two of Last Watchdog’s year-ender roundtable turns its focus to emerging threats vs. evolving defense tactics. Part two of a four-part series The explosion of AI-driven phishing, insider threats, and business logic abuse … (more…) The …LASTWATCHDOG.COM
17 DecTesting the limits of generative AI: How red teaming exposes vulnerabilities in AI modelsWith generative artificial intelligence (gen AI) on the frontlines of information security, red teams play an essential role in identifying vulnerabilities that others can overlook. With the average cost of a data breach reaching an all-time high of $4.88 million in 2024, busines…SECURITYINTELLIGENCE.COM
17 DecHidden in Plain Sight: TA397’s New Attack Chain Delivers Espionage RATssubmitted by Joker to cybersecurity 13 points | 0 comments https://www.proofpoint.com/us/blog/threat-insight/hidden-plain-sight-ta397s-new-attack-chain-delivers-espionage-rats Key findings > - Proofpoint observed advanced persistent threat (APT) TA397 targeting a Turkish defen…INFOSEC.PUB
17 DecEarth Koshchei Coopts Red Team Tools in Complex RDP Attackssubmitted by Joker to cybersecurity 5 points | 0 comments https://www.trendmicro.com/en_us/research/24/l/earth-koshchei.html APT group Earth Koshchei, suspected to be sponsored by the SVR, executed a large-scale rogue RDP campaign using spear-phishing emails, red team tools, and …INFOSEC.PUB
🕵️ THREAT INTELLIGENCE 9[−]
17 DecHacking Digital License PlatesNot everything needs to be digital and “smart.” License plates, for example : Josep Rodriguez, a researcher at security firm IOActive, has revealed a technique to “jailbreak” digital license plates sold by Reviver, the leading vendor of those plates in the US with 65,…SCHNEIER.COM
17 DecBitter APT Targets Turkish Defense Sector with WmRAT and MiyaRAT MalwareA suspected South Asian cyber espionage threat group known as Bitter targeted a Turkish defense sector organization in November 2024 to deliver two C++-malware families tracked as WmRAT and MiyaRAT. "The attack chain used alternate data streams in a RAR archive to deliver a short…THEHACKERNEWS.COM
17 DecThe Mask APT Resurfaces with Sophisticated Multi-Platform Malware ArsenalA little-known cyber espionage actor known as The Mask has been linked to a new set of attacks targeting an unnamed organization in Latin America twice in 2019 and 2022. "The Mask APT is a legendary threat actor that has been performing highly sophisticated attacks since at least…THEHACKERNEWS.COM
17 DecISC Stormcast For Tuesday, December 17th, 2024 https://isc.sans.edu/podcastdetail/9258, (Tue, Dec 17th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
17 DecMicrosoft Defender for Cloud named a Leader in Frost Radar™ for CNAPP for the second year in a row!In the ever-evolving landscape of cloud security, Microsoft continues to assert its dominance with its comprehensive and innovative solutions. The Frost Radar™: Cloud-Native Application Protection Platforms, 2024 report underscores Microsoft’s leadership in both – the…TECHCOMMUNITY.MICROSOFT.COM
17 DecU.S. Justice Department Indicts Fake IT Workers From North KoreaThe U.S. Justice Department revealed indictments against 14 North Korean nationals for their involvement in a long-running scheme designed to pose as remote IT professionals.KNOWBE4.COM
17 DecEarth Koshchei Coopts Red Team Tools in Complex RDP AttacksAPT group Earth Koshchei, suspected to be sponsored by the SVR, executed a large-scale rogue RDP campaign using spear-phishing emails, red team tools, and sophisticated anonymization techniques to target high-profile sectors.TRENDMICRO.COM
17 DecFBI: Watch Out For HiatusRAT Actors Hitting Webcams, DVRssubmitted by Joker to cybersecurity 16 points | 0 comments https://www.vulnu.com/p/fbi-watch-out-for-hiatusrat-actors-hitting-webcams-dvrs On Monday, the FBI released a private industry notification warning that actors behind a remote access trojan, HiatusRAT, are targeting Chine…INFOSEC.PUB
🌐 CYBER THREAT LANDSCAPE 2[−]
17 DecHackers Use Microsoft MSC Files to Deploy Obfuscated Backdoor in Pakistan AttacksA new phishing campaign has been observed employing tax-themed lures to deliver a stealthy backdoor payload as part of attacks targeting Pakistan. Cybersecurity company Securonix, which is tracking the activity under the name FLUX#CONSOLE, said it likely starts with a phishing em…THEHACKERNEWS.COM
17 Dec5 Practical Techniques for Effective Cyber Threat HuntingAddressing cyber threats before they have a chance to strike or inflict serious damage is by far the best security approach any company can embrace. Achieving this takes a lot of research and proactive threat hunting. The problem here is that it is easy to get stuck in endless ar…THEHACKERNEWS.COM
🎙️ PODCASTS 1[−]
17 DecThe AI Fix #29: AI on OnlyFans, and the bot that wants to be a billionaireIn episode 29 of The AI Fix, an AI company makes the bold step of urging us to "stop hiring humans", Graham is wrong about GB AI, parents prepare their kids for the imminent Moxie-mageddon, Google releases Gemini 2.0, and a robot is found dead at work and nobody knows why. Graham…GRAHAMCLULEY.COM
📡 INFOSEC NEWS 4[−]
17 Dec2025 Cybersecurity Predictions“I never think of the future. It comes soon enough.”F5.COM
17 DecMamont banker under the guise of a tracking app | Kaspersky official blogMamont banker is distributed under the guise of an application for tracking the delivery of goods offered at wholesale prices.KASPERSKY.COM
17 Dec2025 Cybersecurity Predictions“I never think of the future. It comes soon enough.”F5.COM
17 Dec2025 Cybersecurity Predictions“I never think of the future. It comes soon enough.”F5.COM