matlock.ca // THREAT INTELLIGENCE — 2024-12-19

71Articles

9Categories

2024-12-19Date

🚨

CISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2024-12356 BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) Command Injection Vulnerability These types of vulnerabili…

KEVCISA.GOV — Thu, 19 Dec 24 1

🐛

Fortinet Warns of Critical FortiWLM Flaw That Could Lead to Admin Access Exploits

THEHACKERNEWS.COM — 19 Dec 2024

🐛

Chromium: CVE-2024-12692 Type Confusion in V8

MSRC.MICROSOFT.COM — 19 Dec 2024

🐛

Chromium: CVE-2024-12695 Out of bounds write in V8

MSRC.MICROSOFT.COM — 19 Dec 2024

🐛

Chromium: CVE-2024-12693 Out of bounds memory access in V8

MSRC.MICROSOFT.COM — 19 Dec 2024

🐛

Chromium: CVE-2024-12694 Use after free in Compositing

MSRC.MICROSOFT.COM — 19 Dec 2024

⚠️

Multiple Vulnerabilities in Sophos Firewall Could Allow for Remote Code Execution

CISECURITY.ORG — 19 Dec 2024

⚠️

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

KREBSONSECURITY.COM — 19 Dec 2024

⚠️

UAC-0125 Abuses Cloudflare Workers to Distribute Malware Disguised as Army+ App

THEHACKERNEWS.COM — 19 Dec 2024

⚠️

NIST’s International Cybersecurity and Privacy Engagement Update – New Translations

NIST.GOV — 19 Dec 2024

⚠️

Command Injection Exploit For PHPUnit before 4.8.28 and 5.x before 5.6.3 [Guest Diary], (Tue, Dec 17th)

ISC.SANS.EDU — 19 Dec 2024

⚠️

CISA Releases Eight Industrial Control Systems Advisories

CISA.GOV — Thu, 19 Dec 24 1

⚠️

Malicious Supply Chain Attacking Moving From npm Community To VSCode Marketplace

GBHACKERS.COM — 19 Dec 2024

⚠️

Young Living Essential Oils - 1,128,951 breached accounts

HAVEIBEENPWNED.COM — 19 Dec 2024

⚠️

From reactive to proactive: Redefining incident response with unified, cloud-native XDR

CSOONLINE.COM — 19 Dec 2024

⚠️

US eyes ban on TP-Link routers amid cybersecurity concerns

CSOONLINE.COM — 19 Dec 2024

⚠️

So entgiften Sie Ihre Sicherheitskultur

CSOONLINE.COM — 19 Dec 2024

⚠️

Top security solutions being piloted today — and how to do it right

CSOONLINE.COM — 19 Dec 2024

⚠️

Die 10 häufigsten LLM-Schwachstellen

CSOONLINE.COM — 19 Dec 2024

⚠️

Sehr geehrter CEO,

CSOONLINE.COM — 19 Dec 2024

⚠️

European authorities say AI can use personal data without consent for training

CSOONLINE.COM — 19 Dec 2024

⚠️

Black Friday chaos: The return of Gozi malware

SECURITYINTELLIGENCE.COM — 19 Dec 2024

⚠️

When Public Payphones Become Smart Phones - Inbar Raz - PSW #855

YOUTUBE.COM — 2024-12-19

⚠️

I’m Lovin’ It: Exploiting McDonald’s APIs to hijack deliveries and order food for a penny

INFOSEC.PUB — 19 Dec 2024

⚠️

BeyondTrust Patches Critical Vulnerability Discovered During Security Incident Probe

SH.ITJUST.WORKS — 19 Dec 2024

📢

From Naturalization to Cyber Advocacy: CISA Region 3’s Chris Ramos Inspires New U.S. Citizens

CISA.GOV — Thu, 19 Dec 24 1

📢

CISA Releases Mobile Security Guidance After Chinese Telecom Hacking

SECURITYWEEK.COM — 19 Dec 2024

📢

Juniper Warns of Mirai Botnet Targeting SSR Devices with Default Passwords

THEHACKERNEWS.COM — 19 Dec 2024

📢

CISA Mandates Cloud Security for Federal Agencies by 2025 Under Binding Directive 25-01

THEHACKERNEWS.COM — 19 Dec 2024

📢

BitView - 63,127 breached accounts

HAVEIBEENPWNED.COM — 19 Dec 2024

📢

CISA Releases Draft of National Cyber Incident Response Plan

SH.ITJUST.WORKS — 19 Dec 2024

📢

CISA Releases Best Practice Guidance for Mobile Communications

SH.ITJUST.WORKS — 19 Dec 2024

📢

New Microsoft guidance for the CISA Zero Trust Maturity Model

MICROSOFT.COM — 19 Dec 2024

🔥

US government urges high-ranking officials to lock down mobile devices following telecom breaches

TECHCRUNCH.COM — 19 Dec 2024

🔥

Smashing Security podcast #398: Fake CAPTCHAs, Harmageddon, and Krispy Kreme

GRAHAMCLULEY.COM — 19 Dec 2024

🔥

LW ROUNDTABLE: Predictive analytics, full-stack visualization to solidify cyber defenses in 2025

LASTWATCHDOG.COM — 19 Dec 2024

🔥

Python-Based NodeStealer Version Targets Facebook Ads Manager

TRENDMICRO.COM — 19 Dec 2024

🔥

schenkYOU - 237,349 breached accounts

HAVEIBEENPWNED.COM — 19 Dec 2024

🔥

2024 roundup: Top data breach stories and industry trends

SECURITYINTELLIGENCE.COM — 19 Dec 2024

🔥

The Number One Threat - PSW #855

YOUTUBE.COM — 2024-12-19

🔥

Hackers LOVE When You Skip This Security Step!

YOUTUBE.COM — 2024-12-19

🔥

BADBOX Botnet Hacked 74,000 Android Devices With Customizable Remote Codes

SH.ITJUST.WORKS — 19 Dec 2024

🕵️

Mailbox Insecurity

SCHNEIER.COM — 2024-12-19

🕵️

How to Implement Impactful Security Benchmarks for Software Development Teams

SECURITYWEEK.COM — 19 Dec 2024

🕵️

Ukrainian Raccoon Infostealer Operator Sentenced to Prison in US

SECURITYWEEK.COM — 19 Dec 2024

🕵️

Cisco to Acquire Threat Detection Company SnapAttack

SECURITYWEEK.COM — 19 Dec 2024

🕵️

Thousands Download Malicious npm Libraries Impersonating Legitimate Tools

THEHACKERNEWS.COM — 19 Dec 2024

🕵️

ISC Stormcast For Thursday, December 19th, 2024 https://isc.sans.edu/podcastdetail/9262, (Thu, Dec 19th)

ISC.SANS.EDU — 19 Dec 2024

🕵️

Beware Of Malicious SharePoint Notifications That Delivers Xloader Malware

GBHACKERS.COM — 19 Dec 2024

🕵️

North Korea-linked hackers accounted for 61% of all crypto stolen in 2024

TECHCRUNCH.COM — 19 Dec 2024

🕵️

How They Took Down a Crime Ring Using Stolen Laptops! 😲

YOUTUBE.COM — 2024-12-19

🕵️

Python-Based NodeStealer Version Targets Facebook Ads Manager

INFOSEC.PUB — 19 Dec 2024

🕵️

BADBOX Botnet Is Back

INFOSEC.PUB — 19 Dec 2024

🕵️

CERT-UA: Russia-linked UAC-0125 abuses Cloudflare Workers to target Ukrainian army

SH.ITJUST.WORKS — 19 Dec 2024

🕵️

Fortinet warns of FortiWLM bug giving hackers admin privileges

SH.ITJUST.WORKS — 19 Dec 2024

🕵️

Juniper Warns of Mirai Botnet Targeting SSR Devices with Default Passwords

SH.ITJUST.WORKS — 19 Dec 2024

🕵️

Okta Social Engineering Impersonation Report - Response and Recommendation

SH.ITJUST.WORKS — 19 Dec 2024

🕵️

Thousands of users in Europe getting malicious emails with DocuSign-enabled PDFs

SH.ITJUST.WORKS — 19 Dec 2024

🕵️

US considers banning TP-Link routers over cybersecurity risks

SH.ITJUST.WORKS — 19 Dec 2024

🕵️

Earth Koshchei Coopts Red Team Tools in Complex RDP Attacks

SH.ITJUST.WORKS — 19 Dec 2024

🌐

BadBox malware botnet infects 192,000 Android devices despite disruption

BLEEPINGCOMPUTER.COM — 19 Dec 2024

🌐

Android malware found on Amazon Appstore disguised as health app

BLEEPINGCOMPUTER.COM — 19 Dec 2024

🌐

Juniper warns of Mirai botnet scanning for Session Smart routers

BLEEPINGCOMPUTER.COM — 19 Dec 2024

🎙️

Unwrapping Christmas scams | Unlocked 403 cybersecurity podcast (ep. 9)

WELIVESECURITY.COM — 19 Dec 2024

📡

Phishing platform Rockstar 2FA trips, and “FlowerStorm” picks up the pieces

SOPHOS.COM — 19 Dec 2024

📡

Microsoft 365 users hit by random product deactivation errors

BLEEPINGCOMPUTER.COM — 19 Dec 2024

📡

Windows 11 24H2 upgrades blocked on some PCs due to audio issues

BLEEPINGCOMPUTER.COM — 19 Dec 2024

📡

Dutch DPA Fines Netflix €4.75 Million for GDPR Violations Over Data Transparency

THEHACKERNEWS.COM — 19 Dec 2024

📡

Bugs in a major McDonald’s India delivery system exposed sensitive customer data

TECHCRUNCH.COM — 19 Dec 2024

📡

FedRAMP ATO Boosts Zero Trust for Federal Agencies

TRENDMICRO.COM — 19 Dec 2024

📡

The best privacy services as a gift | Kaspersky official blog

KASPERSKY.COM — 19 Dec 2024