71Articles
9Categories
2024-12-19Date
🚨 CISA KEV 1[−]
19 Dec KEVCISA Adds One Known Exploited Vulnerability to CatalogCISA has added one new vulnerability to its  Known Exploited Vulnerabilities Catalog , based on evidence of active exploitation. CVE-2024-12356  BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) Command Injection Vulnerability These types of vulnerabili…CISA.GOV
🐛 COMMON VULNERABILITIES AND EXPOSURES 5[−]
19 DecFortinet Warns of Critical FortiWLM Flaw That Could Lead to Admin Access ExploitsFortinet has issued an advisory for a now-patched critical security flaw impacting Wireless LAN Manager (FortiWLM) that could lead to disclosure of sensitive information. The vulnerability, tracked as CVE-2023-34990, carries a CVSS score of 9.6 out of a maximum of 10.0. It was or…THEHACKERNEWS.COM
19 DecChromium: CVE-2024-12692 Type Confusion in V8This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
19 DecChromium: CVE-2024-12695 Out of bounds write in V8This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
19 DecChromium: CVE-2024-12693 Out of bounds memory access in V8This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
19 DecChromium: CVE-2024-12694 Use after free in CompositingThis CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see [Google Chrome Releases](https://chromereleases.googleblog.com/2024) for more information.MSRC.MICROSOFT.COM
⚠️ VULNERABILITY DISCLOSURE 19[−]
19 DecMultiple Vulnerabilities in Sophos Firewall Could Allow for Remote Code ExecutionMultiple Vulnerabilities have been discovered in Sophos Firewall, the most severe of which could allow for remote code execution. Sophos Firewall is a network security solution. Successful exploitation of the most severe of these vulnerabilities could allow for unauthorized acces…CISECURITY.ORG
19 DecWeb Hacking Service ‘Araneida’ Tied to Turkish IT FirmCybercriminals are selling hundreds of thousands of credential sets stolen with the help of a cracked version of Acunetix, a powerful commercial web app vulnerability scanner, new research finds. The cracked software is being resold as a cloud-based attack tool by at least two di…KREBSONSECURITY.COM
19 DecUAC-0125 Abuses Cloudflare Workers to Distribute Malware Disguised as Army+ AppThe Computer Emergency Response Team of Ukraine (CERT-UA) has disclosed that a threat actor it tracks as UAC-0125 is leveraging Cloudflare Workers service to trick military personnel in the country into downloading malware disguised as Army+, a mobile app that was introduced by t…THEHACKERNEWS.COM
19 DecNIST’s International Cybersecurity and Privacy Engagement Update – New TranslationsAs the year comes to a close, NIST continues to engage with our international partners to strengthen cybersecurity, including sharing over ten new international translations in over six languages as resources for our stakeholders around the world. These efforts were complemented …NIST.GOV
19 DecCommand Injection Exploit For PHPUnit before 4.8.28 and 5.x before 5.6.3 [Guest Diary], (Tue, Dec 17th)[This is a Guest Diary by Sahil Shaikh, an ISC intern as part of the SANS.edu BACS program] ISC.SANS.EDU
19 DecCISA Releases Eight Industrial Control Systems AdvisoriesCISA released eight Industrial Control Systems (ICS) advisories on December 19, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-354-01 Hitachi Energy RTU500 series CMU ICSA-24-354-02 Hitachi E…CISA.GOV
19 DecMalicious Supply Chain Attacking Moving From npm Community To VSCode MarketplaceResearchers have identified a rise in malicious activity on the VSCode Marketplace, highlighting the vulnerability of the platform to supply chain attacks similar to those previously seen in the npm community. Malicious actors are increasingly exploiting npm packages to distribut…GBHACKERS.COM
19 DecYoung Living Essential Oils - 1,128,951 breached accountsIn December 2024, data claimed to be breached from the multi-level marketing company Young Living Essential Oils was posted to a popular hacking forum . The data contained 1.1M unique email addresses alongside names, the country of the account and in many cases, their date of bir…HAVEIBEENPWNED.COM
19 DecFrom reactive to proactive: Redefining incident response with unified, cloud-native XDRIn today’s rapidly evolving threat landscape, cybersecurity is a constant game of cat and mouse. The average security operations center (SOC) team receives 4,484 alerts every day and can spend up to 3 hours manually triaging to understand which signals represent a genuine threat …CSOONLINE.COM
19 DecUS eyes ban on TP-Link routers amid cybersecurity concernsThe US government is investigating TP-Link, a Chinese company that supplies about 65% of routers for American homes and small businesses, amid concerns about national security risks. Reports suggest these routers have vulnerabilities that cybercriminals exploit to compromise sens…CSOONLINE.COM
19 DecSo entgiften Sie Ihre SicherheitskulturLassen Sie toxische Kulturen nicht gedeihen. ON-Photography Germany | shutterstock.com Eine positive Cybersecurity-Kultur trägt zur allgemeinen Awareness bei, ist Best Practices förderlich und kann die interne Zusammenarbeit stärken. Auf der anderen Seite sorgt eine vergiftete Si…CSOONLINE.COM
19 DecTop security solutions being piloted today — and how to do it rightAsk almost any CISO and they will tell you the security landscape just keeps getting more complex. New products arise, technology categories blur, vendors gobble up competitors or venture into adjacent markets, and every once in a while a seismic advance like generative AI comes …CSOONLINE.COM
19 DecDie 10 häufigsten LLM-SchwachstellenDiese Schwachstellen sollten Sie kennen, damit Ihnen Ihr Large Language Model nicht um die Ohren fliegt. VectorMine | shutterstock.com Das Open Worldwide Application Security Project (OWASP) hat seine Top Ten der kritischsten Schwachstellen bei Large Language Models ( LLMs ) aktu…CSOONLINE.COM
19 DecSehr geehrter CEO,Mit einem offenen Brief appelliert CISO-Veteran Tyler Farrar an die CEOs dieser Welt. fizkes | shutterstock.com Nie stand mehr auf dem Spiel. Jede Woche machen neue Cybersicherheitsvorfälle Schlagzeilen, kosten Millionen, fügen der Reputation von Unternehmen irreparablen Schaden …CSOONLINE.COM
19 DecEuropean authorities say AI can use personal data without consent for trainingThe European Data Protection Board (EDPB) issued a wide-ranging report on Wednesday exploring the many complexities and intricacies of modern AI model development. It said that it was open to potentially allowing personal data, without owner’s consent, to train models, as long as…CSOONLINE.COM
19 DecBlack Friday chaos: The return of Gozi malwareOn November 29th, 2024, Black Friday, shoppers flooded online stores to grab the best deals of the year. But while consumers were busy filling their carts, cyber criminals were also seizing the opportunity to exploit the shopping frenzy. Our system detected a significant surge in…SECURITYINTELLIGENCE.COM
19 DecWhen Public Payphones Become Smart Phones - Inbar Raz - PSW #855If you've ever wondered how attackers could go after payphones that are "smart" we got you covered! Inbar has done some amazing research and is here to tell us all about it! Segment Resources: https://www.retro.unarmedsecurity.net/post/%D7%9E%D7%A1%D7%AA%D7%91%D7%A8-%D7%A9%D7%92%…YOUTUBE.COM
19 DecI’m Lovin’ It: Exploiting McDonald’s APIs to hijack deliveries and order food for a pennysubmitted by Joker to cybersecurity 93 points | 3 comments https://eaton-works.com/2024/12/19/mcdelivery-india-hack/ Key Points / Summary > API flaws in the McDonald’s McDelivery system in India, one of the world’s most popular food delivery apps, enabled a variety of fun expl…INFOSEC.PUB
19 DecBeyondTrust Patches Critical Vulnerability Discovered During Security Incident Probesubmitted by kid to cybersecurity 12 points | 0 comments https://www.securityweek.com/beyondtrust-patches-critical-vulnerability-discovered-during-security-incident-probe/SH.ITJUST.WORKS
📢 SECURITY ADVISORIES 8[−]
19 DecFrom Naturalization to Cyber Advocacy: CISA Region 3’s Chris Ramos Inspires New U.S. CitizensIn a poignant and impactful moment at a recent USCIS naturalization ceremony, CISA Region 3’s Cybersecurity Coordinator, Chris Ramos, shared heartfelt words and critical cybersecurity guidance with nearly one hundred newly sworn American citizens.CISA.GOV
19 DecCISA Releases Mobile Security Guidance After Chinese Telecom HackingIn light of recent Chinese hacking into US telecom infrastructure, CISA has released guidance on protecting mobile communications. The post CISA Releases Mobile Security Guidance After Chinese Telecom Hacking appeared first on SecurityWeek .SECURITYWEEK.COM
19 DecJuniper Warns of Mirai Botnet Targeting SSR Devices with Default PasswordsJuniper Networks is warning that Session Smart Router (SSR) products with default passwords are being targeted as part of a malicious campaign that deploys the Mirai botnet malware. The company said it's issuing the advisory after "several customers" reported anomalous behavior o…THEHACKERNEWS.COM
19 DecCISA Mandates Cloud Security for Federal Agencies by 2025 Under Binding Directive 25-01The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued Binding Operational Directive (BOD) 25-01, ordering federal civilian agencies to secure their cloud environments and abide by Secure Cloud Business Applications (SCuBA) secure configuration baselines. "Re…THEHACKERNEWS.COM
19 DecBitView - 63,127 breached accountsIn December 2024, the video sharing Community BitView suffered a data breach that exposed 63k customer records . Attributed to a backup taken by a previous administrator earlier in the year, the breach exposed email and IP addresses, bcrypt password hashes, usernames, bios, priva…HAVEIBEENPWNED.COM
19 DecCISA Releases Draft of National Cyber Incident Response Plansubmitted by kid to cybersecurity 15 points | 0 comments https://www.darkreading.com/cyberattacks-data-breaches/cisa-releases-draft-of-national-cyber-incident-response-planSH.ITJUST.WORKS
19 DecCISA Releases Best Practice Guidance for Mobile Communicationssubmitted by kid to cybersecurity 8 points | 3 comments https://www.cisa.gov/news-events/alerts/2024/12/18/cisa-releases-best-practice-guidance-mobile-communicationsSH.ITJUST.WORKS
19 DecNew Microsoft guidance for the CISA Zero Trust Maturity ModelNew Microsoft guidance is now available for United States government agencies and their industry partners to help implement Zero Trust strategies and meet CISA Zero Trust requirements. The post New Microsoft guidance for the CISA Zero Trust Maturity Model appeared first on Micros…MICROSOFT.COM
🔥 INCIDENT REPORTING 9[−]
19 DecUS government urges high-ranking officials to lock down mobile devices following telecom breachesThe move to urge Americans to use end-to-end encrypted apps comes as China-backed gangs are hacking into phone and internet giants. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
19 DecSmashing Security podcast #398: Fake CAPTCHAs, Harmageddon, and Krispy KremeThis week, we delve into the dark world of fake CAPTCHAs designed to hijack your computer. Plus, the AI safety clock is ticking down – is doomsday closer than we think? And to top it off, we uncover the sticky situation of Krispy Kreme facing a ransomware attack. All this and mor…GRAHAMCLULEY.COM
19 DecLW ROUNDTABLE:  Predictive analytics, full-stack visualization to solidify cyber defenses in 2025To wrap up our 2024 year-end roundtable, we turn our attention to new technologies and trends that are emerging to help bridge the gaps. Part four of our four-part series From cybersecurity skills shortages to the pressures of hybrid work, … (more…) The post LW ROUNDTABLE: …LASTWATCHDOG.COM
19 DecPython-Based NodeStealer Version Targets Facebook Ads ManagerIn this blog entry, Trend Micro’s Managed XDR team discuss their investigation into how the latest variant of NodeStealer is delivered through spear-phishing attacks, potentially leading to malware execution, data theft, and the exfiltration of sensitive information via Telegram.TRENDMICRO.COM
19 DecschenkYOU - 237,349 breached accountsIn September 2024, data from the online German gift store schenkYOU was put up for sale on a popular hacking forum . Obtained the month before, the data included 237k unique email addresses alongside names, dates of birth and salted SHA-256 password hashes. The standalone store w…HAVEIBEENPWNED.COM
19 Dec2024 roundup: Top data breach stories and industry trendsWith 2025 on the horizon, it’s important to reflect on the developments and various setbacks that happened in cybersecurity this past year. While there have been many improvements in security technologies and growing awareness of emerging cybersecurity threats, 2024 was als…SECURITYINTELLIGENCE.COM
19 DecThe Number One Threat - PSW #855XSS is the number one threat?, fix your bugs faster, hacking VoIP systems, AI and how it may help fuzzing, hacker gift guides, new DMA attacks, hacking InTune, Rhode Island gets hacked, OpenWrt supply chain issues, we are being spied on, Germans take down botnet, Bill and Larry a…YOUTUBE.COM
19 DecHackers LOVE When You Skip This Security Step!Think your cybersecurity measures are airtight? Hackers thrive on overlooked details, and skipping THIS step could cost your organization everything. From single sign-on to multi-factor authentication and password managers, we break down the critical identity security practices C…YOUTUBE.COM
19 DecBADBOX Botnet Hacked 74,000 Android Devices With Customizable Remote Codessubmitted by kid to cybersecurity 7 points | 0 comments https://gbhackers.com/badbox-botnet-hack/SH.ITJUST.WORKS
🕵️ THREAT INTELLIGENCE 18[−]
19 DecMailbox InsecurityIt turns out that all cluster mailboxes in the Denver area have the same master key. So if someone robs a postal carrier , they can open any mailbox. I get that a single master key makes the whole system easier, but it’s very fragile security.SCHNEIER.COM
19 DecHow to Implement Impactful Security Benchmarks for Software Development TeamsBenchmarking is all about taking back control – you’re measuring to gain complete awareness of your development teams’ security skills and practices. The post How to Implement Impactful Security Benchmarks for Software Development Teams appeared first on SecurityWeek .SECURITYWEEK.COM
19 DecUkrainian Raccoon Infostealer Operator Sentenced to Prison in USRaccoon Infostealer MaaS operator Mark Sokolovsky was sentenced to 60 months in prison in the US and agreed to pay over $910,000 in restitution. The post Ukrainian Raccoon Infostealer Operator Sentenced to Prison in US appeared first on SecurityWeek .SECURITYWEEK.COM
19 DecCisco to Acquire Threat Detection Company SnapAttackCisco has announced its intention to acquire threat detection company SnapAttack to boost Splunk security product capabilities. The post Cisco to Acquire Threat Detection Company SnapAttack appeared first on SecurityWeek .SECURITYWEEK.COM
19 DecThousands Download Malicious npm Libraries Impersonating Legitimate ToolsThreat actors have been observed uploading malicious typosquats of legitimate npm packages such as typescript-eslint and @types/node that have racked up thousands of downloads on the package registry. The counterfeit versions, named @typescript_eslinter/eslint and types-node, are…THEHACKERNEWS.COM
19 DecISC Stormcast For Thursday, December 19th, 2024 https://isc.sans.edu/podcastdetail/9262, (Thu, Dec 19th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
19 DecBeware Of Malicious SharePoint Notifications That Delivers Xloader MalwareThrough the use of XLoader and impersonating SharePoint notifications, researchers were able to identify a sophisticated malware delivery campaign.  A link that was disguised as a legitimate SharePoint notification was included in the emails that were sent out at the beginni…GBHACKERS.COM
19 DecNorth Korea-linked hackers accounted for 61% of all crypto stolen in 2024Alongside the rising adoption and value of crypto assets, theft is also on the rise. This year, the total value of cryptocurrency stolen surged 21%, reaching a substantial $2.2 billion. And according to a Chainalysis report released on Thursday, more than half of this amount was …TECHCRUNCH.COM
19 DecHow They Took Down a Crime Ring Using Stolen Laptops! 😲A tech genius helps a school district fight back against a wave of stolen laptops, leading to the discovery of a Russian crime ring! Using clever bait tactics and cutting-edge tracking software, they follow the trail across state lines, uncovering a shocking criminal network. But…YOUTUBE.COM
19 DecPython-Based NodeStealer Version Targets Facebook Ads Managersubmitted by Joker to cybersecurity 2 points | 0 comments https://www.trendmicro.com/en_us/research/24/l/python-based-nodestealer.htmlINFOSEC.PUB
19 DecBADBOX Botnet Is Backsubmitted by Joker to cybersecurity 6 points | 0 comments https://www.bitsight.com/blog/badbox-botnet-backINFOSEC.PUB
19 DecCERT-UA: Russia-linked UAC-0125 abuses Cloudflare Workers to target Ukrainian armysubmitted by kid to cybersecurity 17 points | 0 comments https://securityaffairs.com/172139/apt/cert-ua-warns-russia-uac-0125-abuses-cloudflare-workers.htmlSH.ITJUST.WORKS
19 DecFortinet warns of FortiWLM bug giving hackers admin privilegessubmitted by kid to cybersecurity 8 points | 0 comments https://www.bleepingcomputer.com/news/security/fortinet-warns-of-critical-fortiwlm-bug-giving-hackers-admin-privileges/SH.ITJUST.WORKS
19 DecJuniper Warns of Mirai Botnet Targeting SSR Devices with Default Passwordssubmitted by kid to cybersecurity 7 points | 0 comments https://thehackernews.com/2024/12/juniper-warns-of-mirai-botnet-targeting.htmlSH.ITJUST.WORKS
19 DecOkta Social Engineering Impersonation Report - Response and Recommendationsubmitted by kid to cybersecurity 6 points | 0 comments https://sec.okta.com/articles/2024/okta-social-engineering-report-response-and-recommendationSH.ITJUST.WORKS
19 DecThousands of users in Europe getting malicious emails with DocuSign-enabled PDFssubmitted by kid to cybersecurity 13 points | 0 comments https://cybernews.com/security/malicious-emails-with-docusign-enabled-pdfs/SH.ITJUST.WORKS
19 DecUS considers banning TP-Link routers over cybersecurity riskssubmitted by kid to cybersecurity 53 points | 7 comments https://www.bleepingcomputer.com/news/security/us-considers-banning-tp-link-routers-over-cybersecurity-risks/SH.ITJUST.WORKS
19 DecEarth Koshchei Coopts Red Team Tools in Complex RDP Attackssubmitted by kid to cybersecurity 8 points | 0 comments https://www.trendmicro.com/en_us/research/24/l/earth-koshchei.htmlSH.ITJUST.WORKS
🌐 CYBER THREAT LANDSCAPE 3[−]
19 DecBadBox malware botnet infects 192,000 Android devices despite disruptionThe BadBox Android malware botnet has grown to over 192,000 infected devices worldwide despite a recent sinkhole operation that attempted to disrupt the operation in Germany. [...]BLEEPINGCOMPUTER.COM
19 DecAndroid malware found on Amazon Appstore disguised as health appA malicious Android spyware application named 'BMI CalculationVsn' was discovered on the Amazon Appstore, masquerading as a simple health tool but stealing data from infected devices in the background. [...]BLEEPINGCOMPUTER.COM
19 DecJuniper warns of Mirai botnet scanning for Session Smart routersJuniper Networks has warned customers of Mirai malware attacks scanning the Internet for Session Smart routers using default credentials. [...]BLEEPINGCOMPUTER.COM
🎙️ PODCASTS 1[−]
19 DecUnwrapping Christmas scams | Unlocked 403 cybersecurity podcast (ep. 9)ESET's Jake Moore reveals why the holiday season is a prime time for scams, how fraudsters prey on victims, and how AI is supercharging online fraudWELIVESECURITY.COM
📡 INFOSEC NEWS 7[−]
19 DecPhishing platform Rockstar 2FA trips, and “FlowerStorm” picks up the piecesA sudden disruption of a major phishing-as-a-service provider leads to the rise of another…that looks very familiarSOPHOS.COM
19 DecMicrosoft 365 users hit by random product deactivation errors​Microsoft is investigating a known issue randomly triggering "Product Deactivated" errors for customers using Microsoft 365 Office apps. [...]BLEEPINGCOMPUTER.COM
19 DecWindows 11 24H2 upgrades blocked on some PCs due to audio issuesMicrosoft has added another Windows 11 24H2 upgrade block for systems with Dirac audio improvement software due to compatibility issues breaking sound output. [...]BLEEPINGCOMPUTER.COM
19 DecDutch DPA Fines Netflix €4.75 Million for GDPR Violations Over Data TransparencyThe Dutch Data Protection Authority (DPA) on Wednesday fined video on-demand streaming service Netflix €4.75 million ($4.93 million) for not giving consumers enough information about how it used their data between 2018 and 2020. An investigation launched by the DPA in 2019 found …THEHACKERNEWS.COM
19 DecBugs in a major McDonald’s India delivery system exposed sensitive customer dataMcDonald's India exposed the personal information of customers and drivers due to security flaws impacting its APIs. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
19 DecFedRAMP ATO Boosts Zero Trust for Federal AgenciesTrend Vision One™ for Government has obtained a FedRAMP Authorization to Operate (ATO). This milestone enables Federal government customers to leverage Trend’s platform to rapidly stop adversaries and control their cybersecurity risk posture.TRENDMICRO.COM
19 DecThe best privacy services as a gift | Kaspersky official blogPrivacy-enhanced alternatives to Office, WhatsApp and Evernote for Christmas and New Year gifts.KASPERSKY.COM