68Articles
8Categories
2024-12-20Date
🚨 CISA KEV 1[−]
20 Dec KEVCISA Adds Critical Flaw in BeyondTrust Software to Exploited Vulnerabilities ListThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) products to the Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploi…THEHACKERNEWS.COM
🐛 COMMON VULNERABILITIES AND EXPOSURES 4[−]
20 DecHackers Exploiting Critical Fortinet EMS Vulnerability to Deploy Remote Access ToolsA now-patched critical security flaw impacting Fortinet FortiClient EMS is being exploited by malicious actors as part of a cyber campaign that installed remote desktop software such as AnyDesk and ScreenConnect.  The vulnerability in question is CVE-2023-48788 (CVSS score: …THEHACKERNEWS.COM
20 DecSiemens UMC Vulnerability Allows Arbitrary Remote Code ExecutionA critical vulnerability has been identified in Siemens’ User Management Component (UMC), which could allow unauthenticated remote attackers to execute arbitrary code. The flaw, designated CVE-2024-49775, is a heap-based buffer overflow vulnerability. Siemens has issued Sec…GBHACKERS.COM
20 Dec KEVCISA Warns of BeyondTrust Privileged Remote Access Exploited in Wild The Cybersecurity and Infrastructure Security Agency (CISA) has sounded the alarm over a critical vulnerability impacting BeyondTrust’s Privileged Remote Access (PRA) and Remote Support (RS) products. This newly uncovered flaw tracked as CVE-2024-12356, could allow attacker…GBHACKERS.COM
20 DecCISA Releases Eight New ICS Advisories to Defend Cyber Attacks The Cybersecurity and Infrastructure Security Agency (CISA) has issued eight detailed advisories on vulnerabilities affecting Industrial Control Systems (ICS). These vulnerabilities impact critical software and hardware across various industries, posing risks of service dis…GBHACKERS.COM
⚠️ VULNERABILITY DISCLOSURE 18[−]
20 DecSophos discloses critical Firewall remote code execution flawSophos has addressed three vulnerabilities in its Sophos Firewall product that could allow remote unauthenticated threat actors to perform SQL injection, remote code execution, and gain privileged SSH access to devices. [...]BLEEPINGCOMPUTER.COM
20 DecCISA Urges Immediate Patching of Exploited BeyondTrust VulnerabilityCISA is urging federal agencies to patch a recent critical vulnerability in BeyondTrust remote access products in one week. The post CISA Urges Immediate Patching of Exploited BeyondTrust Vulnerability appeared first on SecurityWeek .SECURITYWEEK.COM
20 Dec KEVSophos Issues Hotfixes for Critical Firewall Flaws: Update to Prevent ExploitationSophos has released hotfixes to address three security flaws in Sophos Firewall products that could be exploited to achieve remote code execution and allow privileged system access under certain conditions. Of the three, two are rated Critical in severity. There is currently no e…THEHACKERNEWS.COM
20 DecFortinet Releases Security Updates for FortiManagerFortinet released a security update to address a vulnerability in FortiManager. A remote cyber threat actor could exploit this vulnerability to take control of an affected system. Users and administrators are encouraged to review the following Fortinet Security Bulletin and apply…CISA.GOV
20 DecAttackers Abuse HubSpot’s Free Form Builder to Craft Phishing PagesA threat actor is abusing HubSpot’s Free Form Builder service to craft credential-harvesting phishing pages, according to Palo Alto Networks’ Unit 42.KNOWBE4.COM
20 DecJames Bond-Style Scamming Profits ExplodeThere is a type of scam where victims are contacted by someone fraudulently posing as a popular trusted entity (e.g., Amazon, U.S. Post Office, etc.), law enforcement, or an intelligence agency that initially claims to have evidence linking the victim to a global, spy-like scam.KNOWBE4.COM
20 DecFoxit PDF Editor Vulnerabilities Allows Remote Code ExecutionFoxit Software has issued critical security updates for its widely used PDF solutions, Foxit PDF Reader and Foxit PDF Editor. The updates—Foxit PDF Reader 2024.4 and Foxit PDF Editor 2024.4/13.1.5—were released on December 17, 2024, to counter vulnerabilities that could leave use…GBHACKERS.COM
20 DecWindows 11 Privilege Escalation Vulnerability Lets Attackers Execute Code to Gain AccessMicrosoft has swiftly addressed a critical security vulnerability affecting Windows 11 (version 23H2), which could allow local attackers to escalate privileges to the SYSTEM level. Security researcher Alex Birnberg showcased the exploit during the renowned TyphoonPWN 2024 cyberse…GBHACKERS.COM
20 DecWhy Apple sends spyware victims to this nonprofit security labCybersecurity experts, who work with human rights defenders and journalists, agree that Apple is doing the right thing by sending notifications to victims of mercenary spyware — and at the same time refusing to forensically analyze the devices. © 2024 TechCrunch. All rights reser…TECHCRUNCH.COM
20 DecFrench Citizens - 28,445,106 breached accountsIn September 2024, over 90M rows of data on French Citizens was found left exposed in a publicly facing database . Compiled from various data breaches, the corpus contained 28M unique email addresses with the various source breaches each exposing different fields including name, …HAVEIBEENPWNED.COM
20 DecUS order is a reminder that cloud platforms aren’t secure out of the boxThis week’s binding directive to US government departments to implement secure configurations in cloud applications, starting with Microsoft 365 (M365), is a reminder to all CISOs that cloud platforms, even from major providers, aren’t completely secure out of the box. “Cloud stu…CSOONLINE.COM
20 DecEnhance Microsoft security by ditching your hybrid setup for Entra-only joinArtificial intelligence is top of mind for nearly everything Microsoft is doing these days, but there’s another goal the company would like to see its users strive to attain — one that may not be easily obtained — and that’s to be Entra-joined only. That means no more Active Dire…CSOONLINE.COM
20 DecDie 10 besten API-Security-ToolsMithilfe von APIs können verschiedene Software-Komponenten und -Ressourcen miteinander interagieren. Foto: eamesBot – shutterstock.com Anwendungsprogrammierschnittstellen (Application Programming Interfaces, APIs) sind zu einem wichtigen Bestandteil von Netzwerken, Programmen, An…CSOONLINE.COM
20 DecSolana's Web3.js Library Was Backdoored! Here's How 🚨Solana's Web3.js library was found to be backdoored, creating shockwaves in the crypto space! 🚨 Discover how vulnerabilities are exploited and why this isn't just a coding issue—it’s a high-stakes game in Web3 security. Learn about bespoke vulnerabilities, creative exploits, and …YOUTUBE.COM
20 DecD3FEND 1.0: A Milestone in Cyber Ontology - Peter Kaloroumakis - ESW #388Since D3FEND was founded to fill a gap created by the MITRE ATT&CK Matrix, it has come a long way. We discuss the details of the 1.0 release of D3FEND with Peter in this episode, along with some of the new tools they've built to go along with this milestone. To use MITRE's ow…YOUTUBE.COM
20 DecLazarus targets nuclear-related organization with new malwaresubmitted by Joker to cybersecurity 9 points | 0 comments https://securelist.com/lazarus-new-malware/115059/ Over the past few years, the Lazarus group has been distributing its malicious software by exploiting fake job opportunities targeting employees in various industries, inc…INFOSEC.PUB
20 DecFoxit PDF Editor Vulnerabilities Allows Remote Code Executionsubmitted by kid to cybersecurity 37 points | 3 comments https://gbhackers.com/foxit-pdf-editor-vulnerability/SH.ITJUST.WORKS
20 DecSophos Issues Hotfixes for Critical Firewall Flaws: Update to Prevent Exploitationsubmitted by kid to cybersecurity 6 points | 0 comments https://thehackernews.com/2024/12/sophos-fixes-3-critical-firewall-flaws.htmlSH.ITJUST.WORKS
📢 SECURITY ADVISORIES 2[−]
20 DecRussia fires its biggest cyberweapon against UkraineUkraine has faced one of the most severe cyberattacks in recent history, targeting its state registries and temporarily disrupting access to critical government records. Ukrainian Deputy Prime Minister Olga Stefanishyna attributed the attack to Russian operatives, describing it a…CSOONLINE.COM
20 DecRisky Biz Soap Box: Cool compliance tricks with the Island enterprise browserIn this sponsored Soap Box edition of the show Patrick Gray talks to Island CEO Michael Fey about some of the cool tricks in the Island enterprise browser. You can use it to tick off so many compliance boxes, and not just cybersecurity boxes. This is largely a conversation about …RISKY.BIZ
🔥 INCIDENT REPORTING 18[−]
20 DecLast Pass Hack Impact Continues: Cyber Security Today for Friday, December 20, 2024Cybersecurity Today: LastPass Hack Fallout, TP-Link Router Ban, and Microsoft's Passwordless Future In our final daily news show of the season, host Jim Love covers key cybersecurity stories, including millions stolen from crypto wallets linked to the 2022 LastPass breach, potent…CYBERSECURITYTODAY.LIBSYN.COM
20 DecMalicious Rspack, Vant packages published using stolen NPM tokensThree popular npm packages, @rspack/core, @rspack/cli, and Vant, were compromised through stolen npm account tokens, allowing threat actors to publish malicious versions that installed cryptominers. [...]BLEEPINGCOMPUTER.COM
20 DecUS charges Russian-Israeli as suspected LockBit ransomware coderThe US Department of Justice has charged a Russian-Israeli dual-national for his suspected role in developing malware and managing the infrastructure for the notorious LockBit ransomware group. [...]BLEEPINGCOMPUTER.COM
20 DecKrispy Kreme breach, data theft claimed by Play ransomware gangThe Play ransomware gang has claimed responsibility for a cyberattack that impacted the business operations of the U.S. doughnut chain Krispy Kreme in November. [...]BLEEPINGCOMPUTER.COM
20 DecAscension: Health data of 5.6 million stolen in ransomware attack​Ascension, one of the largest private U.S. healthcare systems, is notifying nearly 5.6 million patients and employees that their personal and health data was stolen in a May cyberattack linked to the Black Basta ransomware operation. [...]BLEEPINGCOMPUTER.COM
20 DecRomanian Netwalker ransomware affiliate sentenced to 20 years in prison​Daniel Christian Hulea, a Romanian man charged for his involvement in NetWalker ransomware attacks, was sentenced to 20 years in prison after pleading guilty to computer fraud conspiracy and wire fraud conspiracy in June. [...]BLEEPINGCOMPUTER.COM
20 DecRansomware Group Claims Theft of Personal, Financial Data From Krispy KremeThe Play ransomware group claims to have stolen sensitive data from donut and coffee retail chain Krispy Kreme. The post Ransomware Group Claims Theft of Personal, Financial Data From Krispy Kreme appeared first on SecurityWeek .SECURITYWEEK.COM
20 DecAnother NetWalker Ransomware Affiliate Gets 20-Year Prison Sentence in USA second individual accused of being involved in NetWalker ransomware attacks, a Romanian national, has received a 20-year prison sentence. The post Another NetWalker Ransomware Affiliate Gets 20-Year Prison Sentence in US appeared first on SecurityWeek .SECURITYWEEK.COM
20 DecRspack npm Packages Compromised with Crypto Mining Malware in Supply Chain AttackThe developers of Rspack have revealed that two of their npm packages, @rspack/core and @rspack/cli, were compromised in a software supply chain attack that allowed a malicious actor to publish malicious versions to the official package registry with cryptocurrency mining malware…THEHACKERNEWS.COM
20 DecNetWalker Ransomware Operator Sentenced to 20 Years in PrisonA Romanian man has been sentenced to 20 years in prison for his involvement in the notorious NetWalker ransomware attacks. The sentencing, which took place in the Middle District of Florida, also included a forfeiture order of $21.5 million in illicit proceeds, as well as restitu…GBHACKERS.COM
20 DecNotLockBit – Previously Unknown Ransomware Attack Windows & macOSA new and advanced ransomware family, dubbed NotLockBit, has emerged as a significant threat in the cybersecurity landscape, closely mimicking the behavior and tactics of the notorious LockBit ransomware. NotLockBit notably distinguishes itself by being one of the first ransomwar…GBHACKERS.COM
20 DecThird member of LockBit ransomware gang has been arrestedLockBit is believed tobe responsible for at least $500 million in ransom payments alone. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
20 DecRansomware attack on health giant Ascension hits 5.6 million patientsThe cyberattack on Ascension ranks as the third-largest healthcare-related breach of 2024. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
20 DecHunting Hackers: Secrets of a ProEver wondered how cybersecurity experts catch criminals? 🕵️‍♂️ In this clip, Ken Westin shares insights from his DEF CON talks, including how he tracked cybercriminals and uncovered insider trading schemes. From white-collar crimes to the business of ransomware, discover the secr…YOUTUBE.COM
20 DecFinal fundings for 2024, Blackberry sells Cylance cheap, Product Testing Drama - ESW #388In the enterprise security news, 1. a final few fundings before the year closes out 2. Arctic Wolf buys Cylance from Blackberry for cheap, a sentence that feels very weird to say 3. the quiet HTTPS revolution 4. passkeys are REALLY catching on 5. resilience keeps showing up in th…YOUTUBE.COM
20 DecUnited States Charges Dual Russian and Israeli National as Developer of LockBit Ransomware Groupsubmitted by Joker to cybersecurity 14 points | 0 comments https://www.justice.gov/opa/pr/united-states-charges-dual-russian-and-israeli-national-developer-lockbit-ransomware-groupINFOSEC.PUB
20 DecRomanian National Sentenced to 20 Years in Prison in Connection with NetWalker Ransomware Attacks Resulting in the Payment of Millions of Dollars in Ransomssubmitted by Joker to cybersecurity 5 points | 0 comments https://www.justice.gov/opa/pr/romanian-national-sentenced-20-years-prison-connection-netwalker-ransomware-attacks A Romanian man was sentenced today for his role in the NetWalker ransomware attacks to 20 years in prison a…INFOSEC.PUB
20 DecRansomware Attackers Target Industries with Low Downtime Tolerancesubmitted by kid to cybersecurity 23 points | 0 comments https://www.infosecurity-magazine.com/news/ransomware-industries-downtime/SH.ITJUST.WORKS
🕵️ THREAT INTELLIGENCE 19[−]
20 DecFriday Squid Blogging: Squid StickerA sticker for your water bottle. Blog moderation policy.SCHNEIER.COM
20 DecIn Other News: McDonald’s API Hacking, Netflix Fine, Malware Kills ICS ProcessNoteworthy stories that might have slipped under the radar: McDonald’s API hacking, Netflix fined nearly $5 million in Netherlands, experimental malware killing ICS process. The post In Other News: McDonald’s API Hacking, Netflix Fine, Malware Kills ICS Process appeared fir…SECURITYWEEK.COM
20 DecBotnet of 190,000 BadBox-Infected Android Devices DiscoveredBitsight has discovered a BadBox botnet consisting of over 190,000 Android devices, mainly Yandex smart TVs and Hisense smartphones. The post Botnet of 190,000 BadBox-Infected Android Devices Discovered appeared first on SecurityWeek .SECURITYWEEK.COM
20 DecRockwell PowerMonitor Vulnerabilities Allow Remote Hacking of Industrial SystemsRockwell’s PowerMonitor is affected by critical vulnerabilities that can enable remote access to industrial systems for disruption or further attacks. The post Rockwell PowerMonitor Vulnerabilities Allow Remote Hacking of Industrial Systems appeared first on SecurityWeek .SECURITYWEEK.COM
20 DecLazarus Group Spotted Targeting Nuclear Engineers with CookiePlus MalwareThe Lazarus Group, an infamous threat actor linked to the Democratic People's Republic of Korea (DPRK), has been observed leveraging a "complex infection chain" targeting at least two employees belonging to an unnamed nuclear-related organization within the span of one month in J…THEHACKERNEWS.COM
20 DecChristmas "Gift" Delivered Through SSH, (Fri, Dec 20th)Christmas is at our doors and Attackers use the holiday season to deliver always more and more gifts into our mailboxes&#;x26;#;x21; I found this interesting file this morning: "christmas&#;x26;#;x5f;slab.pdf.lnk"&#;…ISC.SANS.EDU
20 DecISC Stormcast For Friday, December 20th, 2024 https://isc.sans.edu/podcastdetail/9264, (Fri, Dec 20th)(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.ISC.SANS.EDU
20 DecMobile Phishing Attacks Use New Tactic to Bypass Security MeasuresESET has published its threat report for the second half of 2024, outlining a new social engineering tactic targeting mobile banking users.KNOWBE4.COM
20 DecThreat Actors Selling Nunu Stealer On Hacker ForumsA new malware variant called Nunu Stealer is making headlines after being advertised on underground hacker forums and Telegram channels. Priced at $100 per month, this malicious tool is gaining attention for its extensive capabilities and potential to wreak havoc on ind…GBHACKERS.COM
20 DecHow to craft a comprehensive data cleanliness policyPracticing good data hygiene is critical for today’s businesses. With everything from operational efficiency to cybersecurity readiness relying on the integrity of stored data, having confidence in your organization’s data cleanliness policy is essential. But what doe…SECURITYINTELLIGENCE.COM
20 DecDysentery, TP-Link, Piracy, Calendar Scams, Tencent, TikTok, Aaran Leyland and More.. - SWN #439Dysentery, TP-Link, Piracy, Calendar Scams, Tencent, TikTok, Aaran Leyland, and More, on this edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-439YOUTUBE.COM
20 Dec2024 End-of-Year News and Wrapup - ESW #388As we wrap up the year, we have an honest discussion about how important security _really_ is to the business. We discuss some of Katie's predictions for AppSec in 2025, as well as "what sucks" in security! Visit https://www.securityweekly.com/esw for all the latest episodes! Sho…YOUTUBE.COM
20 DecKaspersky discovers C++ version of BellaCiao malwaresubmitted by Joker to cybersecurity 5 points | 1 comments https://securelist.com/bellacpp-cpp-version-of-bellaciao/115087/ Introduction > BellaCiao is a .NET-based malware family that adds a unique twist to an intrusion, combining the stealthy persistence of a webshell with th…INFOSEC.PUB
20 DecOff-Topic Fridaysubmitted by shellsharks to cybersecurity 5 points | 2 comments Wanna chat about something non-infosec amongst those of us who frequent /c/cybersecurity? Here’s your chance! (Keep things civil & respectful please)INFOSEC.PUB
20 DecDeobfuscation of Lumma Stealersubmitted by Joker to cybersecurity 4 points | 0 comments https://ryan-weil.github.io/posts/LUMMA-STEALER/INFOSEC.PUB
20 DecPython-Based NodeStealer Version Targets Facebook Ads Managersubmitted by kid to cybersecurity 9 points | 0 comments https://www.trendmicro.com/en_us/research/24/l/python-based-nodestealer.htmlSH.ITJUST.WORKS
20 DecLazarus targets nuclear-related organization with new malwaresubmitted by kid to cybersecurity 12 points | 0 comments https://securelist.com/lazarus-new-malware/115059/SH.ITJUST.WORKS
20 DecNew Malware Can Kill Engineering Processes in ICS Environmentssubmitted by kid to cybersecurity 8 points | 0 comments https://www.infosecurity-magazine.com/news/malware-engineering-ics/SH.ITJUST.WORKS
20 DecRising wave of cyber-attacks targeting YouTube content creatorssubmitted by kid to cybersecurity 18 points | 4 comments https://www.cybersecurity-insiders.com/rising-wave-of-cyber-attacks-targeting-youtube-content-creators/SH.ITJUST.WORKS
🎙️ PODCASTS 1[−]
20 DecESET Research Podcast: Telekopye, againTake a peek into the murky world of cybercrime where groups of scammers who go by the nickname of 'Neanderthals’ wield the Telekopye toolkit to ensnare unsuspecting victims they call 'Mammoths'WELIVESECURITY.COM
📡 INFOSEC NEWS 5[−]
20 DecGoogle Chrome uses AI to analyze pages in new scam detection featureGoogle is using artificial intelligence to power a new Chrome scam protection feature that analyzes brands and the intent of pages as you browse the web. [...]BLEEPINGCOMPUTER.COM
20 DecMassive live sports piracy ring with 812 million yearly visits taken offline​The Alliance for Creativity and Entertainment (ACE) has taken down one of the world's largest live sports streaming piracy rings, with over 821 million visits last year. [...]BLEEPINGCOMPUTER.COM
20 DecIndia’s Rapido exposed user and driver data through leaky website feedback formRapido restricted access to the exposed portal soon after TechCrunch contacted the company. © 2024 TechCrunch. All rights reserved. For personal use only.TECHCRUNCH.COM
20 DecHardware for SIEM systems | Kaspersky official blogWhat hardware is needed for security information and event management (SIEM) systems?KASPERSKY.COM
20 DecCerts vs Experience: What CISOs Really Want 👀Certifications are great, but are they enough? In this short, we explore why hands-on experience and home labs are the ultimate game-changers in cybersecurity hiring. CISOs aren’t just looking for certs—they want proof you’ve done the work! 💻🔥 Learn how experiential learning can …YOUTUBE.COM