Infosecurity News
Cyber-Attacks on Ukraine Surge 123%, But Success Rates Plummet
Russia-backed cyber-attacks in Ukraine jumped 123% in the first half of 2023 – but were less critical than in 2022
The Record
CISA adds Owl Labs, Samsung, Realtek bugs to exploited vulnerability list
The Cybersecurity and Infrastructure Security Agency (CISA) added eight bugs on Monday and another on Tuesday to its list of known exploited vulnerabilities, requiring federal civilian agencies three weeks to patch the issues which affect products from MinIO, Samsung, Realtek, Zyxel, Laravel and Owl Labs.
The Record
Data brokers are selling US service members’ secrets, researchers find
Vast amounts of highly sensitive data on American military service members are up for sale by data brokers — with possible national security implications.
The Hacker News
Fresh Wave of Malicious npm Packages Threaten Kubernetes Configs and SSH Keys
Beware of npm imposters! 14 fraudulent packages found in the registry, posing as legit tools. They aim to steal your Kubernetes configs and SSH keys.
Cyber Security News
HackerGPT: A ChatGPT Empowered Penetration Testing Tool
HackerGPT is a ChatGPT-enabled penetrating testing tool that can help with network hacking, mobile hacking, different hacking tactic..
Cyber Security News
'Ransomed.Vc' Group Attacking Japanese Giants in New operations
This development comes hot on the heels of the recent data breach at Sony, which appears to be connected to the activities of Ransomed.vc.
Bleeping Computer
Microsoft: SysAid zero-day flaw exploited in Clop ransomware attacks
Threat actors are exploiting a zero-day vulnerability in the service management software SysAid to gain access to corporate servers for data theft and to deploy Clop ransomware.
SecurityWeek
Zero Day Summer: Microsoft Warns of Fresh New Software Exploits
Microsoft’s struggles with zero-day exploits rolled into a new month with a fresh Patch Tuesday warning about malware attacks in the wild.
SecurityWeek
California Law Restricting Companies' Use of Information From Kids Online Is Halted by Federal Judge
A federal judge has halted implementation of a California data collection law intended to protect the privacy of minors.
CSO
MGM ransomware attack costs $100 million, in busy month for breaches
MGM said cyberinsurance will cover the $100 million impact on operations, but meanwhile experts expect the ransomware trend to continue, fueled by nation-state actors.
CSO
Failure to verify OAuth tokens enables account takeover on websites
Report shows the importance of ensuring OAuth implementation is secure to protect against identity theft, financial fraud, and access to personal information.
CyberSecurity Dive
AWS kicks off cloud race to mandate MFA by default
The cloud giant will start requiring users with the highest level of privileges to use MFA starting in mid-2024. Google, in response, said it will mandate MFA for certain accounts this year.
CyberSecurity Dive
CISA urges use of memory safe code in software development
Unsafe programming languages, like C and C++, account for more than 70% of security vulnerabilities.
Bleeping Computer
New Marvin attack revives 25-year-old decryption flaw in RSA
A flaw related to the PKCS #1 v1.5 padding in SSL servers discovered in 1998 and believed to have been resolved still impacts several widely-used projects today.
The Record
Russian hackers target Ukrainian government systems involved in war crimes investigations
Russia is stepping up cyberattacks on Ukraine's law enforcement agencies in an effort to uncover what they know about war crimes committed by Russian soldiers in the country, according to Ukrainian cybersecurity officials.
The Hacker News
FBI Warns of Rising Trend of Dual Ransomware Attacks Targeting U.S. Companies
FBI Alert: Dual ransomware attacks are surging, targeting U.S. businesses with multiple variants.
The Record
Suspected China-based hackers target Middle Eastern telecom, Asian government
Hackers targeted a Middle Eastern telecom organization and an Asian government in a recent spying operation, according to a report published Thursday.
The Record
British government quietly sacks entire board of independent AI advisers
The U.K. has disbanded the Centre for Data Ethics and Innovation's (CDEI) advisory board as the government switches focus to a Frontier AI Taskforce prompted in part by the rise of ChatGPT.
CyberSecurity Dive
CISA furloughs will cut deep if government shuts down
The agency will have to operate with a skeleton staff, which will reduce assessments and other programs for underserved critical infrastructure sectors and private industry partners.
SecurityWeek
Cybersecurity M&A Roundup for First Half of October 2023
More than a dozen cybersecurity-related M&A deals were announced in the first half of October 2023.
The Record
UK logistics firm blames ransomware attack for insolvency, 730 redundancies
KNP Logistics was listed earlier this year by the Akira ransomware group.
Cyber Security News
Papercut Print Manager Flaw Let Attackers Perform Sophisticated Attacks
The PaperCutNG Mobility Print 1.0.3512 application has been identified to have a cross-site request forgery vulnerability that leads to sophisticated phishing attacks.
Infosecurity News
Spy Trojan SpyNote Unveiled in Attacks on Gamers
The findings are part of Kaspersky’s latest investigation, spanning from July 2022 to July 2023
Infosecurity News
Half of Small Businesses Hit by Cyber-Attack Over the Past Year
A new survey from accounting software provider Sage showed that most SMEs have developed a cybersecurity posture but struggle to keep up with the threats
The Hacker News
Qubitstrike Targets Jupyter Notebooks with Crypto Mining and Rootkit Campaign
A new cyber threat emerges! Discover how Qubitstrike, linked to Tunisia, targets Jupyter Notebooks for crypto mining and cloud breaches.
Ars Technica
Tired of shortages, OpenAI considers making its own AI chips
At an estimated 4 cents per ChatGPT query, OpenAI looks for cheaper AI chip solutions.
DarkReading
Critical, Unpatched Cisco Zero-Day Bug Is Under Active Exploit
No patch or workaround is currently available for the maximum severity flaw, which allows attackers to gain complete administrator privilege on affected devices remotely and without authentication.
SecurityWeek
Staying on Topic in an Off Topic World
Five tips for dealing with a person who keeps getting off-topic in order to keep your security program on track.
Computerworld
Are you looking forward to the new age of mobile app insecurity?
Every day, Apple’s online and physical stores handle thousands of inquiries that relate to issues with third-party products. Sideloading will make it worse.
SecurityWeek
Mozilla Warns of Fake Thunderbird Downloads Delivering Ransomware
Mozilla issues warning over fake Thunderbird downloads after a ransomware group was caught using this technique to deliver malware.
The Hacker News
The Fast Evolution of SaaS Security from 2020 to 2024 (Told Through Video)
SaaS Security breaches often stem from misconfigured settings. Learn how 'SaaS Security on Tap' video series tackles the key concepts.
The Record
North Korean ‘BlueNoroff’ group targeting financial institutions with macOS malware
BlueNoroff is believed to be affiliated with the notorious Lazarus hacking group and has targeted cryptocurrency exchanges, venture capital firms and banks with malware.
The Record
FBI warns energy sector of likely increase in targeting by Chinese, Russian hackers
An FBI industry alert obtained by Recorded Future News says organizations can expect continued foreign hacking attempts due to factors such as increased U.S. exports of liquefied natural gas, ongoing Western pressure on Russia’s energy supply and China’s reliance on oil imports.
The Hacker News
Researchers Unveil ToddyCat's New Set of Tools for Data Exfiltration
Kaspersky sheds light on hacking group ToddyCat's latest arsenal of tools. Designed for data theft, their tactics are more advanced than ever.
Cyber Security News
Hackers Shifting Towards Non-Executable .txt & .log Files to Deliver Malware
Recently, researchers have found an increasing number of malware samples that employ code from non-executable files (such as .txt, .log, etc.)
Infosecurity News
EU Cyber Resilience Act Could be Exploited for Surveillance, Experts W
The open letter, signed by 50 leading cybersecurity figures, urges the EU to reconsider its proposals around vulnerability disclosure requirements
The Record
Cisco looks to expand its ‘AI-enabled security’ with $28 billion Splunk deal
Analytics and security software company Splunk is being acquired by networking-equipment giant Cisco for an estimated $28 billion in a deal announced Thursday.
CyberSecurity Dive
SMBs seek cyber training, support as attack risk surges
A report from Sage indicates SMBs face considerable obstacles to preventing cyberattacks when compared to larger, higher resourced enterprises.
The Record
University of Michigan warns that personal information was leaked during cyberattack
Troves of sensitive personal information from students, applicants, employees and others were leaked during an August cyberattack, the university said.
Bleeping Computer
Google to bolster phishing and malware delivery defenses in 2024
Google will introduce new sender guidelines in February to bolster email security against phishing and malware delivery by mandating bulk senders to authenticate their emails and adhere to stricter spam thresholds
The Record
Palo Alto Networks to acquire Israeli enterprise browser security firm Talon
Cybersecurity firm Palo Alto Networks intends to acquire Talon Cyber Security, the company confirmed Monday, in what would be its second purchase of an Israeli startup in the last week.
CyberSecurity Dive
Cyber venture capital funding on pace to hit four-year low
VC activity in cybersecurity reflects a pragmatic period in an industry oversaturated with vendors, Crunchbase data shows.
Infosecurity News
New Ransomware Victims Surge by 47% with Gangs Targeting Small Busines
The Trend Micro report observed that small organizations are being increasingly targeted by ransomware gangs, including LockBit and BlackCat
Infosecurity News
Predator Spyware Linked to Madagascar’s Government Ahead of Election
Cybersecurity firm Sekoia has found new evidence that the Malagasy government has used Cytrox’s spyware ahead of the election
Ars Technica
GPUs from all major suppliers are vulnerable to new pixel-stealing attack
A previously unknown compression side channel in GPUs can expose images thought to be private.
Cyber Security News
Best Unified Network Security Solutions for Small Businesses
Best Unified Network Security Solutions for Small Businesses. 1. Perimeter 81, 2. Snort, 3. OSSEC, 4. Wireshark, 5. Burp Suite, 6. Splunk.
The Record
Large Michigan healthcare provider confirms ransomware attack
McLaren HealthCare says it recently detected suspicious activity on its computer network and immediately began an investigation.
SecurityWeek
Taiwan Probes Firms Suspected of Selling Chip Equipment to China’s Huawei Despite US Sanctions
Taiwan authorities are investigating Taiwan-based companies suspected of helping China’s Huawei to build semiconductor facilities
Cyber Security News
Wireshark 4.0.10 Released: What’s New!
Wireshark has been the most widely used open-source Network protocol analyzing tool for several purposes, including troubleshooting, analysis.
Computerworld
Critical updates for Microsoft Office and Visual Studio drive September's Patch Tuesday
Microsoft this week rolled out 59 updates with its Patch Tuesday update, including critical patches for Microsoft Office and Visual Studio.
The Hacker News
Citrix Devices Under Attack: NetScaler Flaw Exploited to Capture User Credentials
Hackers are exploiting the CVE-2023-3519 vulnerability in Citrix NetScaler devices for credential harvesting attacks.
DarkReading
Internet-Wide Zero-Day Bug Fuels Largest-Ever DDoS Event
Ongoing Rapid Reset DDoS flood attacks exposed organizations need to patch CVE-2023-44487 immediately to head off crippling outages and business disruption.
The Record
Dallas: Royal ransomware gang infiltrated networks weeks before striking
A post-mortem of the incident shows that over nearly a month hackers exfiltrated about 1.17 terabytes of data from the city of Dallas before deploying ransomware.
The Record
Clearing the informational fog in Israel and Gaza
The Click Here podcast team reports on wartime technological improvisations: An activist unexpectedly leads an effort to identify the missing and the dead. And an English teacher finds a way to connect mobile phones as infrastructure collapses.
Cyber Security News
Cloudflare Observed The Peak DDOS Attack of 201 Million HTTP Requests Per Second
DDoS (Distributed Denial of Service) attacks are extremely destructive and alarming since they flood a target's web services with overwhelming traffic.
Bleeping Computer
Cloudflare DDoS protections ironically bypassed using Cloudflare
Cloudflare's Firewall and DDoS prevention can be bypassed through a specific attack process that leverages logic flaws in cross-tenant security controls.
Cyber Security News
Fortinet FortiOS Flaw Let Attacker Execute Malicious JavaScript Code
A high-severity cross-site scripting (XSS) vulnerability tracked as (CVE-2023-29183) affecting several FortiOS and FortiProxy versions has been patched by Fortinet.
DarkReading
FBI: Crippling 'Dual Ransomware Attacks' on the Rise
Once they compromise an victim with an initial ransomware attack, threat actors are ready to deploy a secondary attack with a different strain, which could leave even more damage.
CyberSecurity Dive
FBI director urges private sector to work with the agency on cyber threats
Christopher Wray told attendees at Mandiant’s mWISE 2023 private sector assistance contributed to the success of several recent operations.
Bleeping Computer
Qualcomm says hackers exploit 3 zero-days in its GPU, DSP drivers
Qualcomm is warning of three zero-day vulnerabilities in its GPU and Compute DSP drivers that hackers are actively exploiting in attacks.
SecurityWeek
Cisco Devices Hacked via IOS XE Zero-Day Vulnerability
Cisco is warning customers that a new IOS XE zero-day vulnerability tracked as CVE-2023-20198 is being exploited to hack devices.
Cyber Security News
Top 10 Best Insider Risk Management Platforms - 2023
Best Insider Risk Management Platforms. 1. DoControl 2.ActivTrak 3. Elevate Platform 4. Splunk 5.Varonis 6.Forcepoint 7.Securonix 8. Observe It 9. Exabeam 10.LogRhythm
Bleeping Computer
National Student Clearinghouse data breach impacts 890 schools
U.S. educational nonprofit National Student Clearinghouse has disclosed a data breach affecting 890 schools using its services across the United States.
Bleeping Computer
Apple backports BLASTPASS zero-day fixes to older iPhones
Apple released security updates for older iPhones to fix a zero-day vulnerability tracked as CVE-2023-41064 that was actively exploited to infect iOS devices with NSO's Pegasus spyware.
DarkReading
Ragnar Locker Ransomware Boss Arrested in Paris
Cops track down ransomware developer and seize Ragnar Locker infrastructure and data-leak site, Europol says.
SecurityWeek
Researchers Discover Attempt to Infect Leading Egyptian Opposition Politician With Predator Spyware
Egyptian opposition politician Ahmed Altantawy was targeted with spyware after announcing a presidential bid, security researchers reported
Infosecurity News
Regulator Warns Breaches Can Cost Lives
ICO says handling of domestic abuse victims’ data must improve
Infosecurity News
CISA and NSA Publish Top 10 Misconfigurations
Data was compiled from real-world read and blue team engagements
Cyber Security News
iLeakage - New Attack Let Hackers Steal Emails, Passwords On Apple Safari
iLeakage is a JavaScript-based transient-execution attack that enables attackers to retrieve secret Safari data.
Cyber Security News
VMware Workspace Flaw Let Attacker Redirect User to Malicious Source
An open redirect vulnerability in the VMware Workspace ONE UEM console has been identified as CVE-2023-20886.
Infosecurity News
#mWISE: Why Zero Days Are Set for Highest Year on Record
Experts at the mWISE conference discussed who is behind the surge in zero-day exploits
Infosecurity News
Almost US 900 Schools Breached Via MOVEit
National Student Clearinghouse reveals more details of incident
SecurityWeek
Twistlock Founders Score Whopping $51M Seed Funding for Gutsy
Gutsy secures a whopping $51 million in seed-stage financing to apply process mining techniques to solve security governance problems.
SecurityWeek
Unpatched Vulnerabilities Expose Yifan Industrial Routers to Attacks
Industrial routers made by Chinese company Yifan are affected by several critical vulnerabilities that can expose organizations to attacks.
SecurityWeek
Sony Confirms Data Stolen in Two Recent Hacker Attacks
Sony shares information on the impact of two recent unrelated hacker attacks carried out by known ransomware groups.
The Record
Florida court pauses many proceedings following cyberattack
In a statement posted on its website, Florida’s First Judicial Circuit confirmed that “an information technology security event” was causing issues, prompting an investigation that is currently ongoing.
The Record
CISA working on updated National Cyber Incident Response Plan
The Cybersecurity and Infrastructure Security Agency (CISA) is working with industry stakeholders and government agencies on a new version of the National Cyber Incident Response Plan (NCIRP) — the framework that outlines the country’s response to significant cyber incidents.
Infosecurity News
Attacks on EMEA Financial Services Double in a Year
Region also experiences most DDoS events
SecurityWeek
Apple Patches 3 Zero-Days Likely Exploited by Spyware Vendor to Hack iPhones
Apple has patched 3 zero-day vulnerabilities that have likely been exploited by a spyware vendor to hack iPhones.
Bleeping Computer
Nigerian Police dismantle cybercrime recruitment, mentoring hub
The Nigerian Police Form has arrested six suspects and dismantled a mentoring hub linked to cybercrime activities, including business email compromise, romance, and investment scams.
Ars Technica
Purely AI-generated songs declared ineligible for Grammy Awards
"A work that contains no human authorship is not eligible in any categories."
The Record
War crimes tribunal says September cyberattack was act of espionage
The September attack came at a time of “broader and heightened security concerns for the Court,” including threats against several of its elected officials.
Infosecurity News
China Poised to Disrupt US Critical Infrastructure with Cyber-Attacks,
Microsoft’s annual digital defense report found a rise in Chinese state-affiliated groups attempting to infiltrate sectors like telecommunications
CyberSecurity Dive
Cisco’s big bet on Splunk accelerates market shifts
The AI-equipped SIEM and observability market isn’t Cisco’s for the taking, as opportunities abound for other vendors to claim share.
Latest Hacking News
Critical Security Flaw Found In JetBrains TeamCity
Researchers caught a serious security flaw in JetBrains TeamCity software that could allow unauthenticated code execution attacks. JetBrains patched the vulnerability following the bug report, urging users to update their servers as soon as possible. JetBrains
Infosecurity News
DarkGate Malware Campaigns Linked to Vietnam-Based Cybercriminals
WithSecure has found strong indicators that DarkGate attacks are being perpetrated by attackers also using the Ducktail infostealer
SecurityWeek
Japanese Watchmaking Giant Seiko Confirms Personal Data Stolen in Ransomware Attack
Japanese watchmaking giant Seiko has confirmed that personal information was stolen in a recent ransomware attack.