-1.webp)
Cyber Security News
APT Hackers Behind SysJoker Attacking Critical Industrial Sectors
SysJoker malware was initially discovered to be used by the APT group dubbed "WildCard" and was targeting the educational sector of Israel.
SecurityWeek
Critical Vulnerability Found in Ray AI Framework
A critical issue in open source AI framework Ray could provide attackers with operating system access to all nodes.
The Hacker News
Design Flaw in Google Workspace Could Let Attackers Gain Unauthorized Access
Researchers reveal a critical design flaw in Google Workspace, dubbed "DeleFriend," that could allow attackers to steal emails, exfiltrate data.
The Hacker News
How Hackers Phish for Your Users' Credentials and Sell Them
Did you know that a single stolen credential can jeopardize your entire network? Protect your organization against sophisticated phishing attacks. Lea
Cyber Security News
OwnCloud Critical Vulnerability Exploited in the Wild
Owncloud was discovered with a new vulnerability which was associated with the exposure of sensitive information.
Cyber Security News
CISA & NCSC Discloses Guidelines for Secure AI System Development
New security flaws in AI systems must be taken into account in addition to the usual cyber security risks,security is frequently neglected.
Latest Hacking News
Multiple Vulnerabilities Found In ownCloud File Sharing App
Numerous security vulnerabilities riddled the privacy of ownCloud users that the vendor patched recently. Exploiting these vulnerabilities could expose users’ passwords to potential adversaries. ownCloud Vulnerabilities Risked User Accounts According to the recent advisories, ownCloud addressed three
SecurityWeek
Critical ownCloud Flaws Lead to Sensitive Information Disclosure, Authentication Bypass
Three critical vulnerabilities in ownCloud could lead to sensitive information disclosure and authentication and validation bypass.
Cyber Security News
Kansas Court Hack: Attackers Stole Sensitive Data From Systems
Kanas Supreme Court released the statement for the cyber incident that stole sensitive data from systems,the cybercriminals also stole data.
Cyber Security News
Broadcom Acquires VMware in a $61 Billion Deal
Broadcom has announced the triumphant acquisition of VMware, heralding a watershed moment in the sphere of infrastructure technology.
-1.webp)
Cyber Security News
Researcher Discloses OpenCart Vulnerability; Company Reacts Aggressively
A security researcher who goes under the name “0xbro” discovered a Static code injection vulnerability in OpenCart.
-1.webp)
Cyber Security News
New GPS Attacks Targeting Commercial Flights Navigation Systems
A disquieting wave of GPS spoofing attacks has swept through the Middle East, leaving commercial air crews grappling with an unforeseen menace.
-1.webp)
Cyber Security News
SysJoker Malware Attacking Windows, Linux and Mac Users Abusing OneDrive
SysJoker malware, a multi-platform backdoor with several variants for Windows, Linux, and Mac, has been observed being used by a Hamas-affiliated APT to target Israel. This malware was first identified by Intezer in 2021 and was recently used in targeted attacks. Checkpoint researchers disclosed the malware’s growth, variations in the intricacy of its execution flow, and […]
.webp)
Cyber Security News
IBM QRadar SIEM Bug Let Remote Attacker Trigger DoS
Multiple vulnerabilities have been found in IBM QRadar Wincollect which were associated with Denial of service that could allow a threat.
Bleeping Computer
New Rust-based SysJoker backdoor linked to Hamas hackers
A new version of the multi-platform malware known as 'SysJoker' has been spotted, featuring a complete code rewrite in the Rust programming language.
Cyber Security News
PolarDNS - A Free DNS Server For Vulnerability Research & Pentesting
Oryxlabs recently launched a free DNS server that is written in Python 3.x for vulnerability research and pentesting, dubbed as "PolarDNS."
-1.webp)
Cyber Security News
Hackers Using Malicious Browser Extensions to Steal Facebook Business Accounts
Ducktail is a specifically designed information stealer that can have severe consequences, such as privacy breaches and identity theft.
The Hacker News
Warning: 3 Critical Vulnerabilities Expose ownCloud Users to Data Breaches
ownCloud, an open-source file-sharing software, has disclosed 3 critical vulnerabilities.
Security Affairs
Hamas-linked APT uses Rust-based SysJoker backdoor against Israel
Researchers reported that a Hamas-linked APT group is using a rust-based SysJoker backdoor against Israeli entities.
Security Affairs
Exposed Kubernetes secrets can fuel supply chain attacks
Researchers warn of publicly exposed Kubernetes configuration secrets that could pose a threat of supply chain attack for organizations.
The Hacker News
Tell Me Your Secrets Without Telling Me Your Secrets
GitGuardian launches "HasMySecretLeaked" service to help developers check if their sensitive information has been exposed on GitHub.
The Hacker News
Hamas-Linked Cyberattacks Using Rust-Powered SysJoker Backdoor Against Israel
Researchers found a Rust version of SysJoker, a cross-platform backdoor used by Hamas-affiliated threat actor targeting Israel during ongoing conflict
Cyber Security News
APT Groups Using HrServ Web Shell to Hack Windows Systems
A HrServ web shell is a malicious script or program that enables remote administration of a server, allowing unauthorized access and control.
The Hacker News
Kubernetes Secrets of Fortune 500 Companies Exposed in Public Repositories
Cybersecurity researchers have discovered publicly exposed Kubernetes configuration secrets, posing a risk of supply chain attacks.
Cyber Security News
ClearFake a New Malware Attacking Mac users via fake browser updates
Atomic Stealer delivered a fake browser update chain tracked as ‘ClearFake’ to attack Mac users. Reported by Malwarebytes.
Cyber Security News
Hackers using Weaponized Office Document to Exploit Windows Search RCE
A new attack chain campaign has been discovered which involves the exploitation of CVE-2023-36884 and CVE-2023-36584. CVE-2023-36884.
Cyber Security News
Firefox 120 Released With Security Updates: What’s New!
10 vulnerabilities are patched, including six 'High Severity' issues and two moderate and low severity issues are fixed.
Cyber Security News
North Korean Hackers Targeting CyberLink Users in Supply-chain Attack
Microsoft Threat Intelligence has uncovered a sophisticated supply chain attack orchestrated by the North Korean Hackers Diamond Sleet (ZINC)
Cyber Security News
WailingCrab Malware Abuse Messaging Protocol for C2 Communications
WailingCrab's backdoor component has been in contact with the C2 since the middle of 2023 via the lightweight IoT message protocol MQTT.
Cyber Security News
Bug Hunter GPT - AI Assistant that Replies for Hacking Questions
A 23-year-old hacker and CS student, Paolo Arnolfo (@sw33tLie) recently introduced "Bug Hunter GPT," an AI assistant.
Cyber Security News
Citrix Warns Admin to Kill Active or Persistent Sessions to Thwart Hackers
This vulnerability affected Citrix NetScaler Gateway and ADC devices. Following this, AssetNote published a proof-of-concept for this vulnerability named “CitrixBleed.”
Trend Micro
ParaSiteSnatcher How Malicious Chrome Extensions Target Brazil
We detail the modular framework of malicious Chrome extensions that consist of various highly obfuscated components that leverage Google Chrome API to monitor, intercept, and exfiltrate victim data.
SecurityWeek
Researchers Discover Dangerous Exposure of Sensitive Kubernetes Secrets
Researchers say public exposure of Kubernetes configuration secrets should be considered a “ticking supply chain attack bomb.”
Cyber Security News
Hackers Exploiting 0-day RCE Flaws in the Wild to Deploy Mirai Malware
The Mirai botnet is a malicious network of infected computers, routers, and IoT devices harnessed by cybercriminals to launch large-scale DDoS attacks.
The Hacker News
AI Solutions Are the New Shadow IT
AI Solutions Are the New Shadow IT - Ambitious Employees Tout New AI Tools, Ignore Serious SaaS Security Risks
Cyber Security News
Microsoft Defender Bounty Program: Rewards up to $20,000 USD
Microsoft introduced the Defender Bounty Program to enhance the security of customers' experience with rewards to researchers up to USD 20,000.
.webp)
Cyber Security News
Rhysida Ransomware Attacking Windows Machine Through VPN Devices and RDP
Rhysida, a new ransomware group, hit its first victim in May 2023. They use their ransomware, offered as RaaS (Ransomware-as-a-Service), with at least 50 global victims listed on their website.
Cyber Security News
CISA Releases Cyber Attack Mitigation for Healthcare Organizations
CISA has released a Cyber Attack Mitigation Guide specifically tailored for the Healthcare and Public Health (HPH) Sector.
Cyber Security News
LummaC2 Employs Trigonometry to Track Mouse Movements
MaaS (Malware-as-a-Service) thrives as a top choice for new cyber threats, offering easy access to powerful tools. Threat actors primarily focus on information theft under Maas, specializing in stealing and leaking sensitive data from hacked devices.
Cyber Security News
Hackers Attacking Apache Web Servers to Install Coinminers
An attack campaign that installs XMRig Coinminer on Windows web servers that run on Apache has been discovered recently.
SecurityWeek
Sumo Logic Completes Investigation Into Recent Security Breach
Sumo Logic has completed its investigation into the recent security breach and found no evidence of impact to customer data.
Cyber Security News
Nessus Vulnerability Let Attackers Alter Rules Variables
An arbitrary file write vulnerability has been discovered in Nessus which allows an authenticated, attacker to perform a denial of service.
Cyber Security News
Hackers Infect Linux Machines with Rootkits via Apache ActiveMQ Vulnerability
Trend Micro researchers recently revealed Apache ActiveMQ vulnerability (CVE-2023-46604) was actively exploited.
Security Affairs
The Top 5 Reasons to Use an API Management Platform - Security Affairs
Organizations need to govern and control the API ecosystem, this governance is the role of API management.
The Record
Crypto firm Kronos Research says $26 million stolen after cyberattack
Cryptocurrency trading and investment firm Kronos Research said $26 million worth of cryptocurrency was stolen from its systems following a cyberattack.
.webp)
Cyber Security News
LitterDrifter Powershell Worm Rapidly Spreads on USB Drives by Itself
Gamaredon (aka Primitive Bear, ACTINIUM, and Shuckworm), stands out in Russian espionage by exclusively targeting Ukrainian entities.
Cyber Security News
Splunk RCE Vulnerability Let Attackers Upload Malicious File
A high-severity Remote Code Execution (RCE) flaw in Splunk Enterprise has been discovered, enabling an attacker to upload malicious files.
Cyber Security News
Hackers Exploit Google Workspace to Exfiltrate Data and Deploy Ransomware
Recent research into Google Workspace and Google Cloud Platform by Bitdefender Labs reveals novel attack methods, potentially leading.
The Hacker News
LummaC2 Malware Deploys New Trigonometry-Based Anti-Sandbox Technique
New LummaC2 malware uses trigonometry-based tactic to differentiate between users and security systems, evading sandboxes and security analyses.
The Hacker News
Randstorm Exploit: Bitcoin Wallets Created b/w 2011-2015 Vulnerable to Hacking
🚨 Bitcoin wallets created from 2011 to 2015 vulnerable to "Randstorm" exploit, potentially allowing unauthorized access by recovering passwords.
.webp)
Cyber Security News
Hackers Exploiting Zimbra 0-day to Attack Government Organizations
Zimbra Collaboration is an open-source solution software suite with an email server and web client for collaboration.
Security Affairs
Security Affairs newsletter Round 446 by Pierluigi Paganini
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you.
Security Affairs
8Base ransomware operators use a variant of Phobos ransomware
8Base ransomware operators were observed using a variant of the Phobos ransomware in a recent wave of attacks.
SecurityWeek
Over a Dozen Exploitable Vulnerabilities Found in AI/ML Tools
Bug hunters uncover over a dozen exploitable vulnerabilities in tools used to build chatbots and other types of AI/ML models.
The Hacker News
27 Malicious PyPI Packages with Thousands of Downloads Found Targeting IT Experts
Beware of fake Python libraries! 27 malicious packages found on PyPI, disguised as legitimate ones.
Security Affairs
A critical OS command injection flaw affects Fortinet FortiSIEM
Fortinet warns of a critical OS command injection flaw in FortiSIEM report server that could be exploited to execute arbitrary commands
Cyber Security News
FortiSIEM Injection Flaw Let Attackers Execute Malicious Commands
Cybersecurity researchers identified a FortiSIEM injection flaw that lets execute malicious commands & tracked as "CVE-2023-36553."
The Hacker News
CISA Adds Three Security Flaws with Active Exploitation to KEV Catalog
U.S. CISA has added three security flaws to its Known Exploited Vulnerabilities (KEV) catalog due to evidence of active exploitation in the wild.
Ars Technica
“Make It Real” AI prototype wows devs by turning drawings into working software
Designer: "I think I need to go lie down."
Ars Technica
Unauthorized “David Attenborough” AI clone narrates developer’s life, goes viral
"We observe the sophisticated Homo sapiens engaging in the ritual of hydration."
Bleeping Computer
Fortinet warns of critical command injection bug in FortiSIEM
Fortinet is alerting customers of a critical OS command injection vulnerability in FortiSIEM report server that could be exploited by remote, unauthenticated attackers to execute commands through specially crafted API requests.
Cyber Security News
ChatGPT for Malware Analysis: Enhancing GPT’s Ability to Guide Malware Analyst
GPT excels in verbal thinking, skillfully choosing precise words for optimal responses. Understanding this key property is crucial, as much of its subsequent behavior stems from this ability.
The Hacker News
Hackers Could Exploit Google Workspace and Cloud Platform for Ransomware Attacks
Novel attack methods targeting Google Workspace & Cloud Platform could enable ransomware and data breaches.
Cyber Security News
Best Network Security Vendors for SaaS - 2024
Best Network Security Vendors for SaaS : 1. Perimeter 81 2. Palo Alto Networks 3. Fortinet 4. Symantec 5. Check Point 6. McAfee 7. Okta.
Cyber Security News
Wireshark 4.2.0 Released - What’s New!
Wireshark is a popular open-source network protocol analyzer that is primarily used by security experts and network administrators.
Cyber Security News
OracleIV: Dockerized Botnet Launches DDoS Attack Against Docker Engine
Hackers use networks of compromised computers (botnets) to generate massive traffic, disrupting the target's normal functioning by overloading its resources. The goal is to make a website or online service inaccessible to legitimate users.
Ars Technica
Developers can’t seem to stop exposing credentials in publicly accessible code
Many transgressions come from "very large companies that have robust security teams."
CSO
Top cybersecurity product news of the week
New product and service announcements from Wiz, Palo Alto Networks, Sophos, SecureAuth, Kasada, Lacework, Noname Security, and more.
Bleeping Computer
The OWASP Top 10: What They Are and How to Test Them
This article takes a deep dive into the OWASP Top 10 and advises on how to test your web applications for susceptibility to these security risks.
Infosecurity News
Python Package Index Faces Security Crisis With Validated Leaks
2922 projects contained at least one unique secret, including from AWS, Redis and Google
SecurityWeek
MySQL Servers, Docker Hosts Infected With DDoS Malware
Researchers warn attackers are targeting MySQL servers and Docker hosts to plant malware capable of launching distributed DDoS attacks.
Cyber Security News
Stealc Malware Steals Passwords & Credit Cards From Chrome & Firefox
Cybersecurity researcher, Aziz Farghly recently discovered an infostealer, "Stealc." Plymouth has promoted Stealc, a new non-resident stealer
The Hacker News
Alert: OracleIV DDoS Botnet Targets Public Docker Engine APIs to Hijack Containers
Publicly-accessible Docker Engine API instances are under attack! Threat actors aim to create a DDoS botnet called OracleIV.
The Hacker News
CI/CD Risks: Protecting Your Software Development Pipelines
Malicious actors are exploiting Dependabot's trust. Learn how to protect your CI/CD pipelines and software supply chain.
Infosecurity News
Pro-Palestine APT Group Uses Novel Downloader in New Campaign
TA402 launches new targeted phishing campaigns
Trend Micro
A Closer Look at ChatGPT's Role in Automated Malware Creation
This blog entry explores the effectiveness of ChatGPT's safety measures, the potential for AI technologies to be misused by criminal actors, and the limitations of current AI models.
DarkReading
Ducktail Malware Targets the Fashion Industry
Threat actors distributed an archive containing images of new products by major clothing companies, along with a malicious executable disguised with a PDF icon.
Infosecurity News
Python Malware Poses DDoS Threat Via Docker API Misconfiguration
Cado Security Labs said the bot agent exhibited various methods for conducting DDoS attacks
Bleeping Computer
Criminal IP & Cisco SecureX/XDR: Enhanced Cyber Threat Analysis
The Criminal IP threat intelligence search engine by AI SPERA has recently integrated with Cisco SecureX/XDR, empowering organizations to stay ahead of malicious actors. Learn more about this integration from Criminal IP in this article.
-1.webp)
Cyber Security News
Sumo Logic Warns Customers to Reset API Keys Following a Security Breach
Due to the security breach of the Sumo Logic organization, notify the customers to reset the API keys for precautionary measures.
CyberNews
Data of 800K Chess.com players scraped and released
A hacker under the username DrOne shared data from more than 800k Chess.com users on BreachForums.
The Hacker News
The New 80/20 Rule for SecOps: Customize Where it Matters, Automate the Rest
Are you tired of sifting through endless alerts? The era of Security Automation is here! Learn how it's changing the game for SOC teams.
Cyber Security News
Script Tracer Tool - Threat Researchers to Trace & Deobfuscate the Malware Execution
Cyber forensic tools play a crucial role in cyber investigations by helping investigators to collect, analyze, and preserve digital evidence.
Cyber Security News
Hackers Weaponize PDF Files to Deliver Multiple Ransomware Variants
PDF files are commonly used for their versatility, making them a prime target for malware delivery because they can embed malicious scripts or links.
Bleeping Computer
Cloudflare website down, showing ‘We’re sorry’ Google errors
Cloudflare is investigating an ongoing outage causing 'We're sorry" Google errors to be shown on the company's website.
Bleeping Computer
Cloudflare website downed by DDoS attack claimed by Anonymous Sudan
Cloudflare is investigating an ongoing outage causing 'We're sorry" Google errors to be shown on the company's website.
Bleeping Computer
Microsoft shares temp fix for broken Windows Server 2022 VMs
Microsoft publicly acknowledged a known issue causing Windows Server 2022 virtual machine (VM) blue screens and boot failures on VMware ESXi hosts.
Cyber Security News
ChatGPT-Powered Malware Attacking Cloud Platforms to Steal Login Credentials
Threat actors can ChatGPT to generate convincing phishing emails or deceptive content that encourages users to download malware.
Bleeping Computer
Russian hackers switch to LOTL technique to cause power outage
Russian state hackers have evolved their methods for breaching industrial control systems by adopting living-off-the-land techniques that enable reaching the final stage of the attack quicker and with less resources
Infosecurity News
OpenAI Reveals ChatGPT Is Being DDoS-ed
OpenAI has admitted DDoS attacks are the cause of intermittent ChatGPT outages since November 8
Bleeping Computer
OpenAI confirms DDoS attacks behind ongoing ChatGPT outages
During the last 24 hours, OpenAI has been addressing what it describes as "periodic outages" linked to DDoS attacks affecting its API and ChatGPT services.
Bleeping Computer
Sumo Logic discloses security breach, advises API key resets
Security and data analytics company Sumo Logic disclosed a security breach after discovering that its AWS (Amazon Web Services) account was compromised last week.
Infosecurity News
Predator AI ChatGPT Integration Poses Risk to Cloud Services
This integration reduces reliance on OpenAI’s API while streamlining the tool’s functionality
Bleeping Computer
ChatGPT down after major outage impacting OpenAI systems
OpenAI's AI-powered ChatGPT large language model-based chatbot is down because of a major ongoing outage that also took down the company's Application Programming Interface (API).
Bleeping Computer
ChatGPT back online after major OpenAI systems outage
OpenAI's AI-powered ChatGPT large language model-based chatbot is down because of a major ongoing outage that also took down the company's Application Programming Interface (API).
Bleeping Computer
OpenAI confirms it's not killing off ChatGPT plugins for now
During its inaugural developer conference, OpenAI unveiled GPTs, short for Generative Pre-trained Transformers. These custom versions of ChatGPT are designed to be shaped by and for individual users, whether for recreational or professional use, and can be shared with others.
DarkReading
Kinsing Cyberattackers Debut 'Looney Tunables' Cloud Exploits
Admins need to patch immediately, as the prolific cybercrime group pivots from cryptomining to going after cloud secrets and credentials.
Ars Technica
OpenAI introduces GPT-4 Turbo: Larger memory, lower cost, new knowledge
Novel-sized context window, DALL-E 3 API, more announced on OpenAI DevDay 2023.
DarkReading
Virtual Kidnapping: AI Tools Are Enabling IRL Extortion Scams
With AI and publicly available data, cybercriminals have the resources they need to fake a real-life kidnapping and make you believe it.
Latest Hacking News
Discord Adopts Temporary CDN Links To Prevent Malware
After inadvertently becoming the vector to spread malware several times, Discord has devised a strategy to prevent it. Reportedly, Discord now switches to temporary CDN links for all files, preventing abuse of its network. Discord To
CSO
Frontegg releases new identity, user management solution for SaaS products
Frontegg Forward delivers four fundamental user identity management innovations for SaaS vendors.
Ars Technica
OpenAI introduces custom AI assistants called “GPTs” that play different roles
Users can build and share custom-defined roles—from math mentor to sticker designer.
Ars Technica
Elon Musk’s new AI model doesn’t shy from questions about cocaine and orgies
xAI positions sarcastic AI assistant to counterbalance buttoned-up ChatGPT.
The Hacker News
SecuriDropper: New Android Dropper-as-a-Service Bypasses Google's Defenses
SecuriDropper, a sneaky malware delivery service, outsmarts Google's latest security measures.
Infosecurity News
Over Half of Users Report Kubernetes/Container Security Incidents
Many say it led to a subsequent data breach
Bleeping Computer
Cybercrime service bypasses Android security to install malware
A new dropper-as-a-service (DaaS) named 'SecuriDropper' has emerged, using a method that bypasses Android 13's 'Restricted Settings' to install malware on devices and grant them access to the Accessibility Services.
Cyber Security News
The Ultimate SaaS Security Admin Guide - 2024
SaaS Security Admin Guide: 1. Encryption 2. Backup and Recovery 3. Data Residency 4. Regular Audits 5. Data Privacy 6. Least Privileges.
CSO
Most cloud moves found rushed as adopters underrate associated risks: Report
More than half of security leaders surveyed didn’t understand the security risks associated with shifting to the cloud.
Bleeping Computer
Discord will switch to temporary file links to block malware delivery
Discord will switch to temporary file links for all users by the end of the year to block attackers from using its CDN (content delivery network) for hosting and pushing malware.
Cyber Security News
Threat and Vulnerability Roundup for the week of October 29th to November 4th
welcome to Cyber Writes' weekly publication - the Threat and Vulnerability Roundup! Get ready to dive into the latest and greatest in cybersecurity, as we bring you the most up-to-date information each week.
Ars Technica
Okta hit by another breach, this one stealing employee data from 3rd-party vendor
Threat actor gained access to vendor's IT environment and exfiltrated personal data.
DarkReading
Upgraded Kazuar Backdoor Offers Stealthy Power
The obscure Kazuar backdoor used by Russian attack group Turla has resurfaced, and it's more dangerous than ever.
Bleeping Computer
Cloudflare Dashboard and APIs down after data center power outage
An ongoing Cloudflare outage has taken down many of its products, including the company's dashboard and related application programming interfaces (APIs) customers use to manage and read service configurations.
Bleeping Computer
Okta data breach exposed personal information of employees
Okta is warning nearly 5,000 current and former employees that their personal information was exposed after a third-party vendor was breached.
Bleeping Computer
Okta hit by third-party data breach exposing employee information
Okta is warning nearly 5,000 current and former employees that their personal information was exposed after a third-party vendor was breached.
Cyber Security News
Securing Your SaaS: Best Practices and Proven Strategies
Protecting cloud-based apps and the data they manage is the primary goal of Software as a Service (SaaS) security.
Infosecurity News
AI Safety Summit: OWASP Urges Governments to Agree on AI Standards
The OWASP Foundation has released a call to action ahead of the UK’s AI Safety Summit
SecurityWeek
Cisco Patches 27 Vulnerabilities in Network Security Products
Cisco has released software updates to address 27 vulnerabilities in Cisco ASA, FMC, and FTD security products.
The Hacker News
Researchers Expose Prolific Puma's Underground Link Shortening Service
Meet "Prolific Puma," the secretive threat actor behind a dangerous link shortening service with thousands of malicious domains used for phishing.
SecurityWeek
Supply Chain Startup Chainguard Scores $61 Million Series B
Washington startup Chainguard banks $61 million in new financing as investors make hefty wagers on software supply chain security companies.
The Hacker News
Iranian Cyber Espionage Group Targets Financial and Government Sectors in Middle East
Iranian threat actor "Scarred Manticore" has launched a year-long cyber espionage campaign targeting the Middle East finance, government, military.
SecurityWeek
SIEM and Log Management Provider Graylog Raises $39 Million
Graylog secured $39 million in funding to accelerate product development and scale its go-to-market operations.
Bleeping Computer
Flipper Zero Bluetooth spam attacks ported to new Android app
Recent Flipper Zero Bluetooth spam attacks have now been ported to an Android app, allowing a much larger number of devices to implement these annoying spam alerts.
CSO
iLeakage updates Spectre for novel info-stealing side-channel attack
The iLeakage proof of concept targets Apple silicon devices running Safari, demonstrating techniques that improve on Sceptre and MeltDown exploits and demonstrate continuing vulnerabilities in modern CPUs.
Bleeping Computer
Massive cybercrime URL shortening service uncovered via DNS data
A threat actor that security researchers call Prolific Puma has been providing link shortening services to cybercriminals for at least four years while keeping a sufficiently low profile to operate undetected.
DarkReading
'Elektra-Leak' Attackers Harvest AWS Cloud Keys in GitHub Campaign
Cyber adversaries are scanning public GitHub repositories in real-time, evading Amazon quarantine controls, and harvesting AWS keys.
Cyber Security News
Russian New Hacking Tool Creates Hundreds Of Fake Social Media Profiles In Seconds
The Kopeechka service, which refers to "penny" in Russian, is a new tool that criminals use to quickly and easily generate hundreds of fake social media accounts.
Cyber Security News
Hackers Infect Windows Users with Weaponized MSIX App Packages
MSIX packages can be distributed & installed without administrative privileges, allowing malicious software to traditional security controls.
Cyber Security News
NGINX ingress Security Flaw Let Attackers Kubernetes API Server Credentials
3 vulnerabilities have been discovered in NGINX ingress controllers which were associated with arbitrary command RCE injection.
The Hacker News
EleKtra-Leak Cryptojacking Attacks Exploit AWS IAM Credentials Exposed on GitHub
EleKtra-Leak cryptojacking campaign is exploiting exposed AWS IAM credentials on public GitHub repositories
Cyber Security News
CISA Announces New Logging Tool for Windows-based Devices
CISA has launched a new version of Logging Made Easy (LME), a free and simple log management solution for Windows-based devices.
The Hacker News
Urgent: New Security Flaws Discovered in NGINX Ingress Controller for Kubernetes
Three new high-severity security flaws discovered in NGINX Ingress controller for Kubernetes. Hackers can steal secret credentials.
The Record
Russian hacking tool floods social networks with bots, researchers say
Low-skill cybercriminals are using a new tool to create hundreds of fake social media accounts in just a few seconds.
Cyber Security News
11 Best Cloud Access Security Broker Software (CASB) - 2023
Best Cloud Access Security Broker (CASB) Software: 1. DoControl CASB 2. Microsoft Cloud App Security 3. Forcepoint 4. Palo Alto Networks.
CSO
Failure to verify OAuth tokens enables account takeover on websites
Report shows the importance of ensuring OAuth implementation is secure to protect against identity theft, financial fraud, and access to personal information.
Trend Micro
How Kopeechka, an Automated Social Media Accounts Creation Service, Can Facilitate Cybercrime
This report explores the Kopeechka service and gives a detailed technical analysis of the service’s features and capabilities and how it can help cybercriminals to achieve their goals.
Bleeping Computer
New iLeakage attack steals emails, passwords from Apple Safari
Academic researchers created a new speculative side-channel attack they named iLeakage that works on all recent Apple devices and can extract sensitive information from the Safari web browser.
The Hacker News
Critical OAuth Flaws Uncovered in Grammarly, Vidio, and Bukalapak Platforms
Attention online users, critical security flaws have been uncovered in popular services like Grammarly, Vidio, and Bukalapak.
The Hacker News
The Rise of S3 Ransomware: How to Identify and Combat It
The Rise of S3 Ransomware: How to Identify and Combat It | Read more hacking news on The Hacker News cybersecurity news website and learn how to protect against cyberattacks and software vulnerabilities.
The Record
Grammarly says it corrected sign-in vulnerabilities after alert from cyber researchers
The bugs, found by researchers at Salt Security, involved social sign-in — when someone accesses a web service through their credentials on another platform. Other companies were affected besides Grammarly.
Infosecurity News
API Security Flaw Impacted Grammarly, Vidio and Bukalapak
Salt Security discovered the vulnerabilities in implementations of the OAuth protocol
Bleeping Computer
Decentralized Matrix messaging network says it now has 115M users
The team behind the Matrix open standard and real-time communication protocol has announced the release of its second major version, bringing end-to-end encryption to group VoIP, faster loading times, and more.
The Hacker News
Make API Management Less Scary for Your Organization
Protect your organization from security nightmares. Learn how modern API management with Gloo Gateway can fortify your defenses against data breaches
The Hacker News
Operation Triangulation: Experts Uncover Deeper Insights into iOS Zero-Day Attacks
Sophisticated Apple iOS attack dubbed Operation Triangulation employed clever techniques to targets victims with a backdoor implant called "TriangleDB
CSO
Okta support system breach highlights need for strong MFA policies
Breach was detected and blocked before it granted access to attackers due to the enforcement of multifactor authentication.
DarkReading
Critical SolarWinds RCE Bugs Enable Unauthorized Network Takeover
SolarWinds' access controls contain five high and three critical-severity security vulnerabilities that need to be patched yesterday.
CyberSecurity Dive
Okta attacked again, this time hitting its support system
A threat actor accessed customer support tickets and files containing sensitive data. Okta declined to say how many customers are impacted.
Cyber Security News
SolarWinds Access Rights Manager Flaw Let Attackers Execute Remote Code
SolarWinds Access Rights Manager 2023.2 was impacted with multiple flaws that let a remote attacker escalate privileges and execute RC.
Bleeping Computer
BlackCat ransomware uses new ‘Munchkin’ Linux VM in stealthy attacks
The BlackCat/ALPHV ransomware operation has begun to use a new tool named 'Munchkin' that utilizes virtual machines to deploy encryptors on network devices stealthily.
Bleeping Computer
Microsoft extends Purview Audit log retention after July breach
Microsoft is extending Purview Audit log retention as promised after the Chinese Storm-0558 hacking group breached dozens of Exchange and Microsoft 365 corporate and government accounts in July.
DarkReading
Patch Now: APTs Continue to Pummel WinRAR Bug
State-sponsored cyberespionage actors from Russia and China continue to target WinRAR users with various info-stealing and backdoor malware, as a patching lag plagues the software's footprint.
Cyber Security News
Hackers Use Discord for C&C to Exploit Jupyter Notebooks & SSH
Jupyter Notebooks that are exposed to the internet are targeted by a crypto jacking campaign called Qubit Strike, discovered by Cado Security Labs.
The Hacker News
Google TAG Detects State-Backed Threat Actors Exploiting WinRAR Flaw
Google TAG security experts uncover Russian and Chinese state-backed threat actors exploiting WinRAR vulnerability (CVE-2023-38831)
SecurityWeek
Darwinium Raises $18 Million for Edge-based Fraud Prevention Tech
Since launching in 2021, Darwinium has raised $26 million to build a bot and fraud prevention platform running on the perimeter edge.
The Hacker News
Qubitstrike Targets Jupyter Notebooks with Crypto Mining and Rootkit Campaign
A new cyber threat emerges! Discover how Qubitstrike, linked to Tunisia, targets Jupyter Notebooks for crypto mining and cloud breaches.
Bleeping Computer
Qubitstrike attacks rootkit Jupyter Linux servers to steal credentials
Hackers are scanning for internet-exposed Jupyter Notebooks to breach servers and deploy a cocktail of malware consisting of a Linux rootkit, crypto miners, and password-stealing scripts.
The Hacker News
New Admin Takeover Vulnerability Exposed in Synology's DiskStation Manager
A vulnerability in Synology's DSM has been revealed, allowing attackers to remotely hijack admin accounts.
Cyber Security News
CISA, FBI Warns of Critical Atlassian Zero-Day Flaw Under Active Attack
A serious security flaw in some versions of Atlassian Confluence Data Center and Server has been exploited by hackers.
Cyber Security News
Titan File Transfer Server Flaws Let Attackers Execute Remote Code
Multiple vulnerabilities have been discovered in Titan MFT and Titan SFTP servers owned by South River Technologies.
Ars Technica
Mazda’s DMCA takedown kills a hobbyist’s smart car API tool
Financial risk too great for dev working "in my spare time to help others."
Bleeping Computer
October Windows Server updates cause Hyper-V VM boot issues
According to customer reports, this month's Patch Tuesday updates are breaking virtual machines on Hyper-V hosts, causing them to no longer boot and display "failed to start" errors.
Cyber Security News
Threat Actors Actively Exploiting Cisco IOS XE Zero-day Vulnerability
A new Zero-day vulnerability (CVE-2023-20198) in Cisco IOS XE's Web UI feature that affects devices with exposed HTTP/HTTPS Server functionality.
Cyber Security News
ChatGPT for Vulnerability Detection - Prompts Used and their Responses
Language models like CodeBERT, GraphCodeBERT, and CodeT5 can identify, explain, assess, and suggest patches for vulnerabilities.
Cyber Security News
EtherHiding: A Novel Technique to Hide Malicious Code Using Binance's Smart Chain
“EtherHiding” which abuses Binance's Smart Chain (BSC) contracts to host parts of a malicious code chain to hide them inside the blockchain.
Bleeping Computer
Fake 'RedAlert' rocket alert app for Israel installs Android spyware
Israeli Android users are targeted by a malicious version of the 'RedAlert - Rocket Alerts' app that, while it offers the promised functionality, acts as spyware in the background.
Cyber Security News
IBM QRadar SIEM XSS Flaw Let Attackers Execute JavaScript code
Two medium-severity vulnerabilities have been discovered in the widely used IBM QRadar SIEM, associated with Cross-Site Scripting (XSS) and Information disclosure.
Infosecurity News
Growing Concern Over Role of Hacktivism in Israel-Hamas Conflict
Hacktivists claim DDoS attacks against Israeli websites as cybersecurity experts urge caution in believing these cyber-criminals’ claims
The Hacker News
SpyNote: Beware of This Android Trojan that Records Audio and Phone Calls
Discover the dangerous capabilities of SpyNote, an Android banking trojan. It records audio, logs keystrokes, SMS messages, and captures screenshots.
Trend Micro
Beware Lumma Stealer Distributed via Discord CDN
This blog discusses how threat actors abuse Discord’s content delivery network (CDN) to host and spread Lumma Stealer, and talks about added capabilities to the information stealing malware.
Bleeping Computer
Steam enforces SMS verification to curb malware-ridden updates
Valve has announced implementing additional security measures for developers publishing games on Steam, including SMS-based confirmation codes. This is to deal with a recent outbreak of malicious updates pushing malware from compromised publisher accounts.
Cyber Security News
OWASP ZAP 2.14.0 Released – What’s New!
OWASP ZAP is a free and open-source web application security scanner. It is designed to be utilized by expert penetration testers as well as individuals.
Cyber Security News
Critical Google Chrome User-After-Free Site Isolation Flaw
As part of a security update for Chrome, Google has upgraded the Stable channels to 118.0.5993.70 for Mac and Linux and 118.0.5993.70/.71 for Windows.
The Hacker News
Malicious NuGet Package Targeting .NET Developers with SeroXen RAT
Malicious NuGet package distributing SeroXen RAT targets .NET developers.
Bleeping Computer
Shadow PC warns of data breach as hacker tries to sell gamers' info
Shadow PC, a provider of high-end cloud computing services, is warning customers of a data breach that exposed customers' private information, as a threat actor claims to be selling the stolen data for over 500,000 customers.
DarkReading
Cloud Security Demand Drives Better Cyber-Firm Valuations — and Deals
Cisco's $28 billion purchase of Splunk was the biggest story, but there were other big security acquisitions and investments during a richer-than-expected quarter.
CSO
Microsoft, American Express most spoofed brands in financial services phishing emails
Research discovers “interesting developments” in the delivery methods, techniques, themes, and targeted brands of email phishing against financial services.
SecurityWeek
Applying AI to API Security
Five ways in which artificial intelligence (AI) can be leveraged to improve API security to help enterprises improve their security posture.
-1-1.webp)
Cyber Security News
Top 10 Best SaaS Security Tools
Top 10 Best SaaS Security Tools. 1. DoControl, 2. Splunk, 3. Zscaler, 4. Qualys, 5. Proofpoint, 6. Veracode, 7. Okta, 8. Trend Micro.
DarkReading
Reasonable Valuations Drove Mergers and Acquisition Activity in Q3, 2023
Cisco's $28 billion purchase of Splunk was the biggest story, but other security majors made strategic acquisitions as well in a better-than-expected quarter.
Bleeping Computer
Microsoft October 2023 Patch Tuesday fixes 3 zero-days, 104 flaws
Today is Microsoft's October 2023 Patch Tuesday, with security updates for 104 flaws, including three actively exploited zero-day vulnerabilities.
Cyber Security News
New APT Group Using Custom Malware to Attack Manufacturing & IT Industries
Grayling hints at using public infrastructure for initial access, deploying web shells, and then DLL sideloading to load the following elements.
SecurityWeek
New 'Grayling' APT Targeting Organizations in Taiwan, US
A previously unknown APT group is targeting organizations in biomedical, IT, and manufacturing sectors in Taiwan.
Bleeping Computer
Google makes passkeys the default sign-in for personal accounts
Google announced today that passkeys are now the default sign-in option across all personal Google Accounts across its services and platforms.
Infosecurity News
New Threat Actor “Grayling” Blamed For Espionage Campaign
Symantec highlights distinctive DLL sideloading technique
The Record
Hacktivists take sides in Israel-Palestinian war
Since Hamas fighters launched their assault on Saturday, nearly 60 groups have targeted Palestinian and Israeli entities.
DarkReading
Critical 'ShellTorch' Flaws Light Up Open Source AI Users, Like Google
The vulnerabilities exist in the widely used TorchServe framework, used by Amazon, Google, Walmart, and many other heavy hitters.
Cyber Security News
Top 10 SaaS Security Risks and How to Mitigate Them
Top 10 SaaS Security Risks and How to Mitigate Them. 1. Data Breaches, 2. Account Hijacking, 3. Lack of Identity and Access Management (IAM).
CSO
New critical AI vulnerabilities in TorchServe put thousands of AI models at risk
The vulnerabilities can completely compromise the AI infrastructure of the world’s biggest businesses, Oligo Security said.
SecurityWeek
Synqly Joins Race to Fix Security, Infrastructure Product Integrations
Silicon Valley startup lands $4 million in seed funding from SYN Ventures, Okta Ventures and Secure Octane.
Bleeping Computer
ShellTorch flaws expose AI servers to code execution attacks
A set of critical vulnerabilities dubbed 'ShellTorch' in the open-source TorchServe AI model-serving tool impact tens of thousands of internet-exposed servers, some of which belong to large organizations.
The Hacker News
Warning: PyTorch Models Vulnerable to Remote Code Execution via ShellTorch
Multiple vulnerabilities in TorchServe, used for serving PyTorch models, could lead to remote code execution.
The Hacker News
API Security Trends 2023 – Have Organizations Improved their Security Posture?
For businesses, API breaches spell disaster. Find out how inadequate security measures can lead to financial losses and customer data leaks.
The Record
Amazon warns of ‘ShellTorch’ issue affecting code related to AI models
Researchers with Israeli firm Oligo published information about three critical issues with TorchServe, a part of the PyTorch project overseen by Amazon and Meta. The code helps companies build AI models into their businesses.
Cyber Security News
Marvin Attack: 25-year-old RSA Decryption Vulnerability Disclosed
A new type of vulnerability in the software implementation of PKCS#1 v1.5 padding scheme for RSA key exchange was previously confirmed, this attack has been named as “Marvin Attack”.
The Hacker News
APIs: Unveiling the Silent Killer of Cyber Security Risk Across Industries
APIs are under attack! Explore the top API security concerns and why healthcare and manufacturing sectors are targeted
The Hacker News
LUCR-3: Scattered Spider Getting SaaS-y in the Cloud
🚨Beware of LUCR-3 (aka Scattered Spider) – a threat actor targeting Fortune 2000 companies for extortion.
Bleeping Computer
New Marvin attack revives 25-year-old decryption flaw in RSA
A flaw related to the PKCS #1 v1.5 padding in SSL servers discovered in 1998 and believed to have been resolved still impacts several widely-used projects today.
Cyber Security News
Cybersecurity in Cloud Computing: Risks and Benefits
Every day, organizations face ongoing assaults on their data, resulting in consumers feeling the consequences of those attacks. Cloud security ensures consumer protection and business continuity while allowing opportunities within a secure environment. As the world moves toward technological innovations, securing data clouds must be the top priority for cyber professionals, developers, and consumers. Those […]
Bleeping Computer
Cloudflare DDoS protections ironically bypassed using Cloudflare
Cloudflare's Firewall and DDoS prevention can be bypassed through a specific attack process that leverages logic flaws in cross-tenant security controls.
Bleeping Computer
Discord is investigating cause of ‘You have been blocked’ errors
Many Discord users attempting to access the popular instant messaging and VoIP social platform today have been met with a scary "Sorry, you have been blocked" message.