The Hacker News
Design Flaw in Google Workspace Could Let Attackers Gain Unauthorized Access
Researchers reveal a critical design flaw in Google Workspace, dubbed "DeleFriend," that could allow attackers to steal emails, exfiltrate data.
The Hacker News
N. Korean Hackers 'Mixing' macOS Malware Tactics to Evade Detection
Lazarus Group's evolving cyber tactics target macOS systems by combining elements from multiple malware campaigns for better effectiveness and to avoi
Ars Technica
New “Stable Video Diffusion” AI model can animate any still image
Given GPU and patience, SVD can turn any image into a 2-second video clip.
Infosecurity News
Cybersecurity Incident Hits Fidelity National Financial
The Alphv/BlackCat ransomware group has claimed responsibility for the attack
Infosecurity News
SysJoker Malware: Hamas-Related Threat Expands With Rust Variant
CPR said the malware now uses OneDrive instead of Google Drive for storing dynamic C2 server URLs
Bleeping Computer
Leveraging Wazuh to combat insider threats
Effective strategies for mitigating insider threats involve a combination of detective and preventive controls. Such controls are provided by the Wazuh SIEM and XDR platform.
Bleeping Computer
Google Drive users angry over losing months of stored data
Google Drive users are reporting that recent files stored in the cloud have suddenly disappeared, with the cloud service reverting to a storage snapshot as it was around April-May 2023.
SecurityWeek
Hacktivism: What’s in a Name… It May be More Than You Expect
Hacktivists should be treated as malicious hackers because the distance between hacking/activism, malevolence, and damage is too small and too vague.
-1.webp)
Cyber Security News
SysJoker Malware Attacking Windows, Linux and Mac Users Abusing OneDrive
SysJoker malware, a multi-platform backdoor with several variants for Windows, Linux, and Mac, has been observed being used by a Hamas-affiliated APT to target Israel. This malware was first identified by Intezer in 2021 and was recently used in targeted attacks. Checkpoint researchers disclosed the malware’s growth, variations in the intricacy of its execution flow, and […]
The Record
AI systems ‘subject to new types of vulnerabilities,’ British and US cyber agencies warn
British and U.S. cybersecurity authorities published guidance on Monday about how to develop artificial intelligence systems in a way that will minimize the risks they face from mischief-makers through to state-sponsored hackers.
-1.webp)
Cyber Security News
Hackers Using Malicious Browser Extensions to Steal Facebook Business Accounts
Ducktail is a specifically designed information stealer that can have severe consequences, such as privacy breaches and identity theft.
The Hacker News
New 'HrServ.dll' Web Shell Detected in APT Attack Targeting Afghan Government
A new web shell called HrServ is part of a suspected APT attack in Afghanistan. HrServ can erase tracks and execute code in memory.
Security Affairs
Hamas-linked APT uses Rust-based SysJoker backdoor against Israel
Researchers reported that a Hamas-linked APT group is using a rust-based SysJoker backdoor against Israeli entities.
Security Affairs
Exposed Kubernetes secrets can fuel supply chain attacks
Researchers warn of publicly exposed Kubernetes configuration secrets that could pose a threat of supply chain attack for organizations.
SecurityWeek
In Other News: National Laboratory Breach, Airplane GPS Attacks, Russia Accuses Allies of Hacking
Idaho National Laboratory breach, GPS attacks target airplanes, Russian accuses China and North Korea of hacking.
CyberNews
Pro-Russian disinfo campaign using Israel-Hamas war to stir chaos
A disinformation campaign, run or backed by Russia, has been using the Israel-Hamas war to try to create tensions elsewhere in the world.
The Hacker News
Hamas-Linked Cyberattacks Using Rust-Powered SysJoker Backdoor Against Israel
Researchers found a Rust version of SysJoker, a cross-platform backdoor used by Hamas-affiliated threat actor targeting Israel during ongoing conflict
The Hacker News
Kubernetes Secrets of Fortune 500 Companies Exposed in Public Repositories
Cybersecurity researchers have discovered publicly exposed Kubernetes configuration secrets, posing a risk of supply chain attacks.
The Record
How one Russian nonprofit is trying to crack through the Kremlin’s censorship wall
A decade after its founding, the internet freedom organization Roskomsvoboda finds itself adjusting to harsh political and social realities within Russia, where a wartime regime continues to expand its authority over the internet.
SecurityWeek
Broadcom Planning to Complete Deal for $69 Billion Acquisition of VMWare After Regulators Give OK
Broadcom has cleared all regulatory hurdles and will complete its $69 billion acquisition of cloud technology company VMware.
CyberNews
Ingo Money claimed by Inc ransomware
Ingo Money suspected to have suffered a ransomware attack.
The Hacker News
North Korean Hackers Distribute Trojanized CyberLink Software in Supply Chain Attack
North Korean hackers, aka Diamond Sleet, spread a trojanized version of CyberLink's legit app.
Trend Micro
ParaSiteSnatcher How Malicious Chrome Extensions Target Brazil
We detail the modular framework of malicious Chrome extensions that consist of various highly obfuscated components that leverage Google Chrome API to monitor, intercept, and exfiltrate victim data.
DarkReading
Fake Browser Updates Targeting Mac Systems With Infostealer
A pervasive ClearFake campaign targeting Windows systems with Atomic Stealer has expanded its social engineering scams to MacOS users, analysts warn.
Bleeping Computer
Open-source Blender project battling DDoS attacks since Saturday
Blender has confirmed that recent site outages have been caused by ongoing DDoS (distributed denial of service) attacks that started on Saturday.
The Hacker News
AI Solutions Are the New Shadow IT
AI Solutions Are the New Shadow IT - Ambitious Employees Tout New AI Tools, Ignore Serious SaaS Security Risks
Security Affairs
Enterprise software provider TmaxSoft leaks 2TB of data
TmaxSoft , a Korean IT company developing and selling enterprise software has leaked over 50 million sensitive records.
CyberNews
MacOS targeted by ClearFake malware campaign
A data-stealing program that targets Mac operating systems (OS) is being distributed by means of fake web browser updates.
The Hacker News
ClearFake Campaign Expands to Deliver Atomic Stealer on Mac Systems
macOS users beware! Atomic Stealer, a $1,000/month malware, is now spreading through deceptive web browser updates via ClearFake.
The Hacker News
LockBit Ransomware Exploiting Critical Citrix Bleed Vulnerability to Break In
LockBit ransomware affiliates are exploiting the Citrix NetScaler flaw ("Citrix Bleed") to hijack user sessions and gain unauthorized access.
Trend Micro
Attack Signals Possible Return of Genesis Market, Abuses Node.js, and EV Code Signing
The Trend Micro Managed XDR team encountered malicious operations that used techniques similar to the ones used by Genesis Market, a website for facilitating fraud that was taken down in April 2023.
The Record
North Korean attack on CyberLink impacted devices around the world, Microsoft says
Microsoft has uncovered a supply chain attack by North Korean hackers who attached a malicious file to a CyberLink photo and video editing application installer.
DarkReading
Exploit for Critical Windows Defender Bypass Goes Public
Threat actors were actively exploiting CVE-2023-36025 in Windows SmartScreen as a zero-day vulnerability before Microsoft patched it in November.
Bleeping Computer
Lumma malware can allegedly restore expired Google auth cookies
The Lumma information-stealer malware (aka 'LummaC2') is promoting a new feature that allegedly allows cybercriminals to restore expired Google cookies, which can be used to hijack Google accounts.
Bleeping Computer
Malware dev says they can revive expired Google auth cookies
The Lumma information-stealer malware (aka 'LummaC2') is promoting a new feature that allegedly allows cybercriminals to restore expired Google cookies, which can be used to hijack Google accounts.
Infosecurity News
India Faces Surge in IM App Attacks With Trojan Campaigns
Microsoft highlighted a shift in tactics, with attackers directly sharing malicious APK files
CyberNews
Enterprise software provider Tmax leaks 2TB of data
Tmax has leaked over 50 million sensitive records.
SecurityWeek
Microsoft Paid Out $63 Million Since Launch of First Bug Bounty Program 10 Years Ago
Over the past ten years, Microsoft has handed out $63 million in rewards as part of its bug bounty programs.
CyberNews
Salesforce and other rivals want to recruit unhappy OpenAI researchers
The recruitment drive has begun. Marc Benioff, CEO of software company Salesforce, has said that he will match the salary of any researcher who resigns from OpenAI.
The Hacker News
Malicious Apps Disguised as Banks and Government Agencies Targeting Indian Android Users
📱 Alert: Android users in India, beware! Hackers are distributing fake banking and government apps to steal sensitive data like bank info and persona
Security Affairs
The Top 5 Reasons to Use an API Management Platform - Security Affairs
Organizations need to govern and control the API ecosystem, this governance is the role of API management.
DarkReading
Proof of Concept Exploit Publicly Available for Critical Windows SmartScreen Flaw
Threat actors were actively exploiting CVE-2023-36025 before Microsoft patched it in November.
The Record
‘Citrix Bleed’ vulnerability targeted by nation-state and criminal hackers: CISA
The bug has caused alarm for weeks as cybersecurity experts warned that many government agencies and major companies were leaving their appliances exposed to the internet — opening themselves up to attacks.
DarkReading
Amid Military Buildup, China Deploys Mustang Panda in the Philippines
China pairs cyber and kinetic attacks in the South Pacific as it continues to wrangle control of the South China Sea.
Bleeping Computer
How to boost Security with Self-Service Password Resets
Learn more from Specops Software about the benefits of self-service password resets and ways to accomplish this with on-premises Active Directory.
Latest Hacking News
Google Workspace Vulnerabilities Risk Security Breaches – Warn Researchers
Researchers have found numerous security vulnerabilities in Google Workspace that risk breaches. While the vulnerabilities pose a serious threat to the users, Google denies fixing the bugs as they do not match with Google’s threat
SecurityWeek
Microsoft Hires Sam Altman and OpenAI’s New CEO Vows to Investigate His Firing
Microsoft hired ex-Open AI chief Sam Altman and another architect of OpenAI for a new venture after their sudden departures.
Security Affairs
APT29 group exploited WinRAR 0day in attacks against embassies
Russia-linked cyberespionage group APT29 has been observed leveraging the CVE-2023-38831 vulnerability in WinRAR in recent attacks.
Cyber Security News
Hackers Exploit Google Workspace to Exfiltrate Data and Deploy Ransomware
Recent research into Google Workspace and Google Cloud Platform by Bitdefender Labs reveals novel attack methods, potentially leading.
Latest Hacking News
Google Elaborates On Campaigns Exploiting A Now-Patched Zimbra Zero-Day
Months after ensuring that the patch actually works, Google has now disclosed more details about active exploitation of a Zimbra zero-day vulnerability. The tech giant explained how the threat actors exploited the Zimbra zero-day in
Latest Hacking News
Intel Released Urgent Patch For Reptar Vulnerability In Its CPUs
Intel recently released a critical security fix for a newly discovered vulnerability affecting its CPUs. Dubbed “Reptar,” the vulnerability affects most modern Intel chips, attracting attention from numerous security researchers. Considering its severity, patching the
.webp)
Cyber Security News
Hackers Exploiting Zimbra 0-day to Attack Government Organizations
Zimbra Collaboration is an open-source solution software suite with an email server and web client for collaboration.
Bleeping Computer
Russian hackers use Ngrok feature and WinRAR exploit to attack embassies
After Sandworm and APT28 (known as Fancy Bear), another state-sponsored Russian hacker group, APT29, is leveraging the CVE-2023-38831 vulnerability in WinRAR for cyberattacks.
Cyber Security News
Weekly Cyber Security News Roundup for the Week of November 13th to 18th
Welcome to the Cyber Security News Recap, a weekly publication by Cyber Writes. Our aim is to bring you up-to-date information on the latest developments in the field of cybersecurity.
Bleeping Computer
Google shares plans for blocking third-party cookies in Chrome
Google has officially announced plans to gradually eliminate third-party cookies, a key aspect of its Privacy Sandbox initiative.
DarkReading
Scattered Spider Casino Hackers Evade Arrest in Plain Sight
The feds seem to know all about the hacking group brazenly breaking into corporate networks; so why are enterprise teams left on their own to stop their cybercrimes?
DarkReading
Shadowy Hack-for-Hire Group Behind Sprawling Web of Global Cyberattacks
For several years operators at New Delhi-based Appin hacked into, spied on, and stole data from targets around the world for clients that included private investigators, government agencies, law enforcement, and others.
Bleeping Computer
Google: Hackers exploited Zimbra zero-day in attacks on govt orgs
Hackers leveraged a medium-severity security issue now identified as CVE-2023-37580 since June 29, nearly a month before the vendor addressed it in version 8.8.15 Patch 41of the software on July 25.
The Hacker News
Beware: Malicious Google Ads Trick WinSCP Users into Installing Malware
Operation SEO#LURKER: Cybercriminal are using fake Google ads to trick users searching for software into downloading malware.
-1-1.webp)
Cyber Security News
Malware Discovered in Kids' Tablet steals sensitive data
In the ever-expanding market of Android devices, the allure of budget-friendly options can sometimes conceal unforeseen risks.
Security Affairs
Zimbra zero-day exploited to steal government emails by 4 groups
Google TAG revealed that threat actors exploited a Zimbra Collaboration Suite zero-day (CVE-2023-37580) to steal emails from governments.
Ars Technica
No Bing, no Edge, no upselling: De-crufted Windows 11 coming to Europe soon
Some changes will arrive for non-EU users, too, but not the easy removals.
SecurityWeek
Google Adds Passkey Support to New Titan Security Key
Google launches new Titan security key with passkey support, allowing users to store up to 250 unique passkeys.
CyberNews
YouTube partners with Google DeepMind to let creators clone pop star voices
Troye Sivan, Demi Lovato, and John Legend are among the artists who are participating in YouTube’s new AI music experiment.
The Hacker News
Zero-Day Flaw in Zimbra Email Software Exploited by Four Hacker Groups
Zero-day flaw ( CVE-2023-37580) in Zimbra Collaboration email software was exploited by 4 groups, exposing email data and credentials.
SecurityWeek
Zimbra Zero-Day Exploited to Hack Government Emails
Google says a Zimbra zero-day from earlier this year, CVE-2023-37580, was exploited in several campaigns to hack government emails.
Cyber Security News
ChatGPT for Malware Analysis: Enhancing GPT’s Ability to Guide Malware Analyst
GPT excels in verbal thinking, skillfully choosing precise words for optimal responses. Understanding this key property is crucial, as much of its subsequent behavior stems from this ability.
Cyber Security News
Google Chrome Use-After-Free Vulnerability Leads to Browser Crash
Google Chrome Stable Channel Update for Desktop version 119.0.6.45.159 for Mac and Linux and 119.0.6045.159/.160 for Windows.
Infosecurity News
Black Friday: Malwarebytes Warns of Credit Card Skimming Surge
The Kritec campaign shows similarities with previous Magecart skimming techniques
The Hacker News
CISA and FBI Issue Warning About Rhysida Ransomware Double Extortion Attacks
U.S. agencies warn of Rhysida ransomware double extortion attacks on multiple industries, including education, manufacturing and IT.
CyberNews
Fake crypto apps bring real losses to leading app marketplace users
Fake crypto apps and crypto romance scams on the rise
The Hacker News
Hackers Could Exploit Google Workspace and Cloud Platform for Ransomware Attacks
Novel attack methods targeting Google Workspace & Cloud Platform could enable ransomware and data breaches.
The Hacker News
How to Automate the Hardest Parts of Employee Offboarding
Eliminate 90% of the time and effort in finding and offboarding cloud and SaaS accounts. Say goodbye to IT offboarding headaches.
CyberNews
Samsung notifies UK store customers of data breach
Samsung Electronics, a South Korean multinational tech corporation, has notified some of its customers of a data breach that exposed their personal data to a hacker.
Cyber Security News
Best Network Security Vendors for SaaS - 2024
Best Network Security Vendors for SaaS : 1. Perimeter 81 2. Palo Alto Networks 3. Fortinet 4. Symantec 5. Check Point 6. McAfee 7. Okta.
Ars Technica
Developers can’t seem to stop exposing credentials in publicly accessible code
Many transgressions come from "very large companies that have robust security teams."
The Record
Hackers target Greece, Tunisia, Moldova, Vietnam and Pakistan with Zimbra zero-day
The attacks targeting government agencies were carried out by four different groups throughout the summer, Google's Threat Analysis Group found.
Bleeping Computer
Citrix Hypervisor gets hotfix for new Reptar Intel CPU flaw
Citrix has released hotfixes for two vulnerabilities impacting Citrix Hypervisor, one of them being the "Reptar" high-severity flaw that affects Intel CPUs for desktop and server systems.
Infosecurity News
ALPHV/BlackCat Ransomware Gang Targets Businesses Via Google Ads
Nitrogen serves as initial-access malware, using obfuscated Python libraries for stealth
SecurityWeek
Addressing the State of AI’s Impact on Cyber Disinformation/Misinformation
The rise of AI-powered disinformation presents an immense challenge to society’s ability to discern fact from fiction.
SecurityWeek
Chipmaker Patch Tuesday: Intel, AMD Address Over 130 Vulnerabilities
Intel and AMD have informed their customers about a total of more than 130 vulnerabilities found in their products.
SecurityWeek
New Intel CPU Vulnerability 'Reptar' Can Allow DoS Attacks, Privilege Escalation
A new Intel CPU vulnerability tracked as Reptar and CVE-2023-23583 can be exploited for DoS attacks and possibly privilege escalation
The Hacker News
Reptar: New Intel CPU Vulnerability Impacts Multi-Tenant Virtualized Environments
Intel released critical fixes for a high-severity vulnerability called Reptar (CVE-2023-23583). It affects multi-tenant virtualized environments.
The Hacker News
Alert: Microsoft Releases Patch Updates for 5 New Zero-Day Vulnerabilities
Microsoft has released fixes to address 63 security bugs in its software for the month of November 2023.
The Record
Google to distribute 100,000 Titan Security Keys to high-risk users
The company said it would hand out the keys at no cost to people working in governments around the world, particularly those involved in the administration of elections.
The Record
Intel patches high-severity vulnerability affecting central processing units
The vulnerability, codenamed Reptar, affects central processing units (CPUs) in Intel's desktop, mobile and server products.
The Record
CISA adds three Microsoft Patch Tuesday bugs to vulnerability list
The top cybersecurity agency in the U.S. warned that hackers are exploiting three vulnerabilities disclosed by Microsoft on Tuesday.
Bleeping Computer
WP Fastest Cache plugin bug exposes 600K WordPress sites to attacks
The WordPress plugin WP Fastest Cache is vulnerable to an SQL injection vulnerability that could allow unauthenticated attackers to read the contents of the site's database.
Bleeping Computer
New Reptar CPU flaw impacts Intel desktop and server systems
Intel has fixed a high-severity CPU vulnerability in its modern desktop, server, mobile, and embedded CPUs, including the latest Alder Lake, Raptor Lake, and Sapphire Rapids microarchitectures.
DarkReading
Google Goes After Scammers Abusing Its Bard AI Chatbot
A pair of lawsuits are part of a wider strategy to establish guardrails preventing AI-powered scams, frauds, and harassment, Google's general counsel says.
Ars Technica
Intel fixes high-severity CPU bug that causes “very strange behavior”
Among other things, bug allows code running inside a VM to crash hypervisors.
Ars Technica
AI outperforms conventional weather forecasting for the first time: Google study
AI models may soon enable more accurate forecasts with higher speed and lower cost.
CyberNews
Meta, Alphabet, ByteDance must face social media addiction lawsuits
A federal judge rejects Meta, Alphabet, and ByteDance's effort to dismiss litigation claiming their social media platforms addict children and damage their mental health.
SecurityWeek
Microsoft Warns of Critical Bugs Being Exploited in the Wild
Redmond’s security response team flags two vulnerabilities -- CVE-2023-36033 and CVE-2023-36036 -- already being exploited in the wild.
Bleeping Computer
Microsoft November 2023 Patch Tuesday fixes 5 zero-days, 58 flaws
Today is Microsoft's November 2023 Patch Tuesday, which includes security updates for a total of 58 flaws and five zero-day vulnerabilities.
The Hacker News
CacheWarp Attack: New Vulnerability in AMD SEV Exposes Encrypted VMs
Researchers uncover new "CacheWarp" attack on AMD's SEV technology. It could lead to privilege escalation in encrypted VMs.
Infosecurity News
Python Package Index Faces Security Crisis With Validated Leaks
2922 projects contained at least one unique secret, including from AWS, Redis and Google
CyberNews
‘Denial of pleasure’ attack: FlipperZero targets adult toys
Researchers find that Flipper Zero can connect and control adult toys remotely by making them vibrate or stop working via a Bluetooth Low-Energy (BLE) broadcast.
CyberNews
Pro-Hamas cybergang develops complex infection tactics with new downloader
A threat actor targeting West Asian governments now uses a labyrinthine infection chain based on delivering a new initial access downloader dubbed IronWind
SecurityWeek
Google Suing Cybercriminals Who Delivered Malware via Fake Bard Downloads
Google files a lawsuit against cybercriminals who delivered account-hijacking malware by offering fake Bard AI downloads.
The Hacker News
New Campaign Targets Middle East Governments with IronWind Malware
Government entities in the Middle East are under attack by a new phishing campaign employing the IronWind downloader.
CyberNews
ICBC allegedly paid ransom after hack
ICBC allegedly plaid the ransom to attackers.
The Hacker News
Vietnamese Hackers Using New Delphi-Powered Malware to Target Indian Marketers
Vietnamese hackers behind Ducktail malware launch a new campaign targeting Indian marketing pros.
The Record
CISA, FBI warn that Royal ransomware gang may rebrand as ‘BlackSuit’
The leading cybersecurity agencies in the U.S. released startling new data on the Royal ransomware gang on Monday, confirming previous reports that the gang may be preparing for a rebrand.
Ars Technica
Nvidia introduces the H200, an AI-crunching monster GPU that may speed up ChatGPT
The H200 will likely power the next generation of AI chatbots and art generators.
DarkReading
Ducktail Malware Targets the Fashion Industry
Threat actors distributed an archive containing images of new products by major clothing companies, along with a malicious executable disguised with a PDF icon.
CSO
ACSC and CISA launch step-by-step business continuity instructions for SMBs
Business Continuity in a Box is a set of instructions to help businesses maintain communications and continuity of critical applications following a cyber incident.
Latest Hacking News
Multiple Vulnerabilities Found In PureVPN – One Remains Unpatched
Researchers spotted a couple of security vulnerabilities in PureVPN Desktop clients for Linux that impact users’ privacy. While PureVPN patched one flaw, another RCE vulnerability remains unpatched. Numerous PureVPN Vulnerabilities Affected Linux Clients Security researchers Rafay Baloch
The Record
Crooks leverage Google quiz messages as part of bitcoin scam
Scammers have discovered a way to create a new quiz in Google Forms, use a victim’s email address to respond to it, and then exploit the feature that releases the score of the quiz to send malicious emails, Cisco Talos said.
The Record
Boeing investigating leaked data after LockBit allegedly publishes stolen info
Airplane maker Boeing said it is investigating data leaked by a prominent Russia-based ransomware gang that was allegedly stolen from the company.
Bleeping Computer
Google Chrome & Microsoft Edge to get 'Save Frame' feature for YouTube
You can soon right-click on any YouTube video in Microsoft Edge or Google Chrome and save the frame (capture the screenshot of the video) in the original resolution and PNG format.
Bleeping Computer
Police takes down BulletProftLink large-scale phishing provider
The notorious BulletProftLink phishing-as-a-service (PhaaS) platform that provided more than 300 phishing templates has been seized, the Royal Malaysian Police announced.
Cyber Security News
10 Best Digital Forensic Investigation Tools - 2024
Best Free Digital Forensic Tools: 1. Sleuth Kit (+Autopsy) 2. Forensic Investigator 3.Autopsy 4. Dumpzilla 5. X-Ways Forensics.
.webp)
Cyber Security News
Hackers Trick Windows Users With Malicious Ads to Deliver Malware
Cybersecurity researchers at Malwarebytes recently identified a malicious campaign that mimics the WindowsReport.com portal.
Cyber Security News
Top 10 Best Google Alternatives in 2024
Best Google Alternatives: 1. DuckDuckGo 2. Search Encrypt 3. Qwant 4. Startpage 5. Mojeek 6. Bing 7. Gibiru 8. Ask 9. SearX 10. Yahoo!
SecurityWeek
In Other News: EU Government Surveillance, Rewards for Iranian Hackers, Evolution of Chinese Spying
EU regulation enables government surveillance, US offering rewards for Iranian hackers, evolution of Chinese spying.
CyberNews
New malvertising campaign targets Windows geeks
A threat actor copied a legitimate Windows news website to deliver an infostealer for the CPU-Z processor tool.
SecurityWeek
Intel Sued Over 'Downfall' CPU Vulnerability
A class action lawsuit has been filed against Intel over its handling of CPU speculative execution vulnerabilities, with a focus on Downfall.
The Hacker News
Stealthy Kamran Spyware Targeting Urdu-speaking Users in Gilgit-Baltistan
Urdu-speaking readers in Gilgit-Baltistan, beware! A WATERING HOLE ATTACK using Kamran spyware has been uncovered by ESET
The Record
Android spyware delivered through infected news site targets Urdu speakers in Kashmir
Hackers are targeting Urdu speakers with spyware delivered through an infected popular news site, according to a new report.
Bleeping Computer
Cloudflare website down, showing ‘We’re sorry’ Google errors
Cloudflare is investigating an ongoing outage causing 'We're sorry" Google errors to be shown on the company's website.
Bleeping Computer
Cloudflare website downed by DDoS attack claimed by Anonymous Sudan
Cloudflare is investigating an ongoing outage causing 'We're sorry" Google errors to be shown on the company's website.
CyberScoop
Cyber ops linked to Israel-Hamas conflict largely improvised, researchers say
Microsoft and Mandiant researchers believe Iranian hackers were not prepared for the initial Hamas attack.
Infosecurity News
New Kamran Spyware Targets Urdu-Speaking Users in Pakistan
ESET said the attack affects Android users accessing the Urdu version of the Hunza News website
Bleeping Computer
Google ads push malicious CPU-Z app from fake Windows news site
A threat actor has been abusing Google Ads to distribute a trojanized version of the CPU-Z tool to deliver the Redline info-stealing malware.
The Hacker News
New Malvertising Campaign Uses Fake Windows News Portal to Distribute Malicious Installers
Malicious sites posing as legit Windows news portals spotted distributing malware disguised as CPU-Z.
Bleeping Computer
Russian hackers switch to LOTL technique to cause power outage
Russian state hackers have evolved their methods for breaching industrial control systems by adopting living-off-the-land techniques that enable reaching the final stage of the attack quicker and with less resources
The Hacker News
When Email Security Meets SaaS Security: Uncovering Risky Auto-Forwarding Rules
Beware of email auto-forwarding pitfalls. Learn how Wing Security's free tool can safeguard your sensitive data.
CyberNews
Google, Meta, Microsoft to join forces defending apps from hackers
Google, Microsoft, and Meta founded a steering committee to improve app security through a newly restructured App Defense Alliance.e
Infosecurity News
Russian APT Sandworm Disrupted Power in Ukraine Using OT Techniques
Sandworm conducted a disruptive cyber-attack targeting a Ukrainian critical infrastructure organization in late 2022
CyberScoop
Russian hackers disrupted Ukrainian electrical grid last year
The notorious Russian hacking group known as Sandworm took down a substation that caused a brief outage, according to a new Mandiant report.
Cyber Security News
Google Calendar RAT Abusing Calendar Events to Create Red Teaming Infrastructure
Google Calendar RAT is a proof of concept for Command & Control . It's useful when setting up a full red teaming infrastructure.
CyberNews
Digital payment apps Paypal, Venmo, CashApp could soon be regulated like banks
Payment apps and digital wallets Apple Pay, Google Wallet, Venmo, and CashApp, could soon be regulated like banks under the US Consumer Financial Protection Bureau.
CSO
Generative AI to fuel stronger phishing campaigns, information operations at scale in 2024
Google Cloud forecasts continued use of gen AI to create smarter campaigns while cybersecurity pros will use the same tools to defend and close the skills gap.
Bleeping Computer
Russian state-owned Sberbank hit by 1 million RPS DDoS attack
Russian financial organization Sberbank states in a press release that two weeks ago it faced the most powerful distributed denial of service (DDoS) attack in recent history.
Bleeping Computer
Fake Ledger Live app in Microsoft Store steals $768,000 in crypto
Microsoft has recently removed from its store a fraudulent Ledger Live app for cryptocurrency management after multiple users lost at least $768,000 worth of cryptocurrency assets.
CyberNews
TikTok lagging behind rivals like Facebook in security
A new study shows TikTok trailing behind rival platforms in terms of security while Facebook and YouTube lead the way.
CSO
IBM rebuilds QRadar for hybrid clouds and AI workloads
The new cloud-native SIEM is built with features supporting hybrid cloud interoperability, open source, and automated threat detection.
Infosecurity News
Spy Trojan SpyNote Unveiled in Attacks on Gamers
The findings are part of Kaspersky’s latest investigation, spanning from July 2022 to July 2023
Ars Technica
Elon Musk’s new AI model doesn’t shy from questions about cocaine and orgies
xAI positions sarcastic AI assistant to counterbalance buttoned-up ChatGPT.
The Hacker News
SecuriDropper: New Android Dropper-as-a-Service Bypasses Google's Defenses
SecuriDropper, a sneaky malware delivery service, outsmarts Google's latest security measures.
Bleeping Computer
Cybercrime service bypasses Android security to install malware
A new dropper-as-a-service (DaaS) named 'SecuriDropper' has emerged, using a method that bypasses Android 13's 'Restricted Settings' to install malware on devices and grant them access to the Accessibility Services.
Cyber Security News
Okta Employee's Use of Personal Google Account Leads to Security Breach
A threat actor obtained unauthorized access to files connected to 134 Okta customers, or less than 1% of Okta customers.
Infosecurity News
Okta Breach Hit Over 130 Customers
Several suffered follow-on session hijacking attacks
Cyber Security News
The Ultimate SaaS Security Admin Guide - 2024
SaaS Security Admin Guide: 1. Encryption 2. Backup and Recovery 3. Data Residency 4. Regular Audits 5. Data Privacy 6. Least Privileges.
The Hacker News
Google Warns How Hackers Could Abuse Calendar Service as a Covert C2 Channel
Google warns of hackers exploiting its Calendar service to host command-and-control (C2) infrastructure.
Cyber Security News
Threat and Vulnerability Roundup for the week of October 29th to November 4th
welcome to Cyber Writes' weekly publication - the Threat and Vulnerability Roundup! Get ready to dive into the latest and greatest in cybersecurity, as we bring you the most up-to-date information each week.
The Hacker News
Okta's Recent Customer Support Data Breach Impacted 134 Customers
Okta discloses that the recent security breach has impacted 134 of its customers.
The Hacker News
Google Play Store Introduces 'Independent Security Review' Badge for Apps
Google's new "Independent security review" badge in the Play Store's Data safety section will help you identify secure Android apps.
Ars Technica
No, Okta, senior management, not an errant employee, caused you to get hacked
If a transgression by a single employee breaches your network, you're doing it wrong.
DarkReading
'KandyKorn' macOS Malware Lures Crypto Engineers
Posing as fellow engineers, the North Korean state-sponsored cybercrime group Lazarus tricked crypto-exchange developers into downloading the hard-to-detect malware.
Bleeping Computer
Google Play adds security audit badges for Android VPN apps
Google Play, Android's official app store, is now tagging VPN apps with an 'independent security reviews' badge if they conducted an independent security audit of their software and platform.
Bleeping Computer
Okta breach: 134 customers exposed in October support system hack
Okta says attackers who breached its customer support system last month gained access to files belonging to 134 customers, five of them later being targeted in session hijacking attacks with the help of stolen session tokens.
Infosecurity News
UK AI Safety Institute: A Blueprint for the Future of AI?
The UK Frontier AI Taskforce is evolving to become the UK AI Safety Institute
CyberSecurity Dive
5 Okta customers snared in attack on the provider’s support system
The IAM provider says the attack was most likely linked to a compromised employee’s personal Google account or personal device.
The Record
Okta defends 2-week gap in response to identity token theft, says 134 customers affected
The identity management company said that from September 28, to October 17, a threat actor “gained unauthorized access to files inside Okta’s customer support system associated with 134 Okta customers.”
The Record
Cyber experts and officials raise alarms about exploits against Citrix and Apache products
The zero-day bugs affecting products from Citrix and Apache have critical severity scores and require immediate attention, experts warned.
The Record
UK agency warns post-quantum cryptography migration will be ‘very complicated’
The National Cyber Security Centre says that more than just mathematics will be necessary to meet the threat that quantum computers pose to traditional public-key cryptography.
Bleeping Computer
New macOS 'KandyKorn' malware targets cryptocurrency engineers
A new macOS malware dubbed 'KandyKorn' has been spotted in a campaign attributed to the North Korean Lazarus hacking group, targeting blockchain engineers of a cryptocurrency exchange platform.
SecurityWeek
Former SpaceX Engineers Get $8 Million in Funding for AI Security Firm Wraithwatch
Former SpaceX cybersecurity engineers launch Wraithwatch, an AI-based security firm that received $8 million in seed funding.
SecurityWeek
European Privacy Officials Widen Ban on Meta's Behavioral Advertising to Most of Europe
European privacy officials have widened a ban on Meta’s “behavioral advertising” practices to most of Europe.
.webp)
Cyber Security News
Google Chrome 119 Released: Fix for 15 security Flaws - Patch Now!
Google has released Chrome 119 to the stable channel for Windows, Mac, and Linux, along with 15 security patches.
The Record
Arabic-speaking WhatsApp users targeted with spyware
Otherwise harmless mods of the WhatsApp messenger have been infected with spyware aimed at users in Saudi Arabia, Yemen and elsewhere, according to researchers at Kaspersky.
The Record
EU urged to drop new law that could allow member states to intercept and decrypt global web traffic
More than 100 of the world’s most respected cybersecurity experts have written to European Union lawmakers to warn that a proposed legal reform that may soon become law could fundamentally undermine security online.
DarkReading
More Than 100 Vulns in Microsoft 365 Tied to SketchUp 3D Library
While Microsoft patched the issues in June, support for SketchUp appears to remain disabled in Microsoft 365.
Ars Technica
“Catastrophic” AI harms among warnings in declaration signed by 28 nations
"Bletchley Declaration" sums up first day of UK's international AI Safety Summit.
SecurityWeek
Supply Chain Startup Chainguard Scores $61 Million Series B
Washington startup Chainguard banks $61 million in new financing as investors make hefty wagers on software supply chain security companies.
Bleeping Computer
LayerX Enterprise Browser Security Extension – Secure the Modern Workspace
LayerX has developed a secure enterprise browser extension that delivers comprehensive visibility, monitoring, and granular policy enforcement on every event within a browsing session. Learn more about this cybersecurity platform from LayerxSecurity.
SecurityWeek
Chrome 119 Patches 15 Vulnerabilities
Chrome 119 is rolling out to Linux, macOS, and Windows devices with patches for over a dozen vulnerabilities.
Infosecurity News
28 Countries Sign Bletchley Declaration on Responsible AI
The 28 signatories of the Bletchley Declaration agreed on an international network of scientific research on ‘frontier AI’ safety
The Hacker News
Hands on Review: LayerX's Enterprise Browser Security Extension
Protect your organization's most critical interface—The Browser! LayerX's secure extension offers comprehensive visibility and policy enforcement, de
Latest Hacking News
Samsung Galaxy Rolls Out Auto Blocker To Protect Devices
Pledging the utmost security and privacy for its users, Samsung has now developed a dedicated device protection feature. Dubbed “Auto Blocker,” this new feature protects Samsung Galaxy devices from malicious actions, such as sneaky sideloading,
The Hacker News
North Korean Hackers Targeting Crypto Experts with KANDYKORN macOS Malware
State-sponsored North Korean hackers are using a sneaky macOS malware called KANDYKORN to target crypto engineers via Discord.
Bleeping Computer
Avast confirms it tagged Google app as malware on Android phones
Czech cybersecurity company Avast confirmed that its antivirus SDK has been flagging a Google Android app as malware on Huawei, Vivo, and Honor smartphones since Saturday.
Bleeping Computer
Flipper Zero Bluetooth spam attacks ported to new Android app
Recent Flipper Zero Bluetooth spam attacks have now been ported to an Android app, allowing a much larger number of devices to implement these annoying spam alerts.
Bleeping Computer
Samsung Galaxy gets new Auto Blocker anti-malware feature
Samsung has unveiled a new security feature called 'Auto Blocker' as part of the One UI 6 update, offering enhanced malware protection on Galaxy devices.
DarkReading
'Elektra-Leak' Attackers Harvest AWS Cloud Keys in GitHub Campaign
Cyber adversaries are scanning public GitHub repositories in real-time, evading Amazon quarantine controls, and harvesting AWS keys.
The Hacker News
Arid Viper Targeting Arabic Android Users with Spyware Disguised as Dating App
Arid Viper, a cyber espionage group linked to Hamas, has been exposed for its Android spyware campaign disguised as a dating app.
The Hacker News
Trojanized PyCharm Software Version Delivered via Google Search Ads
A malvertising scheme is using compromised websites to trick users into downloading malware-laden PyCharm promoted via Google Ads.
Cyber Security News
Over 700 Zero-Day Vulnerabilities Identified in Q3 2023: Mitigation Methods on WAAP
A "zero-day vulnerability" is a security flaw or weakness in a software application, operating system, or hardware device unknown to the vendor or the public.
DarkReading
Google Dynamic Search Ads Abused to Unleash Malware 'Deluge'
An advanced feature of Google targeted ads can allow a rarely precedented flood of malware infections, rendering machines completely useless.
Bleeping Computer
SEC sues SolarWinds for misleading investors before 2020 hack
The U.S. Securities and Exchange Commission (SEC) today charged SolarWinds with defrauding investors by allegedly concealing cybersecurity defense issues before a December 2020 linked to APT29, the Russian Foreign Intelligence Service (SVR) hacking division.
Bleeping Computer
Google Chrome now auto-upgrades to secure connections for all users
Google has taken a significant step towards enhancing Chrome internet security by automatically upgrading insecure HTTP requests to HTTPS requests for 100% of users.
Ars Technica
Biden issues sweeping executive order that touches AI risk, deepfakes, privacy
Order details US admin's approach to AI safety, media authenticity, job loss, and more.
CyberNews
Debunking the top five Bitcoin misconceptions
In the wake of every groundbreaking technology, there’s an abundance of misconceptions that we later find silly.
Bleeping Computer
Huawei, Vivo phones tag Google app as TrojanSMS-PA malware
Huawei, Honor, and Vivo smartphones and tablets are displaying strange 'Security threat' alerts urging the deletion of the Google app, warning that it is detected as the 'TrojanSMS-PA' malware.
SecurityWeek
Proofpoint to Acquire Tessian for AI-Powered Email Security Tech
Proofpoint removes a formidable competitor from the crowded email security market and adds technology to address risk from misdirected emails.
SecurityWeek
Attackers Can Use Modified Wikipedia Pages to Mount Redirection Attacks on Slack
Researchers document the Wiki-Slack attack, a new technique that uses modified Wikipedia pages to target end users on Slack.
The Hacker News
New Webinar: 5 Must-Know Trends Impacting AppSec
Join our expert panel of security veterans Emo Gokay, Multi-Cloud Security Engineer at EY Technologies and George Prichici, VP of products at OPSWAT,
The Hacker News
EleKtra-Leak Cryptojacking Attacks Exploit AWS IAM Credentials Exposed on GitHub
EleKtra-Leak cryptojacking campaign is exploiting exposed AWS IAM credentials on public GitHub repositories
SecurityWeek
Biden Wants to Move Fast on AI Safeguards and Will Sign an Executive Order to Address His Concerns
Joe Biden's executive order on artificial intelligence (AI) will require industry to develop safety and security standards, add consumer protections and give federal agencies an extensive to-do list.
Computerworld
‘Data poisoning’ anti-AI theft tools emerge — but are they ethical?
New tools that can corrupt digitized artwork and other copyrighted materials are emerging to thwart generative AI models that scrape the internet to learn and provide content.
The Hacker News
Hackers Using MSIX App Packages to Infect Windows PCs with GHOSTPULSE Maware
Cyber criminals are using fake MSIX Windows app packages of popular software to deliver GHOSTPULSE malware loader
The Record
Russia to launch its own version of VirusTotal due to US snooping fears
The repository, to be called “Multiscanner,” would mimic the Google-owned platform, which allows organizations to share suspected malware.
Bleeping Computer
Hackers email stolen student data to parents of Nevada school district
The Clark County School District (CCSD) in Nevada is dealing with a potentially massive data breach, as hackers email parents their children's' data that was allegedly stolen during a recent cyberattack.
Bleeping Computer
Hackers earn over $1 million for 58 zero-days at Pwn2Own Toronto
The Pwn2Own Toronto 2023 hacking competition has ended with security researchers earning $1,038,500 for 58 zero-day exploits (and multiple bug collisions) targeting consumer products between October 24 and October 27.
Cyber Security News
11 Best Cloud Access Security Broker Software (CASB) - 2023
Best Cloud Access Security Broker (CASB) Software: 1. DoControl CASB 2. Microsoft Cloud App Security 3. Forcepoint 4. Palo Alto Networks.
The Hacker News
Google Expands Its Bug Bounty Program to Tackle Artificial Intelligence Threats
Google is expanding its Vulnerability Rewards Program (VRP) to reward researchers for discovering attack scenarios targeting generative artificial int
CyberSecurity Dive
High-profile summer attacks linked to same aggressive ransomware group
Microsoft researchers described Octo Tempest, or Oktapus, as one of the most dangerous financial criminal groups currently in operation.
-1.webp)
Cyber Security News
Beware of Fake Google Chrome Update that Installs Malware
One of them is the fake Chrome update malware, which has been around for several years and is still active.