Ars Technica
Hackers spent 2+ years looting secrets of chipmaker NXP before being detected
Chipmaker claims breach had no "material adverse effect."
The Hacker News
How Hackers Phish for Your Users' Credentials and Sell Them
Did you know that a single stolen credential can jeopardize your entire network? Protect your organization against sophisticated phishing attacks. Lea
The Hacker News
Hackers Can Exploit 'Forced Authentication' to Steal Windows NTLM Tokens
A vulnerability in Microsoft Access that could be exploited to leak a Windows user’s NTLM tokens.
Cyber Security News
OwnCloud Critical Vulnerability Exploited in the Wild
Owncloud was discovered with a new vulnerability which was associated with the exposure of sensitive information.
Bleeping Computer
Microsoft deprecates Defender Application Guard for Office
Microsoft is deprecating Defender Application Guard for Office and the Windows Security Isolation APIs, and it recommends Defender for Endpoint attack surface reduction rules, Protected View, and Windows Defender Application Control as an alternative.
Latest Hacking News
Multiple Vulnerabilities Found In ownCloud File Sharing App
Numerous security vulnerabilities riddled the privacy of ownCloud users that the vendor patched recently. Exploiting these vulnerabilities could expose users’ passwords to potential adversaries. ownCloud Vulnerabilities Risked User Accounts According to the recent advisories, ownCloud addressed three
Latest Hacking News
Microsoft Defender Lures Researchers With Bug Bounty Program
The Redmond giant has introduced a dedicated bug bounty program for its Microsoft Defender security solution. Under this program, the tech giant aims to pay up to $20,000 as bounties to the security researchers and
SecurityWeek
Critical ownCloud Flaws Lead to Sensitive Information Disclosure, Authentication Bypass
Three critical vulnerabilities in ownCloud could lead to sensitive information disclosure and authentication and validation bypass.
Latest Hacking News
Konni RAT Malware Campaign Spreads Via Malicious Word Files
Researchers caught a new campaign from the notorious Konni RAT malware exploiting malicious Word files. The threat actors distribute the malware via malicious macros embedded in Word files that infect the target systems. Konni RAT Malware
Bleeping Computer
Leveraging Wazuh to combat insider threats
Effective strategies for mitigating insider threats involve a combination of detective and preventive controls. Such controls are provided by the Wazuh SIEM and XDR platform.
The Record
AI systems ‘subject to new types of vulnerabilities,’ British and US cyber agencies warn
British and U.S. cybersecurity authorities published guidance on Monday about how to develop artificial intelligence systems in a way that will minimize the risks they face from mischief-makers through to state-sponsored hackers.
Security Affairs
Security Affairs newsletter Round 447 by Pierluigi Paganini
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you.
Security Affairs
Lazarus is using a MagicLine4NX zero-day in supply chain attack
UK and South Korea agencies warn that North Korea-linked APT Lazarus is using a MagicLine4NX zero-day flaw in a supply-chain attack.
-1.webp)
Cyber Security News
Hackers Using Malicious Browser Extensions to Steal Facebook Business Accounts
Ducktail is a specifically designed information stealer that can have severe consequences, such as privacy breaches and identity theft.
The Hacker News
New 'HrServ.dll' Web Shell Detected in APT Attack Targeting Afghan Government
A new web shell called HrServ is part of a suspected APT attack in Afghanistan. HrServ can erase tracks and execute code in memory.
The Hacker News
Warning: 3 Critical Vulnerabilities Expose ownCloud Users to Data Breaches
ownCloud, an open-source file-sharing software, has disclosed 3 critical vulnerabilities.
Security Affairs
Microsoft launched its new Microsoft Defender Bounty Program
Microsoft announced this week it will pay up to $20,000 for security vulnerabilities in its Defender products.
Bleeping Computer
Critical bug in ownCloud file sharing app exposes admin passwords
Open source file sharing software ownCloud is warning of three critical-severity security vulnerabilities, including one that can expose administrator passwords and mail server credentials.
Bleeping Computer
UK and South Korea: Hackers use zero-day in supply-chain attack
A joint advisory by the National Cyber Security Centre (NCSC) and Korea's National Intelligence Service (NIS) discloses a supply-chain attack executed by North Korean hackers involving the MagicLineThe National Cyber Security Centre (NCSC) and Korea's National Intelligence Service (NIS) warn that the North Korean Lazarus hacking grou
Bleeping Computer
Cyberattack on IT provider CTS impacts dozens of UK law firms
A cyberattack on CTS, a leading managed service provider (MSP) for law firms and other organizations in the UK legal sector, is behind a major outage impacting numerous law firms and home buyers in the country since Wednesday.
SecurityWeek
North Korean Software Supply Chain Attack Hits North America, Asia
North Korean hackers breached a Taiwanese company and used its systems to deliver malware to the US, Canada, Japan and Taiwan in a supply chain attack.
Infosecurity News
Windows Hello Fingerprint Tech is Hacked
Blackwing researchers bypass the authentication system
Security Affairs
North Korea-linked Konni APT uses Russian-language documents
North Korea-linked Konni APT group used Russian-language Microsoft Word documents to deliver malware .............
The Record
North Korean supply chain attacks prompt joint warning from Seoul and London
The alert came as the two governments announced a new strategic cyber partnership “to disrupt and deter DPRK malicious cyber capabilities and activities that contribute to its WMD programs.”
The Hacker News
Konni Group Using Russian-Language Malicious Word Docs in Latest Attacks
Threat actor Konni, potentially tied to North Korea, deploys RAT in cyber espionage using Russian Word doc, exploiting WinRAR flaw.
Security Affairs
North Korea-linked APT Diamond Sleet supply chain attack relies on CyberLink software
North Korea-linked APT group Diamond Sleet is distributing a trojanized version of the CyberLink software in a supply chain attack.
SecurityWeek
Broadcom Planning to Complete Deal for $69 Billion Acquisition of VMWare After Regulators Give OK
Broadcom has cleared all regulatory hurdles and will complete its $69 billion acquisition of cloud technology company VMware.
Cyber Security News
North Korean Hackers Targeting CyberLink Users in Supply-chain Attack
Microsoft Threat Intelligence has uncovered a sophisticated supply chain attack orchestrated by the North Korean Hackers Diamond Sleet (ZINC)
The Hacker News
Mirai-based Botnet Exploiting Zero-Day Bugs in Routers and NVRs for Massive DDoS Attacks
Active malware campaign exploits zero-day vulnerabilities to create a Mirai-based DDoS botnet targeting routers and NVR devices.
Cyber Security News
WailingCrab Malware Abuse Messaging Protocol for C2 Communications
WailingCrab's backdoor component has been in contact with the C2 since the middle of 2023 via the lightweight IoT message protocol MQTT.
Infosecurity News
North Korea Blamed For CyberLink Supply Chain Attacks
Legitimate app installer modified with malicious code
CyberNews
Microsoft alerts CyberLink to North Korean threat
Microsoft has alerted software company CyberLink to the misuse of its software by North Korean group Diamond Sleet.
Cyber Security News
Hackers Exploiting Windows SmartScreen Zero-day Vulnerability to Deploy Remcos RAT
Microsoft released multiple security patches as part of their Patch Tuesday in which three zero-day vulnerabilities were also patched.
The Hacker News
North Korean Hackers Distribute Trojanized CyberLink Software in Supply Chain Attack
North Korean hackers, aka Diamond Sleet, spread a trojanized version of CyberLink's legit app.
CyberNews
Exclusive-OpenAI researchers warned board of AI breakthrough ahead of CEO ouster -sources
Ahead of OpenAI CEO Sam Altman’s firing, staff researchers sent the Board a letter warning of a powerful artificial intelligence discovery that could threaten humanity.
Trend Micro
ParaSiteSnatcher How Malicious Chrome Extensions Target Brazil
We detail the modular framework of malicious Chrome extensions that consist of various highly obfuscated components that leverage Google Chrome API to monitor, intercept, and exfiltrate victim data.
The Record
Kansas Supreme Court: Hackers stole records, confidential files in October attack
Hackers who attacked the Kansas court system last month stole records and confidential files, according to the state's Supreme Court.
CyberNews
Former OpenAI staffers slam CEO Sam Altman in new tell-all letter
Elon Musk is sent an anonymous letter dissing OpenAI’s Sam Altman - allegedly written by former OpenAI employees - and released hours before Altman is reinstated as CEO.
DarkReading
Fake Browser Updates Targeting Mac Systems With Infostealer
A pervasive ClearFake campaign targeting Windows systems with Atomic Stealer has expanded its social engineering scams to MacOS users, analysts warn.
Bleeping Computer
Windows Hello auth bypassed on Microsoft, Dell, Lenovo laptops
Security researchers bypassed Windows Hello fingerprint authentication on Dell Inspiron, Lenovo ThinkPad, and Microsoft Surface Pro X laptops in attacks exploiting security flaws found in the embedded fingerprint sensors.
Bleeping Computer
Microsoft: Lazarus hackers breach CyberLink in supply chain attack
Microsoft says a North Korean hacking group has breached Taiwanese multimedia software company CyberLink and trojanized one of its installers to push malware in a supply chain attack targeting potential victims worldwide.
Bleeping Computer
Open-source Blender project battling DDoS attacks since Saturday
Blender has confirmed that recent site outages have been caused by ongoing DDoS (distributed denial of service) attacks that started on Saturday.
The Hacker News
New Flaws in Fingerprint Sensors Let Attackers Bypass Windows Hello Login
🔒 Multiple vulnerabilities found in laptop fingerprint sensors—allowing attackers to bypass Windows Hello authentication on Dell, Lenovo, and Microso
SecurityWeek
Windows Hello Fingerprint Authentication Bypassed on Popular Laptops
Researchers have tested the fingerprint sensors used for Windows Hello on three popular laptops and managed to bypass them.
SecurityWeek
Sam Altman is Back as OpenAI CEO Just Days After Being Removed, Along With a New Board
OpenAI reached an agreement for Sam Altman to return to OpenAI as CEO with a new initial board of directors, after he was fired a week prior.
SecurityWeek
Microsoft Offers Up to $20,000 for Vulnerabilities in Defender Products
Microsoft invites researchers to new bug bounty program focused on vulnerabilities in its Defender products.
The Hacker News
North Korean Hackers Pose as Job Recruiters and Seekers in Malware Campaigns
North Korean hackers posing as recruiters infect software developers with cross-platform malware.
Cyber Security News
Microsoft Defender Bounty Program: Rewards up to $20,000 USD
Microsoft introduced the Defender Bounty Program to enhance the security of customers' experience with rewards to researchers up to USD 20,000.
Infosecurity News
Microsoft Launches Defender Bug Bounty Program
Ethical hackers could win cash prizes of up to $20,000
CyberNews
OpenAI reinstates Sam Altman as CEO
Sam Altman to return as CEO of OpenAI.
The Record
North Korean attack on CyberLink impacted devices around the world, Microsoft says
Microsoft has uncovered a supply chain attack by North Korean hackers who attached a malicious file to a CyberLink photo and video editing application installer.
Trend Micro
Attack Signals Possible Return of Genesis Market, Abuses Node.js, and EV Code Signing
The Trend Micro Managed XDR team encountered malicious operations that used techniques similar to the ones used by Genesis Market, a website for facilitating fraud that was taken down in April 2023.
Bleeping Computer
Microsoft now rolling out Copilot to Windows 10 devices
Microsoft is now rolling out the Copilot AI assistant to eligible non-managed systems enrolled in the Windows Insider program and running Windows 10 22H2 Home and Pro editions.
DarkReading
Exploit for Critical Windows Defender Bypass Goes Public
Threat actors were actively exploiting CVE-2023-36025 in Windows SmartScreen as a zero-day vulnerability before Microsoft patched it in November.
CyberNews
OpenAI board, Altman in talks for return of former CEO
Sam Altman and OpenAI's board have opened up discussions to bring back the former CEO and founder of the AI startup, while investors seek legal action.
Bleeping Computer
Microsoft launches Defender Bounty Program with $20,000 rewards
Microsoft has unveiled a new bug bounty program aimed at the Microsoft Defender security platform, with rewards between $500 and $20,000.
Bleeping Computer
CISA orders federal agencies to patch Looney Tunables Linux bug
Today, CISA ordered U.S. federal agencies to secure their systems against an actively exploited vulnerability that lets attackers gain root privileges on many major Linux distributions.
Infosecurity News
India Faces Surge in IM App Attacks With Trojan Campaigns
Microsoft highlighted a shift in tactics, with attackers directly sharing malicious APK files
Bleeping Computer
DarkGate and Pikabot malware emerge as Qakbot’s successors
A sophisticated phishing campaign pushing the DarkGate malware infections has recently added the PikaBot malware into the mix, making it the most advanced phishing campaign since the Qakbot operation was dismantled.
Ars Technica
95% of OpenAI employees have threatened to quit in standoff with board
OpenAI's future hangs in the balance as staff says they'll join former CEO at Microsoft.
The Hacker News
Play Ransomware Goes Commercial - Now Offered as a Service to Cybercriminals
Play ransomware has turned into Ransomware-as-a-Service (RaaS), allowing other cybercriminals to use it.
The Hacker News
New Agent Tesla Malware Variant Using ZPAQ Compression in Email Attacks
New variant of Agent Tesla malware identified. It's a keylogger and remote access trojan (RAT) offered as part of a malware-as-a-service (MaaS) model.
SecurityWeek
Microsoft Paid Out $63 Million Since Launch of First Bug Bounty Program 10 Years Ago
Over the past ten years, Microsoft has handed out $63 million in rewards as part of its bug bounty programs.
CyberNews
Salesforce and other rivals want to recruit unhappy OpenAI researchers
The recruitment drive has begun. Marc Benioff, CEO of software company Salesforce, has said that he will match the salary of any researcher who resigns from OpenAI.
The Hacker News
Malicious Apps Disguised as Banks and Government Agencies Targeting Indian Android Users
📱 Alert: Android users in India, beware! Hackers are distributing fake banking and government apps to steal sensitive data like bank info and persona
The Hacker News
Mustang Panda Hackers Targets Philippines Government Amid South China Sea Tensions
China-linked Mustang Panda cyber actor targets Philippines government entity amid South China Sea tensions.
DarkReading
Proof of Concept Exploit Publicly Available for Critical Windows SmartScreen Flaw
Threat actors were actively exploiting CVE-2023-36025 before Microsoft patched it in November.
The Record
Hackers create fake banking apps to steal financial data from Indian users
Researchers have uncovered an ongoing information-stealing campaign targeting customers of Indian banks with mobile malware.
Bleeping Computer
Microsoft fixes ‘Something Went Wrong’ Office sign-in errors
Microsoft is rolling out fixes for known Microsoft 365 issues causing 'Something Went Wrong [1001]' sign-in errors and rendering desktop applications unusable for many customers.
DarkReading
Amid Military Buildup, China Deploys Mustang Panda in the Philippines
China pairs cyber and kinetic attacks in the South Pacific as it continues to wrangle control of the South China Sea.
Ars Technica
OpenAI employees revolt after board names new CEO and Altman heads to Microsoft
Ilya Sutskever announces regret; 505 OpenAI employees sign letter asking board to resign.
CyberNews
Hundreds of OpenAI staff threaten to resign and join Altman at Microsoft
After OpenAI's board confirmed that Sam Altman would not return as the firm’s CEO, most of its employees said they would resign en masse if the decision wasn't reversed.
Bleeping Computer
How to boost Security with Self-Service Password Resets
Learn more from Specops Software about the benefits of self-service password resets and ways to accomplish this with on-premises Active Directory.
SecurityWeek
CISA Releases Cybersecurity Guidance for Healthcare, Public Health Organizations
New CISA guidance details cyber threats and risks to healthcare and public health organizations and recommends mitigations.
SecurityWeek
Microsoft Hires Sam Altman and OpenAI’s New CEO Vows to Investigate His Firing
Microsoft hired ex-Open AI chief Sam Altman and another architect of OpenAI for a new venture after their sudden departures.
CyberNews
Tech whiz kid Sam Altman is out of OpenAI for good: what happened?
Sam Altman, the ousted CEO of ChatGPT creator OpenAI, will definitely not return to the company he co-founded. It’s time to ask what happened.
CyberNews
Microsoft hires Sam Altman as OpenAI announces his replacement
OpenAI has appointed ex-Twitch boss Emmett Shear to lead the startup, replacing Sam Altman who will join the company's top backer Microsoft to lead a new advanced AI research team, the CEO of the software giant said.
Security Affairs
Security Affairs newsletter Round 446 by Pierluigi Paganini
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you.
Cyber Security News
Weekly Cyber Security News Roundup for the Week of November 13th to 18th
Welcome to the Cyber Security News Recap, a weekly publication by Cyber Writes. Our aim is to bring you up-to-date information on the latest developments in the field of cybersecurity.
Ars Technica
OpenAI board attempts to hit “Ctrl-Z” in talks with Altman to return as CEO
Cleared of malfeasance, Altman's unpopular firing may be undone—if he's interested.
Ars Technica
The FCC says new rules will curb SIM swapping. I’m pessimistic
SIM swaps and port-out scams are a fact of life. New rules aren't likely to change that.
Bleeping Computer
Windows 10 to let admins control how optional updates are deployed
Microsoft announced a new policy that allows admins to control how optional updates are deployed on Windows 10 enterprise endpoints on their networks.
Ars Technica
Details emerge of surprise board coup that ousted CEO Sam Altman at OpenAI
Microsoft CEO Nadella "furious"; OpenAI President and three senior researchers resign.
SecurityWeek
ChatGPT-Maker OpenAI Fires CEO Sam Altman, the Face of the AI Boom, for Lack of Candor With Company
Open AI fired CEO Sam Altman, Mira Murati, OpenAI’s chief technology officer, will take over as interim CEO effective immediately.
Ars Technica
OpenAI President Greg Brockman quits as nervous employees hold all-hands meeting
After Altman firing, Microsoft has "utmost confidence" in partner OpenAI.
Security Affairs
The board of directors of OpenAI fired Sam Altman
OpenAI fired its CEO Sam Altman, and the Chief technology officer Mira Murati appointed interim CEO to lead the company.
CyberNews
OpenAI CEO Sam Altman asked to step down
OpenAI has announced that its CEO Sam Altman is leaving the company after board members determined he was no longer fit for the role.
DarkReading
Scattered Spider Casino Hackers Evade Arrest in Plain Sight
The feds seem to know all about the hacking group brazenly breaking into corporate networks; so why are enterprise teams left on their own to stop their cybercrimes?
DarkReading
Shadowy Hack-for-Hire Group Behind Sprawling Web of Global Cyberattacks
For several years operators at New Delhi-based Appin hacked into, spied on, and stole data from targets around the world for clients that included private investigators, government agencies, law enforcement, and others.
Bleeping Computer
CISA warns of actively exploited Windows, Sophos, and Oracle bugs
The U.S. Cybersecurity & Infrastructure Security Agency has added to its catalog of known exploited vulnerabilities (KEV) three security issues that affect Microsoft devices, a Sophos product, and an enterprise solution from Oracle.
SecurityWeek
CISA Warns of Attacks Exploiting Sophos Web Appliance Vulnerability
CISA adds Sophos, Oracle and Microsoft product security holes to its Known Exploited Vulnerabilities (KEV) catalog.
Security Affairs
CISA adds Sophos Web Appliance bug to its Known Exploited Vulnerabilities catalog
US CISA added 3 vulnerabilities (tracked as CVE-2023-36584, CVE-2023-1671, and CVE-2023-2551) to its Known Exploited Vulnerabilities catalog.
CyberSecurity Dive
Threat actors behind Las Vegas casino attacks are social-engineering mavens
Scattered Spider threat actors are attacking large companies and their IT help desks to steal data for extortion, according to federal cyber authorities.
Infosecurity News
FBI Lifts the Lid on Notorious Scattered Spider Group
Security advisory details TTPs of prolific threat actors
The Hacker News
U.S. Cybersecurity Agencies Warn of Scattered Spider's Gen Z Cybercrime Ecosystem
U.S. agencies warn about Scattered Spider cybercriminals using advanced phishing to steal data and extort victims.
The Hacker News
CISA Adds Three Security Flaws with Active Exploitation to KEV Catalog
U.S. CISA has added three security flaws to its Known Exploited Vulnerabilities (KEV) catalog due to evidence of active exploitation in the wild.
The Record
CISA, FBI warn of Scattered Spider expertise with social engineering, SIM swapping
The leading cybersecurity officials in the U.S. published a stark warning on Thursday about a group of hackers who have disrupted some of the largest companies in the country through social engineering and other tactics.
Bleeping Computer
FBI shares tactics of notorious Scattered Spider hacker collective
The Federal Bureau of Investigation and the Cybersecurity and Infrastructure Security Agency released an advisory about the evasive threat actor tracked as Scattered Spider, a loosely knit hacking collective that now collaborates with the ALPHV/BlackCat Russian ransomware operation..
CyberNews
FBI warning on MGM hacker group Scattered Spider, urges victims to come forward
The FBI is warning organizations to guard against the Scattered Spider ransom group, responsible for the MGM and Caesars hacks, plus dozens more US attacks this year.
Ars Technica
No Bing, no Edge, no upselling: De-crufted Windows 11 coming to Europe soon
Some changes will arrive for non-EU users, too, but not the easy removals.
Bleeping Computer
Microsoft confirms Copilot AI assistant coming to Windows 10
Microsoft will roll out the Copilot AI-powered assistant to Windows 10 systems enrolled in the Insider Program over the coming months.
Ars Technica
The “Windows App” for Mac, iOS, and browsers is a fancy remote desktop, for now
Microsoft wants you in Windows, whether you're on iPad, Android, or Chrome OS.
Latest Hacking News
Microsoft Patch Tuesday November Fixes 63 Flaws, Including 5 Zero-Days
This week marked the Redmond giant Microsoft’s monthly security updates for its products. With Patch Tuesday November, Microsoft addressed fewer vulnerabilities – over 60 only, including five zero-day flaws. Five Zero-Days Patched With Latest Microsoft Updates Microsoft
SecurityWeek
State-Sponsored Online Spies Likely to Target Australian Submarine Program, Spy Agency Says
Australian submarines powered by U.S. nuclear technology is a likely target of state-sponsored hackers, the nation’s digital spy agency said.
Bleeping Computer
How DDoS attacks are taking down even the largest tech companies
DDoS attacks are increasingly taking down even the largest tech companies. Learn more Specops Software on these types of attacks and how you can protect your devices from being recruited into botnets.
CyberNews
Fake crypto apps bring real losses to leading app marketplace users
Fake crypto apps and crypto romance scams on the rise
The Hacker News
How to Automate the Hardest Parts of Employee Offboarding
Eliminate 90% of the time and effort in finding and offboarding cloud and SaaS accounts. Say goodbye to IT offboarding headaches.
Cyber Security News
Best Network Security Vendors for SaaS - 2024
Best Network Security Vendors for SaaS : 1. Perimeter 81 2. Palo Alto Networks 3. Fortinet 4. Symantec 5. Check Point 6. McAfee 7. Okta.
Cyber Security News
Wireshark 4.2.0 Released - What’s New!
Wireshark is a popular open-source network protocol analyzer that is primarily used by security experts and network administrators.
Cyber Security News
5 New Zero-day Vulnerabilities Patched in the Microsoft Security Update
Microsoft has released their security patches for Nov 2023. Nearly 58 flaws, 5 zero-day vulnerabilities have been patched by Microsoft.
Ars Technica
Developers can’t seem to stop exposing credentials in publicly accessible code
Many transgressions come from "very large companies that have robust security teams."
CSO
Top cybersecurity product news of the week
New product and service announcements from Wiz, Palo Alto Networks, Sophos, SecureAuth, Kasada, Lacework, Noname Security, and more.
Ars Technica
Microsoft launches custom chips to accelerate its plans for AI domination
Amid GPU shortages, Microsoft reaches for custom silicon to run its AI language models.
Bleeping Computer
Microsoft fixes Windows Server VMs broken by October updates
Microsoft fixed a known issue causing blue screens and boot failures in Windows Server 2022 virtual machines (VMs) deployed on VMware ESXi hosts.
Ars Technica
Bing Chat is now “Microsoft Copilot” in potentially confusing rebranding move
Microsoft: "Soon there will be a Copilot for everyone and for everything you do."
Bleeping Computer
FBI and CISA warn of opportunistic Rhysida ransomware attacks
The FBI and CISA warned today of Rhysida ransomware gang's opportunistic attacks targeting organizations across multiple industry sectors.
SecurityWeek
Microsoft Patches Sensitive Information Disclosure Vulnerability in Azure CLI
Microsoft provided guidance on an Azure CLI bug leading to the exposure of sensitive information through GitHub Actions logs.
SecurityWeek
Addressing the State of AI’s Impact on Cyber Disinformation/Misinformation
The rise of AI-powered disinformation presents an immense challenge to society’s ability to discern fact from fiction.
Cyber Security News
Hackers Deliver Weaponized LNK Files Through Legitimate Websites
Hackers may exploit LNK files to deliver malicious payloads by disguising them as legitimate shortcuts, and execution of malicious code.
Infosecurity News
Microsoft Fixes Five Zero-Day Vulnerabilities
Patch Tuesday includes fixes for three actively exploited bugs
The Hacker News
Alert: Microsoft Releases Patch Updates for 5 New Zero-Day Vulnerabilities
Microsoft has released fixes to address 63 security bugs in its software for the month of November 2023.
The Record
CISA adds three Microsoft Patch Tuesday bugs to vulnerability list
The top cybersecurity agency in the U.S. warned that hackers are exploiting three vulnerabilities disclosed by Microsoft on Tuesday.
The Record
AI-generated disinformation a top concern for 2024 elections, Michigan secretary of state says
Michigan Secretary of State Jocelyn Benson warned of the potential for artificial intelligence to foment what she called “hyper-localized” dissemination of mis- and disinformation around next year's elections.
The Record
Critical systems restored at English council following ransomware attack
St Helens Borough Council in northwest England says that about eight weeks after the incident, most services are operating business-as-usual.
The Record
Google to distribute 100,000 Titan Security Keys to high-risk users
The company said it would hand out the keys at no cost to people working in governments around the world, particularly those involved in the administration of elections.
DarkReading
Microsoft Zero-Days Allow Defender Bypass, Privilege Escalation
Another two bugs in this month's set of fixes for 63 CVEs were publicly disclosed previously but have not been exploited yet.
Security Affairs
Microsoft Patch Tuesday security updates fixed 3 actively exploited flaws
Patch Tuesday security updates for November 2023 fixed three vulnerabilities actively exploited in the wild.
Ars Technica
Intel fixes high-severity CPU bug that causes “very strange behavior”
Among other things, bug allows code running inside a VM to crash hypervisors.
SecurityWeek
Critical Authentication Bypass Flaw in VMware Cloud Director Appliance
The bug carries a CVSS severity-score of 9.8/10 and can be exploited to bypass login restrictions when authenticating on certain ports.
SecurityWeek
Microsoft Warns of Critical Bugs Being Exploited in the Wild
Redmond’s security response team flags two vulnerabilities -- CVE-2023-36033 and CVE-2023-36036 -- already being exploited in the wild.
Bleeping Computer
Microsoft November 2023 Patch Tuesday fixes 5 zero-days, 58 flaws
Today is Microsoft's November 2023 Patch Tuesday, which includes security updates for a total of 58 flaws and five zero-day vulnerabilities.
Bleeping Computer
Microsoft fixes critical Azure CLI flaw that leaked credentials in logs
Microsoft has fixed a critical security vulnerability that could let attackers steal credentials from GitHub Actions or Azure DevOps logs created using Azure CLI (short for Azure command-line interface).
Bleeping Computer
Windows 11 KB5032190 update enables Moment 4 features for everyone
Microsoft has released the KB5032190 cumulative update to fix security vulnerabilities in Windows 11. This is the first Patch Tuesday update with access to Windows 11 Moment 4 features, provided you turn on the "Get latest updates" toggle.
Bleeping Computer
Windows 10 KB5032189 update released with 11 improvements
Microsoft has released the KB5032189 cumulative update for Windows 10 21H2 and Windows 10 22H2, which contains eleven fixes for various issues.
SecurityWeek
Zip Raises $7.7 Million to Expand SMB Cybersecurity Business
Zip Security raised $7.7 million in funding led by General Catalyst, co-led by Human Capital, and with participation from Box Group.
SecurityWeek
Hacker Conversations: Chris Wysopal, AKA Weld Pond
Chris Wysopal (AKA Weld Pond) founder and CTO of Veracode and member of the hacker collective L0pht Heavy Industries.
Infosecurity News
Pro-Palestine APT Group Uses Novel Downloader in New Campaign
TA402 launches new targeted phishing campaigns
CyberSecurity Dive
Rackspace records $5M in expenses related to 2022 ransomware attack
The cloud services company expects insurance to cover its incident costs, however multiple lawsuits are still pending.
The Hacker News
Vietnamese Hackers Using New Delphi-Powered Malware to Target Indian Marketers
Vietnamese hackers behind Ducktail malware launch a new campaign targeting Indian marketing pros.
The Record
CISA, FBI warn that Royal ransomware gang may rebrand as ‘BlackSuit’
The leading cybersecurity agencies in the U.S. released startling new data on the Royal ransomware gang on Monday, confirming previous reports that the gang may be preparing for a rebrand.
Ars Technica
Nvidia introduces the H200, an AI-crunching monster GPU that may speed up ChatGPT
The H200 will likely power the next generation of AI chatbots and art generators.
CSO
ACSC and CISA launch step-by-step business continuity instructions for SMBs
Business Continuity in a Box is a set of instructions to help businesses maintain communications and continuity of critical applications following a cyber incident.
Infosecurity News
Malaysian Police Dismantle “BulletProftLink” Phishing Operation
Several arrested and servers seized
The Hacker News
Chinese Hackers Launch Covert Espionage Attacks on 24 Cambodian Organizations
Chinese nation-state hackers are targeting 24 Cambodian government organizations in a long-term espionage campaign.
The Hacker News
Major Phishing-as-a-Service Syndicate 'BulletProofLink' Dismantled by Malaysian Authorities
Malaysian authorities, with help from the AFP and FBI, shut down the notorious phishing-as-a-service (PhaaS) operation, BulletProofLink.
Bleeping Computer
Windows 11 will soon let you uninstall more inbox apps
Microsoft is gearing up to roll out an update for Windows 11 that will significantly enhance user control over built-in apps. In the upcoming version, you will be able to uninstall a wider range of inbox apps.
Bleeping Computer
Google Chrome & Microsoft Edge to get 'Save Frame' feature for YouTube
You can soon right-click on any YouTube video in Microsoft Edge or Google Chrome and save the frame (capture the screenshot of the video) in the original resolution and PNG format.
Bleeping Computer
Iranian hackers launch malware attacks on Israel’s tech sector
Security researchers have tracked a new campaign from Imperial Kitten targeting transportation, logistics, and technology firms.
Bleeping Computer
Microsoft Edge is testing a new video translation feature
Microsoft Edge's latest Canary update has an innovative feature: video translation. This feature translates YouTube videos in real-time, and it allegedly supports four languages.
Bleeping Computer
Police takes down BulletProftLink large-scale phishing provider
The notorious BulletProftLink phishing-as-a-service (PhaaS) platform that provided more than 300 phishing templates has been seized, the Royal Malaysian Police announced.
Bleeping Computer
Microsoft fixes Outlook Desktop bug causing slow saving issues
Microsoft has resolved a known issue causing significant delays for Microsoft 365 customers when saving attachments in Outlook Desktop.
The Hacker News
Microsoft Warns of Fake Skills Assessment Portals Targeting IT Job Seekers
Lazarus Group's sub-cluster, Sapphire Sleet, is now impersonating skills assessment portals in social engineering campaigns targeting IT job seekers
Cyber Security News
10 Best Digital Forensic Investigation Tools - 2024
Best Free Digital Forensic Tools: 1. Sleuth Kit (+Autopsy) 2. Forensic Investigator 3.Autopsy 4. Dumpzilla 5. X-Ways Forensics.
Cyber Security News
Hackers Exploit Microsoft Access Feature to Steal Windows User’s NTLM Tokens
Microsoft Access is a relational database management system which is developed by Microsoft that allows users to store and manage data.
Cyber Security News
MOVEit Hackers Turn to SysAid Servers Zero-Day Vulnerability
SysAid disclosed a zero-day which was affecting on-premises SysAid servers. The vulnerability was found to be a path traversal vulnerability.
Cyber Security News
Top 10 Best Google Alternatives in 2024
Best Google Alternatives: 1. DuckDuckGo 2. Search Encrypt 3. Qwant 4. Startpage 5. Mojeek 6. Bing 7. Gibiru 8. Ask 9. SearX 10. Yahoo!
Bleeping Computer
Microsoft: BlueNoroff hackers plan new crypto-theft attacks
Microsoft warns that the BlueNoroff North Korean hacking group is setting up new attack infrastructure for upcoming social engineering campaigns on LinkedIn.
Bleeping Computer
Microsoft extends Windows Server 2012 ESUs to October 2026
Microsoft provides three more years of Windows Server 2012 Extended Security Updates (ESUs) until October 2026, allowing administrators more time to upgrade or migrate to Azure.
Cyber Security News
SideCopy APT group Exploiting WinRAR Zero-Day to Deliver Ares RAT
SideCopy, the Pakistani-based threat actor, has been using the WinRAR vulnerability (CVE-2023-38831) to target Indian government entities.
Infosecurity News
MOVEit Gang Targets SysAid Customers With Zero-Day Attacks
Lace Tempest looks to spread Clop malware to victims
CyberNews
McLaren Health Care breach exposes medical data of 2.3M+ individuals
McLaren Health Care breach exposed millions of individuals' sensitive medical data.
Cyber Security News
Multiple Videolan VLC Player Flaws Leads to Memory Corruption: Update Now!
Two new vulnerabilities were discovered in the most widely used VLC media which were associated with memory corruption.
The Hacker News
Iran-Linked Imperial Kitten Cyber Group Targeting Middle East's Tech Sectors
Iranian hacker group Imperial Kitten launches cyberattacks on transportation, logistics, and tech sectors, including Israel.
CyberScoop
Cyber ops linked to Israel-Hamas conflict largely improvised, researchers say
Microsoft and Mandiant researchers believe Iranian hackers were not prepared for the initial Hamas attack.
Bleeping Computer
Microsoft shares temp fix for broken Windows Server 2022 VMs
Microsoft publicly acknowledged a known issue causing Windows Server 2022 virtual machine (VM) blue screens and boot failures on VMware ESXi hosts.
The Hacker News
Zero-Day Alert: Lace Tempest Exploits SysAid IT Support Software Vulnerability
Microsoft exposes Lace Tempest's latest move: exploiting a zero-day flaw in SysAid IT support software.
CyberNews
Be careful what you scan: QR scams increase by 51%
Threat actors are using malicious QR codes to steal valuable data and money. Experts say it’s still difficult to detect and mitigate the threats spread by this method.
Bleeping Computer
Microsoft: SysAid zero-day flaw exploited in Clop ransomware attacks
Threat actors are exploiting a zero-day vulnerability in the service management software SysAid to gain access to corporate servers for data theft and to deploy Clop ransomware.
Latest Hacking News
Microsoft Authenticator Restricts Suspicious MFA Notifications
The Redmond giant has recently announced introducing a new privacy feature to its authenticator app. With this feature, Microsoft Authenticator app now blocks suspicious multi-factor authentication notifications to prevent potential abuse. Microsoft Authenticator App Blocks Suspicious
CyberNews
Google, Meta, Microsoft to join forces defending apps from hackers
Google, Microsoft, and Meta founded a steering committee to improve app security through a newly restructured App Defense Alliance.e
The Record
Ransomware gang behind MOEVit attacks are targeting new zero-day, Microsoft says
The Russian ransomware gang behind the exploitation of several popular file transfer tools is now exploiting a new vulnerability in SysAid IT support software, according to a new report.
Trend Micro
Threat Actors Leverage File-Sharing Service and Reverse Proxies for Credential Harvesting
We analyzed a phishing campaign involving malicious emails containing a link to a file-sharing solution, which further leads to a PDF document with a secondary link designed to steal login info and session cookies.
The Record
Iranian Charming Kitten hackers targeted Israeli organizations in October
The Iranian hacking group targeted organizations in Israel’s transportation, logistics and technology sectors amid an uptick in Iranian cyber activity since the start of Israel’s war with Hamas.
The Record
Serbian pleads guilty to running ‘Monopoly’ darknet marketplace
Milomir Desnica, 33, allegedly launched and operated the Monopoly darknet marketplace, using the platform to facilitate the sale of drugs.
Bleeping Computer
Microsoft drops SMB1 firewall rules in new Windows 11 build
Windows 11 will no longer add SMB1 Windows Defender Firewall rules when creating new SMB shares starting with today's Canary Channel Insider Preview Build 25992 build.
Infosecurity News
Microsoft Warns of Election Threats in 2024
To address these challenges, Microsoft is introducing several initiatives
The Hacker News
Researchers Uncover Undetectable Crypto Mining Technique on Azure Automation
Cybersecurity researchers have developed a fully undetectable cloud-based cryptocurrency miner that can operate without paying any charges.
The Hacker News
Beware, Developers: BlazeStealer Malware Discovered in Python Packages on PyPI
Python developers, watch out! Malicious Python packages sneak onto PyPI to steal sensitive data.
Computerworld
Windows Hello for Business: Passwordless authentication for Windows shops
Microsoft has brought biometric sign-in to Windows 10 business and enterprise users with Windows Hello for Business. Here’s how it works and how to deploy it to your users.
Cyber Security News
4 Zero-Day Bug in Microsoft Exchange Let Attackers Execute Arbitrary Code
Four new zero-day vulnerabilities have been identified in Microsoft Exchange with server-side request forgery and remote code execution.
Bleeping Computer
Fake Ledger Live app in Microsoft Store steals $768,000 in crypto
Microsoft has recently removed from its store a fraudulent Ledger Live app for cryptocurrency management after multiple users lost at least $768,000 worth of cryptocurrency assets.
Infosecurity News
Data Breach at Singapore’s Marina Bay Sands Affects 665,000 Customers
The leaked data include personally identifiable information, such as customers’ names, email addresses, phone numbers and membership numbers
Bleeping Computer
Microsoft: Some Outlook.com users can't send emails with attachments
In a Monday advisory, Microsoft warned Outlook.com users about issues they might encounter when sending emails containing attachments.
Bleeping Computer
Microsoft Authenticator now blocks suspicious MFA alerts by default
Microsoft has introduced a new protective feature in the Authenticator app to block notifications that appear suspicious based on specific checks performed during the account login stage.
CyberSecurity Dive
Atlassian Confluence customers confront pair of critical vulnerabilities
Back-to-back vulnerabilities in the enterprise content collaboration and management workspace remain under active attack by threat actors.
The Hacker News
SideCopy Exploiting WinRAR Flaw in Attacks Targeting Indian Government Entities
Pakistani threat actor SideCopy exploiting recent WinRAR vulnerability in attacks on Indian government entities.
CSO
IBM rebuilds QRadar for hybrid clouds and AI workloads
The new cloud-native SIEM is built with features supporting hybrid cloud interoperability, open source, and automated threat detection.
Ars Technica
OpenAI introduces GPT-4 Turbo: Larger memory, lower cost, new knowledge
Novel-sized context window, DALL-E 3 API, more announced on OpenAI DevDay 2023.
Bleeping Computer
Hackers exploit Looney Tunables Linux bug, steal cloud creds
The operators of the Kinsing malware are targeting cloud environments with systems vulnerable to "Looney Tunables," a Linux security issue identified as CVE-2023-4911 that allows a local attacker to gain root privileges on the system.
Bleeping Computer
Microsoft will roll out MFA-enforcing policies for admin portal access
Microsoft will roll out Conditional Access policies requiring multifactor authentication from administrators when signing into Microsoft admin portals such as Microsoft Entra, Microsoft 365, Exchange, and Azure.
Bleeping Computer
Critical Atlassian Confluence bug exploited in Cerber ransomware attacks
Attackers are exploiting a recently patched and critical severity Atlassian Confluence authentication bypass flaw to encrypt victims' files using Cerber ransomware.
Ars Technica
Elon Musk’s new AI model doesn’t shy from questions about cocaine and orgies
xAI positions sarcastic AI assistant to counterbalance buttoned-up ChatGPT.
Cyber Security News
The Ultimate SaaS Security Admin Guide - 2024
SaaS Security Admin Guide: 1. Encryption 2. Backup and Recovery 3. Data Residency 4. Regular Audits 5. Data Privacy 6. Least Privileges.
The Record
Iran-linked hackers attack Israeli education and tech organizations
Hackers suspected of being tied to Iran’s government have been deploying new destructive malware against Israeli organizations, according to recent research.
Cyber Security News
Threat and Vulnerability Roundup for the week of October 29th to November 4th
welcome to Cyber Writes' weekly publication - the Threat and Vulnerability Roundup! Get ready to dive into the latest and greatest in cybersecurity, as we bring you the most up-to-date information each week.
Bleeping Computer
The Week in Ransomware - November 3rd 2023 - Hive's Back
Over the past couple of months, ransomware attacks have been escalating as new operations launch, old ones return, and existing operations continue to target the enterprise.
Bleeping Computer
New Microsoft Exchange zero-days allow RCE, data theft attacks
Microsoft Exchange is impacted by four zero-day vulnerabilities that attackers can exploit remotely to execute arbitrary code or disclose sensitive information on affected installations.
Infosecurity News
UK AI Safety Institute: A Blueprint for the Future of AI?
The UK Frontier AI Taskforce is evolving to become the UK AI Safety Institute
Cyber Security News
Microsoft Edge Vulnerability Let Attackers Execute Malicious Code
Three new vulnerabilities have been discovered in Microsoft Edge (Chromium-based) which were associated with Remote Code execution and Spoofing.
The Hacker News
Predictive AI in Cybersecurity: Outcomes Demonstrate All AI is Not Created Equally
Discover how predictive AI is shaping the future of cybersecurity. Learn how BlackBerry's Cylance AI is outperforming the competition in malware.