SecurityWeek
Amazon One Enterprise Enables Palm-Based Access to Physical Locations, Digital Assets
AWS announces Amazon One Enterprise, a palm-based identity service that enables users to easily access physical locations and digital assets.
Ars Technica
Hackers spent 2+ years looting secrets of chipmaker NXP before being detected
Chipmaker claims breach had no "material adverse effect."
Infosecurity News
Americans Receive Two Billion Spam Calls Per Month
Truecaller warns malicious calls make up the majority
Infosecurity News
CISA Warns Congress on Chemical Industry Terror Attacks
Security agency wants to resume critical CFATS inspections
Bleeping Computer
Healthcare giant Henry Schein hit twice by BlackCat ransomware
American healthcare company Henry Schein has reported a second cyberattack this month by the BlackCat/ALPHV ransomware gang, who also breached their network in October.
Bleeping Computer
Google Drive users angry over losing months of stored data
Google Drive users are reporting that recent files stored in the cloud have suddenly disappeared, with the cloud service reverting to a storage snapshot as it was around April-May 2023.
SecurityWeek
UK, Korea Warn of DPRK Supply Chain Attacks Involving Zero-Day Flaws
UK and Korea say DPRK state-sponsored hackers targeted governments, defense organizations via supply chain attacks.
CyberSecurity Dive
The top cybersecurity events and conferences in 2024, according to security pros
Which security conferences are teams prioritizing in 2024? A new report reveals the 7 most popular events in the cybersecurity calendar.
SecurityWeek
Pentagon’s AI Initiatives Accelerate Hard Decisions on Lethal Autonomous Weapons
The U.S. military is increasing use of artificial intelligence (AI) technology that will fundamentally alter the nature of war.
The Record
AI systems ‘subject to new types of vulnerabilities,’ British and US cyber agencies warn
British and U.S. cybersecurity authorities published guidance on Monday about how to develop artificial intelligence systems in a way that will minimize the risks they face from mischief-makers through to state-sponsored hackers.
Security Affairs
Security Affairs newsletter Round 447 by Pierluigi Paganini
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you.
Security Affairs
Lazarus is using a MagicLine4NX zero-day in supply chain attack
UK and South Korea agencies warn that North Korea-linked APT Lazarus is using a MagicLine4NX zero-day flaw in a supply-chain attack.
Bleeping Computer
UK and South Korea: Hackers use zero-day in supply-chain attack
A joint advisory by the National Cyber Security Centre (NCSC) and Korea's National Intelligence Service (NIS) discloses a supply-chain attack executed by North Korean hackers involving the MagicLineThe National Cyber Security Centre (NCSC) and Korea's National Intelligence Service (NIS) warn that the North Korean Lazarus hacking grou
The Hacker News
Tell Me Your Secrets Without Telling Me Your Secrets
GitGuardian launches "HasMySecretLeaked" service to help developers check if their sensitive information has been exposed on GitHub.
Infosecurity News
CISA Launches Project to Assess Effectiveness of Security Controls
Relaunched working group aims to tackle scourge of ransomware
The Record
North Korean supply chain attacks prompt joint warning from Seoul and London
The alert came as the two governments announced a new strategic cyber partnership “to disrupt and deter DPRK malicious cyber capabilities and activities that contribute to its WMD programs.”
The Record
How one Russian nonprofit is trying to crack through the Kremlin’s censorship wall
A decade after its founding, the internet freedom organization Roskomsvoboda finds itself adjusting to harsh political and social realities within Russia, where a wartime regime continues to expand its authority over the internet.
Infosecurity News
InfectedSlurs Botnet Resurrects Mirai With Zero-Days
The investigation conducted by Akamai in late October 2023 revealed a specific HTTP exploit path
Security Affairs
Welltok data breach impacted 8.5 million patients in the U.S.
Healthcare services provider Welltok disclosed a data breach that impacted nearly 8.5 million patients in the U.S.
CyberNews
MadCat ransom gang caught stealing from other criminals
New ransomware linked by security researchers to suspected scammers who pretended to sell passport details on the dark web.
Bleeping Computer
Black Friday 2023: Get 25% off the Zero2Automated malware analysis course
The popular Zero2Automated malware analysis and reverse-engineering course has a Black Friday 2023 through Cyber Monday sale, where you can get 25% off sitewide, including gift certificates and courses.
Infosecurity News
North Korean Supply Chain Threat is Booming, UK and South Korea Warn
The UK’s NCSC and South Korea’s NIS issued a joint advisory describing some of North Korean hackers’ tactics in deploying supply chain attacks
The Hacker News
Mirai-based Botnet Exploiting Zero-Day Bugs in Routers and NVRs for Massive DDoS Attacks
Active malware campaign exploits zero-day vulnerabilities to create a Mirai-based DDoS botnet targeting routers and NVR devices.
Security Affairs
Automotive parts giant AutoZone disclosed data breach after MOVEit hack
American retailer and distributor of automotive parts and accessories AutoZone discloses a data breach after a MOVEit attack
Cyber Security News
Hackers Exploiting Windows SmartScreen Zero-day Vulnerability to Deploy Remcos RAT
Microsoft released multiple security patches as part of their Patch Tuesday in which three zero-day vulnerabilities were also patched.
Cyber Security News
Bug Hunter GPT - AI Assistant that Replies for Hacking Questions
A 23-year-old hacker and CS student, Paolo Arnolfo (@sw33tLie) recently introduced "Bug Hunter GPT," an AI assistant.
The Hacker News
North Korean Hackers Distribute Trojanized CyberLink Software in Supply Chain Attack
North Korean hackers, aka Diamond Sleet, spread a trojanized version of CyberLink's legit app.
CSO
Cyberattacks on Israel intensify as the war against Hamas rages: Check Point
Cyberattacks have grown in frequency as well as sophistication as the Israel-Hamas conflict intensifies.
CyberNews
Exclusive-OpenAI researchers warned board of AI breakthrough ahead of CEO ouster -sources
Ahead of OpenAI CEO Sam Altman’s firing, staff researchers sent the Board a letter warning of a powerful artificial intelligence discovery that could threaten humanity.
Security Affairs
New InfectedSlurs Mirai-based botnet exploits two zero-days
Mirai-based botnet InfectedSlurs has been spotted exploiting two zero-day RCE flaws to compromise routers and video recorder (NVR) devices.
Ars Technica
Thousands of routers and cameras vulnerable to new 0-day attacks by hostile botnet
Internet scans show 7,000 devices may be vulnerable. The true number could be higher.
Bleeping Computer
Welltok data breach exposes data of 8.5 million US patients
Healthcare SaaS provider Welltok is warning that a data breach exposed the personal data of nearly 8.5 million patients in the U.S. after a file transfer program used by the company was hacked in a data theft attack.
Bleeping Computer
New botnet malware exploits two zero-days to infect NVRs and routers
A new Mirai-based malware botnet named 'InfectedSlurs' has been exploiting two zero-day remote code execution (RCE) vulnerabilities to infect routers and video recorder (NVR) devices.
CSO
9 in 10 organizations have embraced zero-trust security globally
Nearly all of them still have a long way to go according to a new Cisco report.
CyberNews
AI could shorten work week to four days within decade – for some
Same pay, longer weekends? That could be a reality as soon as 2033 – at least for those working in the more affluent areas of the US and the UK.
CyberNews
Thousands of exposed gas pumps invite cyberwarriors
Gas station pump controllers could become vital targets in a cyber war.
Cyber Security News
Hackers Exploiting 0-day RCE Flaws in the Wild to Deploy Mirai Malware
The Mirai botnet is a malicious network of infected computers, routers, and IoT devices harnessed by cybercriminals to launch large-scale DDoS attacks.
The Hacker News
AI Solutions Are the New Shadow IT
AI Solutions Are the New Shadow IT - Ambitious Employees Tout New AI Tools, Ignore Serious SaaS Security Risks
SecurityWeek
Citrix, Gov Agencies Issue Fresh Warnings on CitrixBleed Vulnerability
Administrators are urged to patch the recent CitrixBleed NetScaler vulnerability as LockBit starts exploiting it.
Security Affairs
Citrix provides additional measures to address Citrix Bleed
Citrix urges admins to kill NetScaler user sessions after patching their appliances against the CVE-2023-4966 Citrix Bleed vulnerability.
The Hacker News
LockBit Ransomware Exploiting Critical Citrix Bleed Vulnerability to Break In
LockBit ransomware affiliates are exploiting the Citrix NetScaler flaw ("Citrix Bleed") to hijack user sessions and gain unauthorized access.
Trend Micro
Packet Reflection Threats in Private 5G Networks
Dive into the world of private 5G networks and learn about a critical security vulnerability that could expose IoT devices to attacks from external networks.
Trend Micro
Attack Signals Possible Return of Genesis Market, Abuses Node.js, and EV Code Signing
The Trend Micro Managed XDR team encountered malicious operations that used techniques similar to the ones used by Genesis Market, a website for facilitating fraud that was taken down in April 2023.
DarkReading
Exploit for Critical Windows Defender Bypass Goes Public
Threat actors were actively exploiting CVE-2023-36025 in Windows SmartScreen as a zero-day vulnerability before Microsoft patched it in November.
DarkReading
DPRK Hackers Masquerade as Tech Recruiters, Job Seekers
No one has turned the job market into an attack surface quite like North Korea, which plays both sides for financial gain and, possibly, espionage.
Bleeping Computer
Auto parts giant AutoZone warns of MOVEit data breach
AutoZone is warning tens of thousands of its customers that it suffered a data breach as part of the Clop MOVEit file transfer attacks.
Bleeping Computer
Citrix warns admins to kill NetScaler user sessions to block hackers
Citrix reminded admins today that they must take additional measures after patching their NetScaler appliances against the CVE-2023-4966 'Citrix Bleed' vulnerability to secure vulnerable devices against attacks.
.webp)
Cyber Security News
Rhysida Ransomware Attacking Windows Machine Through VPN Devices and RDP
Rhysida, a new ransomware group, hit its first victim in May 2023. They use their ransomware, offered as RaaS (Ransomware-as-a-Service), with at least 50 global victims listed on their website.
CyberNews
Cybersec executive caught hacking hospitals to boost business
Cybersecurity exec plead guilty to hacking hospitals to boost business.
Bleeping Computer
Black Friday deal: Get 50% off Malwarebytes Premium + Privacy VPN
Malwarebytes' is running a Black Friday 2023 deal now through Cyber Monday, offering a 50% discount to the Malwarebytes Premium + Privacy VPN bundle until November 30th.
The Hacker News
New Agent Tesla Malware Variant Using ZPAQ Compression in Email Attacks
New variant of Agent Tesla malware identified. It's a keylogger and remote access trojan (RAT) offered as part of a malware-as-a-service (MaaS) model.
SecurityWeek
Microsoft Paid Out $63 Million Since Launch of First Bug Bounty Program 10 Years Ago
Over the past ten years, Microsoft has handed out $63 million in rewards as part of its bug bounty programs.
SecurityWeek
Sumo Logic Completes Investigation Into Recent Security Breach
Sumo Logic has completed its investigation into the recent security breach and found no evidence of impact to customer data.
Infosecurity News
Cybersecurity Executive Pleads Guilty to Hacking Hospitals
Securolytics COO wanted to drum up custom
CyberSecurity Dive
Companies are getting smarter about cyber incidents
Although incidents are up and risks are expanding, businesses are better prepared to send threat actors away empty-handed, a specialist says.
Security Affairs
The Top 5 Reasons to Use an API Management Platform - Security Affairs
Organizations need to govern and control the API ecosystem, this governance is the role of API management.
The Hacker News
Mustang Panda Hackers Targets Philippines Government Amid South China Sea Tensions
China-linked Mustang Panda cyber actor targets Philippines government entity amid South China Sea tensions.
DarkReading
Proof of Concept Exploit Publicly Available for Critical Windows SmartScreen Flaw
Threat actors were actively exploiting CVE-2023-36025 before Microsoft patched it in November.
The Record
Binance agrees to pay $4.3 billion for money laundering violations, CEO steps down
Binance, the largest cryptocurrency exchange in the world, agreed to pay more than $4 billion in settlements with several U.S. law enforcement agencies after years of investigations uncovered widespread criminal use of the platform.
CyberNews
Ukraine’s top two cybersecurity officials axed amid embezzlement probe
Two heads of Ukraine’s national cybersecurity agency were fired Monday amid accusations of participating in an embezzlement scheme involving millions in state funds.
Bleeping Computer
Gamaredon's LittleDrifter USB malware spreads beyond Ukraine
A recently discovered worm that researchers call LittleDrifter has been spreading over USB drives infecting systems in multiple countries as part of a campaign from the Gamaredon state-sponsored espionage group.
DarkReading
Amid Military Buildup, China Deploys Mustang Panda in the Philippines
China pairs cyber and kinetic attacks in the South Pacific as it continues to wrangle control of the South China Sea.
CyberNews
British Library ransom attack claimed, data leak confirmed
The British Library confirms data has been leaked as it struggles to recover from a November 6 ransomware attack claimed by the e Rhysida ransom gang.
Bleeping Computer
Cybersecurity firm executive pleads guilty to hacking hospitals
The former chief operating officer of a cybersecurity company has pleaded guilty to hacking two hospitals, part of the Gwinnett Medical Center (GMC), in June 2021 to boost his company's business.
CyberScoop
Senior Ukrainian cybersecurity officials sacked amid corruption probe
Yurii Shchyhol and Victor Zhora were accused of participating in a scheme to contract software at inflated prices.
Bleeping Computer
How to boost Security with Self-Service Password Resets
Learn more from Specops Software about the benefits of self-service password resets and ways to accomplish this with on-premises Active Directory.
CyberNews
Best botnet ad? An attack on OpenAI
Anonymous Sudan attacks on OpenAI and Cloudlfare are meant to show the groups' capabilities.
The Hacker News
Product Walkthrough: Silverfort's Unified Identity Protection Platform
Silverfort's Unified Identity Protection Platform: A game-changer in cybersecurity. Discover how it protects organizations from identity-based attacks
CyberNews
Largest companies pausing ads on X over antisemitic storm, Musk vows revenge
After Elon Musk, the owner of X, amplified an antisemitic trope on the platform, major firms have suspended advertising on the site.
Security Affairs
APT29 group exploited WinRAR 0day in attacks against embassies
Russia-linked cyberespionage group APT29 has been observed leveraging the CVE-2023-38831 vulnerability in WinRAR in recent attacks.
SecurityWeek
Yamaha Motor Confirms Data Breach Following Ransomware Attack
Yamaha Motor discloses ransomware attack impacting the personal information of its Philippines subsidiary’s employees.
Latest Hacking News
Google Elaborates On Campaigns Exploiting A Now-Patched Zimbra Zero-Day
Months after ensuring that the patch actually works, Google has now disclosed more details about active exploitation of a Zimbra zero-day vulnerability. The tech giant explained how the threat actors exploited the Zimbra zero-day in
Latest Hacking News
Intel Released Urgent Patch For Reptar Vulnerability In Its CPUs
Intel recently released a critical security fix for a newly discovered vulnerability affecting its CPUs. Dubbed “Reptar,” the vulnerability affects most modern Intel chips, attracting attention from numerous security researchers. Considering its severity, patching the
Infosecurity News
Russia’s APT29 Targets Embassies With Ngrok and WinRAR Exploit
Threat group may be looking for intel on Azerbaijan
CyberNews
Most cyberattacks in Russia come from China and North Korea
China and North Korea were behind most of state-sponsored cyberattacks in Russia, according to the country’s security firm Solar.
Security Affairs
DarkCasino joins the list of APT groups exploiting WinRAR 0day
The DarkCasino APT group leveraged a recently disclosed WinRAR zero-day vulnerability tracked as CVE-2023-38831.
CyberNews
Welltok MOVEit hack impacts 1.6M individuals
Welltok MOVEit Trasnfer breach impacted millions of individuals.
.webp)
Cyber Security News
Hackers Exploiting Zimbra 0-day to Attack Government Organizations
Zimbra Collaboration is an open-source solution software suite with an email server and web client for collaboration.
The Record
Two top Ukrainian cyber officials dismissed amid embezzlement probe
Two high-ranking cybersecurity officials in Ukraine were dismissed on Monday, according to a senior government official, amid an investigation into suspected embezzlement of state funds.
The Record
CISA launches pilot program offering ‘cutting-edge’ services to critical infrastructure orgs
The U.S. government is offering “cutting-edge cybersecurity shared services” to critical infrastructure organizations that need it most.
The Record
In recent interview, ousted Ukrainian cyber official spoke about new Russian attacks, long-term plans
Ukraine's anti-corruption agency sent shockwaves through the country's cybersecurity agencies on Monday morning, when it announced that it had launched an investigation into the procurement practices of a handful of its top cyber officials.
Bleeping Computer
Russian hackers use Ngrok feature and WinRAR exploit to attack embassies
After Sandworm and APT28 (known as Fancy Bear), another state-sponsored Russian hacker group, APT29, is leveraging the CVE-2023-38831 vulnerability in WinRAR for cyberattacks.
Security Affairs
Security Affairs newsletter Round 446 by Pierluigi Paganini
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you.
Cyber Security News
Weekly Cyber Security News Roundup for the Week of November 13th to 18th
Welcome to the Cyber Security News Recap, a weekly publication by Cyber Writes. Our aim is to bring you up-to-date information on the latest developments in the field of cybersecurity.
Ars Technica
OpenAI board attempts to hit “Ctrl-Z” in talks with Altman to return as CEO
Cleared of malfeasance, Altman's unpopular firing may be undone—if he's interested.
Bleeping Computer
Exploit for CrushFTP RCE chain released, patch now
A proof-of-concept exploit was publicly released for a critical remote code execution vulnerability in the CrushFTP enterprise suite, allowing unauthenticated attackers to access files on the server, execute code, and obtain plain-text passwords.
Ars Technica
Details emerge of surprise board coup that ousted CEO Sam Altman at OpenAI
Microsoft CEO Nadella "furious"; OpenAI President and three senior researchers resign.
Ars Technica
OpenAI President Greg Brockman quits as nervous employees hold all-hands meeting
After Altman firing, Microsoft has "utmost confidence" in partner OpenAI.
Bleeping Computer
The Week in Ransomware - November 17th 2023 - Citrix in the Crosshairs
Ransomware gangs target exposed Citrix Netscaler devices using a publicly available exploit to breach large organizations, steal data, and encrypt files.
CyberNews
North American grid regulator tests physical, cybersecurity preparedness
US Regulators held a two-day simulation to stress-test the North American grid's physical and cybersecurity preparedness, emergency response, and recovery plans.
Security Affairs
Medusa ransomware gang claims Toyota Financial Services hack
Toyota Financial Services discloses unauthorized activity on systems after the Medusa ransomware gang claimed to have hacked the company.
DarkReading
Shadowy Hack-for-Hire Group Behind Sprawling Web of Global Cyberattacks
For several years operators at New Delhi-based Appin hacked into, spied on, and stole data from targets around the world for clients that included private investigators, government agencies, law enforcement, and others.
SecurityWeek
2 Environmentalists Who Were Targeted by a Hacking Network Say the Public Is the Real Victim
Two environmentalists who were targeted by a hacking network run by an Israeli man say the public is the real victim
Bleeping Computer
Google: Hackers exploited Zimbra zero-day in attacks on govt orgs
Hackers leveraged a medium-severity security issue now identified as CVE-2023-37580 since June 29, nearly a month before the vendor addressed it in version 8.8.15 Patch 41of the software on July 25.
SecurityWeek
US Teen Pleads Guilty to Credential Stuffing Attack on Fantasy Sports Website
Wisconsin teenager Joseph Garrison has admitted in court to launching a credential stuffing attack on a betting website.
SecurityWeek
In Other News: Major Law Firm Hacked, Chinese Bank Pays Ransom, PyPI Security Audit
Noteworthy stories that might have slipped under the radar: top law firm hacked, Chinese bank pays ransom, PyPI conducts first security audit
The Hacker News
FCC Enforces Stronger Rules to Protect Customers Against SIM Swapping Attacks
FCC mandates that wireless providers authenticate customers before transferring phone numbers, thereby protecting against SIM-swapping attacks and por
CyberNews
European Commission, IBM pull ads from Elon Musk’s X
The EU’s executive branch said advertising on X posed “reputational damage” while IBM pulled ads after they were displayed next to Nazi content.
CyberSecurity Dive
FCC proposes 3-year cybersecurity pilot for schools, libraries
The agency will seek public comment on the proposal, which will explore how the Universal Service Fund can support school and library cyber concerns.
CyberNews
City of Long Beach declares local emergency after cyberattack
The City of Long Beach, California declares a Local Emergency after a 'network security incident' on November 14th, forcing the city to shut down some systems..
CSO
CrowdStrike’s new Falcon Go delivers AI security to SMBs
CrowdStrike has released a new version of its Falcon platform designed to give small and medium-size businesses a new option for out-of-the-box security.
Trend Micro
ALPHV/BlackCat Take Extortion Public
Learn more about ALPHV filing a complaint with the Security and Exchange Commission (SEC) against their victim, which appears to be an attempt to influence MeridianLink to pay the ransom sooner than later.
The Record
More than 330,000 Medicare recipients affected by MOVEit breach
In the latest disclosures related to a Russian ransomware gang’s exploitation of the popular MOVEit file transfer service, more than 330,000 Medicare recipients were confirmed affected in a leak of sensitive data from the government agency that oversees the program.
Security Affairs
Zimbra zero-day exploited to steal government emails by 4 groups
Google TAG revealed that threat actors exploited a Zimbra Collaboration Suite zero-day (CVE-2023-37580) to steal emails from governments.
Bleeping Computer
Toyota confirms breach after Medusa ransomware threatens to leak data
Toyota Financial Services (TFS) has confirmed that it detected unauthorized access on some of its systems in Europe and Africa after Medusa ransomware claimed an attack on the company.
Latest Hacking News
Microsoft Patch Tuesday November Fixes 63 Flaws, Including 5 Zero-Days
This week marked the Redmond giant Microsoft’s monthly security updates for its products. With Patch Tuesday November, Microsoft addressed fewer vulnerabilities – over 60 only, including five zero-day flaws. Five Zero-Days Patched With Latest Microsoft Updates Microsoft
Infosecurity News
CSA Launches First Zero Trust Certification
The CCZT program incorporates foundational principles from leading sources such as CISA and NIST
The Hacker News
Zero-Day Flaw in Zimbra Email Software Exploited by Four Hacker Groups
Zero-day flaw ( CVE-2023-37580) in Zimbra Collaboration email software was exploited by 4 groups, exposing email data and credentials.
SecurityWeek
Zimbra Zero-Day Exploited to Hack Government Emails
Google says a Zimbra zero-day from earlier this year, CVE-2023-37580, was exploited in several campaigns to hack government emails.
Bleeping Computer
Fortinet warns of critical command injection bug in FortiSIEM
Fortinet is alerting customers of a critical OS command injection vulnerability in FortiSIEM report server that could be exploited by remote, unauthenticated attackers to execute commands through specially crafted API requests.
CyberNews
MESVision attack exposes nearly 350K individuals
MESVision fell victim in MOVEit Trasnfer hack, exposing hundreds of thousands of victims.
Cyber Security News
ChatGPT for Malware Analysis: Enhancing GPT’s Ability to Guide Malware Analyst
GPT excels in verbal thinking, skillfully choosing precise words for optimal responses. Understanding this key property is crucial, as much of its subsequent behavior stems from this ability.
Infosecurity News
Sandworm Linked to Attack on Danish Critical Infrastructure
A report described the coordinated attack, in which 22 critical infrastructure firms were targeted
The Hacker News
Experts Uncover DarkCasino: New Emerging APT Threat Exploiting WinRAR Flaw
DarkCasino: From Zero-Day Exploit to APT Threat! Cybersecurity experts classify DarkCasino as a powerful APT group after exploiting a WinRAR flaw
Cyber Security News
Google Chrome Use-After-Free Vulnerability Leads to Browser Crash
Google Chrome Stable Channel Update for Desktop version 119.0.6.45.159 for Mac and Linux and 119.0.6045.159/.160 for Windows.
Ars Technica
From toy to tool: DALL-E 3 is a wake-up call for visual artists—and the rest of us
AI image synthesis is getting more capable at executing ideas, and it's not slowing down.
SecurityWeek
Ransomware Group Files SEC Complaint Over Victim's Failure to Disclose Data Breach
Alphv/BlackCat ransomware group files SEC complaint against MeridianLink over its failure to disclose a data breach caused by the hackers
The Hacker News
How to Automate the Hardest Parts of Employee Offboarding
Eliminate 90% of the time and effort in finding and offboarding cloud and SaaS accounts. Say goodbye to IT offboarding headaches.
Infosecurity News
Half of Ransomware Groups Operating in 2023 Are New
WithSecure report highlights widespread code reuse
Infosecurity News
European Police Take Down $9m Vishing Gang
Fraudsters operated from Ukrainian call centers
Cyber Security News
Best Network Security Vendors for SaaS - 2024
Best Network Security Vendors for SaaS : 1. Perimeter 81 2. Palo Alto Networks 3. Fortinet 4. Symantec 5. Check Point 6. McAfee 7. Okta.
The Hacker News
Russian Hackers Linked to 'Largest Ever Cyber Attack' on Danish Critical Infrastructure
Denmark's energy sector hit by massive cyberattack! In May 2023, 22 Danish energy sector companies were simultaneously targeted.
Cyber Security News
5 New Zero-day Vulnerabilities Patched in the Microsoft Security Update
Microsoft has released their security patches for Nov 2023. Nearly 58 flaws, 5 zero-day vulnerabilities have been patched by Microsoft.
Bleeping Computer
Ransomware gang files SEC complaint over victim’s undisclosed breach
The ALPHV/BlackCat ransomware operation has taken extortion to a new level by filing a U.S. Securities and Exchange Commission complaint against one of their alleged victims for not complying with the four-day rule to disclose a cyberattack.
CSO
Top cybersecurity product news of the week
New product and service announcements from Wiz, Palo Alto Networks, Sophos, SecureAuth, Kasada, Lacework, Noname Security, and more.
The Record
Hackers target Greece, Tunisia, Moldova, Vietnam and Pakistan with Zimbra zero-day
The attacks targeting government agencies were carried out by four different groups throughout the summer, Google's Threat Analysis Group found.
The Record
House Intelligence panel proposes its own rewrite of surveillance powers
Chairman Mike Turner and colleagues issued the second proposal in as many weeks to rewrite federal surveillance authorities known as Section 702. A deadline to renew those powers is approaching soon.
The Record
MeridianLink confirms cyberattack after ransomware gang claims to report company to SEC
Ransomware group AlphV claimed on its leak site that it reported MeridianLink to the Securities and Exchange Commission (SEC) for not informing the regulator of a cyberattack.
Security Affairs
Critical flaw fixed in SAP Business One product
Enterprise software giant SAP addressed a critical improper access control vulnerability in its Business One product.
Bleeping Computer
Fraudsters make $50,000 a day by spoofing crypto researchers
Multiple fake accounts impersonating cryptocurrency scam investigators and blockchain security companies are promoting phishing pages to drain wallets in an ongoing campaign on X (former Twitter).
CyberNews
Israel unplugged Gaza: Human rights watchdog says “Internet shutdowns are fatal”
As Gaza goes into a complete internet blackout in the coming hours, human rights watchdog, calling for an immediate digital and physical ceasefire.
SecurityWeek
Microsoft Patches Sensitive Information Disclosure Vulnerability in Azure CLI
Microsoft provided guidance on an Azure CLI bug leading to the exposure of sensitive information through GitHub Actions logs.
CyberNews
Tyson Foods claimed by Snatch ransomware gang
Tyson Foods claimed by ransomware gang in a supposed cyberattack.
SecurityWeek
SAP Patches Critical Vulnerability in Business One Product
SAP released a hotfix for a critical-severity improper access control vulnerability in Business One product installation.
The Hacker News
Three Ways Varonis Helps You Fight Insider Threats
Insider threats are difficult for organizations to combat. Varonis’ modern cybersecurity answer uses the data security triad of sensitivity, access, a
Infosecurity News
Microsoft Fixes Five Zero-Day Vulnerabilities
Patch Tuesday includes fixes for three actively exploited bugs
CyberNews
Ohio city severely disrupted by ransomware attack
Huber Heights and Bladen County fell victim to disruptive cyberattacks.
The Hacker News
Alert: Microsoft Releases Patch Updates for 5 New Zero-Day Vulnerabilities
Microsoft has released fixes to address 63 security bugs in its software for the month of November 2023.
CyberNews
LockBit ransom gang behind mass exploitation of Citrix bug, researchers say
Security researchers are blaming a now-patched Citrix zero-day vulnerability for a recent spate of ransomware attacks said to be carried out by the LockBit gang.
The Record
CISA adds three Microsoft Patch Tuesday bugs to vulnerability list
The top cybersecurity agency in the U.S. warned that hackers are exploiting three vulnerabilities disclosed by Microsoft on Tuesday.
The Record
FCC proposes cybersecurity pilot program for schools, libraries as attacks increase
The Federal Communications Commission proposed on Tuesday the creation of a “Schools and Libraries Cybersecurity Pilot Program” that would allow officials to collect data about the cybersecurity and advanced firewall services that would best help K-12 schools and libraries across the country defend themselves from hackers.
The Record
AI-generated disinformation a top concern for 2024 elections, Michigan secretary of state says
Michigan Secretary of State Jocelyn Benson warned of the potential for artificial intelligence to foment what she called “hyper-localized” dissemination of mis- and disinformation around next year's elections.
The Record
Aspen Cyber Summit 2023 — Live Coverage
Laurie Locascio, the director of the National Institute of Standards and Technology (NIST), kicked off the conference by discussing what will surely be a recurring theme: artificial intelligence.
The Record
Nearly two dozen Danish energy companies hacked through firewall bug in May
Denmark's critical infrastructure experienced the largest cyberattack in the country's history this spring, with 22 energy companies breached in just a few days, according to a new report from one of the country’s top cyber agencies.
The Record
UK National Cyber Force operations to become ‘more embedded’ with policing
The elite U.K. hacking unit eventually will be more integrated into police operations, alongside military and intelligence ones, according to Gen. Sir Jim Hockenhull, the chief of Strategic Command.
DarkReading
Microsoft Zero-Days Allow Defender Bypass, Privilege Escalation
Another two bugs in this month's set of fixes for 63 CVEs were publicly disclosed previously but have not been exploited yet.
Bleeping Computer
VMWare discloses critical VCD Appliance auth bypass with no patch
VMware disclosed a critical and unpatched authentication bypass vulnerability affecting Cloud Director appliance deployments.
Ars Technica
Intel fixes high-severity CPU bug that causes “very strange behavior”
Among other things, bug allows code running inside a VM to crash hypervisors.
Security Affairs
Danish critical infrastructure hit by the largest cyber attack in Denmark's history
Danish critical infrastructure was hit by the largest cyber attack on record that hit the country, according to Denmark's SektorCERT.
Bleeping Computer
LockBit ransomware exploits Citrix Bleed in attacks, 10K servers exposed
The Lockbit ransomware attacks use publicly available exploits for the Citrix Bleed vulnerability (CVE-2023-4966) to breach the systems of large organizations, steal data, and encrypt files.
Ars Technica
AI outperforms conventional weather forecasting for the first time: Google study
AI models may soon enable more accurate forecasts with higher speed and lower cost.
SecurityWeek
Microsoft Warns of Critical Bugs Being Exploited in the Wild
Redmond’s security response team flags two vulnerabilities -- CVE-2023-36033 and CVE-2023-36036 -- already being exploited in the wild.
Bleeping Computer
Microsoft November 2023 Patch Tuesday fixes 5 zero-days, 58 flaws
Today is Microsoft's November 2023 Patch Tuesday, which includes security updates for a total of 58 flaws and five zero-day vulnerabilities.
The Hacker News
CacheWarp Attack: New Vulnerability in AMD SEV Exposes Encrypted VMs
Researchers uncover new "CacheWarp" attack on AMD's SEV technology. It could lead to privilege escalation in encrypted VMs.
SecurityWeek
Adobe Patch Tuesday: Critical Bugs in Acrobat, Reader, ColdFusion
Adobe patches 72 security bugs and calls special attention to code-execution defects in the widely deployed Acrobat and Reader software.
Bleeping Computer
Pharmacy provider Truepill data breach hits 2.3 million customers
Postmeds, doing business as 'Truepill,' is sending notifications of a data breach informing recipients that threat actors accessed their sensitive personal information.
Cyber Security News
10 Best Network Security Companies For CISO - 2024
Best Network Security Companies for CISO: 1. Perimeter81 2. Palo Alto Networks 3. Cisco 4. Check Point 5. IBM 6. Crowdstrike 7. Trend Micro.
Bleeping Computer
Meet the Unique New "Hacking" Group: AlphaLock
A Russian hacking group known as AlphaLock is launching a "pentest" marketplace and training platform to empower a new generation of threat actors. Learn more from Flare about the new hacking group.
SecurityWeek
MySQL Servers, Docker Hosts Infected With DDoS Malware
Researchers warn attackers are targeting MySQL servers and Docker hosts to plant malware capable of launching distributed DDoS attacks.
Cyber Security News
Ransomedvc to Shutdown Operations, Selling Out Infrastructure
Ransomed[.]vc, a notorious ransomware and data extortion group, has recently announced the end of its operations
CyberNews
‘Denial of pleasure’ attack: FlipperZero targets adult toys
Researchers find that Flipper Zero can connect and control adult toys remotely by making them vibrate or stop working via a Bluetooth Low-Energy (BLE) broadcast.
Cyber Security News
McLaren Health Care Hacked: Attackers Claim 6 TB of Patient Data Stolen
McLaren Health Care was hacked 2.2 million individual data were breached after the attack of 6TB of Patient records in August.
SecurityWeek
Hacker Conversations: Chris Wysopal, AKA Weld Pond
Chris Wysopal (AKA Weld Pond) founder and CTO of Veracode and member of the hacker collective L0pht Heavy Industries.
CyberSecurity Dive
File-transfer services, rich with sensitive data, are under attack
This year has seen a trio of supply-chain attacks that created turmoil for thousands of corporate victims and their customers.
CyberNews
Denmark hit with largest cyberattack on record
Hackers potentially linked to Russia’s military intelligence carried out a series of highly coordinated cyberattacks on Danish energy infrastructure, a report says.
The Hacker News
CISA Sets a Deadline - Patch Juniper Junos OS Flaws Before November 17
Juniper Junos OS vulnerabilities can lead to remote code execution. CISA has set a Nov 17, 2023 deadline to secure against Juniper Junos OS vulnerabil
The Record
Tom Tugendhat criticizes fake AI attempts to ‘besmirch’ Keir Starmer and Sadiq Khan
Tom Tugendhat, Britain’s minister of state for security — and a Conservative Party politician — decried on Tuesday AI-generated fake audio clips that intended to damage the reputations of high-profile opposition politicians in the United Kingdom.
Bleeping Computer
Israel warns of BiBi wiper attacks targeting Linux and Windows
Data-wiping attacks are becoming more frequent on Israeli computers as researchers discovered variants of the BiBi malware family that destroys data on both Linux and Windows systems.
CyberSecurity Dive
New York proposes ‘nation-leading’ hospital cybersecurity regulations
The rules, which would require facilities to develop response plans and hire a chief information security officer, aim to safeguard hospitals from growing threats and keep them operating during an attack.
Latest Hacking News
WhatsApp Enhances Call Security With Location Hiding, Unknown Call Block
Stepping ahead to enhance users’ privacy, WhatsApp improvises its call feature security by launching two new features. These features facilitate users in hiding their location during calls and block calls from unknown numbers. WhatsApp Rolls Out
Latest Hacking News
Multiple Vulnerabilities Found In PureVPN – One Remains Unpatched
Researchers spotted a couple of security vulnerabilities in PureVPN Desktop clients for Linux that impact users’ privacy. While PureVPN patched one flaw, another RCE vulnerability remains unpatched. Numerous PureVPN Vulnerabilities Affected Linux Clients Security researchers Rafay Baloch
Security Affairs
LockBit ransomware gang leaked data stolen from Boeing
The LockBit ransomware group published data allegedly stolen from the aerospace giant Boeing in a recent attack.
SecurityWeek
2.2 Million Impacted by Data Breach at McLaren Health Care
McLaren Health Care is informing roughly 2.2 million individuals of a data breach impacting their personal information.
SecurityWeek
Yellen Says Ransomware Attack on China's Biggest Bank Minimally Disrupted Treasury Market Trades
A ransomware attack that forced China’s biggest bank to take some systems offline only minimally disrupted the U.S. Treasury market.
CyberNews
Hacking the sky: planes need patching, too – interview
Cyber assaults on the aviation sector carry more serious repercussions than mere data theft or DDoS attacks.
The Hacker News
Chinese Hackers Launch Covert Espionage Attacks on 24 Cambodian Organizations
Chinese nation-state hackers are targeting 24 Cambodian government organizations in a long-term espionage campaign.
CyberSecurity Dive
4 data-driven priorities for security leaders in 2024
According to a new report, security teams are struggling amid relentless cyberattacks and limited resources. What can leaders do to set their teams up for a more stable 2024?
The Hacker News
New BiBi-Windows Wiper Targets Windows Systems in Pro-Hamas Attacks
Researchers warn of BiBi-Windows Wiper, a dangerous Windows version of a wiper malware used in cyber attacks on Israel.
The Record
Ransomware tracker: The latest figures [November 2023]
The number of ransomware attacks targeting educational institutions shot up to a record high in June, with ransomware gangs publicly claiming more than one attack against a school per day on average.
Cyber Security News
Best Security Solutions for Marketers - 2024
Best security solutions for Marketers: 1. Perimeter 81 2. Surfshark3. Private Internet Access 4. Malwarebytes 5. CyberGhost 6. GoodAccess
The Record
More than $100 million stolen from Poloniex crypto platform
Hackers stole more than $100 million from cryptocurrency trading platform Poloniex on Friday, taking off with millions worth of Bitcoin and Ethereum.
Cyber Security News
MOVEit Hackers Turn to SysAid Servers Zero-Day Vulnerability
SysAid disclosed a zero-day which was affecting on-premises SysAid servers. The vulnerability was found to be a path traversal vulnerability.
Bleeping Computer
Mortgage giant Mr. Cooper says customer data exposed in breach
Mr. Cooper, the largest home loan servicer in the United States, says it found evidence of customer data exposed during a cyberattack disclosed last week, on October 31.
Bleeping Computer
Maine govt notifies 1.3 million people of MOVEit data breach
The State of Maine has announced that its systems were breached after threat actors exploited a vulnerability in the MOVEit file transfer tool and accessed personal information of about 1.3 million, which is close to the state's entire population.
CyberSecurity Dive
For Maine, the MOVEit attack is personal
With 1.3 million individuals compromised, the level of exposure on an individual basis is one that's representative of a compromise of its entire population.
Cyber Security News
SideCopy APT group Exploiting WinRAR Zero-Day to Deliver Ares RAT
SideCopy, the Pakistani-based threat actor, has been using the WinRAR vulnerability (CVE-2023-38831) to target Indian government entities.
Infosecurity News
MOVEit Gang Targets SysAid Customers With Zero-Day Attacks
Lace Tempest looks to spread Clop malware to victims
The Hacker News
The New 80/20 Rule for SecOps: Customize Where it Matters, Automate the Rest
Are you tired of sifting through endless alerts? The era of Security Automation is here! Learn how it's changing the game for SOC teams.
CyberNews
1.3M impacted in the State of Maine data breach
The State of Maine data breach exposed over a million of its residents.
Cyber Security News
Chinese Hackers Expanding Cyber Capabilities to Exploit Zero-Day Vulnerabilities
State-sponsored hackers or threat actors and their cyber operations are evolving at an alarming pace, leveraging advanced techniques and constantly adapting to exploit emerging vulnerabilities.
The Hacker News
Iran-Linked Imperial Kitten Cyber Group Targeting Middle East's Tech Sectors
Iranian hacker group Imperial Kitten launches cyberattacks on transportation, logistics, and tech sectors, including Israel.
The Record
Washington State Department of Transportation working to recover from cyberattack
Washington’s State Department of Transportation is recovering from a cyberattack that is causing a range of issues for local ferries and apps used for maps.
The Record
Clearing the informational fog in Israel and Gaza
The Click Here podcast team reports on wartime technological improvisations: An activist unexpectedly leads an effort to identify the missing and the dead. And an English teacher finds a way to connect mobile phones as infrastructure collapses.
CyberNews
Allen & Overy law firm breached, LockBit takes credit
Top global law firm Allen & Overy (A&O) said some of its systems have been impacted due to a “data incident” claimed by the LockBit ransomware group.
Bleeping Computer
Cloudflare website down, showing ‘We’re sorry’ Google errors
Cloudflare is investigating an ongoing outage causing 'We're sorry" Google errors to be shown on the company's website.
Bleeping Computer
Cloudflare website downed by DDoS attack claimed by Anonymous Sudan
Cloudflare is investigating an ongoing outage causing 'We're sorry" Google errors to be shown on the company's website.
The Hacker News
Zero-Day Alert: Lace Tempest Exploits SysAid IT Support Software Vulnerability
Microsoft exposes Lace Tempest's latest move: exploiting a zero-day flaw in SysAid IT support software.
Bleeping Computer
Microsoft: SysAid zero-day flaw exploited in Clop ransomware attacks
Threat actors are exploiting a zero-day vulnerability in the service management software SysAid to gain access to corporate servers for data theft and to deploy Clop ransomware.
Infosecurity News
Iran-Affiliated Group Targets Israeli Firms Amid Israel-Hamas Conflict
CrowdStrike attributes recent attacks on the Israeli transportation, logistics, and technology sectors to Iran-affiliated group Imperial Kitten
Bleeping Computer
Russian hackers switch to LOTL technique to cause power outage
Russian state hackers have evolved their methods for breaching industrial control systems by adopting living-off-the-land techniques that enable reaching the final stage of the attack quicker and with less resources