23174
๐ The finest daily news on cybersecurity and privacy. ๐ Daily releases. ๐ป Is your online life secure? ๐ฉ lalilolalo.dev@gmail.com
๐ต๏ธโโ๏ธ Wiz Launches Wiz Code Application Security Tool ๐ต๏ธโโ๏ธWiz Code identifies and flags cloud risks in code to help improve collaboration between security and development teams.
๐ Read more.
๐ Via "Dark Reading"
----------
๐๏ธ Seen on @cibsecurity
โ๏ธ Bug Left Some Windows PCs Dangerously Unpatched โ๏ธMicrosoft Corp. today released updates to fix at least 79 security vulnerabilities in its Windows operating systems and related software, including multiple flaws that are already showing up in active attacks. Microsoft also corrected a critical bug that has caused some Windows 10 PCs to remain dangerously unpatched against actively exploited vulnerabilities for several months this year.
๐ Read more.
๐ Via "Krebs on Security"
----------
๐๏ธ Seen on @cibsecurity
๐ฆฟ Patch Tuesday for September 2024: Microsoft Catches Four Zero-Day Vulnerabilities ๐ฆฟA Mark of the Web security alert vulnerability and three others have been exploited in the wild and are now covered by Redmonds monthly patch batch.
๐ Read more.
๐ Via "Tech Republic"
----------
๐๏ธ Seen on @cibsecurity
๐ต๏ธโโ๏ธ How a Centuries-Old Company Reached Security Maturity ๐ต๏ธโโ๏ธIn this case study, a 180yearold life and pension insurer brought its security infrastructure into the modern age.
๐ Read more.
๐ Via "Dark Reading"
----------
๐๏ธ Seen on @cibsecurity
๐ฆ
The Re-Emergence of CVE-2024-32113: How CVE-2024-45195 has amplified Exploitation Risks ๐ฆ
Overview On September 7, 2024, Cyble Global Sensor Intelligence CGSI identified the active exploitation of CVE202432113, a critical path traversal vulnerability in the Apache OFBiz opensource enterprise resource planning ERP system. This flaw was initially addressed on April 12, 2024, with a formal patch released on May 8, 2024. CVE202432113 allows Threat Actors TAs to execute arbitrary commands by sending specially crafted requests, enabling them to gain unauthorized access and execute arbitrary commands. On September 4, 2024, the identification of CVE202445195 reignited concerns surrounding Apache OFBiz by revealing a bypass for several previously addressed vulnerabilities, notably CVE202432113. This development has intensified the exploitation of CVE202432113, as attackers expl...
๐ Read more.
๐ Via "CYBLE"
----------
๐๏ธ Seen on @cibsecurity
๐ SOC Automation: Streamlining Security Operations (+CISOโs Checklist) ๐Are you sure your SOC is invincible armor? How often do you hear about the burnout of inhouse SOC analysts? I will not bore you with dry statistics proving that security operation centers SOCs are swamped with tasks, most of which do not require any actions yet missed out on critical.ย The solution is clear The post SOC Automation Streamlining Security Operations CISOs Checklist appeared first on UnderDefense.
๐ Read more.
๐ Via "UnderDefense"
----------
๐๏ธ Seen on @cibsecurity
๐ Critical SonicWall SSLVPN Bug Exploited By Ransomware Actors ๐Researchers have warned that a critical SonicWall vulnerability is being exploited in ransomware attacks.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐ China-Linked Threat Actors Target Taiwan Military Industry ๐TIDRONE group targets military, drone and satellite industries in Taiwan.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ Mustang Panda Deploys Advanced Malware to Spy on Asia-Pacific Governments ๐๏ธThe threat actor tracked as Mustang Panda has refined its malware arsenal to include new tools in order to facilitate data exfiltration and the deployment of nextstage payloads, according to new findings from Trend Micro. The cybersecurity firm, which is monitoring the activity cluster under the name Earth Preta, said it observed "the propagation of PUBLOAD via a variant of the worm HIUPAN.".
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ Shining a Light on Shadow Apps: The Invisible Gateway to SaaS Data Breaches ๐๏ธShadow apps, a segment of Shadow IT, are SaaS applications purchased without the knowledge of the security team. While these applications may be legitimate, they operate within the blind spots of the corporate security team and expose the company to attackers.ย Shadow apps may include instances of software that the company is already using. For example, a dev team may onboard their own.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ CosmicBeetle Deploys Custom ScRansom Ransomware, Partnering with RansomHub ๐๏ธThe threat actor known as CosmicBeetle has debuted a new custom ransomware strain called ScRansom in attacks targeting small and mediumsized businesses SMBs in Europe, Asia, Africa, and South America, while also likely working as an affiliate for RansomHub. "CosmicBeetle replaced its previously deployed ransomware, Scarab, with ScRansom, which is continually improved," ESET researcher Jakub.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐ Proxmark3 4.18994 Custom Firmware ๐ This is a custom firmware written for the Proxmark3 device. It extends the currently available firmware. This release is nicknamed "Backdoor".
๐ Read more.
๐ Via "Packet Storm - Tools"
----------
๐๏ธ Seen on @cibsecurity
๐ต๏ธโโ๏ธ Chinese Tag Team APTs Keep Stealing Asian Gov't Secrets ๐ต๏ธโโ๏ธA PRC threat cluster known as "Crimson Palace" is demonstrating the benefits of having specialized units carry out distinct stages of a wider attack chain.
๐ Read more.
๐ Via "Dark Reading"
----------
๐๏ธ Seen on @cibsecurity
๐ต๏ธโโ๏ธ Dark Reading Confidential: Pen Test Arrests, Five Years Later ๐ต๏ธโโ๏ธEpisode 3 On September 11, 2019, two cybersecurity professionals were arrested in Dallas County, Iowa and forced to spend the night in jail just for doing their jobs. Gary De Mercurio and Justin Wynn. Despite the criminal charges against them eventually being dropped, the saga that night five years ago continues to haunt De Mercurio and Wynn personally and professionally. In this episode, the pair and Coalfire's CEO Tom McAndrew share how the arrest and fallout has shaped their lives and careers as well as how it has transformed physical penetration tests for the cybersecurity industry as a whole.
๐ Read more.
๐ Via "Dark Reading"
----------
๐๏ธ Seen on @cibsecurity
๐ต๏ธโโ๏ธ Mustang Panda Feeds Worm-Driven USB Attack Strategy ๐ต๏ธโโ๏ธA fresh wave of attacks on APAC government entities involves both selfpropagating malware spreading via removable drives and a spearphishing campaign.
๐ Read more.
๐ Via "Dark Reading"
----------
๐๏ธ Seen on @cibsecurity
๐ต๏ธโโ๏ธ India Needs Better Cybersecurity for Space, Critical Infrastructure ๐ต๏ธโโ๏ธAs attacks on satellites rise with nationstate conflicts, the South Asian nation joins other spacecapable countries in doubling down on cybersecurity.
๐ Read more.
๐ Via "Dark Reading"
----------
๐๏ธ Seen on @cibsecurity
๐ต๏ธโโ๏ธ Microsoft Discloses 4 Zero-Days in September Update ๐ต๏ธโโ๏ธThis month's Patch Tuesday contains a total of 79 vulnerabilities the fourth largest of the year.
๐ Read more.
๐ Via "Dark Reading"
----------
๐๏ธ Seen on @cibsecurity
๐ต๏ธโโ๏ธ Air-Gapped Networks Vulnerable to Acoustic Attack via LCD Screens ๐ต๏ธโโ๏ธSound waves generated by pixels on a screen can transmit information across seemingly impenetrable air gaps.
๐ Read more.
๐ Via "Dark Reading"
----------
๐๏ธ Seen on @cibsecurity
๐ต๏ธโโ๏ธ Cyber Staffing Shortages Remain CISOs' Biggest Challenge ๐ต๏ธโโ๏ธBesides operational issues connected to a talent shortage, the cost of running security platforms and their training costs also keeps CISOs up at night.
๐ Read more.
๐ Via "Dark Reading"
----------
๐๏ธ Seen on @cibsecurity
๐ฆ
CISA Adds Three Critical Vulnerabilities to Known Exploited Vulnerabilities Catalog ๐ฆ
Key Takeaways CISA has updated its Known Exploited Vulnerabilities KEV Catalog with three critical vulnerabilities CVE20163714, CVE20171000253, and CVE202440766. These vulnerabilities are being actively exploited by cybercriminals, posing significant risks to both federal and private sector organizations. CISA urges all organizations to prioritize the remediation of these vulnerabilities to strengthen their cybersecurity defenses. Organizations should update software with the latest patches, implement multifactor authentication MFA, and continuously monitor for unusual activities. For detailed information and support, organizations should consult CISAs advisories and the relevant vendor resources. Overview The Cybersecurity and Infrastructure Security Agency CISA...
๐ Read more.
๐ Via "CYBLE"
----------
๐๏ธ Seen on @cibsecurity
๐ Senior Python Developer ๐The post Senior Python Developer appeared first on UnderDefense.
๐ Read more.
๐ Via "UnderDefense"
----------
๐๏ธ Seen on @cibsecurity
๐ DoJ Distributes $18.5m to Western Union Fraud Victims ๐The Justice Department has begun the latest round of fraud reimbursement from the Western Union Remission Fund.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐ Highline Public Schools Forced to Close By Cyber-Attack ๐Highline Public Schools in Washington State have now been closed for two days following the incident.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ New PIXHELL Attack Exploits Screen Noise to Exfiltrates Data from Air-Gapped Computers ๐๏ธA new sidechannel attack dubbed PIXHELL could be abused to target airgapped computers by breaching the "audio gap" and exfiltrating sensitive information by taking advantage of the noise generated by the pixels on the screen. "Malware in the airgap and audiogap computers generates crafted pixel patterns that produce noise in the frequency range of 0 22 kHz," Dr. Mordechai Guri, the head of.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ Experts Identify 3 Chinese-Linked Clusters Behind Cyberattacks in Southeast Asia ๐๏ธA trio of threat activity clusters linked to China has been observed compromising more government organizations in Southeast Asia as part of a renewed statesponsored operation codenamed Crimson Palace, indicating an expansion in the scope of the espionage effort. Cybersecurity firm Sophos, which has been monitoring the cyber offensive, said it comprises three intrusion sets tracked as Cluster.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐ง ChatGPT 4 can exploit 87% of one-day vulnerabilities: Is it really that impressive? ๐ง After reading about the recent cybersecurity research by Richard Fang, Rohan Bindu, Akul Gupta and Daniel Kang, I had questions. While initially impressed that ChatGPT 4 can exploit the vast majority of oneday vulnerabilities, I started thinking about what the results really mean in the grand scheme of cybersecurity. Most importantly, I wondered how a The post ChatGPT 4 can exploit 87 of oneday vulnerabilities Is it really that impressive? appeared first on Security Intelligence.
๐ Read more.
๐ Via "Security Intelligence"
----------
๐๏ธ Seen on @cibsecurity
๐ฆฟ Microsoft Is Disabling Default ActiveX Controls in Office 2024 to Improve Security ๐ฆฟMicrosoft has been on the warpath against legacy Office features that are providing entry points for bad actors since 2018.
๐ Read more.
๐ Via "Tech Republic"
----------
๐๏ธ Seen on @cibsecurity
๐ต๏ธโโ๏ธ Gallup Poll Bugs Open Door to Election Misinformation ๐ต๏ธโโ๏ธResearchers flagged a pair of Gallup polling site XSS vulnerabilities that could have allowed malicious actors to execute arbitrary code, access sensitive data, or take over a victim account.
๐ Read more.
๐ Via "Dark Reading"
----------
๐๏ธ Seen on @cibsecurity
๐ต๏ธโโ๏ธ Platform Engineering Is Security Engineering ๐ต๏ธโโ๏ธFor modern applications built on Kubernetes and microservices, platform engineering is not just about building functional systems but also about embedding security into the fabric of those systems.
๐ Read more.
๐ Via "Dark Reading"
----------
๐๏ธ Seen on @cibsecurity
๐ข Cloud security fears, rising costs, privacy concerns? ๐ขHere's why businesses are turning back to onprem servers.
๐ Read more.
๐ Via "ITPro"
----------
๐๏ธ Seen on @cibsecurity