Security Affairs

MAY 29, 2024

Check Point released hotfixes for a VPN zero-day vulnerability, tracked as CVE-2024-24919, which is actively exploited in attacks in the wild. Check Point released hotfixes to address a VPN zero-day vulnerability, tracked as CVE-2024-24919 , which is actively being exploited in attacks in the wild.

VPN 101

VPN Authentication Passwords Accountability 101

Security Affairs

MARCH 30, 2024

The German Federal Office for Information Security (BSI) warned of thousands of Microsoft Exchange servers in the country vulnerable to critical flaws. “Around 45,000 Microsoft Exchange servers in Germany can currently be accessed from the Internet without restrictions. In February 2024, the U.S.

Information Security 112

Information Security Internet Internet Healthcare 112

Security Affairs

APRIL 9, 2024

.” The researchers pointed out that despite the vulnerable service is intended for LAN access only, querying Shodan they identified over 91,000 devices that expose the service to the Internet. Most of the Internet-facing devices are in South Korea, Hong Kong, the U.S., Sweden, and Finland. running on OLED55CXPUA webOS 6.3.3-442

Hacking 126

Hacking Internet Internet Authentication 126

Security Affairs

FEBRUARY 9, 2024

Ivanti warns customers of a new authentication bypass vulnerability in its Connect Secure, Policy Secure, and ZTA gateway devices. “An XML external entity or XXE vulnerability in the SAML component of Ivanti Connect Secure (9.x, x), Ivanti Policy Secure (9.x, x), Ivanti Policy Secure (9.x,

Authentication 103

Authentication Software Internet Internet 103

BH Consulting

MARCH 21, 2024

Returning to the healthcare space, the Irish Pharmacy Union has a guide to avoiding ransomware, produced by BH Consulting’s information security consultant Brendan Mooney. The EU said the voluntary wallet would remove the need to resort to commercial providers, “a practice that raises trust, security and privacy concerns”.

Cyber threats 69

Cyber threats Ransomware Healthcare Risk 69

Security Affairs

FEBRUARY 5, 2024

The Ivanti SSRF vulnerability tracked as CVE-2024-21893 is actively exploited in attacks in the wild by multiple threat actors. The Ivanti Server-Side Request Forgery (SSRF) vulnerability, identified as CVE-2024-21893 , is currently being actively exploited in real-world attacks by various threat actors. x), Policy Secure (9.x,

Software 103

Software Authentication Internet Internet 103

Security Affairs

JANUARY 18, 2024

CVE-2024-0519 – Google Chromium V8 Out-of-Bounds Memory Access Vulnerability. This week Citrix warned customers to install security updates to address two actively exploited zero-day vulnerabilities, tracked as CVE-2023-6548 and CVE-2023-6549, impacting Netscaler ADC and Gateway appliances.

Authentication 118

Authentication VPN Software Engineering 118

Security Affairs

MARCH 21, 2024

Threat actors without a valid TLS client certificate enrolled through EPMM cannot directly exploit this issue on the Internet.” The advisory provides details about the exploitation in the wild of Connect Secure and Policy Secure vulnerabilities CVE-2023-46805 , CVE-2024-21887 , and CVE-2024-21893.

Authentication 112

Authentication Internet Internet Hacking 112

Security Affairs

MARCH 10, 2024

Judge ordered NSO Group to hand over the Pegasus spyware code to WhatsApp Cybercrime BlackCat Ransomware Affiliate TTPs American Express credit cards EXPOSED in third-party vendor data breach – account numbers and names among details accessed in hack LockBit 3.0’S

Spyware 89

Spyware Data breaches Hacking Ransomware 89

Security Affairs

MAY 8, 2024

A critical Remote Code Execution vulnerability in the Tinyproxy service potentially impacted 50,000 Internet-Exposing hosts. The vulnerability impacts over 90,000 hosts that expose a Tinyproxy service on the internet. the code is only triggered after access list checks and authentication have succeeded. and Tinyproxy 1.10.0.

Internet 109

Internet Internet Authentication Passwords 109

Security Affairs

MAY 7, 2024

MITRE published more details on the recent security breach, including a timeline of the attack and attribution evidence. In April 2024, MITRE disclosed a security breach in one of its research and prototyping networks. On January 4, 2024, the threat actors conducted a reconnaissance on NERVE environment.

Malware 102

Malware Hacking Accountability Authentication 102

Security Affairs

JANUARY 13, 2024

Akira ransomware targets Finnish organizations GitLab fixed a critical zero-click account hijacking flaw Juniper Networks fixed a critical RCE bug in its firewalls and switches Vast Voter Data Leaks Cast Shadow Over Indonesia ’s 2024 Presidential Election Researchers created a PoC for Apache OFBiz flaw CVE-2023-51467 Team Liquid’s wiki leak exposes (..)

VPN 110

VPN Cybercrime Ransomware Hacking 110

Security Affairs

MAY 1, 2024

A new malware named Cuttlefish targets enterprise-grade and small office/home office (SOHO) routers to harvest public cloud authentication data. Cuttlefish has a modular structure, it was designed to primarily steal authentication data from web requests passing through the router from the local area network (LAN).

Malware 104

Malware DNS Authentication Telecommunications 104

Security Affairs

FEBRUARY 7, 2024

JetBrains addressed a critical security vulnerability, tracked as CVE-2024-23917 (CVSS score 9.8) “The vulnerability may enable an unauthenticated attacker with HTTP(S) access to a TeamCity server to bypass authentication checks and gain administrative control of that TeamCity server.” ” reads the advisory.

Authentication 103

Authentication Software Internet Internet 103

Security Affairs

MARCH 26, 2024

TheMoon variant discovered by the Black Lotus Labs team was observed targeting over 40,000 bots from 88 countries in January and February of 2024. Once the rules have been created, a thread connects to an NTP server from a roster of authentic NTP servers. ” reads the report published by Black Lotus Labs.

IoT 123

IoT Cybercrime Internet Internet 123

SecureWorld News

MAY 7, 2024

According to a new joint cybersecurity alert , the hacktivists have been observed gaining remote access to small-scale industrial control systems used in water/wastewater, dams, energy, and food and agriculture by exploiting internet-exposed human-machine interfaces (HMIs) and using default or weak passwords.

Passwords 86

Passwords Manufacturing Technology Authentication 86

Security Affairs

MARCH 2, 2024

US CISA, the FBI, and MS-ISAC issued a joint CSA to warn of attacks involving Phobos ransomware variants observed as recently as February 2024 US CISA, the FBI, and MS-ISAC issued a joint cyber security advisory (CSA) to warn of attacks involving Phobos ransomware variants such as Backmydata , Devos, Eight, Elking, and Faust.

Ransomware 125

Ransomware Backups Healthcare Firewall 125

Security Affairs

MARCH 30, 2024

In March 2024, more than 70,000,000 records from an unspecified division of AT&T were leaked onto Breached forum, vx-underground researchers reported. No information is available to indicate whether it is a 3rd party compromise, or which 'division' this data is from. reads the RestorePrivacy website.

Data breaches 135

Data breaches Telecommunications Cybercrime Hacking 135

The Security Ledger

MAY 2, 2024

Jim and I talk about the findings of DirectDefense’s latest Security Operations Threat Report and dig into the intriguing ways artificial intelligence (AI) is shaping both cyberattack and defense automation strategies. Jim Broome is the President and CTO at DirectDefense.

Cyber threats 52

Cyber threats Artificial Intelligence Threat Reports Technology 52

Security Affairs

MAY 2, 2024

They aim to exploit modular, internet-exposed Industrial Control Systems (ICS), targeting software components like human machine interfaces (HMIs). In early 2024, several U.S.-based The threat actors were observed using methods such as exploiting virtual network computing (VNC) remote access software and default passwords. .

Passwords 92

Passwords Internet Internet Software 92

Krebs on Security

MARCH 12, 2024

Last week, Apple pushed out an urgent software update to its flagship iOS platform, warning that there were at least two zero-day exploits for vulnerabilities being used in the wild (CVE-2024-23225 and CVE-2024-23296). The security updates are available in iOS 17.4 , iPadOS 17.4 , and iOS 16.7.6. Apple’s macOS Sonoma 14.4

Authentication 244

Authentication Engineering Accountability Internet 244

Security Affairs

APRIL 10, 2024

In March 2024, more than 70,000,000 records from an unspecified division of AT&T were leaked onto Breached forum, vx-underground researchers reported. The researchers confirmed that the leaked data is legitimate , however, it is still unclear if the information was stolen from a third-party organization linked to AT&T.

Data breaches 103

Data breaches Telecommunications Identity Theft Hacking 103

SecureList

FEBRUARY 27, 2024

” For instance, educational robots that connect to the internet and support video calls. ” Interactive features include gaming and educational applications for children, a voice assistant, internet access and connection to the parent app for smartphones. This was the first security-related issue we discovered.

Education 94

Education Manufacturing Firmware Internet 94

Security Affairs

JANUARY 3, 2024

Resecurity has uncovered a cybercriminal faction known as “ GXC Team “, who specializes in crafting tools for online banking theft, ecommerce deception, and internet scams. Crooks created a new tool that uses Artificial Intelligence (AI) for creating fraudulent invoices used for wire fraud and BEC.

Artificial Intelligence 119

Artificial Intelligence Banking Scams Cybercrime 119

Security Affairs

FEBRUARY 4, 2024

Clorox estimates the costs of the August cyberattack will exceed $49 Million Mastodon fixed a flaw that can allow the takeover of any account Iranian hackers breached Albania’s Institute of Statistics (INSTAT) Operation Synergia led to the arrest of 31 individuals Ex CIA employee Joshua Adam Schulte sentenced to 40 years in prison Cloudflare breached (..)

Identity Theft 108

Identity Theft VPN Malware Ransomware 108

eSecurity Planet

MAY 30, 2024

2024 looks like it will only increase the number of affected individuals considering the scale of ransomware attacks from the first half of the year in the USA, Canada, and Australia. million for the first three quarters of FY 2024. million patient’s information caused by a third party tracker installed on the Kaiser patient portal.

Healthcare 123

Healthcare Cybersecurity Backups Ransomware 123

The Last Watchdog

JANUARY 22, 2024

23, 2024 — Sternum, the pioneer in embedded IoT security and observability, today announced enhanced security for the ChargePoint Home Flex. ChargePoint’s fast response to patching these vulnerabilities is a testament to the importance of securing critical infrastructure. Tel Aviv, Israel – Jan.

IoT 100

IoT InfoSec Firmware Manufacturing 100

Centraleyes

JANUARY 14, 2024

Obtaining PCI DSS certification is not impossible and usually takes companies between one day and two weeks to complete, depending on the complexity of payments within the company and the state of information security. which gracefully exits in March 2024, making way for the solo performance of v4.0.

Computers and Electronics 52

Computers and Electronics Risk Software Information Security 52

Pen Test Partners

OCTOBER 9, 2023

In essence, it is a view of the application and its environment through the lens of security. Threat modeling can be applied to a wide range of things, including software, applications, systems, networks, distributed systems, Internet of Things (IoT) devices, and business processes. Mutually authenticating between devices or servers.

IoT 52

IoT Firmware Mobile Manufacturing 52

Cisco Security

DECEMBER 22, 2022

Wi-Fi Air Marshal, by Jérémy Couture, Head of SOC, Paris 2024 Olympic Games. We must allow real malware on the Black Hat network: for training, demonstrations, and briefing sessions; while protecting the attendees from attack within the network from their fellow attendees, and prevent bad actors from using the network to attack the Internet.

Engineering 63

Engineering Mobile Malware Wireless 63

Cisco Security

AUGUST 28, 2023

This allows us to capture telemetry from the edge devices’ egress interface giving us insights into traffic from the external internet, inbound to the Blackhat network. All these protocols can be easily subverted by man-in-the-middle (MitM) attacks, allowing an adversary to authenticate against services such as email.

Wireless 61

Wireless DNS Mobile Technology 61

Security Affairs

NOVEMBER 19, 2023

Israeli man sentenced to 80 months in prison for providing hacker-for-hire services Russian APT Gamaredon uses USB worm LitterDrifter against Ukraine The board of directors of OpenAI fired Sam Altman Medusa ransomware gang claims the hack of Toyota Financial Services CISA adds Sophos Web Appliance bug to its Known Exploited Vulnerabilities catalog (..)

Data breaches 98

Data breaches Identity Theft Ransomware Hacking 98