Security Affairs

JANUARY 9, 2024

Microsoft Patch Tuesday security updates for January 2024 addressed a total of 49 flaws, including two critical vulnerabilities. The critical vulnerabilities are: CVE-2024-20700 – Windows Hyper-V Remote Code Execution Vulnerability. CVE-2024-20674 – Windows Kerberos Security Feature Bypass Vulnerability.

Authentication 120

Authentication Internet Internet Hacking 120

The Last Watchdog

DECEMBER 13, 2023

We drilled down on a few significant developments expected to play out in 2024 and beyond. Each time we use a mobile app or website-hosted service, digital certificates and the Public Key Infrastructure ( PKI ) come into play — to assure authentication and encrypt sensitive data transfers. We met at DigiCert Trust Summit 2023.

Encryption 311

Encryption Technology CISO IoT 311

Security Affairs

JANUARY 4, 2024

An internet outage impacted Orange Spain after a hacker gained access to the company’s RIPE account to misconfigure BGP routing. The hacker, who uses the moniker ‘Snow’, gained access to the RIPE account of Orange Spain and misconfigured the BGP routing causing an internet outage.

Internet 116

Internet Internet Accountability Passwords 116

Security Affairs

APRIL 7, 2024

A researcher who goes online with the moniker ‘Netsecfish’ disclosed a new arbitrary command injection and hardcoded backdoor flaw, tracked as , tracked as CVE-2024-3273 , that impacts multiple end-of-life D-Link Network Attached Storage (NAS) device models. This trick allows attackers to obtain bypass authentication.

Internet 135

Internet Internet DNS Hacking 135

Malwarebytes

MARCH 13, 2024

The March 2024 Patch Tuesday update includes patches for 61 Microsoft vulnerabilities. The Hyper-V CVEs patched in this round of updates are: CVE-2024-21407 is a Windows Hyper-V Remote Code Execution (RCE) vulnerability with a CVSS score of 8.1 Another vulnerability worth mentioning is CVE-2024-21334 , which has a CVSS score of 9.8

Software 87

Software Authentication Internet Internet 87

SecureList

NOVEMBER 23, 2023

As we look to 2024, we believe that the consumer threat landscape will be heavily influenced by political, cultural, and technological events and trends. Unfortunately, this ambiguity sets the stage for an anticipated increase in charity-related scams in 2024. There are two main reasons for that: political pressure and DDoS attacks.

VPN 90

VPN Scams Education Internet 90

The Last Watchdog

APRIL 30, 2024

Related: Why proxies aren’t enough Microsoft had used illegal monopolistic practices to crush Netscape Navigator thereby elevating Internet Explorer (IE) to become far and away the No. As RSAC 2024 gets ready to open next week, the practicality of embedding advanced security tools in company-sanctioned web browsers is in the spotlight.

Internet 130

Internet Internet Engineering Authentication 130

Krebs on Security

APRIL 9, 2024

Ben McCarthy , lead cyber security engineer at Immersive Labs called attention to CVE-2024-20670 , an Outlook for Windows spoofing vulnerability described as being easy to exploit. ” For links to individual security advisories indexed by severity, check out ZDI’s blog and the Patch Tuesday post from the SANS Internet Storm Center.

DNS 233

DNS Social Engineering Malware Media 233

Identity IQ

JANUARY 11, 2024

New AI Scams to Look Out For in 2024 IdentityIQ Artificial intelligence (AI) has quickly reshaped many aspects of everyday life. Here are three new AI scams to look out for in 2024 as well as some tips to help protect yourself and stay prepared for the explosive development of AI.

Scams 94

Scams Artificial Intelligence Identity Theft Phishing 94

Security Affairs

APRIL 9, 2024

.” The researchers pointed out that despite the vulnerable service is intended for LAN access only, querying Shodan they identified over 91,000 devices that expose the service to the Internet. Most of the Internet-facing devices are in South Korea, Hong Kong, the U.S., Sweden, and Finland. running on OLED55CXPUA webOS 6.3.3-442

Hacking 129

Hacking Internet Internet Authentication 129

Security Affairs

FEBRUARY 9, 2024

Ivanti warns customers of a new authentication bypass vulnerability in its Connect Secure, Policy Secure, and ZTA gateway devices. x) and ZTA gateways which allows an attacker to access certain restricted resources without authentication.” and CVE-2024-21893 (CVSS score: 8.2). x), Ivanti Policy Secure (9.x,

Authentication 107

Authentication Software Internet Internet 107

BH Consulting

MARCH 21, 2024

Meanwhile, plans for an EU-wide digital wallet gained momentum with regulation adopted in late February, to introduce a system to allow citizens to identify and authenticate themselves online. MORE The FBI’s internet crime report shows email scams making way for crypto fraud. But the European Court of Justice has set it straight.”

Cyber threats 69

Cyber threats Ransomware Healthcare Risk 69

Security Affairs

MARCH 30, 2024

“Around 45,000 Microsoft Exchange servers in Germany can currently be accessed from the Internet without restrictions. “This means that at least 37 percent of all Microsoft Exchange servers openly accessible from the Internet are vulnerable.” In February 2024, the U.S.

Information Security 116

Information Security Internet Internet Healthcare 116

Malwarebytes

FEBRUARY 6, 2024

Released today, the Malwarebytes State of Malware 2024 report takes a deep dive into the latest developments in the world of cybercrime. It also acts as a reminder to be careful about what you share, even if you are under the impression that you are using the internet securely.

Malware 80

Malware Passwords Identity Theft Banking 80

Security Affairs

FEBRUARY 5, 2024

The Ivanti SSRF vulnerability tracked as CVE-2024-21893 is actively exploited in attacks in the wild by multiple threat actors. The Ivanti Server-Side Request Forgery (SSRF) vulnerability, identified as CVE-2024-21893 , is currently being actively exploited in real-world attacks by various threat actors. x), Policy Secure (9.x,

Software 107

Software Authentication Internet Internet 107

Malwarebytes

MARCH 8, 2024

JetBrains issued a warning on March 4, 2024 about two serious vulnerabilities in TeamCity server. The flaws can be used by a remote, unauthenticated attacker with HTTP(S) access to a TeamCity on-premises server to bypass authentication checks and gain administrative control of the TeamCity server. 16 IPs seen scanning so far.

Authentication 87

Authentication Internet Internet Cybersecurity 87

Security Boulevard

APRIL 1, 2024

Follow HYAS on LinkedIn Follow HYAS on X Summary of Top ASNs and Malware Origins AS9318 - SK Broadband Co Ltd (South Korea) AS9318, also known as SK Broadband Co Ltd, is a significant Internet Service Provider (ISP) based in South Korea. AS7684 - Sakura Internet Inc. Japan) AS7684, managed by Sakura Internet Inc.,

Malware 62

Malware Cybersecurity Risk Cyber threats 62

Security Affairs

MARCH 21, 2024

Threat actors without a valid TLS client certificate enrolled through EPMM cannot directly exploit this issue on the Internet.” The advisory provides details about the exploitation in the wild of Connect Secure and Policy Secure vulnerabilities CVE-2023-46805 , CVE-2024-21887 , and CVE-2024-21893.

Authentication 115

Authentication Internet Internet Hacking 115

Security Affairs

JANUARY 18, 2024

CVE-2024-0519 – Google Chromium V8 Out-of-Bounds Memory Access Vulnerability. Citrix NetScaler ADC and NetScaler Gateway contain a code injection vulnerability that allows for authenticated remote code execution on the management interface with access to NSIP, CLIP, or SNIP. The flaw was reported by Anonymous on January 11, 2024.

Authentication 121

Authentication VPN Software Engineering 121

Security Affairs

MARCH 10, 2024

Judge ordered NSO Group to hand over the Pegasus spyware code to WhatsApp Cybercrime BlackCat Ransomware Affiliate TTPs American Express credit cards EXPOSED in third-party vendor data breach – account numbers and names among details accessed in hack LockBit 3.0’S

Spyware 93

Spyware Data breaches Hacking Ransomware 93

eSecurity Planet

APRIL 15, 2024

Employ robust password management techniques, two-factor authentication (2FA), and regular backups of essential data. April 8, 2024 Multiple Vulnerabilities Discovered in LG WebOS Smart TVs Type of vulnerability: Authorization bypass, privilege escalation, command injection. Looking for an alternative method for secure remote access?

Firewall 109

Firewall VPN Software Risk 109

Security Affairs

MAY 1, 2024

A new malware named Cuttlefish targets enterprise-grade and small office/home office (SOHO) routers to harvest public cloud authentication data. Cuttlefish has a modular structure, it was designed to primarily steal authentication data from web requests passing through the router from the local area network (LAN).

Malware 101

Malware DNS Authentication Telecommunications 101

eSecurity Planet

APRIL 1, 2024

March 22, 2024 Emergency Out-of-Band Windows Server Security Updates Type of vulnerability (or attack): Memory leak. When either on-premise or cloud-based Active Directory domain controllers process Kerberos authentication requests, the leak causes the LSASS process to stop responding and the domain controller will unexpectedly restart.

Authentication 109

Authentication Artificial Intelligence Software Cybersecurity 109

Security Affairs

MARCH 17, 2024

— vx-underground (@vxunderground) March 17, 2024 The researchers confirmed that the leaked data is legitimate, however, it is still unclear if the information was stolen from a third-party organization linked to AT&T. Regardless, upon review we can confirm the stolen data is legitimate. It was leaked online today.

Data breaches 137

Data breaches Hacking Authentication Internet 137

The Last Watchdog

FEBRUARY 21, 2024

According to DigiCert’s 2024 State of Digital Trust Survey results, released today , companies proactively pursuing digital trust are seeing boosts in revenue, innovation and productivity. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be. (LW

Energy and Utilities 289

Energy and Utilities IoT Healthcare Manufacturing 289

eSecurity Planet

JANUARY 29, 2024

January 19, 2024 Critical VMware vCenter Server Zero-Day Under Attack Since 2021 Type of vulnerability: Remote code execution (RCE) vulnerability. January 22, 2024 Apple Fixes 16 Vulnerabilities, Including Exploited Zero Days Type of vulnerability: A type confusion issue enables arbitrary code execution (ACE) attacks.

Software 111

Software Authentication CSO Accountability 111

Security Affairs

JANUARY 13, 2024

Akira ransomware targets Finnish organizations GitLab fixed a critical zero-click account hijacking flaw Juniper Networks fixed a critical RCE bug in its firewalls and switches Vast Voter Data Leaks Cast Shadow Over Indonesia ’s 2024 Presidential Election Researchers created a PoC for Apache OFBiz flaw CVE-2023-51467 Team Liquid’s wiki leak exposes (..)

VPN 114

VPN Cybercrime Ransomware Hacking 114

Security Affairs

MARCH 26, 2024

TheMoon variant discovered by the Black Lotus Labs team was observed targeting over 40,000 bots from 88 countries in January and February of 2024. Once the rules have been created, a thread connects to an NTP server from a roster of authentic NTP servers. ” reads the report published by Black Lotus Labs.

IoT 127

IoT Cybercrime Internet Internet 127

The Last Watchdog

NOVEMBER 12, 2023

Here are my takeaways: Matter picks up steam Frustration with smart home devices should be much reduced in 2024. Matter works much the way website authentication and website traffic encryption gets executed. DMARC is a robust email authentication protocol that has been around for more than a decade.

Manufacturing 276

Manufacturing Authentication Marketing Encryption 276

Security Affairs

FEBRUARY 7, 2024

JetBrains addressed a critical security vulnerability, tracked as CVE-2024-23917 (CVSS score 9.8) “The vulnerability may enable an unauthenticated attacker with HTTP(S) access to a TeamCity server to bypass authentication checks and gain administrative control of that TeamCity server.” ” reads the advisory.

Authentication 107

Authentication Software Internet Internet 107

The Security Ledger

MAY 2, 2024

By high school, Jim had thrown himself into the nascent Internet: launching one of the biggest BBS-es (bulletin board systems) in Georgia – a community that was ultimately acquired by CompuServe, an early consumer-focused Internet service provider.

Cyber threats 52

Cyber threats Artificial Intelligence Threat Reports Technology 52

Security Affairs

MARCH 2, 2024

US CISA, the FBI, and MS-ISAC issued a joint CSA to warn of attacks involving Phobos ransomware variants observed as recently as February 2024 US CISA, the FBI, and MS-ISAC issued a joint cyber security advisory (CSA) to warn of attacks involving Phobos ransomware variants such as Backmydata , Devos, Eight, Elking, and Faust.

Ransomware 128

Ransomware Backups Healthcare Firewall 128

Security Affairs

MARCH 30, 2024

In March 2024, more than 70,000,000 records from an unspecified division of AT&T were leaked onto Breached forum, vx-underground researchers reported. In August 2021, the group asked $1 million for the entire database, or $200,000 for access, according to the RestorePrivacy website that examined a sample that appears authentic.

Data breaches 138

Data breaches Telecommunications Cybercrime Hacking 138

Security Affairs

MAY 2, 2024

They aim to exploit modular, internet-exposed Industrial Control Systems (ICS), targeting software components like human machine interfaces (HMIs). In early 2024, several U.S.-based The threat actors were observed using methods such as exploiting virtual network computing (VNC) remote access software and default passwords. .

Passwords 67

Passwords Internet Internet Software 67

Krebs on Security

APRIL 3, 2024

In January 2024, The Manipulaters pleaded with this author to unpublish previous stories about their work, claiming the group had turned over a new leaf and gone legitimate. 14, 2024, KrebsOnSecurity heard from the same bluebtcus@gmail.com address, apropos of nothing. Why you destroy our lifes? We never harm anyone. Please remove it.”

Phishing 214

Phishing Cybercrime Malware Advertising 214

Malwarebytes

JANUARY 19, 2024

Normally, the Directive requires those agencies to remediate internet-facing vulnerabilities on its catalog within 15 days, and all others within 25 days. The Citrix NetScaler vulnerabilities need to be patched by January 24, 2024. These issues only apply to customer-managed NetScaler ADC and NetScaler Gateway. out of 10.

Authentication 108

Authentication VPN Internet Internet 108

Malwarebytes

DECEMBER 15, 2023

Google has announced that it will start rolling its Chrome web browser’s new Tracking Protection feature from January of 2024. The Tracking Protection feature aims to disable third-party cookies completely in the second half of 2024. But other website features, like authentication and fraud prevention can also depend on them.

Technology 127

Technology Authentication Internet Internet 127