βThe 2024 Threat Landscape State of Play
https://blog.talosintelligence.com/the-2024-threat-landscape-state-of-play/
https://blog.talosintelligence.com/the-2024-threat-landscape-state-of-play/
Cisco Talos Blog
The 2024 Threat Landscape State of Play
Talos' Nick Biasini discusses the biggest shifts and trends in the threat landscape so far. We also focus on one state sponsored actor that has been particularly active this year, and talk about why defenders need to be paying closer attention to infostealers.
βRed Team vs. Blue Team: Strategies for Advanced Penetration Testing
https://medium.com/purple-team/red-team-vs-blue-team-strategies-for-advanced-penetration-testing-cc54d7c3e50a?source=rss----d208c28825c7---4
https://medium.com/purple-team/red-team-vs-blue-team-strategies-for-advanced-penetration-testing-cc54d7c3e50a?source=rss----d208c28825c7---4
Medium
Red Team vs. Blue Team: Strategies for Advanced Penetration Testing
As cybersecurity threats evolve in complexity and scale, the traditional approach to defending an organizationβs digital assets has becomeβ¦
βSonicWall SSLVPN access control flaw is now exploited in attacks
https://www.bleepingcomputer.com/news/security/sonicwall-sslvpn-access-control-flaw-is-now-exploited-in-attacks/
https://www.bleepingcomputer.com/news/security/sonicwall-sslvpn-access-control-flaw-is-now-exploited-in-attacks/
BleepingComputer
SonicWall SSLVPN access control flaw is now exploited in attacks
SonicWall is warning that a recently fixed access control flaw tracked as CVE-2024-40766 in SonicOS is now "potentially" exploited in attacks, urging admins to apply patches as soon as possible.
π1
βSpyAgent Android malware steals your crypto recovery phrases from images
https://www.bleepingcomputer.com/news/security/spyagent-android-malware-steals-your-crypto-recovery-phrases-from-images/
https://www.bleepingcomputer.com/news/security/spyagent-android-malware-steals-your-crypto-recovery-phrases-from-images/
BleepingComputer
SpyAgent Android malware steals your crypto recovery phrases from images
A new Android malware named SpyAgent uses optical character recognition (OCR) technology to steal cryptocurrency wallet recovery phrases from screenshots stored on the mobile device.
βMicrosoft Office 2024 to disable ActiveX controls by default
https://www.bleepingcomputer.com/news/microsoft/microsoft-office-2024-to-disable-activex-controls-by-default/
https://www.bleepingcomputer.com/news/microsoft/microsoft-office-2024-to-disable-activex-controls-by-default/
BleepingComputer
Microsoft Office 2024 to disable ActiveX controls by default
βAfter Office 2024 launches in October, Microsoft will disable ActiveX controls by default in Word, Excel, PowerPoint, and Visio client apps.
π1
βMajor Iranian IT vendor paying large ransom to resolve recent cyberattack
https://cyberscoop.com/iranian-it-vendor-ransom-cyberattack-banks/
https://cyberscoop.com/iranian-it-vendor-ransom-cyberattack-banks/
CyberScoop
Major Iranian IT vendor paying large ransom to resolve recent cyberattack
The company, Tosan, which provides IT services to 45% of the countryβs banks, has paid $561,000 worth of bitcoin so far.
βCar rental giant Avis discloses data breach impacting customers
https://www.bleepingcomputer.com/news/security/car-rental-giant-avis-discloses-data-breach-impacting-customers/
https://www.bleepingcomputer.com/news/security/car-rental-giant-avis-discloses-data-breach-impacting-customers/
BleepingComputer
Car rental giant Avis data breach impacts over 299,000 customers
American car rental giant Avis disclosed a data breach after attackers breached one of its business applications last month and stole customer personal information.
βTransport for London staff faces systems disruptions after cyberattack
https://www.bleepingcomputer.com/news/security/transport-for-london-staff-faces-systems-disruptions-after-cyberattack/
https://www.bleepingcomputer.com/news/security/transport-for-london-staff-faces-systems-disruptions-after-cyberattack/
BleepingComputer
Transport for London staff faces systems disruptions after cyberattack
βTransport for London, the city's public transportation agency, revealed today that its staff has limited access to systems and email due to measures implemented in response to a Sunday cyberattack.
βIntel officials expect more foreign influence efforts leading up to Election Day
https://cyberscoop.com/us-election-2024-information-operations-russia-china-iran-odni/
https://cyberscoop.com/us-election-2024-information-operations-russia-china-iran-odni/
CyberScoop
Intel officials expect more foreign influence efforts leading up to Election Day
U.S. officials said they expect Russia, Iran and China to increase the cadence of influence operations targeting voters over the final two months of this election cycle.
βTropic Trooper Expands Espionage to Middle East, Targets Human Rights Organizations
https://securityonline.info/tropic-trooper-expands-espionage-to-middle-east-targets-human-rights-organizations/
https://securityonline.info/tropic-trooper-expands-espionage-to-middle-east-targets-human-rights-organizations/
Cybersecurity News
Tropic Trooper Expands Espionage to Middle East, Targets Human Rights Organizations
Learn about Tropic Trooper, a cyber espionage group that has expanded its focus to the Middle East, targeting government entities.
βNetflix Phishing Scam: Even the Savviest Streamers Can Fall Victim
https://securityonline.info/netflix-phishing-scam-even-the-savviest-streamers-can-fall-victim/
https://securityonline.info/netflix-phishing-scam-even-the-savviest-streamers-can-fall-victim/
Cybersecurity News
Netflix Phishing Scam: Even the Savviest Streamers Can Fall Victim
Beware of Netflix phishing emails! Learn how cybercriminals impersonate Netflix to steal sensitive information and how to protect yourself.
βThe Supercar Phishing Kit: A Luxurious Trap for Your Microsoft 365 Credentials
https://securityonline.info/the-supercar-phishing-kit-a-luxurious-trap-for-your-microsoft-365-credentials/
https://securityonline.info/the-supercar-phishing-kit-a-luxurious-trap-for-your-microsoft-365-credentials/
Cybersecurity News
The Supercar Phishing Kit: A Luxurious Trap for Your Microsoft 365 Credentials
Uncover the sophistication of the Supercar Phishing Kit: a new level of phishing tactics targeting Microsoft 365 users.
βBabylon RAT Unleashed: Malaysian Politicians Under Cyber Siege
https://securityonline.info/babylon-rat-unleashed-malaysian-politicians-under-cyber-siege/
https://securityonline.info/babylon-rat-unleashed-malaysian-politicians-under-cyber-siege/
Cybersecurity News
Babylon RAT Unleashed: Malaysian Politicians Under Cyber Siege
Discover the powerful Babylon Remote Access Trojan (RAT) used in a cyber espionage campaign targeting political figures in Malaysia. Find out how it works and its impact.
βRed Hat Issues Critical Patch for Pulpcore Authentication Bypass Flaw (CVE-2024-7923)
https://securityonline.info/red-hat-issues-critical-patch-for-pulpcore-authentication-bypass-flaw-cve-2024-7923/
https://securityonline.info/red-hat-issues-critical-patch-for-pulpcore-authentication-bypass-flaw-cve-2024-7923/
Cybersecurity News
Red Hat Issues Critical Patch for Pulpcore Authentication Bypass Flaw (CVE-2024-7923)
Critical security advisory: Learn about CVE-2024-7923, an authentication bypass flaw in Red Hat Pulpcore affecting Satellite deployments.
βThreat Actors Exploit GeoServer Vulnerability CVE-2024-36401 to Launch Malware Campaigns
https://securityonline.info/threat-actors-exploit-geoserver-vulnerability-cve-2024-36401-to-launch-malware-campaigns/
https://securityonline.info/threat-actors-exploit-geoserver-vulnerability-cve-2024-36401-to-launch-malware-campaigns/
Cybersecurity News
Threat Actors Exploit GeoServer Vulnerability CVE-2024-36401 to Launch Malware Campaigns
Stay informed about the latest cybersecurity threat: SideWalk malware targeting critical vulnerability in GeoServer.
βCVE-2024-45076 (CVSS 9.9): Critical Flaw in IBM webMethods Integration Demand Immediate Action
https://securityonline.info/cve-2024-45076-cvss-9-9-critical-flaw-in-ibm-webmethods-integration-demand-immediate-action/
https://securityonline.info/cve-2024-45076-cvss-9-9-critical-flaw-in-ibm-webmethods-integration-demand-immediate-action/
Cybersecurity News
CVE-2024-45076 (CVSS 9.9): Critical Flaw in IBM webMethods Integration Demand Immediate Action
Critical security advisory: IBM webMethods Integration Server vulnerabilities revealed. Learn about CVE-2024-45076 and CVE-2024-45075 and their potential impact.
βSonicWall warns that SonicOS bug exploited in attacks
https://securityaffairs.com/168112/hacking/sonicwall-sonicos-bug-exploited.html
https://securityaffairs.com/168112/hacking/sonicwall-sonicos-bug-exploited.html
Security Affairs
SonicWall warns that SonicOS bug exploited in attacks
Recently fixed access control SonicOS flaw, tracked as CVE-2024-40766, is potentially exploited in attacks in the wild, SonicWall warns.
βCar rental company Avis discloses a data breach
https://securityaffairs.com/168119/data-breach/car-rental-giant-avis-discloses-data-breach.html
https://securityaffairs.com/168119/data-breach/car-rental-giant-avis-discloses-data-breach.html
Security Affairs
Car rental company Avis discloses a data breach
Car rental giant Avis disclosed a data breach that impacted one of its business applications in August compromising customers' personal information.
βA flaw in WordPress LiteSpeed Cache Plugin allows account takeover
https://securityaffairs.com/168145/security/litespeed-cache-plugin-wordpress-flaw.html
https://securityaffairs.com/168145/security/litespeed-cache-plugin-wordpress-flaw.html
Security Affairs
A flaw in WordPress LiteSpeed Cache Plugin allows account takeover
A critical flaw in the LiteSpeed Cache plugin for WordPress could allow unauthenticated users to take control of arbitrary accounts.
π₯2π1
βU.S. CISA adds Draytek VigorConnect and Kingsoft WPS Office bugs to its Known Exploited Vulnerabilities catalog
https://securityaffairs.com/168153/security/cisa-draytek-vigorconnect-kingsoft-wps-office-bugs-known-exploited-vulnerabilities-catalog.html
https://securityaffairs.com/168153/security/cisa-draytek-vigorconnect-kingsoft-wps-office-bugs-known-exploited-vulnerabilities-catalog.html
Security Affairs
U.S. CISA adds Draytek VigorConnect and Kingsoft WPS Office bugs to its Known Exploited Vulnerabilities catalog
U.S. CISA adds Draytek VigorConnect and Kingsoft WPS Office bugs to its Known Exploited Vulnerabilities catalog.
βCybercriminals Target LatAm Banks: Mekotio, BBTok Lead the Charge
https://securityonline.info/cybercriminals-target-latam-banks-mekotio-bbtok-lead-the-charge/
https://securityonline.info/cybercriminals-target-latam-banks-mekotio-bbtok-lead-the-charge/
Cybersecurity News
Cybercriminals Target LatAm Banks: Mekotio, BBTok Lead the Charge
Learn about the latest phishing tactics in Latin America and the reappearance of Mekotio, BBTok, and Grandoreiro banking Trojans.