Top Security News for 17/11/2023
How human-centric and self-healing security closes the great gap in cybersecurity
https://malware.news/t/how-human-centric-and-self-healing-security-closes-the-great-gap-in-cybersecurity/75781#post_1
Ukraine at D+670: GRU may be expanding its targeting.
https://thecyberwire.com/stories/ba12ab1185774c91a3c9dea8d33d9db4/ukraine-at-d670
I analyzed Stack Overflow for leaks
https://www.reddit.com/r/netsec/comments/17wqwgg/i_analyzed_stack_overflow_for_leaks/
CrushFTP - CVE-2023-43177 - Unauthenticated Root-Level RCE Chain
https://www.reddit.com/r/netsec/comments/17wokij/crushftp_cve202343177_unauthenticated_rootlevel/
ISC Stormcast For Friday, November 17th, 2023 https://isc.sans.edu/podcastdetail/8750, (Fri, Nov 17th)
https://isc.sans.edu/diary/rss/30410
JTAG 'Hacking' the Original Xbox in 2023
https://www.reddit.com/r/lowlevel/comments/17wwyhk/jtag_hacking_the_original_xbox_in_2023/
Zero-Day Flaw in Zimbra Email Software Exploited by Four Hacker Groups
https://thehackernews.com/2023/11/zero-day-flaw-in-zimbra-email-software.html
Experts Uncover DarkCasino: New Emerging APT Threat Exploiting WinRAR Flaw
https://thehackernews.com/2023/11/experts-uncover-darkcasino-new-emerging.html
Ongoing cyberattack against Denmark is country's largest ever
https://malware.news/t/ongoing-cyberattack-against-denmark-is-countrys-largest-ever/75779#post_1
How to Automate the Hardest Parts of Employee Offboarding
https://thehackernews.com/2023/11/how-to-automate-hardest-parts-of.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
How human-centric and self-healing security closes the great gap in cybersecurity
https://malware.news/t/how-human-centric-and-self-healing-security-closes-the-great-gap-in-cybersecurity/75781#post_1
Ukraine at D+670: GRU may be expanding its targeting.
https://thecyberwire.com/stories/ba12ab1185774c91a3c9dea8d33d9db4/ukraine-at-d670
I analyzed Stack Overflow for leaks
https://www.reddit.com/r/netsec/comments/17wqwgg/i_analyzed_stack_overflow_for_leaks/
CrushFTP - CVE-2023-43177 - Unauthenticated Root-Level RCE Chain
https://www.reddit.com/r/netsec/comments/17wokij/crushftp_cve202343177_unauthenticated_rootlevel/
ISC Stormcast For Friday, November 17th, 2023 https://isc.sans.edu/podcastdetail/8750, (Fri, Nov 17th)
https://isc.sans.edu/diary/rss/30410
JTAG 'Hacking' the Original Xbox in 2023
https://www.reddit.com/r/lowlevel/comments/17wwyhk/jtag_hacking_the_original_xbox_in_2023/
Zero-Day Flaw in Zimbra Email Software Exploited by Four Hacker Groups
https://thehackernews.com/2023/11/zero-day-flaw-in-zimbra-email-software.html
Experts Uncover DarkCasino: New Emerging APT Threat Exploiting WinRAR Flaw
https://thehackernews.com/2023/11/experts-uncover-darkcasino-new-emerging.html
Ongoing cyberattack against Denmark is country's largest ever
https://malware.news/t/ongoing-cyberattack-against-denmark-is-countrys-largest-ever/75779#post_1
How to Automate the Hardest Parts of Employee Offboarding
https://thehackernews.com/2023/11/how-to-automate-hardest-parts-of.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Analysis, News and Indicators
How human-centric and self-healing security closes the great gap in cybersecurity
Here’s how humans can better manage automation in ways that are truly productive. Article Link: How human-centric and self-healing security closes the great gap in cybersecurity | SC Media
Top Security News for 18/11/2023
FCC Enforces Stronger Rules to Protect Customers Against SIM Swapping Attacks
https://thehackernews.com/2023/11/fcc-enforces-stronger-rules-to-protect.html
Phishing page with trivial anti-analysis features, (Fri, Nov 17th)
https://isc.sans.edu/diary/rss/30412
Grey market and criminal-to-criminal offerings.
https://thecyberwire.com/newsletters/daily-briefing/12/220
7 Ways to Strike Balance Between Technical Debt and Security Posture in The World of Open Source
https://malware.news/t/7-ways-to-strike-balance-between-technical-debt-and-security-posture-in-the-world-of-open-source/75814#post_1
HavocC2 Exploit
https://www.reddit.com/r/netsec/comments/17x3kyt/havocc2_exploit/
HavocC2 Exploit
https://www.reddit.com/r/netsec/comments/17x3kyt/havocc2_exploit/
Russian Cyber Espionage Group Deploys LitterDrifter USB Worm in Targeted Attacks
https://thehackernews.com/2023/11/russian-cyber-espionage-group-deploys.html
The malicious YoroTrooper in disguise.
https://thecyberwire.com/podcasts/research-saturday/307/notes
DIALStranger: my research about DIAL protocol vulnerabilities is public after 4 years
https://www.reddit.com/r/netsec/comments/17xlehh/dialstranger_my_research_about_dial_protocol/
Ransomware gang files SEC complaint about victim
https://www.malwarebytes.com/blog/news/2023/11/ransomware-gang-files-sec-complaint-about-target
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
FCC Enforces Stronger Rules to Protect Customers Against SIM Swapping Attacks
https://thehackernews.com/2023/11/fcc-enforces-stronger-rules-to-protect.html
Phishing page with trivial anti-analysis features, (Fri, Nov 17th)
https://isc.sans.edu/diary/rss/30412
Grey market and criminal-to-criminal offerings.
https://thecyberwire.com/newsletters/daily-briefing/12/220
7 Ways to Strike Balance Between Technical Debt and Security Posture in The World of Open Source
https://malware.news/t/7-ways-to-strike-balance-between-technical-debt-and-security-posture-in-the-world-of-open-source/75814#post_1
HavocC2 Exploit
https://www.reddit.com/r/netsec/comments/17x3kyt/havocc2_exploit/
HavocC2 Exploit
https://www.reddit.com/r/netsec/comments/17x3kyt/havocc2_exploit/
Russian Cyber Espionage Group Deploys LitterDrifter USB Worm in Targeted Attacks
https://thehackernews.com/2023/11/russian-cyber-espionage-group-deploys.html
The malicious YoroTrooper in disguise.
https://thecyberwire.com/podcasts/research-saturday/307/notes
DIALStranger: my research about DIAL protocol vulnerabilities is public after 4 years
https://www.reddit.com/r/netsec/comments/17xlehh/dialstranger_my_research_about_dial_protocol/
Ransomware gang files SEC complaint about victim
https://www.malwarebytes.com/blog/news/2023/11/ransomware-gang-files-sec-complaint-about-target
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
SANS Internet Storm Center
Internet Storm Center Diary 2023-11-17 - SANS Internet Storm Center
Internet Storm Center Diary 2023-11-17, Author: Johannes Ullrich
Top Security News for 20/11/2023
8Base ransomware operators use a new variant of the Phobos ransomware
https://securityaffairs.com/154383/malware/8base-ransomware-phobos-ransomware.html
Mockingjay revisisted - Process stomping on an executable's RWX section and loading beacon with sRDI
https://www.reddit.com/r/netsec/comments/17yx1et/mockingjay_revisisted_process_stomping_on_an/
Overflowing Web Honeypot Logs, (Mon, Nov 20th)
https://malware.news/t/overflowing-web-honeypot-logs-mon-nov-20th/75821#post_1
Overflowing Web Honeypot Logs, (Mon, Nov 20th)
https://isc.sans.edu/diary/rss/30416
ALPHV/BlackCat reporting to the SEC could become the 'new normal' for ransomware operators
https://malware.news/t/alphv-blackcat-reporting-to-the-sec-could-become-the-new-normal-for-ransomware-operators/75826#post_1
Understanding Malware from the Inside
https://www.reddit.com/r/Malware/comments/17zb3b2/understanding_malware_from_the_inside/
Security Affairs newsletter Round 446 by Pierluigi Paganini – INTERNATIONAL EDITION
https://securityaffairs.com/154408/breaking-news/security-affairs-newsletter-round-446-by-pierluigi-paganini-international-edition.html
PikaBot Is Back With a Vengeance - Part 2
https://malware.news/t/pikabot-is-back-with-a-vengeance-part-2/75824#post_1
Building a Free Burp Collaborator with Cloudflare Workers
https://www.reddit.com/r/netsec/comments/17yoyc2/building_a_free_burp_collaborator_with_cloudflare/
CrowdStrike Extends AI Approach to Cybersecurity to SMBs
https://malware.news/t/crowdstrike-extends-ai-approach-to-cybersecurity-to-smbs/75823#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
8Base ransomware operators use a new variant of the Phobos ransomware
https://securityaffairs.com/154383/malware/8base-ransomware-phobos-ransomware.html
Mockingjay revisisted - Process stomping on an executable's RWX section and loading beacon with sRDI
https://www.reddit.com/r/netsec/comments/17yx1et/mockingjay_revisisted_process_stomping_on_an/
Overflowing Web Honeypot Logs, (Mon, Nov 20th)
https://malware.news/t/overflowing-web-honeypot-logs-mon-nov-20th/75821#post_1
Overflowing Web Honeypot Logs, (Mon, Nov 20th)
https://isc.sans.edu/diary/rss/30416
ALPHV/BlackCat reporting to the SEC could become the 'new normal' for ransomware operators
https://malware.news/t/alphv-blackcat-reporting-to-the-sec-could-become-the-new-normal-for-ransomware-operators/75826#post_1
Understanding Malware from the Inside
https://www.reddit.com/r/Malware/comments/17zb3b2/understanding_malware_from_the_inside/
Security Affairs newsletter Round 446 by Pierluigi Paganini – INTERNATIONAL EDITION
https://securityaffairs.com/154408/breaking-news/security-affairs-newsletter-round-446-by-pierluigi-paganini-international-edition.html
PikaBot Is Back With a Vengeance - Part 2
https://malware.news/t/pikabot-is-back-with-a-vengeance-part-2/75824#post_1
Building a Free Burp Collaborator with Cloudflare Workers
https://www.reddit.com/r/netsec/comments/17yoyc2/building_a_free_burp_collaborator_with_cloudflare/
CrowdStrike Extends AI Approach to Cybersecurity to SMBs
https://malware.news/t/crowdstrike-extends-ai-approach-to-cybersecurity-to-smbs/75823#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Security Affairs
8Base ransomware operators use a new variant of the Phobos ransomware
8Base ransomware operators were observed using a variant of the Phobos ransomware in a recent wave of attacks.
Top Security News for 21/11/2023
The dark side of Black Friday: decoding cyberthreats around the year’s biggest shopping season
https://securelist.com/black-friday-cyberthreat-report-2023/111076/
Commercial Flights Are Experiencing 'Unthinkable' GPS Attacks and Nobody Knows What to Do
https://www.vice.com/en_us/article/m7bk3v/commercial-flights-are-experiencing-unthinkable-gps-attacks-and-nobody-knows-what-to-do
Ukraine at D+674: FSB's LitterDrifter.
https://thecyberwire.com/stories/87d9604c2c214843b6a734cf3bc74b7d/ukraine-at-d674
Randstorm Exploit: Bitcoin Wallets Created b/w 2011-2015 Vulnerable to Hacking
https://thehackernews.com/2023/11/randstorm-exploit-bitcoin-wallets.html
Can I get some help in relation to interpreting a log/data
https://www.reddit.com/r/netsec/comments/1803knf/can_i_get_some_help_in_relation_to_interpreting_a/
Acting National Cyber Director appointed
https://malware.news/t/acting-national-cyber-director-appointed/75875#post_1
The dark side of Black Friday: decoding cyberthreats around the year’s biggest shopping season
https://securelist.com/black-friday-cyberthreat-report-2023/111076/
XWorm Malware: Exploring C&C Communication
https://malware.news/t/xworm-malware-exploring-c-c-communication/75882#post_1
DarkCasino joins the list of APT groups exploiting WinRAR zero-day
https://securityaffairs.com/154414/apt/darkcasino-apt-exploiting-winrar-0day.html
New anti-SIM swapping rules unveiled by FCC
https://malware.news/t/new-anti-sim-swapping-rules-unveiled-by-fcc/75877#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
The dark side of Black Friday: decoding cyberthreats around the year’s biggest shopping season
https://securelist.com/black-friday-cyberthreat-report-2023/111076/
Commercial Flights Are Experiencing 'Unthinkable' GPS Attacks and Nobody Knows What to Do
https://www.vice.com/en_us/article/m7bk3v/commercial-flights-are-experiencing-unthinkable-gps-attacks-and-nobody-knows-what-to-do
Ukraine at D+674: FSB's LitterDrifter.
https://thecyberwire.com/stories/87d9604c2c214843b6a734cf3bc74b7d/ukraine-at-d674
Randstorm Exploit: Bitcoin Wallets Created b/w 2011-2015 Vulnerable to Hacking
https://thehackernews.com/2023/11/randstorm-exploit-bitcoin-wallets.html
Can I get some help in relation to interpreting a log/data
https://www.reddit.com/r/netsec/comments/1803knf/can_i_get_some_help_in_relation_to_interpreting_a/
Acting National Cyber Director appointed
https://malware.news/t/acting-national-cyber-director-appointed/75875#post_1
The dark side of Black Friday: decoding cyberthreats around the year’s biggest shopping season
https://securelist.com/black-friday-cyberthreat-report-2023/111076/
XWorm Malware: Exploring C&C Communication
https://malware.news/t/xworm-malware-exploring-c-c-communication/75882#post_1
DarkCasino joins the list of APT groups exploiting WinRAR zero-day
https://securityaffairs.com/154414/apt/darkcasino-apt-exploiting-winrar-0day.html
New anti-SIM swapping rules unveiled by FCC
https://malware.news/t/new-anti-sim-swapping-rules-unveiled-by-fcc/75877#post_1
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Securelist
Black Friday threat report 2023
As Black Friday approaches, Kaspersky analyzes phishing and spam activity around major sales events, and reviews statistics on online shopping threats in 2023.
Top Security News for 22/11/2023
PyCript Burp Suite Extension v0.3 released
https://www.reddit.com/r/netsec/comments/180nt4f/pycript_burp_suite_extension_v03_released/
Kinsing Hackers Exploit Apache ActiveMQ Vulnerability to Deploy Linux Rootkits
https://thehackernews.com/2023/11/kinsing-hackers-exploit-apache-activemq.html
Nothing Chats pulled from Google Play
https://www.malwarebytes.com/blog/news/2023/11/nothing-chats-pulled-from-google-play
Atomic Stealer distributed to Mac users via fake browser updates
https://www.malwarebytes.com/blog/threat-intelligence/2023/11/atomic-stealer-distributed-to-mac-users-via-fake-browser-updates
MISP Platform Integration, CISO Spotlight, & Intel Briefing
https://thecyberwire.com/podcasts/rh-isac/40/notes
New Agent Tesla Malware Variant Using ZPAQ Compression in Email Attacks
https://thehackernews.com/2023/11/new-agent-tesla-malware-variant-using.html
CISA issues joint Cybersecurity Advisory on Citrix Bleed.
https://thecyberwire.com/stories/9e8a4e04f63f4219b6deef5725055093/cisa-issues-joint-cybersecurity-advisory-on-citrix-bleed
The Ticking Supply Chain Attack Bomb of Exposed Kubernetes Secrets
https://www.reddit.com/r/netsec/comments/180grhr/the_ticking_supply_chain_attack_bomb_of_exposed/
ARM64 Reversing And Exploitation Part 9 – Exploiting an Off by One Overflow Vulnerability
https://malware.news/t/arm64-reversing-and-exploitation-part-9-exploiting-an-off-by-one-overflow-vulnerability/75930#post_1
Private and Secure Windows
https://www.reddit.com/r/netsec/comments/180gl33/private_and_secure_windows/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
PyCript Burp Suite Extension v0.3 released
https://www.reddit.com/r/netsec/comments/180nt4f/pycript_burp_suite_extension_v03_released/
Kinsing Hackers Exploit Apache ActiveMQ Vulnerability to Deploy Linux Rootkits
https://thehackernews.com/2023/11/kinsing-hackers-exploit-apache-activemq.html
Nothing Chats pulled from Google Play
https://www.malwarebytes.com/blog/news/2023/11/nothing-chats-pulled-from-google-play
Atomic Stealer distributed to Mac users via fake browser updates
https://www.malwarebytes.com/blog/threat-intelligence/2023/11/atomic-stealer-distributed-to-mac-users-via-fake-browser-updates
MISP Platform Integration, CISO Spotlight, & Intel Briefing
https://thecyberwire.com/podcasts/rh-isac/40/notes
New Agent Tesla Malware Variant Using ZPAQ Compression in Email Attacks
https://thehackernews.com/2023/11/new-agent-tesla-malware-variant-using.html
CISA issues joint Cybersecurity Advisory on Citrix Bleed.
https://thecyberwire.com/stories/9e8a4e04f63f4219b6deef5725055093/cisa-issues-joint-cybersecurity-advisory-on-citrix-bleed
The Ticking Supply Chain Attack Bomb of Exposed Kubernetes Secrets
https://www.reddit.com/r/netsec/comments/180grhr/the_ticking_supply_chain_attack_bomb_of_exposed/
ARM64 Reversing And Exploitation Part 9 – Exploiting an Off by One Overflow Vulnerability
https://malware.news/t/arm64-reversing-and-exploitation-part-9-exploiting-an-off-by-one-overflow-vulnerability/75930#post_1
Private and Secure Windows
https://www.reddit.com/r/netsec/comments/180gl33/private_and_secure_windows/
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: PyCript Burp Suite Extension v0.3 released
Explore this post and more from the netsec community
Top Security News for 23/11/2023
Malware Killed for " (deleted)" binary
https://0x00sec.org/t/malware-killed-for-deleted-binary/38022
Kinsing Malware Exploits Critical Apache ActiveMQ Flaw To Mine Crypto
https://packetstormsecurity.com/news/view/35223/Kinsing-Malware-Exploits-Critical-Apache-ActiveMQ-Flaw-To-Mine-Crypto.html
Gazans Are Trying to Stay Online Under Siege. New Tech Is Struggling to Help.
https://www.vice.com/en_us/article/5d9qwz/gaza-israel-esims
Ukraine at D+676: Ukraine's infantry attacks east of the Dnipro.
https://thecyberwire.com/stories/ae0dc1c7863c46ceb4aa32a92dbc61a8/ukraine-at-d676
HrServ – Previously unknown web shell used in APT attack
https://securelist.com/hrserv-apt-web-shell/111119/
Pentesting Azure Mindmap
https://www.reddit.com/r/netsec/comments/1817z0i/pentesting_azure_mindmap/
HrServ – Previously unknown web shell used in APT attack
https://securelist.com/hrserv-apt-web-shell/111119/
IPSec Analysis (X-Post from /r/malware)
https://www.reddit.com/r/netsec/comments/181b9if/ipsec_analysis_xpost_from_rmalware/
Diamond Sleet supply chain compromise distributes a modified CyberLink installer
https://www.reddit.com/r/netsec/comments/181fc11/diamond_sleet_supply_chain_compromise_distributes/
AI Solutions Are the New Shadow IT
https://thehackernews.com/2023/11/ai-solutions-are-new-shadow-it.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
Malware Killed for " (deleted)" binary
https://0x00sec.org/t/malware-killed-for-deleted-binary/38022
Kinsing Malware Exploits Critical Apache ActiveMQ Flaw To Mine Crypto
https://packetstormsecurity.com/news/view/35223/Kinsing-Malware-Exploits-Critical-Apache-ActiveMQ-Flaw-To-Mine-Crypto.html
Gazans Are Trying to Stay Online Under Siege. New Tech Is Struggling to Help.
https://www.vice.com/en_us/article/5d9qwz/gaza-israel-esims
Ukraine at D+676: Ukraine's infantry attacks east of the Dnipro.
https://thecyberwire.com/stories/ae0dc1c7863c46ceb4aa32a92dbc61a8/ukraine-at-d676
HrServ – Previously unknown web shell used in APT attack
https://securelist.com/hrserv-apt-web-shell/111119/
Pentesting Azure Mindmap
https://www.reddit.com/r/netsec/comments/1817z0i/pentesting_azure_mindmap/
HrServ – Previously unknown web shell used in APT attack
https://securelist.com/hrserv-apt-web-shell/111119/
IPSec Analysis (X-Post from /r/malware)
https://www.reddit.com/r/netsec/comments/181b9if/ipsec_analysis_xpost_from_rmalware/
Diamond Sleet supply chain compromise distributes a modified CyberLink installer
https://www.reddit.com/r/netsec/comments/181fc11/diamond_sleet_supply_chain_compromise_distributes/
AI Solutions Are the New Shadow IT
https://thehackernews.com/2023/11/ai-solutions-are-new-shadow-it.html
Follow Top Cyber News at https://t.me/TopCyberTechNews
Feel free to DM me at https://twitter.com/ShayaFeedman
❤4
Top Security News for February 19, 2025
Join us for the end-to-end Microsoft RSAC 2025 Conference experience
https://www.microsoft.com/en-us/security/blog/2025/02/18/join-us-for-the-end-to-end-microsoft-rsac-2025-conference-experience/
Spam and phishing in 2024
https://securelist.com/spam-and-phishing-report-2024/115536/
Trojanized Game Installers Deploy Cryptocurrency Miner in Large-Scale StaryDobry Attack
https://thehackernews.com/2025/02/trojanized-game-installers-deploy.html
XWorm Cocktail: A Mix of PE data with PowerShell Code
https://isc.sans.edu/diary/rss/31700
U.S. CISA adds SonicWall SonicOS and Palo Alto PAN-OS flaws to its Known Exploited Vulnerabilities catalog
https://securityaffairs.com/174375/security/u-s-cisa-adds-sonicwall-sonicos-and-palo-alto-pan-os-flaws-to-its-known-exploited-vulnerabilities-catalog.html
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Join us for the end-to-end Microsoft RSAC 2025 Conference experience
https://www.microsoft.com/en-us/security/blog/2025/02/18/join-us-for-the-end-to-end-microsoft-rsac-2025-conference-experience/
Spam and phishing in 2024
https://securelist.com/spam-and-phishing-report-2024/115536/
Trojanized Game Installers Deploy Cryptocurrency Miner in Large-Scale StaryDobry Attack
https://thehackernews.com/2025/02/trojanized-game-installers-deploy.html
XWorm Cocktail: A Mix of PE data with PowerShell Code
https://isc.sans.edu/diary/rss/31700
U.S. CISA adds SonicWall SonicOS and Palo Alto PAN-OS flaws to its Known Exploited Vulnerabilities catalog
https://securityaffairs.com/174375/security/u-s-cisa-adds-sonicwall-sonicos-and-palo-alto-pan-os-flaws-to-its-known-exploited-vulnerabilities-catalog.html
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Microsoft News
Join us for the end-to-end Microsoft RSAC 2025 Conference experience
Join Microsoft at RSAC 2025, where we will showcase end-to-end security designed to help organizations accelerate the secure adoption of AI.
Top Security News for October 23, 2023
Ivanti Endpoint Manager Credential Coercion Vulnerabilities Deep-Dive
https://www.reddit.com/r/netsec/comments/1it4l97/ivanti_endpoint_manager_credential_coercion/
Reinventing PowerShell in C/C++
https://www.reddit.com/r/netsec/comments/1it1knv/reinventing_powershell_in_cc/
Credential theft puts sensitive corporate and military networks at risk.
https://thecyberwire.com/newsletters/daily-briefing/14/32
Microsoft is named a Leader in the 2025 Gartner® Magic Quadrant™ for cyber-physical systems protection platforms
https://www.microsoft.com/en-us/security/blog/2025/02/19/microsoft-is-named-a-leader-in-the-2025-gartner-magic-quadrant-for-cyber-physical-systems-protection-platforms/
Achieving RCE in famous Japanese chat tool with an obsolete Electron feature
https://www.reddit.com/r/netsec/comments/1it7p4j/achieving_rce_in_famous_japanese_chat_tool_with/
Hackers Exploit Signal's Linked Devices Feature to Hijack Accounts via Malicious QR Codes
https://thehackernews.com/2025/02/hackers-exploit-signals-linked-devices.html
CyberArk acquires Zilla. Tines secures $125 million in Series C round.
https://thecyberwire.com/newsletters/business-briefing/7/7
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Ivanti Endpoint Manager Credential Coercion Vulnerabilities Deep-Dive
https://www.reddit.com/r/netsec/comments/1it4l97/ivanti_endpoint_manager_credential_coercion/
Reinventing PowerShell in C/C++
https://www.reddit.com/r/netsec/comments/1it1knv/reinventing_powershell_in_cc/
Credential theft puts sensitive corporate and military networks at risk.
https://thecyberwire.com/newsletters/daily-briefing/14/32
Microsoft is named a Leader in the 2025 Gartner® Magic Quadrant™ for cyber-physical systems protection platforms
https://www.microsoft.com/en-us/security/blog/2025/02/19/microsoft-is-named-a-leader-in-the-2025-gartner-magic-quadrant-for-cyber-physical-systems-protection-platforms/
Achieving RCE in famous Japanese chat tool with an obsolete Electron feature
https://www.reddit.com/r/netsec/comments/1it7p4j/achieving_rce_in_famous_japanese_chat_tool_with/
Hackers Exploit Signal's Linked Devices Feature to Hijack Accounts via Malicious QR Codes
https://thehackernews.com/2025/02/hackers-exploit-signals-linked-devices.html
CyberArk acquires Zilla. Tines secures $125 million in Series C round.
https://thecyberwire.com/newsletters/business-briefing/7/7
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: Ivanti Endpoint Manager Credential Coercion Vulnerabilities Deep-Dive
Explore this post and more from the netsec community
Top Security News for February 20, 2025
PCI DSS 4.0 Mandates DMARC By 31st March 2025
https://thehackernews.com/2025/02/pci-dss-40-mandates-dmarc-by-31st-march.html
Cybercriminals Use Eclipse Jarsigner to Deploy XLoader Malware via ZIP Archives
https://thehackernews.com/2025/02/cybercriminals-use-eclipse-jarsigner-to.html
Chinese-Linked Attackers Exploit Check Point Flaw to Deploy ShadowPad and Ransomware
https://thehackernews.com/2025/02/chinese-linked-attackers-exploit-check.html
RANsacked: Over 100 Security Flaws Found in LTE/5G Network Implementations
https://www.reddit.com/r/netsec/comments/1itt6y4/ransacked_over_100_security_flaws_found_in_lte5g/
North Korean Hackers Target Freelance Developers in Job Scam to Deploy Malware
https://thehackernews.com/2025/02/north-korean-hackers-target-freelance.html
The Cat and Mouse Game: Exploiting Statistical Weaknesses in Human Interaction Anti-Evasions
https://research.checkpoint.com/2025/the-cat-and-mouse-game-exploiting-statistical-weaknesses-in-human-interaction-anti-evasions/
Microsoft at Legalweek: Help safeguard your AI future with Microsoft Purview
https://www.microsoft.com/en-us/security/blog/2025/02/20/microsoft-at-legalweek-help-safeguard-your-ai-future-with-microsoft-purview/
CISA and FBI issue advisory on the Ghost ransomware.
https://thecyberwire.com/newsletters/daily-briefing/14/33
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
PCI DSS 4.0 Mandates DMARC By 31st March 2025
https://thehackernews.com/2025/02/pci-dss-40-mandates-dmarc-by-31st-march.html
Cybercriminals Use Eclipse Jarsigner to Deploy XLoader Malware via ZIP Archives
https://thehackernews.com/2025/02/cybercriminals-use-eclipse-jarsigner-to.html
Chinese-Linked Attackers Exploit Check Point Flaw to Deploy ShadowPad and Ransomware
https://thehackernews.com/2025/02/chinese-linked-attackers-exploit-check.html
RANsacked: Over 100 Security Flaws Found in LTE/5G Network Implementations
https://www.reddit.com/r/netsec/comments/1itt6y4/ransacked_over_100_security_flaws_found_in_lte5g/
North Korean Hackers Target Freelance Developers in Job Scam to Deploy Malware
https://thehackernews.com/2025/02/north-korean-hackers-target-freelance.html
The Cat and Mouse Game: Exploiting Statistical Weaknesses in Human Interaction Anti-Evasions
https://research.checkpoint.com/2025/the-cat-and-mouse-game-exploiting-statistical-weaknesses-in-human-interaction-anti-evasions/
Microsoft at Legalweek: Help safeguard your AI future with Microsoft Purview
https://www.microsoft.com/en-us/security/blog/2025/02/20/microsoft-at-legalweek-help-safeguard-your-ai-future-with-microsoft-purview/
CISA and FBI issue advisory on the Ghost ransomware.
https://thecyberwire.com/newsletters/daily-briefing/14/33
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: RANsacked: Over 100 Security Flaws Found in LTE/5G Network Implementations
Posted by dukeofmola - 85 votes and 5 comments
Top Security News for February 21, 2025
AI-Powered Deception is a Menace to Our Societies
https://thehackernews.com/2025/02/ai-powered-deception-is-menace-to-our.html
Webinar: Learn How to Identify High-Risk Identity Gaps and Slash Security Debt in 2025
https://thehackernews.com/2025/02/webinar-learn-how-to-identify-high-risk.html
Cybercriminals Can Now Clone Any Brand’s Site in Minutes Using Darcula PhaaS v3
https://thehackernews.com/2025/02/cybercriminals-can-now-clone-any-brands.html
Apple Removes Advanced Data Protection Tool After UK Government Request
https://www.theguardian.com/technology/2025/feb/21/apple-removes-advanced-data-protection-tool-uk-government
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
AI-Powered Deception is a Menace to Our Societies
https://thehackernews.com/2025/02/ai-powered-deception-is-menace-to-our.html
Webinar: Learn How to Identify High-Risk Identity Gaps and Slash Security Debt in 2025
https://thehackernews.com/2025/02/webinar-learn-how-to-identify-high-risk.html
Cybercriminals Can Now Clone Any Brand’s Site in Minutes Using Darcula PhaaS v3
https://thehackernews.com/2025/02/cybercriminals-can-now-clone-any-brands.html
Apple Removes Advanced Data Protection Tool After UK Government Request
https://www.theguardian.com/technology/2025/feb/21/apple-removes-advanced-data-protection-tool-uk-government
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
the Guardian
Apple removes advanced data protection tool in face of UK government request
Apple says removal of tool after government asked for right to see data will make iCloud users more vulnerable
Top Security News for October 16, 2023
Apple removes iCloud encryption in UK following backdoor demand
https://securityaffairs.com/174500/security/apple-removes-icloud-encryption-in-uk.html
‘The bot asked me four times a day how I was feeling’: is tracking everything actually good for us?
https://www.theguardian.com/lifeandstyle/2025/feb/22/the-bot-asked-me-four-times-a-day-how-i-was-feeling-is-tracking-everything-actually-good-for-us
Lazarus APT stole $1.5B from Bybit, it is the largest cryptocurrency heist ever
https://securityaffairs.com/174514/cyber-crime/lazarus-stole-1-5b-from-bybit-cryptocurrency-heist.html
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Apple removes iCloud encryption in UK following backdoor demand
https://securityaffairs.com/174500/security/apple-removes-icloud-encryption-in-uk.html
‘The bot asked me four times a day how I was feeling’: is tracking everything actually good for us?
https://www.theguardian.com/lifeandstyle/2025/feb/22/the-bot-asked-me-four-times-a-day-how-i-was-feeling-is-tracking-everything-actually-good-for-us
Lazarus APT stole $1.5B from Bybit, it is the largest cryptocurrency heist ever
https://securityaffairs.com/174514/cyber-crime/lazarus-stole-1-5b-from-bybit-cryptocurrency-heist.html
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Security Affairs
Apple removes iCloud encryption in UK following backdoor demand
Apple removed iCloud’s Advanced Data Protection in the UK after the government requested encryption backdoor access.
Top Security News for October 23, 2023
Wireshark 4.4.4 Released
https://isc.sans.edu/diary/31712
Security Affairs newsletter Round 512 by Pierluigi Paganini – INTERNATIONAL EDITION
https://securityaffairs.com/174529/breaking-news/security-affairs-newsletter-round-512-by-pierluigi-paganini-international-edition.html
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 34
https://securityaffairs.com/174534/uncategorized/security-affairs-malware-newsletter-round-34.html
U.S. CISA adds Microsoft Power Pages flaw to its Known Exploited Vulnerabilities catalog
https://securityaffairs.com/174541/hacking/u-s-cisa-adds-microsoft-power-pages-flaw-known-exploited-vulnerabilities-catalog.html
The Bybit Incident: When Research Meets Reality
https://research.checkpoint.com/2025/the-bybit-incident-when-research-meets-reality/
Three questions about Apple, encryption, and the U.K.
https://www.reddit.com/r/netsec/comments/1iwj0vs/three_questions_about_apple_encryption_and_the_uk/
What's new in LKRG? Interview about the project
https://www.reddit.com/r/netsec/comments/1iwl6gg/whats_new_in_lkrg_interview_about_the_project/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Wireshark 4.4.4 Released
https://isc.sans.edu/diary/31712
Security Affairs newsletter Round 512 by Pierluigi Paganini – INTERNATIONAL EDITION
https://securityaffairs.com/174529/breaking-news/security-affairs-newsletter-round-512-by-pierluigi-paganini-international-edition.html
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 34
https://securityaffairs.com/174534/uncategorized/security-affairs-malware-newsletter-round-34.html
U.S. CISA adds Microsoft Power Pages flaw to its Known Exploited Vulnerabilities catalog
https://securityaffairs.com/174541/hacking/u-s-cisa-adds-microsoft-power-pages-flaw-known-exploited-vulnerabilities-catalog.html
The Bybit Incident: When Research Meets Reality
https://research.checkpoint.com/2025/the-bybit-incident-when-research-meets-reality/
Three questions about Apple, encryption, and the U.K.
https://www.reddit.com/r/netsec/comments/1iwj0vs/three_questions_about_apple_encryption_and_the_uk/
What's new in LKRG? Interview about the project
https://www.reddit.com/r/netsec/comments/1iwl6gg/whats_new_in_lkrg_interview_about_the_project/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
SANS Internet Storm Center
Wireshark 4.4.4 Released - SANS Internet Storm Center
Wireshark 4.4.4 Released, Author: Didier Stevens
Top Security News for February 24, 2025
THN Weekly Recap: From $1.5B Crypto Heist to AI Misuse & Apple’s Data Dilemma
https://thehackernews.com/2025/02/thn-weekly-recap-from-15b-crypto-heist.html
Becoming Ransomware Ready: Why Continuous Validation Is Your Best Defense
https://thehackernews.com/2025/02/becoming-ransomware-ready-why.html
Google Cloud KMS Adds Quantum-Safe Digital Signatures to Defend Against Future Threats
https://thehackernews.com/2025/02/google-cloud-kms-adds-quantum-safe.html
Silent Killers: Unmasking a Large-Scale Legacy Driver Exploitation Campaign
https://research.checkpoint.com/2025/large-scale-exploitation-of-legacy-driver/
Over 35,000 Websites Targeted in Full-Page Hijack Linking to a Chinese-Language Gambling Scam
https://www.reddit.com/r/netsec/comments/1ix2csa/over_35000_websites_targeted_in_fullpage_hijack/
Exposing Shadow AI Agents: How We Extracted Financial Data from Billion-Dollar Companies
https://www.reddit.com/r/netsec/comments/1ix3p40/exposing_shadow_ai_agents_how_we_extracted/
Tearing Down (Sonic)Walls: Decrypting SonicOSX Firmware
https://bishopfox.com/blog/sonicwall-decrypting-sonicosx-firmware
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
THN Weekly Recap: From $1.5B Crypto Heist to AI Misuse & Apple’s Data Dilemma
https://thehackernews.com/2025/02/thn-weekly-recap-from-15b-crypto-heist.html
Becoming Ransomware Ready: Why Continuous Validation Is Your Best Defense
https://thehackernews.com/2025/02/becoming-ransomware-ready-why.html
Google Cloud KMS Adds Quantum-Safe Digital Signatures to Defend Against Future Threats
https://thehackernews.com/2025/02/google-cloud-kms-adds-quantum-safe.html
Silent Killers: Unmasking a Large-Scale Legacy Driver Exploitation Campaign
https://research.checkpoint.com/2025/large-scale-exploitation-of-legacy-driver/
Over 35,000 Websites Targeted in Full-Page Hijack Linking to a Chinese-Language Gambling Scam
https://www.reddit.com/r/netsec/comments/1ix2csa/over_35000_websites_targeted_in_fullpage_hijack/
Exposing Shadow AI Agents: How We Extracted Financial Data from Billion-Dollar Companies
https://www.reddit.com/r/netsec/comments/1ix3p40/exposing_shadow_ai_agents_how_we_extracted/
Tearing Down (Sonic)Walls: Decrypting SonicOSX Firmware
https://bishopfox.com/blog/sonicwall-decrypting-sonicosx-firmware
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Check Point Research
Silent Killers: Unmasking a Large-Scale Legacy Driver Exploitation Campaign - Check Point Research
Highlights Introduction While the abuse of vulnerable drivers has been around for a while, those that can terminate arbitrary processes have drawn increasing attention in recent years. As Windows security continues to evolve, it has become more challenging…
Top Security News for October 30, 2023
Caller ID Spoofing: The Invisible Threat to Phone Security and How to Combat It
https://www.reddit.com/r/netsec/comments/1ixpnm8/caller_id_spoofing_the_invisible_threat_to_phone/
2,500+ Truesight.sys Driver Variants Exploited to Bypass EDR and Deploy HiddenGh0st RAT
https://thehackernews.com/2025/02/2500-truesightsys-driver-variants.html
5 Active Malware Campaigns in Q1 2025
https://thehackernews.com/2025/02/5-active-malware-campaigns-in-q1-2025.html
GitVenom Malware Steals $456K in Bitcoin Using Fake GitHub Projects to Hijack Wallets
https://thehackernews.com/2025/02/gitvenom-malware-steals-456k-in-bitcoin.html
Streamlining Vulnerability Research with IDA Pro and Rust
https://www.reddit.com/r/netsec/comments/1ixoklw/streamlining_vulnerability_research_with_ida_pro/
PortSwigger and SAP Forge Strategic Partnership to Enhance Enterprise Web Security
https://portswigger.net/blog/portswigger-and-sap-forge-strategic-partnership-to-enhance-enterprise-web-security
Orange Group Confirms Breach After Hacker Posts Alleged Stolen Data
https://www.thecyberwire.com/newsletters/daily-briefing/14/36
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Caller ID Spoofing: The Invisible Threat to Phone Security and How to Combat It
https://www.reddit.com/r/netsec/comments/1ixpnm8/caller_id_spoofing_the_invisible_threat_to_phone/
2,500+ Truesight.sys Driver Variants Exploited to Bypass EDR and Deploy HiddenGh0st RAT
https://thehackernews.com/2025/02/2500-truesightsys-driver-variants.html
5 Active Malware Campaigns in Q1 2025
https://thehackernews.com/2025/02/5-active-malware-campaigns-in-q1-2025.html
GitVenom Malware Steals $456K in Bitcoin Using Fake GitHub Projects to Hijack Wallets
https://thehackernews.com/2025/02/gitvenom-malware-steals-456k-in-bitcoin.html
Streamlining Vulnerability Research with IDA Pro and Rust
https://www.reddit.com/r/netsec/comments/1ixoklw/streamlining_vulnerability_research_with_ida_pro/
PortSwigger and SAP Forge Strategic Partnership to Enhance Enterprise Web Security
https://portswigger.net/blog/portswigger-and-sap-forge-strategic-partnership-to-enhance-enterprise-web-security
Orange Group Confirms Breach After Hacker Posts Alleged Stolen Data
https://www.thecyberwire.com/newsletters/daily-briefing/14/36
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: Caller ID Spoofing: The Invisible Threat to Phone Security and How to Combat It
Posted by s3yfullah - 6 votes and 0 comments
Top Security News for February 25, 2025
The Best Security Is When We All Agree To Keep Everything Secret (Except The Secrets) - NAKIVO Backup & Replication (CVE-2024-48248)
https://www.reddit.com/r/netsec/comments/1iykzuc/the_best_security_is_when_we_all_agree_to_keep/
Malicious PyPI Package "automslc" Enables 104K+ Unauthorized Deezer Music Downloads
https://thehackernews.com/2025/02/malicious-pypi-package-automslc-enables.html
SOC 3.0 - The Evolution of the SOC and How AI is Empowering Human Talent
https://thehackernews.com/2025/02/soc-30-evolution-of-soc-and-how-ai-is.html
New Linux Malware ‘Auto-Color’ Grants Hackers Full Remote Access to Compromised Systems
https://thehackernews.com/2025/02/new-linux-malware-auto-color-grants.html
CERT-UA Warns of UAC-0173 Attacks Deploying DCRat to Compromise Ukrainian Notaries
https://thehackernews.com/2025/02/cert-ua-warns-of-uac-0173-attacks.html
Three Password Cracking Techniques and How to Defend Against Them
https://thehackernews.com/2025/02/three-password-cracking-techniques-and.html
Kubernetes Golden Tickets
https://www.reddit.com/r/netsec/comments/1iyn5m4/kubernetes_golden_tickets/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
The Best Security Is When We All Agree To Keep Everything Secret (Except The Secrets) - NAKIVO Backup & Replication (CVE-2024-48248)
https://www.reddit.com/r/netsec/comments/1iykzuc/the_best_security_is_when_we_all_agree_to_keep/
Malicious PyPI Package "automslc" Enables 104K+ Unauthorized Deezer Music Downloads
https://thehackernews.com/2025/02/malicious-pypi-package-automslc-enables.html
SOC 3.0 - The Evolution of the SOC and How AI is Empowering Human Talent
https://thehackernews.com/2025/02/soc-30-evolution-of-soc-and-how-ai-is.html
New Linux Malware ‘Auto-Color’ Grants Hackers Full Remote Access to Compromised Systems
https://thehackernews.com/2025/02/new-linux-malware-auto-color-grants.html
CERT-UA Warns of UAC-0173 Attacks Deploying DCRat to Compromise Ukrainian Notaries
https://thehackernews.com/2025/02/cert-ua-warns-of-uac-0173-attacks.html
Three Password Cracking Techniques and How to Defend Against Them
https://thehackernews.com/2025/02/three-password-cracking-techniques-and.html
Kubernetes Golden Tickets
https://www.reddit.com/r/netsec/comments/1iyn5m4/kubernetes_golden_tickets/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: The Best Security Is When We All Agree To Keep Everything Secret (Except The Secrets) - NAKIVO…
Explore this post and more from the netsec community
Top Security News for February 21, 2025
Malicious Chrome extensions infected over 3.2 million users worldwide.
https://www.reddit.com/r/netsec/comments/1izcoti/16_malicious_chrome_extensions_infected_over_32/
Space Pirates Targets Russian IT Firms With New LuckyStrike Agent Malware
https://thehackernews.com/2025/02/space-pirates-targets-russian-it-firms.html
New TgToxic Banking Trojan Variant Evolves with Anti-Analysis Upgrades
https://thehackernews.com/2025/02/new-tgtoxic-banking-trojan-variant.html
89% of Enterprise GenAI Usage Is Invisible to Organizations Exposing Critical Security Risks, New Report Reveals
https://thehackernews.com/2025/02/89-of-enterprise-genai-usage-is.html
Modern Approach to Attributing Hacktivist Groups
https://research.checkpoint.com/2025/modern-approach-to-attributing-hacktivist-groups/
Research: Using Stylometry & Topic Modeling to Attribute State-Sponsored Hacktivist Groups
https://www.reddit.com/r/netsec/comments/1izgnfx/research_using_stylometry_topic_modeling_to/
Silver Fox APT Uses Winos 4.0 Malware in Cyber Attacks Against Taiwanese Organizations
https://thehackernews.com/2025/02/silver-fox-apt-uses-winos-40-malware-in.html
FBI attributes $1.5 billion Bybit hack to DPRK hackers.
https://thecyberwire.com/newsletters/daily-briefing/14/3816
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Malicious Chrome extensions infected over 3.2 million users worldwide.
https://www.reddit.com/r/netsec/comments/1izcoti/16_malicious_chrome_extensions_infected_over_32/
Space Pirates Targets Russian IT Firms With New LuckyStrike Agent Malware
https://thehackernews.com/2025/02/space-pirates-targets-russian-it-firms.html
New TgToxic Banking Trojan Variant Evolves with Anti-Analysis Upgrades
https://thehackernews.com/2025/02/new-tgtoxic-banking-trojan-variant.html
89% of Enterprise GenAI Usage Is Invisible to Organizations Exposing Critical Security Risks, New Report Reveals
https://thehackernews.com/2025/02/89-of-enterprise-genai-usage-is.html
Modern Approach to Attributing Hacktivist Groups
https://research.checkpoint.com/2025/modern-approach-to-attributing-hacktivist-groups/
Research: Using Stylometry & Topic Modeling to Attribute State-Sponsored Hacktivist Groups
https://www.reddit.com/r/netsec/comments/1izgnfx/research_using_stylometry_topic_modeling_to/
Silver Fox APT Uses Winos 4.0 Malware in Cyber Attacks Against Taiwanese Organizations
https://thehackernews.com/2025/02/silver-fox-apt-uses-winos-40-malware-in.html
FBI attributes $1.5 billion Bybit hack to DPRK hackers.
https://thecyberwire.com/newsletters/daily-briefing/14/3816
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: 16 Malicious Chrome extensions infected over 3.2 mln users worldwide.
Posted by Incogni_hi - 232 votes and 41 comments
Top Security News for February 2025
Microsoft Exposes LLMjacking Cybercriminals Behind Azure AI Abuse Scheme
https://thehackernews.com/2025/02/microsoft-exposes-llmjacking.html
Cisco Fixed Command Injection and DoS Flaws in Nexus Switches
https://securityaffairs.com/174753/security/cisco-fixed-command-injection-and-dos-flaws-in-nexus-switches.html
Bypass AMSI in 2025
https://www.reddit.com/r/netsec/comments/1j07zpp/bypass_amsi_in_2025/
Behavior Models, Temperature Tweaks, and Safety Battles
https://thecyberwire.com/podcasts/the-faik-files/24/notes
5,000 Phishing PDFs on 260 Domains Distribute Lumma Stealer via Fake CAPTCHAs
https://thehackernews.com/2025/02/5000-phishing-pdfs-on-260-domains.html
RDP: a Double-Edged Sword for IT Teams – Essential Yet Exploitable
https://thehackernews.com/2025/02/rdp-double-edged-sword-for-it-teams.html
Qilin Ransomware Gang Claims Responsibility for Attack Against Lee Enterprises
https://www.reddit.com/r/netsec/comments/1j07zpp/bypass_amsi_in_2025/
Amnesty Finds Cellebrite’s Zero-Day Used to Unlock Serbian Activist’s Android Phone
https://thehackernews.com/2025/02/amnesty-finds-cellebrites-zero-day.html
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Microsoft Exposes LLMjacking Cybercriminals Behind Azure AI Abuse Scheme
https://thehackernews.com/2025/02/microsoft-exposes-llmjacking.html
Cisco Fixed Command Injection and DoS Flaws in Nexus Switches
https://securityaffairs.com/174753/security/cisco-fixed-command-injection-and-dos-flaws-in-nexus-switches.html
Bypass AMSI in 2025
https://www.reddit.com/r/netsec/comments/1j07zpp/bypass_amsi_in_2025/
Behavior Models, Temperature Tweaks, and Safety Battles
https://thecyberwire.com/podcasts/the-faik-files/24/notes
5,000 Phishing PDFs on 260 Domains Distribute Lumma Stealer via Fake CAPTCHAs
https://thehackernews.com/2025/02/5000-phishing-pdfs-on-260-domains.html
RDP: a Double-Edged Sword for IT Teams – Essential Yet Exploitable
https://thehackernews.com/2025/02/rdp-double-edged-sword-for-it-teams.html
Qilin Ransomware Gang Claims Responsibility for Attack Against Lee Enterprises
https://www.reddit.com/r/netsec/comments/1j07zpp/bypass_amsi_in_2025/
Amnesty Finds Cellebrite’s Zero-Day Used to Unlock Serbian Activist’s Android Phone
https://thehackernews.com/2025/02/amnesty-finds-cellebrites-zero-day.html
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Security Affairs
Cisco fixed command injection and DoS flaws in Nexus switches
Cisco addressed command injection and denial-of-service (DoS) vulnerabilities in some models of its Nexus switches.
Top Security News for October 5, 2023
Bybit $1.5b hack was a Safe Wallet web app JS payload injection
https://www.reddit.com/r/netsec/comments/1j0y8fc/bybit_15b_hack_was_a_safe_wallet_web_app_js/
Microsoft disrupted a global cybercrime ring abusing Azure OpenAI Service
https://securityaffairs.com/174779/cyber-crime/azure-abuse-scheme-individuals-exposed.html
Ransomware gangs exploit a Paragon Partition Manager BioNTdrv.sys driver zero-day
https://securityaffairs.com/174789/cyber-crime/ransomware-gangs-paragon-partition-manager-biontdrv-sys-driver-zero-day-attacks.html
Wallbleed: A Memory Disclosure Vulnerability in the Great Firewall of China
https://www.reddit.com/r/netsec/comments/1j1evli/wallbleed_a_memory_disclosure_vulnerability_in/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Bybit $1.5b hack was a Safe Wallet web app JS payload injection
https://www.reddit.com/r/netsec/comments/1j0y8fc/bybit_15b_hack_was_a_safe_wallet_web_app_js/
Microsoft disrupted a global cybercrime ring abusing Azure OpenAI Service
https://securityaffairs.com/174779/cyber-crime/azure-abuse-scheme-individuals-exposed.html
Ransomware gangs exploit a Paragon Partition Manager BioNTdrv.sys driver zero-day
https://securityaffairs.com/174789/cyber-crime/ransomware-gangs-paragon-partition-manager-biontdrv-sys-driver-zero-day-attacks.html
Wallbleed: A Memory Disclosure Vulnerability in the Great Firewall of China
https://www.reddit.com/r/netsec/comments/1j1evli/wallbleed_a_memory_disclosure_vulnerability_in/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: Bybit $1.5b hack was a Safe Wallet web app JS payload injection
Posted by pzduniak - 156 votes and 9 comments
Top Security News for October 24, 2023
Substack Domain Takeover
https://www.reddit.com/r/netsec/comments/1j1ofqp/substack_domain_takeover/
Substack Domain Takeover
https://www.reddit.com/r/netsec/comments/1j1ofqp/substack_domain_takeover/
Substack Domain Takeover
https://www.reddit.com/r/netsec/comments/1j1ofqp/substack_domain_takeover/
Substack Domain Takeover
https://www.reddit.com/r/netsec/comments/1j1ofqp/substack_domain_takeover/
MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client
https://www.reddit.com/r/netsec/comments/1j1wt6u/mitm_attack_against_opensshs/
MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client
https://www.reddit.com/r/netsec/comments/1j1wt6u/mitm_attack_against_opensshs/
MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client
https://www.reddit.com/r/netsec/comments/1j1wt6u/mitm_attack_against_opensshs/
HUB Security Secures Continued Nasdaq Listing, Marking an Important Milestone
https://www.reddit.com/r/netsec/comments/1j1zypx/hub_security_secures_continued_nasdaq_listing/
Understanding the AI Act and its compliance challenges
https://www.reddit.com/r/netsec/comments/1j2fo1p/understanding_the_ai_act_and_its_compliance/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Substack Domain Takeover
https://www.reddit.com/r/netsec/comments/1j1ofqp/substack_domain_takeover/
Substack Domain Takeover
https://www.reddit.com/r/netsec/comments/1j1ofqp/substack_domain_takeover/
Substack Domain Takeover
https://www.reddit.com/r/netsec/comments/1j1ofqp/substack_domain_takeover/
Substack Domain Takeover
https://www.reddit.com/r/netsec/comments/1j1ofqp/substack_domain_takeover/
MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client
https://www.reddit.com/r/netsec/comments/1j1wt6u/mitm_attack_against_opensshs/
MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client
https://www.reddit.com/r/netsec/comments/1j1wt6u/mitm_attack_against_opensshs/
MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client
https://www.reddit.com/r/netsec/comments/1j1wt6u/mitm_attack_against_opensshs/
HUB Security Secures Continued Nasdaq Listing, Marking an Important Milestone
https://www.reddit.com/r/netsec/comments/1j1zypx/hub_security_secures_continued_nasdaq_listing/
Understanding the AI Act and its compliance challenges
https://www.reddit.com/r/netsec/comments/1j2fo1p/understanding_the_ai_act_and_its_compliance/
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: Substack Domain Takeover
Posted by whisperingmime - 0 votes and 0 comments
❤1
Top Security News for Today
Why a push for encryption backdoors is a global security risk
https://www.reddit.com/r/netsec/comments/1j38aru/why_a_push_for_encryption_backdoors_is_a_global/
We Deliberately Exposed AWS Keys on Developer Forums: Attackers Exploited One in 10 Hours
https://www.reddit.com/r/netsec/comments/1j38z5p/we_deliberately_exposed_aws_keys_on_developer/
We Deliberately Exposed AWS Keys on Developer Forums: Attackers Exploited One in 10 Hours
https://www.reddit.com/r/netsec/comments/1j38z5p/we_deliberately_exposed_aws_keys_on_developer/
DISCOUNTED HOTEL DEALS ANNOUNCED FOR HOPE_16
https://www.2600.com/content/discounted-hotel-deals-announced-hope16
Securing generative AI models on Azure AI Foundry
https://www.microsoft.com/en-us/security/blog/2025/03/04/securing-generative-ai-models-on-azure-ai-foundry/
Adaptive Attacks Break Defenses Against Indirect Prompt Injection Attacks on LLM Agents
https://arxiv.org/abs/2503.00061
CRFU: Compressive Representation Forgetting Against Privacy Leakage on Machine Unlearning
https://arxiv.org/abs/2503.00062
ADAGE: Active Defenses Against GNN Extraction
https://arxiv.org/abs/2503.00065
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Why a push for encryption backdoors is a global security risk
https://www.reddit.com/r/netsec/comments/1j38aru/why_a_push_for_encryption_backdoors_is_a_global/
We Deliberately Exposed AWS Keys on Developer Forums: Attackers Exploited One in 10 Hours
https://www.reddit.com/r/netsec/comments/1j38z5p/we_deliberately_exposed_aws_keys_on_developer/
We Deliberately Exposed AWS Keys on Developer Forums: Attackers Exploited One in 10 Hours
https://www.reddit.com/r/netsec/comments/1j38z5p/we_deliberately_exposed_aws_keys_on_developer/
DISCOUNTED HOTEL DEALS ANNOUNCED FOR HOPE_16
https://www.2600.com/content/discounted-hotel-deals-announced-hope16
Securing generative AI models on Azure AI Foundry
https://www.microsoft.com/en-us/security/blog/2025/03/04/securing-generative-ai-models-on-azure-ai-foundry/
Adaptive Attacks Break Defenses Against Indirect Prompt Injection Attacks on LLM Agents
https://arxiv.org/abs/2503.00061
CRFU: Compressive Representation Forgetting Against Privacy Leakage on Machine Unlearning
https://arxiv.org/abs/2503.00062
ADAGE: Active Defenses Against GNN Extraction
https://arxiv.org/abs/2503.00065
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Reddit
From the netsec community on Reddit: Why a push for encryption backdoors is a global security risk
Explore this post and more from the netsec community
Top Security News for March 5, 2025
Silk Typhoon targeting IT supply chain
https://www.microsoft.com/en-us/security/blog/2025/03/05/silk-typhoon-targeting-it-supply-chain/
EvilLoader: Yesterday was published PoC for unpatched Vulnerability affecting Telegram for Android
https://www.reddit.com/r/netsec/comments/1j3y1kl/evilloader_yesterday_was_published_poc_for/
EvilLoader: Yesterday was published PoC for unpatched Vulnerability affecting Telegram for Android
https://www.reddit.com/r/netsec/comments/1j3y1kl/evilloader_yesterday_was_published_poc_for/
UDora: A Unified Red Teaming Framework against LLM Agents by Dynamically Hijacking Their Own Reasoning
https://arxiv.org/abs/2503.01908
Datenschutzkonformer LLM-Einsatz: Eine Open-Source-Referenzarchitektur
https://arxiv.org/abs/2503.01915
A Lightweight and Secure Deep Learning Model for Privacy-Preserving Federated Learning in Intelligent Enterprises
https://arxiv.org/abs/2503.02017
Protecting DeFi Platforms against Non-Price Flash Loan Attacks
https://arxiv.org/abs/2503.01944
Advancing Obfuscation Strategies to Counter China's Great Firewall: A Technical and Policy Perspective
https://arxiv.org/abs/2503.02018
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Silk Typhoon targeting IT supply chain
https://www.microsoft.com/en-us/security/blog/2025/03/05/silk-typhoon-targeting-it-supply-chain/
EvilLoader: Yesterday was published PoC for unpatched Vulnerability affecting Telegram for Android
https://www.reddit.com/r/netsec/comments/1j3y1kl/evilloader_yesterday_was_published_poc_for/
EvilLoader: Yesterday was published PoC for unpatched Vulnerability affecting Telegram for Android
https://www.reddit.com/r/netsec/comments/1j3y1kl/evilloader_yesterday_was_published_poc_for/
UDora: A Unified Red Teaming Framework against LLM Agents by Dynamically Hijacking Their Own Reasoning
https://arxiv.org/abs/2503.01908
Datenschutzkonformer LLM-Einsatz: Eine Open-Source-Referenzarchitektur
https://arxiv.org/abs/2503.01915
A Lightweight and Secure Deep Learning Model for Privacy-Preserving Federated Learning in Intelligent Enterprises
https://arxiv.org/abs/2503.02017
Protecting DeFi Platforms against Non-Price Flash Loan Attacks
https://arxiv.org/abs/2503.01944
Advancing Obfuscation Strategies to Counter China's Great Firewall: A Technical and Policy Perspective
https://arxiv.org/abs/2503.02018
Follow Top Cyber News at https://t.me/TopCyberTechNews Feel free to DM me at https://twitter.com/ShayaFeedman
Microsoft News
Silk Typhoon targeting IT supply chain
Silk Typhoon is a Chinese state actor focused on espionage campaigns targeting a wide range of industries in the US and throughout the world. In recent months, Silk Typhoon has shifted to performing IT supply chain attacks to gain access to targets. In this…