π Microsoft Provides Defense Guidance After Nation-State Compromise π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Microsoft said the Russian nationstate group Midnight Blizzard obfuscated its attack through the use of an OAuth application.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Microsoft Provides Defense Guidance After Nation-State Compromise
Microsoft said the Russian nation-state group Midnight Blizzard obfuscated its attack through the use of an OAuth application
π’ PoC exploits for Jenkins vulnerability are being targeted in the wild, researchers reveal π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Hackers are already sniffing around a number of proofofconcept exploits for a critical vulnerability in the Jenkins open source automation software, experts warn.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
PoC exploits for Jenkins vulnerability are being targeted in the wild, researchers reveal
Hackers are already sniffing around a number of proof-of-concept exploits for a critical vulnerability in the Jenkins open source automation software, experts warn
π±1
π Nigerian 'Yahoo Boys' Behind Social Media Sextortion Surge in the US π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Nigeriabased cybercriminals known as Yahoo Boys are the main drivers of a financial sextortion increase on TikTok, Instagram and Snapchat, targeting Englishspeaking teenagers.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Nigerian 'Yahoo Boys' Behind Social Media Sextortion Surge in the US
Nigeria-based cybercriminals known as Yahoo Boys are the main drivers of a financial sextortion increase on TikTok, Instagram and Snapchat, targeting English-speaking teenagers
ποΈ Researchers Uncover How Outlook Vulnerability Could Leak Your NTLM Passwords ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A nowpatched security flaw in Microsoft Outlook could be exploited by threat actors to access NT LAN Manager NTLM v2 hashed passwords when opening a specially crafted file. The issue, tracked as CVE202335636 CVSS score 6.5, was addressed by the tech giant as part of its Patch Tuesday updates for December 2023. "In an email attack scenario, an attacker could exploit the.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π’ Take your business further with a dedicated internet connection π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Achieve internet speed and reliability to match your business ambitions.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
Take your business further with a dedicated internet connection
Achieve internet speed and reliability to match your business ambitions
π§ Ermac malware: The other side of the code π§
π Read more.
π Via "Security Intelligence"
----------
ποΈ Seen on @cibsecurity
When the Cerberus code was leaked in late 2020, IBM Trusteer researchers projected that a new Cerberus mutation was just a matter of time. Multiple actors used the leaked Cerberus code but without significant changes to the malware. However, the MalwareHunterTeam discovered a new variant of Cerberus known as Ermac also known as Hook The post Ermac malware The other side of the code appeared first on Security Intelligence.π Read more.
π Via "Security Intelligence"
----------
ποΈ Seen on @cibsecurity
Security Intelligence
Ermac malware: The other side of the code
To better understand the new Cerberus variant, IBM Trusteer researchers break down Ermac's capabilities step by step.
π΅οΈββοΈ Top 3 Data Breaches of 2023, and What Lies Ahead in 2024 π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Take a look at last year's most impactful data breaches and what companies can do to protect themselves going forward.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Top 3 Data Breaches of 2023, and What Lies Ahead in 2024
Take a look at last year's most impactful data breaches and what companies can do to protect themselves going forward.
π US Senator Exposes NSA Purchase of Americansβ Internet Records π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The call follows an FTC order saying data brokers must secure consent before selling user data.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
US Senator Exposes NSA Purchase of Americansβ Internet Records
The call follows an FTC order saying data brokers must secure consent before selling user data
π΅οΈββοΈ New Jersey School District Shut Down by Cyberattack π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Sunday night, Freehold Township district officials notified its staff and parents that school would not be in session Monday due to technical difficulties caused by a cyber incident.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
New Jersey School District Shut Down by Cyberattack
Sunday night, Freehold Township district officials notified its staff and parents that school would not be in session Monday due to technical difficulties caused by a cyber incident.
π Phobos Ransomware Family Expands With New FAUST Variant π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
FortiGuard said the variant was found in an Office document using a VBA script.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Phobos Ransomware Family Expands With New FAUST Variant
FortiGuard said the variant was found in an Office document using a VBA script
π PrommetriX Prometheus Metrics Leaker π
π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
PrommetriX is a tool that demonstrates a data leakage vulnerability in the Prometheus metricsbased event monitoring software.π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
Packetstormsecurity
PrommetriX Prometheus Metrics Leaker β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π΅οΈββοΈ Iran's 'Cyber Centers' Dodge Sanctions to Sell Cyber Operations π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Networks of Iranian officials and cyberoffensive specialists have created a variety of cybersecurity contractor in an attempt to dodge sanctions, according to leaked documents.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Iran's 'Cyber Centers' Dodge Sanctions to Sell Cyber Operations
Networks of Iranian officials and cyber-offensive specialists have created a variety of cybersecurity contractors in an attempt to dodge sanctions, according to leaked documents.
π¦Ώ What Do Appleβs EU App Store Changes Mean for App Developers? π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
The EU says the DMA keeps markets fair and open Apple says the DMA introduces security problems. Apple is leveling fees against independent app stores.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
What Do Appleβs EU App Store Changes Mean for App Developers?
The EU says the DMA keeps markets fair and open; Apple says the DMA introduces security problems. Apple is leveling fees against independent app stores.
β€1
π¦Ώ Ransomwareβs Impact Could Include Heart Attacks, Strokes & PTSD π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
New research details the possible effects of ransomware attacks on businesses and staff, society, the economy and national security, highlighting that its impact on mental and physical health is often overlooked.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Ransomwareβs Impact Could Include Heart Attacks, Strokes & PTSD
New research details the possible impact of ransomware attacks on businesses and staff, society, the economy and national security.
π1
π΅οΈββοΈ SolarWinds Files Motion to Dismiss SEC Lawsuit π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Responding to SEC charges, SolarWinds fired back with a detailed defense of how a Russianbacked cyber espionage attack on its system was handled.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
SolarWinds Files Motion to Dismiss SEC Lawsuit
Responding to SEC charges, SolarWinds fired back with a detailed defense of how a Russian-backed cyber espionage attack on its system was handled.
π΅οΈββοΈ PoC Exploits Heighten Risks Around Critical New Jenkins Vuln π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The arbitrary fileread flaw can lead to remote code execution.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
PoC Exploits Heighten Risks Around Critical New Jenkins Vuln
The arbitrary file-read flaw can lead to remote code execution.
π΅οΈββοΈ Keenan & Associates Reports Data Breach Exposing Social Security Numbers of More Than 1.5M π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Keenan & Associates Reports Data Breach Exposing Social Security Numbers of More Than 1.5M
ποΈ Juniper Networks Releases Urgent Junos OS Updates for High-Severity Flaws ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Juniper Networks has released outofband updates to address highseverity flaws in SRX Series and EX Series that could be exploited by a threat actor to take control of susceptible systems. The vulnerabilities, tracked as CVE202421619 and CVE202421620, are rooted in the JWeb component and impact all versions of Junos OS. Two other shortcomings, CVE202336846 and.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π1
ποΈ New ZLoader Malware Variant Surfaces with 64-bit Windows Compatibility ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Threat hunters have identified a new campaign that delivers the ZLoader malware, resurfacing nearly two years after the botnet's infrastructure was dismantled in April 2022. A new variant of the malware is said to have been in development since September 2023, Zscaler ThreatLabz said in an analysis published this month. "The new version of Zloader made significant changes to the loader.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π UK House of Lords Calls For Legislation on Facial Recognition Tech π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The House of Lords has questioned the legal basis for police use of facial recognition and wants parliament to legislate.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
UK House of Lords Calls For Legislation on Facial Recognition Tech
The House of Lords has questioned the legal basis for police use of facial recognition and wants parliament to legislate
π FBI: Scammers Are Sending Couriers to Collect Cash From Victims π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The FBI is warning the public not to fall for scams where they are urged to liquidate assets and hand them to couriers for safekeeping.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
FBI: Scammers Are Sending Couriers to Collect Cash From Victims
The FBI is warning the public not to fall for scams where they are urged to liquidate assets and hand them to couriers for βsafekeepingβ