π’ Salesforce-based phishing attacks surge 109% since the start of 2024 π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Threat analysts have uncovered a sophisticated phishing attack imitating emails from Salesforce that are likely bypassing many business email filters.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
Salesforce-based phishing attacks surge 109% since the start of 2024
Threat analysts have uncovered a sophisticated phishing attack imitating emails from Salesforce that are likely bypassing many business email filters
π¦
Protected: Active Exploitation of Atlassian Confluence RCE Vulnerability (CVE-2023-22527) π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
There is no excerpt because this is a protected post. The post Protected Active Exploitation of Atlassian Confluence RCE Vulnerability CVE202322527 appeared first on Cyble. The post Protected Active Exploitation of Atlassian Confluence RCE Vulnerability CVE202322527 appeared first on Cyble.π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
Exploitation Of Atlassian Confluence RCE Vulnerability
Cyble's Global Sensor Intelligence (CGSI) network picks up scanning attempts aiming to exploit a recent Vulnerability in Atlassian Confluence.
ποΈ China-Linked Hackers Target Myanmar's Top Ministries with Backdoor Blitz ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The Chinabased threat actor known as Mustang Panda is suspected to have targeted Myanmar's Ministry of Defence and Foreign Affairs as part of twin campaigns designed to deploy backdoors and remote access trojans. The findings come from CSIRTCTI, which said the activities took place in November 2023 and January 2024 after artifacts in connection with the attacks were uploaded to the.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Ransomware Incidents Hit Record High, But Law Enforcement Takedowns Slow Growth π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
New data from Corvus found that ransomware incidents rose by 68 in 2023 compared to 2022, but law enforcement takedowns led to a fall in Q4.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Ransomware Incidents Hit Record High, But Law Enforcement Takedowns Slow Growth
New data from Corvus found that ransomware incidents rose by 68% in 2023 compared to 2022, but law enforcement takedowns led to a fall in Q4
π΅οΈββοΈ Q&A: How Israeli Cybersecurity Companies Endure Through the Conflict π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
As Israeli employees get called up for reserve military duty, the impact on their day jobs and employers is still being calculated.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Q&A: How Israeli Cybersecurity Companies Endure Through the Conflict
As Israeli employees get called up for reserve military duty, the impact on their day jobs and employers is still being calculated.
π Falco 0.37.0 π
π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about Falco as a mix between snort, ossec and strace.π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
Packetstormsecurity
Falco 0.37.0 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π1
π΅οΈββοΈ Solving the Cybersecurity Skills Gap With Racial Inclusivity π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Addressing the growing demand for cybersecurity professionals is also an opportunity to create a more racially inclusive workforce.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Solving the Cybersecurity Skills Gap With Racial Inclusivity
Addressing the growing demand for cybersecurity professionals is also an opportunity to create a more racially inclusive workforce.
π Rust Payloads Exploiting Ivanti Zero-Days Linked to Sophisticated Sliver Toolkit π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
After analyzing the 12 Rust payloads exploiting Ivanti ConnectSecure vulnerabilities, Synacktiv found they all enabled a sophisticated postexploitation toolkit.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Rust Payloads Exploiting Ivanti Zero-Days Linked to Sophisticated Sliver Toolkit
After analyzing the Rust payloads exploiting Ivanti ConnectSecure vulnerabilities, Synacktiv found they all enabled a post-exploitation toolkit
π΅οΈββοΈ UAE Government Cyber Chief: We Face 50K Cyberattacks Daily π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The Emirates see phishing emails, DDoS attacks, and ransomware, as well as port scans, regularly.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
UAE Government Cyber Chief: We Face 50K Cyberattacks Daily
The Emirates face phishing emails, DDoS attacks, and ransomware, as well as port scans, on a regular basis.
π Alpha Ransomware Group Launches Data Leak Site on the Dark Web π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Netenrich analized the ransom note pattern saying the group is refining their messages to victims.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Alpha Ransomware Group Launches Data Leak Site on the Dark Web
Netenrich analyzed the ransom note pattern saying the group is refining their messages to victims
π How to Protect Sensitive Data While Using ChatGPT and Other Generative AI Tools π
π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
Generative AI platforms like ChatGPT have emerged as a new frontier of data breaches, especially in the rise of hybrid work. Equipped with the function to generate various content and troubleshoot software bugs, these applications can leak training data and violate privacy. In their research, Work From Anywhere, Fortinet found that about 62 of organizations The post How to Protect Sensitive Data While Using ChatGPT and Other Generative AI Tools appeared first on UnderDefense.π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
UnderDefense
Your Guide to Protecting Sensitive Data While Using ChatGPT
Discover how to keep your sensitive data safe while using ChatGPT. This guide covers best practices, privacy tips, and security measures to protect your information.
ποΈ URGENT: Upgrade GitLab - Critical Workspace Creation Flaw Allows File Overwrite ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
GitLab once again released fixes to address a critical security flaw in its Community Edition CE and Enterprise Edition EE that could be exploited to write arbitrary files while creating a workspace. Tracked as CVE20240402, the vulnerability has a CVSS score of 9.9 out of a maximum of 10. "An issue has been discovered in GitLab CEEE affecting all versions from 16.0 prior to.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
β€1
π Orange EspaΓ±a Breach: Dark Web Flooded With Operator Credentials π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Resecurity discovered over 1572 compromised customers from RIPE, APNIC, AFRINIC and LACNIC.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Orange EspaΓ±a Breach: Dark Web Flooded With Operator Credentials
Resecurity discovered over 1572 compromised customers from RIPE, APNIC, AFRINIC and LACNIC
ποΈ Brazilian Feds Dismantle Grandoreiro Banking Trojan, Arresting Top Operatives ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A Brazilian law enforcement operation has led to the arrest of several Brazilian operators in charge of the Grandoreiro malware. The Federal Police of Brazil said it served five temporary arrest warrants and 13 search and seizure warrants in the states of So Paulo, Santa Catarina, Par, Gois, and Mato Grosso. Slovak cybersecurity firm ESET, which provided additional.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Schneider Electric Confirms Data Accessed in Ransomware Attack π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Energy firm Schneider Electric said a ransomware incident, reportedly perpetrated by the Cactus group, has led to data being accessed from its Sustainability Business division.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Schneider Electric Confirms Data Accessed in Ransomware Attack
Energy firm Schneider Electric said a ransomware incident, reportedly perpetrated by the Cactus group, has led to data being accessed from its Sustainability Business division
π» Apple accuses UK gov't of βunprecedented overreachβ on privacy π»
π Read more.
π Via "COMPUTERWORLD"
----------
ποΈ Seen on @cibsecurity
In the name of security, the UK government may well have put a cybersecurity target on the nations back, with Apple once again warning that proposed changes to the Investigatory Powers Act 2016 are a serious and direct threat to data security and information privacy.We are deeply concerned about the amendments to the Investigatory Powers Bill currently before Parliament, which will put the privacy and security of users at risk," Apple said in a statement. This is an unprecedented overreach by the government and, if implemented, the UK new user protections could be secretly vetoed globally, preventing us from ever delivering them to customers.To read this article in full, please click here.π Read more.
π Via "COMPUTERWORLD"
----------
ποΈ Seen on @cibsecurity
Computerworld
Apple accuses UK gov't of βunprecedented overreachβ on privacy
Apple warns that proposed UK laws are a βserious and direct threat to data security and information privacy.β
βοΈ Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider βοΈ
π Read more.
π Via "Krebs on Security"
----------
ποΈ Seen on @cibsecurity
On Jan. 9, 2024, U.S. authorities arrested a 19yearold Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIMswapping to steal cryptocurrency. Sources close to the investigation tell KrebsOnSecurity the accused was a key member of a criminal hacking group blamed for a string of cyber intrusions at major U.S. technology companies during the summer of 2022.π Read more.
π Via "Krebs on Security"
----------
ποΈ Seen on @cibsecurity
Krebs on Security
Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider
On Jan. 9, 2024, U.S. authorities arrested a 19-year-old Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIM-swapping to steal cryptocurrency. Sources close to the investigation tell KrebsOnSecurity the accusedβ¦
𧨠Was the Fake Joe Biden Robocall Created with AI? π§¨
π Read more.
π Via "McAfee"
----------
ποΈ Seen on @cibsecurity
As voters in the recent New Hampshire primary have found, a fake robocall of President Joe Biden has been making... The post Was the Fake Joe Biden Robocall Created with AI? appeared first on McAfee Blog.π Read more.
π Via "McAfee"
----------
ποΈ Seen on @cibsecurity
McAfee Blog
Was the Fake Joe Biden Robocall Created with AI? | McAfee Blog
As voters in the recent New Hampshire primary have found, a fake robocall of President Joe Biden has been making the rounds. Using AI voice-cloning
π΅οΈββοΈ Feds Reportedly Try to Disrupt 'Volt Typhoon' Attack Infrastructure π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The Chinalinked threat actor's attacks on US critical infrastructure organizations have alarmed American intelligence officials, Reuters says.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Feds Reportedly Try to Disrupt 'Volt Typhoon' Attack Infrastructure
The China-linked threat actor's attacks on US critical infrastructure organizations have alarmed American intelligence officials, Reuters says.
π΅οΈββοΈ Forcepoint Federal Rebrands As Everfox to Reflect New Era of Defense-Grade Cybersecurity π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Forcepoint Federal Rebrands As Everfox to Reflect New Era of Defense-Grade Cybersecurity
π΅οΈββοΈ Apple Warns iPhone Sideloading Changes Will Increase Cyber Threats π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The tech giant says that being more open to comply with EU regulations brings risks such as malware, fraud, and scams.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Apple Warns iPhone Sideloading Changes Will Increase Cyber Threats
The tech giant says that being more open to comply with EU regulations brings risks such as malware, fraud, and scams.