π½ International Crackdown: βLabHostβ Phishing-as-a-Service Platform Busted π½
π Read more.
π Via "BE3SEC"
----------
ποΈ Seen on @cibsecurity
A concerted effort by global law enforcement agencies has successfully dismantled LabHost, a notorious online platform specializing in phishing kits. Since its inception in 2021, LabHost accrued over 1 million in profits by providing cybercriminals with the tools to impersonate trusted websites and steal sensitive user data. The coordinated operation.π Read more.
π Via "BE3SEC"
----------
ποΈ Seen on @cibsecurity
be4sec
International Crackdown: βLabHostβ Phishing-as-a-Service Platform Busted
A concerted effort by global law enforcement agencies has successfully dismantled LabHost, a notorious online platform specializing in phishing kits. Since its inception in 2021, LabHost accrued ovβ¦
π1
π΅οΈββοΈ US Gov Slaps Visa Restrictions on Spyware Honchos π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The State Department can now deny entrance to the US for individuals accused of profiting from spywarerelated human rights abuses, and their immediate family members.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
US Gov Slaps Visa Restrictions on Spyware Honchos
The State Department can now deny entrance to the US for individuals accused of profiting from spyware-related human rights abuses, and their immediate family members.
π΅οΈββοΈ Russia's Fancy Bear Pummels Windows Print Spooler Bug π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The infamous Russian threat actor has created a custom tool called GooseEgg to exploit CVE202238028 in cyberespionage attacks against targets in Ukraine, Western Europe, and North America.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
Russia's Fancy Bear Pummels Windows Print Spooler Bug
The infamous Russian threat actor has created a custom tool called GooseEgg to exploit CVE-2022-38028 in cyberespionage attacks against targets in Ukraine, Western Europe, and North America.
π΅οΈββοΈ Teetering on the Edge: VPNs, Firewalls' Nonexistent Telemetry Lures APTs π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Statesponsored groups are targeting critical vulnerabilities in virtual private network VPN gateways, firewall appliances, and other edge devices to make life difficult for incident responders, who rarely have visibility into the devices.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
VPNs, Firewalls' Nonexistent Telemetry Lures APTs
State-sponsored groups are targeting critical vulnerabilities in edge devices to make life difficult for incident responders.
π¦Ώ Grab 9 Ethical Hacking Courses for $30 and Improve Your Business Security π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Your customers expect you to keep their data secure, and this collection of video courses covers everything you need to know about cybersecurity.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Grab 9 Ethical Hacking Courses for $30 and Improve Your Business Security
Your customers expect you to keep their data secure, and this collection of video courses covers everything you need to know about cybersecurity.
π§ Passwords, passkeys and familiarity bias π§
π Read more.
π Via "Security Intelligence"
----------
ποΈ Seen on @cibsecurity
As passkey passwordless authentication adoption proceeds, misconceptions abound. There appears to be a widespread impression that passkeys may be more convenient and less secure than passwords. The reality is that they are both more secure and more convenient possibly a first in cybersecurity. Most of us could be forgiven for not realizing passwordless authentication The post Passwords, passkeys and familiarity bias appeared first on Security Intelligence.π Read more.
π Via "Security Intelligence"
----------
ποΈ Seen on @cibsecurity
Security Intelligence
Passwords, passkeys and familiarity bias
As passkey adoption proceeds, misconceptions abound. While many people believe passwordless authentication is less secure, the reality is quite different.
ποΈ Webinar: Learn Proactive Supply Chain Threat Hunting Techniques ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
In the highstakes world of cybersecurity, the battleground has shifted. Supply chain attacks have emerged as a potent threat, exploiting the intricate web of interconnected systems and thirdparty dependencies to breach even the most formidable defenses. But what if you could turn the tables and proactively hunt these threats before they wreak havoc? We invite you to join us for an.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Vulnerability Exploitation on the Rise as Attacker Ditch Phishing π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Mandiants latest MTrends report found that vulnerability exploitation was the most common initial infection vector in 2023, making up 38 of intrusions.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Vulnerability Exploitation on the Rise as Attackers Ditch Phishing
Mandiantβs latest M-Trends report found that vulnerability exploitation was the most common initial infection vector in 2023, making up 38% of intrusions
β€1
π΅οΈββοΈ Lessons for CISOs From OWASP's LLM Top 10 π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
It's time to start regulating LLMs to ensure they're accurately trained and ready to handle business deals that could affect the bottom line.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Lessons for CISOs From OWASP's LLM Top 10
It's time to start regulating LLMs to ensure they're accurately trained and ready to handle business deals that could impact the bottom line.
π1
ποΈ Apache Cordova App Harness Targeted in Dependency Confusion Attack ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Researchers have identified a dependency confusion vulnerability impacting an archived Apache project called Cordova App Harness. Dependency confusion attacks take place owing to the fact that package managers check the public repositories before private registries, thus allowing a threat actor to publish a malicious package with the same name to a public package repository. This.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π End-to-End Encryption Sparks Concerns Among EU Law Enforcement π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The call comes amid the rollout of endtoend encryption on Metas Messenger platform.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
End-to-End Encryption Sparks Concerns Among EU Law Enforcement
The call comes amid the rollout of end-to-end encryption on Metaβs Messenger platform
π Millions of Americans' Data Potentially Exposed in Change Healthcare Hack π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Millions of Americans may be impacted by the Change Healthcare data breach as UnitedHealth confirms exposed data includes personal and health information.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Millions of Americans' Data Potentially Exposed in Change Healthcare Hack
Millions of Americans may be impacted by the Change Healthcare data breach as UnitedHealth confirms exposed data includes personal and health information
π US Imposes Visa Restrictions on Alleged Spyware Figures π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The move is reportedly part of a broader effort to counter the misuse of surveillance technology.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
US Imposes Visa Restrictions on Alleged Spyware Figures
The move is reportedly part of a broader effort to counter the misuse of surveillance technology
π Nmap Port Scanner 7.95 π
π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols UDP, TCP, ICMP, etc.. Nmap supports Vanilla TCP connect scanning, TCP SYN half open scanning, TCP FIN, Xmas, or NULL stealth scanning, TCP ftp proxy bounce attack scanning, SYNFIN scanning using IP fragments bypasses some packet filters, TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning pingsweep, TCP Ping scanning, Direct non portmapper RPC scanning, Remote OS Identification by TCPIP Fingerprinting, and Reverseident scanning. Nmap also supports a number of performance and reliability...π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
Packetstormsecurity
Nmap Port Scanner 7.95 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π Suricata IDPE 7.0.5 π
π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multithreaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
Packetstormsecurity
Suricata IDPE 7.0.5 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π΅οΈββοΈ Back from the Brink: UnitedHealth Offers Sobering Post-Attack Update π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The company reports most systems are functioning again but that analysis of the data affected will take months to complete.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Back from the Brink: UnitedHealth Offers Sobering Post-Attack Update
The company reports most systems are functioning again but that analysis of the data affected will take months to complete.
π΅οΈββοΈ CompTIA Supports Department of Defense Efforts to Strengthen Cyber Knowledge and Skills π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
CompTIA Supports Department of Defense Efforts to Strengthen Cyber Knowledge and Skills
π΅οΈββοΈ 5 Hard Truths About the State of Cloud Security 2024 π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading talks cloud security with John Kindervag, the godfather of zero trust.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
5 Hard Truths About the State of Cloud Security 2024
Dark Reading talks cloud security with John Kindervag, the godfather of zero trust.
π΅οΈββοΈ Siemens Working on Fix for Device Affected by Palo Alto Firewall Bug π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Growing attacks targeting the flaw prompted CISA to include it in the known exploited vulnerabilities catalog earlier this month.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Siemens Working on Fix for Device Affected by Palo Alto Firewall Bug
Growing attacks targeting the flaw prompted CISA to include it in the known exploited vulnerabilities catalog earlier this month.
π1
π΅οΈββοΈ Hackers Create Legit Phishing Links With Ghost GitHub, GitLab Comments π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
An utterly innocuous feature in popular Git CDNs allows anyone to conceal malware behind brand names, without those brands being any the wiser.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Hackers Create Legit Phishing Links With Ghost GitHub, GitLab Comments
An utterly innocuous feature in popular Git CDNs allows anyone to conceal malware behind brand names, without those brands being any the wiser.
ποΈ CoralRaider Malware Campaign Exploits CDN Cache to Spread Info-Stealers ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A new ongoing malware campaign has been observed distributing three different stealers, such as CryptBot, LummaC2, and Rhadamanthys hosted on Content Delivery Network CDN cache domains since at least February 2024. Cisco Talos has attributed the activity with moderate confidence to a threat actor tracked as CoralRaider, a suspected Vietnameseorigin.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity