π #Infosec2024: Decoding SentinelOne's AI Threat Hunting Assistant π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
SentinelOne will present a threathunting demonstration during which a security analyst will compete against a nontechnical person using its AI assistant.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
#Infosec2024: Decoding SentinelOne's AI Threat Hunting Assistant
SentinelOne will present a threat-hunting demonstration during which a security analyst will compete against a non-technical person using its AI assistant
π Internet Archive Disrupted by Sustained and βMeanβ DDoS Attack π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The Internet Archive said sustained DDoS attacks have disrupted access to its preserved web pages and other historical archives.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Internet Archive Disrupted by Sustained and βMeanβ DDoS Attack
The Internet Archive said sustained DDoS attacks have disrupted access to its preserved web pages and other historical archives
π’ This new hacker group is targeting software developers with phony job offers and fake projects π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
From targeting software developers to infiltrating IT firms, the Moonstone Sleet hacker group has an unusually wide range of attacks and isnt shy about using them.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
This new hacker group is targeting software developers with phony job offers and fake projects
From targeting software developers to infiltrating IT firms, the Moonstone Sleet hacker group has an unusually wide range of attacks β and isnβt shy about using them
π΅οΈββοΈ Mastermind Behind Biden AI Deepfake Indicted for Robocall Scheme π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The political consultant who wrote the script and paid for the deepfake audio used in robocalls was fined 6 million by the FCC.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Mastermind Behind Biden AI Deepfake Indicted for Robocall Scheme
The political consultant who wrote the script and paid for the deepfake audio used in robocalls was fined $6 million by the FCC.
π΅οΈββοΈ Exploit for Fortinet Critical RCE Bug Allows SIEM Root Access π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Corporate admins should patch the maxseverity CVE202423108 immediately, which allows unauthenticated command injection.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Exploit for Fortinet Critical RCE Bug Allows SIEM Root Access
Corporate admins should patch the max-severity CVE-2024-23108 immediately, which allows unauthenticated command injection.
π΅οΈββοΈ BlackSuit Claims Dozens of Victims With Carefully Curated Ransomware π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Researchers went indepth on an attack by the threat group, which mainly targets US companies in the education and industrial goods sectors, specifically to maximize financial gain.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
BlackSuit Claims Dozens of Victims With Ransomware
Researchers went in-depth on an attack by the threat group, which mainly targets US companies in the education and industrial goods sectors, specifically to maximize financial gain.
π΅οΈββοΈ Why CVEs Are an Incentives Problem π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
It's time to rethink the pivotal role incentives play in shaping behavior to find and disclose software vulnerabilities. More accurate guidance to reflect realworld risks and a tiered verification process to establish potential impact could slow misleading submissions.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Why CVEs Are an Incentives Problem
It's time to rethink the pivotal role incentives play in shaping behavior to find and disclose software vulnerabilities. More accurate guidance to reflect real-world risks and a tiered verification process to establish potential impact could slow misleadingβ¦
π GRR 3.4.7.4 π
π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
GRR Rapid Response is an incident response framework focused on remote live forensics. The goal of GRR is to support forensics and investigations in a fast, scalable manner to allow analysts to quickly triage attacks and perform analysis remotely. GRR consists of 2 parts client and server. GRR client is deployed on systems that one might want to investigate. On every such system, once deployed, GRR client periodically polls GRR frontend servers for work. "Work" means running a specific action downloading file, listing a directory, etc. GRR server infrastructure consists of several components frontends, workers, UI servers and provides webbased graphical user interface and an API endpoint that allows analysts to schedule actions on clients and view and process collected data.π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
Packetstormsecurity
GRR 3.4.7.4 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π jSQL Injection 0.96 π
π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
jSQL Injection is a lightweight application used to find database information from a distant server. jSQL Injection is also part of the official penetration testing distribution Kali Linux and is included in various other distributions like Pentest Box, Parrot Security OS, ArchStrike and BlackArch Linux. This is the source code release.π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
Packetstormsecurity
jSQL Injection 0.96 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π Proxmark3 4.18589 Custom Firmware π
π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
This is a custom firmware written for the Proxmark3 device. It extends the currently available firmware. This release is nicknamed "Aurora".π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
Packetstormsecurity
Proxmark3 4.18589 Custom Firmware β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
ποΈ Cybercriminals Abuse StackOverflow to Promote Malicious Python Package ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have warned of a new malicious Python package that has been discovered in the Python Package Index PyPI repository to facilitate cryptocurrency theft as part of a broader campaign. The package in question is pytoileur, which has been downloaded 316 times as of writing. Interestingly, the package author, who goes by the name PhilipsPY, has uploaded a new version of the.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π1
ποΈ Check Point Warns of Zero-Day Attacks on its VPN Gateway Products ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Check Point is warning of a zeroday vulnerability in its Network Security gateway products that threat actors have exploited in the wild. Tracked as CVE202424919, the issue impacts CloudGuard Network, Quantum Maestro, Quantum Scalable Chassis, Quantum Security Gateways, and Quantum Spark appliances. "The vulnerability potentially allows an attacker to read certain information on.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Brazilian Banks Targeted by New AllaKore RAT Variant Called AllaSenha ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Brazilian banking institutions are the target of a new campaign that distributes a custom variant of the Windowsbased AllaKore remote access trojan RAT called AllaSenha. The malware is "specifically aimed at stealing credentials that are required to access Brazilian bank accounts, and leverages Azure cloud as commandandcontrol C2 infrastructure," French cybersecurity company HarfangLab.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Advance Fee Fraud Targets Colleges With Free Piano Offers π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Proofpoint discovered over 125,000 emails linked to this scam cluster in the past year.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Advance Fee Fraud Targets Colleges With Free Piano Offers
Proofpoint discovered over 125,000 emails linked to this scam cluster in the past year
π New PyPI Malware βPytoileurβ Steals Crypto and Evades Detection π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The package posed as an API management tool and downloaded trojanized Windows binaries.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
New PyPI Malware βPytoileurβ Steals Crypto and Evades Detection
The package posed as an API management tool and downloaded trojanized Windows binaries
βοΈ Is Your Computer Part of βThe Largest Botnet Ever?β βοΈ
π Read more.
π Via "Krebs on Security"
----------
ποΈ Seen on @cibsecurity
The U.S. Department of Justice DOJ today said they arrested the alleged operator of 911 S5, a tenyearold online anonymity service that was powered by what the director of the FBI called "likely the world's largest botnet ever." The arrest coincided with the seizure of the 911 S5 website and supporting infrastructure, which the government says turned computers running various "free VPN" products into Internet traffic relays that facilitated billions of dollars in online fraud and cybercrime.π Read more.
π Via "Krebs on Security"
----------
ποΈ Seen on @cibsecurity
Krebs on Security
Is Your Computer Part of βThe Largest Botnet Ever?β
The U.S. Department of Justice (DOJ) today said they arrested the alleged operator of 911 S5, a ten-year-old online anonymity service that was powered by what the director of the FBI called "likely the world's largest botnet ever." The arrestβ¦
π΅οΈββοΈ Leak Site BreachForums Springs Back to Life Weeks After FBI Takedown π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
It's unclear whether a dataset for sale on the site allegedly containing data from more than 500 million TicketMaster users is real or just law enforcement bait.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
Leak Site BreachForums Springs Back to Life Weeks After FBI Takedown
It's unclear whether a dataset for sale on the site allegedly containing data from more than 500 million Ticketmaster users is real or just law enforcement bait.
π΅οΈββοΈ 9 Tips to Avoid Burnout in Cybersecurity π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
When security professionals are at the end of their rope feeling both mentally and physically exhausted it's often because of burnout. Unfortunately, burnout is becoming more common in the industry. Here are 9 ways to try to combat it.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
9 Tips to Avoid Burnout in Cybersecurity
When security professionals are at the end of their rope β feeling both mentally and physically exhausted β it's often because of burnout. Here are ways to combat it.
π2
π ESET World 2024: Big on prevention, even bigger on AI π
π Read more.
π Via "ESET - WeLiveSecurity"
----------
ποΈ Seen on @cibsecurity
What is the state of artificial intelligence in 2024 and how can AI level up your cybersecurity game? These hot topics and pressing questions surrounding AI were front and center at the annual conference.π Read more.
π Via "ESET - WeLiveSecurity"
----------
ποΈ Seen on @cibsecurity
Welivesecurity
ESET World 2024: Big on prevention, even bigger on AI
What is the state of artificial intelligence in 2024 and how can AI level up your cybersecurity game? These hot topics and pressing questions surrounding AI were front and center at the annual conference.
ποΈ Okta Warns of Credential Stuffing Attacks Targeting Customer Identity Cloud ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Okta is warning that a crossorigin authentication feature in Customer Identity Cloud CIC is susceptible to credential stuffing attacks orchestrated by threat actors. "We observed that the endpoints used to support the crossorigin authentication feature being attacked via credential stuffing for a number of our customers," the Identity and access management IAM services provider said. The.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π #Infosec2024: Why Credential-Based Attacks Need Modern Solutions π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
1Passwords Steve Won discusses why modern security solutions, such as passkeys, can substantially reduce the risk of credentialbased attacks.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
#Infosec2024: Why Credential-Based Attacks Need Modern Solutions
1Passwordβs Steve Won discusses why modern security solutions, such as passkeys, can substantially reduce the risk of credential-based attacks