π Microsoft Fixes Four Zero-Days in July Patch Tuesday π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Microsoft has addressed two actively exploited and two publicly disclosed zeroday bugs this month.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Microsoft Fixes Four Zero-Days in July Patch Tuesday
Microsoft has addressed two actively exploited and two publicly disclosed zero-day bugs this month
π΅οΈββοΈ Privacy & Security Concerns With AI Meeting Tools π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Businesses need to find a balance between harnessing the benefits of AI assistants and safeguarding sensitive information maintaining trust with employees and clients.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
Privacy & Security Concerns With AI Meeting Tools
Businesses need to find a balance between harnessing the benefits of AI assistants and safeguarding sensitive information β maintaining trust with employees and clients.
ποΈ New Ransomware Group Exploiting Veeam Backup Software Vulnerability ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A nowpatched security flaw in Veeam Backup Replication software is being exploited by a nascent ransomware operation known as EstateRansomware. Singaporeheadquartered GroupIB, which discovered the threat actor in early April 2024, said the modus operandi involved the exploitation of CVE202327532 CVSS score 7.5 to carry out the malicious activities. Initial access to the target.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π¦
NATOβs 75th Anniversary Washington Summit Draws Ire of Hacktivist Groups π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Washington is hosting the NATO 75th Anniversary Summit from July 9 to July 11, 2024. This pivotal meeting includes heads of state, senior military personnel, and experts from 32 NATO members. The summit is crucial for the Alliance to bolster support for Ukraine, enhance NATO's defense capabilities in the wake of Russia and China's increasingly aggressive stance, expand global partnerships, and address key geopolitical challenges. In keeping with their established patterns, particularly in the aftermath of the conflict in Ukraine, hacktivists have been quick to target the Washington Summit. The ongoing developments among NATO allies to back Ukraine in the ongoing conflict have already drawn multiple attacks on the digital infrastructure of these countries over the last two years. ...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
NATOβs 75th Anniversary Washington Summit Draws Ire Of Hacktivist Groups - Cyble
As NATO commemorates the 75th Anniversary of its founding at the Washington Summit, Hacktivist groups continue to target the alliance in co-ordinated campaigns. Read Cyble's analysis of these incidents.
π’ New Snowflake security policies mean admins can now enforce mandatory MFA π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
The changes come two months after a major breach affected dozens of Snowflake customers.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
New Snowflake security policies mean admins can now enforce mandatory MFA
The changes come two months after a major breach affected dozens of Snowflake customers
π΅οΈββοΈ Poco RAT Burrows Deep Into Mining Sector π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The novel malware targets Spanishspeaking users via malicious Google Drive links, and taps a popular C library to evade detection.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Poco RAT Burrows Deep Into Mining Sector
The novel malware targets Spanish-speaking users via malicious Google Drive links, and taps a popular C++ library to evade detection.
π Microsoft Outlook Faced Critical Zero-Click RCE Vulnerability π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
For trusted senders, the flaw is zeroclick, but requires oneclick interactions for untrusted ones.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Microsoft Outlook Faced Critical Zero-Click RCE Vulnerability
For trusted senders, the flaw is zero-click, but requires one-click interactions for untrusted ones
βοΈ The Stark Truth Behind the Resurgence of Russiaβs Fin7 βοΈ
π Read more.
π Via "Krebs on Security"
----------
ποΈ Seen on @cibsecurity
The Russiabased cybercrime group dubbed "Fin7," known for phishing and malware attacks that have cost victim organizations an estimated 3 billion in losses since 2013, was declared dead last year by U.S. authorities. But experts say Fin7 has roared back to life in 2024 setting up thousands of websites mimicking a range of media and technology companies with the help of Stark Industries Solutions, a sprawling hosting provider is a persistent source of cyberattacks against enemies of Russia.π Read more.
π Via "Krebs on Security"
----------
ποΈ Seen on @cibsecurity
Krebs on Security
The Stark Truth Behind the Resurgence of Russiaβs Fin7
The Russia-based cybercrime group dubbed "Fin7," known for phishing and malware attacks that have cost victim organizations an estimated $3 billion in losses since 2013, was declared dead last year by U.S. authorities. But experts say Fin7 has roared backβ¦
π Smishing Triad Targets India with Fraud Surge π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Smishing Triad's MO involves registering fraudulent domain names that mimic legitimate organizations.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Smishing Triad Targets India with Fraud Surge
Smishing Triad's MO involves registering fraudulent domain names that mimic legitimate organizations
π΅οΈββοΈ Microsoft's Partnership With Middle East AI Firm Under Scrutiny π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The US government worries that Group 42 Holdings, an AI firm based in the United Arab Emirates, could become a backdoor for technology leaks to China.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Microsoft's Partnership With Middle East AI Firm Under Scrutiny
The US government worries that Group 42 Holdings, an AI firm based in the United Arab Emirates, could become a backdoor for technology leaks to China.
π΅οΈββοΈ Fujitsu Suffers Worm-Like Attack From Something That Wasn't Ransomware π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The CE giant released its investigative findings regarding a March cyberattack that resulted in data exfiltration affecting its Japanese operations.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Fujitsu Suffers Worm-Like Attack From Something That Wasn't Ransomware
The CE giant released its investigative findings regarding a March cyberattack that resulted in data exfiltration affecting its Japanese operations.
π΅οΈββοΈ Peloton Takes a Spin Through Court, Thanks to AI Privacy Lawsuit π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The case alleges a thirdparty marketer for the exercise giant improperly used customer chat data to train its AI models.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Peloton Takes a Spin Through Court, Thanks to AI Privacy Lawsuit
The case alleges a third-party marketer for the exercise giant improperly used customer chat data to train its AI models.
π΅οΈββοΈ Attackers Have Been Leveraging Microsoft Zero-Day for 18 Months π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Likely two separate threat actors are using the justpatched CVE202438112 in targeted, concurrent infostealer campaigns.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
Attackers Have Been Leveraging Microsoft Zero-Day for 18 Months
Likely two separate threat actors are using the just-patched CVE-2024-38112 in targeted, concurrent infostealer campaigns.
π΅οΈββοΈ Feds Uncover Sprawling, GenAI-Enabled Russian Troll Farm π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The bot farm was created using AIenhanced software that was able to create a host of different false personas to spread disinformation in convincing and unsettling ways.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Feds Uncover Sprawling, GenAI-Enabled Russian Troll Farm
The bot farm was created using AI-enhanced software that was able to create a host of different false personas to spread disinformation in convincing and unsettling ways.
π₯°1
π¦Ώ Cisco Talos: Top Ransomware TTPs Exposed π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Read about the new Cisco Talos report on the top ransomware groups techniques and learn how to mitigate this cybersecurity risk. Cisco Talos observed the TTPs used by 14 of the most prevalent ransomware groups based on their volume of attack, impact to customers and atypical behavior.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Cisco Talos: Top Ransomware TTPs Exposed
Read about the new Cisco Talos report on the top ransomware groupsβ techniques and learn how to mitigate this cybersecurity risk.
π¦Ώ AWS Summit New York 2024: Guardrails for Amazon Bedrock Gains Claude 3 Haiku and Contextual Grounding π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Responsible AI Lead Diya Wynn spoke to TechRepublic about AI hallucinations and upskilling.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
AWS Summit: Bedrock AI Service Gains Contextual Grounding
Responsible AI Lead Diya Wynn spoke to TechRepublic about AI hallucinations and upskilling. Plus, Anthropic Claude 3 comes to Bedrock.
ποΈ PHP Vulnerability Exploited to Spread Malware and Launch DDoS Attacks ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Multiple threat actors have been observed exploiting a recently disclosed security flaw in PHP to deliver remote access trojans, cryptocurrency miners, and distributed denialofservice DDoS botnets. The vulnerability in question is CVE20244577 CVSS score 9.8, which allows an attacker to remotely execute malicious commands on Windows systems using Chinese and Japanese language locales. It.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ GitLab Patches Critical Flaw Allowing Unauthorized Pipeline Jobs ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
GitLab has shipped another round of updates to close out security flaws in its software development platform, including a critical bug that allows an attacker to run pipeline jobs as an arbitrary user. Tracked as CVE20246385, the vulnerability carries a CVSS score of 9.6 out of a maximum of 10.0. "An issue was discovered in GitLab CEEE affecting versions 15.8 prior to 16.11.6, 17.0 prior to.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Understanding IoT security risks and how to mitigate them | Cybersecurity podcast π
π Read more.
π Via "ESET - WeLiveSecurity"
----------
ποΈ Seen on @cibsecurity
As security challenges loom large on the IoT landscape, how can we effectively counter the risks of integrating our physical and digital worlds?.π Read more.
π Via "ESET - WeLiveSecurity"
----------
ποΈ Seen on @cibsecurity
Welivesecurity
Understanding IoT security risks and how to mitigate them | Cybersecurity podcast
As security challenges loom large on the IoT landscape, how can we effectively counter the risks of integrating our physical and digital worlds?
π Huione Guarantee Marketplace Exposed as Front for Cybercrime π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Researchers at Elliptic claim multibillion dollar Huione Guarantee platform is enabler of scams and money laundering.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Huione Guarantee Marketplace Exposed as Front for Cybercrime
Researchers at Elliptic claim multibillion dollar Huione Guarantee platform is enabler of scams and money laundering
π¦Ώ Train for Entry-Level or Advanced IT Positions for Just $50 π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Train at your own pace for valuable IT certifications to start or further your IT career with courses for absolute novices to advanced cybersecurity modules.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Train for Entry-Level or Advanced IT Positions for Just $50
Train at your own pace for valuable IT certifications to start or further your IT career with courses for absolute novices to advanced cybersecurity modules.