ποΈ CISA Urges Federal Agencies to Patch Versa Director Vulnerability by September ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The U.S. Cybersecurity and Infrastructure Security Agency CISA has placed a security flaw impacting Versa Director to its Known Exploited Vulnerabilities KEV catalog based on evidence of active exploitation. The mediumseverity vulnerability, tracked as CVE202439717 CVSS score 6.6, is case of file upload bug impacting the "Change Favicon" feature that could allow a threat actor to.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Meta Exposes Iranian Hacker Group Targeting Global Political Figures on WhatsApp ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Meta Platforms on Friday became the latest company after Microsoft, Google, and OpenAI to expose the activities of an Iranian statesponsored threat actor, who it said used a set of WhatsApp accounts that attempted to target individuals in Israel, Palestine, Iran, the U.K., and the U.S. The activity cluster, which originated from Iran, "appeared to have focused on political and diplomatic.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Telegram Founder Pavel Durov Arrested in France for Content Moderation Failures ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Pavel Durov, founder and chief executive of the popular messaging app Telegram, was arrested in France on Saturday, according to French television network TF1. Durov is believed to have been apprehended pursuant to a warrant issued in connection with a preliminary police investigation. TF1 said the probe was focused on a lack of content moderation on the instant messaging service, which the.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ New Linux Malware 'sedexp' Hides Credit Card Skimmers Using Udev Rules ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have uncovered a new stealthy piece of Linux malware that leverages an unconventional technique to achieve persistence on infected systems and hide credit card skimmer code. The malware, attributed to a financially motivated threat actor, has been codenamed sedexp by Aon's Stroz Friedberg incident response services team. "This advanced threat, active since 2022, hides.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π3
π΅οΈββοΈ India's Critical Infrastructure Suffers Spike in Cyberattacks π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The financial and government sectors have come under increasing attacks in India, with the Reserve Bank of India RBI warning banks to double down on cybersecurity.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
India's Critical Infrastructure Suffers Spike in Cyberattacks
The financial and government sectors have come under increasing attacks in India, with the Reserve Bank of India (RBI) warning banks to double down on cybersecurity.
ποΈ Critical Flaws in Traccar GPS System Expose Users to Remote Attacks ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Two security vulnerabilities have been disclosed in the opensource Traccar GPS tracking system that could be potentially exploited by unauthenticated attackers to achieve remote code execution under certain circumstances. Both the vulnerabilities are path traversal flaws and could be weaponized if guest registration is enabled, which is the default configuration for Traccar 5, Horizon3.ai.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ New Android Malware NGate Steals NFC Data to Clone Contactless Payment Cards ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have uncovered new Android malware that can relay victims' contactless payment data from physical credit and debit cards to an attackercontrolled device with the goal of conducting fraudulent operations. The Slovak cybersecurity company is tracking the novel malware as NGate, stating it observed the crimeware campaign targeting three banks in Czechia. The malware "has.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Chinese Velvet Ant Uses Cisco Zero-Day to Deploy Custom Malware π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The Chinese cyber espionage group was observed jailbreaking a Cisco switch appliance using a zeroday exploit.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Chinese Velvet Ant Uses Cisco Zero-Day to Deploy Custom Malware
The Chinese cyber espionage group was observed jailbreaking a Cisco switch appliance using a zero-day exploit
π1π₯1π€1
π΅οΈββοΈ Aggressively Monitoring for Changes Is a Key Aspect of Cybersecurity π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Employees and management must fully support change detection and file integrity monitoring, allowing a proactive approach with definitive security controls to be implemented against threat actors.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Aggressively Monitoring for Changes Is a Key Aspect of Cybersecurity
Employees and management must fully support change detection and file integrity monitoring, allowing a proactive approach with definitive security controls to be implemented against threat actors.
π¦Ώ CyberGhost vs NordVPN (2024): Which VPN Should You Choose? π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
While CyberGhost VPNs optimized servers bring a lot of value, NordVPNs more consistent speed performance and extensive feature inclusions give it the slight edge.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
CyberGhost vs NordVPN (2024): Which VPN Should You Choose?
While CyberGhost VPNβs optimized servers bring a lot of value, NordVPNβs more consistent speed performance and extensive feature inclusions give it the slight edge.
β€1
π Faraday 5.6.0 π
π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
Faraday is a tool that introduces a new concept called IPE, or Integrated PenetrationTest Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to reuse the available tools in the community to take advantage of them in a multiuser way.π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
packetstorm.news
Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories, and Whitepapers
π1
ποΈ Unpacking Slack Hacks: 6 Ways to Protect Sensitive Data with Secure Collaboration ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Nowadays, sensitive and critical data is traveling in everyday business channels that offer only the basic level of security and encryption, and companies are often oblivious to the risk. A case in point Disney suffered a devastating data leak by a hacktivist group known as NullBulge that got hold of over 1.2 terabytes of data from Disney's internal Slack messaging channels. The breach exposed.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Researchers Identify Over 20 Supply Chain Vulnerabilities in MLOps Platforms ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers are warning about the security risks in the machine learning ML software supply chain following the discovery of more than 20 vulnerabilities that could be exploited to target MLOps platforms. These vulnerabilities, which are described as inherent and implementationbased flaws, could have severe consequences, ranging from arbitrary code execution to loading.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Newly Discovered Group Offers CAPTCHA-Solving Services to Cybercriminals π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Greasy Opal is a Czech Republicbased hacking group selling products that can be used for deploying cyberattacks.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Newly Discovered Group Offers CAPTCHA-Solving Services to Cybercriminals
Greasy Opal is a Czech Republic-based hacking group selling products that can be used for deploying cyber-attacks
π€1
π NSA Releases Guide to Combat Living Off the Land Attacks π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The National Security Agency has published a guide to help organizations defend against APT attacks that leverage living off the land techniques.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
NSA Releases Guide to Combat Living Off the Land Attacks
The National Security Agency has published a guide to help organizations defend against APT attacks that leverage living off the land techniques
π¦
The SAML Exploit That Could Take Down GitHub: What You Need to Know About CVE-2024-6800 π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Key Takeaways CVE20246800 is a severe security flaw discovered in GitHub Enterprise Server GHES, which could allow unauthorized access and control over sensitive systems by exploiting XML signature wrapping and forged SAML responses. The vulnerability impacts all GHES versions prior to 3.14, excluding versions 3.13.3, 3.12.8, 3.11.14, and 3.10.16, indicating that many installations could be at risk. Exploiting this vulnerability can grant attackers unauthorized access to GHES instances, enabling them to view, modify, or delete critical source code and sensitive data and potentially compromising entire supply chains. GHES instances are often accessible over the internet, which broadens the attack surface and increases the likelihood of exploitation, emphasizing the n...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
SAML Exploit Github: CVE-2024-6800 - Cyble
SingCERT warned of CVE-2024-6800 in GitHub Enterprise Server (GHES), a critical flaw that lets attackers gain unauthorized access and control.
π¦
Weekly IT Vulnerability Report for August 20, 2024: Urgent Fixes Recommended for GitHub, PHP, Windows, and SAP π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Key Takeaways CVE20246800 GitHub Enterprise Server poses the risk of data breaches and supply chain attacks. CVE202438063, a critical Remote Code Execution RCE vulnerability in Windows, may enable cyber attacks on a mass scale, affecting both government and private entities. Overview Cyble Research and Intelligence Labs CRIL researchers investigated 12 vulnerabilities from August 14 to August 20, ranging in severity from medium to critical. CRIL researchers also observed five instances of vulnerabilities and Proof of Concept POC exploits discussed on underground channels and cybercrime forums during that period. Based on Cybles assessments of the relative cyber threats presented by the vulnerabilities and exploits, five vulnerabilities stand out as warranting pri...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
Weekly IT Vulnerability Report - Aug 2024: Urgent Fixes For GitHub, PHP, Windows & SAP
Weekly IT Vulnerability Report: This vulnerability report flags urgent fixes for critical flaws in GitHub, PHP, Windows, and SAP, including remote code execution risks.
ποΈ SonicWall Issues Critical Patch for Firewall Vulnerability Allowing Unauthorized Access ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
SonicWall has released security updates to address a critical flaw impacting its firewalls that, if successfully exploited, could grant malicious actors unauthorized access to the devices. The vulnerability, tracked as CVE202440766 CVSS score 9.3, has been described as an improper access control bug. "An improper access control vulnerability has been identified in the SonicWall SonicOS.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Dutch Regulator Fines Uber β¬290 Million for GDPR Violations in Data Transfers to U.S. ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The Dutch Data Protection Authority DPA has fined Uber a record 290 million 324 million for allegedly failing to comply with European Union E.U. data protection standards when sending sensitive driver data to the U.S. "The Dutch DPA found that Uber transferred personal data of European taxi drivers to the United States U.S. and failed to appropriately safeguard the data with regard to.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π΅οΈββοΈ Seattle-Tacoma Airport Suffers System Outages Due to Possible Cyberattack π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
As the entire Port of Seattle struggles to become fully operational once more, the airport recommends that those who are traveling take extra precautions.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Seattle-Tacoma Airport Suffers Outages Due to Possible Cyberattack
As the entire Port of Seattle struggles to become fully operational once more, the airport recommends that those who are traveling take extra precautions.
π΅οΈββοΈ Hackers Use Rare Stealth Techniques to Down Asian Military, Gov't Orgs π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
A threat actor resembling APT41 performed "AppDomainManager Injection," which is like DLL sideloading, but arguably easier and stealthier.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Hackers Use Rare Stealth Techniques to Down Asian Military, Gov't Orgs
A threat actor resembling APT41 performed "AppDomainManager Injection," which is like DLL sideloading, but arguably easier and stealthier.