π South Korean Spies Exploit WPS Office Zero-Day π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
ESET uncovers a South Korean cyberespionage campaign featuring a zeroday exploit for WPS Office.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
South Korean Spies Exploit WPS Office Zero-Day
ESET uncovers a South Korean cyber-espionage campaign featuring a zero-day exploit for WPS Office
π How to Prevent Account Takeover: Real-life Scenarios and Mitigation Steps π
π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
Ignoring security in the name of progress is a risky gamble. Even tiny oversight, like failing to verify passwords during email changes can result in an account takeover. You read that right this seemingly minor issue can be a major troublemaker. In this article, our expert security team will discuss simple yet effective steps to The post How to Prevent Account Takeover Reallife Scenarios and Mitigation Steps appeared first on UnderDefense.π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
UnderDefense
How to Prevent Account Takeover: Hands-on Tips and Real-life Scenarios from Purple Team
Discover practical strategies to prevent account takeover with real-life scenarios from the Purple Team. Learn how to secure your accounts and avoid attack escalation.
π¦
CVE-2024-39717 Exposes Critical Vulnerability in Versa Director π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Key Takeaways This CVE202439717 vulnerability impacts Versa Director, a key platform for managing Versa SDWAN solutions used by ISPs and MSPs. CVE202439717 involves an unrestricted file upload flaw that allows authenticated users to upload malicious files disguised as .png images. Exploitation of this flaw can lead to unauthorized access and potential system compromise, posing a serious risk to affected organizations. Cybles scan reveals 31 internetexposed instances of Versa Director, with 16 in the U.S., indicating significant potential for exploitation. An APT actor has exploited the vulnerability due to a failure to implement recommended firewall and hardening measures. Users are advised to upgrade to Versa Director version 22.1.4 or later and follow additional sec...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
Critical CVE-2024-39717 Vulnerability In Versa Director
CISA alerts on CVE-2024-39717 in Versa Director. Urgent updates, MFA, and stronger network security are advised to prevent serious exploitation risks.
π¦
Scammers Use ScreenConnect to Defraud SSA Beneficiaries π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Key Takeaways Cyble Research and Intelligence Labs CRIL has uncovered a phishing site designed to mimic Zoom, which facilitates the download of ScreenConnect software. Scammers are leveraging Zoom's trusted reputation to trick victims into downloading ScreenConnect. By impersonating a widely recognized platform, the phishing site increases the likelihood that victims will believe the download is legitimate, lowering their guard. This ScreenConnect software allows attackers to establish a remote connection to the victims computer, giving them full access to the system. The IP address associated with the ScreenConnect software is also linked to other malicious activities. Notably, it hosts a domain involved in scamming Social Security Administration SSA account holders, indicat...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
π΅οΈββοΈ Attackers Exploit Critical Atlassian Confluence Flaw for Cryptojacking π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Novel attack vectors leverage the CVE202322527 RCE flaw discovered in January, which is still under active attack, to turn targeted cloud environments into cryptomining networks.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Attackers Exploit Critical Atlassian Confluence Flaw for Cryptojacking
Novel attack vectors leverage the CVE-2023-22527 RCE flaw discovered in January, which is still under active attack, to turn targeted cloud environments into cryptomining networks.
π΅οΈββοΈ BlackByte Targets ESXi Bug With Ransomware to Access Virtual Assets π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The pivot is one of several changes the groups using the malware have used in recent attacks.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
BlackByte Targets ESXi Bug With Ransomware to Access Virtual Assets
The pivot is one of several changes the groups using the malware have used in recent attacks.
π΅οΈββοΈ CCTV Zero-Day Exposes Critical Infrastructure to Mirai Botnet π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
CISA warned about the RCE zeroday vulnerability in AVTECH IP cameras in early August, and now vulnerable systems are being used to spread malware.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
CCTV Zero-Day Exposes Critical Infrastructure to Mirai Botnet Campaign
CISA warned about the RCE zero-day vulnerability in AVTECH IP cameras in early August, and now vulnerable systems are being used to spread malware.
π Ransomware Attacks Exposed 6.7 Million Records in US Schools π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Ransomware attacks on US schools and colleges have surged, with 491 incidents since 2018, affecting over 8000 institutions.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Ransomware Attacks Exposed 6.7 Million Records in US Schools
Ransomware attacks on US schools and colleges have surged, with 491 incidents since 2018, affecting over 8000 institutions
π¦
Kursk Offensive Unveiled: Ukraineβs Strategic Planning and Cyber-Kinetic Convergence π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Executive Summary The geopolitical situation surrounding Ukraine in 2024 showcases a complicated interaction of changing international alliances and the difficulties the Ukrainian government faces in sustaining this support as global priorities shift. While Ukraine continues to receive significant international support, the landscape in 2024 indicates a potential decline in the international community's patience and commitment. The combination of reduced U.S. aid, significant gaps in European allocations, and the distraction of global conflicts poses serious challenges for Ukraine. However, on August 6, 2024, after its longtime defensive posture since the beginning of the conflict in February 2022, Ukraine threw caution to the wind by launching a significant mechanized leanon, s...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
Ukraine's Kursk Offensive: Strategy & Cyber-Kinetic Fusion
Explore Ukraine's Kursk Offensive, blending strategic military maneuvers with cyber tactics, reshaping the conflict's dynamics since 2023.
π’ Microsoft issues warning over potent malware strain developed by Iranian threat actor π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
The Iranian statebacked hacking group has continued its usual password spraying and social engineering techniques to gain a foothold in target environments.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
Microsoft issues warning over potent malware strain developed by Iranian threat actor
The Iranian state-backed hacking group has continued its usual password spraying and social engineering techniques to gain a foothold in target environments
π’ Cybersecurity spending is going to surge in 2025 β and AI threats are a key factor π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Enterprises globally have already ramped up cybersecurity spending to contend with potent new threats and theres more to come in the year ahead.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
Cybersecurity spending is going to surge in 2025 β and AI threats are a key factor
Enterprises globally have already ramped up cybersecurity spending to contend with potent new threats β and thereβs more to come in the year ahead
π΅οΈββοΈ South Korean APT Exploits 1-Click WPS Office Bug, Nabs Chinese Intel π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The most popular office software suite in China actually has two critical vulnerabilities, which allowed hackers the opportunity for remote code execution. Time to patch.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
South Korean APT Exploits 1-Click WPS Office Bug, Nabs Chinese Intel
The most popular office software suite in China actually has two critical vulnerabilities, which allowed hackers the opportunity for remote code execution. Time to patch.
π¦Ώ Donβt Leave Your Digital Security to Chance: Get Norton 360 π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Norton 360 Standard offers awardwinning protection for your digital life malware defense, cloud backup, and a VPN for just 17.99 for a 15month plan.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Donβt Leave Your Digital Security to Chance: Get Norton 360
Norton 360 Standard offers award-winning protection for your digital life β malware defense, cloud backup, and a VPN β for just $17.99 for a 15-month plan.
π1
βοΈ When Get-Out-The-Vote Efforts Look Like Phishing βοΈ
π Read more.
π Via "Krebs on Security"
----------
ποΈ Seen on @cibsecurity
Multiple media reports this week warned Americans to be on guard against a new phishing scam that arrives in a text message informing recipients they are not yet registered to vote. A bit of digging reveals the missives were sent by a California political consulting firm as part of a wellmeaning but potentially counterproductive getoutthevote effort that had all the hallmarks of a phishing campaign.π Read more.
π Via "Krebs on Security"
----------
ποΈ Seen on @cibsecurity
Krebs on Security
When Get-Out-The-Vote Efforts Look Like Phishing
Multiple media reports this week warned Americans to be on guard against a new phishing scam that arrives in a text message informing recipients they are not yet registered to vote. A bit of digging reveals the missives were sentβ¦
ποΈ French Authorities Charge Telegram CEO with Facilitating Criminal Activities on Platform ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
French prosecutors on Wednesday formally charged CEO Pavel Durov with facilitating a litany of criminal activity on the popular messaging platform and placed him under formal investigation following his arrest Saturday. Russianborn Durov, who is also a French citizen, has been charged with being complicit in the spread of child sexual abuse material CSAM as well as enabling organized crime,.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π1
π IT Engineer Charged For Attempting to Extort Former Employer π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
A virtual machine specialist was arrested after a foiled data extortion plot targeting his former employer.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
IT Engineer Charged For Attempting to Extort Former Employer
A virtual machine specialist was arrested after a foiled data extortion plot targeting his former employer
π¦Ώ NordVPN vs Proton VPN (2024): Which VPN Should You Choose? π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
While Proton VPNs strong focus on privacy is enticing, NordVPNs fastperforming and allaround VPN service is the better overall package between the two.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
NordVPN vs Proton VPN (2024): Which VPN Should You Choose?
While Proton VPNβs strong focus on privacy is enticing, NordVPNβs fast-performing and all-aroundVPN service is the better overall package between the two.
π Iranian Hackers Secretly Aid Ransomware Attacks on US π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
CISA and the FBI warned that Iranian APT group, Fox Kitten, has helped ransomware groups to attack US organizations since 2017.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Iranian Hackers Secretly Aid Ransomware Attacks on US
CISA and the FBI warned that Iranian APT group, Fox Kitten, has helped ransomware groups to attack US organizations since 2017
ποΈ U.S. Agencies Warn of Iranian Hacking Group's Ongoing Ransomware Attacks ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
U.S. cybersecurity and intelligence agencies have called out an Iranian hacking group for breaching multiple organizations across the country and coordinating with affiliates to deliver ransomware. The activity has been linked to a threat actor dubbed Pioneer Kitten, which is also known as Fox Kitten, Lemon Sandstorm formerly Rubidium, Parisite, and UNC757, which it described as connected to.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ How AitM Phishing Attacks Bypass MFA and EDRβand How to Fight Back ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Attackers are increasingly using new phishing toolkits opensource, commercial, and criminal to execute adversaryinthemiddle AitM attacks. AitM enables attackers to not just harvest credentials but steal live sessions, allowing them to bypass traditional phishing prevention controls such as MFA, EDR, and email content filtering. In this article, were going to look at what AitM phishing.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Unpatched AVTECH IP Camera Flaw Exploited by Hackers for Botnet Attacks ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A yearsold highseverity flaw impacting AVTECH IP cameras has been weaponized by malicious actors as a zeroday to rope them into a botnet. CVE20247029 CVSS score 8.7, the vulnerability in question, is a "command injection vulnerability found in the brightness function of AVTECH closedcircuit television CCTV cameras that allows for remote code execution RCE," Akamai researchers Kyle.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity