π Faraday 5.6.1 π
π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
Faraday is a tool that introduces a new concept called IPE, or Integrated PenetrationTest Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to reuse the available tools in the community to take advantage of them in a multiuser way.π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
packetstorm.news
Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories, and Whitepapers
π§ How to embrace Secure by Design principles while adopting AI π§
π Read more.
π Via "Security Intelligence"
----------
ποΈ Seen on @cibsecurity
The rapid rise of generative artificial intelligence gen AI technologies has ushered in a transformative era for industries worldwide. Over the past 18 months, enterprises have increasingly integrated gen AI into their operations, leveraging its potential to innovate and streamline processes. From automating customer service to enhancing product development, the applications of gen AI are The post How to embrace Secure by Design principles while adopting AI appeared first on Security Intelligence.π Read more.
π Via "Security Intelligence"
----------
ποΈ Seen on @cibsecurity
Security Intelligence
How to embrace Secure by Design principles while adopting AI
As the accelerated adoption of gen AI brings significant risks, Secure by Design principles can help enterprises navigate this new technology securely.
ποΈ Vietnamese Human Rights Group Targeted in Multi-Year Cyberattack by APT32 ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A nonprofit supporting Vietnamese human rights has been the target of a multiyear campaign designed to deliver a variety of malware on compromised hosts. Cybersecurity company Huntress attributed the activity to a threat cluster known as APT32, a Vietnamesealigned hacking crew that's also known as APTC00, Canvas Cyclone formerly Bismuth, Cobalt Kitty, and OceanLotus. The intrusion is.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Russian Hackers Exploit Safari and Chrome Flaws in High-Profile Cyberattack ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have flagged multiple inthewild exploit campaigns that leveraged nowpatched flaws in Apple Safari and Google Chrome browsers to infect mobile users with informationstealing malware. "These campaigns delivered nday exploits for which patches were available, but would still be effective against unpatched devices," Google Threat Analysis Group TAG researcher Clement.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Stealing cash using NFC relay β Week in Security with Tony Anscombe π
π Read more.
π Via "ESET - WeLiveSecurity"
----------
ποΈ Seen on @cibsecurity
The discovery of the NGate malware by ESET Research is another example of how sophisticated Android threats have become.π Read more.
π Via "ESET - WeLiveSecurity"
----------
ποΈ Seen on @cibsecurity
Welivesecurity
Stealing cash using NFC relay β Week in Security with Tony Anscombe
The NGate malware discovered by ESET can relay data from victimsβ stored payment cards via a malicious app installed on their Android phones to the attackersβ rooted Android devices.
π North Korean Hackers Launch New Wave of npm Package Attacks π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
North Korean groups exploited npm packages in coordinated attacks, targeting developers and cryptocurrency wallet browser extensions.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
North Korean Hackers Launch New Wave of npm Package Attacks
North Korean groups exploited npm packages in coordinated attacks, targeting developers and cryptocurrency wallet browser extensions
π BlackByte Adopts New Tactics, Targets ESXi Hypervisors π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
BlackByte, linked to the Conti group, exploited VMware ESXi CVE202437085 to control virtual machines.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
BlackByte Adopts New Tactics, Targets ESXi Hypervisors
BlackByte, linked to the Conti group, exploited VMware ESXi CVE-2024-37085 to control virtual machines
π Unpatched CCTV Cameras Exploited to Spread Mirai Variant π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Threat actors are exploiting a vulnerability found in CCTV cameras used in critical infrastructure to spread a Mirai malware variant.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Unpatched CCTV Cameras Exploited to Spread Mirai Variant
Threat actors are exploiting a vulnerability found in CCTV cameras used in critical infrastructure to spread a Mirai malware variant
π¦
Top ICS Vulnerabilities This Week: Addressing Flaws Within Rockwell Automation, Avtec, and MOBOTIX Products π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cybles latest report reveals critical ICS vulnerabilities, including CVE202334873 in MOBOTIX cameras, highlighting urgent security concerns for August 2024. Key Takeaways Cyble highlights five significant vulnerabilities affecting industrial control systems ICS, as disclosed by the Cybersecurity and Infrastructure Security Agency CISA. Among the critical issues identified, CVE202334873, affecting MOBOTIX cameras, stands out due to its high CVSS v4 score of 8.7 and its potential for remote code execution.. Major vendors impacted by these vulnerabilities include Rockwell Automation and Avtec. Rockwell Automations Emulate3D and 5015 AENFTXT products, as well as Avtecs Outpost 0810 and Uploader Utility, have been highlighted for their critical flaws. The vulnerabilities have...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
Top ICS Vulnerabilities: Flaws In Rockwell Automation, Avtec & MOBOTIX
Cybleβs latest report reveals critical ICS vulnerabilities, including CVE-2023-34873 in MOBOTIX cameras, highlighting urgent security concerns for August 2024.
π1
π¦
#FreeDurov: Hacktivists Scramble on Telegram Supporting Pavelβs Release π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Executive Summary The arrest of Telegram's founder and CEO, Pavel Durov, on August 24, 2024, due to allegations that his messaging platform has been used for various illicit activities has sparked significant international attention and debate, particularly around issues of freedom of speech and the responsibilities of social media platforms. Conversely, the arrest has also incited the ire of several hacktivist groups in cyberspace because, for many in this community, Durov is more than just a tech entrepreneur he is the mastermind behind two pivotal communication platforms in their lives Vkontakte, Russias answer to Facebook, and the anonymous messaging app Telegram. Vkontakte played a significant role in fostering communication and forming groups within hacktivist collectives....π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
#FreeDurov: Hacktivists Rally For Pavel's Release
Telegram's founder, Pavel Durov, was arrested on August 24, 2024, sparking global debate on free speech, privacy, and social media responsibility.
π΅οΈββοΈ How Telecom Vulnerabilities Can Be a Threat to Cybersecurity Posture π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Telecombased attacks such as SMS toll fraud and 2FA hijacking have evolved into a mainstream concern for CISOs.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
How Telecom Vulnerabilities Can Be a Threat to Cybersecurity Posture
Telecom-based attacks such as SMS toll fraud and 2FA hijacking have evolved into a mainstream concern for CISOs.
π΅οΈββοΈ Dragos Expands Asset Visibility in Latest Platform Update π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The latest release of the Dragos Platform provide industrial and critical infrastructure organizations with complete and enriched view of their OT environment.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Dragos Expands Asset Visibility in Latest Platform Update
The latest release of the Dragos Platform provide industrial and critical infrastructure organizations with complete and enriched view of their OT environment.
π¦Ώ Volt Typhoon Hackers Exploit Zero-Day Vulnerability in Versa Director Servers Used by MSPs, ISPs π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
There are approximately 163 devices worldwide that are still exposed to attack via the CVE202439717 vulnerability.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Volt Typhoon Hackers Exploit Zero-Day Vulnerability in Versa Director Servers Used by MSPs, ISPs
The Volt Typhoon hacking group has been caught exploiting a zero-day vulnerability in Versa Director servers..
π1
π΅οΈββοΈ Brazilian Ad Fraud Network 'Camu' Hits 2B+ Daily Bid Requests π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The global Internet helps just about everything to scale more easily, including piracy and ad fraud.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Brazilian Ad Fraud Network 'Camu' Hits 2B+ Daily Bid Requests
The global Internet helps just about everything to scale more easily, including piracy and ad fraud.
π΅οΈββοΈ Top Travel Sites Have Some First-Class Security Issues to Clean Up π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Publicfacing vulnerabilities, cloud sprawl, access to backend servers are just a few of the challenges travel and hospitality companies must address.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Top Travel Sites Have Some First-Class Security Issues to Clean Up
Public-facing vulnerabilities, cloud sprawl, access to back-end servers are just a few of the challenges travel and hospitality companies must address.
π΅οΈββοΈ Exploited: CISA Highlights Apache OFBiz Flaw After PoC Emerges π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The vulnerability carries nearly the highest score possible on the CVSS scale, at 9.8, impacting a system used by major companies around the world.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Exploited: CISA Highlights Apache OFBiz Flaw After PoC Emerges
The vulnerability carries nearly the highest score possible on the CVSS scale, at 9.8, impacting a system used by major companies around the world.
π¦Ώ Threat Actors Exploit Microsoft Sway to Host QR Code Phishing Campaigns π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Threat actors are abusing Microsoft Sway to host QR Code phishing campaigns.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Threat Actors Exploit Microsoft Sway to Host QR Code Phishing Campaigns
Threat actors are abusing Microsoft Sway to host QR Code phishing campaigns.
π΅οΈββοΈ Cyber Insurance: A Few Security Technologies, a Big Difference in Premiums π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Ransomware attacks and emailbased fraud account for 80 to 90 of all claims processed by cyber insurers, but a handful of cybersecurity technologies can help prevent big damages.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Cyber Insurance: A Few Security Technologies, a Big Difference in Premiums
Ransomware attacks and email-based fraud account for 80% to 90% of all claims processed by cyber insurers, but a handful of cybersecurity technologies can help prevent big damages.
π΅οΈββοΈ Iran's 'Fox Kitten' Group Aids Ransomware Attacks on US Targets π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
In a joint advisory, CISA and the FBI described the activity as a likely attempt by the group to monetize access to networks it already has compromised.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
Iran's 'Fox Kitten' Group Aids Ransomware Attacks on US Targets
In a joint advisory, CISA and the FBI described the activity as a likely attempt by the group to monetize access to networks it already has compromised.
π’ Everything you need to know about RansomHub, the new force in the digital extortion industry π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
A host of security agencies have issued a warning over RansomHub in recent months, but what's behind the group's rise to prominence?.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
Everything you need to know about RansomHub, the new force in the digital extortion industry
A host of security agencies have issued a warning over RansomHub in recent months, but what's behind the group's rise to prominence?
π’ UK law firms are facing a torrent of cyber threats β hereβs why π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Cyber criminals are targeting the sensitive customer data UK law firms hold for ransomware attacks or blackmail.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
UK law firms are facing a torrent of cyber threats β hereβs why
Cyber criminals are targeting the sensitive customer data UK law firms hold for ransomware attacks or blackmail