π¦
TA-FudModule Rootkit Targets Crypto, Linked to North Korean Citrine Sleet Group π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Key Takeaways A North Korean threat actor, Citrine Sleet, has been observed exploiting a zeroday vulnerability in Chromium, designated as CVE20247971, to achieve Remote Code Execution RCE. Citrine Sleet, also tracked by other security firms under the names AppleJeus, Labyrinth Chollima, UNC4736, and Hidden Cobra, is attributed to Bureau 121 of North Korea's Reconnaissance General Bureau. The group primarily focuses on financial institutions, especially those involved with cryptocurrency, aiming for financial gain. The group's tactics, techniques, and procedures TTPs have now been linked to the FudModule rootkit, which has also been associated with Diamond Sleet, another North Korean threat actor. Citrine Sleet creates fraudulent websites that mimic legitimate crypto...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
FudModule Rootkit Targets Crypto - Cyble
North Korean threat actor, Citrine Sleet, has been observed exploiting a zero-day vulnerability in Chromium, designated as CVE-2024-7971, to RCE.
β€1
π¦
CISA Warns of Critical ICS Vulnerabilities in Rockwell and Delta Electronics π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Key Takeaways CISA Alert CISA warns of critical ICS vulnerabilities in Rockwell Automation and Delta Electronics products. ThinManager ThinServer Flaws in Rockwell Automations ThinManager ThinServer versions 11.1.0 to 13.2.1 could allow systemlevel code execution. Affected sector Manufacturing. Delta DTN Soft Vulnerability in Deltas DTN Soft version 2.0.1 and prior enables remote code execution. Update to version 2.1. Affected sector Energy. FactoryTalk View SE A flaw in Rockwell Automations FactoryTalk View SE 13.0 allows unauthorized file modifications. Affected sectors Chemical, Energy, and others. Mitigation CISA advises minimizing ICS exposure, securing remote access, updating software, and implementing layered security measures. Overview On August ...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
CISA Warns Of Critical ICS Vulnerabilities In Rockwell And Delta Electronics - Cyble
High and severe vulnerabilities in ICS products from Rockwell Automation and Delta Electronics are the latest examples of the unique security risks posed by ICS devices and networks.
π’ White House outlines plans to finally secure the border gateway protocol π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
The White House announces its plans to shore up the integrity of internet by boosting adoption of security measures to address frailties in the outdated border gateway protocol.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
White House outlines plans to finally secure the border gateway protocol
The plans will shore up safety by boosting adoption of security measures to address frailties in the outdated protocol.
π’ Compliance management for beginners π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Adhere to laws, meet safety standards, and implement security requirements.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
Compliance management for beginners
Adhere to laws, meet safety standards, and implement security requirements
π1
ποΈ The New Effective Way to Prevent Account Takeovers ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Account takeover attacks have emerged as one of the most persistent and damaging threats to cloudbased SaaS environments. Yet despite significant investments in traditional security measures, many organizations continue to struggle with preventing these attacks. A new report, "Why Account Takeover Attacks Still Succeed, and Why the Browser is Your Secret Weapon in Stopping Them" argues that the.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Zyxel Patches Critical OS Command Injection Flaw in Access Points and Routers ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Zyxel has released software updates to address a critical security flaw impacting certain access point AP and security router versions that could result in the execution of unauthorized commands. Tracked as CVE20247261 CVSS score 9.8, the vulnerability has been described as a case of operating system OS command injection. "The improper neutralization of special elements in the.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
πͺ Learning, Sharing, and Exploring with NISTβs New Human-Centered Cybersecurity Community of Interest πͺ
π Read more.
π Via "NIST"
----------
ποΈ Seen on @cibsecurity
Humancentered cybersecurity also known as usable security involves the social, organizational, and technological influences on peoples understanding of and interactions with cybersecurity. By taking a humancentered cybersecurity HCC approach, we can both improve people's cybersecurity experiences and achieve better cybersecurity outcomes, which is so important in todays digitally interconnected world. At NIST, we understand the value of making connections, listening, and interactivity. We also understand that researchers and practitioners want to hear directly from each otherand.π Read more.
π Via "NIST"
----------
ποΈ Seen on @cibsecurity
NIST
Learning, Sharing, and Exploring with NISTβs New Human-Centered Cybersecurity Community of Interest
Human-centered cybersecurity (also known as βusable securityβ) involves the social, organizational, and technological influences on peopleβs understand
π’ Identity management for beginners π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Your infrastructure in one seamless experience.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
Identity management for beginners
Your infrastructure in one seamless experience
β€2
π΅οΈββοΈ CEO's Arrest Will Likely Not Dampen Cybercriminal Interest in Telegram π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
In recent years, the platform has become a goto tool for executing almost all conceivable cybercriminal activity.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
CEO's Arrest Likely Won't Dampen Cybercriminal Interest in Telegram
In recent years, the platform has become a go-to tool for executing almost any conceivable cybercriminal activity.
π Red Teaming Tool Abused for Malware Deployment π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Cisco Talos has assessed that red teaming tool MacroPack is being abused by various threat actors in different geographies to deploy malware.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Red Teaming Tool Abused for Malware Deployment
Cisco Talos has assessed that red teaming tool MacroPack is being abused by various threat actors in different geographies to deploy malware
ποΈ Hackers Hijack 22,000 Removed PyPI Packages, Spreading Malicious Code to Developers ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A new supply chain attack technique targeting the Python Package Index PyPI registry has been exploited in the wild in an attempt to infiltrate downstream organizations. It has been codenamed Revival Hijack by software supply chain security firm JFrog, which said the attack method could be used to hijack 22,000 existing PyPI packages and result in "hundreds of thousands" of malicious package.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π1
π’ Mac management for beginners π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Get the most out of your Apple technology investment.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
Mac management for beginners
Get the most out of your Apple technology investment
π¦
The Intricate Babylon RAT Campaign Targets Malaysian Politicians, Government π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Key takeaways Cyble Research and Intelligence Lab CRIL has identified a highly targeted cyberattack aimed at political figures and government officials, in Malaysia. The attack showcases the advanced tactics employed by Threat Actor TA in targeting highprofile individuals and institutions. The campaign active since July, has employed at least three distinct malicious ISO files specifically designed to compromise Malaysian entities. The malicious ISO files contain multiple components, including a shortcut LNK file, a hidden PowerShell script, a malicious executable, and a decoy PDF file. The campaign delivers Babylon RAT as a final payload. Babylon RAT, an opensource Remote Access Trojan RAT, provides unauthorized access to the victims machine. It allows the TA to...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
Babylon RAT Campaign Targets Malaysian Politicians
"Explore Cyble's insights on the Babylon RAT campaign targeting Malaysian politicians and government officials through malicious ISO files.
π€1
π΅οΈββοΈ How CISOs Can Effectively Communicate Cyber-Risk π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
A proximity resilience graph offers a more accurate representation of risk than heat maps and risk registers, and allows CISOs to tell a complex story in a single visualization.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
How CISOs Can Effectively Communicate Cyber-Risk
A proximity resilience graph offers a more accurate representation of risk than heat maps and risk registers, and allows CISOs to tell a complex story in a single visualization.
ποΈ Google Confirms CVE-2024-32896 Exploited in the Wild, Releases Android Security Patch ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Google has released its monthly security updates for the Android operating system to address a known security flaw that it said has come under active exploitation in the wild. The highseverity vulnerability, tracked as CVE202432896 CVSS score 7.8, relates to a case of privilege escalation in the Android Framework component. According to the description of the bug in the NIST National.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π North Korea Targeting Crypto Industry, Says FBI π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
US law enforcement is tracking aggressive social engineering attacks against cryptocurrency operations.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
North Korea Targeting Crypto Industry, Says FBI
US law enforcement is tracking aggressive social engineering attacks against cryptocurrency operations
π Zeek 6.0.6 π
π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyberinfrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and openscience communities. This is the source code release.π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
packetstorm.news
Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories, and Whitepapers
π OpenSSL Toolkit 3.3.2 π
π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with fullstrength cryptography worldwide.π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
packetstorm.news
Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories, and Whitepapers
π OpenSSL Toolkit 3.2.3 π
π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with fullstrength cryptography worldwide.π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
packetstorm.news
Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories, and Whitepapers
π OpenSSL Toolkit 3.1.7 π
π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with fullstrength cryptography worldwide.π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
packetstorm.news
Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories, and Whitepapers
π OpenSSL Toolkit 3.0.15 π
π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with fullstrength cryptography worldwide.π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
packetstorm.news
Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories, and Whitepapers