π’ CISA issues alert over two high-severity DrayTek vulnerabilities β hereβs what you need to know π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Users of DrayTek's network equipment management software have been urged to remain vigilant.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
CISA issues alert over two high-severity DrayTek vulnerabilities β hereβs what you need to know
Users of DrayTek's network equipment management software have been urged to remain vigilant
β€1π1
π΅οΈββοΈ Feds Warn on Russian Actors Targeting Critical Infrastructure π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
In the past, Putin's Unit 29155 has utilized malware like WhisperGate to target organizations, particularly those in Ukraine.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Feds Warn on Russia Targeting Critical Infrastructure
In the past, Putin's Unit 29155 has utilized malware like WhisperGate to target organizations, particularly those in Ukraine.
π1
π΅οΈββοΈ CISA Flags ICS Bugs in Baxter, Mitsubishi Products π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The vulnerabilities affect industrial control tech used across the healthcare and critical manufacturing sectors.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
CISA Flags ICS Bugs in Baxter, Mitsubishi Products
The vulnerabilities affect industrial control tech used across the healthcare and critical manufacturing sectors.
π΅οΈββοΈ Commercial Spyware Use Roars Back Despite Sanctions π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Vendors of mercenary spyware tools used by nationstates to track citizens and enemies have gotten savvy about evading efforts to limit their use.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Commercial Spyware Use Roars Back Despite Sanctions
Vendors of mercenary spyware tools used by nation-states to track citizens and enemies have gotten savvy about evading efforts to limit their use.
π΅οΈββοΈ Cybersecurity Talent Shortage Prompts White House Action π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The Biden administration launches an initiative to encourage careers in cybersecurity, as businesses try new tactics to get unfilled IT security roles staffed.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Cybersecurity Talent Shortage Prompts White House Action
The Biden administration launches an initiative to encourage careers in cybersecurity, as businesses try new tactics to get unfilled IT security roles staffed.
π¦Ώ Tenable: 26,500 Cyber Vulnerabilities Risk SE Asiaβs Banks π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
The internetfacing assets were found to be susceptible to potential exploitation in a sample of 90 banking and financial services organisations.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Tenable: 26,500 Cyber Vulnerabilities Risk SE Asiaβs Banks
Tenable's research reveals 26,500 cyber vulnerabilities in Southeast Asia's banking and insurance sectors, exposing critical security risks.
ποΈ SonicWall Urges Users to Patch Critical Firewall Flaw Amid Possible Exploitation ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
SonicWall has revealed that a recently patched critical security flaw impacting SonicOS may have come under active exploitation, making it essential that users apply the patches as soon as possible. The vulnerability, tracked as CVE202440766, carries a CVSS score of 9.3 out of a maximum of 10. "An improper access control vulnerability has been identified in the SonicWall SonicOS management.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ GeoServer Vulnerability Targeted by Hackers to Deliver Backdoors and Botnet Malware ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A recently disclosed security flaw in OSGeo GeoServer GeoTools has been exploited as part of multiple campaigns to deliver cryptocurrency miners, botnet malware such as Condi and JenX, and a known backdoor called SideWalk. The security vulnerability is a critical remote code execution bug CVE202436401, CVSS score 9.8 that could allow malicious actors to take over susceptible instances. In.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ GitHub Actions Vulnerable to Typosquatting, Exposing Developers to Hidden Malicious Code ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Threat actors have long leveraged typosquatting as a means to trick unsuspecting users into visiting malicious websites or downloading boobytrapped software and packages. These attacks typically involve registering domains or packages with names slightly altered from their legitimate counterparts e.g., goog1e.com vs. google.com. Adversaries targeting opensource repositories across.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ North Korean Threat Actors Deploy COVERTCATCH Malware via LinkedIn Job Scams ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Threat actors affiliated with North Korea have been observed leveraging LinkedIn as a way to target developers as part of a fake job recruiting operation. These attacks employ coding tests as a common initial infection vector, Googleowned Mandiant said in a new report about threats faced by the Web3 sector. "After an initial chat conversation, the attacker sent a ZIP file that contained.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ FBI Cracks Down on Dark Web Marketplace Managed by Russian and Kazakh Nationals ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Two men have been indicted in the U.S. for their alleged involvement in managing a dark web marketplace called WWH Club that specializes in the sale of sensitive personal and financial information. Alex Khodyrev, a 35yearold Kazakhstan national, and Pavel Kublitskii, a 37yearold Russian national, have been charged with conspiracy to commit access device fraud and conspiracy to commit wire.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π3π€1
π’ Progress Software discloses maximum severity LoadMaster flaw β hereβs what you need to know π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
The RCE flaw primarily affects Progress Softwares LoadMaster and LoadMaster MultiTenant hypervisor software.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
Progress Software discloses maximum severity LoadMaster flaw β hereβs what you need to know
The RCE flaw primarily affects Progress Softwareβs LoadMaster and LoadMaster Multi-Tenant hypervisor software
π₯°1
π΅οΈββοΈ 'TIDrone' Cyberattackers Target Taiwan's Drone Manufacturers π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The Chinesespeaking group is launching sophisticated malware towards military and satellite targets globally.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
'TIDrone' Cyberattackers Target Taiwan's Drone Manufacturers
The Chinese-speaking group is launching sophisticated malware towards military and satellite targets globally.
π¦Ώ Is Appleβs iCloud Keychain Safe to Use in 2024? π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Learn about the benefits and downsides of Apple's iCloud Keychain and discover some alternative options.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Is Appleβs iCloud Keychain Safe to Use in 2024?
iCloud Keychain is Apple's proprietary password management solution for Apple devices. Learn how secure it is and how it works in this detailed review.
π¦Ώ 10 Things You Should Do to Securely Dispose of Computers π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Even in the best of times, computers are rotated out of use and we have to figure out how we should dispose of them. TechRepublic Premium offers the following list of tips for secure equipment disposal. Featured text from the download 4 Be methodical Keep a checklist for the decommissioning process to make sure you ...π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
10 Things You Should Do to Securely Dispose of Computers | TechRepublic
Even in the best of times, computers are rotated out of use and we have to figure out how we should dispose of them. TechRepublic Premium offers the
ποΈ Wing Security SaaS Pulse: Continuous Security & Actionable Insights β For Free ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Designed to be more than a onetime assessment Wing Securitys SaaS Pulse provides organizations with actionable insights and continuous oversight into their SaaS security postureand its free! Introducing SaaS Pulse Free Continuous SaaS Risk Management Just like waiting for a medical issue to become critical before seeing a doctor, organizations cant afford to overlook the constantly.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Progress Software Issues Patch for Vulnerability in LoadMaster and MT Hypervisor ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Progress Software has released security updates for a maximumseverity flaw in LoadMaster and MultiTenant MT hypervisor that could result in the execution of arbitrary operating system commands. Tracked as CVE20247591 CVSS score 10.0, the vulnerability has been described as an improper input validation bug that results in OS command injection. "It is possible for unauthenticated, remote.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ New Android SpyAgent Malware Uses OCR to Steal Crypto Wallet Recovery Keys ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Android device users in South Korea have emerged as a target of a new mobile malware campaign that delivers a new type of threat dubbed SpyAgent. The malware "targets mnemonic keys by scanning for images on your device that might contain them," McAfee Labs researcher SangRyol Ryu said in an analysis, adding the targeting footprint has broadened in scope to include the U.K. The campaign makes use.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ TIDRONE Espionage Group Targets Taiwan Drone Makers in Cyber Campaign ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A previously undocumented threat actor with likely ties to Chinesespeaking groups has predominantly singled out drone manufacturers in Taiwan as part of a cyber attack campaign that commenced in 2024. Trend Micro is tracking the adversary under the moniker TIDRONE, stating the activity is espionagedriven given the focus on militaryrelated industry chains. The exact initial access vector used.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ U.S. Offers $10 Million for Info on Russian Cadet Blizzard Hackers Behind Major Attacks ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The U.S. government and a coalition of international partners have officially attributed a Russian hacking group tracked as Cadet Blizzard to the General Staff Main Intelligence Directorate GRU 161st Specialist Training Center Unit 29155. "These cyber actors are responsible for computer network operations against global targets for the purposes of espionage, sabotage, and reputational harm.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Car Giant Avis Reveals Breach Impacted 300,000 Customers π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Rental hire company Avis has notified 300,000 customers of a data breach.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Car Giant Avis Reveals Breach Impacted 300,000 Customers
Rental hire company Avis has notified 300,000 customers of a data breach