π΅οΈββοΈ The Perils of Ignoring Cybersecurity Basics π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The massive outage involving a faulty Falcon update is an excellent illustration of what happens when organizations neglect security fundamentals.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
The Perils of Ignoring Cybersecurity Basics
The massive outage involving a faulty Falcon update is an excellent illustration of what happens when organizations neglect security fundamentals.
π΅οΈββοΈ Your IT Systems Are Being Attacked. Are You Prepared? π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Company leadership needs to ensure technology teams are managing continuous monitoring, automated testing, and alignment with business needs across their enterprise.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
Your IT Systems Are Being Attacked. Are You Prepared?
Company leadership needs to ensure technology teams are managing continuous monitoring, automated testing, and alignment with business needs across their enterprise.
π΅οΈββοΈ American Water Suffers Network Disruptions After Cyberattack π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The largest publicly traded water utility in the US was forced to disconnect some of its online systems, and its website and telecommunications system remained unavailable as of Tuesday morning, Oct. 8.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
American Water Suffers Network Disruptions After Cyberattack
The largest publicly traded water utility in the US was forced to disconnect some of its online systems, and its website and telecommunications system remained unavailable as of Tuesday morning, Oct. 8.
π NIELD (Network Interface Events Logging Daemon) 0.6.2 π
π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
Network Interface Events Logging Daemon is a tool that receives notifications from the kernel through the netlink socket and generates logs related to link state, neighbor cache ARP,NDP, IP address IPv4,IPv6, route, FIB rules, and traffic control.π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
packetstorm.news
Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories, and Whitepapers
βοΈ Patch Tuesday, October 2024 Edition βοΈ
π Read more.
π Via "Krebs on Security"
----------
ποΈ Seen on @cibsecurity
Microsoft today released security updates to fix at least 117 security holes in Windows computers and other software, including two vulnerabilities that are already seeing active attacks. Also, Adobe plugged 52 security holes across a range of products, and Apple has addressed a bug in its new macOS 15 "Sequoia" update that broke many cybersecurity tools.π Read more.
π Via "Krebs on Security"
----------
ποΈ Seen on @cibsecurity
Krebs on Security
Patch Tuesday, October 2024 Edition
Microsoft today released security updates to fix at least 117 security holes in Windows computers and other software, including two vulnerabilities that are already seeing active attacks. Also, Adobe plugged 52 security holes across a range of products, andβ¦
ποΈ Zero-Day Alert: Three Critical Ivanti CSA Vulnerabilities Actively Exploited ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Ivanti has warned that three new security vulnerabilities impacting its Cloud Service Appliance CSA have come under active exploitation in the wild. The zeroday flaws are being weaponized in conjunction with another flaw in CSA that the company patched last month, the Utahbased software services provider said. Successful exploitation of these vulnerabilities could allow an authenticated.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Gamers Tricked Into Downloading Lua-Based Malware via Fake Cheating Script Engines ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Users searching for game cheats are being tricked into downloading a Luabased malware that is capable of establishing persistence on infected systems and delivering additional payloads. "These attacks capitalize on the popularity of Lua gaming engine supplements within the student gamer community," Morphisec researcher Shmuel Uzan said in a new report published today, adding "this malware.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π American Water Hit by Cyber-Attack, Billing Systems Disrupted π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
American Water, the largest water utility in the US, discovered a cyberattack impacting internal systems on October 3.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
American Water Hit by Cyber-Attack, Billing Systems Disrupted
American Water, the largest water utility in the US, discovered a cyber-attack impacting internal systems on October 3
π Cloud Security Risks Surge as 38% of Firms Face Exposures π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Tenables latest report reveals 38 of organizations face risks from a toxic cloud triad of security gaps.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Cloud Security Risks Surge as 38% of Firms Face Exposures
Tenableβs latest report reveals 38% of organizations face risks from a βtoxic cloud triadβ of security gaps
π¦
Apple Issues Urgent Security Advisory for iOS and iPadOS Vulnerabilities π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Overview Apple has released a new security advisory highlighting the issues affecting Apples iOS and iPadOS platforms. As detailed in the advisory, two vulnerabilities have been identified, both of which affect Apple iOS and iPadOS up to version 18.0. The vendor is Apple, and patches are available for these vulnerabilities. The first vulnerability, CVE202444204, relates to information disclosure and has been assigned a CVSSv3.1 score of 5.5, indicating a medium severity level. This vulnerability allows saved passwords to be read aloud by the VoiceOver feature, posing a significant privacy risk for users on affected iOS and iPadOS versions. A patch is available for this vulnerability. The second vulnerability, CVE202444207, also relates to information disclosure, with a CVSSv3...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
Apple Urgently Warns Of IOS And IPadOS Security Flaws
Adobe and Apple release critical updates for FrameMaker, iOS, and iPadOS, addressing vulnerabilities that pose privacy risks. Update now!
π¦
MisterioLNK: The Open-Source Builder Behind Malicious Loaders π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble Research and Intelligence Labs CRIL has uncovered a new, previously undetected loader builder known as "MisterioLNK." This discovery follows our earlier analysis of Quantum Software, another LNK filebased builder that has been gaining traction in the cyber landscape. MisterioLNK, available on GitHub, presents a significant challenge to security defenses, as files generated by this tool currently exhibit minimal or zero detection rates by conventional security systems. As described on GitHub, MisterioLNK is an opensource loader builder that leverages Windows script engines to execute malicious payloads while employing obfuscation as well. It is crafted to operate discreetly, downloading files into temporary directories before launching them, thereby enhancing its evasive capabi...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
MisterioLNK: Open-Source Builder For Malicious Loaders
Explore CRIL's findings on MisterioLNK, an open-source loader builder creating evasive malicious files like LNK and BAT. Stay informed!
ποΈ Microsoft Detects Growing Use of File Hosting Services in Business Email Compromise Attacks ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Microsoft is warning of cyber attack campaigns that abuse legitimate file hosting services such as SharePoint, OneDrive, and Dropbox that are widely used in enterprise environments as a defense evasion tactic. The end goal of the campaigns are broad and varied, allowing threat actors to compromise identities and devices and conduct business email compromise BEC attacks, which ultimately result.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
β€1
ποΈ Microsoft Issues Security Update Fixing 118 Flaws, Two Actively Exploited in the Wild ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Microsoft has released security updates to fix a total of 118 vulnerabilities across its software portfolio, two of which have come under active exploitation in the wild. Of the 118 flaws, three are rated Critical, 113 are rated Important, and two are rated Moderate in severity. The Patch Tuesday update doesn't include the 25 additional flaws that the tech giant addressed in its Chromiumbased.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Microsoft Fixes Five Zero-Days in October Patch Tuesday π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Octobers Patch Tuesday saw Microsoft patch over 100 CVEs including five zeroday vulnerabilities.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Microsoft Fixes Five Zero-Days in October Patch Tuesday
Octoberβs Patch Tuesday saw Microsoft patch over 100 CVEs including five zero-day vulnerabilities
π¦Ώ How to Safeguard Enterprises from Exploitation of AI Applications π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Artificial intelligence may be about to transform the world. But there are security risks that need to be understood and several areas that can be exploited. Find out what these are and how to protect the enterprise in this TechRepublic Premium feature by Drew Robb. Featured text from the download LLM SECURITY WEAKNESSES Research by ...π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
How to Safeguard Enterprises from Exploitation of AI Applications | TechRepublic
Artificial intelligence may be about to transform the world. But there are security risks that need to be understood and several areas that can be
π Australia Introduces First Standalone Cybersecurity Law π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The Australian governments Cyber Security Bill 2024 will mandate cybersecurity standards for smart devices and introduce ransomware reporting requirements.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Australia Introduces First Standalone Cybersecurity Law
The Australian governmentβs Cyber Security Bill 2024 will mandate cybersecurity standards for smart devices and introduce ransomware reporting requirements
π New EU Body to Centralize Complaints Against Facebook, TikTok, YouTube π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The Appeals Centre Europe is supported by Metas Oversight Board Trust and certified by Ireland's media regulator.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
New EU Body to Centralize Complaints Against Facebook, TikTok, YouTube
The Appeals Centre Europe is supported by Metaβs Oversight Board Trust and certified by Ireland's media regulator
π Ivanti: Three CSA Zero-Days Are Being Exploited in Attacks π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Ivantis Cloud Services Appliance is being targeted by threat actors exploiting three zeroday bugs.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Ivanti: Three CSA Zero-Days Are Being Exploited in Attacks
Ivantiβs Cloud Services Appliance is being targeted by threat actors exploiting three zero-day bugs
π¦
Security Updates for Adobe FrameMaker: Addressing Critical Vulnerabilities π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Overview Adobe has released new updates across several of its products, including Adobe FrameMaker, Adobe Substance 3D Printer, Adobe Commerce and Magento Open Source, Adobe Dimension, Adobe Animate, Adobe Lightroom, Adobe InCopy, Adobe InDesign, and Adobe Substance 3D Stager. The primary reason for these updates is the swarm of vulnerabilities across Adobe products, as covered by the Cybersecurity and Infrastructure Security Agency CISA, as these updates address critical vulnerabilities that could allow malicious actors to execute arbitrary codes on affected systems. Although Adobe has stated that it is not aware of any exploits in the wild targeting these vulnerabilities, the potential risks necessitate immediate action from users to secure their installations. The vulnerabili...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
Security Updates For Adobe FrameMaker: Addressing Critical Vulnerabilities - Cyble
Adobe has released critical security updates for FrameMaker and other products to address vulnerabilities that could allow arbitrary code execution.
π’ Amazon Aurora deep dive π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Deploy servers with a secure approach.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
Amazon Aurora deep dive
Deploy servers with a secure approach
π1
π’ Fortify your future: How HPE ProLiant Servers deliver top-tier cyber security, management, and performance π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Deploy servers with a secure approach.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
Fortify your future: How HPE ProLiant Servers deliver top-tier cyber security, management, and performance
Deploy servers with a secure approach