π UK Launches New Competition to Spur Cybersecurity Careers π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The UK governments Cyber Team Competition offer applicants the chance to receive advanced training, mentorship and networking opportunities.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
UK Launches New Competition to Spur Cybersecurity Careers
The UK governmentβs Cyber Team Competition offer applicants the chance to receive advanced training, mentorship and networking opportunities
π¦
OEMs Are Urged to Address Vulnerabilities in Device Communication π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Overview Qualcomm has shared its October 2024 Security Bulletin, highlighting multiple vulnerabilities. Google's Threat Analysis Group has also denoted the exploitation of a critical vulnerability, CVE202443047, in targeted attacks. The vulnerability revolves around the FASTRPC driver, which plays an important role in device communication processes. Exploitation of this vulnerability can lead to severe security breaches, potentially allowing unauthorized access to sensitive data. Considering this, original equipment manufacturers OEMs have received patches designed to rectify this flaw, and they are strongly encouraged to implement these updates without delay. Users concerned about the implications of this vulnerability should contact their device manufacturers for specific patc...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
OEMs Urged To Fix Device Communication Vulnerabilities
Qualcomm's October 2024 Security Bulletin warns of critical vulnerabilities, including CVE-2024-43047, urging OEMs to apply patches urgently.
βοΈ Lamborghini Carjackers Lured by $243M Cyberheist βοΈ
π Read more.
π Via "Krebs on Security"
----------
ποΈ Seen on @cibsecurity
The parents of a 19yearold Connecticut honors student accused of taking part in a 243 million cryptocurrency heist in August were carjacked a week later, while out househunting in a brand new Lamborghini. Prosecutors say the couple was beaten and briefly kidnapped by six young men who traveled from Florida as part of a botched plan to hold the parents for ransom.π Read more.
π Via "Krebs on Security"
----------
ποΈ Seen on @cibsecurity
Krebs on Security
Lamborghini Carjackers Lured by $243M Cyberheist
The parents of a 19-year-old Connecticut honors student accused of taking part in a $243 million cryptocurrency heist in August were carjacked a week later, while out house-hunting in a brand new Lamborghini. Prosecutors say the couple was beaten andβ¦
ποΈ Google Joins Forces with GASA and DNS RF to Tackle Online Scams at Scale ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Google on Wednesday announced a new partnership with the Global AntiScam Alliance GASA and DNS Research Federation DNS RF to combat online scams. The initiative, which has been codenamed the Global Signal Exchange GSE, is designed to create realtime insights into scams, fraud, and other forms of cybercrime pooling together threat signals from different data sources in order to create.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π΅οΈββοΈ Hackers Hide Remcos RAT in GitHub Repository Comments π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The tack highlights bad actors' interest in trusted development and collaboration platforms and their users.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Hackers Hide Remcos RAT in GitHub Repository Comments
The tack highlights bad actors' interest in trusted development and collaboration platforms β and their users.
π΅οΈββοΈ Australia Intros Its First National Cyber Legislation π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The bill is broken up into several pieces, including ransomware reporting and securing smart devices, among other objectives.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Australia Intros Its First National Cyber Legislation
The bill is broken up into several pieces, including ransomware reporting and securing smart devices, among other objectives.
π΅οΈββοΈ Mamba 2FA Cybercrime Kit Targets Microsoft 365 Users π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
A stealthy new underground offering uses sophisticated adversaryinthemiddle AitM techniques to convincingly serve up "Microsoft" login pages of various kinds, with dynamic enterprise branding.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Mamba 2FA Cybercrime Kit Strikes Microsoft Users
A stealthy new underground offering uses sophisticated adversary-in-the-middle (AitM) techniques to convincingly serve up "Microsoft" login pages of various kinds, with dynamic enterprise branding.
π΅οΈββοΈ 3 More Ivanti Cloud Vulns Exploited in the Wild π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The security bugs were found susceptible to exploitation in connection to the previously disclosed, critical CVE20248963 vulnerability in the security vendor's Cloud Services Appliance CSA.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
3 More Ivanti Cloud Vulns Exploited in the Wild
The security bugs were found susceptible to exploitation in connection to the previously disclosed, critical CVE-2024-8963 vulnerability in the security vendor's Cloud Services Appliance (CSA).
π΅οΈββοΈ Cloud, AI Talent Gaps Plague Cybersecurity Teams π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Cyber pros are scrambling to stay uptodate as the businesses they work for quickly roll out AI tools and keep expanding their cloud initiatives.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Cloud, AI Talent Gaps Plague Cybersecurity Teams
Cyber pros are scrambling to stay up-to-date as the businesses they work for quickly roll out AI tools and keep expanding their cloud initiatives.
π¦Ώ Bitwarden vs 1Password (2024): Which One Should You Choose? π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Bitwarden and 1Password are two of the top password managers. Find out which password manager is the best for you using this comprehensive comparison.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Bitwarden vs 1Password: Battle of the Best β Who Wins?
While Bitwardenβs generous free version is a big advantage, I feel 1Passwordβs refined user experience makes it the better pick for most users and businesses.
π΅οΈββοΈ AI-Powered Cybercrime Cartels on the Rise in Asia π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
All across the AsiaPacific region, large and diverse marketplaces for AI cybercrime tools have developed, with deepfakes proving most popular.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
AI-Powered Cybercrime Cartels on the Rise in Asia
All across the Asia-Pacific region, large and diverse marketplaces for AI cybercrime tools have developed, with deepfakes proving most popular.
π’ Modern payment systems: An effective way to reduce your attack surface π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Embracing modern payment methods can eliminate many of the vulnerabilities associated with the last 20 years of online payments.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
Modern payment systems: An effective way to reduce your attack surface
Embracing modern payment methods can eliminate many of the vulnerabilities associated with the last 20 years of online payments
ποΈ Cybercriminals Use Unicode to Hide Mongolian Skimmer in E-Commerce Platforms ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have shed light on a new digital skimmer campaign that leverages Unicode obfuscation techniques to conceal a skimmer dubbed Mongolian Skimmer. "At first glance, the thing that stood out was the script's obfuscation, which seemed a bit bizarre because of all the accented characters," Jscrambler researchers said in an analysis. "The heavy use of Unicode characters, many.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ CISA Warns of Critical Fortinet Flaw as Palo Alto and Cisco Issue Urgent Security Patches ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Wednesday added a critical security flaw impacting Fortinet products to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE202423113 CVSS score 9.8, relates to cases of remote code execution that affects FortiOS, FortiPAM, FortiProxy, and FortiWeb. "A.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Firefox Zero-Day Under Attack: Update Your Browser Immediately ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Mozilla has revealed that a critical security flaw impacting Firefox and Firefox Extended Support Release ESR has come under active exploitation in the wild. The vulnerability, tracked as CVE20249680, has been described as a useafterfree bug in the Animation timeline component. "An attacker was able to achieve code execution in the content process by exploiting a useafterfree in.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Former RAC Employees Get Suspended Sentence for Data Theft π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Two former RAC employees have been handed suspended prison sentences for trading in personal data.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Former RAC Employees Get Suspended Sentence for Data Theft
Two former RAC employees have been handed suspended prison sentences for trading in personal data
π Over 240 Million US Breach Victims Recorded in Q3 π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Supply chain victim numbers surge as more than 240 million US residents are impacted by data breaches in Q3 2024.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Over 240 Million US Breach Victims Recorded in Q3
Supply chain victim numbers surge as more than 240 million US residents are impacted by data breaches in Q3 2024
π¦
CISA Issues Urgent Advisory on Critical Vulnerabilities in Ivanti Products π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Overview The Cybersecurity and Infrastructure Security Agency CISA has issued a critical advisory report on vulnerabilities disclosed in multiple Ivanti products. These products include Ivanti Endpoint Manager Mobile EPMM, Ivanti Cloud Service Application CSA, Ivanti Velocity License Server, Ivanti Connect Secure, Policy Secure, and Ivanti Avalanche. The official advisory from Ivanti specifically addresses various vulnerabilities affecting the Ivanti Cloud Service Application CSA. It highlights that a limited number of customers using CSA versions 4.6 patches 518 and earlier have been exploited when certain vulnerabilitiesCVE20249379, CVE20249380, or CVE20249381are chained with CVE20248963. The recent advisory from Ivanti has indicated a range of vulnerabilities across their p...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
Urgent CISA Advisory On Ivanti Product Vulnerabilities
CISA warns of critical vulnerabilities in Ivanti products, urging immediate action to mitigate risks. Update systems to protect against potential exploits.
π1
π΅οΈββοΈ Vulnerability Prioritization & the Magic 8 Ball π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Vulnerability prioritization has evolved over the years. Several frameworks exist to help organizations make the right decisions when it comes to deciding which patches to apply and when. But are these better than a Magic 8 Ball?.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Vulnerability Prioritization & the Magic 8 Ball
Vulnerability prioritization has evolved over the years. Several frameworks exist to help organizations make the right decisions when it comes to deciding which patches to apply and when. But are these better than a Magic 8 Ball?
π΅οΈββοΈ Microsoft: BYOD, QR Codes Lead Rampant Education Attacks π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The average higher education institution is getting hit once a week now, and as one University of Oregon attack shows, the sector often lacks the resources to keep pace.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Microsoft: BYOD, QR Codes Lead Rampant Education Attacks
The average higher education institution is getting hit once a week now, and as one Oregon State University attack shows, the sector often lacks the resources to keep pace.
π¦Ώ Patch Tuesday: Internet Explorer Vulnerabilities Still Pose a Problem π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Patch Tuesday brings patches for hundreds of vulnerabilities. Plus, Apple makes sure Sequoia plays nice with thirdparty security tools.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Patch Tuesday: Internet Explorer Vulnerabilities Still Pose a Problem
Patch Tuesday brings patches for hundreds of vulnerabilities. Plus, Apple makes sure Sequoia plays nice with third-party security tools.
π1