ποΈ GitHub, Telegram Bots, and QR Codes Abused in New Wave of Phishing Attacks ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A new taxthemed malware campaign targeting insurance and finance sectors has been observed leveraging GitHub links in phishing email messages as a way to bypass security measures and deliver Remcos RAT, indicating that the method is gaining traction among threat actors. "In this campaign, legitimate repositories such as the opensource tax filing software, UsTaxes, HMRC, and InlandRevenue were.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ How Hybrid Password Attacks Work and How to Defend Against Them ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Threat actors constantly change tactics to bypass cybersecurity measures, developing innovative methods to steal user credentials. Hybrid password attacks merge multiple cracking techniques to amplify their effectiveness. These combined approaches exploit the strengths of various methods, accelerating the passwordcracking process. In this post, well explore hybrid attacks what they are.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ CISA Warns of Threat Actors Exploiting F5 BIG-IP Cookies for Network Reconnaissance ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The U.S. Cybersecurity and Infrastructure Security Agency CISA is warning that it has observed threat actors leveraging unencrypted persistent cookies managed by the F5 BIGIP Local Traffic Manager LTM module to conduct reconnaissance of target networks. It said the module is being used to enumerate other noninternetfacing devices on the network. The agency, however, did not disclose who.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Telekopye transitions to targeting tourists via hotel booking scam π
π Read more.
π Via "ESET - WeLiveSecurity"
----------
ποΈ Seen on @cibsecurity
ESET Research shares new findings about Telekopye, a scam toolkit used to defraud people on online marketplaces, and newly on accommodation booking platforms.π Read more.
π Via "ESET - WeLiveSecurity"
----------
ποΈ Seen on @cibsecurity
Welivesecurity
Telekopye transitions to targeting tourists via hotel booking scam
ESET Research shares new findings about Telekopye, a scam toolkit used to defraud people on online marketplaces, and newly on accommodation booking platforms.
π NHS England Warns of Critical Veeam Vulnerability Under Active Exploitation π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
NHS England has issued an alert regarding a critical Veeam Backup Replication vulnerability that is being actively exploited, potentially leading to remote code execution.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
NHS England Warns of Critical Veeam Vulnerability Under Active Exploitation
NHS England has issued an alert regarding a critical Veeam Backup & Replication vulnerability that is being actively exploited, potentially leading to remote code execution
π US Border Agency Under Fire for App's Handling of Personal Data π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Access Now announced that the US Customs and Border Protection agency released records on its app following the NGOs lawsuit.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
US Border Agency Under Fire for App's Handling of Personal Data
Access Now announced that the US Customs and Border Protection agency released records on its app following the NGOβs lawsuit
π Sonatype Reports 156% Increase in OSS Malicious Packages π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
A new Sonatype report reveals a 156 surge in open source malware, with over 704,102 malicious packages identified since 2019, as OSS adoption continues to skyrocket.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Sonatype Reports 156% Increase in OSS Malicious Packages
A new Sonatype report reveals a 156% surge in open source malware, with over 704,102 malicious packages identified since 2019, as OSS adoption continues to skyrocket
π Russia's SVR Targets Zimbra, TeamCity Servers for Cyber Espionage π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Russianbacked APT29 has been spying on US and European organizations since at least 2021, a USUK joint advisory said.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Russia's SVR Targets Zimbra, TeamCity Servers for Cyber Espionage
Russian-backed APT29 has been spying on US and European organizations since at least 2021, a US-UK joint advisory said
π΅οΈββοΈ SOC Teams: Threat Detection Tools Are Stifling Us π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Threat detection tools yield too many false positives, security pros say, leading to burnout and resentment.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
SOC Teams: Threat Detection Tools Are Stifling Us
Threat detection tools yield too many false positives, security pros say, leading to burnout and resentment.
π΅οΈββοΈ AI Hype Drives Demand For ML SecOps Skills π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Companies are putting "AI" in just about all of their products, which opens up new security holes. LLM SecOps and ML SecOps are becoming musthave skills.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
AI Hype Drives Demand For ML SecOps Skills
Companies are putting "AI" in just about all of their products, which opens up new security holes. LLM SecOps and ML SecOps are becoming must-have skills.
π¦
Data Breach and DDoS Attacks Take Archive.org and Open Library Offline π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Key Takeaways The massive 57petabyte Internet Archive has been hit by a data breach, website defacement, exfiltration and DDoS attacks in recent days. The breach and DDoS attacks so far appear unconnected. A copy of a user authentication database containing the email addresses and credentials of 31 million users has been provided to Have I Been Pwned. The attackers have faced criticism for attacking a nonprofit whose goal is to preserve knowledge. Questions have been raised about Archives handling of JavaScript, which appears central to the breach. As of now, Archive.org and Open Library are offline, and recovery efforts are expected to take days, not weeks. Overview The Internet Archive has taken its Archive.org and OpenLibrary.org sites offline in response to a dat...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
Data Breach, DDoS Attacks Take Internet Archive Offline
Internet Archive digital collections appear safe after the attacks, which raised website security questions even as the attackers faced criticism.
ποΈ FBI Creates Fake Cryptocurrency to Expose Widespread Crypto Market Manipulation ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The U.S. Department of Justice DoJ has announced arrests and charges against several individuals and entities in connection with allegedly manipulating digital asset markets as part of a widespread fraud operation. The law enforcement action codenamed Operation Token Mirrors is the result of the U.S. Federal Bureau of Investigation FBI taking the "unprecedented step" of creating its own.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π1
π GoldenJackal jumps the air gap β¦ twice β Week in security with Tony Anscombe π
π Read more.
π Via "ESET - WeLiveSecurity"
----------
ποΈ Seen on @cibsecurity
ESET research dives deep into a series of attacks that leveraged bespoke toolsets to compromise airgapped systems belonging to governmental and diplomatic entities.π Read more.
π Via "ESET - WeLiveSecurity"
----------
ποΈ Seen on @cibsecurity
Welivesecurity
GoldenJackal jumps the air gap β¦ twice β Week in security with Tony Anscombe
ESET research dives deep into a series of attacks that leveraged bespoke toolsets to compromise air-gapped systems belonging to governmental and diplomatic entities
ποΈ OilRig Exploits Windows Kernel Flaw in Espionage Campaign Targeting UAE and Gulf ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The Iranian threat actor known as OilRig has been observed exploiting a nowpatched privilege escalation flaw impacting the Windows Kernel as part of a cyber espionage campaign targeting the U.A.E. and the broader Gulf region. "The group utilizes sophisticated tactics that include deploying a backdoor that leverages Microsoft Exchange servers for credentials theft, and exploiting vulnerabilities.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π¦
Cyble Sensors Detect Attacks on SAML, D-Link, Python Framework π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Key Takeaways Cyble honeypot sensors detected several new cyberattacks in recent days, targeting vulnerabilities in the Ruby SAML library, DLink NAS devices, the aiohttp clientserver framework, a WordPress plugin, and more. Cybles Vulnerability Intelligence unit also discovered new phishing campaigns and bruteforce attacks. Clients are urged to address the vulnerabilities identified in the report and apply best practices. Overview The Cyble Vulnerability Intelligence unit identified several new cyberattacks during the week of Oct. 28. Among the targets are the Ruby SAML library, several DLink NAS devices, the aiohttp clientserver framework used for asyncio and Python, and a popular WordPress plugin used by restaurants and other businesses. Cyble sensors also uncove...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
Cyble Sensors Detect SAML, D-Link, Python Attacks
Cybleβs Vulnerability Intelligence unit has detected cyberattacks on the Ruby SAML library, D-Link NAS devices, the aiohttp framework, and more.
π Skills Shortages Now a Top-Two Security Risk for SMBs π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Sophos claims that a lack of cybersecurity talent is considered a major risk by SMBs.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Skills Shortages Now a Top-Two Security Risk for SMBs
Sophos claims that a lack of cybersecurity talent is considered a major risk by SMBs
ποΈ Critical Veeam Vulnerability Exploited to Spread Akira and Fog Ransomware ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Threat actors are actively attempting to exploit a nowpatched security flaw in Veeam Backup Replication to deploy Akira and Fog ransomware. Cybersecurity vendor Sophos said it has been tracking a series of attacks in the past month leveraging compromised VPN credentials and CVE202440711 to create a local account and deploy the ransomware. CVE202440711, rated 9.8 out of 10.0 on the.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Nation-State Attackers Exploiting Ivanti CSA Flaws for Network Infiltration ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A suspected nationstate adversary has been observed weaponizing three security flaws in Ivanti Cloud Service Appliance CSA a zeroday to perform a series of malicious actions. That's according to findings from Fortinet FortiGuard Labs, which said the vulnerabilities were abused to gain unauthenticated access to the CSA, enumerate users configured in the appliance, and attempt to access the.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ 5 Steps to Boost Detection and Response in a Multi-Layered Cloud ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The link between detection and response DR practices and cloud security has historically been weak. As global organizations increasingly adopt cloud environments, security strategies have largely focused on "shiftleft" practicessecuring code, ensuring proper cloud posture, and fixing misconfigurations. However, this approach has led to an overreliance on a multitude of DR tools spanning.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Supply Chain Attacks Can Exploit Entry Points in Python, npm, and Open-Source Ecosystems ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have found that entry points could be abused across multiple programming ecosystems like PyPI, npm, Ruby Gems, NuGet, Dart Pub, and Rust Crates to stage software supply chain attacks. "Attackers can leverage these entry points to execute malicious code when specific commands are run, posing a widespread risk in the opensource landscape," Checkmarx researchers Yehuda.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ THN Cybersecurity Recap: Top Threats, Tools and Trends (Oct 7 - Oct 13) ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Hey there, it's your weekly dose of "what the heck is going on in cybersecurity land" and trust me, you NEED to be in the loop this time. We've got everything from zeroday exploits and AI gone rogue to the FBI playing crypto kingpin it's full of stuff they don't want you to know. So let's jump in before we get FOMO. Threat of the Week GoldenJackal Hacks AirGapped Systems Meet.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
β€1