π GoldenJackal jumps the air gap β¦ twice β Week in security with Tony Anscombe π
π Read more.
π Via "ESET - WeLiveSecurity"
----------
ποΈ Seen on @cibsecurity
ESET research dives deep into a series of attacks that leveraged bespoke toolsets to compromise airgapped systems belonging to governmental and diplomatic entities.π Read more.
π Via "ESET - WeLiveSecurity"
----------
ποΈ Seen on @cibsecurity
Welivesecurity
GoldenJackal jumps the air gap β¦ twice β Week in security with Tony Anscombe
ESET research dives deep into a series of attacks that leveraged bespoke toolsets to compromise air-gapped systems belonging to governmental and diplomatic entities
ποΈ OilRig Exploits Windows Kernel Flaw in Espionage Campaign Targeting UAE and Gulf ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The Iranian threat actor known as OilRig has been observed exploiting a nowpatched privilege escalation flaw impacting the Windows Kernel as part of a cyber espionage campaign targeting the U.A.E. and the broader Gulf region. "The group utilizes sophisticated tactics that include deploying a backdoor that leverages Microsoft Exchange servers for credentials theft, and exploiting vulnerabilities.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π¦
Cyble Sensors Detect Attacks on SAML, D-Link, Python Framework π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Key Takeaways Cyble honeypot sensors detected several new cyberattacks in recent days, targeting vulnerabilities in the Ruby SAML library, DLink NAS devices, the aiohttp clientserver framework, a WordPress plugin, and more. Cybles Vulnerability Intelligence unit also discovered new phishing campaigns and bruteforce attacks. Clients are urged to address the vulnerabilities identified in the report and apply best practices. Overview The Cyble Vulnerability Intelligence unit identified several new cyberattacks during the week of Oct. 28. Among the targets are the Ruby SAML library, several DLink NAS devices, the aiohttp clientserver framework used for asyncio and Python, and a popular WordPress plugin used by restaurants and other businesses. Cyble sensors also uncove...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
Cyble Sensors Detect SAML, D-Link, Python Attacks
Cybleβs Vulnerability Intelligence unit has detected cyberattacks on the Ruby SAML library, D-Link NAS devices, the aiohttp framework, and more.
π Skills Shortages Now a Top-Two Security Risk for SMBs π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Sophos claims that a lack of cybersecurity talent is considered a major risk by SMBs.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Skills Shortages Now a Top-Two Security Risk for SMBs
Sophos claims that a lack of cybersecurity talent is considered a major risk by SMBs
ποΈ Critical Veeam Vulnerability Exploited to Spread Akira and Fog Ransomware ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Threat actors are actively attempting to exploit a nowpatched security flaw in Veeam Backup Replication to deploy Akira and Fog ransomware. Cybersecurity vendor Sophos said it has been tracking a series of attacks in the past month leveraging compromised VPN credentials and CVE202440711 to create a local account and deploy the ransomware. CVE202440711, rated 9.8 out of 10.0 on the.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Nation-State Attackers Exploiting Ivanti CSA Flaws for Network Infiltration ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A suspected nationstate adversary has been observed weaponizing three security flaws in Ivanti Cloud Service Appliance CSA a zeroday to perform a series of malicious actions. That's according to findings from Fortinet FortiGuard Labs, which said the vulnerabilities were abused to gain unauthenticated access to the CSA, enumerate users configured in the appliance, and attempt to access the.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ 5 Steps to Boost Detection and Response in a Multi-Layered Cloud ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The link between detection and response DR practices and cloud security has historically been weak. As global organizations increasingly adopt cloud environments, security strategies have largely focused on "shiftleft" practicessecuring code, ensuring proper cloud posture, and fixing misconfigurations. However, this approach has led to an overreliance on a multitude of DR tools spanning.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Supply Chain Attacks Can Exploit Entry Points in Python, npm, and Open-Source Ecosystems ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have found that entry points could be abused across multiple programming ecosystems like PyPI, npm, Ruby Gems, NuGet, Dart Pub, and Rust Crates to stage software supply chain attacks. "Attackers can leverage these entry points to execute malicious code when specific commands are run, posing a widespread risk in the opensource landscape," Checkmarx researchers Yehuda.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ THN Cybersecurity Recap: Top Threats, Tools and Trends (Oct 7 - Oct 13) ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Hey there, it's your weekly dose of "what the heck is going on in cybersecurity land" and trust me, you NEED to be in the loop this time. We've got everything from zeroday exploits and AI gone rogue to the FBI playing crypto kingpin it's full of stuff they don't want you to know. So let's jump in before we get FOMO. Threat of the Week GoldenJackal Hacks AirGapped Systems Meet.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
β€1
π US DoD Tightens Cybersecurity Standards for Defense Contractors π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The US DoD has finalized the Cybersecurity Maturity Model Certification CMMC Program, which defense contractors must pass to bid for government contracts.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
US DoD Tightens Cybersecurity Standards for Defense Contractors
The US DoD has finalized the Cybersecurity Maturity Model Certification (CMMC) Program, which defense contractors must pass to bid for government contracts
π PokΓ©mon Developer Game Freak Suffers Data Breach π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Personal data of over 2600 employees has been exposed and insider information about the Switch 2 and future Pokmon games leaked.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
PokΓ©mon Developer Game Freak Suffers Data Breach
Personal data of over 2600 employees has been exposed and insider information about the Switch 2 and future PokΓ©mon games leaked
π Casio Confirms Ransomware Outage and Data Breach π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Japanese electronics firm Casio has reported a ransomware attack and data breach.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Casio Confirms Ransomware Outage and Data Breach
Japanese electronics firm Casio has reported a ransomware attack and data breach
π¦
Hidden in Plain Sight: ErrorFatherβs Deadly Deployment of Cerberus π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Key Takeaways Cyble Research and Intelligence Labs CRIL identified a campaign called ErrorFather that utilized an undetected Cerberus Android Banking Trojan payload. ErrorFather employs a sophisticated infection chain involving multiple stages sessionbased droppers, native libraries, and encrypted payloads, complicating detection and removal efforts. The campaign ramped up in activity in September and October 2024, with more samples and ongoing campaigns suggesting active targeting and scaling by the Threat Actors TAs behind the ErrorFather campaign. The final payload employs keylogging, overlay attacks, VNC, and Domain Generation Algorithm DGA to perform malicious activities. ErrorFather's incorporation of a Domain Generation Algorithm DGA ensures resilience by enabling ...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
ErrorFather's Cerberus: Amplifying Cyber Threats
Discover how the ErrorFather campaign deploys the undetected Cerberus Android Banking Trojan to target users. Learn about its sophisticated infection chain, malicious capabilities, and the ongoing cyber threats posed by repurposed malware
π’ Phishing tactics: The top attacks trends in 2024 π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Phishing is evolving beyond email as advances such as AI drive targeted attacks leaders must keep up with the latest tactics to mount an effective defense.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
Phishing tactics: The top attacks trends in 2024
Phishing is evolving beyond email as advances such as AI drive targeted attacks β leaders must keep up with the latest tactics to mount an effective defense
π΅οΈββοΈ Why Your Identity Is the Key to Modernizing Cybersecurity π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Ultimately, the goal of creating a trusted environment around all digital assets and devices is about modernizing the way you do business.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Why Your Identity Is the Key to Modernizing Cybersecurity
Ultimately, the goal of creating a trusted environment around all digital assets and devices is about modernizing the way you do business.
π΅οΈββοΈ PokΓ©mon Gaming Company Employee Info Leaked in Hack π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The gaming company reports that the server has been rebuilt after the leak, but has not confirmed if its insider video game data was leaked.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Employee Info Leaked in PokΓ©mon Gaming Company Hack
The gaming company reports that the server has been rebuilt after the leak, but has not confirmed if its insider video game data was leaked.
π΅οΈββοΈ Microsoft: Schools Grapple With Thousands of Cyberattacks Weekly π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Education, including K12 schools and universities, has become the third most targeted sector due to the high variety of sensitive data it stores in its databases.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Microsoft: K-12, Universities Face Thousands of Attacks
Education, including K-12 schools and universities, has become the third most targeted sector due to the high variety of sensitive data it stores in its databases.
π΅οΈββοΈ ConfusedPilot Attack Can Manipulate RAG-Based AI Systems π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Attackers can introduce a malicious document in systems such as Microsoft 365 Copilot to confuse the system, potentially leading to widespread misinformation and compromised decisionmaking processes.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
ConfusedPilot Attack Can Manipulate RAG-Based AI Systems
Attackers can introduce a malicious document in systems such as Microsoft 365 Copilot to confuse the system, potentially leading to widespread misinformation and compromised decision-making processes.
π΅οΈββοΈ Fighting Crime With Technology: Safety First π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
By combining human and nonhuman identity management in one solution, Flock Safety is helping law enforcement solve an impressive number of criminal cases every day.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Fighting Crime with Technology: Safety First
By combining human and nonhuman identity management in one solution, Flock Safety is helping law enforcement solve an impressive number of criminal cases every day.
π¦Ώ Surfshark VPN Review (2024): Is it a Safe and Trustworthy VPN? π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
With a healthy mix of features, performance, and value, Surfshark VPN makes a strong case for those looking for a highquality VPN at an affordable price.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Surfshark VPN Review (2024): Is it a Safe and Trustworthy VPN?
With a healthy mix of features, performance, and value, Surfshark VPN makes a strong case for those looking for a high-quality VPN at an affordable price.
π Telekopye Scammers Target Booking.com and Airbnb Users π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Online scammers are targeting Booking.com and Airbnb users with Telekopye, a Telegrambased toolkit.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Telekopye Scammers Target Booking.com and Airbnb Users
Online scammers are targeting Booking.com and Airbnb users with Telekopye, a Telegram-based toolkit