π Eight Million Users Install 200+ Malicious Apps from Google Play π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Zscaler has found more than 200 malicious apps on Google Play with over eight million installs.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Eight Million Users Install 200+ Malicious Apps from Google Play
Zscaler has found more than 200 malicious apps on Google Play with over eight million installs
β€1
π Business Development Representative π
π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
The post Business Development Representative appeared first on UnderDefense.π Read more.
π Via "UnderDefense"
----------
ποΈ Seen on @cibsecurity
UnderDefense
Business Development Representative - UnderDefense
π¦
Active Exploitation of SAML Vulnerability CVE-2024-45409 Detected by Cyble Sensors π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Overview On September 10, 2024, a critical vulnerability, CVE202445409, was identified by ahacker1 of SecureSAML. The vulnerability was then patched in the RubySAML library, which is widely used for implementing SAML Security Assertion Markup Language authorization. This flaw affects RubySAML versions up to 1.12.2 and between 1.13.0 and 1.16.0 and stems from an incorrect XPath selector that prevents the proper verification of the SAML Response signature. An unauthenticated attacker with access to a signed SAML document from a legitimate identity provider IdP can exploit this vulnerability by forging a SAML Response or Assertion. This allows the attacker to bypass the authentication mechanism and potentially gain unauthorized access to sensitive data and critical systems. SAML is...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
Active Exploitation Of SAML Vulnerability CVE-2024-45409
Cyble sensors detect active exploitation of the SAML vulnerability CVE-2024-45409. Learn how this critical vulnerability affects your systems and how to mitigate risks.
π¦
Weekly IT Vulnerability Report: Cyble Urges Fixes for Ivanti, Microsoft Dark Web Exploits π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Key Takeaways Cyble researchers have identified highpriority vulnerabilities in products from Ivanti, Microsoft, Qualcomm, Zimbra, and the Common Unix Printing System CUPS. Microsofts Patch Tuesday included five new zeroday vulnerabilities, two of which are being actively exploited and Cyble researchers have observed threat actors discussing the other three zerodays on cybercrime forums. Cyble also detected 14 vulnerability exploits discussed on dark web forums, suggesting that they may soon be under attack, if not already. Overview Cyble Research and Intelligence Labs CRIL investigated 22 vulnerabilities during the week of Oct. 28 and identified six products that security teams should prioritize for patching and mitigation. Additionally, Cyble researchers detected ...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
π΅οΈββοΈ Cyberattackers Unleash Flood of Potentially Disruptive Election-Related Activity π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Organizations should be on high alert until next month's US presidential election to ensure the integrity of the voting process, researchers warn.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Flood of Election-Related Cyber Activity Unleashed
Organizations should be on high alert until next month's US presidential election to ensure the integrity of the voting process, researchers warn.
ποΈ New Malware Campaign Uses PureCrypter Loader to Deliver DarkVision RAT ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have disclosed a new malware campaign that leverages a malware loader named PureCrypter to deliver a commodity remote access trojan RAT called DarkVision RAT. The activity, observed by Zscaler ThreatLabz in July 2024, involves a multistage process to deliver the RAT payload. "DarkVision RAT communicates with its commandandcontrol C2 server using a custom network.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ New Linux Variant of FASTCash Malware Targets Payment Switches in ATM Heists ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
North Korean threat actors have been observed using a Linux variant of a known malware family called FASTCash to steal funds as part of a financiallymotivated campaign. The malware is "installed on payment switches within compromised networks that handle card transactions for the means of facilitating the unauthorized withdrawal of cash from ATMs," a security researcher who goes by HaxRob said.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π New ConfusedPilot Attack Targets AI Systems with Data Poisoning π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Researchers have discovered a new cyberattack method called ConfusedPilot that can manipulate AIgenerated responses by injecting malicious content into documents referenced by AI systems.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
New ConfusedPilot Attack Targets AI Systems with Data Poisoning
Researchers have discovered a new cyber-attack method called ConfusedPilot that can manipulate AI-generated responses by injecting malicious content into documents referenced by AI systems
π Darknet Activity Increases Ahead of 2024 Presidential Vote π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Cyber threats surge ahead of the 2024 election, including phishing, ransomware and Darknet activity.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Darknet Activity Increases Ahead of 2024 Presidential Vote
Cyber threats surge ahead of the 2024 election, including phishing, ransomware and Darknet activity
π1
πͺ Staff Stories Spotlight Series: Cybersecurity Awareness Month 2024 πͺ
π Read more.
π Via "NIST"
----------
ποΈ Seen on @cibsecurity
This blog is part of a larger NIST series during the month of October for Cybersecurity Awareness Month , called 'Staff Stories Spotlight.' Throughout the month of October this year, QA style blogs will be published featuring some of our unique staff members who have interesting backgrounds, stories to tell, and projects in the world of cybersecurity. This years Cybersecurity Awareness Month theme is Secure our World. How does this theme resonate with you, as someone working in cybersecurity? Now more than ever, the use of technology is central to our lives. It is the means by which we are.π Read more.
π Via "NIST"
----------
ποΈ Seen on @cibsecurity
NIST
Staff Stories Spotlight Series: Cybersecurity Awareness Month 2024
This blog is part of a larger NIST series during the month of October for
π¦Ώ Generative AI in Security: Risks and Mitigation Strategies π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Microsofts Siva Sundaramoorthy provides a blueprint for how common cyber precautions apply to generative AI deployed in and around security systems.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Generative AI in Security: Risks and Mitigation Strategies
Microsoftβs Siva Sundaramoorthy provides a blueprint for how common cyber precautions apply to generative AI deployed in security systems.
ποΈ TrickMo Banking Trojan Can Now Capture Android PINs and Unlock Patterns ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
New variants of an Android banking trojan called TrickMo have been found to harbor previously undocumented features to steal a device's unlock pattern or PIN. "This new addition enables the threat actor to operate on the device even while it is locked," Zimperium security researcher Aazim Yaswant said in an analysis published last week. First spotted in the wild in 2019, TrickMo is so named for.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π΅οΈββοΈ North Korea Hackers Get Cash Fast in Linux Cyber Heists π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The thieves modify transaction messages to initiate unauthorized withdrawals, even when there are insufficient funds.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
North Korea Hackers Get Cash Fast in Linux Cyber Heists
The thieves modify transaction messages to initiate unauthorized withdrawals, even when there are insufficient funds.
π΅οΈββοΈ FHE Consortium Pushes for Quantum-Resilient Cryptography Standards π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The FHE Technical Consortium for Hardware FHETCH brings together developers, hardware manufacturers and cloud providers to collaborate on technical standards necessary to develop commercial fully homomorphic encryption solutions and lower adoption barriers.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Consortium Urges Quantum-Resilient Cryptography Standards
The FHE Technical Consortium for Hardware (FHETCH) brings together developers, hardware manufacturers, and cloud providers to collaborate on technical standards necessary to develop commercial fully homomorphic encryption solutions and lower adoption barriers.
π1
ποΈ GitHub Patches Critical Flaw in Enterprise Server Allowing Unauthorized Instance Access ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
GitHub has released security updates for Enterprise Server GHES to address multiple issues, including a critical bug that could allow unauthorized access to an instance. The vulnerability, tracked as CVE20249487, carries a CVS score of 9.5 out of a maximum of 10.0 "An attacker could bypass SAML single signon SSO authentication with the optional encrypted assertions feature, allowing.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ CISA Warns of Active Exploitation in SolarWinds Help Desk Software Vulnerability ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Tuesday added a critical security flaw impacting SolarWinds Web Help Desk WHD software to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. Tracked as CVE202428987 CVSS score 9.1, the vulnerability relates to a case of hardcoded credentials that could be abused to gain.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π’ State-sponsored cyber crime is officially out of control π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
North Korea is the most prolific attacker, but Russia and China account for the most disruptive and tightlytargeted campaigns.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
State-sponsored cyber crime is officially out of control
North Korea is the most prolific attacker, but Russia and China account for the most disruptive and tightly-targeted campaigns
π¦Ώ Price Drop: This Complete Ethical Hacking Bundle is Now $40 π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Get a comprehensive, potentially lucrative ethical hacking education with 18 courses on today's top tools and tech. This bundle is just 39.97 for a limited time.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Price Drop: This Complete Ethical Hacking Bundle is Now $33
Get a comprehensive, potentially lucrative ethical hacking education with 18 courses on today's top tools and tech. This bundle is just $32.97.
ποΈ From Misuse to Abuse: AI Risks and Attacks ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
AI from the attackers perspective See how cybercriminals are leveraging AI and exploiting its vulnerabilities to compromise systems, users, and even other AI applications Cybercriminals and AI The Reality vs. Hype AI will not replace humans in the near future. But humans who know how to use AI are going to replace those humans who don't know how to use AI, says Etay Maor, Chief Security.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ North Korean ScarCruft Exploits Windows Zero-Day to Spread RokRAT Malware ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The North Korean threat actor known as ScarCruft has been linked to the zeroday exploitation of a nowpatched security flaw in Windows to infect devices with malware known as RokRAT. The vulnerability in question is CVE202438178 CVSS score 7.5, a memory corruption bug in the Scripting Engine that could result in remote code execution when using the Edge browser in Internet Explorer Mode.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ 5 Techniques for Collecting Cyber Threat Intelligence ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
To defend your organization against cyber threats, you need a clear picture of the current threat landscape. This means constantly expanding your knowledge about new and ongoing threats. There are many techniques analysts can use to collect crucial cyber threat intelligence. Lets consider five that can greatly improve your threat investigations. Pivoting on 2 IP addresses to pinpoint malware.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity