ποΈ Cisco Releases Patch for Critical URWB Vulnerability in Industrial Wireless Systems ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cisco has released security updates to address a maximum severity security flaw impacting UltraReliable Wireless Backhaul URWB Access Points that could permit unauthenticated, remote attackers to run commands with elevated privileges. Tracked as CVE202420418 CVS score 10.0, the vulnerability has been described as stemming from a lack of input validation to the webbased management.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Malicious PyPI Package βFabriceβ Found Stealing AWS Keys from Thousands of Developers ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have discovered a malicious package on the Python Package Index PyPI that has racked up thousands of downloads for over three years while stealthily exfiltrating developers' Amazon Web Services AWS credentials. The package in question is "fabrice," which typosquats a popular Python library known as "fabric," which is designed to execute shell commands remotely over.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Androxgh0st Botnet Adopts Mozi Payloads, Expands IoT Reach π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Androxgh0st botnet has expanded, integrating Mozi IoT payloads and targeting web server vulnerabilities.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Androxgh0st Botnet Adopts Mozi Payloads, Expands IoT Reach
Androxgh0st botnet has expanded, integrating Mozi IoT payloads and targeting web server vulnerabilities
π₯1
π Interlock Ransomware Targets US Healthcare, IT and Government Sectors π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Interlock employs both biggame hunting and double extortion tactics against its victims.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Interlock Ransomware Targets US Healthcare, IT and Government Sectors
Interlock employs both βbig-game huntingβ and double extortion tactics against its victims
π UK Regulator Urges Stronger Data Protection in AI Recruitment Tools π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
An ICO audit of AI recruitment tools found numerous data privacy issues that may lead to jobseekers being discriminated against and privacy compromised.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
UK Regulator Urges Stronger Data Protection in AI Recruitment Tools
An ICO audit of AI recruitment tools found numerous data privacy issues that may lead to jobseekers being discriminated against and privacy compromised
π Canada Orders Shutdown of Local TikTok Branch Over Security Concerns π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
TikTok Technology Canada, Inc, the subsidiary of Chinese group ByteDance, will have to cease its operations in Canada.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Canada Orders Shutdown of Local TikTok Branch Over Security Concerns
TikTok Technology Canada, Inc, the subsidiary of Chinese group ByteDance, will have to cease its operations in Canada
π NCSC Publishes Tips to Tackle Malvertising Threat π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The UKs National Cyber Security Centre has released malvertising guidance for brands and their ad partners.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
NCSC Publishes Tips to Tackle Malvertising Threat
The UKβs National Cyber Security Centre has released malvertising guidance for brands and their ad partners
π UK Cybersecurity Wages Soar Above Inflation as Stress Levels Rise π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
CIISec report reveals the average wage for UK security professionals is now over 87,000.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
UK Cybersecurity Wages Soar Above Inflation as Stress Levels Rise
CIISec report reveals the average wage for UK security professionals is now over Β£87,000
π΅οΈββοΈ Canada Closes TikTok Offices, Citing National Security π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Questions remain over what a corporate ban will achieve, since Canadians will still be able to use the app.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Canada Closes TikTok Offices, Citing National Security
Questions remain over what a corporate ban will achieve, since Canadians will still be able to use the app.
π΅οΈββοΈ Cisco Bug Could Lead to Command Injection Attacks π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Though Cisco reports of no known malicious exploitation attempts, three of its wireless access points are vulnerable to these attacks.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Max-Critical Cisco Bug Enables Command-Injection Attacks
Though Cisco reports of no known malicious exploitation attempts, but thanks to a CVSS 10 out of 10 security vulnerability (CVE-2024-20418) three of its wireless access points are vulnerable to remote, unauthenticated cyberattacks.
π΅οΈββοΈ 'SteelFox' Malware Blitz Infects 11K Victims With Bundle of Pain π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The malware combines a miner and data stealer, and it packs functions that make detection and mitigation a challenge.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
'SteelFox' Malware Blitz Infects 11K Victims
The malware combines a miner and data stealer, and it packs functions that make detection and mitigation a challenge.
ποΈ New CRON#TRAP Malware Infects Windows by Hiding in Linux VM to Evade Antivirus ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have flagged a new malware campaign that infects Windows systems with a Linux virtual instance containing a backdoor capable of establishing remote access to the compromised hosts. The "intriguing" campaign, codenamed CRONTRAP, starts with a malicious Windows shortcut LNK file likely distributed in the form of a ZIP archive via a phishing email. "What makes the CRON.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ CISA Alerts to Active Exploitation of Critical Palo Alto Networks Vulnerability ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday added a nowpatched critical security flaw impacting Palo Alto Networks Expedition to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE20245910 CVSS score 9.3, concerns a case of missing authentication in the Expedition migration tool that.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π ESET APT Activity Report Q2 2024βQ3 2024 π
π Read more.
π Via "ESET - WeLiveSecurity"
----------
ποΈ Seen on @cibsecurity
An overview of the activities of selected APT groups investigated and analyzed by ESET Research in Q2 2024 and Q3 2024.π Read more.
π Via "ESET - WeLiveSecurity"
----------
ποΈ Seen on @cibsecurity
Welivesecurity
ESET APT Activity Report Q2 2024βQ3 2024
This issue of the ESET APT Activity Report reviews notable activities of threat actors that were documented by ESET researchers from April 2024 until the end of September 2024.
π¦Ώ Top Vulnerability Management Tools: Reviews & Comparisons 2024 π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
There are a great many vulnerability management tools available. But which is best? Here are our top picks for a variety of use cases.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Top Vulnerability Management Tools: Reviews & Comparisons 2024
Discover the best vulnerability management tools of 2024. Compare top solutions, explore features and benefits, and find expert reviews to guide your choice.
π’ AI recruitment tools are still a privacy nightmare β here's how the ICO plans to crack down on misuse π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
The ICO has issued guidance for recruiters and AI developers after finding that many are mishandling data.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
AI recruitment tools are still a privacy nightmare β here's how the ICO plans to crack down on misuse
The ICO has issued guidance for recruiters and AI developers after finding that many are mishandling data
π’ Nokia waves off IntelBroker breach claims, says leaked source code came from a third party application π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Notorious threat actor IntelBroker released a cache of stolen data.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
Nokia waves off IntelBroker breach claims, says leaked source code came from a third party application
Notorious threat actor IntelBroker released a cache of stolen data
π’ Cybersecurity salaries are rising, but some professionals wonder if the stress and burnout is worth it π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Salaries in cybersecurity have increased 7 above inflation in the last few years.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
Cybersecurity salaries are rising, but some professionals wonder if the stress and burnout is worth it
Salaries in cybersecurity have increased 7% above inflation in the last few years
ποΈ IcePeony and Transparent Tribe Target Indian Entities with Cloud-Based Tools ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Highprofile entities in India have become the target of malicious campaigns orchestrated by the Pakistanbased Transparent Tribe threat actor and a previously unknown Chinanexus cyber espionage group dubbed IcePeony. The intrusions linked to Transparent Tribe involve the use of a malware called ElizaRAT and a new stealer payload dubbed ApoloStealer on specific victims of interest, Check Point.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ The vCISO Academy: Transforming MSPs and MSSPs into Cybersecurity Powerhouses ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Weve all heard a million times growing demand for robust cybersecurity in the face of rising cyber threats is undeniable. Globally small and mediumsized businesses SMBs are increasingly targeted by cyberattacks but often lack the resources for fulltime Chief Information Security Officers CISOs. This gap is driving the rise of the virtual CISO vCISO model, offering a costeffective.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Malicious NPM Packages Target Roblox Users with Data-Stealing Malware ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
A new campaign has targeted the npm package repository with malicious JavaScript libraries that are designed to infect Roblox users with opensource stealer malware such as Skuld and BlankGrabber. "This incident highlights the alarming ease with which threat actors can launch supply chain attacks by exploiting trust and human error within the open source ecosystem, and using readily available.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity