π΅οΈββοΈ Attackers Hijack Google Advertiser Accounts to Spread Malware π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
It's an especially brazen form of malvertising, researchers say, striking at the heart of Google's business the tech giant says it's aware of the issue and is working quickly to address the problem.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
ποΈ Python-Based Malware Powers RansomHub Ransomware to Exploit Network Flaws ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have detailed an attack that involved a threat actor utilizing a Pythonbased backdoor to maintain persistent access to compromised endpoints and then leveraged this access to deploy the RansomHub ransomware throughout the target network. According to GuidePoint Security, initial access is said to have been facilitated by means of a JavaScript malware downloaded named.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Researcher Uncovers Critical Flaws in Multiple Versions of Ivanti Endpoint Manager ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Ivanti has rolled out security updates to address several security flaws impacting Avalanche, Application Control Engine, and Endpoint Manager EPM, including four critical bugs that could lead to information disclosure. All the four critical security flaws, rated 9.8 out of 10.0 on the CVSS scale, are rooted in EPM, and concern absolute path traversal flaws that allow a remote unauthenticated.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π EU To Launch New Support Centre by 2026 to Boost Healthcare Cybersecurity π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
A new EU action plan will be structured around four pillars prevention, threat detection and identification, response to cyberattacks and deterrence.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
EU To Launch New Support Centre by 2026 to Boost Healthcare Cybersecurity
A new EU action plan will be structured around four pillars: prevention, threat detection and identification, response to cyber-attacks and cyber deterrence
π’ Personal data compromised in Gateshead Council cyber attack π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
The Medusa ransomware group has claimed responsibility for the attack.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
Personal data compromised in Gateshead Council cyber attack
The Medusa ransomware group has claimed responsibility for the attack
π’ US authorities just purged malware from thousands of devices across the world π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
After taking control of the PlugX malwares commandandcontrol server, the coalition were able to trigger a selfdelete mechanism to remove the malicious program.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
US authorities just purged malware from thousands of devices across the world
After taking control of the PlugX malwareβs command-and-control server, the coalition were able to trigger a self-delete mechanism to remove the malicious program
π΅οΈββοΈ Risk, Reputational Scores Enjoy Mixed Success as Security Tools π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Part predictive analysis, part intuition, risk and reputation services are imperfect instruments at best and better than nothing for most organizations and insurers.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Risk, Reputational Scoring Services Enjoy Mixed Success
Part predictive analysis, part intuition, risk and reputation services are imperfect instruments at best β and better than nothing for most organizations and insurers.
π΅οΈββοΈ Trusted Apps Sneak a Bug Into the UEFI Boot Process π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Seven system recovery programs contained what amounted to a backdoor for injecting any untrusted file into the system startup process.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Trusted Apps Sneak a Bug Into UEFI Boot Process
Seven system recovery programs contained what amounted to a backdoor for injecting any untrusted file into the system startup process.
π΅οΈββοΈ CISA's AI Playbook Pushes For More Information Sharing π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The Joint Cyber Defense Collaborative playbook seeks to establish a "a unified approach" on how to handle AIrelated cybersecurity threats.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
CISA's AI Playbook Pushes For More Information Sharing
The Joint Cyber Defense Collaborative playbook seeks to establish a "a unified approach" on how to handle AI-related cybersecurity threats.
π§ The current state of ransomware: Weaponizing disclosure rules and more π§
π Read more.
π Via "Security Intelligence"
----------
ποΈ Seen on @cibsecurity
As we near the end of 2024, ransomware remains a dominant and evolving threat against any organization. Cyber criminals are more sophisticated and creative than ever. They integrate new technologies, leverage geopolitical tensions and even use legal regulations to their advantage. What once seemed like a disruptive but relatively straightforward crime has evolved into a The post The current state of ransomware Weaponizing disclosure rules and more appeared first on Security Intelligence.π Read more.
π Via "Security Intelligence"
----------
ποΈ Seen on @cibsecurity
Security Intelligence
The current state of ransomware: Weaponizing disclosure rules and more
Cyber criminals are changing tactics, relying on AI technology and exploiting legal frameworks β and the cost of ransomware attacks continues to rise.
ποΈ Ready to Simplify Trust Management? Join Free Webinar to See DigiCert ONE in Action ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The digital world is exploding. IoT devices are multiplying like rabbits, certificates are piling up faster than you can count, and compliance requirements are tightening by the day. Keeping up with it all can feel like trying to juggle chainsaws while riding a unicycle. Traditional trust management? Forget it. It's simply not built for today's fastpaced, hybrid environments. You need a.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ The $10 Cyber Threat Responsible for the Biggest Breaches of 2024 ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
You can tell the story of the current state of stolen credentialbased attacks in three numbers Stolen credentials were the 1 attacker action in 202324, and the breach vector for 80 of web app attacks. Source Verizon. Cybersecurity budgets grew again in 2024, with organizations now spending almost 1,100 per user Source Forrester. Stolen credentials on criminal forums cost as.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ New UEFI Secure Boot Vulnerability Could Allow Attackers to Load Malicious Bootkits ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Details have emerged about a nowpatched security vulnerability that could allow a bypass of the Secure Boot mechanism in Unified Extensible Firmware Interface UEFI systems. The vulnerability, assigned the CVE identifier CVE20247344 CVSS score 6.7, resides in a UEFI application signed by Microsoft's "Microsoft Corporation UEFI CA 2011" thirdparty UEFI certificate, according to a new.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Researchers Find Exploit Allowing NTLMv1 Despite Active Directory Restrictions ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have found that the Microsoft Active Directory Group Policy that's designed to disable NT LAN Manager NTLM v1 can be trivially bypassed by a misconfiguration. "A simple misconfiguration in onpremise applications can override the Group Policy, effectively negating the Group Policy designed to stop NTLMv1 authentications," Silverfort researcher Dor Segal said in a.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Hackers Hide Malware in Images to Deploy VIP Keylogger and 0bj3ctivity Stealer ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Threat actors have been observed concealing malicious code in images to deliver malware such as VIP Keylogger and 0bj3ctivity Stealer as part of separate campaigns. "In both campaigns, attackers hid malicious code in images they uploaded to archive.org, a filehosting website, and used the same .NET loader to install their final payloads," HP Wolf Security said in its Threat Insights Report.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π DORA Compliance Costs Soar Past β¬1m for Many UK and EU Businesses π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Compliance with the Digital Operational Resilience Act DORA has cost many businesses over 1 million, according to research from Rubrik.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
DORA Compliance Costs Soar Past β¬1m for Many UK and EU Businesses
Compliance with the Digital Operational Resilience Act (DORA) has cost many businesses over β¬1 million, according to research from Rubrik
π New Hacking Group Leaks Configuration of 15,000 Fortinet Firewalls π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The leak likely comes from a zeroday exploit affecting Fortinets products.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
New Hacking Group Leaks Configuration of 15,000 Fortinet Firewalls
The leak likely comes from a zero-day exploit affecting Fortinetβs products
π GoDaddy Accused of Serious Security Failings by FTC π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
A proposed settlement order from the FTC will require GoDaddy to strengthen its security practices following multiple data breaches at the web hosting giant.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
GoDaddy Accused of Serious Security Failings by FTC
A proposed settlement order from the FTC will require GoDaddy to strengthen its security practices following multiple data breaches at the web hosting giant
π Hackers Use Image-Based Malware and GenAI to Evade Email Security π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
HP Wolf highlighted novel techniques used by attackers to bypass email protections, including embedding malicious code inside images and utilizing GenAI.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Hackers Use Image-Based Malware and GenAI to Evade Email Security
HP Wolf highlighted novel techniques used by attackers to bypass email protections, including embedding malicious code inside images and utilizing GenAI
π¦
Government Sector Bears the Brunt of Cyberattacks in Ukraine: Report π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Overview Ukraine's fight against cyberthreats has reached new heights, with its top cybersecurity agency releasing the 2024 annual cyberthreat landscape report detailing its efforts to protect critical infrastructure and government systems. The report, prepared by the State Cyber Defense Center under the State Service for Special Communications and Information Protection, outlines key findings, incident statistics, and strategies employed to counteract persistent cyber threats. Key Findings Ukraine processed a staggering 3 million security events in 2024, a reflection of the heightened activity in its cyber domain. Of these, over 1,000 incidents were confirmed as direct cyberthreats. The year saw a surge in advanced persistent threats APTs and statesponsored cyber esp...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
Ukraineβs Cyberthreat Landscape 2024
Explore Ukraineβs 2024 cyberthreat landscape, uncovering government sector espionage, persistence, and operational disruption risks.
π¦
ICS Vulnerability Report: Hitachi Energy Network Management Flaw Scores a Perfect 10 π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Overview Critical vulnerabilities in Hitachi Energy UNEM Network Management Systems were among the highlights in Cybles weekly Industrial Control System ICS Vulnerability Intelligence Report, which also examined flaws in products from Delta Electronics, Schneider Electric and other ICS vendors. Cyble Research Intelligence Labs CRIL examined 16 vulnerabilities in the report for clients half of which affect Hitachi Energy FOXMANUN products based on ICS alerts by the Cybersecurity and Infrastructure Security Agency CISA between January 814. Of the 16 vulnerabilities, two are critical, nine are high severity, and five are medium severity. They span Communication, Critical Manufacturing, Chemical, Energy, Wastewater Systems and Commercial Facilities, and could lead to operation...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity