Sunday, October 30, 2022

Twilio Reveals Another Breach from the Same Hackers Behind the August Hack

Communication services provider Twilio this week disclosed that it experienced another "brief security incident" in June 2022 perpetrated by the same threat actor behind the August hack that resulted in unauthorized access of customer information. The security event occurred on June 29, 2022, the company said in an updated advisory shared this week, as part of its probe into the digital break-in
http://dlvr.it/SbxCQw

Saturday, October 29, 2022

Google Issues Urgent Chrome Update to Patch Actively Exploited Zero-Day Vulnerability

Google on Thursday rolled out emergency fixes to contain an actively exploited zero-day flaw in its Chrome web browser. The vulnerability, tracked as CVE-2022-3723, has been described as a type confusion flaw in the V8 JavaScript engine. Security researchers Jan Vojtěšek, Milánek, and Przemek Gmerek of Avast have been credited with reporting the flaw on October 25, 2022. "Google is aware of
http://dlvr.it/Sbv6vn

Raspberry Robin Operators Selling Cybercriminals Access to Thousands of Endpoints

The Raspberry Robin worm is becoming an access-as-a-service malware for deploying other payloads, including IcedID, Bumblebee, TrueBot (aka Silence), and Clop ransomware. It is "part of a complex and interconnected malware ecosystem, with links to other malware families and alternate infection methods beyond its original USB drive spread," the Microsoft Security Threat Intelligence Center (MSTIC
http://dlvr.it/Sbv6gZ

Friday, October 28, 2022

New Cryptojacking Campaign Targeting Vulnerable Docker and Kubernetes Instances

A new cryptojacking campaign has been uncovered targeting vulnerable Docker and Kubernetes infrastructures as part of opportunistic attacks designed to illicitly mine cryptocurrency. Cybersecurity company CrowdStrike dubbed the activity Kiss-a-dog, with its command-and-control infrastructure overlapping with those associated with other groups like TeamTNT, which are known to strike misconfigured
http://dlvr.it/SbrGlp

Thursday, October 27, 2022

Vice Society Hackers Are Behind Several Ransomware Attacks Against Education Sector

A cybercrime group known as Vice Society has been linked to multiple ransomware strains in its malicious campaigns aimed at the education, government, and retail sectors. The Microsoft Security Threat Intelligence team, which is tracking the threat cluster under the moniker DEV-0832, said the group avoids deploying ransomware in some cases and rather likely carries out extortion using
http://dlvr.it/Sbn8tV

Hackers Actively Exploiting Cisco AnyConnect and GIGABYTE Drivers Vulnerabilities

Cisco has warned of active exploitation attempts targeting a pair of two-year-old security flaws in the Cisco AnyConnect Secure Mobility Client for Windows. Tracked as CVE-2020-3153 (CVSS score: 6.5) and CVE-2020-3433 (CVSS score: 7.8), the vulnerabilities could enable local authenticated attackers to perform DLL hijacking and copy arbitrary files to system directories with elevated privileges.
http://dlvr.it/Sbn8c1

Wednesday, October 26, 2022

Cybercriminals Used Two PoS Malware to Steal Details of Over 167,000 Credit Cards

Two point-of-sale (PoS) malware variants have been put to use by a threat actor to steal information related to more than 167,000 credit cards from payment terminals. According to Singapore-headquartered cybersecurity company Group-IB, the stolen data dumps could net the operators as much as $3.34 million by selling them on underground forums. While a significant proportion of attacks aimed at
http://dlvr.it/Sbk5Cx

Tuesday, October 25, 2022

Download eBook: Top virtual CISOs share 7 tips for vCISO service providers

Virtual Chief Information Security Officer (vCISO) services (also known as 'Fractional CISO' or 'CISO-as-a-Service') are growing in popularity, especially as growing cyber threats, tightening regulatory demands and strict cyber insurance requirements are driving small to medium-sized enterprises demand for strategic cybersecurity and compliance guidance and management. But vCISO services are
http://dlvr.it/Sbg0t5

Monday, October 24, 2022

Why Ransomware in Education on the Rise and What That Means for 2023

The breach of LA Unified School District (LAUSD) highlights the prevalence of password vulnerabilities, as criminal hackers continue to use breached credentials in increasingly frequent ransomware attacks on education. The Labor Day weekend breach of LAUSD brought significant districtwide disruptions to access to email, computers, and applications. It's unclear what student or employee data the
http://dlvr.it/Sbbwt3

Sunday, October 23, 2022

National cybersecurity strategy to debut within months, White House official says - Cybersecurity Dive

* National cybersecurity strategy to debut within months, White House official says  Cybersecurity Dive * President Biden still wants his cybersecurity labels on those smart devices  The Register * White House Sets Sights on New Healthcare Cybersecurity Standards  HealthITSecurity * IoT Security Ratings: Survey Explores Cybersecurity Labeling System  BlackBerry Blog * Consumers lack trust in the security of Internet of Things' devices  Axios * View Full Coverage on Google News
http://dlvr.it/SbYdpN

Saturday, October 22, 2022

Microsoft Confirms Server Misconfiguration Led to 65,000+ Companies' Data Leak

Microsoft this week confirmed that it inadvertently exposed information related to thousands of customers following a security lapse that left an endpoint publicly accessible over the internet sans any authentication. "This misconfiguration resulted in the potential for unauthenticated access to some business transaction data corresponding to interactions between Microsoft and prospective
http://dlvr.it/SbWNc6

Friday, October 21, 2022

New Ursnif Variant Likely Shifting Focus to Ransomware and Data Theft

The Ursnif malware has become the latest malware to shed its roots as a banking trojan to revamp itself into a generic backdoor capable of delivering next-stage payloads, joining the likes of Emotet, Qakbot, and TrickBot. "This is a significant shift from the malware's original purpose to enable banking fraud, but is consistent with the broader threat landscape," Mandiant researchers Sandor
http://dlvr.it/SbSMsB

Thursday, October 20, 2022

CISA Warns of Critical Flaws Affecting Industrial Appliances from Advantech and Hitachi

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday released two Industrial Control Systems (ICS) advisories pertaining to severe flaws in Advantech R-SeeNet and Hitachi Energy APM Edge appliances. This consists of three weaknesses in the R-SeeNet monitoring solution, successful exploitation of which "could result in an unauthorized attacker remotely deleting files on the
http://dlvr.it/SbP83h

Wednesday, October 19, 2022

European Police Arrest a Gang That Hacked Wireless Key Fobs to Steal Cars

Law enforcement authorities in France, in collaboration with Spain and Latvia, have disrupted a cybercrime ring that leveraged a hacking tool to steal cars without having to use a physical key fob. "The criminals targeted vehicles with keyless entry and start systems, exploiting the technology to get into the car and drive away," Europol said in a press statement. The coordinated
http://dlvr.it/SbKr1n

Tuesday, October 18, 2022

Zimbra Releases Patch for Actively Exploited Vulnerability in its Collaboration Suite

Zimbra has released patches to contain an actively exploited security flaw in its enterprise collaboration suite that could be leveraged to upload arbitrary files to vulnerable instances. Tracked as CVE-2022-41352 (CVSS score: 9.8), the issue affects a component of the Zimbra suite called Amavis, an open source content filter, and more specifically, the cpio utility it uses to scan and extract
http://dlvr.it/SbGYPh

Monday, October 17, 2022

INTERPOL-led Operation Takes Down 'Black Axe' Cyber Crime Organization

The International Criminal Police Organization, also called the Interpol, has announced the arrests of 75 individuals as part of a coordinated global operation against an organized cybercrime syndicate called Black Axe. "'Black Axe' and other West African organized crime groups have developed transnational networks, defrauding victims of millions while channeling their profits into lavish
http://dlvr.it/SbCKM2

Saturday, October 15, 2022

Mirai Botnet Hits Wynncraft Minecraft Server with 2.5 Tbps DDoS Attack

Web infrastructure and security company Cloudflare disclosed this week that it halted a 2.5 Tbps distributed denial-of-service (DDoS) attack launched by a Mirai botnet. Characterizing it as a "multi-vector attack consisting of UDP and TCP floods," researcher Omer Yoachimik said the DDoS attack targeted the Minecraft server Wynncraft in Q3 2022. "The entire 2.5 Tbps attack lasted about 2 minutes,
http://dlvr.it/Sb6dB1

Friday, October 14, 2022

Researchers Uncover Custom Backdoors and Spying Tools Used by Polonium Hackers

A threat actor tracked as Polonium has been linked to over a dozen highly targeted attacks aimed at Israelian entities with seven different custom backdoors since at least September 2021. The intrusions were aimed at organizations in various verticals, such as engineering, information technology, law, communications, branding and marketing, media, insurance, and social services, cybersecurity
http://dlvr.it/Sb3XQX

Thursday, October 13, 2022

Microsoft Patch Tuesday Fixes New Windows Zero-Day; No Patch for Exchange Server Bugs

Microsoft's Patch Tuesday update for the month of October has addressed a total of 85 security vulnerabilities, including fixes for an actively exploited zero-day flaw in the wild. Of the 85 bugs, 15 are rated Critical, 69 are rated Important, and one is rated Moderate in severity. The update, however, does not include mitigations for the actively exploited ProxyNotShell flaws in Exchange Server
http://dlvr.it/Sb0FfZ

Wednesday, October 12, 2022

Fortinet Warns of Active Exploitation of Newly Discovered Critical Auth Bypass Bug

Fortinet on Monday revealed that the newly patched critical security vulnerability impacting its firewall and proxy products is being actively exploited in the wild. Tracked as CVE-2022-40684 (CVSS score: 9.6), the flaw relates to an authentication bypass in FortiOS, FortiProxy, and FortiSwitchManager that could allow a remote attacker to perform unauthorized operations on the administrative
http://dlvr.it/SZx008

Tuesday, October 11, 2022

Hackers Steal $100 Million Cryptocurrency from Binance Bridge

BNB Chain, a blockchain linked to the Binance cryptocurrency exchange, disclosed an exploit on a cross-chain bridge that drained around $100 million in digital assets. "There was an exploit affecting the native cross-chain bridge between BNB Beacon Chain (BEP2) and BNB Smart Chain (BEP20 or BSC), known as 'BSC Token Hub,'" it said last week. "The exploit was through a sophisticated forging of
http://dlvr.it/SZsgJ5

Sunday, October 9, 2022

Hackers Exploiting Unpatched RCE Flaw in Zimbra Collaboration Suite

A severe remote code execution vulnerability in Zimbra's enterprise collaboration software and email platform is being actively exploited, with no patch currently available to remediate the issue. The shortcoming, assigned CVE-2022-41352, carries a critical-severity rating of CVSS 9.8, providing a pathway for attackers to upload arbitrary files and carry out malicious actions on affected
http://dlvr.it/SZmC66

Saturday, October 8, 2022

BlackByte Ransomware Abuses Vulnerable Windows Driver to Disable Security Solutions

In yet another case of bring your own vulnerable driver (BYOVD) attack, the operators of the BlackByte ransomware are leveraging a flaw in a legitimate Windows driver to bypass security solutions. "The evasion technique supports disabling a whopping list of over 1,000 drivers on which security products rely to provide protection," Sophos threat researcher Andreas Klopsch said in a new technical
http://dlvr.it/SZjx10

Friday, October 7, 2022

Former Uber Security Chief Found Guilty of Data Breach Coverup

A U.S. federal court jury has found former Uber Chief Security Officer Joseph Sullivan guilty of not disclosing a 2016 breach of customer and driver records to regulators and attempting to cover up the incident. Sullivan has been convicted on two counts: One for obstructing justice by not reporting the incident and another for misprision. He faces a maximum of five years in prison for the
http://dlvr.it/SZfrL5

Thursday, October 6, 2022

Canadian Netwalker Ransomware Affiliate Sentenced to 20 Years in U.S. Prison

A former affiliate of the Netwalker ransomware has been sentenced to 20 years in prison in the U.S., a little over three months after the Canadian national pleaded guilty to his role in the crimes. Sebastien Vachon-Desjardins, 35, has also been ordered to forfeit $21,500,000 that was illicitly obtained from dozens of victims globally, including companies, municipalities, hospitals, law
http://dlvr.it/SZbYp9

Wednesday, October 5, 2022

Optus Hack Exposes Data of Nearly 2.1 Million Australian Telecom Customers

Australian telecom giant Optus on Monday confirmed that nearly 2.1 million of its current and former customers suffered a leak of their personal information and at least one form of identification number as a result of a data breach late last month. The company also said it has engaged the services of Deloitte to conduct an external forensic assessment of the attack to "understand how it
http://dlvr.it/SZXK5q

Tuesday, October 4, 2022

Ex-NSA Employee Arrested for Trying to Sell U.S. Secrets to a Foreign Government

A former U.S. National Security Agency (NSA) employee has been arrested on charges of attempting to sell classified information to a foreign spy, who was actually an undercover agent working for the Federal Bureau of Investigation (FBI). Jareh Sebastian Dalke, 30, was employed at the NSA for less than a month from June 6, 2022, to July 1, 2022, serving as an Information Systems Security Designer
http://dlvr.it/SZT0SR

Sunday, October 2, 2022

How cybersecurity frameworks apply to web application security - Security Boulevard

How cybersecurity frameworks apply to web application security  Security Boulevard
http://dlvr.it/SZMQT3

Analysis: Mexico data hack exposes government cybersecurity vulnerability - Reuters Canada

Analysis: Mexico data hack exposes government cybersecurity vulnerability  Reuters Canada
http://dlvr.it/SZMQFs

Cybersecurity threats: how can small to medium sized businesses protect themselves? - WUTR/WFXV - CNYhomepage.com

Cybersecurity threats: how can small to medium sized businesses protect themselves?  WUTR/WFXV - CNYhomepage.com
http://dlvr.it/SZMQ2D

Pay What You Want for This Collection of White Hat Hacking Courses

Whether you relish a mental challenge or fancy a six-figure paycheck, there are many good reasons to get into white hat hacking. That said, picking up the necessary knowledge to build a new career can seem like a daunting task. There is a lot to learn, after all. To help you get started, The Hacker News Deals is currently running an eye-catching offer: pay what you want for one video course, and
http://dlvr.it/SZMPqX

Saturday, October 1, 2022

Microsoft Confirms 2 New Exchange Zero-Day Flaws Being Used in the Wild

Microsoft officially disclosed it investigating two zero-day security vulnerabilities impacting Exchange Server 2013, 2016, and 2019 following reports of in-the-wild exploitation. "The first vulnerability, identified as CVE-2022-41040, is a Server-Side Request Forgery (SSRF) vulnerability, while the second, identified as CVE-2022-41082, allows remote code execution (RCE) when PowerShell is
http://dlvr.it/SZK1ym

Google Chrome Beta Tests New DBSC Protection Against Cookie-Stealing Attacks

Google on Tuesday said it's piloting a new feature in Chrome called Device Bound Session Credentials (DBSC) to help protect users agains...