July, 2024
July 31, 2024 – Botnet
Source Code of Phorpiex Botnet with Anti-AV Capabilities on Sale Full Text
Abstract
The notorious Trik botnet, aka Phorpiex, is being sold in antivirus circles, offering advanced capabilities to evade detection. This C++ botnet includes modules such as a crypto clipper, a USB emitter, and a PE infector targeting crypto wallets.Cybersecurity News
July 31, 2024 – Vulnerabilities
Multiple SMTP Servers Vulnerable to Spoofing Attacks, Let Hackers Bypass Authentication Full Text
Abstract
Multiple SMTP servers are vulnerable to spoofing attacks that allow hackers to bypass authentication. Two vulnerabilities, CVE-2024-7208 and CVE-2024-7209, exploit weaknesses in authentication and verification mechanisms provided by SPF and DKIM.Cybersecurity News
July 31, 2024 – Vulnerabilities
Ubuntu Fixes Two OpenVPN Vulnerabilities Full Text
Abstract
Ubuntu has fixed two vulnerabilities in OpenVPN, a virtual private network software. These vulnerabilities could keep the closing session active or lead to denial of service. Canonical released security updates for affected Ubuntu releases.TuxCare
July 31, 2024 – Attack
Cybercriminals Target Polish Businesses with Agent Tesla and Formbook Malware Delivered by ModiLoader Full Text
Abstract
Cybercriminals targeted Polish businesses with Agent Tesla and Formbook malware through widespread phishing campaigns in May 2024. Small and medium-sized businesses (SMBs) in Poland, Italy, and Romania have been affected.We Live Security
July 31, 2024 – General
Report: 40% of Environments Exposed to Full Take Over Full Text
Abstract
The Blue Report 2024 highlights alarming findings, with 40% of environments vulnerable to total takeover, emphasizing the importance of cybersecurity. Prevention effectiveness has improved to 69%, but detection effectiveness has dropped to 12%.Picus Security
July 31, 2024 – Malware
New Specula Tool Uses Outlook for Remote Code Execution in Windows Full Text
Abstract
TrustedSec released a post-exploitation framework called "Specula", which exploits CVE-2017-11774 to create a custom Outlook Home Page using WebView and execute arbitrary commands on compromised Windows systems.Bleeping Computer
July 31, 2024 – Malware
Mandrake Spyware Infects 32,000 Devices via Google Play Apps Full Text
Abstract
Initially detected in May 2020 by Bitdefender, Mandrake went undetected for four years. In April 2024, Kaspersky identified a new variant hidden in five Google Play apps from 2022 to 2024.Infosecurity Magazine
July 31, 2024 – Criminals
Researchers Study Evolution of Ransomware Gang UNC4393’s Campaigns After Qakbot Takedown Full Text
Abstract
Initially relying on Qakbot botnet infections, UNC4393 now uses custom malware and diverse access techniques after the crackdown on Qakbot. They have quick reconnaissance and encryption objectives, with a median time of 42 hours to ransomware.The Cyber Express
July 31, 2024 – General
IBM: Cost of a Breach Reaches Nearly $5 Million, With Healthcare Being Hit the Hardest Full Text
Abstract
Breaches impacted 17 industries across 16 countries and regions, with costs related to detecting breaches, notifying victims, post-breach response efforts, and lost business.The Record
July 30, 2024 – Vulnerabilities
Meta’s AI Safety System Manipulated by Space Bar Characters to Enable Prompt Injection Full Text
Abstract
A bug hunter discovered a bypass in Meta's Prompt-Guard-86M model by inserting character-wise spaces between English alphabet characters, rendering the classifier ineffective in detecting harmful content.The Register
July 30, 2024 – Government
US State Department Says UN Cybercrime Treaty Must Include Human Rights Protections Full Text
Abstract
The U.S. State Department emphasized the importance of including human rights protections in the upcoming United Nations cybercrime treaty. The final round of negotiations for the treaty, which began on Monday and will conclude on August 9, 2024.The Record
July 30, 2024 – Attack
SideWinder Utilizes New Infrastructure to Target Ports and Maritime Facilities in the Mediterranean Sea Full Text
Abstract
The recent attacks by the SideWinder APT group use phishing lures related to emotional topics like sexual harassment and salary cuts to trick victims into opening booby-trapped Microsoft Word documents.Blackberry
July 30, 2024 – Breach
Change Healthcare Begins to Notify Millions Affected by Hack Full Text
Abstract
Change Healthcare has started the process of notifying millions of Americans affected by a massive cyberattack and data theft that occurred more than five months ago. The company is sending individual breach notification letters on a rolling basis.Bank Infosecurity
July 30, 2024 – Malware
New PowerShell Backdoor Linked to Zloader Malware Full Text
Abstract
The newly discovered backdoor has limited samples available on VirusTotal, making detection more difficult. It operates by collecting system information and sending it to a command and control server, awaiting further instructions.Infosecurity Magazine
July 30, 2024 – Business
Cowbell Secures $60 Million Series C Funding From Zurich Insurance Group Full Text
Abstract
This investment will allow Cowbell to expand its operations, enter key global markets, enhance cyber resilience services, introduce innovative products, and strengthen partnerships.Dark Reading
July 30, 2024 – General
European Central Bank Concludes Banking Cyber Stress Test Full Text
Abstract
The European Central Bank has completed a cyber stress test for the banking sector, finding that while banks have strong response frameworks, there is still room for improvement in recovery capabilities.Bank Infosecurity
July 30, 2024 – Phishing
Crafty ClickFix-Style Phishing Campaign Targets Microsoft OneDrive Users Full Text
Abstract
The attackers use social engineering tactics to get users to run a PowerShell script, compromising their systems. The scam starts with an email containing an HTML file that tricks the recipient into clicking on a button to fix a fake DNS issue.Security Affairs
July 30, 2024 – Phishing
Massive Phishing Campaign Exploiting Proofpoint’s Email Protection to Dispatch Millions of Perfectly Spoofed Emails Full Text
Abstract
The campaign began in January 2024 and peaked at 14 million emails in June. The emails were designed to steal sensitive information and included authentic-looking signatures to bypass security measures.Guard
July 30, 2024 – Vulnerabilities
Microsoft Warns of Ransomware Gangs Abusing VMware ESXi Authentication Bypass in Attacks Full Text
Abstract
Ransomware operators like Black Basta and Akira have already used this vulnerability in attacks, with Storm-0506 deploying Black Basta ransomware on the ESXi hypervisors of a North American engineering firm.Bleeping Computer
July 29, 2024 – General
Report: Russian Ransomware Gangs Account for 69% of all Ransom Proceeds Full Text
Abstract
According to an analysis by TRM Labs, Russian-speaking threat actors were responsible for over 69% of all ransomware-related cryptocurrency earnings in the past year, amounting to more than $500 million.Bleeping Computer
July 29, 2024 – General
Despite Bans, AI Code Generation Tools Widely Used in Organizations Full Text
Abstract
Despite bans, organizations are widespread in using AI code tools, causing security concerns, as reported by Checkmarx. While 15% prohibit AI tools for code generation, a staggering 99% still use them.Infosecurity Magazine
July 29, 2024 – Privacy
Senators to FTC: Car Companies’ Data Privacy Practices Must be Investigated Full Text
Abstract
U.S. senators have raised concerns about how car companies handle consumer data, revealing that major automakers share and sell drivers' information without proper consent.The Record
July 29, 2024 – Vulnerabilities
WhatsApp for Windows Lets Python, PHP Scripts Execute with no Warning Full Text
Abstract
WhatsApp currently blocks certain file types considered risky, but Python and PHP scripts are not included in the blocklist. Security researcher Saumyajeet Das identified this vulnerability while testing file attachments in WhatsApp conversations.Bleeping Computer
July 29, 2024 – General
National Vulnerability Backlog Could Surge to 30,000 by 2025 Full Text
Abstract
The National Vulnerability Database (NVD), maintained by the National Institute of Standards and Technology (NIST), currently has a backlog of over 16,000 vulnerabilities, with an average daily influx of more than 100 new security flaws.Bank Infosecurity
July 29, 2024 – Vulnerabilities
Acronis Warns of Cyber Infrastructure Default Password Abused in Attacks Full Text
Abstract
The vulnerability (CVE-2023-45249) was patched nine months ago but is still being exploited in attacks. Admins are advised to update their systems immediately to prevent unauthorized remote code execution.Bleeping Computer
July 29, 2024 – General
Data From Deleted Github Repositories May Not Actually be Deleted Full Text
Abstract
Researchers at Truffle Security have found, or arguably rediscovered, that data from deleted GitHub repositories (public or private) and from deleted copies (forks) of repositories isn't necessarily deleted.The Register
July 29, 2024 – Malware
Gh0stGambit Dropper Used to Deploy Gh0st RAT Against Chinese Users Full Text
Abstract
The Gh0st RAT Trojan is being distributed to Chinese Windows users through a fake Chrome website. The malware has been around since 2008 and has evolved over the years, often used by cyberespionage groups in China.Esentire
July 29, 2024 – Deepfake
AI-Generated Deepfake Attacks Force Companies To Reassess Cybersecurity Full Text
Abstract
Companies are reevaluating their cybersecurity defenses in response to the rise of AI-generated deepfake attacks and identity fraud. According to GetApp, 73% of US organizations have already developed deepfake response plans.Help Net Security
July 29, 2024 – Malware
Targeted PyPI Package Steals Google Cloud Credentials from macOS Devs Full Text
Abstract
The malware is designed to target only 64 specific machines, attempting to exfiltrate Google Cloud Platform credentials for potential follow-on attacks such as data theft and malware implantation.Dark Reading
July 27, 2024 – Attack
Unveiling the Latest Banking Trojan Threats in Latin America Full Text
Abstract
The malicious Chrome extension campaign in LATAM involves infecting victims through phishing websites and installing rogue extensions to steal sensitive information. The extensions mimic Google Drive, giving them access to a wide range of user data.Security Intelligence
July 27, 2024 – Phishing
Phishing Campaign Targeting Mobile Users in India Using India Post Lures Full Text
Abstract
FortiGuard Labs Threat Research team has identified a fraud campaign targeting India Post users on social media, specifically iPhone users through smishing attacks. The Smishing Triad, a Chinese threat actor, is believed to be behind this campaign.Fortinet
July 27, 2024 – Vulnerabilities
PKfail Secure Boot bypass Lets Attackers Install UEFI Malware Full Text
Abstract
The issue originates from a test Secure Boot key provided by American Megatrends International (AMI) that was not replaced by OEMs, resulting in devices shipping with untrusted keys.Bleeping Computer
July 26, 2024 – Business
Chainguard Raises $140M to Drive AI Support, Global Growth Full Text
Abstract
Chainguard, a supply chain security startup, recently raised $140 million in a Series C funding round led by Redpoint Ventures, Lightspeed Venture Partners, and JVP. It aims to expand globally and strengthen its presence in the U.S. public sector.Bank Infosecurity
July 26, 2024 – Government
National Defense University Cyber Professor Tapped as ONCD Deputy Director Full Text
Abstract
The Office of the National Cyber Director (ONCD) announced Wednesday that former Navy SEAL and National Defense University cyberspace professor Harry Wingo has been selected as its deputy director.The Record
July 26, 2024 – General
The Most Urgent Security Risks for GenAI Users are all Data-Related Full Text
Abstract
GenAI users face significant security risks related to data, with regulated data making up a large share of sensitive information shared with GenAI applications, posing a threat of costly data breaches.Help Net Security
July 26, 2024 – Policy and Law
Software Maker MCG Health Settles Data Breach Suit for $8.8M Full Text
Abstract
MCG Health has agreed to a settlement of $8.8 million for a data breach lawsuit following a hacking incident in 2020. The lawsuit alleges that it took MCG Health two years to discover and report the data theft affecting around 1.1 million people.Bank Infosecurity
July 26, 2024 – General
How Cyber Insurance Coverage is Evolving Full Text
Abstract
While purchasing cyber insurance won't completely prevent data breaches, it does improve the cyber posture as it requires strict underwriting processes. However, only a quarter of companies currently have standalone cyber insurance policies.Cybersecurity Dive
July 26, 2024 – Attack
Belarus-linked Hackers Target Ukrainian Organizations with PicassoLoader Malware Full Text
Abstract
GhostWriter, also known as UAC-0057, used PicassoLoader and Cobalt Strike Beacon to infect victims, including local government offices and groups associated with USAID’s Hoverla project.The Record
July 26, 2024 – General
Ransomware and BEC Make Up 60% of Cyber Incidents Full Text
Abstract
According to Cisco Talos, ransomware and BEC attacks made up 60% of all incidents in Q2 2024, with technology being the most targeted sector at 24%. Other highly targeted sectors included retail, healthcare, pharmaceuticals, and education.Infosecurity Magazine
July 25, 2024 – Vulnerabilities
ConfusedFunction: A Privilege Escalation Vulnerability Impacting GCP Cloud Functions Full Text
Abstract
Researchers have uncovered a vulnerability in Google Cloud Platform's Cloud Functions service called ConfusedFunction. This flaw allows an attacker to escalate their privileges to access other services and sensitive data in an unauthorized manner.Tenable
July 25, 2024 – Attack
North Korean Hacker Group Targeting Healthcare, Energy Sectors Full Text
Abstract
North Korean hackers, specifically the Andariel hacking group, are now targeting the healthcare, energy, and financial sectors according to a Mandiant report. This group is believed to be associated with North Korea's Reconnaissance General Bureau.Bank Infosecurity
July 25, 2024 – Phishing
TransparentTribe’s Spear-Phishing Targeting Indian Government Departments Full Text
Abstract
The malicious file, disguised as “Recommendation for the award of President’s.docm,” contained a VBA script that executed the CrimsonRAT remote control program, capable of stealing sensitive information.NSFOCUS
July 25, 2024 – General
AI Accelerates Code Development Faster Than Security Teams can Keep up Full Text
Abstract
According to a Seemplicity survey, AI is speeding up code development faster than security teams can keep up, leading to concerns about vulnerability management. 91% of organizations are increasing their security budgets.Help Net Security
July 25, 2024 – Vulnerabilities
Docker Patches Critical AuthZ Plugin Bypass Vulnerability Dating Back to 2018 Full Text
Abstract
The critical vulnerability in Docker Engine, identified as CVE-2024-41110 with a severity score of 10/10, was first discovered in 2018 and reappeared due to a missed patch in January 2019. It allows attackers to bypass authorization plugins.Docker
July 25, 2024 – General
Report: Malware Attacks Surge 30% in First Half of 2024 Full Text
Abstract
The 2024 Mid-Year Cyber Threat Report from SonicWall revealed a 30% increase in malware-based threats compared to 2023, with a significant spike in attacks from March to May, including 78,923 new variants observed in the first half of 2024.Infosecurity Magazine
July 25, 2024 – Hacker
‘Stargazer Goblin’ Amasses Thousands of Rogue GitHub Accounts to Spread Malware Full Text
Abstract
Stargazer Goblin has been distributing various malware families like Atlantida Stealer, Lumma, and Rhadamanthys, since at least August 2022. The threat actor charges users to "star" repositories with fake accounts, increasing their credibility.Dark Reading
July 25, 2024 – Business
Vanta Raises $150M Series C, Now Valued at $2.45B Full Text
Abstract
Vanta's Series C funding was led by Sequoia Capital. Other participating investors include Growth Equity at Goldman Sachs Alternatives and J.P. Morgan, along with existing partners like Atlassian Ventures and Y Combinator.Tech Crunch
July 25, 2024 – Denial Of Service
Pro-Palestinian Actor Levels Six-Day DDoS Attack on UAE Bank Full Text
Abstract
BlackMeta, known for targeting organizations in Israel, UAE, and the US, used a cybercrime service called InfraShutdown to target a UAE bank for $500-$625 a week. The attach lasted 100 hours in total.Dark Reading
July 25, 2024 – Business
Lakera Raises $20 Million to Secure GenAI Applications Full Text
Abstract
Lakera has raised $20 million in a Series A funding round. Led by European VC Atomico, with participation from Citi Ventures, Dropbox Ventures, and existing investors including redalpine, this investment brings Lakera’s total funding to $30 million.Help Net Security
July 22, 2024 – Phishing
Fake Grand Theft Auto VI Beta Download Spreads Malware Full Text
Abstract
Bitdefender researchers found suspicious Facebook ads promoting fake beta versions for free download on PC. These ads promise early access to a non-existent GTA VI beta with attractive features and release dates, using stolen gameplay footage.Hack Read
July 22, 2024 – Policy and Law
Russian Nationals Plead Guilty to Participating in the LockBit Ransomware Group Full Text
Abstract
Two Russian nationals, Ruslan Magomedovich Astamirov and Mikhail Vasiliev, pleaded guilty in a federal court in Newark for their roles in the LockBit ransomware operation.Security Affairs
July 22, 2024 – Vulnerabilities
Several Linux Kernel Azure Vulnerabilities Fixed in Ubuntu Full Text
Abstract
Canonical released security updates to fix various vulnerabilities in the Linux kernel for Microsoft Azure Cloud systems on Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. These flaws could lead to denial of service, data leakage, or arbitrary code execution.TuxCare
July 22, 2024 – Criminals
UK Arrests Suspected Scattered Spider Hacker Linked to MGM Attack Full Text
Abstract
A 17-year-old boy from Walsall has been arrested by UK police for his involvement in the 2023 MGM Resorts ransomware attack, connected to the Scattered Spider hacking group. The arrest was made with assistance from the NCA and the FBI.Bleeping Computer
July 22, 2024 – Attack
Attackers Abuse Swap File to Steal Credit Cards Full Text
Abstract
Attackers recently abused the swap file in a Magento e-commerce site to steal credit card information. Despite multiple cleanup attempts, the malware persisted until analysts discovered it.Sucuri
July 22, 2024 – Education
Analyzing Container Escape Techniques in Cloud Environments Full Text
Abstract
While containers offer efficiency, they are vulnerable to attacks exploiting misconfigurations. Attackers can execute code or escalate privileges, endangering organizational security.Palo Alto Networks
July 22, 2024 – Government
US Sanctions Two Members of Russian ‘Cyber Army’ Hacktivist Group Full Text
Abstract
The U.S. sanctioned two members of the Russian hacktivist group Cyber Army of Russia Reborn (CARR) for carrying out cyber operations against critical U.S. infrastructure. CARR has launched low-impact DDoS attacks in Ukraine and its allies since 2022.The Record
July 22, 2024 – Attack
Fake CrowdStrike Fixes Target Companies With Malware, Data Wipers Full Text
Abstract
Malicious campaigns have emerged, including one targeting BBVA bank customers with a fake CrowdStrike Hotfix that installs remote access tools. Another attack involves a data wiper distributed under the guise of a CrowdStrike update.Bleeping Computer
July 22, 2024 – Government
China Claims Volt Typhoon was a False Flag Inside Job Conspiracy Full Text
Abstract
Beijing has claimed that the Volt Typhoon attack gang, accused by Five Eyes nations of being a Beijing-backed threat to critical infrastructure, was actually fabricated by the US intelligence community.The Register
July 22, 2024 – Government
CISA Says Malicious Hackers are ‘Taking Advantage’ of CrowdStrike Outage Full Text
Abstract
The U.S. cybersecurity agency CISA warned against clicking on suspicious links to prevent email compromise. Cybercriminals are already impersonating CrowdStrike in phishing emails, asking for payment to "fix the CrowdStrike apocalypse."Tech Crunch
July 20, 2024 – APT
APT41 Has Arisen From the DUST Full Text
Abstract
APT41, a China-based hacking group, has targeted organizations in shipping, logistics, media, technology, and automotive sectors in Italy, Spain, Taiwan, Thailand, Turkey, and the U.K. since 2023.July 20, 2024 – Attack
OilAlpha Malicious Applications Target Humanitarian Aid Groups Operating in Yemen Full Text
Abstract
The attacks, linked to a group called OilAlpha, involved malicious mobile apps and targeted CARE International, Norwegian Refugee Council (NRC), and Saudi Arabian King Salman Humanitarian Aid and Relief Centre.Recorded Future
July 20, 2024 – Ransomware
New Play Ransomware Linux Variant Targets ESXi Shows Ties With Prolific Puma Full Text
Abstract
The Play ransomware group has introduced a Linux variant that targets ESXi environments. This variant verifies its environment before executing and has been successful in evading security measures.Trend Micro
July 20, 2024 – Attack
North Korean Hackers May Have Attacked Indian Crypto Exchange WazirX Full Text
Abstract
Indian crypto exchange WazirX disclosed a loss of virtual assets worth more than $230 million due to a cyber attack linked to North Korea. The attack targeted a multi-signature wallet with six signatories, leading to a breach in security measures.The Register
July 19, 2024 – General
US Data Breach Victim Numbers Surge 1170% Annually Full Text
Abstract
The number of US data breach victims in Q2 2024 increased annually by over 1000%, despite a 12% decrease in the actual number of incidents in those three months, according to the Identity Theft Resource Center (ITRC).Infosecurity Magzaine
July 19, 2024 – Business
Larger Deals Propel Cybersecurity Funding to Two-Year High in Q2 2024 Full Text
Abstract
According to Crunchbase data, cybersecurity funding reached a two-year high in Q2 of 2024, with venture capitalists investing $4.4 billion in startups, the strongest quarter since 2022. This marked a 144% increase from the previous year.Cybersecurity Dive
July 19, 2024 – Vulnerabilities
Critical Splunk Flaw can be Exploited to Grab Passwords Full Text
Abstract
A critical vulnerability (CVE-2024-36991) in Splunk Enterprise on Windows is considered more severe than initially thought, allowing attackers to grab passwords. Various proof-of-concept exploits have been published.Help Net Security
July 19, 2024 – Vulnerabilities
Critical TE.0 HTTP Request Smuggling Vulnerability Impacts Thousands of Google Cloud-hosted Websites Full Text
Abstract
This new class of HTTP Request Smuggling vulnerabilities poses a significant risk to thousands of websites, including those protected by Google's Load Balancer and Identity-Aware Proxy (IAP).Bug Crowd
July 19, 2024 – Cryptocurrency
Operation Spincaster Targets Crypto Pig-Butchering Scams Full Text
Abstract
Operation Spincaster, involving law enforcement and government agencies across six countries, as well as 17 cryptocurrency exchanges, has identified 7,000 leads and $162 million in losses.Bank Infosecurity
July 19, 2024 – Attack
New Hacker Group Uses Open-Source Tools to Spy on Entities in Asia-Pacific Region Full Text
Abstract
Targets of TAG-100's attacks include intergovernmental and diplomatic entities in the Asia-Pacific region, religious organizations in the U.S. and Taiwan, as well as a political party supporting an investigation into the Chinese government.The Record
July 17, 2024 – Vulnerabilities
WP Time Capsule Plugin Update Urged After Critical Security Flaw Full Text
Abstract
By exploiting this flaw, attackers could bypass critical authentication checks, manipulating JSON-encoded POST data to elevate their privileges and effectively log in as site administrators.Infosecurity Magazine
July 17, 2024 – General
Report: Nearly One in Three Software Development Professionals Unaware of Secure Practices Full Text
Abstract
One-third of software development professionals lack awareness of secure practices, according to a report by the Linux Foundation and the Open Source Security Foundation.Cybersecurity Dive
July 17, 2024 – Phishing
“Konfety” Mobile Ad Fraud Campaign Found Using Unique Obfuscation Method Full Text
Abstract
A massive ad fraud operation known as Konfety is using over 250 Google Play decoy apps to hide malicious twins. The campaign leverages a mobile advertising SDK linked to a Russia-based ad network named CaramelAds.Human Security
July 17, 2024 – Business
Kaspersky to Quit US This Weekend Full Text
Abstract
Kaspersky, the Russian cybersecurity vendor, is winding down its operations in the US due to a Commerce Department decision prohibiting the sale of its products and services in the country.Infosecurity Magazine
July 17, 2024 – Attack
Hacktivist Groups Target Romania Amid Geopolitical Tensions Full Text
Abstract
Hacktivist groups are targeting Romania amidst geopolitical tensions, with increased DDoS attacks observed by security researchers. These attacks involve CyberDragon and the Cyber Army of Russia.Infosecurity Magazine
July 17, 2024 – Cryptocurrency
Tether Freezes $29 Million of Cryptocurrency Connected To Cambodian Marketplace Accused of Fueling Scams Full Text
Abstract
Tether has frozen $29 million of cryptocurrency linked to a Cambodian marketplace accused of supporting scams. Tether confirmed the freeze, citing concerns about fraudulent and criminal activities.The Record
July 17, 2024 – Solution
Firmware Update Hides Bluetooth Fingerprints Full Text
Abstract
A team of researchers from the University of California San Diego has developed a firmware update to hide a smartphone's unique Bluetooth fingerprint, which can be used to track the user.Help Net Security
July 17, 2024 – General
Paris 2024 Olympics to Face Complex Cyber Threats Full Text
Abstract
Paris 2024 Olympics are expected to face a significant increase in cyber threats, with IDC predicting the Games will encounter a complex threat landscape and a large ecosystem of threat actors.Help Net Security
July 17, 2024 – Malware
Fake AWS Packages Ship Command and Control Malware in JPEG Files Full Text
Abstract
The two malicious packages, img-aws-s3-object-multipart-copy and legacyaws-s3-object-multipart-copy, were downloaded 190 and 48 times, respectively, before being removed by npm security.Phylum
July 17, 2024 – General
Ransomware Leak Site Posts Jumped 20% in Q2 Full Text
Abstract
According to Reliaquest, ransomware incidents surged in Q2, with 1,237 organizations listed on data leak sites, a 20% increase from Q1. U.S. businesses were hit the hardest, accounting for over half of the victims.Cybersecurity Dive
July 16, 2024 – Phishing
HR-Themed Phishing Campaign Targets Employees to Steal Microsoft Credentials Full Text
Abstract
In a recent phishing attempt, Cofense researchers spotted an email disguised as a communication from a company's HR department, prompting recipients to review an updated employee handbook.Cofense
July 16, 2024 – Phishing
Facebook Ads for Windows Desktop Themes Push Info-Stealing Malware Full Text
Abstract
The threat actors take out ads for Windows themes, free game downloads, and software cracks for apps like Photoshop and Microsoft Office. These ads are shared through new or hijacked Facebook business pages.Bleeping Computer
July 16, 2024 – Attack
Void Banshee Targets Windows Users Through MSHTML Flaw to Spread Atlantida Stealer Full Text
Abstract
The vulnerability, CVE-2024-38112, was observed by Trend Micro in May 2024, being exploited as part of a multi-stage attack chain using internet shortcut files. The campaign has been active throughout 2024.Trend Micro
July 16, 2024 – Ransomware
SEXi Ransomware Rebrands as ‘APT Inc.,’ Retains Prior Extortion Tactics Full Text
Abstract
The cybercrime group known as SEXi ransomware, now operating as APT Inc., has been targeting organizations since February. They use a leaked Babuk encryptor for VMware ESXi servers and LockBit 3 encryptor for Windows servers.Dark Reading
July 16, 2024 – Phishing
Attackers Exploit URL Protections to Disguise Phishing Links Full Text
Abstract
Phishing campaigns are utilizing three different URL protection services to disguise phishing URLs and trick victims into giving up their credentials. These attacks have targeted numerous companies already.Infosecurity Magazine
July 16, 2024 – Attack
ShadowRoot Ransomware Targets Turkish Businesses Full Text
Abstract
The attackers target Turkish businesses with this ransomware campaign, distributing it via email addresses like Kurumsal[.]tasilat[@]internet[.]ru. The malware payload is hosted on a compromised GitHub account.Security Online
July 16, 2024 – Ransomware
HardBit Ransomware Version 4.0 Supports New Obfuscation Techniques Full Text
Abstract
To ensure victims cannot recover encrypted files easily, the ransomware deletes the Volume Shadow Copy Service (VSS) and makes adjustments to the boot configuration to prevent errors upon restart.Security Affairs
July 16, 2024 – Cryptocurrency
DNS Hijacks Target Cryptocurrency Platforms Registered With Squarespace Full Text
Abstract
A coordinated wave of DNS hijacking attacks recently targeted decentralized finance (DeFi) cryptocurrency domains. Attackers used the Squarespace registrar to redirect visitors to phishing sites that aimed to steal cryptocurrency and NFTs.Bleeping Computer
July 16, 2024 – General
Risk Related to Non-Human Identities: Believe the Hype, Reject the FUD Full Text
Abstract
The hype surrounding non-human identities (NHIs) has recently increased due to the risk they pose, with breaches causing fear, uncertainty, and doubt. With NHIs outnumbering human identities, the associated risks need to be addressed.Help Net Security
July 16, 2024 – Solution
Realm: Open-Source Adversary Emulation Framework Full Text
Abstract
Realm is an open-source adversary emulation framework focused on scalability, reliability, and automation. It features a custom interpreter in Rust, enabling the creation of complex TTPs as code.Help Net Security
July 12, 2024 – Attack
Japanese Space Agency Spots Unspecified Zero-Day Attacks Full Text
Abstract
JAXA was targeted with zero-day exploits during its investigation with Microsoft into a 2023 cyberattack. The attack mainly affected its Active Directory system, prompting JAXA to shut down networks to prevent data compromise.The Register
July 12, 2024 – Denial Of Service
Macau Government Websites Hit with Cyberattack by Suspected Foreign Hackers Full Text
Abstract
The attack, identified as a distributed denial-of-service attack (DDoS), affected websites of security services, police, fire and rescue services, and the academy for public security forces.The Record
July 12, 2024 – Attack
Japan Warns of Attacks Linked to North Korean Kimsuky Hackers Full Text
Abstract
The attacks were detected earlier this year, with indicators of compromise shared by AhnLab Security Intelligence Center. The attackers initiate their attacks with phishing emails containing malicious attachments disguised as documents.Bleeping Computer
July 12, 2024 – Criminals
The Stark Truth Behind the Resurgence of Russia’s FIN7 Full Text
Abstract
FIN7, a cybercrime group responsible for billions in losses, was dismantled by U.S. authorities in 2023. However, they resurfaced in 2024 with Stark Industries Solutions, hosting thousands of fake websites mimicking renowned companies.Krebs On Security
July 12, 2024 – Vulnerabilities
Multiple Threat Actors Exploit PHP Flaw CVE-2024-4577 to Deliver Malware Full Text
Abstract
The PHP vulnerability, tracked as CVE-2024-4577, with a CVSS score of 9.8, allows attackers to execute commands on Windows systems using Chinese and Japanese language settings.Security Affairs
July 12, 2024 – Criminals
Ransomware Gangs Invest in Custom Data Stealing Malware Full Text
Abstract
Ransomware gangs are now creating custom data-stealing malware instead of just encrypting files. Mature crime organizations are investing in bespoke data theft tools, according to a Cisco Talos report on the top 14 ransomware groups.The Register
July 12, 2024 – Vulnerabilities
Veeam Flaw Becomes Ransomware Vector a Year After Patching Full Text
Abstract
A new ransomware gang known as EstateRansomware is exploiting a Veeam vulnerability that was patched over a year ago to spread file-encrypting malware and demand ransom payments.The Register
July 12, 2024 – Business
Cytactic Raises $16M in Seed Funding Full Text
Abstract
Cytactic, an Israel-based provider of a platform pioneering cyber crisis readiness and management, raised $16M in a seed funding round led by Evolution Equity Partners. It intends to use the funds to expand operations and development efforts.Finsmes
July 12, 2024 – Malware
Exploring Compiled V8 JavaScript Usage in Malware Full Text
Abstract
Compiled V8 JavaScript in Google's engine converts JavaScript into low-level bytecode, making analysis and detection difficult. Attacks using this bytecode ensure compatibility with the V8 engine for successful execution.CheckPoint
July 11, 2024 – Solution
BunkerWeb: Open-Source Web Application Firewall (WAF) Full Text
Abstract
The genesis of BunkerWeb came from the need to apply security practices manually every time a web application was put online. The solution meets global needs with a modular architecture allowing for extensions.Help Net Security
July 10, 2024 – General
Most Security Pros Admit Shadow SaaS and AI Use Full Text
Abstract
A recent Next DLP poll revealed that 73% of cybersecurity professionals used unauthorized apps, including AI, last year. Top concerns were data loss, lack of control, and breaches, with 10% admitting to a breach due to these tools.Infosecurity Magazine
July 10, 2024 – Disinformation
US Busts Russian AI-Driven Disinformation Operation Full Text
Abstract
The Department of Justice investigated around 1,000 accounts on social media platform X, previously Twitter, which were used by the Kremlin to spread pro-Moscow propaganda created by the AI-driven Meliorator software.Bank Infosecurity
July 10, 2024 – Phishing
Regional Transport Office Themed Phishing Campaign Targets Android Users In India Full Text
Abstract
Phishing messages impersonating the Regional Transport Office have been circulating since 2024, claiming traffic violations and prompting users to download a malicious APK named "VAHAN PARIVAHAN.apk".Cyble As CISOs Grapple with the C-Suite, Job Satisfaction Takes a Hit Full Text </p>
Abstract
Research shows that 75% of CISOs are considering a job change due to various challenges and pressures. CISOs often face accountability for cyber incidents and compliance failures, leading to discontent.Cybersecurity Dive
July 10, 2024 – Government
CISA Adds Microsoft Windows and Rejetto HTTP File Server Bugs to its Known Exploited Vulnerabilities Catalog Full Text
Abstract
The vulnerabilities added include CVE-2024-23692 affecting Rejetto HTTP File Server, CVE-2024-38080 impacting Windows Hyper-V, and CVE-2024-38112 targeting Windows MSHTML Platform.Security Affairs
July 10, 2024 – Phishing
`
Ticket Heist Network of 700 Domains Sells Fake Olympic Games Tickets Full Text
Abstract
QuoIntelligence discovered the operation called Ticket Heist, with convincing websites selling fake Olympic tickets. The prices on these websites are much higher than the official ones.Bleeping Computer
July 10, 2024 – Government
US Senate NDAA 2025 Boosts Military Cyber and AI Initiatives Full Text
Abstract
The Senate Armed Services Committee presented the NDAA for fiscal year 2025, totaling $923.3 billion for defense funding. This includes $878.4 billion for the Pentagon and $33.4 billion for national security programs under the Department of Energy.Bank Infosecurity
July 10, 2024 – Vulnerabilities
Microsoft July 2024 Patch Tuesday Fixes 142 Flaws, 4 Zero-Days Full Text
Abstract
As part of Microsoft's July 2024 Patch Tuesday, 142 flaws were addressed, including two zero-days actively exploited and two publicly disclosed. Five critical vulnerabilities were fixed, all related to remote code execution.Bleeping Computer
July 10, 2024 – Cryptocurrency
Crypto Thefts Double to $1.4 Billion, TRM Labs Finds Full Text
Abstract
Cryptocurrency exchange hacks and exploits are on the rise, with $1.38bn stolen in the first half of 2024, double the amount stolen in 2023. While it is lower than the record-breaking $2bn stolen in 2022, the surge may be due to higher token prices.Infosecurity Magazine
July 10, 2024 – Vulnerabilities
Blast RADIUS Attack can Bypass Authentication for Clients Full Text
Abstract
This vulnerability, known as Blast RADIUS and rated 7.5 out of 10 on the severity scale, affects the RADIUS networking protocol, potentially granting unauthorized access to network devices and services without credentials.The Register
July 9, 2024 – Hacker
Researchers Catch Yemeni Hackers Spying on Middle East Military Phones Full Text
Abstract
A Yemeni hacking group associated with the Houthi movement has been spying on military personnel in the Middle East by infecting their phones with surveillance software, according to cybersecurity firm Lookout.Cyber Scoop
July 9, 2024 – Government
CISA and Partner Agencies Join ASD’S ACSC to Release Advisory on APT40, a Chinese State-Sponsored Group Full Text
Abstract
Cybersecurity agencies from Australia, Canada, Germany, Japan, New Zealand, South Korea, the UK, and the US have warned about APT40, a China-linked cyber espionage group known for quickly exploiting new security bugs after public disclosure.CISA
July 9, 2024 – Vulnerabilities
Critical Ghostscript flaw exploited in the wild. Patch it now! Full Text
Abstract
This vulnerability affects Ghostscript versions ? 10.03.0 and can have a significant impact on web applications and services using Ghostscript for document conversion and previews.Security Affairs
July 9, 2024 – Phishing
Scammers Double-Dip by Offering Prior Victims Help to Recover Stolen Funds Full Text
Abstract
The scammers identify previous scam victims and pose as trusted entities such as government agencies, cybersecurity firms, or fund recovery services, asking for upfront fees or personal information to supposedly help with the recovery process.The Register
July 9, 2024 – Vulnerabilities
Apache Fixed a Source Code Disclosure Flaw in Apache HTTP Server Full Text
Abstract
This vulnerability, tracked as CVE-2024-39884 and caused by a regression, can lead to unintentional exposure of sensitive data when legacy content-type configurations are used.Security Affairs
July 9, 2024 – Ransomware
New Mallox Ransomware Variant Targets Linux Systems Full Text
Abstract
A new variant of Mallox ransomware has been discovered by cybersecurity researchers at Uptycs, targeting Linux systems with custom encryption and a builder web panel. A custom Python script called web_server.py is used to deliver the ransomware.Hack Read
July 9, 2024 – Vulnerabilities
Splunk Addresses Critical Vulnerabilities in Enterprise and Cloud Platforms Full Text
Abstract
Splunk has released a set of security updates to address 16 vulnerabilities in Splunk Enterprise and Cloud Platform, including high-severity issues. CVE-2024-36985 allows remote code execution via External Lookup in Splunk Enterprise.The Cyber Express
July 9, 2024 – Solution
Update: Network Segmentation Hobbled Midnight Blizzard’s Attack on TeamViewer Full Text
Abstract
The company revealed that their corporate IT network, production environment, and TeamViewer connectivity platform are segmented to prevent unauthorized access. Immediate remediation measures were effective in blocking suspicious activity.Help Net Security
July 9, 2024 – Vulnerabilities
Increase in the Exploitation of Microsoft SmartScreen Vulnerability Full Text
Abstract
Cyble Research and Intelligence Labs (CRIL) has identified an increase in the exploitation of the Microsoft SmartScreen vulnerability (CVE-2024-21412) through an active campaign targeting regions like Spain, the US, and Australia.Cyble
July 9, 2024 – General
Critical Infrastructure Providers Seek Guardrails on Scope, Timeline for CIRCIA Rules Full Text
Abstract
Critical infrastructure providers are urging federal officials for more flexibility in reporting cyber incidents within the first 72 hours under the Cyber Incident Reporting for Critical Infrastructure Act.Cybersecurity Dive
July 6, 2024 – Vulnerabilities
Latest Ghostscript Vulnerability Haunts Experts as the Next Big Breach Enabler Full Text
Abstract
The vulnerability could be exploited to compromise systems without requiring user interaction, contrary to some severity assessments initially made by Tenable and Red Hat.The Register
July 6, 2024 – Ransomware
New Eldorado Ransomware Targets Windows, VMware ESXi VMs Full Text
Abstract
Eldorado also encrypts network shares using the SMB protocol, deletes shadow volume copies, and skips certain file types to prevent system damage. Affiliates can customize attacks on Windows, while Linux customization is limited.Bleeping Computer
July 6, 2024 – Vulnerabilities
Traeger Security Bugs Threatening Grillers’ Hard Work Full Text
Abstract
Traeger grills face security bugs that could spell trouble for BBQ enthusiasts. High-severity vulnerabilities in the Traeger Grill D2 Wi-Fi Controller could allow remote attackers to control the grill's temperature or shut it down.The Register
July 6, 2024 – Attack
Passkey Redaction Attacks Subvert GitHub, Microsoft Authentication Full Text
Abstract
Online accounts are increasingly protected by passkey technology, but many platforms like banking, e-commerce, social media, and software development can still be compromised using adversary-in-the-middle (AitM) attacks.Dark Reading
July 5, 2024 – Botnet
New Golang Zergeca Botnet appeared in the threat landscape Full Text
Abstract
The researchers at QiAnXin XLab team discovered a new Golang-based botnet called Zergeca, capable of conducting DDoS attacks. It was detected through a suspicious ELF file and has been used to launch DDoS attacks in Canada, the U.S., and Germany.Security Affairs
July 5, 2024 – Malware
Turla: A Master of Deception Full Text
Abstract
The Turla malware has been found using weaponized LNK files to infect computers. The malware leverages a compromised website to distribute malicious packages through phishing emails.G Data
July 5, 2024 – Malware
Malicious QR Reader App in Google Play Delivers Anatsa Banking Malware Full Text
Abstract
A malicious QR code reader app on Google Play has been found distributing the Anatsa banking malware, posing a significant threat to users' financial data. The app has already been downloaded thousands of times.Cyber Security News
July 4, 2024 – Attack
Alert: French Diplomats Targeted By Russian Cyber Attacks Full Text
Abstract
ANSSI warned about a hacking group linked to Russia's SVR targeting French diplomatic interests. The group has compromised email accounts at the French Ministry of Culture and the National Agency for Territorial CohesionSecurity Boulevard
July 4, 2024 – Attack
Hackers attack HFS servers to drop malware and Monero miners Full Text
Abstract
Hackers are targeting older versions of the HTTP File Server from Rejetto to drop malware and cryptocurrency mining software by exploiting a critical vulnerability (CVE-2024-23692) that allows executing arbitrary commands without authentication.Bleeping Computer
July 4, 2024 – Vulnerabilities
Ghostscript Vulnerabilities Patched in Recent Ubuntu Updates Full Text
Abstract
Canonical has released Ubuntu security updates to address bugs in Ghostscript, a tool used for interpreting PostScript and PDF files. These vulnerabilities could potentially allow attackers to bypass security restrictions or execute malicious code.Security Boulevard
July 4, 2024 – Malware
Mekotio Banking Trojan Threatens Financial Systems in Latin America Full Text
Abstract
The Mekotio banking trojan is a highly sophisticated malware that targets Latin American countries, with a focus on stealing banking credentials. It spreads through phishing emails, tricking users into interacting with malicious links or attachments.Trend Micro
July 4, 2024 – Vulnerabilities
Splunk fixed tens of flaws in Splunk Enterprise and Cloud Platform Full Text
Abstract
Splunk has released security updates to address 16 vulnerabilities in Splunk Enterprise and Cloud Platform. These vulnerabilities include high-severity flaws such as Remote Code Execution (RCE) and Serialized Session Payload exploits.Security Affairs
July 4, 2024 – Denial Of Service
OVHcloud blames record-breaking DDoS attack on MikroTik botnet Full Text
Abstract
OVHcloud successfully mitigated a record-breaking DDoS attack with a packet rate of 840 million packets per second. The attack originated from compromised MikroTik network devices, which were used to generate high packet rates.Bleeping Computer
July 4, 2024 – Criminals
Operation Morpheus took down 593 Cobalt Strike servers used by threat actors Full Text
Abstract
The international law enforcement operation, Operation Morpheus, led to the takedown of 593 Cobalt Strike servers used by cybercriminals. This action was a collaborative effort involving multiple countries and private partners.Security Affairs
July 4, 2024 – General
384,000 sites pull code from sketchy code library recently bought by Chinese firm Full Text
Abstract
Over 384,000 websites, including those of major companies and government entities, are still linking to the polyfill[.]io code library that was recently acquired by a Chinese firm and used to perform a supply chain attack.ArsTechnica
July 4, 2024 – General
Cyber Extortion Soars: SMBs Hit Four Times Harder Full Text
Abstract
The Cy-Xplorer 2024 report by Orange Cyberdefense reveals a significant rise in cyber extortion, with 60 ransomware groups affecting 4374 victims from Q1 2023 to Q1 2024. SMBs are targeted 4.2 times more than larger enterprises.Infosecurity Magazine
July 4, 2024 – Malware
Infostealer malware logs used to identify child abuse website members Full Text
Abstract
Researchers at Recorded Future's Insikt Group analyzed infostealer malware logs captured between February 2021 and February 2024. They cross-referenced the credentials with 20 known CSAM domains, identifying 3,324 unique username-password pairs.Bleeping Computer
July 3, 2024 – General
New RUSI Report Exposes Psychological Toll of Ransomware, Urges Action Full Text
Abstract
A recent report by the Royal United Services Institute (RUSI) emphasized the need for all incident response stakeholders to address the psychological and physiological impact of ransomware attacks on individuals.Infosecurity Magazine
July 3, 2024 – Vulnerabilities
RCE, DoS Exploits Found in Rockwell PanelView Plus: Patch Now Full Text
Abstract
Microsoft has exposed two significant vulnerabilities in Rockwell Automation's PanelView Plus devices that could be exploited by attackers to execute remote code and launch denial-of-service attacks.The Cyber Express
July 3, 2024 – Solution
Secator: Open-Source Pentesting Swiss Army Knife Full Text
Abstract
Secator is an open-source task and workflow runner designed for security assessments to streamline the use of various security tools for pen testers and security researchers.Help Net Security
July 3, 2024 – Vulnerabilities
Vulnerabilities in CocoaPods: The Achilles’ Heel of the Apple App Ecosystem Full Text
Abstract
Recent discoveries have unveiled severe vulnerabilities within CocoaPods, a dependency manager essential for iOS and macOS application development. These security flaws could lead to significant supply chain attacks, jeopardizing numerous applications. The exploit allows attackers to alter the soft ... Read MoreCyware
July 3, 2024 – Criminals
New Ransomware Group Uses Phone Calls to Pressure Victims, Researchers Say Full Text
Abstract
Researchers have identified a new ransomware group called Volcano Demon responsible for two recent successful attacks on companies in the manufacturing and logistics sectors.The Record
July 3, 2024 – Criminals
Understanding the FakeBat Loader: Distribution Tactics and Cybercriminal Infrastructure Full Text
Abstract
In the early part of 2024, the FakeBat loader, also known as EugenLoader or PaykLoader, emerged as a significant threat utilizing the drive-by download technique to spread malware.The Cyber Express
July 3, 2024 – Policy and Law
Feds Hit Health Entity With $950K Fine in Ransomware Attack Full Text
Abstract
The US Department of Health and Human Services has levied a fine of $950,000 from the Heritage Valley Health System in Pennsylvania. It must address potential HIPAA violations after a ransomware attack in 2017.Bank Infosecurity
July 3, 2024 – General
Industry Groups Ask HHS for Guidance on Massive Change Breach Reports Full Text
Abstract
Industry groups are seeking further clarification on delegation processes and want a clear statement that covered entities without a business associate relationship with Change Healthcare are not obliged to notify patients.Bank Infosecurity
July 3, 2024 – Criminals
Dozens of Arrests Disrupt $2.7m Vishing Gang Full Text
Abstract
The criminal gang targeted elderly Spanish citizens by posing as bank employees through voice phishing and then showing up unannounced at their homes to collect cards, bank details, and PINs.Infosecurity Magazine
July 3, 2024 – Criminals
Supposed Grasshopper Operators Impersonate Israeli Government and Private Companies to Deploy Open-Source Malware Full Text
Abstract
The group uses a mix of publicly available malware and custom development to carry out their attacks. They have been using custom WordPress websites as a payload delivery mechanism.HarfanLab
July 2, 2024 – Business
Rapid7 To Acquire Attack Surface Management Startup Noetic Cyber Full Text
Abstract
Cybersecurity firm Rapid7 has announced to acquired Noetic Cyber, a startup specializing in cyber asset attack surface management (CAASM). The terms of the deal were not disclosed.CRN
July 2, 2024 – General
Ransomware Attack Demands Reach a Staggering $5.2m in 2024 Full Text
Abstract
According to a new analysis by Comparitech, the average ransom demand per ransomware attack in the first half of 2024 was over $5.2m (£4.1m). This was calculated from 56 known ransom demands issued by threat actors during that period.Infosecurity Magazine
July 2, 2024 – General
Cyber-Insurance Premiums Decline as Firms Build Resilience Full Text
Abstract
Cyber insurance premiums have seen significant reductions in price due to improved cybersecurity measures implemented by organizations. Despite an 18% increase in ransomware incidents, premiums have decreased in 2023/24.Infosecurity Magazine
July 2, 2024 – Encryption
Preparing for Q-Day as NIST Nears Approval of PQC Standards Full Text
Abstract
Q-Day, the day when a quantum computer can break modern encryption, is approaching rapidly, leaving our society vulnerable to cyberattacks. Recent advancements in quantum technology suggest that Q-Day is coming sooner than expected.Help Net Security
July 2, 2024 – Malware
New Orcinius Trojan Uses VBA Stomping to Mask Infection Full Text
Abstract
This multi-stage trojan utilizes Dropbox and Google Docs to update and deliver payloads. It uses the VBA stomping technique, removing the VBA source code in a Microsoft Office document, leaving only compiled p-code.SonicWall
July 2, 2024 – Phishing
How Hacked YouTube Channels Spread Scams and Malware Full Text
Abstract
The most common attack methods against YouTube channels involve phishing attacks to steal login credentials, exploiting weak or reused passwords, and even bypassing two-factor authentication by stealing session cookies.WeLiveSecurity
July 2, 2024 – Malware
CapraRAT Spyware Variant Disguised as Popular Apps to Target Android Users Full Text
Abstract
The recent campaign shows updates to the group's techniques and social engineering tactics, as well as efforts to maximize the spyware's compatibility with older and modern versions of the Android operating system.Silicon Angle
July 2, 2024 – Vulnerabilities
Dev Rejects CVE Severity, Makes his GitHub Repository Read-Only Full Text
Abstract
The open source project 'ip' has been archived on GitHub due to a dubious CVE report filed against it. This is not an isolated incident, as open-source developers have seen an increase in unsubstantiated CVE reports for their projects.Bleeping Computer
July 2, 2024 – General
Report: Cyber Workforce Grows 15% at Large Organizations Full Text
Abstract
Large organizations have significantly bolstered their cybersecurity workforce in 2024, with an average of one expert dedicated to cybersecurity for every 1,086 employees in companies with over $1 billion in revenue, as per a report by Wavestone.Infosecurity Magazine
July 2, 2024 – Vulnerabilities
Latest Intel CPUs Impacted by New Indirector Side-Channel Attack Full Text
Abstract
Researchers at the University of California, San Diego have discovered a new type of attack called 'Indirector' that targets modern Intel processors, including those from the Raptor Lake and Alder Lake generations.Bleeping Computer
July 1, 2024 – Vulnerabilities
Apple CocoaPods Bugs Expose Millions of Apps to Code Injection Full Text
Abstract
A report by E.V.A Information Security reveals that Apple's popular dependency manager, CocoaPods, has been plagued with three critical vulnerabilities for several years.Dark Reading
July 1, 2024 – Business
Startup Odaseva Raises $54M to Bolster Global Expansion, R&D Full Text
Abstract
The Series C funding will allow San Francisco-based Odaseva to provide more robust support to clients dealing with stringent data residency regulations and evolving privacy laws around the globe, according to founder and CEO Sovan Bin.Bank Infosecurity
July 1, 2024 – Attack
TeamViewer Says Russia’s ‘Cozy Bear’ Hackers Attacked Corporate IT System Full Text
Abstract
Remote access solution provider TeamViewer confirmed that the Russian hacking group APT29 breached its corporate IT environment. The hack on TeamViewer was traced back to an employee account.The Record
July 1, 2024 – General
Report: 75% of New Vulnerabilities Exploited Within 19 Days Full Text
Abstract
Last year, Skybox Security reported that there were over 30,000 new vulnerabilities, with a new vulnerability emerging every 17 minutes on average. This amounts to around 600 new vulnerabilities per week.Help Net Security
July 1, 2024 – Vulnerabilities
Multiple Vulnerabilities Found in Gas Chromatographs Full Text
Abstract
Multiple critical vulnerabilities have been discovered in Emerson gas chromatographs, which could potentially enable unauthorized access to sensitive data, cause denial-of-service attacks, and execute arbitrary commands.Bank Infosecurity
July 1, 2024 – Education
Web Scraping is Not Just a Security or Fraud Problem Full Text
Abstract
Scraper bots have a negative impact on various aspects of an organization, including revenue, competitive advantage, brand identity, customer experience, infrastructure costs, and digital experience.Help Net Security
July 1, 2024 – Vulnerabilities
New ‘regreSSHion’ Remote Unauthenticated Code Execution Vulnerability Discovered in OpenSSH Server Full Text
Abstract
Approximately 700,000 external internet-facing instances are vulnerable, accounting for 31% of global instances with OpenSSH. Additionally, a small percentage of vulnerable instances are running an End-Of-Life/End-Of-Support version of OpenSSH.Qualys
July 1, 2024 – Policy and Law
Police Allege ‘Evil Twin’ In-Flight Wi-Fi Used to Steal Information Full Text
Abstract
A man in Australia was charged with operating fake Wi-Fi networks on a commercial flight to steal passengers' email and social media credentials. The investigation began when an airline reported a suspicious Wi-Fi network during a domestic flight.The Register
July 1, 2024 – Phishing
Fake IT Support Sites Push Malicious PowerShell Scripts as Windows Fixes Full Text
Abstract
These sites are promoted through compromised YouTube channels, lending them credibility. One particular error, the 0x80070643 error, which appeared after a Microsoft security update, has been exploited by threat actors.Bleeping Computer
July 1, 2024 – Attack
Update: Polyfill.io, BootCDN, Bootcss, Staticfile Attack Traced to one Operator Full Text
Abstract
Researchers found a public GitHub repo where the operators of Polyfill.io accidentally exposed their Cloudflare secret keys. By using these leaked API keys, they were able to confirm that a single entity was behind the attack on all four domains.Bleeping Computer