23174
🗞 The finest daily news on cybersecurity and privacy. 🔔 Daily releases. 💻 Is your online life secure? 📩 lalilolalo.dev@gmail.com
🦅 Solar Monitoring Solutions in Hacktivists’ Crosshairs 🦅 Executive Summary In September 2024, the proRussian hacktivist group Just Evil and possibly the statebacked Beregini group led a coordinated cyberattack on Lithuanian energy infrastructure. The attackers claimed to target the PV monitoring solution used by the stateowned Energy holding company Ignitis Group. Just Evil is a faction that emerged from the split of the Killnet group, while Beregini exemplifies the complex interplay of hacktivism and statesponsored cyber operations within the context of the RussiaUkraine conflict. It operates under the guise of a Ukrainian group while aligning closely with proRussian interests. Just Evil allegedly accessed the power monitoring dashboard of 22 Ignitis clients, including hospitals and military academies, via a compromised PV Monitori...
📖 Read more.
🔗 Via "CYBLE"
----------
👁️ Seen on @cibsecurity
🖋️ Chrome Users Can Now Sync Passkeys Across Devices with New Google PIN Feature 🖋️Google on Thursday unveiled a Password Manager PIN to let Chrome web users sync their passkeys across Windows, macOS, Linux, ChromeOS, and Android devices. "This PIN adds an additional layer of security to ensure your passkeys are endtoend encrypted and can't be accessed by anyone, not even Google," Chrome product manager Chirag Desai said. The PIN is a sixdigit code by default, although it's.
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🦿 Best of CrowdStrike Fal.Con 2024: Tackling Adversity with a Wave of Cybersecurity Innovation 🦿CrowdStrike faced a crisis on July 19 when an update went horribly wrong. The company faced a firestorm of criticism. Doubts were raised about its survival. Rather than going into PR spin mode, George Kurtz, CEO and founder of CrowdStrike, spent weeks addressing the problem while doing interviews to explain the incident, why it happened, ...
📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
📔 Going for Gold: HSBC Approves Quantum-Safe Technology for Tokenized Bullions 📔The bank giant and Quantinuum trialed the first application of quantumsecure technology for buying and selling tokenized physical gold.
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
📢 Closing the SMB security gap 📢SMBs need more expertise to address the gaps in cyber defenses as skills shortages and regulatory pressures grow.
📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
🕵️♂️ North Korean APT Bypasses DMARC Email Policies in Cyber-Espionage Attacks 🕵️♂️How the Kimsuky nationstate group and other threat actors are exploiting poor email security and what organizations can do to defend themselves.
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
🕵️♂️ Vice Society Pivots to Inc Ransomware in Healthcare Attack 🕵️♂️Inc ransomware one of the most popular among cybercriminals today meets healthcare, the industry sector most targeted by RaaS.
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
🕵️♂️ 1 PoC Exploit for Critical RCE Flaw, but 2 Patches From Veeam 🕵️♂️The first patch lets threat actors with lowlevel credentials still exploit the vulnerability, while the second fully resolves the flaw.
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
🖋️ Wherever There's Ransomware, There's Service Account Compromise. Are You Protected? 🖋️Until just a couple of years ago, only a handful of IAM pros knew what service accounts are. In the last years, these silent NonHumanIdentities NHI accounts have become one of the most targeted and compromised attack surfaces. Assessments report that compromised service accounts play a key role in lateral movement in over 70 of ransomware attacks. However, theres an alarming disproportion.
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
📔 Infostealers Cause Surge in Ransomware Attacks, Just One in Three Recover Data 📔Infostealer malware and digital identity exposure behind rise in ransomware, researchers find.
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
🕵️♂️ FBI Leads Takedown of Chinese Botnet Impacting 200K Devices 🕵️♂️Once a user's device is infected as part of an ongoing Flax Typhoon APT campaign, the malware connects it to a botnet called Raptor Train, initiating malicious activity.
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
🖋️ Healthcare's Diagnosis is Critical: The Cure is Cybersecurity Hygiene 🖋️Cybersecurity in healthcare has never been more urgent. As the most vulnerable industry and largest target for cybercriminals, healthcare is facing an increasing wave of cyberattacks. When a hospital's systems are held hostage by ransomware, its not just data at risk its the care of patients who depend on lifesaving treatments. Imagine an attack that forces emergency care to halt, surgeries.
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🖋️ New Brazilian-Linked SambaSpy Malware Targets Italian Users via Phishing Emails 🖋️A previously undocumented malware called SambaSpy is exclusively targeting users in Italy via a phishing campaign orchestrated by a suspected Brazilian Portuguesespeaking threat actor. "Threat actors usually try to cast a wide net to maximize their profits, but these attackers are focused on just one country," Kaspersky said in a new analysis. "It's likely that the attackers are testing the.
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🛠 CVE-2024-26581 Checker 🛠This is a script to check your kernel versions to see if you're susceptible to CVE202426581.
📖 Read more.
🔗 Via "Packet Storm - Tools"
----------
👁️ Seen on @cibsecurity
🦿 Digital Maturity Key to AI Success in Australian Cyber Security 🦿ManageEngine reveals that digital maturity is essential for AI success in Australian cybersecurity. Discover how streamlined processes and automation boost AI ROI and effectiveness.
📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
🦅 HED: Weekly IT Vulnerability Report for September 11 – September 17, 2024 🦅 Key Takeaways This week, the U.S. Cyber Security and Infrastructure Agency CISA incorporated seven vulnerabilities to its Known Exploited Vulnerability KEV catalog based on evidence of active exploitation. The team at Cyble Research and Intelligence Labs analyzed multiple high and criticalseverity CVEs impacting products and software used worldwide. One such vulnerability is CVE202438812, which impacts the VMware vCenter Server and can be remotely exploited without any user interaction. CRIL also assessed a high probability of certain vulnerabilities that attackers can use in malicious campaigns, including data breaches and supply chain attacks. Namely, CVE202429847, which impacts Ivanti Endpoint Manager, CVE202445694, an arbitrary code exaction vulnerability impacting DLi...
📖 Read more.
🔗 Via "CYBLE"
----------
👁️ Seen on @cibsecurity
🖋️ Iranian APT UNC1860 Linked to MOIS Facilitates Cyber Intrusions in Middle East 🖋️An Iranian advanced persistent threat APT threat actor likely affiliated with the Ministry of Intelligence and Security MOIS is now acting as an initial access facilitator that provides remote access to target networks. Googleowned Mandiant is tracking the activity cluster under the moniker UNC1860, which it said shares similarities with intrusion sets tracked by Microsoft, Cisco Talos, and.
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🪖 Managing Cybersecurity and Privacy Risks in the Age of Artificial Intelligence: Launching a New Program at NIST 🪖The rapid proliferation of Artificial Intelligence AI promises significant value for industry, consumers, and broader society, but as with many technologies, new risks from these advancements in AI must be managed to realize its full potential. The NIST AI Risk Management Framework AI RMF was developed to manage the benefits and risks to individuals, organizations, and society associated with AI and covers a wide range of risk ranging from safety to lack of transparency and accountability. For those of us at NIST working in cybersecurity, privacy and AI, a key concern is how advancements.
📖 Read more.
🔗 Via "NIST"
----------
👁️ Seen on @cibsecurity
📔 Cybersecurity Skills Gap Leaves Cloud Environments Vulnerable 📔A new report by Check Point Software highlights a significant increase in cloud security incidents, largely due to a lack of cybersecurity expertise and employee training.
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
🖋️ Critical Ivanti Cloud Appliance Vulnerability Exploited in Active Cyberattacks 🖋️Ivanti has revealed that a critical security flaw impacting Cloud Service Appliance CSA has come under active exploitation in the wild. The new vulnerability, assigned the CVE identifier CVE20248963, carries a CVSS score of 9.4 out of a maximum of 10.0. It was "incidentally addressed" by the company as part of CSA 4.6 Patch 519 and CSA 5.0. "Path Traversal in the Ivanti CSA before 4.6 Patch.
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🕵️♂️ Concerns Over Supply Chain Attacks on US Seaports Grow 🕵️♂️US ports rely on cranes manufactured by a Chinese stateowned company, many with unmonitored cellular connections, causing cybersecurity concerns.
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
🕵️♂️ GitLab Warns of Max Severity Authentication Bypass Bug 🕵️♂️Company urges organizations using selfhosting GitLab instances to apply updates for CVE202445409 as soon as possible.
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity
🖋️ Hackers Exploit Default Credentials in FOUNDATION Software to Breach Construction Firms 🖋️Threat actors have been observed targeting the construction sector by infiltrating the FOUNDATION Accounting Software, according to new findings from Huntress. "Attackers have been observed bruteforcing the software at scale, and gaining access simply by using the products default credentials," the cybersecurity company said. Targets of the emerging threat include plumbing, HVAC heating,.
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
♟️ This Windows PowerShell Phish Has Scary Potential ♟️Many GitHub users this week received a novel phishing email warning of critical security holes in their code. Those who clicked the link for details were asked to distinguish themselves from bots by pressing a combination of keyboard keys that causes Microsoft Windows to download passwordstealing malware. While it's unlikely that many programmers fell for this scam, it's notable because less targeted versions of it are likely to be far more successful against the average Windows user.
📖 Read more.
🔗 Via "Krebs on Security"
----------
👁️ Seen on @cibsecurity
📢 API and bot attacks are costing businesses billions–and they're on the rise 📢With APIs becoming ever more popular, they've become attractive targets for attackers, particularly through the use of highly sophisticated bots.
📖 Read more.
🔗 Via "ITPro"
----------
👁️ Seen on @cibsecurity
📔 Western Agencies Warn Risk from Chinese-Controlled Botnet 📔Cyber and law enforcement agencies across the Five Eyes countries issue warning about largescale botnet linked to Chinese firm and Flax Typhoon group.
📖 Read more.
🔗 Via "Infosecurity Magazine"
----------
👁️ Seen on @cibsecurity
🖋️ New TeamTNT Cryptojacking Campaign Targets CentOS Servers with Rootkit 🖋️The cryptojacking operation known as TeamTNT has likely resurfaced as part of a new campaign targeting Virtual Private Server VPS infrastructures based on the CentOS operating system. "The initial access was accomplished via a Secure Shell SSH brute force attack on the victim's assets, during which the threat actor uploaded a malicious script," GroupIB researchers Vito Alfano and Nam Le.
📖 Read more.
🔗 Via "The Hacker News"
----------
👁️ Seen on @cibsecurity
🧠 CISA chief AI officer follow-up: Current state of the role (and where it’s heading) 🧠At the beginning of August, CISA announced that it had appointed Lisa Einstein, Senior Advisor of its artificial intelligence division, as its new chief AI officer. This announcement came following several new initiatives in the last couple of years focused on gaining a clearer understanding of the potential security impacts of AI. With the National The post CISA chief AI officer followup Current state of the role and where its heading appeared first on Security Intelligence.
📖 Read more.
🔗 Via "Security Intelligence"
----------
👁️ Seen on @cibsecurity
🦿 Astra Vulnerability Scanner Review (2024): How Good Is Astra? 🦿Astra Security is among the best vulnerability scanners for securityconscious companies. Learn more about its features, performance, and pricing with this detailed review.
📖 Read more.
🔗 Via "Tech Republic"
----------
👁️ Seen on @cibsecurity
🕵️♂️ Phishing Espionage Attack Targets US-Taiwan Defense Conference 🕵️♂️Hackers sent a convincing lure document, but after 20 years of similar attacks, the target organization was well prepared.
📖 Read more.
🔗 Via "Dark Reading"
----------
👁️ Seen on @cibsecurity