23174
๐ The finest daily news on cybersecurity and privacy. ๐ Daily releases. ๐ป Is your online life secure? ๐ฉ lalilolalo.dev@gmail.com
๐ข AI and cybersecurity: friends or foes? ๐ขProactive rather than reactive is the security stance that will best protect your business now and in the future. And who you partner with really matters.
๐ Read more.
๐ Via "ITPro"
----------
๐๏ธ Seen on @cibsecurity
๐ข LinkedIn backtracks on AI training rules after user backlash ๐ขUKbased LinkedIn users will now get the same protections as those elsewhere in Europe.
๐ Read more.
๐ Via "ITPro"
----------
๐๏ธ Seen on @cibsecurity
๐ฆ
Undetected Android Spyware Targeting Individuals In South Korea ๐ฆ
Key Takeaways Since June 2024, a new Android Spyware campaign has been identified targeting individuals in South Korea, leveraging an Amazon AWS S3 bucket as its Command and Control CC server. The Spyware is capable of exfiltrating sensitive information from an infected device, including SMSs, contact lists, images, and videos. The stolen data, stored openly on the S3 bucket, suggests poor operational security, potentially leading to unintended leaks of sensitive information. The spyware operates with a simple source code and few key permissions, demonstrating that even simple malware can be highly effective in exfiltrating sensitive data. The malware remained undetected by all major antivirus solutions. Four unique samples were identified, exhibiting zero detection rates a...
๐ Read more.
๐ Via "CYBLE"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ New PondRAT Malware Hidden in Python Packages Targets Software Developers ๐๏ธThreat actors with ties to North Korea have been observed using poisoned Python packages as a way to deliver a new malware called PondRAT as part of an ongoing campaign. PondRAT, according to new findings from Palo Alto Networks Unit 42, is assessed to be a lighter version of POOLRAT aka SIMPLESEA, a known macOS backdoor that has been previously attributed to the Lazarus Group and deployed in.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐ข UK firms are dangerously overconfident about paying ransoms to cyber criminals ๐ขOnly 4 of organizations that pay up recover all their data, and many take months to recover.
๐ Read more.
๐ Via "ITPro"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ Ukraine Bans Telegram Use for Government and Military Personnel ๐๏ธUkraine has restricted the use of the Telegram messaging app by government officials, military personnel, and other defense and critical infrastructure workers, citing national security concerns. The ban was announced by the National Coordination Centre for Cybersecurity NCCC in a post shared on Facebook. "I have always advocated and advocate for freedom of speech, but the issue of Telegram is.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ Hacktivist Group Twelve Targets Russian Entities with Destructive Cyber Attacks ๐๏ธA hacktivist group known as Twelve has been observed using an arsenal of publicly available tools to conduct destructive cyber attacks against Russian targets. "Rather than demand a ransom for decrypting data, Twelve prefers to encrypt victims' data and then destroy their infrastructure with a wiper to prevent recovery," Kaspersky said in a Friday analysis. "The approach is indicative of a.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐ต๏ธโโ๏ธ Citrine Sleet Poisons PyPI Packages With Mac & Linux Malware ๐ต๏ธโโ๏ธA North Korean advanced persistent threat APT actor aka Gleaming Pisces tried to sneak simple backdoors into public software packages.
๐ Read more.
๐ Via "Dark Reading"
----------
๐๏ธ Seen on @cibsecurity
๐ฆ
Cyble Sensor Intelligence: Attacks, Phishing Scams and Brute-Force Detections ๐ฆ
Key Takeaways Five exploits of recent vulnerabilities were detected by Cyble honeypot sensors this week. A 9.8severity PHP flaw identified in June remains under widespread attack, and organizations are urged to upgrade as soon as possible. Cyble researchers also identified 9 phishing scams, a number of very active bruteforce attack networks, and the most commonly targeted ports. Security teams are advised to use the information provided to harden defenses Overview The Cyble Global Sensor Intelligence Network, or CGSI, monitors and captures realtime attack data through Cybles network of Honeypot sensors. This week, Cybles Threat Hunting service discovered and investigated dozens of exploit attempts, malware intrusions, financialโฏfraud,โฏand bruteforce attacks.ย The f...
๐ Read more.
๐ Via "CYBLE"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ Europol Shuts Down Major Phishing Scheme Targeting Mobile Phone Credentials ๐๏ธLaw enforcement authorities have announced the takedown of an international criminal network that leveraged a phishing platform to unlock stolen or lost mobile phones. The phishingasaservice PhaaS platform, called iServer, is estimated to have claimed more than 483,000 victims globally, led by Chile 77,000, Colombia 70,000, Ecuador 42,000, Peru 41,500, Spain 30,000, and Argentina.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐ OpenSSH 9.9p1 ๐ This is a Linuxportable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patentencumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other cleanups.
๐ Read more.
๐ Via "Packet Storm - Tools"
----------
๐๏ธ Seen on @cibsecurity
๐ฆฟ HackerOne: Nearly Half of Security Professionals Believe AI Is Risky ๐ฆฟThe HackerPowered Security Report showed mixed feelings toward AI in the security community, with many seeing leaked training data as a threat.
๐ Read more.
๐ Via "Tech Republic"
----------
๐๏ธ Seen on @cibsecurity
๐ต๏ธโโ๏ธ LinkedIn Addresses User Data Collection for AI Training ๐ต๏ธโโ๏ธThe company announced an update to its privacy policy, acknowledging it is using customer data to train its AI models.
๐ Read more.
๐ Via "Dark Reading"
----------
๐๏ธ Seen on @cibsecurity
๐ต๏ธโโ๏ธ Citrine Sleet Poisons PyPi Packages with Mac & Linux Malware ๐ต๏ธโโ๏ธA North Korean advanced persistent threat APT actor aka Gleaming Pisces tried to sneak simple backdoors into public software packages.
๐ Read more.
๐ Via "Dark Reading"
----------
๐๏ธ Seen on @cibsecurity
๐ข FBI disrupts 260,000-strong botnet targeting universities and government agencies in US ๐ขChineselinked botnet believed to have stolen sensitive information from education and governmental agencies in the US.
๐ Read more.
๐ Via "ITPro"
----------
๐๏ธ Seen on @cibsecurity
๐ LinkedIn Pauses GenAI Training Following ICO Concerns ๐The Information Commissioners Office says its pleased that LinkedIn has temporarily suspended its generative AI model training.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐ German Police Shutter 47 Criminal Crypto Exchanges ๐Officers in Germany have shut down 47 cryptocurrency exchanges they accused of facilitating cybercrime.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ Chinese Hackers Exploit GeoServer Flaw to Target APAC Nations with EAGLEDOOR Malware ๐๏ธA suspected advanced persistent threat APT originating from China targeted a government organization in Taiwan, and possibly other countries in the AsiaPacific APAC region, by exploiting a recently patched critical security flaw impacting OSGeo GeoServer GeoTools. The intrusion activity, which was detected by Trend Micro in July 2024, has been attributed to a threat actor dubbed Earth Baxia.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐ต๏ธโโ๏ธ China's 'Earth Baxia' Spies Exploit Geoserver to Target APAC Orgs ๐ต๏ธโโ๏ธThe APT group uses spearphishing and a vulnerability in a geospatial datasharing server to compromise organizations in Taiwan, Japan, the Philippines, and South Korea.
๐ Read more.
๐ Via "Dark Reading"
----------
๐๏ธ Seen on @cibsecurity
๐ FBI, CISA warning over false claims of hacked voter data โ Week in security with Tony Anscombe ๐With just weeks to go before the US presidential election, the FBI and the CISA are warning about attempts to sow distrust in the electoral process.
๐ Read more.
๐ Via "ESET - WeLiveSecurity"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ LinkedIn Halts AI Data Processing in UK Amid Privacy Concerns Raised by ICO ๐๏ธThe U.K. Information Commissioner's Office ICO has confirmed that professional social networking platform LinkedIn has suspended processing users' data in the country to train its artificial intelligence AI models. "We are pleased that LinkedIn has reflected on the concerns we raised about its approach to training generative AI models with information relating to its U.K. users," Stephen.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity
๐ต๏ธโโ๏ธ CISA Releases Plan to Align Cybersecurity Across Federal Agencies ๐ต๏ธโโ๏ธThe FOCAL plan outlines baselines to synchronize cybersecurity priorities and policies across, as well as within, agencies.
๐ Read more.
๐ Via "Dark Reading"
----------
๐๏ธ Seen on @cibsecurity
๐ต๏ธโโ๏ธ Ivanti's Cloud Service Appliance Attacked via Second Vuln ๐ต๏ธโโ๏ธThe critical bug, CVE20248963, can be used in conjunction with the prior known flaw to achieve remote code execution RCE.
๐ Read more.
๐ Via "Dark Reading"
----------
๐๏ธ Seen on @cibsecurity
๐ US Cyberspace Solarium Commission Outlines Ten New Cyber Policy Priorities ๐In its fourth annual report, the US Cyberspace Solarium Commission highlighted the need to focus on securing critical infrastructure and bolstering cyber resilience.
๐ Read more.
๐ Via "Infosecurity Magazine"
----------
๐๏ธ Seen on @cibsecurity
๐ง New cybersecurity advisory highlights defense-in-depth strategies ๐ง In 2023, the Cybersecurity and Infrastructure Security Agency CISA conducted a red team operation against an FCEB Federal Civilian Executive Branch organization. In July 2024, CISA released a new CSA that detailed the findings of this assessment along with key findings relevant to the security of the organizations network. One of the interesting findings of The post New cybersecurity advisory highlights defenseindepth strategies appeared first on Security Intelligence.
๐ Read more.
๐ Via "Security Intelligence"
----------
๐๏ธ Seen on @cibsecurity
๐ฆฟ 5 Compelling Reasons Not to Manage Your Own VoIP Server ๐ฆฟDiscover why managing your own VoIP server can be costly, dangerous, and timeconsuming for most businesses.
๐ Read more.
๐ Via "Tech Republic"
----------
๐๏ธ Seen on @cibsecurity
๐ต๏ธโโ๏ธ GenAI in Cybersecurity: Insights Beyond the Verizon DBIR ๐ต๏ธโโ๏ธThe lack of abundant data on AIenabled attacks in official reports shouldn't prevent us from preparing for and mitigating potential future threats.
๐ Read more.
๐ Via "Dark Reading"
----------
๐๏ธ Seen on @cibsecurity
๐ต๏ธโโ๏ธ Zero-Click MediaTek Bug Opens Phones, Wi-Fi to Takeover ๐ต๏ธโโ๏ธCriticalrated CVE202420017 allows remote code execution RCE on a range of phones and WiFi access points from a variety of OEMs.
๐ Read more.
๐ Via "Dark Reading"
----------
๐๏ธ Seen on @cibsecurity
๐ข Securing the future of your business through cybersecurity education and training ๐ขAll workers need to know what theyre up against to properly defend their company against modern threats. However, leaders must maintain communication for training to succeed.
๐ Read more.
๐ Via "ITPro"
----------
๐๏ธ Seen on @cibsecurity
๐๏ธ Passwordless AND Keyless: The Future of (Privileged) Access Management ๐๏ธIn IT environments, some secrets are managed well and some fly under the radar. Heres a quick checklist of what kinds of secrets companies typically manage, including one type they should manage Passwords x TLS certificates x Accounts x SSH keys ??? The secrets listed above are typically secured with privileged access management PAM solutions or similar. Yet, most traditional PAM.
๐ Read more.
๐ Via "The Hacker News"
----------
๐๏ธ Seen on @cibsecurity