azorius.net

Kaspersky discovers C++ version of BellaCiao malware (securelist.com)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 20 Dec 21:22
comments (1)

United States Charges Dual Russian and Israeli National as Developer of LockBit Ransomware Group (www.justice.gov)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 20 Dec 17:12
comments (0)

Foxit PDF Editor Vulnerabilities Allows Remote Code Execution (gbhackers.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 20 Dec 14:08
comments (3)

Sophos Issues Hotfixes for Critical Firewall Flaws: Update to Prevent Exploitation (thehackernews.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 20 Dec 14:08
comments (0)

Python-Based NodeStealer Version Targets Facebook Ads Manager (www.trendmicro.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 20 Dec 14:06
comments (0)

Lazarus targets nuclear-related organization with new malware (securelist.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 20 Dec 14:06
comments (0)

New Malware Can Kill Engineering Processes in ICS Environments (www.infosecurity-magazine.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 20 Dec 14:04
comments (0)

Rising wave of cyber-attacks targeting YouTube content creators (www.cybersecurity-insiders.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 20 Dec 14:04
comments (4)

Ransomware Attackers Target Industries with Low Downtime Tolerance (www.infosecurity-magazine.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 20 Dec 14:02
comments (0)

Off-Topic Friday
in cybersecurity@infosec.pub from shellsharks@infosec.pub on 20 Dec 13:48
comments (2)

Lazarus targets nuclear-related organization with new malware (securelist.com)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 20 Dec 13:10
comments (0)

Deobfuscation of Lumma Stealer (ryan-weil.github.io)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 20 Dec 08:23
comments (0)

Romanian National Sentenced to 20 Years in Prison in Connection with NetWalker Ransomware Attacks Resulting in the Payment of Millions of Dollars in Ransoms (www.justice.gov)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 20 Dec 00:22
comments (0)

I’m Lovin’ It: Exploiting McDonald’s APIs to hijack deliveries and order food for a penny (eaton-works.com)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 19 Dec 22:20
comments (3)

CERT-UA: Russia-linked UAC-0125 abuses Cloudflare Workers to target Ukrainian army (securityaffairs.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 19 Dec 18:18
comments (0)

BADBOX Botnet Hacked 74,000 Android Devices With Customizable Remote Codes (gbhackers.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 19 Dec 18:12
comments (0)

CISA Releases Draft of National Cyber Incident Response Plan (www.darkreading.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 19 Dec 18:09
comments (0)

Fortinet warns of FortiWLM bug giving hackers admin privileges (www.bleepingcomputer.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 19 Dec 18:08
comments (0)

Juniper Warns of Mirai Botnet Targeting SSR Devices with Default Passwords (thehackernews.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 19 Dec 18:01
comments (0)

Okta Social Engineering Impersonation Report - Response and Recommendation (sec.okta.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 19 Dec 13:24
comments (0)

BeyondTrust Patches Critical Vulnerability Discovered During Security Incident Probe (www.securityweek.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 19 Dec 12:27
comments (0)

CISA Releases Best Practice Guidance for Mobile Communications (www.cisa.gov)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 19 Dec 12:13
comments (2)

Thousands of users in Europe getting malicious emails with DocuSign-enabled PDFs (cybernews.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 19 Dec 12:12
comments (0)

US considers banning TP-Link routers over cybersecurity risks (www.bleepingcomputer.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 19 Dec 12:02
comments (7)

Earth Koshchei Coopts Red Team Tools in Complex RDP Attacks (www.trendmicro.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 19 Dec 12:01
comments (0)

Python-Based NodeStealer Version Targets Facebook Ads Manager (www.trendmicro.com)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 19 Dec 10:01
comments (0)

BADBOX Botnet Is Back (www.bitsight.com)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 19 Dec 09:51
comments (0)

Effective Phishing Campaign Targeting European Companies and Institutions (unit42.paloaltonetworks.com)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 18 Dec 21:51
comments (0)

C.A.S hacktivists attack Russian organizations using rare RATs (securelist.com)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 18 Dec 21:39
comments (1)

Hackers Exploiting Linux eBPF Tech to Spread Malware in Ongoing Campaign (hackread.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 18 Dec 17:50
comments (2)

Androxgh0st Botnet Targets IoT Devices, Exploiting 27 Vulnerabilities (hackread.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 18 Dec 13:27
comments (0)

Xloader Malware Delivered via Sophisticated SharePoint Attack (securityonline.info)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 18 Dec 13:25
comments (0)

RCE and DoS Vulnerabilities Addressed in Apache Tomcat: CVE-2024-50379 and CVE-2024-54677 (securityonline.info)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 18 Dec 13:24
comments (0)

CISA orders federal agencies to secure Microsoft 365 tenants (www.bleepingcomputer.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 18 Dec 13:22
comments (0)

U.S. Weighs Ban on Chinese-Made Router in Millions of American Homes (www.wsj.com)
in cybersecurity@sh.itjust.works from ptz@dubvee.org on 18 Dec 12:59
comments (23)

New I2PRAT communicates via anonymous peer-to-peer network (www.gdatasoftware.com)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 18 Dec 12:24
comments (0)

DHS Says China, Russia, Iran, and Israel Are Spying on People in US with SS7 (www.404media.co)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 18 Dec 11:53
comments (8)

Sophisticated TA397 Malware Targets Turkish Defense Sector (www.infosecurity-magazine.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 18 Dec 11:51
comments (0)

'Bitter' cyberspies target defense orgs with new MiyaRAT malware (www.bleepingcomputer.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 18 Dec 11:51
comments (0)

Critical Apache Struts bug under active exploit (go.theregister.com)
in cybersecurity@sh.itjust.works from PhilipTheBucket@ponder.cat on 17 Dec 23:27
comments (0)

Hackers Leak Partial Cisco Data from 4.5TB of Exposed Records (hackread.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 17 Dec 19:46
comments (0)

Cyber Criminals Exploit Windows Management Console to Deliver Backdoor Payloads (gbhackers.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 17 Dec 16:50
comments (2)

Over 25,000 SonicWall VPN Firewalls exposed to critical flaws (www.bleepingcomputer.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 17 Dec 16:50
comments (0)

Analyzing FLUX#CONSOLE: Using Tax-Themed Lures, Threat Actors Exploit Windows Management Console to Deliver Backdoor Payloads (www.securonix.com)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 17 Dec 16:43
comments (1)

The Mamont banker masquerades as an app for tracking bulk purchases (securelist.com)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 17 Dec 16:35
comments (0)

Citrix Warns of Password Spraying Attacks Targeting NetScaler Appliances (www.securityweek.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 17 Dec 13:04
comments (0)

Hidden in Plain Sight: TA397’s New Attack Chain Delivers Espionage RATs (www.proofpoint.com)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 17 Dec 13:03
comments (0)

Cicada3301 Ransomware Claims Attack on French Peugeot Dealership (hackread.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 17 Dec 11:47
comments (0)

FBI spots HiatusRAT malware attacks targeting web cameras, DVRs (www.bleepingcomputer.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 17 Dec 11:45
comments (0)

Getting a taste of your own medicine: Threat actor MUT-1244 targets offensive actors, leaking hundreds of thousands of credentials (securitylabs.datadoghq.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 17 Dec 11:42
comments (0)

US Unveils New National Cyber Incident Response Plan (www.infosecurity-magazine.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 17 Dec 11:40
comments (0)

Meeten Malware: A Cross-Platform Threat to Crypto Wallets on macOS and Windows (www.cadosecurity.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 17 Dec 11:38
comments (1)

Earth Koshchei Coopts Red Team Tools in Complex RDP Attacks (www.trendmicro.com)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 17 Dec 09:06
comments (0)

FBI: Watch Out For HiatusRAT Actors Hitting Webcams, DVRs (www.vulnu.com)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 17 Dec 08:29
comments (0)

Ransomware attacks exploit Cleo bug as Cl0p claims it (go.theregister.com)
in cybersecurity@sh.itjust.works from PhilipTheBucket@ponder.cat on 17 Dec 00:40
comments (0)

CoinLurker: The Stealer Powering the Next Generation of Fake Updates (blog.morphisec.com)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 16 Dec 21:20
comments (0)

Security ProbLLMs in xAI's Grok: A Deep Dive (embracethered.com)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 16 Dec 21:17
comments (0)

Windows kernel bug now exploited in attacks to gain SYSTEM privileges (www.bleepingcomputer.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 16 Dec 20:55
comments (1)

Multiple flaws in Volkswagen Group's infotainment unit allow for vehicle compromise (securityaffairs.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 16 Dec 17:18
comments (0)

Hackers Using New IoT/OT Malware IOCONTROL To Control IP Cameras, Routers, PLCs, HMIs And Firewalls (gbhackers.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 16 Dec 17:15
comments (0)

New Android NoviSpy spyware linked to Qualcomm zero-day bugs (www.bleepingcomputer.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 16 Dec 17:07
comments (0)

Russia as a threat actor in the UK (www.cyfirma.com)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 16 Dec 15:50
comments (0)

Mentorship Monday - Discussions for career and learning!
in cybersecurity@infosec.pub from shellsharks@infosec.pub on 16 Dec 14:16
comments (0)

Malicious ad distributes SocGholish malware to Kaiser Permanente employees (www.malwarebytes.com)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 16 Dec 14:08
comments (0)

Canadian Eyecare Firm Care1 Exposes 2.2TB of Patient Records (hackread.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 16 Dec 11:32
comments (1)

Microsoft Confirms Critical Windows Defender Security Vulnerability (www.forbes.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 16 Dec 11:31
comments (6)

Germany Disrupts BADBOX Malware on 30,000 Devices Using Sinkhole Action (thehackernews.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 16 Dec 11:23
comments (0)

Over 300,000 Prometheus Servers Vulnerable to DoS Attacks (gbhackers.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 16 Dec 11:22
comments (0)

With 'TPUXtract,' Attackers Can Steal Orgs' AI Models (www.darkreading.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 16 Dec 11:21
comments (2)

Citrix shares mitigations for ongoing Netscaler password spray attacks (www.bleepingcomputer.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 16 Dec 11:20
comments (0)

Clop ransomware claims responsibility for Cleo data theft attacks (www.bleepingcomputer.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 16 Dec 11:19
comments (0)

Vishing via Microsoft Teams Facilitates DarkGate Malware Intrusion (www.trendmicro.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 16 Dec 11:18
comments (0)

Akira and RansomHub Surge as Ransomware Claims Reach All-Time High (www.infosecurity-magazine.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 16 Dec 11:17
comments (0)

Researchers Discover Malware Used by Nation-Sates to Attack OT Systems (www.infosecurity-magazine.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 16 Dec 11:16
comments (0)

390,000 WordPress accounts stolen from hackers in supply chain attack (www.bleepingcomputer.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 16 Dec 11:16
comments (1)

How Threat Actors Exploit Brand Collaborations to Target Popular YouTube Channels (www.cloudsek.com)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 16 Dec 10:58
comments (2)

The Insecure IoT Cloud Strikes Again: RCE on Ruijie Cloud-Connected Devices (claroty.com)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 16 Dec 08:41
comments (0)

Glutton: A New Zero-Detection PHP Backdoor from Winnti Targets Cybercrimals (blog.xlab.qianxin.com)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 15 Dec 19:14
comments (0)

Malware warning on my phone (mirai-gx)
in cybersecurity@infosec.pub from joulethief@discuss.tchncs.de on 15 Dec 10:10
comments (9)

Getting a taste of your own medicine: Threat actor MUT-1244 targets offensive actors, leaking hundreds of thousands of credentials (securitylabs.datadoghq.com)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 15 Dec 05:48
comments (0)

Under the SADBRIDGE with GOSAR: QUASAR Gets a Golang Rewrite (www.elastic.co)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 14 Dec 15:31
comments (0)

UK police chief asks China to stop exporting engines used for small boats (www.yahoo.com)
in cybersecurity@sh.itjust.works from Amoxtli@thelemmy.club on 14 Dec 13:38
comments (0)

NodeLoader Exposed: The Node.js Malware Evading Detection (www.zscaler.com)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 14 Dec 10:58
comments (1)

Crypted Hearts: Exposing the HeartCrypt Packer-as-a-Service Operation (unit42.paloaltonetworks.com)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 14 Dec 01:38
comments (1)

Google Advertising Out to Lunch? Simple Pivots Catch an Ongoing Malvertising Campaign Hiding in Plain Sight (www.silentpush.com)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 13 Dec 22:39
comments (1)

Breaking the Air Gap Through Hardware Implants (www.praetorian.com)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 13 Dec 22:34
comments (0)

Eyecare & Healthtech Company Exposed Almost 5 Million Medical Records (www.vpnmentor.com)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 13 Dec 19:07
comments (0)

Off-Topic Friday
in cybersecurity@infosec.pub from shellsharks@infosec.pub on 13 Dec 16:19
comments (0)

Vishing via Microsoft Teams Facilitates DarkGate Malware Intrusion (www.trendmicro.com)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 13 Dec 08:59
comments (0)

New IT Support in Town (research.kudelskisecurity.com)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 12 Dec 23:47
comments (2)

Inside a New OT/IoT Cyberweapon: IOCONTROL (claroty.com)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 12 Dec 23:45
comments (0)

Rydox Cybercrime Marketplace Shut Down and Three Administrators Arrested (www.justice.gov)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 12 Dec 21:34
comments (0)

The Stealthy Stalker: Remcos RAT (www.mcafee.com)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 12 Dec 18:51
comments (0)

Declawing PUMAKIT (www.elastic.co)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 12 Dec 18:23
comments (0)

Lookout Discovers PlainGnome and Bonespy Russian Android spyware (www.lookout.com)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 12 Dec 16:58
comments (0)

Triad Nexus, Chinese Hackers Using 200,000 Domains For Widespread Cyber Attack (gbhackers.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 12 Dec 16:50
comments (0)

Apache issues patches for critical Struts 2 RCE bug (go.theregister.com)
in cybersecurity@sh.itjust.works from PhilipTheBucket@ponder.cat on 12 Dec 14:55
comments (0)

Unauthorized access to iCloud: analyzing an iOS vulnerability that could expose sensitive data to attackers (www.jamf.com)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 12 Dec 14:32
comments (0)

Japanese publisher Kadokawa paid $3 million to Russia-linked hacker group after cyberattack (mainichi.jp)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 12 Dec 13:41
comments (0)

Hacktivist Alliances Target France Amidst Political Crisis (cyble.com)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 12 Dec 12:54
comments (0)

Attack Exploiting Legitimate Service by APT-C-60 (blogs.jpcert.or.jp)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 12 Dec 12:35
comments (0)

Careto APT’s recent attacks discovered (securelist.com)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 12 Dec 12:06
comments (0)

Splunk RCE Vulnerability Let Attackers Execute Remote Code (gbhackers.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 12 Dec 11:49
comments (0)

Inside Zloader’s Latest Trick: DNS Tunneling (www.zscaler.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 12 Dec 11:48
comments (0)

French internet operator fined $53 million for unsolicited ads and tracking users without consent (therecord.media)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 12 Dec 11:42
comments (8)

Microsoft Defender XDR demonstrates 100% detection coverage across all cyberattack stages in the 2024 MITRE ATT&CK® Evaluations: Enterprise (www.microsoft.com)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 12 Dec 10:23
comments (0)

Messenger Group Call DoS for iOS (s11research.com)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 12 Dec 10:12
comments (0)

BadRAM: Breaching Processor Security via Rogue Memory Modules (badram.eu)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 12 Dec 10:07
comments (0)

Russia takes unusual route to hack Starlink-connected devices in Ukraine (arstechnica.com)
in cybersecurity@sh.itjust.works from PhilipTheBucket@ponder.cat on 12 Dec 00:45
comments (2)

Cheap Phone Scanner Shows Lots Of People Are Still Being Targeted By NSO Group Spyware (www.techdirt.com)
in cybersecurity@sh.itjust.works from PhilipTheBucket@ponder.cat on 11 Dec 22:17
comments (0)

Researchers Crack Microsoft Azure MFA in an Hour (www.darkreading.com)
in cybersecurity@sh.itjust.works from BrikoX@lemmy.zip on 11 Dec 21:52
comments (0)

Symmetrical Cryptography Pioneer Targets Post-Quantum Era (www.darkreading.com)
in cybersecurity@sh.itjust.works from BrikoX@lemmy.zip on 11 Dec 21:51
comments (0)

Frequent freeloader part II: Russian actor Secret Blizzard using tools of other groups to attack Ukraine (www.microsoft.com)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 11 Dec 18:57
comments (0)

Teaching an Old Framework New Tricks: The Dangers of Windows UI Automation (www.akamai.com)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 11 Dec 18:44
comments (0)

Oasis Security Research Team Discovers Microsoft Azure MFA Bypass (www.oasis.security)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 11 Dec 18:29
comments (0)

Cybercriminals Impersonate Dubai Police to Defraud Consumers in the UAE - Smishing Triad in Action (www.resecurity.com)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 11 Dec 18:25
comments (0)

Operation PowerOFF shuts down 27 DDoS-for-hire platforms (www.bleepingcomputer.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 11 Dec 17:47
comments (0)

Trust Hijacked: The Subtle Art of Phishing Through Familiar Facades (www.group-ib.com)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 11 Dec 17:38
comments (0)

New Malware Technique Could Exploit Windows UI Framework to Evade EDR Tools (thehackernews.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 11 Dec 16:42
comments (0)

What are You Working on Wednesday
in cybersecurity@infosec.pub from shellsharks@infosec.pub on 11 Dec 16:42
comments (0)

Lookout Discovers New Chinese Surveillance Tool Used by Public Security (www.lookout.com)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 11 Dec 16:38
comments (1)

AuthQuake Flaw Allowed MFA Bypass Across Azure, Office 365 Accounts (hackread.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 11 Dec 16:29
comments (0)

Likely China-based Attackers Target High-profile Organizations in Southeast Asia (www.security.com)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 11 Dec 15:50
comments (0)

Is it a bad idea to go on with a pixel 4a?
in cybersecurity@sh.itjust.works from MTK@lemmy.world on 11 Dec 15:16
comments (10)

Windows RDP Service Flaw let Hackers Execute Remote Code (gbhackers.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 11 Dec 14:20
comments (1)

Analysis of Nova: A Snake Keylogger Fork (any.run)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 11 Dec 13:14
comments (0)

FYI OpenCVE 2.0 Opensource Vulnerability Management Platform is out (www.opencve.io)
in cybersecurity@sh.itjust.works from M33@lemmy.sdf.org on 11 Dec 13:06
comments (0)

Law enforcement shuts down 27 DDoS booters ahead of annual Christmas attacks (www.europol.europa.eu)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 11 Dec 12:47
comments (0)

Dell Warns of Critical Code Execution Vulnerability in Power Manager (gbhackers.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 11 Dec 11:43
comments (1)

Meeten Malware: A Cross-Platform Threat to Crypto Wallets on macOS and Windows (www.cadosecurity.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 11 Dec 11:43
comments (0)

U.S. CISA adds Microsoft Windows CLFS driver flaw to its Known Exploited Vulnerabilities catalog (securityaffairs.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 11 Dec 11:39
comments (0)

Black Basta Gang Uses MS Teams, Email Bombing to Spread Malware (hackread.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 11 Dec 11:37
comments (0)

Researcher Details CVE-2024-44131 - A Critical TCC Bypass in macOS and iOS (securityonline.info)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 11 Dec 11:36
comments (1)

Google Chrome Patches High-Severity Vulnerabilities - CVE-2024-12381 & CVE-2024-12382 (securityonline.info)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 11 Dec 11:35
comments (0)

Mitigating NTLM Relay Attacks by Default | MSRC Blog | Microsoft Security Response Center (msrc.microsoft.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 11 Dec 11:31
comments (0)

Operation Digital Eye | Chinese APT Compromises Critical Digital Infrastructure via Visual Studio Code Tunnels (www.sentinelone.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 11 Dec 11:30
comments (0)

Silent Push Unwraps the AIZ—Aggressive Inventory Zombies—Retail & Crypto Phishing Network Campaign (www.silentpush.com)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 11 Dec 10:22
comments (0)

Operation Digital Eye | Chinese APT Compromises Critical Digital Infrastructure via Visual Studio Code Tunnels (www.sentinelone.com)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 11 Dec 09:31
comments (0)

From PoC to Attacker Interest in Hours: Real-Time Insights into Mitel MiCollab Vulnerabilities (www.greynoise.io)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 11 Dec 09:30
comments (0)

Holiday Season Cyber Threats (Part 2): Ransomware, Gift Cards, and Point-of-Sale breaches (intel471.com)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 11 Dec 00:13
comments (0)

China-Based Hacker Charged for Conspiring to Develop and Deploy Malware That Exploited Tens of Thousands of Firewalls Worldwide (www.justice.gov)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 10 Dec 22:15
comments (0)

China’s Propaganda Expansion: Inside the Rise of International Communication Centers (ICCs) (www.recordedfuture.com)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 10 Dec 20:36
comments (0)

Threat Actors Exploit Flaw in Cleo File Transfer Tools ‘En Masse’ (www.vulnu.com)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 10 Dec 20:33
comments (0)

Hackers Exploit AWS Misconfigurations in Massive Data Breach (www.infosecurity-magazine.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 10 Dec 19:24
comments (4)

Microsoft December 2024 Patch Tuesday fixes 1 exploited zero-day, 71 flaws (www.bleepingcomputer.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 10 Dec 18:45
comments (0)

AMD’s trusted execution environment blown wide open by new BadRAM attack (arstechnica.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 10 Dec 18:32
comments (0)

AppLite: A New AntiDot Variant Targeting Mobile Employee Devices (www.zimperium.com)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 10 Dec 17:04
comments (0)

Head Mare Intensifies Attacks On Russia With PhantomCore (cyble.com)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 10 Dec 16:58
comments (0)

Manufacturing Companies Targeted with New Lumma Campaign (any.run)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 10 Dec 15:27
comments (0)

Microsoft 365 outage takes down Office web apps, admin center (www.bleepingcomputer.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 10 Dec 13:42
comments (0)

WhatsApp patches View Once flaw exposing vanishing media (www.theregister.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 10 Dec 11:47
comments (2)

'Operation Digital Eye' Attack Targets European IT Orgs (www.darkreading.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 10 Dec 11:45
comments (0)

Ongoing Phishing and Malware Campaigns in December 2024 (thehackernews.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 10 Dec 11:44
comments (0)

Deloitte responds to ransomware claims, says one client system involved (www.scworld.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 10 Dec 11:43
comments (0)

Microsoft NTLM Zero-Day to Remain Unpatched Until April (www.darkreading.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 10 Dec 11:41
comments (2)

Mysterious Drone-Like Objects Disrupting Electronics in New Jersey (www.cybersecurity-insiders.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 10 Dec 11:39
comments (6)

Ransomware attack hits leading heart surgery device maker (www.bleepingcomputer.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 10 Dec 11:36
comments (0)

Radiant links $50 million crypto heist to North Korean hackers (www.bleepingcomputer.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 10 Dec 11:35
comments (0)

Russian hacktivists target oil, gas and water sectors worldwide (www.scworld.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 10 Dec 11:33
comments (2)

OpenWrt supply chain attack scare prompts urgent upgrades (www.theregister.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 10 Dec 11:32
comments (0)

From Vulnerabilities to Breaches: The Shiny Nemesis Cyber Operation (www.vpnmentor.com)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 10 Dec 08:54
comments (0)

Black Basta Ransomware Campaign Drops Zbot, DarkGate, & Custom Malware (www.rapid7.com)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 09 Dec 21:52
comments (0)

Romanian energy supplier Electrica hit by ransomware attack (www.bleepingcomputer.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 09 Dec 18:46
comments (0)

DaMAgeCard SD Express card vulnerability leverages the privileged access that PCIe provides — bypasses traditional software-based security mechanisms (www.tomshardware.com)
in cybersecurity@sh.itjust.works from BrikoX@lemmy.zip on 09 Dec 13:34
comments (7)

Mentorship Monday - Discussions for career and learning!
in cybersecurity@infosec.pub from shellsharks@infosec.pub on 09 Dec 13:34
comments (0)

Socks5Systemz Botnet Powers Illegal Proxy Service with 85,000+ Hacked Devices (thehackernews.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 09 Dec 12:11
comments (0)

RedLine info-stealer campaign targets Russian businesses (securityaffairs.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 09 Dec 12:10
comments (0)

New Transaction-Relay Jamming Vulnerability Let Attackers Exploits Bitcoin Nodes (gbhackers.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 09 Dec 12:09
comments (0)

New DroidBot Android Spyware Targeting Banking and Crypto Users (hackread.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 09 Dec 12:08
comments (0)

Texas Teen Arrested for Scattered Spider Telecom Hacks (www.darkreading.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 09 Dec 12:07
comments (0)

Russian Hacktivists Target Energy And Water Infrastructure (cyble.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 09 Dec 12:04
comments (0)

Compromising OpenWrt Supply Chain via Truncated SHA-256 Collision and Command Injection (flatt.tech)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 09 Dec 08:46
comments (0)

A cyber-physical digital twin approach to replicating realistic multi-stage cyberattacks on smart grids (arxiv.org)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 09 Dec 08:30
comments (0)

Evaluating an Effective Ransomware Infection Vector in Low Earth Orbit Satellites (arxiv.org)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 09 Dec 08:28
comments (0)

Analysing the cultural dimensions of cybercriminal groups -- A case study on the Conti ransomware group (arxiv.org)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 09 Dec 08:28
comments (0)

CVE-2024-55563: Transaction-Relay Jamming Vulnerability Poses Threat to Bitcoin Lightning Network (ariard.github.io)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 09 Dec 08:17
comments (0)

Zero-day Windows NTLM hash vulnerability gets patched by third-party —credentials can be hijacked by merely viewing a malicious file in File Explorer (www.tomshardware.com)
in cybersecurity@sh.itjust.works from BrikoX@lemmy.zip on 08 Dec 23:18
comments (0)

Is KillSec3 Trying to Extort Victims Using Publicly Leaked Data? (databreaches.net)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 08 Dec 17:32
comments (0)

OpenWrt Affected By Security Issue That Could Have Led To Compromised Build Artifacts (www.phoronix.com)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 08 Dec 17:18
comments (0)

‘Massive breach’: Social security numbers, health info and much more stolen in Hoboken cyberattack (www.nj.com)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 08 Dec 12:07
comments (2)

Unidentified Threat Actor Utilizes Android Malware to Target High-Value Assets in South Asia (www.cyfirma.com)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 08 Dec 09:53
comments (0)

Romania's election systems targeted in over 85,000 cyberattacks (www.bleepingcomputer.com)
in cybersecurity@sh.itjust.works from BrikoX@lemmy.zip on 07 Dec 23:15
comments (0)

Terminal DiLLMa: LLM-powered Apps Can Hijack Your Terminal Via Prompt Injection (embracethered.com)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 07 Dec 13:10
comments (0)

Fileless Malware Evades Detection-Based Security (blog.morphisec.com)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 07 Dec 13:09
comments (6)

Killing Windows Kernel Mitigations (wetw0rk.github.io)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 07 Dec 10:27
comments (0)

Meeten Malware: A Cross-Platform Threat to Crypto Wallets on macOS and Windows (www.cadosecurity.com)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 07 Dec 09:04
comments (0)

Network Abuses Leveraging High-Profile Events: Suspicious Domain Registrations and Other Scams (unit42.paloaltonetworks.com)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 07 Dec 08:31
comments (0)

The Dark Web: An Overview (www.everycrsreport.com)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 07 Dec 08:29
comments (0)

How to Bypass WhatsApp Web's Locked Chat Feature (lcat.dev)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 07 Dec 00:22
comments (0)

Holiday Season Cyber Threats (Part 1): Phishing, Fake Shops and Bogus Bookings (intel471.com)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 06 Dec 23:45
comments (1)

Action against ‘phone phishing’ gang in Belgium and the Netherlands: eight arrests (www.eurojust.europa.eu)
in cybersecurity@infosec.pub from Joker@sh.itjust.works on 06 Dec 22:02
comments (0)

Researchers Uncover Flaws in Popular Open-Source Machine Learning Frameworks (thehackernews.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 06 Dec 16:19
comments (0)

Off-Topic Friday
in cybersecurity@infosec.pub from shellsharks@infosec.pub on 06 Dec 14:59
comments (2)

EU’s first ever report on the state of cybersecurity in the Union (www.enisa.europa.eu)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 06 Dec 12:23
comments (0)

New QR Code-Based C2 Attack Lets Hackers Bypass All Type of Browser Isolation Security (cybersecuritynews.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 06 Dec 11:44
comments (0)

More_eggs MaaS Expands Operations with RevC2 Backdoor and Venom Loader (thehackernews.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 06 Dec 11:43
comments (0)

Bypassing WAFs with the phantom $Version cookie (portswigger.net)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 06 Dec 11:42
comments (0)

Chinese Hackers Breach US Firm, Maintain Network Access for Months (hackread.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 06 Dec 11:38
comments (0)

URL File NTLM Hash Disclosure Vulnerability (0day) - and Free Micropatches for it (blog.0patch.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 06 Dec 11:36
comments (0)

China bans use of Intel, AMD and Nvidia Processor Chips for security concerns (www.cybersecurity-insiders.com)
in cybersecurity@sh.itjust.works from kid@sh.itjust.works on 06 Dec 11:34
comments (55)