Cyberattack Takes Frontier Communications Offline

Apr 18, 2024 | DARKREADING

Evil XDR: Researcher Turns Palo Alto Software Into...

Apr 18, 2024 | DARKREADING

GPT-4 Can Exploit Most Vulns Just by Reading Threa...

Apr 18, 2024 | DARKREADING

ICS Network Controllers Open to Remote Exploit, No...

Apr 18, 2024 | DARKREADING

Cisco Warns of Massive Surge in Password-Spraying ...

Apr 18, 2024 | DARKREADING

Russian APT Group Thwarted in Attack on US Automot...

Apr 18, 2024 | DARKREADING

For Service Accounts, Accountability Is Key to Sec...

Apr 18, 2024 | DARKREADING

Countering Voice Fraud in the Age of AI

Apr 18, 2024 | DARKREADING

Break Security Burnout: Combining Leadership With ...

Apr 18, 2024 | DARKREADING

Rebalancing NIST: Why ‘Recovery’ Can&#...

Apr 18, 2024 | DARKREADING

Disinformation, Fortify 24x7 Team, News

The Importance of SOC Analysts

Apr 2, 2024

Enhancing Cybersecurity Through Strategi...

Mar 31, 2024

Cybersecurity News & Resources You Need To Assess Current Threats

The Beers & Bytes Podcast

When you're thirsty for cheesy entertainment AND information security, grab a beer and the latest episode of Beers & Bytes.

Sorry, no posts found.

All

Hackers Target Middle East Governments with Evasive “CR4T” Backdoor

by Cyberthreat Blog | Apr 18, 2024 | The Hacker News | 0 |

LinkedIn Government entities in the Middle East have been targeted as part of a previously undocumented campaign to deliver a new backdoor dubbed CR4T. Russian cybersecurity company Kaspersky said it discovered the activity in...

Cyberattack Takes Frontier Communications Offline

by Cyberthreat Blog | Apr 18, 2024 | DARKREADING | 0 |
Evil XDR: Researcher Turns Palo Alto Software Into Perfect Malware

by Cyberthreat Blog | Apr 18, 2024 | DARKREADING | 0 |
GPT-4 Can Exploit Most Vulns Just by Reading Threat Advisories

by Cyberthreat Blog | Apr 18, 2024 | DARKREADING | 0 |

CVE Notifications

CVE-2020-9395

by Cyberthreat Blog | Jul 6, 2020 | CVE Notifications | 0 |

An issue was discovered on Realtek RTL8195AM, RTL8711AM, RTL8711AF, and RTL8710AF devices before 2.0.6. A stack-based buffer overflow exists in the client code that takes care of WPA2’s 4-way-handshake via a malformed...

CVE-2020-4211

by Cyberthreat Blog | Feb 24, 2020 | CVE Notifications | 0 |
CVE-2019-4595

by Cyberthreat Blog | Feb 24, 2020 | CVE Notifications | 0 |
CVE-2020-4213

by Cyberthreat Blog | Feb 24, 2020 | CVE Notifications | 0 |

CERT Insider Threats

10 Lessons in Security Operations and Incident Management

by Cyberthreat Blog | Mar 4, 2024 | CERT Insider Threats | 0 |

This post outlines 10 lessons learned from more than three decades of building incident response and security teams throughout the globe.

CERT Releases 2 Tools to Assess Insider Risk

by Cyberthreat Blog | Feb 26, 2024 | CERT Insider Threats | 0 |
The 13 Key Elements of an Insider Threat Program

by Cyberthreat Blog | Feb 15, 2024 | CERT Insider Threats | 0 |
The 13 Key Elements of an Insider Threat Program

by Cyberthreat Blog | Oct 23, 2023 | CERT Insider Threats | 0 |

Ashley Madison To Pay Millions In Breach Settlement

by Fortify Security Team | Dec 18, 2016 | Breach | 0 |

Ashley Madison and New York Attorney General Schneiderman Announces $17.5 Million Settlement In Joint Multi-State And FTC Agreement. The settlement follows investigation finding that the adult dating website had lax security...

Millions of University Emails for Sale on Dark Web

by Cyberthreat Blog | Apr 4, 2017 | Breach, Security | 0 |

Researchers have found millions of US University emails (and passwords) for sale on the Dark Web. The stolen email addresses/password combinations are selling for $3.50 – $10 each. This is only a fraction of a lucrative...

Disinformation

Is hate speech covered by the First Amendment?

by Nate | Sep 25, 2020 | Disinformation | 0 |

SHARE AND INFORM OTHERS:.fusion-body .fusion-builder-column-0{width:100% !important;margin-top : 0px;margin-bottom : 20px;}.fusion-builder-column-0 > .fusion-column-wrapper {padding-top : 0px !important;padding-right : 0px...

Is the stock market a good measure of the economy?

by Nate | Sep 25, 2020 | Disinformation | 0 |
Is Russia actively interfering in the 2020 election?

by Nate | Sep 25, 2020 | Disinformation | 0 |
Is climate change really responsible for the fires?

by Nate | Sep 25, 2020 | Disinformation | 0 |

CERT-Vulnerabilities, National Cyber Awareness

VU#253266: Keras 2 Lambda Layers Allow Arbitrary Code Injection in TensorFlow Models

by Cyberthreat Blog | Apr 16, 2024 | CERT-Vulnerabilities | 0 |

Overview Lambda Layers in third party TensorFlow-based Keras models allow attackers to inject arbitrary code into versions built prior to Keras 2.13 that may then unsafely run with the same permissions as the running...

VU#123335: Multiple Programming Languages Fail to Escape Arguments Properly in Microsoft Windows

by Cyberthreat Blog | Apr 10, 2024 | CERT-Vulnerabilities | 0 |
VU#155143: Linux kernel on Intel systems is susceptible to Spectre v2 attacks

by Cyberthreat Blog | Apr 9, 2024 | CERT-Vulnerabilities | 0 |
VU#421644: HTTP/2 CONTINUATION frames can be utilized for DoS attacks

by Cyberthreat Blog | Apr 3, 2024 | CERT-Vulnerabilities | 0 |

SANS ISC Bulletins

A Vuln is a Vuln, unless the CVE for it is after Feb 12, 2024, (Wed, Apr 17th)

by Cyberthreat Blog | Apr 17, 2024 | SANS ISC Bulletins | 0 |

The NVD (National Vulnerability Database) announcement page (https://nvd.nist.gov/general/news/nvd-program-transition-announcement) indicates a growing backlog of vulnerabilities that are causing delays in their process....

Malicious PDF File Used As Delivery Mechanism, (Wed, Apr 17th)

by Cyberthreat Blog | Apr 16, 2024 | SANS ISC Bulletins | 0 |
Palo Alto Networks GlobalProtect exploit public and widely exploited CVE-2024-3400, (Tue, Apr 16th)

by Cyberthreat Blog | Apr 16, 2024 | SANS ISC Bulletins | 0 |
Rolling Back Packages on Ubuntu/Debian, (Tue, Apr 16th)

by Cyberthreat Blog | Apr 16, 2024 | SANS ISC Bulletins | 0 |

The Ransomware Epidemic in Healthcare

by Fortify Security Team | Dec 13, 2016 | Healthcare, Security | 0 |

Ransomware attacks have plagued business of all sizes, healthcare institutions and even government entities during the first half of 2016, forcing CEO’s and CIO’s into damage control mode as IT teams scramble to beef...

Auburn’s McCrary Institute and Oak Ridge National Laboratory to Partner on Regional Cybersecurity Center

Apr 18, 2024 | DARKREADING

LinkedIn...

#StopRansomware: Akira Ransomware

Apr 18, 2024 | CISA Advisories

LinkedIn SUMMARY Note: This joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These...

CISA and Partners Release Advisory on Akira Ransomware

Apr 18, 2024 | CISA Advisories

Today, CISA, the Federal Bureau of Investigation (FBI), Europol’s European Cybercrime Centre (EC3), and the Netherlands’ National Cyber Security Centre (NCSC-NL) released a joint Cybersecurity Advisory (CSA), #StopRansomware:...

Unitronics Vision Series PLCs

Apr 18, 2024 | CISA ICS Advisories

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.7 ATTENTION: Exploitable remotely/low attack complexity Vendor: Unitronics Equipment: Vision series PLCs Vulnerability: Storing Passwords in a Recoverable Format 2. RISK EVALUATION...

CISA Releases Three Industrial Control Systems Advisories

Apr 18, 2024 | CISA Advisories

CISA released three Industrial Control Systems (ICS) advisories on April 18, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-109-01...

Josephson Voltage Standard Workshop (JVS Workshop)

Apr 18, 2024 | NIST

The scope of the 2024 Josephson voltage standard workshop is focused on the Josephson arbitrary waveform synthesizer (JAWS) and its applications for ac voltage metrology. The workshop includes presentations, lab demonstrations,...

Oracle Releases Critical Patch Update Advisory for April 2024

Apr 18, 2024 | CISA Advisories

Oracle released its quarterly Critical Patch Update Advisory for April 2024 to address vulnerabilities in multiple products. A cyber threat actor could exploit some of these vulnerabilities to take control of an affected...

OfflRouter Malware Evades Detection in Ukraine for Almost a Decade

Apr 18, 2024 | The Hacker News

Select Ukrainian government networks have remained infected with a malware called OfflRouter since 2015. Cisco Talos said its findings are based on an analysis of over 100 confidential documents that were infected with the VBA...

FIN7 Cybercrime Group Targeting U.S. Auto Industry with Carbanak Backdoor

Apr 18, 2024 | The Hacker News

The infamous cybercrime syndicate known as FIN7 has been linked to a spear-phishing campaign targeting the U.S. automotive industry to deliver a known backdoor called Carbanak (aka Anunak). “FIN7 identified employees at...

Open Source Tool Looks for Signals in Noisy AWS Cloud Logs

Apr 18, 2024 | DARKREADING

Permiso Security announced Cloud Console Cartographer during Black Hat Asia to help defenders look...

Global Police Operation Disrupts ‘LabHost’ Phishing Service, Over 30 Arrested Worldwide

Apr 18, 2024 | The Hacker News

As many as 37 individuals have been arrested as part of an international crackdown on a cybercrime service called LabHost that has been used by criminal actors to steal personal credentials from victims around the world....

New Android Trojan ‘SoumniBot’ Evades Detection with Clever Tricks

Apr 18, 2024 | The Hacker News

A new Android trojan called SoumniBot has been detected in the wild targeting users in South Korea by leveraging weaknesses in the manifest extraction and parsing procedure. The malware is “notable for an unconventional...

How to Conduct Advanced Static Analysis in a Malware Sandbox

Apr 18, 2024 | The Hacker News

Sandboxes are synonymous with dynamic malware analysis. They help to execute malicious files in a safe virtual environment and observe their behavior. However, they also offer plenty of value in terms of static analysis. See...

Recover from Ransomware in 5 Minutes—We will Teach You How!

Apr 18, 2024 | The Hacker News

Super Low RPO with Continuous Data Protection:Dial Back to Just Seconds Before an Attack Zerto, a Hewlett Packard Enterprise company, can help you detect and recover from ransomware in near real-time. This solution leverages...

Sneaky Shellcode: Windows Fibers Offer EDR-Proof Code Execution

Apr 18, 2024 | DARKREADING

Two new code-execution techniques, Poison Fiber and Phantom Thread, take advantage of a...

Nigeria & Romania Ranked Among Top Cybercrime Havens

Apr 18, 2024 | DARKREADING

A survey of cybercrime experts assessing the top cybercrime-producing nations results in some...

Hackers Exploit OpenMetadata Flaws to Mine Crypto on Kubernetes

Apr 17, 2024 | The Hacker News

Threat actors are actively exploiting critical vulnerabilities in OpenMetadata to gain unauthorized access to Kubernetes workloads and leverage them for cryptocurrency mining activity. That’s according to the Microsoft...

Malicious Google Ads Pushing Fake IP Scanner Software with Hidden Backdoor

Apr 17, 2024 | The Hacker News

A new Google malvertising campaign is leveraging a cluster of domains mimicking a legitimate IP scanner software to deliver a previously unknown backdoor dubbed MadMxShell. “The threat actor registered multiple look-alike...

Dangerous ICS Malware Targets Orgs in Russia and Ukraine

Apr 17, 2024 | DARKREADING

“Kapeka” and “Fuxnet” are the latest examples of malware to emerge from...

Redgate Launches Enterprise Edition of Redgate Monitor

Apr 17, 2024 | DARKREADING

Active Kubernetes RCE Attack Relies on Known OpenMetadata Vulns

Apr 17, 2024 | DARKREADING

Once attackers have control over a workload in the cluster, they can leverage access for lateral...

Ivanti Releases Fixes for More Than 2 Dozen Vulnerabilities

Apr 17, 2024 | DARKREADING

Users will need to download the latest version of Ivanti’s Avalanche to apply fixes for all...

How Boards Can Prepare for Quantum Computers

Apr 17, 2024 | DARKREADING

Quantum computing on the level that poses a threat to current cybersecurity measures is still...

30th CHRNS School on Methods and Applications of Small Angle Neutron Scattering and Neutron Reflectivity

Apr 17, 2024 | NIST

The 30 th annual Center for High Resolution Neutron Scattering ( CHRNS) “Summer School on Methods and Applications of Small Angle Neutron Scattering and Neutron Reflectivity” will be held from Monday, July 22 to...

Preparing for Cyber Warfare: 6 Key Lessons From Ukraine

Apr 17, 2024 | DARKREADING

Having a solid disaster recovery plan is the glue that keeps your essential functions together...

Various Botnets Pummel Year-Old TP-Link Flaw in IoT Attacks

Apr 17, 2024 | DARKREADING

Moobot, Miori, AGoent, and a Gafgyt variant have joined the infamous Mirai botnet in attacking...

Russian APT Deploys New ‘Kapeka’ Backdoor in Eastern European Attacks

Apr 17, 2024 | The Hacker News

A previously undocumented “flexible” backdoor called Kapeka has been “sporadically” observed in cyber attacks targeting Eastern Europe, including Estonia and Ukraine, since at least mid-2022. The findings...

Why a Native-First Approach Is Key to Cloud Security

Apr 17, 2024 | DARKREADING

A native-first approach delivers better protections and a more efficient use of resources than...

GenAI: A New Headache for SaaS Security Teams

Apr 17, 2024 | The Hacker News

The introduction of Open AI’s ChatGPT was a defining moment for the software industry, touching off a GenAI race with its November 2022 release. SaaS vendors are now rushing to upgrade tools with enhanced productivity...

Hackers Exploit Fortinet Flaw, Deploy ScreenConnect, Metasploit in New Campaign

Apr 17, 2024 | The Hacker News

Cybersecurity researchers have discovered a new campaign that’s exploiting a recently disclosed security flaw in Fortinet FortiClient EMS devices to deliver ScreenConnect and Metasploit Powerfun payloads. The activity...

Critical Atlassian Flaw Exploited to Deploy Linux Variant of Cerber Ransomware

Apr 17, 2024 | The Hacker News

Threat actors are exploiting unpatched Atlassian servers to deploy a Linux variant of Cerber (aka C3RB3R) ransomware. The attacks leverage CVE-2023-22518 (CVSS score: 9.1), a critical security vulnerability impacting the...

‘Sandworm’ Group Is Russia’s Primary Cyberattack Unit in Ukraine

Apr 17, 2024 | DARKREADING

But even with that focus, the sophisticated threat group has continued operations against targets...

Cisco Warns of Global Surge in Brute-Force Attacks Targeting VPN and SSH Services

Apr 17, 2024 | The Hacker News

Cisco is warning about a global surge in brute-force attacks targeting various devices, including Virtual Private Network (VPN) services, web application authentication interfaces, and SSH services, since at least March 18,...

Israeli Defense Forces Hold Hybrid Cyber & Military Readiness Drills

Apr 16, 2024 | DARKREADING

Israel prepares for a response to Iran’s April 14 drone and missile attack.

Kim Larsen New Chief Information Security Officer at SaaS Data Protection Vendor Keepit

Apr 16, 2024 | DARKREADING

LinkedIn...

Delinea Fixes Flaw, But Only After Analyst Goes Public With Disclosure First

Apr 16, 2024 | DARKREADING

Delinea rolls out Secret Server SOAP API flaw fixes, while researcher claims the vendor ignored...

BeyondTrust Acquires Entitle, Strengthening Privileged Identity Security Platform

Apr 16, 2024 | DARKREADING

Kaspersky Unveils New Flagship Product Line for Business, Kaspersky Next

Apr 16, 2024 | DARKREADING

Enterprise Endpoints Aren’t Ready for AI

Apr 16, 2024 | DARKREADING

Enterprises need to think about the impact on security budgets and resources as they adopt new...

Global Cybercriminal Duo Face Imprisonment After Hive RAT Scheme

Apr 16, 2024 | DARKREADING

The two allegedly sold the Trojan on Hack Forums, allowing other threat actors to gain...

Name That Toon: Last Line of Defense

Apr 16, 2024 | DARKREADING

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25...

Rockwell Automation ControlLogix and GuardLogix

Apr 16, 2024 | CISA Advisories

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.2 ATTENTION: Exploitable remotely/low attack complexity Vendor: Rockwell Automation Equipment: ControlLogix 5580, GuardLogix 5580, CompactLogix 5380, 1756-EN4TR Vulnerability: Improper...

RoboDK RoboDK

Apr 16, 2024 | CISA ICS Advisories

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 3.3 ATTENTION: Low attack complexity Vendor: RoboDK Equipment: RoboDK Vulnerability: Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could result...

CISA Releases Four Industrial Control Systems Advisories

Apr 16, 2024 | CISA Advisories

CISA released four Industrial Control Systems (ICS) advisories on April 16, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-24-107-01...

FBI: Smishing Campaign Lures Victims With Unpaid-Toll Notices

Apr 16, 2024 | DARKREADING

The scam is spreading across the US and impersonates the specific toll-collection services of each...

OpenJS Foundation Targeted in Potential JavaScript Project Takeover Attempt

Apr 16, 2024 | The Hacker News

Security researchers have uncovered a “credible” takeover attempt targeting the OpenJS Foundation in a manner that evokes similarities to the recently uncovered incident aimed at the open-source XZ Utils project....

2024 Artificial Intelligence for Materials Science (AIMS) Workshop

Apr 16, 2024 | NIST

As a part of the JARVIS workshop series, NIST is sponsoring the 5th Artificial Intelligence for Materials Science (AIMS) workshop . The workshop will be held in-person only at the National Cybersecurity Center of Excellence...

Measuresoft ScadaPro

Apr 16, 2024 | CISA ICS Advisories

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 6.8 ATTENTION: Low attack complexity Vendor: Measuresoft Equipment: ScadaPro Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this vulnerability could...

Electrolink FM/DAB/TV Transmitter

Apr 16, 2024 | CISA Advisories

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable remotely/low attack complexity/public exploits are available Vendor: Electrolink Equipment: FM/DAB/TV Transmitter Vulnerabilities: Authentication Bypass by...

3 Steps Executives and Boards Should Take to Ensure Cyber Readiness

Apr 16, 2024 | DARKREADING

Many teams think they’re ready for a cyberattack, but events have shown that many...

AWS, Google, and Azure CLI Tools Could Leak Credentials in Build Logs

Apr 16, 2024 | The Hacker News

New cybersecurity research has found that command-line interface (CLI) tools from Amazon Web Services (AWS) and Google Cloud can expose sensitive credentials in build logs, posing significant risks to organizations. The...

TA558 Hackers Weaponize Images for Wide-Scale Malware Attacks

Apr 16, 2024 | The Hacker News

The threat actor tracked as TA558 has been observed leveraging steganography as an obfuscation technique to deliver a wide range of malware such as Agent Tesla, FormBook, Remcos RAT, LokiBot, GuLoader, Snake Keylogger, and...

LockBit 3.0 Variant Generates Custom, Self-Propagating Malware

Apr 16, 2024 | DARKREADING

Kaspersky researchers discovered the new variant after responding to a critical incident targeting...

Identity in the Shadows: Shedding Light on Cybersecurity’s Unseen Threats

Apr 16, 2024 | The Hacker News

In today’s rapidly evolving digital landscape, organizations face an increasingly complex array of cybersecurity threats. The proliferation of cloud services and remote work arrangements has heightened the vulnerability of...

Widely-Used PuTTY SSH Client Found Vulnerable to Key Recovery Attack

Apr 16, 2024 | The Hacker News

The maintainers of the PuTTY Secure Shell (SSH) and Telnet client are alerting users of a critical vulnerability impacting versions from 0.68 through 0.80 that could be exploited to achieve full recovery of NIST P-521...

FTC Fines Mental Health Startup Cerebral $7 Million for Major Privacy Violations

Apr 16, 2024 | The Hacker News

The U.S. Federal Trade Commission (FTC) has ordered the mental telehealth company Cerebral from using or disclosing personal data for advertising purposes. It has also been fined more than $7 million over charges that it...

Hive RAT Creators and $3.5M Cryptojacking Mastermind Arrested in Global Crackdown

Apr 16, 2024 | The Hacker News

Two individuals have been arrested in Australia and the U.S. in connection with an alleged scheme to develop and distribute a remote access trojan called Hive RAT (previously Firebird). The U.S. Justice Department (DoJ) said the...

Cyber Operations Intensify in Middle East, With Israel the Main Target

Apr 15, 2024 | DARKREADING

Cyberattacks tripled over the past year in Israel, making it the most targeted nation in 2023, as...

Quick Palo Alto Networks Global Protect Vulnerablity Update (CVE-2024-3400), (Mon, Apr 15th)

Apr 15, 2024 | SANS ISC Bulletins

This is a quick update to our initial diary from this weekend [CVE-2024-3400]. At this point, we are not aware of a public exploit for this vulnerability. The widely shared GitHub exploit is almost certainly fake. As promised,...

Palo Alto Network Issues Hotfixes for Zero-Day Bug in Its Firewall OS

Apr 15, 2024 | DARKREADING

A sophisticated threat actor is leveraging the bug to deploy a Python backdoor for stealing data...