#CyberSecurityNews

6 days ago

Active Attacks Targeting Google Chrome & ownCloud Flaws: CISA Warns https://gbhackers.com/cisa-warns-google-chromflaws/ #CyberSecurityNews #cybersecurity #Vulnerability #Chrome #Google

#CISA #Unitronics #PLC #Aliquippa #CyberAv3ngers #Iran #cybersecuritynews

1 week ago

The UK's NCSC concurs with CISA's security advisory "Exploitation of Unitronics PLCs used in Water and Wastewater Systems." This follows the 25 November 2023 reporting that Iran-backed Cyber Av3ngers compromised The Municipal Water Authority of Aliquippa, PA. If you own a Unitronics Vision PLC, please ensure that the default password "1111" is not in use.

🔗 https://www.ncsc.gov.uk/news/ncsc-statement-following-exploitation-of-unitronics-programmable-logic-controllers

#NTMWD #ransomware #DaixinTeam #cybersecuritynews

1 week ago

The Record: North Texas Municipal Water District (NTMWD), a water utility company serving 2 million, hit with cyberattack. Daixin Team claimed responsibility for the attack. This comes one day after the Municipal Water Authority of Aliquippa was attacked by the Iranian-backed hacking group Cyber Av3ngers.
🔗 https://therecord.media/north-texas-water-utility-cyberattack

2 weeks ago

These 7 items should be on your CISO checklist for 2024 – Source: www.cybertalk.org https://ciso2ciso.com/these-7-items-should-be-on-your-ciso-checklist-for-2024-source-www-cybertalk-org-2/ #rssfeedpostgeneratorecho #CitizenDevelopers #CyberSecurityNews #SecurityMaturity #CyberCriminals #CloudSecurity #cybersecurity #Cybersecurity #TRENDINGNOW #AIredteam #CyberTalk #zerotrust #CXOFILES #hackers #SaaS #ztna #AI

3 weeks ago

LummaC2 Malware Deploys New Trigonometry-Based Anti-Sandbox Technique – Source:thehackernews.com https://ciso2ciso.com/lummac2-malware-deploys-new-trigonometry-based-anti-sandbox-technique-sourcethehackernews-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #TheHackerNews #Malware #LummaC

3 weeks ago

OpenAI Fires CEO Sam Altman for Lying to Board of Directors – Source: www.govinfosecurity.com https://ciso2ciso.com/openai-fires-ceo-sam-altman-for-lying-to-board-of-directors-source-www-govinfosecurity-com/ #rssfeedpostgeneratorecho #govinfosecuritycom #CyberSecurityNews #OpenAI #Fires

#Apple #Armenia #Azerbaijan #cybersecuritynews

1 month ago

Apple warns Armenians of state-sponsored hacking attempts. The Record speculates that the spyware dropped is Pegasus and that the attacks are linked to Azerbaijan, which is a safe assumption given the ongoing Armenia-Azerbaijan conflicts.
Link: https://therecord.media/apple-warns-armenians-state-sponsored-hacking-attempts-azerbaijan

Christina Lekati

1 month ago

Microsoft published a new blog with an analysis of the TTPs of the Octo Tempest group (also known as 0ktapus or Scattered Spider), a financially motivated threat actor that relies heavily on #socialengineering for initial access.

This group is reportedly the one behind the Okta, MGM Resorts & Caesars this year, as well as the MailChimp & Twilio attacks last year.

"Octo Tempest commonly launches social engineering attacks targeting technical administrators, such as support and help desk personnel, who have permissions that could enable the threat actor to gain initial access to accounts. The threat actor performs research on the organization & identifies targets to effectively impersonate victims, mimicking idiolect on phone calls & understanding personal identifiable information to trick technical administrators into performing password resets & resetting MFA"

"Octo Tempest leverages tradecraft that many organizations don’t have in their typical threat models, such as SMS phishing, SIM swapping, and advanced social engineering techniques."

In reality, most organizations don't have a social engineering security protocol for most types of social engineering attacks beyond #phishing and *some* vishing attacks/tactics. There is a lot of work to be done...

The blog:

https://www.microsoft.com/en-us/security/blog/2023/10/25/octo-tempest-crosses-boundaries-to-facilitate-extortion-encryption-and-destruction/

#cybersecurity #cybersecuritynews #threatintelligence #scatteredspider #threatactors #infosec

#cybersecurity #threatlandscape #cybersecurityawareness #cybersecuritynews #socialengineering #infosec #informationsecurity #ransomware #malware #enisa

1 month ago

New BiBi-Linux wiper malware targets Israeli orgs in destructive attacks – Source: www.bleepingcomputer.com https://ciso2ciso.com/new-bibi-linux-wiper-malware-targets-israeli-orgs-in-destructive-attacks-source-www-bleepingcomputer-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #BLEEPINGCOMPUTER #BleepingComputer #Security #LINUX

Christina Lekati

2 months ago

🚨The ENISA Threat Landscape Report 2023 was released today!

It includes the top threats, major trends observed with respect to threats, threat actors & attack techniques, impact and motivation analysis.

It also describes relevant mitigation measures.

The top 3 threats that were identified and analyzed were:

🔹 Ransomware
🔹 Malware
🔹 Social Engineering

The report is a very insightful resource, especially for those who seek to make informed decisions for their cybersecurity strategy the coming year.

https://www.enisa.europa.eu/topics/cyber-threats/threats-and-trends

2 months ago

Encrypted messaging app Signal has pushed back against "viral reports" of an alleged zero-day flaw in its software, stating it found no evidence to support the claim. "After responsible investigation *we have no evidence that suggests this vulnerability is real nor has any additional info been shared via our official reporting channels,"* it said in a series of messages posted on the deadbird site.
Link: https://thehackernews.com/2023/10/signal-debunks-zero-day-vulnerability.html

Tags: #Signal #zeroday #cybersecuritynews

#cybersecuritynews #homerouters #statesponsored #statesponsoredattack

7 months ago

TBH I'm surprised this didn't happen sooner. Home routers are often thought of only when they fail in their purpose. APT and nationstate sponsored attacks can only be protected against only with concerted effort.

Resolving this problem is not simple. The ISP can't simply force updates to a wide array of devices that they may or may not own/control on the other end of the connection.

I haven't had consumer grade networking equipment in my house in years. The real issue with consumer grade tech, in my mind, is the lack of long term support. This leading to situations where updates aren't even flowing for those that take the time to periodically update!

https://arstechnica.com/information-technology/2023/05/malware-turns-home-routers-into-proxies-for-chinese-state-sponsored-hackers/

Erik Wynter

7 months ago

Does anyone know any cybersecurity reporters who'd be interested in a potential data leak at a European airline? My dms are open. #infosec #cybersecuritynews

#cybersecuritynews #casper #exfil #exfiltration

9 months ago

20 bits a second using high frequency audio. Clever way to target endpoints. The internal speaker seems almost pointless in a lot of machines... Perhaps buildings l vulnerabilities such as this will convince manufacturers to remove them?

https://www.bleepingcomputer.com/news/security/casper-attack-steals-data-using-air-gapped-computers-internal-speaker/

#cybersecurity #cybersec #cybersecuritynews #nist #nistcsf

9 months ago

It's about time! Five years is a long, long time, where cybersecurity is concerned. Looking forward to seeing the updated framework, down the line.

https://portswigger.net/daily-swig/nist-plots-biggest-ever-reform-of-cybersecurity-framework

CircleCityCon

#indianapolis #CybersecurityNews #infosec #midwest #Conferences

Circle City Con crew has been busy! Visit our new website! Not only is it redesigned; it has a list of speakers and the general schedule for CircleCityCon 10.0 #WhoDunit!
Check it out! https://circlecitycon.org

#cybersecuritynews #PoC #doublefree #openssh #jfrog

Nice write-up and PoC for the "Not believed to be exploitable" recently patched double-free OpenSSH bug. Thanks jfrog!

https://jfrog.com/blog/openssh-pre-auth-double-free-cve-2023-25136-writeup-and-proof-of-concept/

OPSEC Cybersecurity News Live

The Psychology Behind Spear Phishing Scams

https://www.cyberdefensemagazine.com/the-psychology-behind-spear-phishing-scams/

#CyberSecurityNews

#cybersecuritynews #rce #KSMBD

Glad most distros aren't enabling ksmbd by default! Another RCE has been discovered. Great breakdown of detection and mitigating here.

https://sysdig.com/blog/cve-2023-0210-linux-kernel-unauthenticated-remote-heap-overflow/

#cybersecuritynews #rce #tcpip

This is a fantastic dissection of the #EvilESP TCP/IP RCE vulnerability that was patched by Microsoft. I don't have time to finish reading or follow along myself currently, but I definitely plan on playing with this later today after work!

Understanding the mechanisms that are abused to achieve the exploit is what helps me fully grasp the implications of the vulnerability.

https://securityintelligence.com/posts/dissecting-exploiting-tcp-ip-rce-vulnerability-evilesp/

#cybersecuritynews #paypal #credentialstuffing #credentialstuffingattack

Just another friendly reminder to not reuse credentials - ever! I use a self hosted instance of bitwarden, but there are plenty of tools to manage credentials.

https://www.bleepingcomputer.com/news/security/paypal-accounts-breached-in-large-scale-credential-stuffing-attack/

#cybersecuritynews #wifi #reconnaissance

I've heard about WiFi signal absorption being used to determine occupancy, but this is next level!

https://www.tomshardware.com/news/wi-fi-routers-used-to-detect-human-locations-poses-within-a-room

#cybersecuritynews #ransomware

Five months between the foothold and the pivot. This is some serious long-game technique. More reason than ever to stay on top of patching!

https://www.bleepingcomputer.com/news/security/lorenz-ransomware-gang-plants-backdoors-to-use-months-later/

Marco Ciappelli🎙️✨:verified: :donor:

Well... I did it. I migrated (from https://nerfherders.io/@jack). Self-Hosting Mastodon was a blast but I'm changing roles professionally and won't have time for the work it takes. It's bittersweet. My old domain is currently dying a slow death, but trying to let the few users remaining migrate off of it.

I think I've found my new home though, this looks like an instance that is right up my alley.

Hi again, Fediverse! This is my re-#introduction post I suppose. I hope you're ready for more of my #cybersecuritynews and #cats posts!!