Information Management Today

Exploited TP-Link Vulnerability Spawns Botnet Threats

Data Breach Today

APRIL 17, 2024

Chinese router manufacture TP-Link in June patched a command injection vulnerability.

Manufacturing

Mitre Says Hackers Breached Unclassified R&D Network

Data Breach Today

APRIL 19, 2024

Threat Actor Exploited Ivanti Zero-Day Vulnerabilities in Cyberattack A nation-state threat actor gained access into an unclassified research and development network operated by MITRE, a non-profit that oversees key federal funded research and development centers for the U.S. government, the organization confirmed on Friday.

Government

Government Access

Jamf Threat Labs analyzes the exploited in-the-wild WebKit vulnerability CVE-2022-42856

Jamf

FEBRUARY 17, 2023

Jamf Threat Labs investigated a WebKit vulnerability that was exploited in the wild. This blog explores what the vulnerability looked like in the code and the patches Apple applied. Attackers can exploit CVE-2022-42856 to control code execution within WebKit, giving them the ability to read/write files.

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Likely State Hackers Exploiting Palo Alto Firewall Zero-Day

Data Breach Today

APRIL 15, 2024

Company Released a Hotfix to the Command Injection Vulnerability Firewall appliance manufacturer Palo Alto Networks rushed out a hotfix Friday to a command injection vulnerability present in its custom operating system after security researchers spotted a campaign to exploit the zero-day starting in March, likely from a state-backed threat actor.

Manufacturing

Manufacturing Security IT

Your Team's Pragmatic Guide to Security

Speaker: Naresh Soni, CTO, Tsunami XR

The pandemic has led to new data vulnerabilities, and therefore new cyber security threats. By understanding the latest threats and their solutions, you can come out of this crisis stronger than ever--without breaking the bank. He will cover: Types of vulnerabilities that need to be your focus today.

Security

Likely Chinese Hacking Contractor Is Quick to Exploit N-Days

Data Breach Today

MARCH 22, 2024

UNC5174 Exploited F5 BIG-IP and ScreenConnect Vulnerabilities A likely Chinese hacker-for-hire used high-profile vulnerabilities in a campaign targeting a slew of Southeast Asian and U.S. governmental and research organizations, says threat intel firm Mandiant.

Threat actor shared a list of 49,577 IPs vulnerable Fortinet VPNs

Security Affairs

NOVEMBER 22, 2020

A threat actor has published online a list of one-line exploits to steal VPN credentials from over 49,000 vulnerable Fortinet VPNs. A threat actor, who goes online with the moniker “pumpedkicks,” has leaked online a list of exploits that could be exploited to steal VPN credentials from almost 50,000 Fortinet VPN devices.

Government

Government Ransomware Access Cybersecurity

Threat actors target WordPress sites using vulnerable File Manager install

Security Affairs

SEPTEMBER 11, 2020

Experts reported threat actors are increasingly targeting a recently addressed vulnerability in the WordPress plugin File Manager. Researchers from WordPress security company Defiant observed a surge in the number of attacks targeting a recently addressed vulnerability in the WordPress plugin File Manager. of the popular plugin.

Passwords

Passwords Security IT Information Security

Jamf Threat Labs identifies Safari vulnerability allowing for Gatekeeper bypass

Jamf

MARCH 17, 2022

The Jamf Threat Labs recently discovered a new macOS vulnerability in the Safari browser that could lead to the execution of an unsigned and un-notarized application, without displaying security prompts to the user, by using a specially crafted zip file.

Security

The Ultimate Guide to Hardening Windows Servers

With cyber threats increasing, and businesses becoming more vulnerable, the need to invest in the right cybersecurity solutions has never been more important. How ThreatLocker can help you mitigate cyber threats with our unique endpoint solutions. And more!

Cybersecurity

Threat actors sell access to tens of vulnerable networks compromised by exploiting Atlassian 0day

Security Affairs

JUNE 26, 2022

A threat actor is selling access to 50 vulnerable networks that have been compromised exploiting the recently disclosed Atlassian Confluence zero-day. A threat actor is selling access to 50 vulnerable networks that have been compromised by exploiting the recently discovered Atlassian Confluence zero-day flaw ( CVE-2022-26134 ).

Access

Access Ransomware Security Information Security

Zimbra zero-day vulnerability actively exploited by an alleged Chinese threat actor

Security Affairs

FEBRUARY 4, 2022

An alleged Chinese threat actor is actively attempting to exploit a zero-day vulnerability in the Zimbra open-source email platform. An alleged Chinese threat actor, tracked as TEMP_Heretic , is actively attempting to exploit a zero-day XSS vulnerability in the Zimbra open-source email platform. Pierluigi Paganini.

Phishing

Phishing Cybersecurity Access Security

Chinese Group Runs Highly Persistent Ivanti 0-Day Exploits

Data Breach Today

FEBRUARY 28, 2024

UNC5325 Can Remain in Hacked Devices Despite Factory Reset and Patches Chinese threat actors are continuing to persist after exploiting the recent Ivanti Connect Secure VPN vulnerability even after factory resets, system upgrades and patches.

Security

Jamf Threat Labs identifies macOS Archive Utility vulnerability allowing for Gatekeeper bypass (CVE-2022-32910)

Jamf

OCTOBER 5, 2022

Jamf Threat Labs recently discovered a new macOS vulnerability in Archive Utility that could lead to the execution of an unsigned and unnotarized application without displaying security prompts to the user, by using a specially crafted archive. We reported our findings to Apple on May 31, 2022, and in macOS Monterey 12.5

Archiving

Archiving Security IT

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022.

Cybersecurity

Number of Attacks Against Critical Infrastructure Is Growing

Data Breach Today

FEBRUARY 8, 2024

New Report Shows a Surge in OT/IoT Threats and a 123% Increase in Hacking Attempts Threats to critical infrastructure are on the rise, as threat actors continue to scan networks, attack networks and devices, and try to get past access controls.

IoT

IoT Manufacturing Access

Using Mitre Att&CK with threat intelligence to improve Vulnerability Management

Outpost24

NOVEMBER 26, 2021

Using Mitre Att&CK with threat intelligence to improve Vulnerability Management. Threat Intelligence. Risk Based Vulnerability Management. Threat actors are constantly evolving their tactics and techniques in the attack lifecycle and infiltrate company infrastructure. Florian Barre. Fri, 11/26/2021 - 02:31.

Risk

Threat actors scan Internet for Vulnerable Microsoft Exchange Servers

Security Affairs

FEBRUARY 27, 2020

Experts warn that hackers are actively scanning the Internet for Microsoft Exchange Servers vulnerable in the attempt to exploit the CVE-2020-0688 RCE. The vulnerability resides in the Exchange Control Panel (ECP) component, the root cause of the problem is that Exchange servers fail to properly create unique keys at install time.

Authentication

Authentication Data breaches Communications Access

CISA Urges Patching as Hackers Exploit 'Looney Tunables' Bug

Data Breach Today

NOVEMBER 22, 2023

Kinsing Threat Actor Observed Targeting Vulnerable Cloud Environments With New Flaw The Cybersecurity and Infrastructure Security Agency is requiring federal agencies to patch Linux devices on their networks and urging private sector organizations to do the same after security researchers observed threat actors exploiting a new vulnerability on many (..)

Cloud

Cloud Cybersecurity Security

Denial-of-Service Attack Could Put Servers in Perpetual Loop

Data Breach Today

MARCH 21, 2024

Researchers Spot Vulnerability in Application-Layer Communication Protocol A new type of denial-of-service threat can disrupt an estimated 300,000 internet hosts that are at risk of exploitation.

Communications

Communications Information Security Risk Security

Vulnerable U.S. electric grid facing threats from Russia and domestic terrorists via CBS News

IG Guru

MARCH 2, 2022

The post Vulnerable U.S. electric grid facing threats from Russia and domestic terrorists via CBS News appeared first on IG GURU. Check out the article here.

Information governance

Information governance Risk Government Security

GUEST ESSAY: Successful tactics threat actors leverage to probe, compromise vulnerable networks

The Last Watchdog

FEBRUARY 7, 2022

When new vulnerabilities re announced or flaws are discovered in public or “off the shelf” applications, several things happen. As attackers started scanning for targets, our research team repurposed their techniques resulting in a tool that we used to help our customers find vulnerable API endpoints.

Authentication

Authentication Communications Risk Security

NIST Warns of Cyberthreats to AI Models

Data Breach Today

JANUARY 5, 2024

Data-Poisoning Attacks Are Critical Threat to Machine Learning Security, NIST Warns Machine learning systems are vulnerable to cyberattacks that could allow hackers to evade security and prompt data leaks, scientists at the National Institute of Standards and Technology warned.

Security

SonicWall Buys Solutions Granted to Offer MSPs More Services

Data Breach Today

NOVEMBER 16, 2023

Buying Master MSSP Will Bring MDR, SOC and Vulnerability Management to MSPs, MSSPs SonicWall acquired a longtime master MSSP partner to bring MDR, SOC and vulnerability management capabilities to its managed service providers.

Cloud

Cloud IT

Water Sector Leaders Urge Congress to Fund Cyber Mandates

Data Breach Today

JANUARY 31, 2024

water sector testified to the House subcommittee on environment, manufacturing and critical materials that entities across the country face funding and resource disparities as the increasingly vulnerable industry faces emerging threats from domestic and foreign cyber actors.

Manufacturing

Manufacturing Cybersecurity Risk

Hackers Using MOVEit Flaw to Deploy Web Shells, Steal Data

Data Breach Today

JUNE 2, 2023

Mandiant Said TTPs of Threat Group Behind Exploiting MOVEit Appear Similar to FIN11 Adversaries have taken advantage of a zero-day vulnerability in Progress Software's managed file transfer product to deploy web shells and steal data, Mandiant found.

ISMG Editors: What CISOs Should Prepare for in 2024

Data Breach Today

FEBRUARY 9, 2024

Joe Sullivan Also Discusses Identity Management, AI, State of Information Sharing In the latest weekly update, Joe Sullivan, CEO of Ukraine Friends, joins three editors at ISMG to discuss the challenges of being a CISO in 2024, growing threats from disinformation, vulnerabilities in MFA, AI's role in cybersecurity, and the obstacles to public-private (..)

Cybersecurity

Magniber Ransomware Group Exploiting Microsoft Zero Day

Data Breach Today

MARCH 16, 2023

Microsoft Patches Another SmartScreen Signature-Based Vulnerability A financial motivated hacking group has been exploiting a now-patched zero-day vulnerability in the Windows operating system to deliver ransomware. Google Threat Analysis Group attributed the campaign to Magniber ransomware group.

Ransomware

Ransomware IT

North Korean Hackers Exploiting Critical Flaw in DevOps Tool

Data Breach Today

OCTOBER 18, 2023

Pyongyang Hackers Exploiting Critical TeamCity Server Bug North Korean nation-state threat actors are exploiting a critical remote code execution vulnerability affecting multiple versions of a DevSecOps tool - a high-risk development, especially in light of Pyongyang hackers' recent track record of supply chain hacks.

Risk

London Cybersecurity Summit Spotlights AI and Ransomware

Data Breach Today

SEPTEMBER 26, 2023

Experts Emphasize Proactive Security Measures and Resilience to Mitigate Threats Information Security Media Group recently concluded its Cybersecurity Summit: London, which brought together industry leaders for a day of informative sessions covering a diverse range of critical cybersecurity topics, including CISOs' vulnerability to liability, ransomware (..)

Cybersecurity

Cybersecurity Ransomware Information Security Security

Censys Gets $75M to Grow Globally, Spend on Cloud, Analytics

Data Breach Today

OCTOBER 24, 2023

New Capital, Debt Funding Will Help Censys Analyze History of Vulnerable Data A threat hunting and exposure management startup led by ex-OneLogin CEO Brad Brooks received $75 million to invest in cloud and analytics and growing globally.

Analytics

Analytics Cloud

ISMG Editors: Ugly Health Data Breach Trends in 2023

Data Breach Today

DECEMBER 8, 2023

Also: Top Threat Actors Are Targeting Hospitals; Remembering Steve Katz In the latest weekly update, editors at ISMG discuss the rampant rise in healthcare sector attacks and breaches in 2023, the most common vulnerabilities and targets, and remember the life of the Steve Katz, the world's first CISO who inspired generations of security leaders.

Data breaches

Data breaches Security

Info-Stealing Malware Now Includes Google Session Hijacking

Data Breach Today

DECEMBER 29, 2023

Google OAuth2 Vulnerability Being Actively Abused by Attackers, Researchers Warn A previously undiscovered critical exploit can allow threat actors to gain persistent, unauthorized access to Google services and connected accounts even after users have changed their passwords, cybersecurity researchers warn.

Passwords

Passwords Cybersecurity Access

Multiple Flaws Uncovered in Data Center Systems

Data Breach Today

AUGUST 14, 2023

Vulnerabilities Found in CyberPower and Dataprobe Products Multiple vulnerabilities in data center power management systems and supply technologies enable threat actors to gain unauthorized access and perform remote code injection. The attackers can chain multiple vulnerabilities to gain full access to data center systems.

Access

Nation-State Hackers Exploiting WinRAR, Google Warns

Data Breach Today

OCTOBER 18, 2023

While RARLabs Patched Flaw, 'Many Users' Don't Appear to Have Updated the Software Nation-state hackers are targeting a vulnerability in WinRAR, a popular Windows utility for archiving files, warns Google’s Threat Analysis Group, which said it has seen "government-backed hacking groups" who hail from multiple countries, including China and Russia, (..)

Archiving

Archiving Government IT

API Flaws Put AI Models at Risk of Data Poisoning

Data Breach Today

DECEMBER 5, 2023

Hugging Face Fixes Flaw; Meta, Other Tech Giants Revoke Vulnerable Tokens Security researchers could access and modify an artificial intelligence code generation model developed by Facebook after scanning for API access tokens on AI developer platform Hugging Face and code repository GitHub.

Artificial Intelligence

Artificial Intelligence Risk Access Security

Chinese Hackers Exploit Barracuda ESG Zero-Day

Data Breach Today

JUNE 15, 2023

Targets Include Southeast Asian Foreign Ministry, Foreign Trade Offices in Taiwan Chinese hackers in a state-run operation compromised hundreds of organizations through a zero-day vulnerability in a popular email security appliance, warns cyber threat intelligence firm Mandiant.

Security

MOVEit Reveals Another SQL Injection Bug; New Victims Emerge

Data Breach Today

JUNE 16, 2023

New Vulnerability Allows Threat Actors to Modify, Disclose MOVEit Database Content The latest vulnerability in MOVEit's managed file transfer application could lead to escalated privileges and unauthorized access to customer environments.

Access

Twitter Confirms Zero-Day Bug That Exposed 5.4M Accounts

Data Breach Today

AUGUST 6, 2022

Vulnerability Allowed Threat Actors to Gain Access to Personal Information Twitter confirms that a zero-day vulnerability allowed threat actors to gain access to the personal information of 5.4 The company was notified about this specific vulnerability in Twitter's systems through their bug bounty program in January.

Access

Chinese Hackers Targeted G7 Summit Through MS Office Flaw

Data Breach Today

JUNE 21, 2023

APT Group Masqueraded as Indonesia's Foreign Ministries in Emails to G7 Officials Suspected Chinese APT groups exploited a 17-year-old Microsoft Office vulnerability in May to launch malware attacks against foreign government officials who attended a G7 summit in Hiroshima, Japan.

Government

Google Says 4 Attack Campaigns Exploited Zimbra Zero-Day

Data Breach Today

NOVEMBER 16, 2023

Zimbra Patched the Cross-Site Scripting Vulnerability on July 25 A zero-day flaw in the Zimbra Collaboration email server proved to be a bonanza for hackers as four distinct threat actors exploited the bug to steal email data and user credentials, says Google.

CrowdStrike, Google, Recorded Future Lead Threat Intel Wave

Data Breach Today

AUGUST 18, 2023

Kaspersky Falls From Leaderboard as Deliberate Decision Made to Nix Russian Firms Recorded Future has joined CrowdStrike and Google atop Forrester's external threat intelligence services rankings, while Kaspersky tumbled from the leaders category.

Critical CrushFTP zero-day exploited in attacks in the wild

Security Affairs

APRIL 20, 2024

Threat actors exploited a critical zero-day vulnerability in the CrushFTP enterprise in targeted attacks, Crowdstrike experts warn. CrushFTP has notified users of a virtual file system escape vulnerability impacting their FTP software, which could potentially enable users to download system files. ” reads the advisory.

Security

Security IT Information Security

Rethinking Vulnerability Management in a Heightened Threat Landscape

Threatpost

JULY 11, 2022

Find out why a vital component of vulnerability management needs to be the capacity to prioritize from Mariano Nunez, CEO of Onapsis and Threatpost Infosec Insiders columnist.

Exploited TP-Link Vulnerability Spawns Botnet Threats

Mitre Says Hackers Breached Unclassified R&D Network

Webinars

Trending Sources

Jamf Threat Labs analyzes the exploited in-the-wild WebKit vulnerability CVE-2022-42856

Webinars

Likely State Hackers Exploiting Palo Alto Firewall Zero-Day

Your Team's Pragmatic Guide to Security

Likely Chinese Hacking Contractor Is Quick to Exploit N-Days

Threat actor shared a list of 49,577 IPs vulnerable Fortinet VPNs

Threat actors target WordPress sites using vulnerable File Manager install

Jamf Threat Labs identifies Safari vulnerability allowing for Gatekeeper bypass

The Ultimate Guide to Hardening Windows Servers

Threat actors sell access to tens of vulnerable networks compromised by exploiting Atlassian 0day

Zimbra zero-day vulnerability actively exploited by an alleged Chinese threat actor

Chinese Group Runs Highly Persistent Ivanti 0-Day Exploits

Jamf Threat Labs identifies macOS Archive Utility vulnerability allowing for Gatekeeper bypass (CVE-2022-32910)

Software Composition Analysis: The New Armor for Your Cybersecurity

Number of Attacks Against Critical Infrastructure Is Growing

Using Mitre Att&CK with threat intelligence to improve Vulnerability Management

Threat actors scan Internet for Vulnerable Microsoft Exchange Servers

CISA Urges Patching as Hackers Exploit 'Looney Tunables' Bug

Denial-of-Service Attack Could Put Servers in Perpetual Loop

Vulnerable U.S. electric grid facing threats from Russia and domestic terrorists via CBS News

GUEST ESSAY: Successful tactics threat actors leverage to probe, compromise vulnerable networks

NIST Warns of Cyberthreats to AI Models

SonicWall Buys Solutions Granted to Offer MSPs More Services

Water Sector Leaders Urge Congress to Fund Cyber Mandates

Hackers Using MOVEit Flaw to Deploy Web Shells, Steal Data

ISMG Editors: What CISOs Should Prepare for in 2024

Magniber Ransomware Group Exploiting Microsoft Zero Day

North Korean Hackers Exploiting Critical Flaw in DevOps Tool

London Cybersecurity Summit Spotlights AI and Ransomware

Censys Gets $75M to Grow Globally, Spend on Cloud, Analytics

ISMG Editors: Ugly Health Data Breach Trends in 2023

Info-Stealing Malware Now Includes Google Session Hijacking

Multiple Flaws Uncovered in Data Center Systems

Nation-State Hackers Exploiting WinRAR, Google Warns

API Flaws Put AI Models at Risk of Data Poisoning

Chinese Hackers Exploit Barracuda ESG Zero-Day

MOVEit Reveals Another SQL Injection Bug; New Victims Emerge

Twitter Confirms Zero-Day Bug That Exposed 5.4M Accounts

Chinese Hackers Targeted G7 Summit Through MS Office Flaw

Google Says 4 Attack Campaigns Exploited Zimbra Zero-Day

CrowdStrike, Google, Recorded Future Lead Threat Intel Wave

Critical CrushFTP zero-day exploited in attacks in the wild

Rethinking Vulnerability Management in a Heightened Threat Landscape

Stay Connected