Threat Note – Page 1849 – Aggregating Cyber Insights

From The Hacker News – Binance’s Smart Chain Exploited in New ‘EtherHiding’ Malware Campaign

Threat actors have been observed serving malicious code by utilizing Binance's Smart Chain (BSC) contracts in what has been described as the "next level of bulletproof hosting." The campaign, detected two months ago, has been codenamed EtherHiding by Guardio Labs. The novel twist marks the latest iteration in an ongoing campaign that leverages compromised WordPress sites to serve unsuspecting

Samir K October 16, 2023

News

From The Hacker News – Microsoft to Phase Out NTLM in Favor of Kerberos for Stronger Authentication

Microsoft has announced that it plans to eliminate NT LAN Manager (NTLM) in Windows 11 in the future, as it pivots to alternative methods for authentication and bolster security. "The focus is on strengthening the Kerberos authentication protocol, which has been the default since 2000, and reducing reliance on NT LAN Manager (NTLM)," the tech giant said. "New features for Windows 11 include

Samir K October 14, 2023

Articles

From Schneier on Security – Friday Squid Blogging: On Squid Intelligence

Article about squid intelligence. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting…

Samir K October 13, 2023

Breaches

From Dark Reading – How MOVEit Is Likely to Shift Cyber Insurance Calculus

Progress Software plans to collect millions in cyber insurance policy payouts after the MOVEit breaches, which will make getting coverage more expensive and harder to get for everyone else, experts…

Samir K October 13, 2023

News

From Dark Reading – Feds: Beware AvosLocker Ransomware Attacks on Critical Infrastructure

CISA and FBI warn the RaaS provider's affiliates are striking critical industries, with more attacks expected to come from additional ransomware groups in the months ahead. Read More

Samir K October 13, 2023

News

From Dark Reading – Security Pros Warn that EU’s Vulnerability Disclosure Rule is Risky

The European Union's Cyber Resilience Act's requirement to disclose vulnerabilities within 24 hours of exploitation could potentially expose organizations to attacks from adversaries or government surveillance. Read More

Samir K October 13, 2023

News

From Dark Reading – ShellBot Cracks Linux SSH Servers, Debuts New Evasion Tactic

The botnet — built for DDoS, backdooring, and dropping malware — is evading standard URL signature detections with a novel approach. Read More

Samir K October 13, 2023

News

From Dark Reading – Microsoft Debuts AI Bug-Bounty Program, Offers $15K

The goal of the program is to uncover critical or important vulnerabilities within the AI-powered Bing program. Read More

Samir K October 13, 2023

News

From Dark Reading – Passkeys Are Cool, But They Aren’t Enterprise-Ready

The passwordless technology is becoming popular because Apple, Google and Microsoft have a solution for accounts recovery, but enterprises are slow-walking their passkey adoption plans. Read More

Samir K October 13, 2023

News

From Cyber Security News – Telegram, AWS, and Alibaba Cloud Users Targeted in Latest Supply Chain Attack

A new supply-chain attack, which was active throughout September 2023, has been discovered in which threat actors used Typosquatting and Startjacking techniques to lure developers using Alibaba cloud services, AWS,…

Samir K October 13, 2023

News

From Cyber Security News – OWASP ZAP 2.14.0 Released – What’s New!

OWASP ZAP is a free and open-source web application security scanner. It is designed to be utilized by expert penetration testers as well as individuals who are new to application…

Samir K October 13, 2023

News

From The Hacker News – New PEAPOD Cyberattack Campaign Targeting Women Political Leaders

European Union military personnel and political leaders working on gender equality initiatives have emerged as the target of a new campaign that delivers an updated version of RomCom RAT called PEAPOD. Cybersecurity firm Trend Micro attributed the attacks to a threat actor it tracks under the name Void Rabisu, which is also known as Storm-0978, Tropical Scorpius, and UNC2596, and is also

Samir K October 13, 2023

News

From Dark Reading – What the Hollywood Writers Strike Resolution Means for Cybersecurity

The writers' strike shows that balancing artificial intelligence and human ingenuity is the best possible outcome for creative as well as cybersecurity professionals. Read More

Samir K October 13, 2023

News

From Security Week – CISA Now Flagging Vulnerabilities, Misconfigurations Exploited by Ransomware

CISA is now flagging vulnerabilities and misconfigurations that are known to be exploited in ransomware attacks. The post CISA Now Flagging Vulnerabilities, Misconfigurations Exploited by Ransomware appeared first on SecurityWeek. Read…

Samir K October 13, 2023

News

From Security Week – Juniper Networks Patches Over 30 Vulnerabilities in Junos OS

Juniper Networks patches over 30 vulnerabilities in Junos OS and Junos OS Evolved, including nine high-severity bugs. The post Juniper Networks Patches Over 30 Vulnerabilities in Junos OS appeared first…

Samir K October 13, 2023

From Schneier on Security – Friday Squid Blogging: Giant Squid Live in the Waters of Western Australia

From Dark Reading – ShinyHunters Claims Second Attack Against Instructure

From Cyber Security News – New PamDOORa Backdoor Attacking Linux Systems to Steal SSH Credentials

From Cyber Security News – Hackers Deploy Modular RAT With Credential Theft and Screenshot Capture Capabilities

From The Hacker News – TCLBANKER Banking Trojan Targets Financial Platforms via WhatsApp and Outlook Worms

From Cyber Security News – Škoda Security Incident Exposes Customers Data From Online Shop

From Schneier on Security – Insider Betting on Polymarket

From Cyber Security News – Hackers Use Fake OpenClaw Installer to Steal Crypto Wallet and Password Manager Credentials

From Graham Cluley – One in eight UK workers has sold their company passwords, and bosses think it’s fine

From The Hacker News – Fake Call History Apps Stole Payments From Users After 7.3 Million Play Store Downloads

From Schneier on Security – Friday Squid Blogging: Giant Squid Live in the Waters of Western Australia

From Dark Reading – ShinyHunters Claims Second Attack Against Instructure

From Cyber Security News – New PamDOORa Backdoor Attacking Linux Systems to Steal SSH Credentials

From Cyber Security News – Hackers Deploy Modular RAT With Credential Theft and Screenshot Capture Capabilities

From The Hacker News – TCLBANKER Banking Trojan Targets Financial Platforms via WhatsApp and Outlook Worms

From Cyber Security News – Škoda Security Incident Exposes Customers Data From Online Shop

From The Hacker News – Binance’s Smart Chain Exploited in New ‘EtherHiding’ Malware Campaign

From The Hacker News – Microsoft to Phase Out NTLM in Favor of Kerberos for Stronger Authentication

From Schneier on Security – Friday Squid Blogging: On Squid Intelligence

From Dark Reading – How MOVEit Is Likely to Shift Cyber Insurance Calculus

From Dark Reading – Feds: Beware AvosLocker Ransomware Attacks on Critical Infrastructure

From Dark Reading – Security Pros Warn that EU’s Vulnerability Disclosure Rule is Risky

From Dark Reading – ShellBot Cracks Linux SSH Servers, Debuts New Evasion Tactic

From Dark Reading – Microsoft Debuts AI Bug-Bounty Program, Offers $15K

From Dark Reading – Passkeys Are Cool, But They Aren’t Enterprise-Ready

From Cyber Security News – Telegram, AWS, and Alibaba Cloud Users Targeted in Latest Supply Chain Attack

From Cyber Security News – OWASP ZAP 2.14.0 Released – What’s New!

From The Hacker News – New PEAPOD Cyberattack Campaign Targeting Women Political Leaders

From Dark Reading – What the Hollywood Writers Strike Resolution Means for Cybersecurity

From Security Week – CISA Now Flagging Vulnerabilities, Misconfigurations Exploited by Ransomware

From Security Week – Juniper Networks Patches Over 30 Vulnerabilities in Junos OS

From Schneier on Security – Friday Squid Blogging: Giant Squid Live in the Waters of Western Australia

From Dark Reading – ShinyHunters Claims Second Attack Against Instructure

From Cyber Security News – New PamDOORa Backdoor Attacking Linux Systems to Steal SSH Credentials

From Cyber Security News – Hackers Deploy Modular RAT With Credential Theft and Screenshot Capture Capabilities