Month: August 2023

Hacktivist Collective “Mysterious Team Bangladesh” Revealed

August 4, 2023

Threat intelligence experts from Group-IB have shed light on the hacktivist collective known as Mysterious Team Bangladesh.In a report published...

Microsoft Teams Targeted in Midnight Blizzard Phishing Attacks

August 4, 2023

Microsoft Threat Intelligence has recently detected a series of highly targeted social engineering attacks employing credential theft phishing lures delivered...

CISA

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

August 4, 2023

CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog,...

CISA

CISA: Ivanti Releases Security Updates for EPMM to address CVE-2023-35081

August 4, 2023

Ivanti Releases Security Updates for EPMM to address CVE-2023-35081 Ivanti has identified and released patches for a directory traversal vulnerability(link is...

CISA

CISA: CISA Releases Five Industrial Control Systems Advisories

August 4, 2023

CISA Releases Five Industrial Control Systems Advisories CISA released five Industrial Control Systems (ICS) advisories on July 27, 2023. These...

CISA

CISA: CISA Releases Malware Analysis Reports on Barracuda Backdoors

August 4, 2023

CISA Releases Malware Analysis Reports on Barracuda Backdoors CISA has published three malware analysis reports on malware variants associated with...

CISA

CISA: CISA and Partners Release Joint Cybersecurity Advisory on Preventing Web Application Access Control Abuse

August 4, 2023

CISA and Partners Release Joint Cybersecurity Advisory on Preventing Web Application Access Control Abuse The Australian Signals Directorate’s Australian Cyber...

CISA

CISA: Mozilla Releases Security Updates for Multiple Products

August 4, 2023

Mozilla Releases Security Updates for Multiple Products Mozilla has released security updates to address vulnerabilities for Firefox 116, Firefox ESR...

CISA

CISA: CISA Releases One Industrial Control Systems Advisory

August 4, 2023

CISA Releases One Industrial Control Systems Advisory CISA released one Industrial Control Systems (ICS) advisory on August 1, 2023. This...

CISA

CISA: CISA Releases Five Industrial Control Systems Advisories

August 4, 2023

CISA Releases Five Industrial Control Systems Advisories CISA released five Industrial Control Systems (ICS) advisories on August 3, 2023. These...

CISA

CISA: CISA, NSA, FBI, and International Partners Release Joint CSA on Top Routinely Exploited Vulnerabilities of 2022

August 4, 2023

CISA, NSA, FBI, and International Partners Release Joint CSA on Top Routinely Exploited Vulnerabilities of 2022 The U.S. Cybersecurity and...

CISA

CISA: CISA and International Partner NCSC-NO Release Joint Cybersecurity Advisory on Threat Actors Exploiting Ivanti EPMM Vulnerabilities

August 4, 2023

CISA and International Partner NCSC-NO Release Joint Cybersecurity Advisory on Threat Actors Exploiting Ivanti EPMM Vulnerabilities The Cybersecurity and Infrastructure...

News

US-CERT Vulnerability Summary for the Week of July 24, 2023

August 3, 2023

High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infobiltay_technology -- scienta Improper Neutralization of Special Elements used in an SQL...

eb7bb5e5dea4685061b4b34c0549fab932e42c6ff99346f993615e45968d017a

PrivKit – Simple Beacon Object File That Detects Privilege Escalation Vulnerabilities Caused By Misconfigurations On Windows OS

August 3, 2023

PrivKit is a simple beacon object file that detects privilege escalation vulnerabilities caused by misconfigurations on Windows OS. PrivKit detects...

Malicious Apps Use Sneaky Versioning Technique to Bypass Google Play Store Scanners

August 3, 2023

Threat actors are leveraging a technique called versioning to evade Google Play Store's malware detections and target Android users. "Campaigns...

HackerOne Bug Bounty Disclosure: b-plaintext-leakage-of-dns-requests-in-windows-warp-client-b-vanhoefm

August 3, 2023

Company Name: b'Cloudflare Public Bug Bounty' Company HackerOne URL: https://hackerone.com/cloudflare Submitted By:b'vanhoefm'Link to Submitters Profile:https://hackerone.com/b'vanhoefm' Report Title:b'Plaintext leakage of DNS...

CISA

Month: August 2023

Hacktivist Collective “Mysterious Team Bangladesh” Revealed

Microsoft Teams Targeted in Midnight Blizzard Phishing Attacks

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

CISA: Ivanti Releases Security Updates for EPMM to address CVE-2023-35081

CISA: CISA Releases Five Industrial Control Systems Advisories

CISA: CISA Releases Malware Analysis Reports on Barracuda Backdoors

CISA: CISA and Partners Release Joint Cybersecurity Advisory on Preventing Web Application Access Control Abuse

CISA: Mozilla Releases Security Updates for Multiple Products

CISA: CISA Releases One Industrial Control Systems Advisory

CISA: CISA Releases Five Industrial Control Systems Advisories

CISA: CISA, NSA, FBI, and International Partners Release Joint CSA on Top Routinely Exploited Vulnerabilities of 2022

CISA: CISA and International Partner NCSC-NO Release Joint Cybersecurity Advisory on Threat Actors Exploiting Ivanti EPMM Vulnerabilities

US-CERT Vulnerability Summary for the Week of July 24, 2023

PrivKit – Simple Beacon Object File That Detects Privilege Escalation Vulnerabilities Caused By Misconfigurations On Windows OS

Malicious Apps Use Sneaky Versioning Technique to Bypass Google Play Store Scanners

HackerOne Bug Bounty Disclosure: b-plaintext-leakage-of-dns-requests-in-windows-warp-client-b-vanhoefm

CISA: CISA, NSA, FBI, and International Partners Release Joint CSA on Top Routinely Exploited Vulnerabilities of 2022

New Version of Rilide Data Theft Malware Adapts to Chrome Extension Manifest V3

A Penetration Testing Buyer’s Guide for IT Security Teams

Hundreds of Citrix NetScaler ADC and Gateway Servers Hacked in Major Cyber Attack

Global ransomware attacks at an all-time high, shows latest 2023 State of Ransomware report

Black Basta Ransomware Victim: EDVMS

Black Basta Ransomware Victim: Bartlett

Black Basta Ransomware Victim: All States Ag Parts

[QILIN] – Ransomware Victim: Zimmerman & Frachtman PA Law Firm

[QILIN] – Ransomware Victim: Calvert Home Mortgage Investment

[QILIN] – Ransomware Victim: LBCO Contracting LTD

Unveiling Blockchain Security: Safeguarding the Digital Ledger

A Fifth of UK Enterprises Uncertain About NIS2 Compliance Requirements

You may have missed