Month: August 2023

Russian Cybersecurity Exec Wanted By Russia and US

August 3, 2023

An employee at a Russian cybersecurity vendor has found himself at the center of a geopolitical tussle between the US...

Threat Actors Use AWS SSM Agent as a Remote Access Trojan

August 3, 2023

Threat actors have been observed using Amazon Web Services (AWS) 's System Manager (SSM) agent as a Remote Access Trojan...

Cloud Firm Under Scrutiny For Suspected Support of APT Operations

August 3, 2023

The cloud firm Cloudzy has come under scrutiny for its alleged support of advanced persistent threat (APT) operations.In a new...

AI-Powered CryptoRom Scam Targets Mobile Users

August 3, 2023

CryptoRom, a notorious scam that combines fake cryptocurrency trading and romance scams, has taken a new twist by utilizing generative...

AI-Enhanced Phishing Driving Ransomware Surge

August 3, 2023

Government agencies alongside education and healthcare organizations have become prime targets for ransomware operators over the past three years.According to...

MagicDuel – 138,443 breached accounts

August 3, 2023

HIBP In August 2023, the MagicDuel Adventure website suffered a data breach that exposed 138k user records. The data included...

CISA

CISA: CISA Releases Analysis of FY22 Risk and Vulnerability Assessments

August 3, 2023

CISA Releases Analysis of FY22 Risk and Vulnerability Assessments CISA has released an analysis and infographic detailing the findings from...

CISA

CISA: Ivanti Releases Security Updates for EPMM to address CVE-2023-35081

August 3, 2023

Ivanti Releases Security Updates for EPMM to address CVE-2023-35081 Ivanti has identified and released patches for a directory traversal vulnerability(link is...

CISA

CISA: CISA Releases Five Industrial Control Systems Advisories

August 3, 2023

CISA Releases Five Industrial Control Systems Advisories CISA released five Industrial Control Systems (ICS) advisories on July 27, 2023. These...

CISA

CISA: CISA and Partners Release Joint Cybersecurity Advisory on Preventing Web Application Access Control Abuse

August 3, 2023

CISA and Partners Release Joint Cybersecurity Advisory on Preventing Web Application Access Control Abuse The Australian Signals Directorate’s Australian Cyber...

CISA

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

August 3, 2023

CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...

CISA

CISA: Mozilla Releases Security Updates for Firefox and Firefox ESR

August 3, 2023

Mozilla Releases Security Updates for Firefox and Firefox ESR Mozilla has released security updates to address vulnerabilities for Firefox 116,...

CISA

CISA: CISA and International Partner NCSC-NO Release Joint Cybersecurity Advisory on Threat Actors Exploiting Ivanti EPMM Vulnerabilities

August 3, 2023

CISA and International Partner NCSC-NO Release Joint Cybersecurity Advisory on Threat Actors Exploiting Ivanti EPMM Vulnerabilities The Cybersecurity and Infrastructure...

CISA

CISA: CISA Releases One Industrial Control Systems Advisory

August 3, 2023

CISA Releases One Industrial Control Systems Advisory CISA released one Industrial Control Systems (ICS) advisory on August 1, 2023. This...

CISA

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

August 3, 2023

CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog,...

CISA

CISA: CISA Releases Malware Analysis Reports on Barracuda Backdoors

August 3, 2023

CISA Releases Malware Analysis Reports on Barracuda Backdoors CISA has published three malware analysis reports on malware variants associated with...

News

US-CERT Vulnerability Summary for the Week of July 24, 2023

August 2, 2023

High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infobiltay_technology -- scienta Improper Neutralization of Special Elements used in an SQL...

edfb9f3d575d3f5c46b771d9603f9eb57893161838191eaacdd953b01b9c3d9c

KRBUACBypass – UAC Bypass By Abusing Kerberos Tickets

August 2, 2023

This POC is inspired by James Forshaw (@tiraniddo) shared at BlackHat USA 2022 titled “Taking Kerberos To The Next Level...

CISA

Month: August 2023

Russian Cybersecurity Exec Wanted By Russia and US

Threat Actors Use AWS SSM Agent as a Remote Access Trojan

Cloud Firm Under Scrutiny For Suspected Support of APT Operations

AI-Powered CryptoRom Scam Targets Mobile Users

AI-Enhanced Phishing Driving Ransomware Surge

MagicDuel – 138,443 breached accounts

CISA: CISA Releases Analysis of FY22 Risk and Vulnerability Assessments

CISA: Ivanti Releases Security Updates for EPMM to address CVE-2023-35081

CISA: CISA Releases Five Industrial Control Systems Advisories

CISA: CISA and Partners Release Joint Cybersecurity Advisory on Preventing Web Application Access Control Abuse

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

CISA: Mozilla Releases Security Updates for Firefox and Firefox ESR

CISA: CISA and International Partner NCSC-NO Release Joint Cybersecurity Advisory on Threat Actors Exploiting Ivanti EPMM Vulnerabilities

CISA: CISA Releases One Industrial Control Systems Advisory

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

CISA: CISA Releases Malware Analysis Reports on Barracuda Backdoors

US-CERT Vulnerability Summary for the Week of July 24, 2023

KRBUACBypass – UAC Bypass By Abusing Kerberos Tickets

CISA: Mozilla Releases Security Updates for Firefox and Firefox ESR

Russian Cyber Adversary BlueCharlie Alters Infrastructure in Response to Disclosures

Phishers Exploit Salesforce’s Email Services Zero-Day in Targeted Facebook Campaign

Researchers Uncover AWS SSM Agent Misuse as a Covert Remote Access Trojan

Industrial Control Systems Vulnerabilities Soar: Over One-Third Unpatched in 2023

Top Industries Significantly Impacted by Illicit Telegram Networks

[QILIN] – Ransomware Victim: Zimmerman & Frachtman PA Law Firm

[QILIN] – Ransomware Victim: Calvert Home Mortgage Investment

[QILIN] – Ransomware Victim: LBCO Contracting LTD

Unveiling Blockchain Security: Safeguarding the Digital Ledger

A Fifth of UK Enterprises Uncertain About NIS2 Compliance Requirements

You may have missed