Aggregator

The Russian state-sponsored APT29 hacking group has been observed using the same iOS and Android exploits created by commercial spyware vendors in a series of cyberattacks between November 2023 and July 2024. [...]

MEDIA ADVISORY Leading experts to share insights on using orchestration to re-architect aging identity and access management environments BOULDER, Colo., Aug. 29, 2024 – Strata Identity, the Identity Orchestration company, today announced it will host a free webinar on how to tear down outdated IAM architectures and replace legacy identity and access management (IAM) services...

The post Strata Identity to Host Tear Down and Modernization Webinar for Legacy Identity Infrastructures appeared first on Strata.io.

The post Strata Identity to Host Tear Down and Modernization Webinar for Legacy Identity Infrastructures appeared first on Security Boulevard.

Gift cards and loyalty programs are used by retailers to increase customer traffic, build brand awareness, and gain new customers. However, they also attract the attention of fraudsters who exploit these systems, causing substantial financial losses and undermining customer trust. This blog explores the nature of gift card and loyalty program abuse and how proper […]

The post What is Gift Card and Loyalty Program Abuse? appeared first on Cequence Security.

The post What is Gift Card and Loyalty Program Abuse? appeared first on Security Boulevard.

CEO George Kurtz on New Recovery Techniques and Controls Implemented Post-Incident
CEO George Kurtz said CrowdStrike has blunted the business impact from the massive July 19 outage and is implementing changes to prevent a repeat occurrence. CrowdStrike is boosting the resilience of its Falcon platform through improved content visibility and control and enhanced quality assurance.

We’re sharing an update on suspected state-backed attacker APT29 and the use of exploits identical to those used by Intellexa and NSO.

An instance of the Corona Mirai botnet spreads via AVTECH CCTV zero-day and multiple previously known vulnerabilities. Akamai’s Security Intelligence and Response Team (SIRT) has detected a botnet campaign exploiting multiple previously known vulnerabilities and a newly discovered zero-day, tracked as CVE-2024-7029 (CVSS score: 8.7), in AVTECH CCTV cameras. The flaw is a command injection issue […]

2019 年以 300 万美元收购轻博客服务 Tumblr 的 Automattic 宣布将其后端搬到 WordPress。该公司澄清 Tumblr 不会变成 WordPress，它只是运行在 WordPress 之上，用户不会有体验上的差异。Automattic 称，收购 Tumblr 是为了受益于差异化，它会加强而不是削弱这种差异。它不会改变 Tumblr 极简的发布体验和产品方向。后端转移到 WordPress 有利于工程团队开发适用于两种服务的工具和功能，Tumblr 将能利用 WordPress.org 上的开源开发成果。

Новая версия принесла автоматическое переключение профилей, поддержку Lua 5.4 и многое другое.

Rust for Linux 内核维护者 Wedson Almeida Filho 宣布了辞职，导致他辞职的一大原因是围绕内核使用 Rust 语言的非技术性争论。Wedson 是微软工程师，参与了大量与 Rust Linux 内核功能相关的工作，包括实验性的将 EXT2 文件系统驱动移植到 Rust。但现在他宣布自己受够了，表示自己没有了回应非技术性争论的精力和热情，他更热衷于与 Rust for Linux 团队讨论技术性问题，坚信内核的未来是采用内存安全的语言。

The latest release of the Dragos Platform provide industrial and critical infrastructure organizations with complete and enriched view of their OT environment.

Today, CISA—in partnership with the Federal Bureau of Investigation (FBI), Multi-State Information Sharing and Analysis Center (MS-ISAC), and Department of Health and Human Services (HHS)—released a joint Cybersecurity Advisory, #StopRansomware: RansomHub Ransomware. This advisory provides network defenders with indicators of compromise (IOCs), tactics, techniques, and procedures (TTPs), and detection methods associated with RansomHub activity identified through FBI investigations and third-party reporting as recently as August 2024.

RansomHub is a ransomware-as-a-service variant—formerly known as Cyclops and Knight—which has recently attracted high-profile affiliates from other prominent variants such as LockBit and ALPHV.

CISA encourages network defenders to review this advisory and apply the recommended mitigations. See #StopRansomware and the #StopRansomware Guide for additional guidance on ransomware protection, detection, and response. Visit CISA’s Cross-Sector Cybersecurity Performance Goals for more information on the CPGs, including added recommended baseline protections.

CISA encourages software manufacturers to take ownership of improving the security outcomes of their customers by applying secure by design methods. For more information on Secure by Design, see CISA’s Secure by Design webpage and joint guide Shifting the Balance of Cybersecurity Risk: Principles and Approaches for Secure by Design Software.

CISA released three Industrial Control Systems (ICS) advisories on August 29, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.

• ICSA-24-242-01 Rockwell Automation ThinManager ThinServer
• ICSA-24-242-02 Delta Electronics DTN Soft
   
• ICSA-24-226-06 Rockwell Automation FactoryTalk View Site Edition (Update A)

CISA encourages users and administrators to review the newly released ICS advisories for technical details and mitigations.

Chainalysis report reveals a likely increase in new internet scams this year as fraudsters adapt to increasing enforcement efforts

GAITHERSBURG, Md. — Today, the U.S. Artificial Intelligence Safety Institute at the U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) announced agreements that enable formal collaboration on AI safety research

A vulnerability, which was classified as critical, was found in B&R Industrial Automation B&R APROL up to R 4.4-00P3. Affected is an unknown function. The manipulation leads to untrusted search path. This vulnerability is traded as CVE-2024-5623. An attack has to be approached locally. There is no exploit available.

A vulnerability, which was classified as problematic, has been found in B&R Industrial Automation B&R APROL up to R 4.4-00P3. This issue affects some unknown processing. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-5624. The attack may be initiated remotely. There is no exploit available.

A vulnerability classified as problematic was found in MagePeople Team Taxi Booking Manager for WooCommerce Plugin up to 1.0.9 on WordPress. This vulnerability affects unknown code. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-43986. The attack can be initiated remotely. There is no exploit available.

A vulnerability classified as critical has been found in B&R Industrial Automation B&R APROL up to R 4.2-07P3/R 4.4-00P3. This affects an unknown part. The manipulation leads to execution with unnecessary privileges. This vulnerability is uniquely identified as CVE-2024-5622. Attacking locally is a requirement. There is no exploit available.

U.S. cybersecurity and intelligence agencies have called out an Iranian hacking group for breaching multiple organizations across the country and coordinating with affiliates to deliver ransomware. The activity has been linked to a threat actor dubbed Pioneer Kitten, which is also known as Fox Kitten, Lemon Sandstorm (formerly Rubidium), Parisite, and UNC757, which it described as connected to