Aggregator

Q3 2024 saw a slight increase in ransomware activity, with 1,266 organizations listed on ransomware data-leak sites—a 2.3% increase from 1,237 in the previous quarter.

0xGame week1 re&pwn&web

Windows 内核态驱动本地权限提升漏洞（CVE-2024-35250）

Lawmakers Demand Answers, Security Overhaul After Chinese Hack of Telecom Networks
Congress is demanding answers from AT&T, Verizon, and Lumen after reports revealed that Chinese hackers breached U.S. telecom infrastructure, targeting systems linked to court-authorized wiretaps, as the FBI and the Cybersecurity and Infrastructure Security Agency investigate the Salt Typhoon group.

Texas-Based Gryphon Healthcare Says an Unnamed Third Party Was at Center of Breach
A Texas-based revenue cycle management firm is notifying about 400,000 individuals of a hacking incident it says originated with another third party. The incident is among a growing list of major breaches implicating vendors and cumulatively affecting tens of millions of patients so far this year.

Sector Uses Multifactor, Eschews Cloud, Can't Afford Cyber Insurance
The oil and gas industry has high levels of cyber awareness and low levels of cyber insurance, says a sectoral assessment from credit rating agency Moody's. The sector has experienced a clutch of high-profile attacks including a high-profile 2021 incident at Colonial Pipeline.

Only Six Nations Have Incorporated NIS2 Into National Statute
Most European countries are set to miss a trading bloc deadline for implementing a key cybersecurity regulation that requires measures such as mandatory security auditing for essential services such as hospitals and banks. Just six countries have integrated the NIS2 directive into national law.

Today, the Biden-Harris Administration announced that the U.S. Department of Commerce and Wolfspeed, Inc. have signed a non-binding preliminary memorandum of terms (PMT) to provide up to $750 million in proposed direct funding under the CHIPS and

Today, CISA published the Framing Software Component Transparency, created by the Software Bill of Materials (SBOM) Tooling & Implementation Working Group, one of the five SBOM community-driven workstreams facilitated by CISA. CISA’s community-driven working groups publish documents and reports to advance and refine SBOM and ultimately promote adoption. This resource serves as the detailed foundation of SBOM, defining SBOM concepts and related terms and offering an updated baseline of how software components are to be represented. This document serves as a guide on the processes around SBOM creation.

For more information on all things SBOM, please visit CISA’s Software Bill of Materials website.

CISA released two Industrial Control Systems (ICS) advisories on October 15, 2024. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.

• ICSA-24-289-01 Siemens Siveillance Video Camera
• ICSA-24-289-02 Schneider Electric Data Center Expert

CISA encourages users and administrators to review newly released ICS advisories for technical details and mitigations.

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.

• CVE-2024-30088 Microsoft Windows Kernel TOCTOU Race Condition Vulnerability
• CVE-2024-9680 Mozilla Firefox Use-After-Free Vulnerability
• CVE-2024-28987 SolarWinds Web Help Desk Hardcoded Credential Vulnerability

These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.

Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.

Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.

The new center will support U.S. engagement in international standardization for critical and emerging technologies.

This blog is part of a larger NIST series during the month of October for Cybersecurity Awareness Month , called 'Staff Stories Spotlight.' Throughout the month of October this year, Q&A style blogs will be published featuring some of our unique staff members who have interesting backgrounds, stories to tell, and projects in the world of cybersecurity. This year’s Cybersecurity Awareness Month theme is ‘Secure our World.’ How does this theme resonate with you, as someone working in cybersecurity? Now more than ever, the use of technology is central to our lives. It is the means by which we are

Вебинар Positive Technologies состоится 24 октября в 14:00 (мск).

Иранские хакеры подстегнули республиканцев воспользоваться военными технологиями.

10.31相约深圳，不见不散！

Last week, CISA added CVE-2024-23113 – a critical vulnerability that allows unauthenticated remote code/command execution on unpatched Fortinet FortiGate firewalls – to its Known Exploited Vulnerabilities catalog, thus confirming that it’s being leveraged by attackers in the wild. The Shadowserver Foundation shared on Sunday that there are still 87,000+ internet-facing Fortinet devices likely vulnerable to the flaw. About CVE-2024-23113 CVE-2024-23113, a format string vulnerability that affects the FortiOS FGFM (FortiGate to FortiManager) daemon and can … More →

The post 87,000+ Fortinet devices still open to attack, are yours among them? (CVE-2024-23113) appeared first on Help Net Security.

The sophisticate campaign, ErrorFather, employs keylogging, virtual networks and a domain generation algorithm to target Android users

股市是一个充满机遇与挑战的投资市场，尤其是中国 A 股市场，因其波动性大、散户占比较高等特点，常常让投资者在牛市与熊市的反复轮回中迷失方向。对于想在股市中稳步

A vulnerability has been found in Acronis Cyber Protect 16 and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cleartext transmission of sensitive information. This vulnerability was named CVE-2024-49387. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.