Aggregator

Яблочный гигант меняет тактику в борьбе со шпионским ПО.

Высоко над нашими головами кипит невидимая и немного опасная жизнь.

Web-Scanner1.0正式版—全新的WEB目录探测工具

At AppViewX, our top priority is safeguarding the digital identities that are the backbone of moder

CVE-2024-43461, a spoofing vulnerability affecting Windows MSHTML – a software component used by various apps for rendering render web pages on Windows – “was exploited as a part of an attack chain relating to CVE-2024-38112, prior to July 2024,” Microsoft has revealed. The latter vulnerability was patched by the company in July 2024, and threat hunters with Trend Micro’s Zero Day Initiative explained that it had been used by the Void Banshee APT group to … More →

The post Microsoft confirms second 0-day exploited by Void Banshee APT (CVE-2024-43461) appeared first on Help Net Security.

Cybersecurity researchers have warned of ongoing phishing campaigns that abuse refresh entries in H

Phishing, despite its somewhat innocuous name, remains one of the foremost security threats facing businesses today. Improved awareness by the public and controls such as multi-factor authentication (MFA) have failed to stem the tide.

The FBI Internet Crime Report puts phishing and its variants (spear phishing, smishing, vishing) as the top cybercrime for the last five years, and the advent of generative AI has only added fuel to the fire. Using ChatGPT and other tools, hackers can quickly create personalized messages, in local languages, to launch widespread, highly effective phishing campaigns.

In the last six months alone, malicious emails have increased by 341%, prompting industry experts to urge organizations of all sizes to implement phishing-resistant MFA.

The post What Is Phishing-Resistant MFA and How Does it Work? appeared first on Security Boulevard.

История беспрецедентной травли в сети начинается включает кражу белья и создание ИИ-клонов.

В Госдуму внесен новый законопроект.

In episode 346, we discuss new AI-driven voicemail scams that sound convincingly real a

Today, the Cybersecurity and Infrastructure Security Agency (CISA) released the Federal Civilian Executive Branch (FCEB) Operational Cybersecurity Alignment (FOCAL) Plan. Developed in collaboration with FCEB agencies, this plan provides standard, essential components of enterprise operational cybersecurity and aligns the collective operational defense capabilities across the federal enterprise.

Currently, federal agencies maintain their own networks and system architectures—and they independently manage their cyber risk. CISA’s FOCAL plan aligns the federal enterprise, empowering agencies to better address the dynamic cyber threat environment collectively. The plan recommends actions that substantively advance operational cybersecurity improvements and alignment goals. 

For additional guidance, visit CISA’s Securing Networks web page. 

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation.

• CVE-2024-43461 Microsoft Windows MSHTML Platform Spoofing Vulnerability
• CVE-2024-6670 Progress WhatsUp Gold SQL Injection Vulnerability

These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.

Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities established the Known Exploited Vulnerabilities Catalog as a living list of known Common Vulnerabilities and Exposures (CVEs) that carry significant risk to the federal enterprise. BOD 22-01 requires Federal Civilian Executive Branch (FCEB) agencies to remediate identified vulnerabilities by the due date to protect FCEB networks against active threats. See the BOD 22-01 Fact Sheet for more information.

Although BOD 22-01 only applies to FCEB agencies, CISA strongly urges all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of Catalog vulnerabilities as part of their vulnerability management practice. CISA will continue to add vulnerabilities to the catalog that meet the specified criteria.

Cybersecurity researchers are continuing to warn about North Korean threat actors' attempts to target prospective victims on LinkedIn to deliver malware called RustDoor. The latest advisory comes from Jamf Threat Labs, which said it spotted an attack attempt in which a user was contacted on the professional social network by claiming to be a recruiter for a legitimate decentralized

A vulnerability in Azure API Management (APIM) has been identified. It allows attackers to escalate privileges and access sensitive information. This issue arises from a flaw in the Azure Resource Manager (ARM) API, which permits unauthorized access to critical resources. This article delves into the specifics of the vulnerability, its implications, and the steps taken […]

The post Azure API Management Vulnerability Let Attackers Escalate Privileges appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

For the latest discoveries in cyber research for the week of 16th September, please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES The Port of Seattle has confirmed that the Rhysida ransomware group was responsible for a cyberattack in August 2024, which affected its critical systems, including Seattle-Tacoma International Airport. The ransomware attack caused […]

The post 16th September – Threat Intelligence Report appeared first on Check Point Research.