BleepingComputer.com: Cybersecurity News.

"Over 15K Citrix servers likely vulnerable to CVE-2023-3519 attack."

Views expressed in this cybersecurity, cybercrime update are those of the reporters and correspondents.  Accessed on 22 July 2023, 1505 UTC.  Content supplied by "BleepingComputer.com."

Source:  https://www.bleepingcomputer.com/ ("BleepingComputer.com").

Please click link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

LATEST ARTICLES

• 
   
  SECURITY

Over 15K Citrix servers likely vulnerable to CVE-2023-3519 attacks

• Thousands of Citrix Netscaler ADC and Gateway servers exposed online are likely vulnerable against a critical remote code execution (RCE) bug exploited by unauthenticated attackers in the wild as a zero-day.

  • SERGIU GATLAN
   
  • JULY 22, 2023
   
  • 10:07 AM
   
  •  0
• 
   
  SECURITY, MICROSOFT

Stolen Azure AD key offered widespread access to Microsoft cloud services

• The Microsoft private encryption key stolen by Storm-0558 Chinese hackers provided them with access far beyond the Exchange Online and Outlook.com accounts that Redmond said were compromised, according to Wiz security researchers.

  • SERGIU GATLAN
   
  • JULY 21, 2023
   
  • 05:08 PM
   
  •  0
• 
   
  SECURITY

The Week in Ransomware - July 21st 2023 - Avaddon Back as NoEscape

• This edition of the Week in Ransomware covers the last two weeks of news, as we could not cover it last week, and includes quite a bit of new information, including the return of the Avaddon ransomware gang.

  • LAWRENCE ABRAMS
   
  • JULY 21, 2023
   
  • 04:01 PM
   
  •  0
• 
   
  SECURITY

Clop gang to earn over $75 million from MOVEit extortion attacks

• The Clop ransomware gang is expected to earn between $75-100 million from extorting victims of their massive MOVEit data theft campaign.

  • LAWRENCE ABRAMS
   
  • JULY 21, 2023
   
  • 12:34 PM
   
  •  3
• 
   
  SECURITY

Netscaler ADC bug exploited to breach US critical infrastructure org

• The US government is warning that threat actors breached the network of a U.S. organization in the critical infrastructure sector after exploiting a zero-day RCE vulnerability currently identified as CVE-2023-3519, a critical-severity issue in NetScaler ADC and Gateway that Citrix patched this week.

  • IONUT ILASCU
   
  • JULY 21, 2023
   
  • 08:51 AM
   
  •  0
• 
   
  TECHNOLOGY

Amazon agrees to $25 million fine for Alexa children privacy violations

• The U.S. Justice Department and the Federal Trade Commission (FTC) announced that Amazon has agreed to pay a $25 million fine to settle alleged children's privacy laws violations related to the company's Alexa voice assistant service.

  • SERGIU GATLAN
   
  • JULY 21, 2023
   
  • 08:02 AM
   
  •  0
• 
   
  SECURITY

VirusTotal apologizes for data leak affecting 5,600 customers

• VirusTotal apologized on Friday for leaking the information of over 5,600 customers after an employee mistakenly uploaded a CSV file containing their info to the platform last month.

  • SERGIU GATLAN
   
  • JULY 21, 2023
   
  • 05:35 AM
   
  •  1
• 
   
  SECURITY

GitHub warns of Lazarus hackers targeting devs with malicious projects

• GitHub is warning of a social engineering campaign targeting the accounts of developers in the blockchain, cryptocurrency, online gambling, and cybersecurity sectors to infect their devices with malware.

  • LAWRENCE ABRAMS
   
  • JULY 20, 2023
   
  • 06:48 PM
   
  •  0
• 
   
  SECURITY

Critical AMI MegaRAC bugs can let hackers brick vulnerable servers

• Two new critical severity vulnerabilities have been discovered in the MegaRAC Baseboard Management Controller (BMC) software made by hardware and software company American Megatrends International. 

  • SERGIU GATLAN
   
  • JULY 20, 2023
   
  • 12:30 PM
   
  •  0
• 
   
  MICROSOFT, SOFTWARE

Google Chrome gets Windows 11's new design - how to enable it

• Google's browser, Chrome, in its 115th version, has unveiled a feature that allows users to use Windows Mica material, a design element that enhances user personalization. To access this function, users are required to go to the Chrome flags menu and activate it manually.

  • MAYANK PARMAR
   
  • JULY 20, 2023
   
  • 12:18 PM
   
  •  4
• 
   
  SECURITY

JumpCloud breach traced back to North Korean state hackers

• US-based enterprise software company JumpCloud was breached by North Korean Lazarus Group hackers, according to security researchers at SentinelOne, CrowdStrike, and Mandiant.

  • SERGIU GATLAN
   
  • JULY 20, 2023
   
  • 08:25 AM
   
  •  0
• 
   
  SECURITY

New P2PInfect worm malware targets Linux and Windows Redis servers

• Earlier this month, security researchers discovered a new peer-to-peer (P2P) malware with self-spreading capabilities that targets Redis instances running on Internet-exposed Windows and Linux systems.

  • SERGIU GATLAN
   
  • JULY 20, 2023
   
  • 08:02 AM
   
  •  0
• 
   
  SECURITY

APT41 hackers target Android users with WyrmSpy, DragonEgg spyware

• The Chinese state-backed APT41 hacking group is targeting Android devices with two newly discovered spyware strains dubbed WyrmSpy and DragonEgg by Lookout security researchers. 

  • SERGIU GATLAN
   
  • JULY 20, 2023
   
  • 07:01 AM
   
  •  0
• 
   
  SECURITY

Estée Lauder beauty giant breached by two ransomware gangs

• Two ransomware actors, ALPHV/BlackCat and Clop, have listed beauty company Estée Lauder on their data leak sites as a victim of separate attacks.

  • IONUT ILASCU
   
  • JULY 19, 2023
   
  • 07:51 PM
   
  •  0
• 
   
  MICROSOFT, SOFTWARE

Hands on with GPT-4-powered Bing AI Chat's virtual search

• Bing Chat continues to enrich its user experience by rolling out a new feature - Visual Search in Chat. This function combines the power of OpenAI's GPT-4 model with image search abilities to offer a more interactive way of browsing the web.

  • MAYANK PARMAR
   
  • JULY 19, 2023
   
  • 05:20 PM
   
  •  0

• 1
 
• 2
 
• 3
 
• 4
 
• 5
 

VIEW MORE