"Atomic Stealer Malware strikes macOS via fake browser updates."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 26 November 2023, 1436 UTC.

Content and Source:  https://feedly.com/i/collection/content/user/f401222a-bca6-4c45-9cc1-183f239e8d86/category/7737d3c9-5fe2-4b34-8708-85e57085f895 ("Security News Bundle" via https://feedly.com).

Please click link or scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Security News Bundle

16

MOST POPULAR

Atomic Stealer malware strikes macOS via fake browser updates

2 TTPs

•

100+BleepingComputer / 16h

•

Mac users targeted by Atomic Stealer

The 'ClearFake' fake browser update campaign has expanded to macOS, targeting Apple computers with Atomic Stealer (AMOS) malware. [...]

Gulf Air Exposed To Data Breach, Vital Operations Not Affected

Gulf Air data breach contained

•

63Packet Storm Security / 21h

[no content]

Security Affairs newsletter Round 447 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs / 1h

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Rhysida ransomware gang claimed China Energy hack North Korea-linked APT Lazarus is using a MagicLine4NX zero-day flaw in supply chain attack Hama

YESTERDAY

Broadcom Planning to Complete Deal for $69 Billion Acquisition of VMWare After Regulators Give OK

SecurityWeek / 12h

Broadcom has cleared all regulatory hurdles and plans to complete its $69 billion acquisition of cloud technology company VMware. The post appeared first on SecurityWeek .

General Electric investigates claims of cyber attack, data theft

General Electric Data

•

29BleepingComputer / 15h

General Electric is investigating claims that a threat actor breached the company's development environment in a cyberattack and leaked allegedly stolen data. [...]

Rhysida ransomware gang claimed China Energy hack

2 TTPs

•

Security Affairs / 15h

The Rhysida ransomware group claimed to have hacked the Chinese state-owned energy conglomerate China Energy Engineering Corporation. The Rhysida ransomware gang added the China Energy Engineering Corporation to the list of victims on its Tor leak site. Energy China https://t.co/uxjslhW8l2 TL;DR That's huuuge! China Energy Engineering Group ranks 3rd in ENR Top 150 Global Engineering Design Firms

General Electric investigates claims of cyberattack, data theft

General Electric Data

•

29BleepingComputer / 16h

General Electric is investigating claims that a threat actor breached the company's development environment in a cyberattack and leaked allegedly stolen data. [...]

North Korea-linked APT Lazarus is using a MagicLine4NX zero-day flaw in supply chain attack

6 TTPs

•

Security Affairs / 20h

•

North Korean supply chain attacks

UK and South Korea agencies warn that North Korea-linked APT Lazarus is using a MagicLine4NX zero-day flaw in supply-chain attack The National Cyber Security Centre (NCSC) and Korea’s National Intelligence Service (NIS) released a joint warning that the North Korea-linked Lazarus hacking group is exploiting a zero-day vulnerability in the MagicLine4NX software to carry out supply-chain attacks. M

Novel Mirai-Based DDoS Botnet Exploits 0-Days To Infect Routers And Security Cameras

2 TTPs

•

Packet Storm Security / 21h

•

Mirai botnet exploits zero-days

[no content]

OpenCart Owner Turns Air Blue After Researcher Discloses Serious Vuln

Packet Storm Security / 21h

[no content]

Sensitive Kubernetes Secrets Discovered Exposed

Exposed Kubernetes Secrets Threaten Supply Ch

•

Packet Storm Security / 21h

[no content]

North Korean Software Supply Chain Attack Hits North America, Asia

3 TTPs

•

Packet Storm Security / 21h

•

North Korean cyberattack on CyberLink

[no content]

NOV 24, 2023

New 'HrServ.dll' Web Shell Detected in APT Attack Targeting Afghan Government

5 TTPs

•

61The Hacker News / 1d

•

HrServ Web Shell

An unspecified government entity in Afghanistan was targeted by a previously undocumented web shell called HrServ in what’s suspected to be an advanced persistent threat (APT) attack. The web shell, a dynamic-link library (DLL) named “hrserv.dll,” exhibits “sophisticated features such as custom encoding methods for client communication and in-memory execution,” Kaspersky security researcher Mert

Warning: 3 Critical Vulnerabilities Expose ownCloud Users to Data Breaches

Exploitation for Client Execution (Enterprise T1203)

•

82The Hacker News / 1d

The maintainers of the open-source file-sharing software ownCloud have warned of three critical security flaws that could be exploited to disclose sensitive information and modify files. A brief description of the vulnerabilities is as follows - Disclosure of sensitive credentials and configuration in containerized deployments impacting graphapi versions from 0.2.0 to 0.3.0. (CVSS score: 10.0)

Hamas-linked APT uses Rust-based SysJoker backdoor against Israel

4 TTPs

•

Security Affairs / 1d

•

Hamas cyberattacks use Rust

Researchers reported that a Hamas-linked APT group is using a Rust-based SysJoker backdoor against Israeli entities. Check Point researchers observed a Hamas-linked APT group is using the SysJoker backdoor against Israeli entities. In December 2021, security experts from Intezer first discovered the SysJoker backdoor, which is able to infect Windows, macOS, and Linux systems. The version employed

App used by hundreds of schools leaking children’s data

Security Affairs / 1d

Almost a million files with minors’ data, including home addresses and photos were left open to anyone on the internet, posing a threat to children. During a recent investigation, the Cybernews research team discovered that IT company Appscook – which develops applications used by more than 600 schools in India and Sri Lanka for education management – leaked a staggering amount of sensitive data,

END OF FEED