Latest cybersecurity news, information, and commentary.

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 04 March 2024, 1359 UTC.

Content and Source:  https://feedly.com/i/collection/content/user/f401222a-bca6-4c45-9cc1-183f239e8d86/category/7737d3c9-5fe2-4b34-8708-85e57085f895 ("Security News Bundle").

Please scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Security News Bundle

24

MOST POPULAR

From 500 to 5000 Employees - Securing 3rd Party App-Usage in Mid-Market Companies

20The Hacker News / 2h

A company’s lifecycle stage, size, and state have a significant impact on its security needs, policies, and priorities. This is particularly true for modern mid-market companies that are either experiencing or have experienced rapid growth. As requirements and tasks continue to accumulate and malicious actors remain active around the clock, budgets are often stagnant at best. Yet, it is crucial

New GTPDOOR backdoor is designed to target telecom carrier networks

2 TTPs

•

Security Affairs / 1h

•

GTPDOOR Linux Malware targets telecoms

Researcher HaxRob discovered a previously undetected Linux backdoor named GTPDOOR, designed to target telecom carrier networks. Security researcher HaxRob discovered a previously undetected Linux backdoor dubbed GTPDOOR, which is specifically crafted to carry out stealth cyber operations within mobile carrier networks. I recently found two very interesting Linux binaries uploaded to Virustotal. I

Linux Foundation Tackles Financial Fraud With Open Source Platform

Tazama fights fraud in banking

•

SecurityWeek / 11min

The open source platform Tazama provides cost-effective monitoring of digital financial transactions to prevent fraud in real time. The post appeared first on SecurityWeek .

TODAY

Hikvision Patches High-Severity Vulnerability in Security Management System

SecurityWeek / 11min

A high-severity vulnerability in HikCentral Professional could lead to unauthorized access to certain URLs. The post appeared first on SecurityWeek .

Webinar Tomorrow: OT Cybersecurity Risk Mitigation Strategies

SecurityWeek / 11min

Webinar will provide valuable insights from Honeywell professionals who will guide you through the intricacies of industrial cybersecurity. The post appeared first on SecurityWeek .

How Traffic, State, and Organizational Data Help Fortify Your Network

SecurityWeek / 11min

Traffic data is the lifeblood of network security, representing the raw, unfiltered truth of what is happening on the network. The post appeared first on SecurityWeek .

Millions of Malicious Repositories Flood GitHub

GitHub faces massive malware attack

•

Dark Reading / 28min

GitHub and cyberattackers are waging a quiet, automated war over malicious repos.

FCC Employees Targeted in Sophisticated Phishing Attacks

IoC > 1 domain

•

SecurityWeek / 1h

•

4 TTPs

•

Phishing kit targets cryptocurrency users

Advanced phishing kit employs novel tactics in attack targeting cryptocurrency platforms and FCC employees. The post appeared first on SecurityWeek .

Remote Stuxnet-Style Attack Possible With Web-Based PLC Malware: Researchers

2 TTPs

•

SecurityWeek / 1h

Researchers demonstrate that remote Stuxnet-style attacks are possible against many modern PLCs using web-based malware. The post appeared first on SecurityWeek .

Exceptional Women Recognised for Contribution to Cyber Industry at Most Inspiring Women in Cyber Awards 2024

IT Security Guru / 3h

The 20 winners of the Most Inspiring Women in Cyber Awards were announced at a ceremony held at the prestigious BT Tower in London on the 27th February 2024. The awards celebrated the achievements of women working in cybersecurity around the globe – whether recognising personal achievements, efforts to close the gender divide in the industry or those mentoring the next generation of women in cybe

YESTERDAY

Over 100 Malicious AI/ML Models Found on Hugging Face Platform

IoC > 1 IP

•

85The Hacker News / 4h

•

Hugging Face AI platform compromised

As many as 100 malicious artificial intelligence (AI)/machine learning (ML) models have been discovered in the Hugging Face platform. These include instances where loading a pickle file leads to code execution, software supply chain security firm JFrog said. "The model's payload grants the attacker a shell on the compromised machine, enabling them to gain full control over victims'

The federal bureau of trolling hits LockBit, but the joke's on us

LockBit ransomware gang resumes operations

•

The Register – Security / 4h

When you can't lock 'em up, lock 'em out Opinion The best cop shows excel at mind games: who's tricking whom, who really wins, and what price they pay. A twist of humor adds to the drama and keeps us hooked. It's rare enough in real life, far less so in the grim meat grinder of cybersecurity, yet sometimes it happens. It's happening right now.…

Threat actors hacked Taiwan-based Chunghwa Telecom

Taiwan military data breach

•

Security Affairs / 4h

Threat actors stole sensitive and confidential data from the telecom giant Chunghwa Telecom Company, revealed the Ministry of National Defense. Chunghwa Telecom Company , Ltd. (literally Chinese Telecom Company) is the largest integrated telecom service provider in Taiwan, and the incumbent local exchange carrier of PSTN, Mobile, and broadband services in the country. Threat actors stole sensitiv

Multistage RA World Ransomware Uses Anti-AV Tactics, Exploits GPO

13 TTPs

•

Trend Micro Research, News and Perspecti... / 5h

The Trend Micro threat hunting team came across an RA World attack involving multistage components designed to ensure maximum impact.

New Linux variant of BIFROSE RAT uses deceptive domain strategies

IoC > 1 domain

•

Security Affairs / 5h

•

Keylogging (Enterprise T1056.001)

•

Bifrost RAT Linux deception tactic

A new Linux variant of the remote access trojan (RAT) BIFROSE (aka Bifrost) uses a deceptive domain mimicking VMware. Palo Alto Networks Unit 42 researchers discovered a new Linux variant of Bifrost (aka Bifrose) RAT that uses a deceptive domain (download.vmfare[.]com) that mimics the legitimate VMware domain. The Bifrost RAT has been active since 2004, it allows its operators to gather sensitive

Stealthy GTPDOOR Linux malware targets mobile operator networks

65BleepingComputer / 6h

Security researcher HaxRob discovered a previously unknown Linux backdoor named GTPDOOR, designed for covert operations within mobile carrier networks. [...]

Microsoft: Windows 11 “invites” coming to more Windows 10 Pro PCs

Microsoft pushing Windows 11 upgrades

•

100+BleepingComputer / 6h

Starting next month, Microsoft nag screens pushing Windows 11 will also show up on non-managed enterprise devices running Windows 10 Pro and Pro Workstation. [...]

Content farm impersonates 60+ major news outlets, like BBC, CNN, CNBC

BleepingComputer / 6h

BleepingComputer has discovered a content farm operating some 60+ domains named after popular media outlets, including the BBC, CNBC, CNN, Forbes, Huffington Post, The Guardian, and Washington Post, among others. These sites build SEO for their online gambling ventures and sell "press release" slots at hefty prices. [...]

Phobos Ransomware Aggressively Targeting U.S. Critical Infrastructure

8 TTPs

•

50The Hacker News / 8h

U.S. cybersecurity and intelligence agencies have warned of Phobos ransomware attacks targeting government and critical infrastructure entities, outlining the various tactics and techniques the threat actors have adopted to deploy the file-encrypting malware. “Structured as a ransomware as a service (RaaS) model, Phobos ransomware actors have targeted entities including municipal and

LockBit's contested claim of fresh ransom payment suggests it's been well hobbled

2 TTPs

•

The Register – Security / 10h

ALSO: CISA warns Ivanti vuln mitigations might not work, SAML hijack doesn't need ADFS, and crit vulns Infosec in brief The infamous LockBit ransomware gang has been busy in the ten days since an international law enforcement operation took down many of its systems. But despite its posturing, the gang might have suffered more than it's letting on.…

Ahead of Super Tuesday, US elections face existential and homegrown threats

FBI warns of election threats

•

The Register – Security / 12h

Misinformation is rife, AI makes it easier to create, and 42 percent of the planet’s inhabitants get to vote this year Feature Two US intelligence bigwigs last week issued stark warnings about foreign threats to American election integrity and security – and the nation's ability to counter these adversaries.…

Eken camera doorbells allow ill-intentioned individuals to spy on you

Create Account (Enterprise T1136)

•

Security Affairs / 19h

•

Video doorbells have security flaws

Camera doorbells manufactured by the Chinese company Eken Group Ltd under the brands EKEN and Tuck are affected by major vulnerabilities. Researchers from Consumer Reports (CR) discovered severe vulnerabilities in doorbell cameras manufactured by the Chinese company Eken Group Ltd. The company produces video doorbells under the brand names EKEN and Tuck, its products are by major retailers, inclu

Georgia’s Largest County Is Still Repairing Damage From January Cyberattack

Georgia's largest county repairing cyberattack

•

SecurityWeek / 1d

Georgia’s largest county is still repairing damage inflicted on its government offices by a cyberattack in January 2024. The post appeared first on SecurityWeek .

Security Affairs newsletter Round 461 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs / 1d

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. U.S. authorities charged an Iranian national for long-