Security News Bundle

"BianLian threat actors exploiting JetBrains TeamCity flaws with ransomware attacks."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 11 March 2024, 1405 UTC.

Content and Source:   https://feedly.com/i/collection/content/user/f401222a-bca6-4c45-9cc1-183f239e8d86/category/7737d3c9-5fe2-4b34-8708-85e57085f895 ("Security News Bundle").

Please scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Security News Bundle

137

MOST POPULAR

BianLian Threat Actors Exploiting JetBrains TeamCity Flaws in Ransomware Attacks
7 TTPs
50The Hacker News 3h
The threat actors behind the BianLian ransomware have been observed exploiting security flaws in JetBrains TeamCity software to conduct their extortion-only attacks. According to a new report from GuidePoint Security, which responded to a recent intrusion, the incident "began with the exploitation of a TeamCity server which resulted in the deployment of a PowerShell implementation of
Experts released PoC exploit for critical Progress Software OpenEdge bug
Shared Modules (Enterprise T1129)
Security Affairs 2h
CVE-2024-1403
Researchers released technical specifics and a PoC exploit for a recently disclosed flaw in Progress Software OpenEdge Authentication Gateway and AdminServer. Researchers from Horizon3.ai have published technical details and a proof-of-concept (PoC) exploit for the critical security flaw CVE-2024-1403 in Progress Software OpenEdge Authentication Gateway and AdminServer. “The Progress OpenEdge tea

TODAY

Data Leakage Prevention in the Age of Cloud Computing: A New Approach
The Hacker News 1h
As the shift of IT infrastructure to cloud-based solutions celebrates its 10-year anniversary, it becomes clear that traditional on-premises approaches to data security are becoming obsolete. Rather than protecting the endpoint, DLP solutions need to refocus their efforts to where corporate data resides - in the browser. A new guide by LayerX titled "On-Prem is Dead. Have You Adjusted Your Web
Magnet Goblin group used a new Linux variant of NerbianRAT malware
IoC > 1 IP
Security Affairs 3h
7 TTPs
The financially motivated hacking group Magnet Goblin uses various 1-day flaws to deploy custom malware on Windows and Linux systems. A financially motivated threat actor named Magnet Goblin made the headlines for rapidly adopting and exploiting 1-day vulnerabilities, CheckPoint warned. The group focuses on internet-facing services, in at least one instance the group exploited the vulnerability C

YESTERDAY

Hackers exploited WordPress Popup Builder plugin flaw to compromise 3,300 sites
IoC > 2 domains and 1 URL
Security Affairs 5h
Process Injection (Enterprise T1055)
Threat actors are hacking WordPress sites by exploiting a vulnerability, tracked as CVE-2023-6000, in old versions of the Popup Builder plugin. In January, Sucuri researchers reported that Balada Injector malware infected over 7100 WordPress sites using a vulnerable version of the Popup Builder WordPress plugin . Sucurity reported that on December 13th, the Balada Injector campaign started infect
Proof-of-Concept Exploit Released for Progress Software OpenEdge Vulnerability
42The Hacker News 7h
Technical specifics and a proof-of-concept (PoC) exploit have been made available for a recently disclosed critical security flaw in Progress Software OpenEdge Authentication Gateway and AdminServer, which could be potentially exploited to bypass authentication protections. Tracked as CVE-2024-1403, the vulnerability has a maximum severity rating of 10.0 on the CVSS scoring system. It
Magnet Goblin Hacker Group Leveraging 1-Day Exploits to Deploy Nerbian RAT
Remote Access Software (Enterprise T1219)
56The Hacker News 7h
A financially motivated threat actor called Magnet Goblin is swiftly adopting one-day security vulnerabilities into its arsenal in order to opportunistically breach edge devices and public-facing services and deploy malware on compromised hosts. “Threat actor group Magnet Goblin’s hallmark is its ability to swiftly leverage newly disclosed vulnerabilities, particularly targeting
Lithuania security services warn of China’s espionage against the country
China escalates espionage against Lithuania
Security Affairs 15h
A report published by Lithuanian security services warned that China has escalated its espionage operations against Lithuania. A report released by Lithuanian security services has cautioned that China has intensified espionage activities targeting Lithuania. Previously, the government of Beijing was interested in information about the ‘five poisons’ (Taiwan, Hong Kong, Tibet, Xinjiang, and Falun


Comments

Post a Comment

Please leave a comment about our recent post.

Popular posts from this blog

SecurityWeek Briefing.

Image
"Microsoft offers up to $15,000 in New AI Bug Bounty Program." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 13 October 2023, 2020 UTC.  Content provided by email subscription to "SecurityWeek Briefing." Source:  https://mail.google.com/mail/u/0/#inbox/FMfcgzGtxdZHmrfcBkMDJSSNTtHlmhQX ("SecurityWeek Briefing"). Please click link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). SecurityWeek News Briefing | Friday, October 13, 2023 CISA Now Flagging Vulnerabilities, Misconfigurations Exploited by Ransomware Juniper Networks Patches Over 30 Vulnerabilities in Junos OS In Other News : Ex-Uber Security Chief Appeal, New Offerings From Tech Giants, Crypto Bounty Dozens of Squid Proxy Vulnerabilities Remain Unpatched 2 Years After Disclosure Microsoft Offers Up to $15,000 in New AI Bug Bounty Program Researcher Co
Read more

SecurityWeek Briefing.

Image
"Health Care Solutions giant disrupted by Cyberattack." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 19 October 2023, 2033 UTC.  Content provided by email subscription to "SecurityWeek Briefing." Source:  https://mail.google.com/mail/u/0/?tab=rm&ogbl#inbox/FMfcgzGwHLhdlHbpbQJXqhLLSvQbhdnC ("SecurityWeek Briefing"). Please click link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). SecurityWeek News Briefing | Thursday, October 19, 2023 Healthcare Solutions Giant Disrupted by Cyberattack Thousands of Remote IT Workers Sent Wages to North Korea to Help Fund Weapons Program CipherStash Raises $3 Million for Encryption-in-Use Technology US Government Releases Anti-Phishing Guidance Google Play Protect Gets Real-Time Code Scanning Number of Cisco Devices Hacked via Unpatched Vulnerability Increases to 40,00
Read more

Cyber War News Wire.

Image
 "Navy establishes cyber warfare enlisted rating." Views expressed in this cyber war, cybersecurity, cyber espionage update are those of the reporters and correspondents.  Accessed on 02 July 2023, 2311 UTC.  Content provided by EIN Presswire. Source:  https://mail.google.com/mail/u/0/#inbox/FMfcgzGtvsTbTPlbNrgzDpppFbtXwWxF ("Cyber War News Wire" from EIN Presswire). Please click link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). ·  Subscribe  ·  Unsubscribe My Alerts       Cyber War Newswire Got News to Share? Send 2 FREE Releases ↓ Daily update  ·  July 2, 2023     NEWS     Navy Establishes Cyber Warfare Enlisted Rating  Seapower Magazine ***** ARLINGTON, Va. — The U.S. Navy’s effort to expand its cyber warfare capabilities took another step with the establishment of the Cyber Warfare Technician (CWT) rating in its enlisted force.  The CTWs will conduct both offensive and defensive
Read more