BleepingComputer.com

"OAuth risks:  How to identify, investigate, and mitigate them."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 12 June 2024, 1431 UTC.

Content and Source:  https://www.bleepingcomputer.com/

Please scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

LATEST ARTICLES

OAuth risks: How to identify, investigate, and mitigate them

  • OAuth apps can make our digital lives much easier, but it can also be a huge headache for security teams. Learn more from Nudge Security about these OAuth risks and how to investigate them.

  • Police arrests hacker
     
    SECURITY, LEGAL

Police arrest Conti and LockBit ransomware crypter specialist

  • The Ukraine cyber police have arrested a 28-year-old Russian man in Kyiv for working with Conti and LockBit ransomware operations to make their malware undetectable by antivirus software and conducting at least one attack himself.

  • Make data transfers easier with 3 essential PC apps for $29.97
     
    DEALS

Make data transfers easier with 3 essential PC apps for $29.97

  • Make data transfers easier with the the PC Transfer Kit Bundle for $29.97 (reg. $34.99), on sale through the end of the day on June 17.

    • BLEEPINGCOMPUTER DEALS
      •  
    • JUNE 12, 2024
      •  
    • 07:09 AM
      •  
    • Comment Count 0
  • Windows
     
    SECURITY

Black Basta ransomware gang linked to Windows zero-day attacks

  • The Cardinal cybercrime group (Storm-1811, UNC4394), who are the main operators of the Black Basta ransomware, is suspected of exploiting a Windows privilege escalation vulnerability, CVE-2024-26169, before a fix was made available.

  • Windows Server
     
    MICROSOFT

New Windows Server KB5039227 and KB5039217 updates fix LSASS crashes

  • Microsoft has released the Windows Server 2022 KB5039227 and Windows Server 2019 KB5039217 cumulative updates with security fixes and fixes for a variety of bugs.

  • JetBrains
     
    SECURITY

JetBrains warns of IntelliJ IDE bug exposing GitHub access tokens

  • JetBrains warned customers to patch a critical vulnerability that impacts users of its IntelliJ integrated development environment (IDE) apps and exposes GitHub access tokens.

  • Google Search Laptop
     
    DEALS

Grow your startup with this SEO and growth hacking bundle, now $25

  • If you're building your own company or trying to get hired in marketing, this bundle is a great asset. Right now, you can get lifetime on-demand access for just $24.99, saving a huge 67% off the original price for the training.

    • BLEEPINGCOMPUTER DEALS
      •  
    • JUNE 11, 2024
      •  
    • 02:12 PM
      •  
    • Comment Count 0
  • Windows 11
     
    MICROSOFT, SOFTWARE

Windows 11 KB5039212 update released with 37 changes, fixes

  • Microsoft is rolling out the KB5039212 cumulative update for Windows 11 version 23H3 with thirty-seven improvements and changes, including better drag-and-drop support in the File Explorer address bar.

  • Windows 10
     
    MICROSOFT

Windows 10 KB5039211 update released with new feature, 12 fixes

  • Microsoft has released the KB5039211 cumulative update for Windows 10 21H2 and Windows 10 22H2 with 12 changes, including a Snipping Tool feature that allows you to edit Android photos in Windows.

  • Patch Tuesday
     
    MICROSOFT, SECURITY

Microsoft June 2024 Patch Tuesday fixes 51 flaws, 18 RCEs

  • Today is Microsoft's June 2024 Patch Tuesday, which includes security updates for 51 flaws, eighteen remote code execution flaws, and one publicly disclosed zero-day vulnerability.

  • Cleveland
     
    SECURITY, GOVERNMENT

City of Cleveland shuts down IT systems after cyberattack

  • The City of Cleveland, Ohio, is currently dealing with a cyberattack that has forced it to take citizen-facing services offline, including the public offices and facilities at Erieview and the City Hall.

  • Hackers
     
    SECURITY

Chinese hackers breached 20,000 FortiGate systems worldwide

  • The Dutch Military Intelligence and Security Service (MIVD) warned today that the impact of a Chinese cyber-espionage campaign unveiled earlier this year is "much larger than previously known."

  • Cookie
     
    SECURITY

New Warmcookie Windows backdoor pushed via fake job offers

  • A never-before-seen Windows malware named 'Warmcookie' is distributed through fake job offer phishing campaigns to breach corporate networks.

  • Hacker ransomware
     
    SECURITY

TellYouThePass ransomware exploits recent PHP RCE flaw to breach servers

  • The TellYouThePass ransomware gang has been exploiting the recently patched CVE-2024-4577 remote code execution vulnerability in PHP to deliver webshells and execute the encryptor payload on target systems.

  • Pure Storage
     
    SECURITY

Pure Storage confirms data breach after Snowflake account hack

  • Pure Storage, a leading provider of cloud storage systems and services, confirmed on Monday that attackers breached its Snowflake workspace and gained access to what the company describes as telemetry information

  • Deeper Connect Air
     
    DEALS

Be secure anywhere with $60 off the Deeper Connect Air

  • Every network should be safe for when you need it most. Deeper Connect's travel router provides the peace of mind you need on the go for $159, $60 off the $219 MSRP when using coupon code: CONNECT.

    • BLEEPINGCOMPUTER DEALS
      •  
    • JUNE 11, 2024
      •  
    • 07:15 AM
      •  
    • Comment Count 0
  • Arm
     
    SECURITY

Arm warns of actively exploited flaw in Mali GPU kernel drivers

  • Arm has issued a security bulletin warning of a memory-related vulnerability in Bifrost and Valhall GPU kernel drivers that is being exploited in the wild.

  • GitHub
     
    SECURITY

Gitloker attacks abuse GitHub notifications to push malicious OAuth apps

  • Threat actors impersonate GitHub's security and recruitment teams in phishing attacks to hijack repositories using malicious OAuth apps in an ongoing extortion campaign wiping compromised repos.

  • Apple iphone
     
    APPLE, SECURITY

Apple enters AI arms race with new Apple Intelligence feature

  • Apple unveiled its new 'Apple Intelligence' feature today at its 2024 Worldwide Developer Conference, finally unveiling its generative AI strategy that will power new personalized experiences on Apple devices.

  • Netgear
     
    SECURITY, HARDWARE

Netgear WNR614 flaws allow device takeover, no fix available

  • Researchers found half a dozen vulnerabilities of varying severity impacting Netgear WNR614 N300, a budget-friendly router that proved popular among home users and small businesses.

VIEW MORE

Comments

Post a Comment

Please leave a comment about our recent post.

Popular posts from this blog

The Cyberwire Daily Briefing

Image
"Fortinet confirms breach of customer data." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 15 September 2024, 1339 UTC. Content and Source:   https://thecyberwire.com/newsletters/daily-briefing/13/176 Please check link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). V13 | Issue 176 | 9.13.24 Daily Briefing for 09.13.24 Announcement Cloud Security in the Age of Generative AI. Artificial Intelligence is revolutionizing business, but it also introduces new risks. Join us on Wednesday, September 18th at 2pm EDT for a compelling live webinar on "Good vs. Evil: Cloud Security in the Age of Generative AI" with N2K CyberWire’s Dave Bittner and Sysdig’s Loris Degioanni.  Learn more and register now . Summary By the CyberWire staff At a glance. Fortinet confirms breach of customer data. Iran's Scarred Manticore deploys ne
Read more

BleepingComputer.com

Image
"Progress LoadMaster vulnerable to 10/10 severity RCE flaw." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 08 September 2024, 1458 UTC. Content and Source:   https://www.bleepingcomputer.com/ Please check link or scroll down to read your selections. Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net). Latest Articles   Security Progress LoadMaster vulnerable to 10/10 severity RCE flaw Progress Software has issued an emergency fix for a maximum (10/10) severity vulnerability impacting its LoadMaster and LoadMaster Multi-Tenant (MT) Hypervisor products that allows attackers to remotely execute commands on the device. Bill Toulas   September 08, 2024   10:11 AM     0   Deals Get started learning about cybersecurity with this course bundle deal Take a real step towards a job in information security with this intro to cybersecurity. Get the 2024 Cybersecurity Essentials Bundl
Read more

SecurityWeek Briefing

Image
"New RAMBO attack allows air-gapped data theft." Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 10 September 2024, 0035 UTC. Content and Source:  https://www.securityweek.com Please check link or scroll down to read your selections.  Thanks for joining us today. Russ Roberts (https://www.hawaiicybersecurityjournal.net).   Monday, September 9 , 2024 Are you worried about unmanaged devices and apps? LATEST CYBERSECURITY HEADLINES New RAMBO Attack Allows Air-Gapped Data Theft Predator Spyware Resurfaces With Fresh Infrastructure Google Pushes Rust in Legacy Firmware to Tackle Memory Safety Flaws 300,000 Impacted by Data Breach at Car Rental Firm Avis One Million US Kaspersky Customers Transferred to Pango’s UltraAV Two Indicted in US for Running Dark Web Marketplaces Offering Stolen Information Critical SonicWall Vulnerability Possibly Exploited in Ransomware Attacks CISA Breaks Silence on Controversial ‘Airp
Read more