"US. CISA adds microsoft windows and others to its known exploited vulnerabilities catalog."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 20 September 2024, 0327 UTC.

Content and Source:  Email subscription via https://feedly.com.   https://feedly.com/i/subscription/feed%2Fhttp%3A%2F%2Fsecurityaffairs.co%2Fwordpress%2Ffeed

Please scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Security Affairs

67K followers26 articles per week#security#tech

19

Most popular

U.S. CISA adds Microsoft Windows, Apache HugeGraph-Server, Oracle JDeveloper, Oracle WebLogic Server, and Microsoft SQL Server bugs to its Known Exploited Vulnerabilities catalog

5 TTPs

•

by Pierluigi Paganini / 11h

•

CISA warns of actively exploited vulnerabilities

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Windows, Apache HugeGraph-Server, Oracle JDeveloper, Oracle WebLogic Server, and Microsoft SQL Server bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added SonicWall SonicOS, ImageMagick and Linux Kernel vulnerabilities to its Known Exploited Vulnerabil

Ivanti warns of a new actively exploited Cloud Services Appliance (CSA) flaw

2 TTPs

•

by Pierluigi Paganini / 6h

Ivanti warned of a new Cloud Services Appliance (CSA) vulnerability that is being exploited in attacks in the wild against a limited number of customers. Ivanti warned of a new Cloud Services Appliance (CSA) vulnerability, tracked as CVE-2024-8963 (CVSS score of 9.4), actively exploited in attacks in the wild against a limited number of customers. The vulnerability is a path traversal security is

International law enforcement operation dismantled criminal communication platform Ghost

Ghost app creator arrested in Australia

•

by Pierluigi Paganini / 8h

An international law enforcement operation infiltrated the encrypted messaging app Ghost, which was widely used by criminals, resulting in the arrest of dozens of individuals. An international law enforcement operation infiltrated the encrypted communications app Ghost, designed for criminal use, leading to numerous arrests. The alleged administrator of the app, Jay Je Yoon Jung (32), was charged

Yesterday

SIEM for Small and Medium-Sized Enterprises: What you need to know

by Pierluigi Paganini / 17h

Small and medium-sized enterprises (SMEs) are a frequent target for cybercriminals. How can SIEM help them improve their cybersecurity? Contrary to what they might believe, small and medium-sized enterprises (SMEs) are a favorite target for cybercriminals. Research from the Identity Theft Resource Center (ITRC) recently found that 73% of US small business owners experienced a cyberattack in 2023.

Antivirus firm Dr.Web disconnected all servers following a cyberattack

Doctor Web suffers cyberattack

•

by Pierluigi Paganini / 18h

Russian anti-virus firm Doctor Web (Dr.Web) disconnected all servers following a cyberattack over the weekend. This week, the Russian anti-malware firm Doctor Web (Dr.Web) announced that it had disconnected all servers following a cyberattack on Saturday, September 14. The company revealed it has detected “signs of unauthorised interference” to its IT infrastructure. The company pointed out that

Experts warn of China-linked APT’s Raptor Train IoT Botnet

6 TTPs

•

by Pierluigi Paganini / 1d

•

Raptor Train botnet compromises 200000 devices

Researchers warn of a new IoT botnet called Raptor Train that already compromised over 200,000 devices worldwide. Cybersecurity researchers from Lumen’s Black Lotus Labs discovered a new botnet, named Raptor Train, composed of small office/home office (SOHO) and IoT devices. The experts believe the botnet is controlled by a Chine-linked APT group Flax Typhoon (also called Ethereal Panda or RedJul

Credential Flusher, understanding the threat and how to protect your login data

IoC > 1 URL

•

by Pierluigi Paganini / 1d

•

New credential stealing technique discovered

Credential Flusher is a method that allows hackers to steal login credentials directly from the victim’s web browser. The cyber attacks have become increasingly sophisticated, putting our personal information at risk. One of the latest and most insidious techniques is Credential Flusher, a method that allows hackers to steal login credentials directly from the victim’s web browser. The following

U.S. Treasury issued fresh sanctions against entities linked to the Intellexa Consortium

US sanctions Intellexa spyware enablers

•

by Pierluigi Paganini / 1d

The U.S. Department of Treasury issued new sanctions against five executives and one entity linked to the Intellexa Consortium. The Department of the Treasury’s Office of Foreign Assets Control (OFAC) issued new sanctions against five individuals and one entity associated with the Intellexa Consortium for their role in developing, operating, and distributing commercial spyware. The Intellexa Cons

Sep 17, 2024

Broadcom fixed Critical VMware vCenter Server flaw CVE-2024-38812

4 TTPs

•

by Pierluigi Paganini / 1d

Broadcom addressed a critical vulnerability in the VMware vCenter Server that could allow remote attackers to achieve code execution. Broadcom released security updates to address a critical vulnerability, tracked as CVE-2024-38812 (CVSS score: 9.8), in VMware vCenter Server that could lead to remote code execution. vCenter Server is a critical component in VMware virtualization and cloud computi

Remote attack on pagers used by Hezbollah caused 9 deaths and thousands of injuries

Hezbollah pagers explode amid chaos

•

by Pierluigi Paganini / 2d

Remote attack on pagers used by Hezbollah in Lebanon and Syria caused their explosion; at least 8 nine people dead and more than 2,800 injured. At least nine eight individuals, including a child, were killed and over 2,800 were injured due to the explosion of their pagers across Lebanon. A Hezbollah official told Reuters that this incident is the “biggest security breach” in nearly a year of conf

Chinese man charged for spear-phishing against NASA and US Government

Chinese engineer indicted for fraud

•

by Pierluigi Paganini / 2d

US DoJ charged a Chinese national who used spear-phishing emails to obtain sensitive info from NASA, the U.S. Air Force, Navy, Army, and the FAA. The U.S. DoJ charged a Chinese national, Song Wu (39), who used spear-phishing emails to target employees of NASA, the U.S. Air Force, Navy, Army, and the FAA.” The man, who remails at large, used fake email accounts posing as US-based researchers and e

Sep 16, 2024

U.S. CISA adds Microsoft Windows MSHTML Platform and Progress WhatsUp Gold bugs to its Known Exploited Vulnerabilities catalog

2 TTPs

•

by Pierluigi Paganini / 2d

•

CVE-2024-43461

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Windows MSHTML Platform and Progress WhatsUp Gold bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added SonicWall SonicOS, ImageMagick and Linux Kernel vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog . Below are the descriptions for

Taking Control Online: Ensuring Awareness of Data Usage and Consent

by Pierluigi Paganini / 2d

Why do consumers refuse to consent to their data being shared? Ensuring transparency on their usage and consent. In the digital world, trust is essential for the relationships between brands and consumers. However, trust is not a once-off exercise; it’s a continuous process in which each interaction helps build and nurture loyalty over time. This is why it’s crucial to understand the factors cont

Qilin ransomware attack on Synnovis impacted over 900,000 patients

Ransomware leaks data of 1M patients

•

by Pierluigi Paganini / 2d

The personal information of a million individuals was published online following a ransomware attack that in June disrupted NHS hospitals in London. In June, a ransomware attack on pathology and diagnostic services provider Synnovis has severely impacted the operations at several major NHS hospitals in London. The attack forced the impacted hospitals to cancel some healthcare procedures, in some

D-Link addressed three critical RCE in wireless router models

3 TTPs

•

by Pierluigi Paganini / 3d

•

D-Link routers face critical vulnerabilities

D-Link fixed multiple critical flaws in its WiFi 6 routers that allow remote attackers to execute arbitrary code or gain hardcoded credentials. D-Link has addressed three critical vulnerabilities, tracked as CVE-2024-45694 , CVE-2024-45695 , CVE-2024-45697 , impacting three wireless router models. The flaws can allow attackers to remotely execute arbitrary code or access the devices using hardcod

Recently patched Windows flaw CVE-2024-43461 was actively exploited as a zero-day before July 2024

5 TTPs

•

by Pierluigi Paganini / 3d

•

CVE-2024-43461

Microsoft warns that a recently patched Windows flaw, tracked as CVE-2024-43461, was actively exploited as a zero-day before July 2024. Microsoft warns that attackers actively exploited the Windows vulnerability CVE-2024-43461 as a zero-day before July 2024. The vulnerability CVE-2024-43461 is a Windows MSHTML platform spoofing issue. MSHTML is a platform used by Internet Explorer. Although the b

SolarWinds fixed critical RCE CVE-2024-28991 in Access Rights Manager

2 TTPs

•

by Pierluigi Paganini / 3d

SolarWinds addressed a critical remote code execution vulnerability, tracked as CVE-2024-28991, in Access Rights Manager. SolarWinds released security updates to address a critical-severity remote code execution vulnerability, tracked as CVE-2024-28991 (CVSS score of 9.0), in SolarWinds Access Rights Manager (ARM) The flaw is a deserialization of untrusted data remote code execution vulnerability

Apple dismisses lawsuit against surveillance firm NSO Group due to risk of threat intelligence exposure

Apple drops lawsuit against NSO Group

•

by Pierluigi Paganini / 3d

Apple drops its lawsuit against commercial spyware vendor NSO Group, due to the risk of “threat intelligence” information exposure. Apple is seeking to drop its lawsuit against Israeli spyware company NSO Group , citing the risk of “threat intelligence” information exposure. Apple wants to dismiss its lawsuit against NSO Group due to three key developments. First, continuing the lawsuit could com

Sep 15, 2024

Hacker tricked ChatGPT into providing detailed instructions to make a homemade bomb

Hacker bypasses ChatGPT safety measures

•

by Pierluigi Paganini / 3d

A hacker tricked ChatGPT into providing instructions to make homemade bombs demonstrating how to bypass the chatbot safety guidelines. A hacker and artist, who goes online as Amadon, tricked ChatGPT into providing instructions to make homemade bombs bypassing the safety guidelines implemented by the chatbot. Initially, the expert asked for detailed instructions to create a fertilizer bomb similar

End of feed