Oktacron logo
Cyber security aggregate rss news

Cyber security aggregator - feeds history
image for Spotlight Podcast: R ...

 APT

In this Spotlight Security Ledger podcast, Chris Petersen, the CEO and founder of RADICL, talks about his company's mission to protect small and midsized businesses serving the defense industrial base, which are increasingly in the cross-hairs of sophisticated, nation-state actors. The post Spotlight Podcast:   show more ...

RADICL Is Coming To The Rescue Of...Read the whole entry... » Click the icon below to listen. Related StoriesIs a DEF CON Village the right way to assess AI risk?Sickened by Software? Changing The Way We Talk About 0DaysEpisode 253: DevSecOps Worst Practices With Tanya Janca of We Hack Purple

image for The Role of the CISO ...

 Feed

A successful CISO should play a leading role in digital transformation and cloud migration initiatives in their organization. The CISO is responsible for making sure technical security controls are designed and implemented appropriately, and changes are properly managed, with security in mind from the very start. 

 Security Tips and Advice

The CISA is pushing for manufacturers and vendors to take responsibility for the security of their products. CISA wants detailed data and logs from technology companies to prove they are incorporating security measures.

 Malware and Vulnerabilities

The use of the ZPAQ compression format by threat actors in this malware campaign highlights the need for improved security measures and awareness regarding lesser-known archive tools.

 Malware and Vulnerabilities

Researchers from the Electronic Frontier Foundation have discovered that the Dragon Touch KidzPad Y88X 10 tablet, sold on Amazon, contains malware and preinstalled riskware. The tablet also comes with an outdated parental control app called KIDOZ.

 Trends, Reports, Analysis

Business logic attacks, which exploit the intended functionality of applications and APIs, have increased in the past year, making up 42.6% of attacks on retail sites and highlighting the vulnerability of the e-commerce industry.

 Malware and Vulnerabilities

The 8Base ransomware attackers have incorporated a new variant of the Phobos ransomware and publicly available tools for financially motivated attacks. The variant used by the 8Base group includes features that can enable attackers to establish persistence on victims’ systems, perform speedy encryption, and remove   show more ...

backup and shadow copies. Organizations are recommended to keep track of the threats by following the latest IOCs associated with the ransomware.

 Breaches and Incidents

The attack prompted SIAAP to file a complaint with authorities and take immediate measures to secure their systems to prevent further spread. It has prioritized maintaining the public sanitation service and is working to ensure a return to normalcy.

 Incident Response, Learnings

Vikas Singla, the former COO of a cybersecurity company, pleaded guilty to hacking two hospitals in an attempt to boost his company's business. Singla disrupted phone and printer services at the hospitals and stole personal information from patients.

 Incident Response, Learnings

The Information Commissioner’s Office (ICO) said that a complaint was first lodged back in June 2019, after a patient raised concerns that their records had been improperly accessed by Loretta Alborghetti, from Redditch.

 Feed

Ubuntu Security Notice 6492-1 - Kathrin Kleinhammer discovered that Mosquitto incorrectly handled certain inputs. If a user or an automated system were provided with a specially crafted input, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS.   show more ...

Zhanxiang Song discovered that Mosquitto incorrectly handled certain inputs. If a user or an automated system were provided with a specially crafted input, a remote attacker could possibly use this issue to cause an authorisation bypass. This issue only affected Ubuntu 22.04 LTS and Ubuntu 23.04.

 Feed

Ubuntu Security Notice 6493-2 - USN-6493-1 fixed a vulnerability in hibagent. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. On Ubuntu 18.04 LTS and Ubuntu 16.04 LTS, the hibagent package has been updated to add IMDSv2 support, as IMDSv1 uses an insecure protocol and is no longer recommended.

 Feed

Ubuntu Security Notice 6493-1 - On Ubuntu 20.04 LTS and Ubuntu 22.04 LTS, the hibagent package has been updated to add IMDSv2 support, as IMDSv1 uses an insecure protocol and is no longer recommended. In addition, on all releases, hibagent has been updated to do nothing if ODH is configured.

 Feed

Ubuntu Security Notice 6491-1 - Axel Chong discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. Zeyu Zhang discovered that Node.js incorrectly   show more ...

handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 22.04 LTS.

 Feed

Ubuntu Security Notice 6490-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

 Feed

Ubuntu Security Notice 6488-1 - Florian Picca discovered that strongSwan incorrectly handled certain DH public values. A remote attacker could use this issue to cause strongSwan to crash, resulting in a denial of service, or possibly execute arbitrary code.

 Feed

Ubuntu Security Notice 6489-1 - Brian McDermott discovered that Tang incorrectly handled permissions when creating/rotating keys. A local attacker could possibly use this issue to read the keys.

 Feed

Ubuntu Security Notice 6497-1 - Evgeny Vereshchagin discovered that Avahi contained several reachable assertions, which could lead to intentional assertion failures when specially crafted user input was given. An attacker could possibly use this issue to cause a denial of service.

 Feed

The China-linked Mustang Panda actor has been linked to a cyber attack targeting a Philippines government entity amid rising tensions between the two countries over the disputed South China Sea. Palo Alto Networks Unit 42 attributed the adversarial collective to three campaigns in August 2023, primarily singling out organizations in the South Pacific. "The campaigns leveraged legitimate software

 Feed

The Kinsing threat actors are actively exploiting a critical security flaw in vulnerable Apache ActiveMQ servers to infect Linux systems with cryptocurrency miners and rootkits. "Once Kinsing infects a system, it deploys a cryptocurrency mining script that exploits the host's resources to mine cryptocurrencies like Bitcoin, resulting in significant damage to the infrastructure and a negative

 Feed

Android smartphone users in India are the target of a new malware campaign that employs social engineering lures to install fraudulent apps that are capable of harvesting sensitive data. “Using social media platforms like WhatsApp and Telegram, attackers are sending messages designed to lure users into installing a malicious app on their mobile device by impersonating legitimate organizations,

 Feed

The ransomware strain known as Play is now being offered to other threat actors "as a service," new evidence unearthed by Adlumin has revealed. "The unusual lack of even small variations between attacks suggests that they are being carried out by affiliates who have purchased the ransomware-as-a-service (RaaS) and are following step-by-step instructions from playbooks delivered with it," the

 Feed

A new variant of the Agent Tesla malware has been observed delivered via a lure file with the ZPAQ compression format to harvest data from several email clients and nearly 40 web browsers. "ZPAQ is a file compression format that offers a better compression ratio and journaling function compared to widely used formats like ZIP and RAR," G Data malware analyst Anna Lvova said in a Monday analysis.

 Feed

Phishing attacks are steadily becoming more sophisticated, with cybercriminals investing in new ways of deceiving victims into revealing sensitive information or installing malicious software. One of the latest trends in phishing is the use of QR codes, CAPTCHAs, and steganography. See how they are carried out and learn to detect them. Quishing Quishing, a phishing technique resulting from the

2023-11
Aggregator history
Tuesday, November 21
WED
THU
FRI
SAT
SUN
MON
TUE
NovemberDecemberJanuary