BSidesTLV 2022 – Ayelet HaShachar Penrod’s ‘Hack LinkedIn Networking (The People Skill, Not The Tech Skill)’Our thanks to BSidesTLV for publishing their outstanding conference videos on...
Day: August 25, 2022
0 - CT 0 - CT - SOC - CSIRT Operations - SOAR Automation & Playbooks Cyber Security News Security Boulevard
Elastic Security Advances SOAR Integration
Elastic Security Advances SOAR Integration Elastic Security today updated its security orchestration, automation and response (SOAR) platform to provide integrations with similar platforms as part of...
Security Awareness Games in Slack
Security Awareness Games in SlackUsers love ❤️ learning in Slack. We hear this consistently from our users. The interactions are fast and the content is digestible.Games...
Meet Borat RAT, a New Unique Triple Threat
Meet Borat RAT, a New Unique Triple ThreatAtlanta-based cyber risk intelligence company, Cyble discovered a new Remote Access Trojan (RAT) malware. What makes this particular RAT...
Researchers Find Counterfeit Phones with Backdoor to Hack WhatsApp Accounts
Researchers Find Counterfeit Phones with Backdoor to Hack WhatsApp AccountsBudget Android device models that are counterfeit versions associated with popular smartphone brands are harboring multiple trojans...
0 - CT 0 - CT - Cybersecurity Organizations - CISA 0 - CT - Cybersecurity Vendors - Palo Alto Networks Cyber Security News The Hacker News
CISA Warns of Active Exploitation of Palo Alto Networks’ PAN-OS Vulnerability
CISA Warns of Active Exploitation of Palo Alto Networks' PAN-OS VulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a security flaw impacting Palo Alto Networks...
“As Nasty as Dirty Pipe” — 8 Year Old Linux Kernel Vulnerability Uncovered
"As Nasty as Dirty Pipe" — 8 Year Old Linux Kernel Vulnerability UncoveredDetails of an eight-year-old security vulnerability in the Linux kernel have emerged that the...
The Rise of Data Exfiltration and Why It Is a Greater Risk Than Ransomware
The Rise of Data Exfiltration and Why It Is a Greater Risk Than RansomwareRansomware is the de facto threat organizations have faced over the past few...
0 - CT 0 - CT - SOC - CSIRT Operations - Cyber Incidents & Attacks Notepad 0 - CT - SOC - CSIRT Operations - Data Leak & Breach Incidents Notepad Cyber Security News The Hacker News
New Air-Gap Attack Uses MEMS Gyroscope Ultrasonic Covert Channel to Leak Data
New Air-Gap Attack Uses MEMS Gyroscope Ultrasonic Covert Channel to Leak DataA novel data exfiltration technique has been found to leverage a covert ultrasonic channel to...
Suspected Iranian Hackers Targeted Several Israeli Organizations for Espionage
Suspected Iranian Hackers Targeted Several Israeli Organizations for EspionageA suspected Iranian threat activity cluster has been linked to attacks aimed at Israeli shipping, government, energy, and...
XCSSET Malware Updates with Python 3 to Target macOS Monterey Users
XCSSET Malware Updates with Python 3 to Target macOS Monterey UsersThe operators of the XCSSET macOS malware have upped the stakes by making iterative improvements that...
Google Uncovers Tool Used by Iranian Hackers to Steal Data from Email Accounts
Google Uncovers Tool Used by Iranian Hackers to Steal Data from Email AccountsThe Iranian government-backed actor known as Charming Kitten has added a new tool to...
GitLab Issues Patch for Critical Flaw in its Community and Enterprise Software
GitLab Issues Patch for Critical Flaw in its Community and Enterprise SoftwareDevOps platform GitLab this week issued patches to address a critical security flaw in its...
0 - CT 0 - CT - SOC - CSIRT Operations - Cyber Incidents & Attacks Notepad Cyber Security News The Hacker News
Researchers Warn of AiTM Attack Targeting Google G-Suite Enterprise Users
Researchers Warn of AiTM Attack Targeting Google G-Suite Enterprise UsersThe threat actors behind a large-scale adversary-in-the-middle (AiTM) phishing campaign targeting enterprise users of Microsoft email services have also...
Guide: How Service Providers can Deliver vCISO Services at Scale
Guide: How Service Providers can Deliver vCISO Services at ScaleFrom ransomware to breaches, from noncompliance penalties to reputational damage – cyberthreats pose an existential risk to...
0 - CT 0 - CT - Cybersecurity Tools - ANTI DDOS 0 - CT - SOC - CSIRT Operations - DDOS Attacks 0 - CT - SOC - CSIRT Operations - Malware & Ransomware Cyber Security News The Hacker News
Hackers Using Fake DDoS Protection Pages to Distribute Malware
Hackers Using Fake DDoS Protection Pages to Distribute MalwareWordPress sites are being hacked to display fraudulent Cloudflare DDoS protection pages that lead to the delivery of...
Laptop denial-of-service via music: the 1980s R&B song with a CVE!
Laptop denial-of-service via music: the 1980s R&B song with a CVE!We haven't validated this vuln ourselves... but the source of the story is impeccable. (Impeccably dressed,...
0 - CT 0 - CT - SOC - CSIRT Operations - Cyber Incidents & Attacks Notepad Cyber Security News nakedsecurity
Bitcoin ATMs leeched by attackers who created fake admin accounts
Bitcoin ATMs leeched by attackers who created fake admin accountsThe criminals didn't implant any malware. The attack was orchestrated via malevolent configuration changes.Leer másNaked SecurityThe criminals...
Air-Gapped Devices Can Send Covert Morse Signals via Network Card LEDs
Air-Gapped Devices Can Send Covert Morse Signals via Network Card LEDsA security researcher who has a long line of work demonstrating novel data exfiltration methods from...
0 - CT 0 - CT - SOC - CSIRT Operations - Data Leak & Breach Incidents Notepad Cyber Security News nakedsecurity
Breaching airgap security: using your phone’s compass as a microphone!
Breaching airgap security: using your phone’s compass as a microphone!One bit per second makes the Voyager probe data rate seem blindingly fast. But it's enough to...
Crypto Miners Using Tox P2P Messenger as Command and Control Server
Crypto Miners Using Tox P2P Messenger as Command and Control ServerThreat actors have begun to use the Tox peer-to-peer instant messaging service as a command-and-control method,...