updated)
-
From: malvuln <malvuln13 () gmail com>Date: Thu, 24 Oct 2024 11:50:25 -0400 Adversary3 malware vulnerability intel tool for third-party attackers living off malware (LOM), updated with 700 malware and C2 panel vulnerabilities https://github.com/malvuln/Adversary3 Thanks, malvuln _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: https://seclists.org/fulldisclosure/
-
MalBot October 15, 2024, 10:36pm 1 Article Link: https://www.youtube.com/watch?v=adAr0KBJm4U
-
Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More
-
At Tesla’s “We, Robot” event at Warner Bros. Studios tonight, Elon Musk unveiled the Tesla Cybercab, Robovan, and an updated version of the Optimus robot. Slashdot is at the event capturing photos and getting demos of everything announced. You can follow along on X. Below is a summary of each of the offerings. Tesla Cybercab:…
-
We’ve been offering our Security Onion documentation in book form on Amazon for a few years and it’s now been updated for the recently released Security Onion 2.4.110!
-
North Korean hackers posing as job recruiters are using updated strains of malware to steal victim information and cryptocurrency.
-
Malicious browser extensions are bypassing Google’s latest security and privacy standard for Chrome extensions, and they are finding their way into the Chrome Web Store — putting organizations and individuals at considerable risk.
-
While most of the impacted individuals had their names, birthdates, home addresses, medical details, driver’s licenses or state IDs, and health insurance information compromised, a few others also had their Social Security numbers, financial information, and passport details potentially stolen as a result of the intrusion.
-
Sophisticated device hijacking and on-device fraud capabilities have been baked into the new Octo Android banking trojan variant dubbed “Octo2,” which has been leveraged in attacks against Italy, Hungary, Moldova, and Poland, according to The Hacker News.
-
Included among the files in the unsecured 193 GB database were information regarding fuel and petroleum shipments, invoices, and delivery tickets to and from companies, pipelines, and industries across several states, including California, Colorado, Oklahoma, Oregon, and Texas between 2019 and August 2024.
-
Nextcloud has launched Nextcloud Hub 9, a significant update to its open-source cloud-based collaboration platform. It introduces several new features to improve user experience, performance, and security.
-
We’ve been offering our Security Onion documentation in book form on Amazon for a few years and it’s now been updated for the recently released Security Onion 2.4.100!
-
QNAP has integrated its latest QTS 5.2 operating system for network-attached storage devices with a new Security Center that facilitates ransomware detection and prevention, reports BleepingComputer.
-
Information compromised due to the misconfiguration included individuals’ names, birth years, shipping addresses, billing addresses, IP addresses, social media accounts, and phone numbers, as well as their credit cards’ last four digits, aircraft and industry details, titles, pilot status, and account activity, said FlightAware in its website.
-
Singapore has recently launched the updated Operational Technology Cybersecurity Masterplan, known as the OT Masterplan 2024, during the fourth edition of the Singapore Operational Technology Cybersecurity Expert Panel (OTCEP) Forum on August 20, 2024.
-
Machines with unsecured SSH passwords have been brute-forced by a novel variant of the Gafgyt botnet, also known as Torlus, BASHLITE, and Lizkebab, to facilitate cryptomining with the XMRig malware and the impacted devices’ GPU computational capabilities, according to The Hacker News.
-
CISA and FBI issue updated alert on BlackSuit ransomware targeting critical infrastructure sectors
·
The U.S. CISA (Cybersecurity and Infrastructure Security Agency), in partnership with the Federal Bureau of Investigation (FBI), updated an earlier cybersecurity advisory to notify network defenders of the rebrand of ‘Royal’ ransomware actors to ‘BlackSuit.’ The update includes recent and historically observed tactics, techniques, and procedures (TTPs), indicators of compromise (IOCs), and detection methods related…
-
Downgrade Attacks Could Affect Fully Updated Windows Systems With Previously Patched Vulnerabilities
·
A security researcher has uncovered a new threat within the Windows operating system that challenges the very notion of a fully-patched system. The new threat demonstrated by the researcher-built tool ‘Windows Downdate’ allows malicious actors to bypass critical built-in security measures and expose systems to previously fixed vulnerabilities.