Hawaii Cybersecurity Journal: July 2023

Monday, July 31, 2023

The Hacker News: Daily Updates.

"Webinar: Riding the vCISO Wave: How to provide vCISO services."

Views expressed in this cybersecurity, cybercrime update are those of the reporters and correspondents. Accessed on 31 July 2023, 1427 UTC. Content provided by email subscription to "The Hacker News Daily Updates."

Source: https://mail.google.com/mail/u/0/#inbox/FMfcgzGtwMkDDTmCSTFFxqBBkqnWqvrP ("The Hacker News Daily Updates").

Please click link or scroll down to read your selections. Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net

The Hacker News Daily Updates

Webinar: Rethinking Insider Threats - a Tale of SaaS Security Posture Management

Learn how to proactively prevent security breaches and ensure compliance with SaaS Security Posture Management.

Download Now

LATEST NEWS

Jul 31, 2023

Webinar: Riding the vCISO Wave: How to Provide vCISO Services

Demand for Virtual CISO services is soaring. According to Gartner, the use of vCISO services among small and mid-size businesses and non-regulated ent... ...

AVRecon Botnet Leveraging Compromised Routers to Fuel Illegal Proxy Service

More details have emerged about a botnet called AVRecon, which has been observed making use of compromised small office/home office (SOHO) routers as... ...

Journey to a Secure Software Supply Chain

Go from Complete Anarchy to Nirvana on the 5 stage journey to securing your software supply chain. Get informed guidance and best practices - Download the free ...

Fruity Trojan Uses Deceptive Software Installers to Spread Remcos RAT

Threat actors are creating fake websites hosting trojanized software installers to trick unsuspecting users into downloading a downloader malware call... ...

Multiple Flaws Found in Ninja Forms Plugin Leave 800,000 Sites Vulnerable

Multiple security vulnerabilities have been disclosed in the Ninja Forms plugin for WordPress that could be exploited by threat actors to escalate pri... ...

New Android Malware CherryBlos Utilizing OCR to Steal Sensitive Data

A new Android malware strain called CherryBlos has been observed making use of optical character recognition (OCR) techniques to gather sensitive da... ...

RFP Template for Browser Security

Increasing cyber threats and attacks have made protecting organizational data a paramount concern for businesses of all sizes. A group of experts have... ...

Apple Sets New Rules for Developers to Prevent Fingerprinting and Data Misuse

Apple has announced plans to require developers to submit reasons to use certain APIs in their apps starting later this year with the release of iOS 1... ...

Webinar: Rethinking Insider Threats - a Tale of SaaS Security Posture Management

Learn how to proactively prevent security breaches and ensure compliance with SaaS Security Posture Management.

Download Now

BleepingComputer.com: Cybersecurity News.

"Microsoft Edge is getting a 'darker' dark mode theme."

Views expressed in this cybersecurity, cybercrime update are those of the reporters and correspondents. Accessed on 30 July 2023, 1334 UTC. Content provided by "BleepingComputer.com."

Source: https://www.bleepingcomputer.com/ ("BleepingComputer.com").

Please click link or scroll down to read your selections. Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

LATEST ARTICLES

MICROSOFT, SOFTWARE

Microsoft Edge is getting a 'darker' dark mode theme

Microsoft has quietly announced an enhancement to the Edge browser's dark mode, making it even darker.
MAYANK PARMAR

JULY 30, 2023

08:16 AM

0

SECURITY

Israel's largest oil refinery website offline amid cyber attack claims

Website of Israel's largest oil refinery operator, BAZAN Group is inaccessible from most parts of the world as threat actors claim to have hacked the Group's cyber systems.
AX SHARMA

JULY 30, 2023

05:40 AM

0

SECURITY

Linux version of Abyss Locker ransomware targets VMware ESXi servers

The Abyss Locker operation is the latest to develop a Linux encryptor to target VMware's ESXi virtual machines platform in attacks on the enterprise.
LAWRENCE ABRAMS

JULY 29, 2023

11:17 AM

0

GOOGLE, SECURITY, SOFTWARE, TECHNOLOGY

Browser developers push back on Google's “web DRM” WEI API

Google's plans to introduce the Web Environment Integrity (WEI) API on Chrome has been met with fierce backlash from internet software developers, drawing criticism for limiting user freedom and undermining the core principles of the open web.
BILL TOULAS

JULY 29, 2023

10:11 AM

3

TECHNOLOGY

Apple rejects new name 'X' for Twitter iOS app because... rules

Mr. Musk may have successfully pushed Twitter's new name and logo, 'X', and even made the vanity domain x.com redirect to the social media website, but that's not to say, the Mathematical double-struck letter will fit the bill everywhere. Apple's App Store can't accept Twitter iOS app's new name due to minimum character requirements
AX SHARMA

JULY 29, 2023

06:33 AM

7

SECURITY

CISA: New Submarine malware found on hacked Barracuda ESG appliances

CISA says new malware known as Submarine was used to backdoor Barracuda ESG (Email Security Gateway) appliances on federal agencies' networks by exploiting a now-patched zero-day bug.
SERGIU GATLAN

JULY 28, 2023

05:27 PM

0

APPLE

Apple says new App Store API rules will limit user fingerprinting

Starting this fall, Apple has announced that developers will be required to provide a reason for using certain APIs that can collect information from their apps' users.
SERGIU GATLAN

JULY 28, 2023

04:26 PM

0

SECURITY

The Week in Ransomware - July 28th 2023 - New extortion tactics

With ransom payments declining, ransomware gangs are evolving their extortion tactics to utilize new methods to pressure victims.
LAWRENCE ABRAMS

JULY 28, 2023

04:01 PM

0

SECURITY

Ivanti patches new zero-day exploited in Norwegian govt attacks

Ivanti has fixed another vulnerability in the Endpoint Manager Mobile software (formerly MobileIron Core), exploited as a zero-day to breach the IT systems of a dozen ministries in Norway.
SERGIU GATLAN

JULY 28, 2023

03:38 PM

0

SECURITY

Twitter's rebranding to 'X' triggers Microsoft Edge security alert

Microsoft Edge web browser has been displaying security warnings after Twitter changed its name to 'X'. It's got to do with a security feature dubbed 'Progressive Web App Icon change', designed to keep users safe during app icon or name changes.
AX SHARMA

JULY 28, 2023

12:30 PM

3

SECURITY

CISA warns of breach risks from IDOR web app vulnerabilities

CISA warned today of the significant breach risks linked to insecure direct object reference (IDOR) vulnerabilities impacting web applications in a joint advisory with the Australian Cyber Security Centre (ACSC) and U.S. National Security Agency (NSA).
SERGIU GATLAN

JULY 28, 2023

12:10 PM

0

SECURITY, GOOGLE, MOBILE

New Android malware uses OCR to steal credentials from images

Two new Android malware families named 'CherryBlos' and 'FakeTrade' were discovered on Google Play, aiming to steal cryptocurrency credentials and funds or conduct scams.
BILL TOULAS

JULY 28, 2023

11:31 AM

0

SECURITY, EDUCATION

Hawai'i Community College pays ransomware gang to prevent data leak

The Hawaiʻi Community College has admitted that it paid a ransom to ransomware actors to prevent the leaking of stolen data of approximately 28,000 people.
BILL TOULAS

JULY 28, 2023

09:45 AM

4

SECURITY, CRYPTOCURRENCY

CoinsPaid blames Lazarus hackers for theft of $37,300,000 in crypto

Estonian crypto-payments service provider CoinsPaid has announced that it experienced a cyber attack on July 22nd, 2023, that resulted in the theft of $37,200,000 worth of cryptocurrency.
BILL TOULAS

JULY 27, 2023

05:58 PM

0

SECURITY

BreachForums database and private chats for sale in hacker data breach

While consumers are usually the ones worried about their information being exposed in data breaches, it's now the hacker's turn, as the notorious Breached cybercrime forum's database is up for sale and member data shared with Have I Been Pwned.
LAWRENCE ABRAMS

JULY 27, 2023

05:36 PM

0

SECURITY

Zimbra patches zero-day vulnerability exploited in XSS attacks

Two weeks after the initial disclosure, Zimbra has released security updates that patch a zero-day vulnerability exploited in attacks targeting Zimbra Collaboration Suite (ZCS) email servers.
SERGIU GATLAN

JULY 27, 2023

02:57 PM

0
1

2

3

4

5

VIEW MORE

Monday, July 31, 2023

"Webinar: Riding the vCISO Wave: How to provide vCISO services."

Views expressed in this cybersecurity, cybercrime update are those of the reporters and correspondents. Accessed on 31 July 2023, 1427 UTC. Content provided by email subscription to "The Hacker News Daily Updates."

Source: https://mail.google.com/mail/u/0/#inbox/FMfcgzGtwMkDDTmCSTFFxqBBkqnWqvrP ("The Hacker News Daily Updates").

Please click link or scroll down to read your selections. Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net

Sunday, July 30, 2023

"Microsoft Edge is getting a 'darker' dark mode theme."

Views expressed in this cybersecurity, cybercrime update are those of the reporters and correspondents. Accessed on 30 July 2023, 1334 UTC. Content provided by "BleepingComputer.com."

Source: https://www.bleepingcomputer.com/ ("BleepingComputer.com").

Please click link or scroll down to read your selections. Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

LATEST ARTICLES MICROSOFT, SOFTWARE

Microsoft has quietly announced an enhancement to the Edge browser's dark mode, making it even darker.MAYANK PARMAR JULY 30, 2023 08:16 AM 0 SECURITY

Website of Israel's largest oil refinery operator, BAZAN Group is inaccessible from most parts of the world as threat actors claim to have hacked the Group's cyber systems.AX SHARMA JULY 30, 2023 05:40 AM 0 SECURITY

The Abyss Locker operation is the latest to develop a Linux encryptor to target VMware's ESXi virtual machines platform in attacks on the enterprise.LAWRENCE ABRAMS JULY 29, 2023 11:17 AM 0 GOOGLE, SECURITY, SOFTWARE, TECHNOLOGY

Google's plans to introduce the Web Environment Integrity (WEI) API on Chrome has been met with fierce backlash from internet software developers, drawing criticism for limiting user freedom and undermining the core principles of the open web.BILL TOULAS JULY 29, 2023 10:11 AM 3 TECHNOLOGY

CISA says new malware known as Submarine was used to backdoor Barracuda ESG (Email Security Gateway) appliances on federal agencies' networks by exploiting a now-patched zero-day bug.SERGIU GATLAN JULY 28, 2023 05:27 PM 0 APPLE

Starting this fall, Apple has announced that developers will be required to provide a reason for using certain APIs that can collect information from their apps' users.SERGIU GATLAN JULY 28, 2023 04:26 PM 0 SECURITY

With ransom payments declining, ransomware gangs are evolving their extortion tactics to utilize new methods to pressure victims.LAWRENCE ABRAMS JULY 28, 2023 04:01 PM 0 SECURITY

Ivanti has fixed another vulnerability in the Endpoint Manager Mobile software (formerly MobileIron Core), exploited as a zero-day to breach the IT systems of a dozen ministries in Norway.SERGIU GATLAN JULY 28, 2023 03:38 PM 0 SECURITY

Microsoft Edge web browser has been displaying security warnings after Twitter changed its name to 'X'. It's got to do with a security feature dubbed 'Progressive Web App Icon change', designed to keep users safe during app icon or name changes.AX SHARMA JULY 28, 2023 12:30 PM 3 SECURITY

Two new Android malware families named 'CherryBlos' and 'FakeTrade' were discovered on Google Play, aiming to steal cryptocurrency credentials and funds or conduct scams.BILL TOULAS JULY 28, 2023 11:31 AM 0 SECURITY, EDUCATION

The Hawaiʻi Community College has admitted that it paid a ransom to ransomware actors to prevent the leaking of stolen data of approximately 28,000 people.BILL TOULAS JULY 28, 2023 09:45 AM 4 SECURITY, CRYPTOCURRENCY

Estonian crypto-payments service provider CoinsPaid has announced that it experienced a cyber attack on July 22nd, 2023, that resulted in the theft of $37,200,000 worth of cryptocurrency.BILL TOULAS JULY 27, 2023 05:58 PM 0 SECURITY

While consumers are usually the ones worried about their information being exposed in data breaches, it's now the hacker's turn, as the notorious Breached cybercrime forum's database is up for sale and member data shared with Have I Been Pwned.LAWRENCE ABRAMS JULY 27, 2023 05:36 PM 0 SECURITY

Two weeks after the initial disclosure, Zimbra has released security updates that patch a zero-day vulnerability exploited in attacks targeting Zimbra Collaboration Suite (ZCS) email servers.SERGIU GATLAN JULY 27, 2023 02:57 PM 01 2 3 4 5 VIEW MORE

LATEST ARTICLES

MICROSOFT, SOFTWARE

Microsoft has quietly announced an enhancement to the Edge browser's dark mode, making it even darker.
MAYANK PARMAR

JULY 30, 2023

08:16 AM

0

SECURITY

Website of Israel's largest oil refinery operator, BAZAN Group is inaccessible from most parts of the world as threat actors claim to have hacked the Group's cyber systems.
AX SHARMA

JULY 30, 2023

05:40 AM

0

SECURITY

The Abyss Locker operation is the latest to develop a Linux encryptor to target VMware's ESXi virtual machines platform in attacks on the enterprise.
LAWRENCE ABRAMS

JULY 29, 2023

11:17 AM

0

GOOGLE, SECURITY, SOFTWARE, TECHNOLOGY

Google's plans to introduce the Web Environment Integrity (WEI) API on Chrome has been met with fierce backlash from internet software developers, drawing criticism for limiting user freedom and undermining the core principles of the open web.
BILL TOULAS

JULY 29, 2023

10:11 AM

3

TECHNOLOGY

CISA says new malware known as Submarine was used to backdoor Barracuda ESG (Email Security Gateway) appliances on federal agencies' networks by exploiting a now-patched zero-day bug.
SERGIU GATLAN

JULY 28, 2023

05:27 PM

0

APPLE

Starting this fall, Apple has announced that developers will be required to provide a reason for using certain APIs that can collect information from their apps' users.
SERGIU GATLAN

JULY 28, 2023

04:26 PM

0

SECURITY

With ransom payments declining, ransomware gangs are evolving their extortion tactics to utilize new methods to pressure victims.
LAWRENCE ABRAMS

JULY 28, 2023

04:01 PM

0

SECURITY

Ivanti has fixed another vulnerability in the Endpoint Manager Mobile software (formerly MobileIron Core), exploited as a zero-day to breach the IT systems of a dozen ministries in Norway.
SERGIU GATLAN

JULY 28, 2023

03:38 PM

0

SECURITY

Microsoft Edge web browser has been displaying security warnings after Twitter changed its name to 'X'. It's got to do with a security feature dubbed 'Progressive Web App Icon change', designed to keep users safe during app icon or name changes.
AX SHARMA

JULY 28, 2023

12:30 PM

3

SECURITY

Two new Android malware families named 'CherryBlos' and 'FakeTrade' were discovered on Google Play, aiming to steal cryptocurrency credentials and funds or conduct scams.
BILL TOULAS

JULY 28, 2023

11:31 AM

0

SECURITY, EDUCATION

The Hawaiʻi Community College has admitted that it paid a ransom to ransomware actors to prevent the leaking of stolen data of approximately 28,000 people.
BILL TOULAS

JULY 28, 2023

09:45 AM

4

SECURITY, CRYPTOCURRENCY

Estonian crypto-payments service provider CoinsPaid has announced that it experienced a cyber attack on July 22nd, 2023, that resulted in the theft of $37,200,000 worth of cryptocurrency.
BILL TOULAS

JULY 27, 2023

05:58 PM

0

SECURITY

While consumers are usually the ones worried about their information being exposed in data breaches, it's now the hacker's turn, as the notorious Breached cybercrime forum's database is up for sale and member data shared with Have I Been Pwned.
LAWRENCE ABRAMS

JULY 27, 2023

05:36 PM

0

SECURITY

Two weeks after the initial disclosure, Zimbra has released security updates that patch a zero-day vulnerability exploited in attacks targeting Zimbra Collaboration Suite (ZCS) email servers.
SERGIU GATLAN

JULY 27, 2023

02:57 PM

0
1

2

3

4

5

VIEW MORE