"Telegram Marketplaces fuel phishing attacks with easy-to-use-kits and malware."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents.  Accessed on 31 January 2024, 1555 UTC.

Content and Source:  https://feedly.com/i/collection/content/user/f401222a-bca6-4c45-9cc1-183f239e8d86/category/7737d3c9-5fe2-4b34-8708-85e57085f895 ("Security News Bundle").

Please scroll down to read your selections.  Thanks for joining us today.

Russ Roberts (https://hawaiicybersecurityjournal.net).

Security News Bundle

23

MOST POPULAR

Telegram Marketplaces Fuel Phishing Attacks with Easy-to-Use Kits and Malware

6 TTPs

•

51The Hacker News / 3h

Cybersecurity researchers are calling attention to the "democratization" of the phishing ecosystem owing to the emergence of Telegram as an epicenter for cybercrime, enabling threat actors to mount a mass attack for as little as $230. "This messaging app has transformed into a bustling hub where seasoned cybercriminals and newcomers alike exchange illicit tools and insights creating a dark and

Cyberattack disrupts IT systems in Fulton County, Georgia

Cyberattack hits Fulton County

•

CyberScoop / 1h

The post appeared first on CyberScoop .

AI-Powered Attacks and Deepfake Technology Fuel Cyberattack Concern

IT Security Guru / 2h

Today, password security pros, Keeper Security have released the key findings from its latest survey about the state of cybersecurity and the burgeoning threats that are keeping cyber professionals up at night. The survey of more than 800 IT security leaders around the globe finds that the vast majority (95%) believe cyberattacks are more sophisticated than they have ever been. AI-powered attacks

TODAY

Ivanti releases patches for VPN zero-days, discloses two more high-severity vulns

2 TTPs

•

The Register – Security / 7min

Many versions still without fixes while sophisticated attackers bypass mitigations Ivanti has finally released the first round of patches for vulnerability-stricken Connect Secure and Policy Secure gateways, but in doing so has also found two additional zero-days, one of which is under active exploitation.…

Ivanti warns of a new actively exploited zero-day

2 TTPs

•

Security Affairs / 52min

Ivanti warns of two new vulnerabilities in its Connect Secure and Policy Secure products, one of which is actively exploited in the wild. Ivanti is warning of two new high-severity vulnerabilities in its Connect Secure and Policy Secure solutions respectively tracked as CVE-2024-21888 (CVSS score: 8.8) and CVE-2024-21893 (CVSS score: 8.2). The software company also warned that one of these two vu

Recognizing Security as a Strategic Component of Business

Dark Reading / 53min

In today's environments, security can be a revenue enabler, not just a cost center. Organizations should take advantage of the opportunities.

Johnson Controls says ransomware attack cost $27 million, data stolen

BleepingComputer / 56min

Johnson Controls International has confirmed that a September 2023 ransomware attack cost the company $27 million in expenses and led to a data breach after hackers stole corporate data. [...]

Ivanti warns of new Connect Secure zero-day exploited in attacks

4 TTPs

•

31BleepingComputer / 2h

Today, Ivanti warned of two more vulnerabilities impacting Connect Secure, Policy Secure, and ZTA gateways, one of them a zero-day bug already under active exploitation. [...]

Two More Individuals Charged for DraftKings Hacking

Two more charged in DraftKings hacking

•

SecurityWeek / 3h

Nathan Austad and Kamerin Stokes have been charged for hacking user accounts at fantasy sports and betting website DraftKings. The post appeared first on SecurityWeek .

Aim Security Raises $10M to Tackle Shadow AI

Prompt Security raises $5M

•

SecurityWeek / 3h

A new Israeli startup called Aim Security has raised $10 million in seed financing to help with the secure deployment of generative-AI technologies. The post appeared first on SecurityWeek .

How to Align Your Incident Response Practices With the New SEC Disclosure Rules

SecurityWeek / 3h

By turning incident response simulation into a continuous process and employing innovative tools, you can address the stringent requirements of the new SEC incident disclosure rules. The post appeared first on SecurityWeek .

US Sanctions Two ISIS-Affiliated ‘Cybersecurity Experts’

US sanctions Egyptian ISIS cyber trainers

•

SecurityWeek / 3h

US Treasury Department announces sanctions against two Egyptian nationals accused of running an ISIS cyber platform. The post appeared first on SecurityWeek .

45,000 Exposed Jenkins Instances Found Amid Reports of In-the-Wild Exploitation

OS Credential Dumping (Enterprise T1003)

•

SecurityWeek / 3h

•

CVE-2024-23897

Shadowserver Foundation has seen 45,000 Jenkins instances affected by CVE-2024-23897, which may already be exploited in attacks. The post appeared first on SecurityWeek .

Threat actors exploit Ivanti VPN bugs to deploy KrustyLoader Malware

4 TTPs

•

Security Affairs / 3h

Threat actors are exploiting recently disclosed zero-day flaws in Ivanti Connect Secure (ICS) VPN devices to deliver KrustyLoader. In early January 2024, software firm Ivanti reported that threat actors were exploiting two zero-day vulnerabilities ( CVE-2023-46805, CVE-2024-21887 ) in Connect Secure (ICS) and Policy Secure to remotely execute arbitrary commands on targeted gateways. Researchers f

The SEC Won't Let CISOs Be: Understanding New SaaS Cybersecurity Rules

32The Hacker News / 4h

The SEC isn’t giving SaaS a free pass. Applicable public companies, known as “registrants,” are now subject to cyber incident disclosure and cybersecurity readiness requirements for data stored in SaaS systems, along with the 3rd and 4th party apps connected to them. The new cybersecurity mandates make no distinction between data exposed in a breach that was stored on-premise, in the

Italian Businesses Hit by Weaponized USBs Spreading Cryptojacking Malware

8 TTPs

•

38The Hacker News / 4h

A financially motivated threat actor known as UNC4990 is leveraging weaponized USB devices as an initial infection vector to target organizations in Italy. Google-owned Mandiant said the attacks single out multiple industries, including health, transportation, construction, and logistics. "UNC4990 operations generally involve widespread USB infection followed by the deployment of the

Introducing meaningful AI features for information security in 2024

IT Security Guru / 4h

Nick Graham, Chief Technology Officer at information security software business Hicomply discusses the recent surge in interest around artificial intelligence. He explains why his company is focused on developing AI tools that deliver benefits over media buzz. There’s been a distinct pattern to the way that tech trends manifest over the last 20 years or so. Whether it’s The Internet of Things, bl

Hitron DVR Zero-Day Vulnerabilities Exploited by InfectedSlurs Botnet

3 TTPs

•

SecurityWeek / 5h

Akamai flags six zero-day vulnerabilities in Hitron DVRs exploited to ensnare devices in the InfectedSlurs botnet. The post appeared first on SecurityWeek .