Friday, December 27, 2024

Security News Bundle.

"Cloud Atlas deploys VBCloud Malware: Over 80% of targets found in Russia."

Views expressed in this cybersecurity, cyber crime update are those of the reporters and correspondents. Accessed on 27 December 2024, 1523 UTC.

Content and Source: Email subscription from https://feedly.com.

https://feedly.com/i/collection/content/user/f401222a-bca6-4c45-9cc1-183f239e8d86/category/7737d3c9-5fe2-4b34-8708-85e57085f895

Please check link or scroll down to read your selections. Thanks for joining us today.

Russ Roberts (https://www.hawaiicybersecurityjournal.net).

Security News Bundle

15

Most popular

Cloud Atlas Deploys VBCloud Malware: Over 80% of Targets Found in Russia
21 TTPs
•
54The Hacker News / 3h
The threat actor known as Cloud Atlas has been observed using a previously undocumented malware called VBCloud as part of its cyber attack campaigns targeting "several dozen users" in 2024. "Victims get infected via phishing emails containing a malicious document that exploits a vulnerability in the formula editor (CVE-2018-0802) to download and execute malware code," Kaspersky researcher Oleg
Quantum Computing Advances in 2024 Put Security In Spotlight
Dark Reading / 1h
The work on quantum computing hit some major milestones in 2024, making the path to a workable quantum computer seem closer than ever. Google, Microsoft, and other research efforts hit significant milestones this year, but is the cybersecurity world ready?
I've been testing the giant Echo Show 21 for weeks - here's who should buy it (and who shouldn't)
ZDNet | Security / 1h
Is the enormous Echo Show 21 Amazon's best smart display or its biggest missed opportunity? Here's what I think.

Today

Hackers Are Hot for Water Utilities
2 TTPs
•
Dark Reading / 1h
The US water sector suffered a stream of cyberattacks over the past year and half, from a mix of cybercriminals, hacktivists, and nation-state hacking teams. Here's how the industry and ICS/OT security experts are working to better secure vulnerable drinking and wastewater utilities.
Defining & Defying Cybersecurity Staff Burnout
Dark Reading / 1h
Sometimes it feels like burnout is an inevitable part of working in cybersecurity. But a little bit of knowledge can help you and your staff stay healthy.
Why ethics is becoming AI's biggest challenge
ZDNet | Security / 2h
Teams designing AI should include linguistics and philosophy experts, parents, young people, everyday people with different life experiences from different socio-economic backgrounds.
How managing networks differs on Windows 10 and Linux
ZDNet | Security / 2h
If you're considering leaving the soon-to-sunsetted Windows 10 for Linux, you'll want to know how to manage networks with the open-source operating system.
Experts warn of a surge in activity associated FICORA and Kaiten botnets
IoC > 2 IPs
•
Security Affairs / 3h
•
12 TTPs
•
D-Link routers targeted by botnets
FortiGuard Labs observed increased activity from two botnets, the Mirai variant “FICORA” and the Kaiten variant “CAPSAICIN”. FortiGuard Labs researchers observed a surge in activity associated with two botnets, the Mirai variant “ FICORA ” and the Kaiten variant “CAPSAICIN,” in late 2024. Both botnets target vulnerabilities in D-Link devices, particularly through the HNAP interface, allowing remo
Palo Alto Networks fixed a high-severity PAN-OS flaw
2 TTPs
•
Security Affairs / 4h
Palo Alto Networks addressed a high-severity PAN-OS flaw that could trigger denial-of-service (DoS) on vulnerable devices. Palo Alto Networks addressed a high-severity flaw, tracked as CVE-2024-3393 (CVSS score: 8.7), in PAN-OS software that could cause a denial-of-service (DoS) condition. An unauthenticated attacker can exploit this vulnerability to reboot the firewall by sending a malicious pac

Yesterday

Brazilian citizen charged for threatening to release data stolen from a company in 2020
Brazilian man charged with extortion
•
Security Affairs / 6h
A Brazilian citizen faces U.S. charges for allegedly threatening to release data stolen from a company in a March 2020 security breach. The U.S. government has charged the Brazilian citizen Junior Barros De Oliveira, 29, with allegedly threatening to release data stolen from a company during a March 2020 security breach. De Oliveira was charged with four counts of extortionate threats involving i
Palo Alto Releases Patch for PAN-OS DoS Flaw — Update Immediately
2 TTPs
•
94The Hacker News / 7h
Palo Alto Networks has disclosed a high-severity vulnerability impacting PAN-OS software that could cause a denial-of-service (DoS) condition on susceptible devices. The flaw, tracked as CVE-2024-3393 (CVSS score: 8.7), impacts PAN-OS versions 10.X and 11.X, as well as Prisma Access running PAN-OS versions 10.2.8 and later or prior to 11.2.3. It has been addressed in PAN-OS 10.1.14-h8, PAN-OS
FICORA and Kaiten Botnets Exploit Old D-Link Vulnerabilities for Global Attacks
IoC > 3 IPs
•
51The Hacker News / 7h
•
12 TTPs
•
D-Link vulnerabilities exploited by botnets
Cybersecurity researchers are warning about a spike in malicious activity that involves roping vulnerable D-Link routers into two different botnets, a Mirai variant dubbed FICORA and a Kaiten (aka Tsunami) variant called CAPSAICIN. "These botnets are frequently spread through documented D-Link vulnerabilities that allow remote attackers to execute malicious commands via a GetDeviceSettings
Apache MINA CVE-2024-52046: CVSS 10.0 Flaw Enables RCE via Unsafe Serialization
CVE-2024-52046
•
70The Hacker News / 8h
The Apache Software Foundation (ASF) has released patches to address a maximum severity vulnerability in the MINA Java network application framework that could result in remote code execution under specific conditions. Tracked as CVE-2024-52046, the vulnerability carries a CVSS score of 10.0. It affects versions 2.0.X, 2.1.X, and 2.2.X. "The ObjectSerializationDecoder in Apache MINA uses Java's
How Programmatic Advertising Companies Help Brands Maximize ROI
IT Security Guru / 8h
In today’s highly competitive digital landscape, businesses are constantly looking for effective ways to optimize their marketing strategies. One approach that has gained significant traction is programmatic advertising. Programmatic advertising has become a game-changer for brands looking to improve their return on investment (ROI) with its ability to automate ad buying, target specific audience
The Role of Enterprise Browsers in Securing Remote Work and Hybrid Teams
IT Security Guru / 8h
Remote and hybrid work offer opportunities but also bring challenges. Now, securing digital spaces is crucial. Enterprise browser security has become vital for various organizations. It protects their remote and hybrid teams from cyber threats. These organization-focused browsers have security features. They protect data, control access, and ensure compliance. This article explores how enterprise

End of feed

No comments:

Post a Comment

Please leave a comment about our recent post.

Subscribe to: Post Comments (Atom)