Notes from the cyber phases of two hybrid wars. Alerts on Cisco, Atlassian vulnerability exploitation. Updated guidance on security by design.
CyberWire Daily17 Loka 2023

Notes from the cyber phases of two hybrid wars. Alerts on Cisco, Atlassian vulnerability exploitation. Updated guidance on security by design.

A bogus RedAlert app delivered spyware as well as panic. BloodAlchemy backdoors ASEAN southeast asian targets. A serious Cisco zero-day is being exploited. Valve implements additional security measures for Steam. A warning on Atlassian vulnerability exploitation. Allies update their security-by-design guide. Ukrainian telecommunications providers hit by cyberattack. Ben Yelin explains attempts to tamp down pornographic deepfakes. Our guest is Ashley Rose from Living Security with a look at measuring human risk. And, as always, criminals see misery as opportunity. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/198 Selected reading. Malicious “RedAlert - Rocket Alerts” Application Targets Israeli Phone Calls, SMS, and User Information (The Cloudflare Blog) Disclosing the BLOODALCHEMY backdoor (Elastic Security Labs) BLOODALCHEMY provides backdoor to ASEAN secrets (Register) Active exploitation of Cisco IOS XE Software Web Management User Interface vulnerability (Cisco Talos Blog) Actively exploited Cisco 0-day with maximum 10 severity gives full network control (Ars Technica) Cisco warns of actively exploited zero-day in IOS XE software (Computing) Widespread Cisco IOS XE Implants in the Wild (VulnCheck) Steam enforces SMS verification to curb malware-ridden updates (BleepingComputer) Threat Actors Exploit Atlassian Confluence CVE-2023-22515 for Initial Access to Networks | CISA (Cybersecurity and Infrastructure Security Agency CISA) CISA, U.S. and International Partners Announce Updated Secure by Design Principles Joint Guide (Cybersecurity and Infrastructure Security Agency) CERT-UA Reports: 11 Ukrainian Telecom Providers Hit by Cyberattacks (The Hacker News) CVE-2023-38831 Exploited by Pro-Russia Hacking Groups in RU-UA Conflict Zone for Credential Harvesting Operations (Cluster25) Pro-Russian Hackers Exploiting Recent WinRAR Vulnerability in New Campaign (The Hacker News) Cyberattack targets Belgian public service websites for second time in a week (Brussels Times) Spam trends of the week: Spammers piggyback on the Israel-Gaza war to plunder donations (Hot for Security) Learn more about your ad choices. Visit megaphone.fm/adchoices

Tämä jakso on lisätty Podme-palveluun avoimen RSS-syötteen kautta eikä se ole Podmen omaa tuotantoa. Siksi jakso saattaa sisältää mainontaa.

Jaksot(3695)

A nightmare on Windows street.

A nightmare on Windows street.

Nightmare Eclipse drops another Windows zero-day. The Gentlemen take the ransomware crown. CISA orders emergency Fortinet patching. Canada’s surveillance bill faces U.S. scrutiny. Meta’s Oversight Boa...

17 Heinä 25min

For hackers, sharing is caring.

For hackers, sharing is caring.

CISA warns of active SharePoint attacks. The NSA pushes coordinated vulnerability disclosure. ClickLock Stealer targets macOS. Splunk and Zoom patch critical flaws. Spirals ransomware strikes in under...

16 Heinä 30min

Patchapalooza packs a punch.

Patchapalooza packs a punch.

Patch Tuesday. SonicWall urges immediate patching of actively exploited vulnerabilities. The White House launches an AI-backed vulnerability clearinghouse. The Air Force contends with widespread cybe...

15 Heinä 28min

The ransomware toll road.

The ransomware toll road.

Treasury sanctions a VPN provider tied to ransomware. The Pentagon hits pause on CMMC audits. Critical flaws surface in Google Cloud’s Dialogflow CX. Estée Lauder discloses a data breach. Mobile netwo...

14 Heinä 26min

State of the router.

State of the router.

The U.S. and its allies warn of Russian cyber threats targeting critical infrastructure as Europe rolls out new sanctions. Apple sues OpenAI over alleged trade secret theft. Progress investigates a po...

13 Heinä 26min

Preparing space for Q-day. [T-Minus: Space-Cyber Briefing]

Preparing space for Q-day. [T-Minus: Space-Cyber Briefing]

As the world prepares itself for quantum computing, governments and private space enterprises alike are looking to get ahead of the technology and manage the rapidly-accelerating risks. In this week’...

12 Heinä 21min

Conti-versal opinions. [Research Saturday]

Conti-versal opinions. [Research Saturday]

Today we are joined by Geoff White, host of Cyber Hack and BBC journalist, taking a deep dive into the Conti ransomware gang. Geoff explores an in-depth investigation into the notorious Conti ransomwa...

11 Heinä 29min

GoshDarn it, that’s advanced.

GoshDarn it, that’s advanced.

Researchers track ransomware they say is getting GoshDarn sophisticated. Zimbra patches a critical vulnerability affecting its Classic Web Client. A sophisticated vishing campaign targeting Microsoft ...

10 Heinä 25min

Suosittua kategoriassa Politiikka ja uutiset

aikalisa
uutiscast
ootsa-kuullut-tasta-2
rss-ootsa-kuullut-tasta
rss-vaalirankkurit-podcast
rss-podme-livebox
rss-seksicast
otetaan-yhdet
tervo-halme
aihe
politiikan-puskaradio
linda-maria
et-sa-noin-voi-sanoo-esittaa
rss-girls-finish-f1rst
viela-yksi-sivu
the-ulkopolitist
mtv-uutiset-polloraati
rss-kovin-paikka
rss-sveriges-radio-finska
rss-raha-talous-ja-politiikka