- Details
- BleepingComputer
The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) revealed today the top ten most common cybersecurity misconfigurations discovered by their red and blue teams in the networks of large organizations.
Today's advisory also details what tactics, techniques, and procedures (TTPs) threat actors use to successfully exploit these misconfigurations with various goals, including gaining access to, moving laterally, and targeting sensitive information or systems. Read More..
- Details
- The Hacker News
Microsoft has detailed a new campaign in which attackers unsuccessfully attempted to move laterally to a cloud environment through an SQL Server instance.
"The attackers initially exploited a SQL injection vulnerability in an application within the target's environment," security researchers Sunders Bruskin, Hagai Ran Kestenberg, and Fady Nasereldeen said in a Tuesday report.
"This allowed the attacker to gain access and elevated permissions on a Microsoft SQL Server instance deployed in Azure Virtual Machine (VM)."ackers use a massive network of fake and compromised Facebook accounts to send out millions of Messenger phishing messages to target Facebook business accounts with password-stealing malware.
The attackers trick the targets into downloading a RAR/ZIP archive containing a downloader for an evasive Python-based stealer that grabs cookies and passwords stored in the victim's browser. Read More..
- Details
- BleepingComputer
The Apple Emergency Update was deployed to address a critical Zero-day vulnerability impacting iOS and iPadOS versions earlier than 17.0.3. This flaw, designated as CVE-2023-42824, could potentially allow malicious actors to escalate their privileges on compromised devices. The vulnerability was actively exploited in the wild, prompting Apple to roll out security patches. The flaw resided in the kernel and could be abused by a local attacker to elevate their privileges, which Apple sought to rectify with improved checks in the update.Read More..
- Details
- BleepingComputer
Cybercriminals orchestrated a sophisticated phishing campaign, leveraging the EvilProxy phishing framework to exploit an open redirect vulnerability on the job search platform Indeed.com. The primary objective was to harvest Microsoft 365 credentials from high-ranking executives, especially those based in the US across various sectors including Banking, Insurance, Property Management, and Manufacturing. Read More..
- Details
- The Hacker News
The Hacker News published A new ransomware family called 3AM has emerged in the wild after it was detected in a single incident in which an unidentified affiliate deployed the strain following an unsuccessful attempt to deliver LockBit (attributed to Bitwise Spider or Syrphid) in the target network.
"3AM is written in Rust and appears to be a completely new malware family," the Symantec Threat Hunter Team, part of Broadcom, said in a report shared with The Hacker News.
"The ransomware attempts to stop multiple services on the infected computer before it begins encrypting files. Once encryption is complete, it attempts to delete Volume Shadow (VSS) copies." Read More..
- Millions Infected by Spyware Hidden in Fake Telegram Apps on Google Play
- MetaStealer Malware Targets Apple MacOS in Recent Attacks
- Cybercriminals Using PowerShell to Steal NTLMv2 Hashes from Compromised Windows
- Facebook Messenger Phishing Wave Targets 100K Business Accounts per Week
- CISA Warns Govt Agencies to Secure iPhones Against Spyware Attacks