December 12, 2023 at 04:39PM Ukraine’s largest mobile telecom operator, Kyivstar, suffered a cyberattack, causing cell service and internet outages for millions. CEO Oleksandr Komarov confirmed the attack, indicating significant damage to the telco’s IT infrastructure. The attack is suspected to be part of Russia’s broader kinetic strikes in the ongoing war, with potential involvement … Read more
December 7, 2023 at 03:17PM WordPress version 6.4.2 fixes a critical RCE vulnerability, exploitable via a flaw in plugins or themes. Although the core issue isn’t critical alone, it can lead to arbitrary PHP code execution when combined with other vulnerabilities, particularly on multisite installations. Users are advised to manually verify their WordPress update. Meeting … Read more
December 7, 2023 at 10:54AM Five Eyes government agencies issued guidance for developing strategies to address memory safety vulnerabilities. Takeaway from Meeting: – Government agencies from the Five Eye countries (United States, United Kingdom, Canada, Australia, and New Zealand) have released new guidelines to assist in the development of roadmaps for memory safety. – The … Read more
December 7, 2023 at 10:28AM Star Blizzard, believed to be linked to Russia’s FSB, continues targeted spear-phishing attacks for intelligence gathering. They impersonate trusted contacts using researched information to deceive individuals and organizations in the UK and beyond. Numerous cyber security agencies warn of their expanded targeting since 2019, including the defense industry and energy … Read more
December 7, 2023 at 09:31AM Security experts found a previously undetected malware named Krasue, targeting Linux systems in Thai telecoms since 2021. Krasue includes seven rootkit variants, based on open-source code, to remain undetected and ensure persistent access, possibly through botnets. Its origin is unknown, but it shares similarities with XorDdos malware. Group-IB provided detection … Read more
December 7, 2023 at 01:54AM A new Linux trojan named Krasue, discovered targeting Thai telecoms since 2021, offers attackers persistent network access. Utilizing rootkits and evading detection with innovative tactics, its origins and deployment methods remain unclear. Similarities with XorDdos malware suggest a possible common creator. Security analysts stress the need for ongoing vigilance. Key … Read more
December 6, 2023 at 02:48PM At the Black Hat Europe 2023 event, Ollie Whitehouse of the NCSC stated that current cybersecurity is inadequate to counter advanced threats. He criticized security vendors for creating closed ecosystems with up-charges for better security and lacking transparency, especially regarding SaaS vulnerabilities. He advocated for basic security improvements and greater … Read more
December 6, 2023 at 09:48AM Dragos is providing small US electric, water, and natural gas utilities with complimentary OT cybersecurity software, as part of its Community Defense Program. Takeaway from Meeting Notes: 1. Dragos has initiated a Community Defense Program. 2. The program provides free operational technology (OT) cybersecurity software. 3. Beneficiaries of the program … Read more
December 5, 2023 at 12:07PM CISA warns of ongoing attacks exploiting a critical Adobe ColdFusion vulnerability (CVE-2023-26360), despite a fix. Hackers targeted government servers, installing malware and conducting reconnaissance. Although attacks were contained, CISA stresses updating ColdFusion and enhancing security measures. Meeting Takeaways: 1. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a … Read more
December 5, 2023 at 05:48AM Over 15,000 Go module repositories on GitHub are susceptible to “repojacking,” with vulnerabilities due to user name changes and account deletions. This exploit allows attackers to hijack supply chains by duplicating and publishing malicious modules. GitHub’s countermeasure is ineffective for Go modules, with a call for action from Go or … Read more