December 7, 2023 at 08:54AM The ‘Pool Party’ is a collection of eight novel Windows process injection methods that escape detection by endpoint detection and response (EDR) tools. Takeaways from the meeting notes: 1. “Pool Party” is a name given to a new collection of eight Windows process injection techniques. 2. These techniques are capable … Read more
December 7, 2023 at 07:46AM Over 22,000 patients’ data were exposed by Cambridge University Hospitals NHS Foundation Trust due to errors responding to Freedom of Information requests. Maternity and cancer patient details were inadvertently revealed. The Trust has since audited past FoI responses, improved data security measures, and is cooperating with the ICO. Meeting Takeaways: … Read more
December 6, 2023 at 05:10PM Austal USA, a shipbuilding contractor for the US government, reported a cyberattack by Hunters International to the FBI and NCIS. The ransomware group leaked stolen data online but the company contained the breach with no operational impact reported. No personal or classified data was compromised; investigations are ongoing. Meeting Takeaways: … Read more
December 6, 2023 at 02:48PM At the Black Hat Europe 2023 event, Ollie Whitehouse of the NCSC stated that current cybersecurity is inadequate to counter advanced threats. He criticized security vendors for creating closed ecosystems with up-charges for better security and lacking transparency, especially regarding SaaS vulnerabilities. He advocated for basic security improvements and greater … Read more
December 6, 2023 at 10:48AM The Shadowserver Foundation reports a surge in device hacks linked to new vulnerabilities in Cisco IOS XE. SecurityWeek shared the news in a post titled “Exploitation of Recent Cisco IOS XE Vulnerabilities Spikes.” Here are the clear takeaways from the meeting notes provided: 1. The Shadowserver Foundation has issued a … Read more
December 6, 2023 at 09:52AM CISA removed CVE-2022-28958, a supposed critical flaw in a D-Link router, from its Known Exploited Vulnerability catalog after a review revealed it was not a real vulnerability. VulnCheck debunked the issue, originally believed to allow remote code execution. The flaw was included due to an invalid proof of concept but … Read more
December 6, 2023 at 08:00AM A US government agency was attacked through a flaw in Adobe ColdFusion, identified as CVE-2023-26360, as reported by SecurityWeek. Key Takeaway from Meeting Notes: – An Adobe ColdFusion vulnerability with the identifier CVE-2023-26360 was exploited in cyberattacks targeting a US government agency. – The information regarding the exploitation of this … Read more
December 6, 2023 at 06:00AM Amid growing digital security threats, organizations face challenges implementing automation due to resource constraints and a need for clear processes. While automation can enhance security operations by handling repetitive tasks and reducing errors, success requires assessing readiness, prioritizing impactful processes, and integrating solutions with workflows. Operational guidance and continuous improvement … Read more
December 6, 2023 at 02:00AM Atlassian alerted customers of four critical vulnerabilities with flawed email links that weren’t initially live. Despite the broken links, they provided direction to updated advisory pages for immediate action. The vulnerabilities affect various Atlassian products and can be fixed by upgrading to secured versions. **Meeting Summary: Atlassian Issues Advisory on … Read more
December 5, 2023 at 06:59PM HTC Global Services confirmed a cyberattack after the ALPHV ransomware gang started leaking stolen data. The IT services provider, servicing multiple industries, acknowledged the breach on social media and is working with experts to resolve the issue. The alleged stolen data includes personal and confidential information. Cybersecurity expert Kevin Beaumont … Read more