September 30, 2024 at 08:30AM Security vulnerabilities in six different Automatic Tank Gauge (ATG) systems have been disclosed, exposing them to remote attacks. Thousands of ATGs are exposed on the internet, making them a target for malicious actors. Additional flaws were found in OpenPLC, Riello NetMan 204, and AJCloud. CISA has highlighted threats to OT … Read more
September 27, 2024 at 05:42AM Russian-speaking users are being targeted in a new cybercrime campaign using a commodity trojan called DCRat distributed through HTML smuggling. The technique involves embedding or retrieving the payload within HTML files, which are then propagated via bogus sites or malspam campaigns. Organizations are advised to monitor HTTP and HTTPS traffic … Read more
September 20, 2024 at 05:05PM Ivanti has announced that a critical vulnerability in the Cloud Services Appliance (CSA) is being exploited, allowing attackers to bypass admin authentication and execute arbitrary commands. This adds to the ongoing security issues faced by Ivanti since 2023. Steps to mitigate the threat include upgrading to CSA 5.0 and ensuring … Read more
September 10, 2024 at 03:29PM A new acoustic attack, ‘PIXHELL,’ has been discovered that can extract information from air-gapped and audio-gapped systems using LCD monitors, without the need for speakers. Based on the meeting notes, the key takeaway is that a novel acoustic attack called “PIXHELL” has the capability to leak secrets from air-gapped and … Read more
September 10, 2024 at 07:39AM PIXHELL, a new side-channel attack, targets air-gapped computers by exploiting the “audio gap” to exfiltrate sensitive data using the noise generated by the screen pixels. The attack doesn’t require specialized audio hardware and could bypass air-gapping security measures. Countermeasures include acoustic jammers and monitoring for unusual signals. From the meeting … Read more
September 9, 2024 at 10:02AM Endpoint security is crucial due to the diverse and evolving attack surface of devices. Security teams must focus on baseline security, Endpoint Detection and Response (EDR), Automated Moving Target Defense (AMTD), and Mobile Threat Defense (MTD) to establish and enhance endpoint security. These tools are essential for addressing the increasing … Read more
September 3, 2024 at 12:54AM Eight vulnerabilities found in Microsoft applications for macOS could allow an adversary to gain elevated privileges or access sensitive data. By exploiting the Transparency, Consent, and Control (TCC) framework, an attacker could leverage affected applications, circumventing user consent. The vulnerabilities impact apps like Outlook, Teams, Word, and Excel. Measures like … Read more
August 29, 2024 at 05:07AM Summary: Threat actors are targeting users in the Middle East with sophisticated malware, posing as the Palo Alto GlobalProtect Tool. The malware utilizes a two-stage infection process and advanced evasion techniques, including masquerading as a legitimate VPN portal. Its capabilities include remote PowerShell commands, file exfiltration, and sandbox evasion. Recommendations … Read more
August 21, 2024 at 05:44PM Today, Google issued a new emergency security update for Chrome to address a zero-day vulnerability, marking the ninth such exploit targeted in attacks this year. Based on the meeting notes, it seems that today Google has released a new emergency security update for Chrome to address a zero-day vulnerability, which … Read more
August 21, 2024 at 07:33AM SaaS applications have revolutionized operations but introduced security vulnerabilities. With the increasing complexity of interconnected SaaS apps, organizations struggle to monitor and secure access. Understanding app usage, permissions, and actions is crucial, along with implementing measures like multi-factor authentication and access monitoring to prevent breaches. Proactive security measures are essential … Read more