Blog

Cybersecurity News

• Hardbit ransomware version 4.0 supports new obfuscation technique.
• Hackers are attacking Windows users with Internet Explorer zero-Day vulnerability.
• Apple warns iPhone users in 98 countries of more spyware attacks.
• Critical Exim bug bypasses security filters on 1.5 million mail servers.
• Latest CapraRAT Android spyware campaign targets gamers and TikTokers.
• Dark Gate malware campaign uses Samba file shares.
• GitLab critical bug lets attackers run pipelines as other users.
• A user has leaked nearly 10 billion unique plaintext passwords on a popular hacking forum.
• Apple’s Wi-Fi Positioning System (WPS) can be used to map and track Wi-Fi access points.

Cybersecurity Blog Posts

• Anderson Lunsford, CEO of BreachRx, speaks about the importance of creating centralized reports on cyber incidents.
• Carly Page from Techcrunch gave tips for protecting corporate e-mail from scam and phishing.
• Rob Sloan, Vice president of Cybersecurity Protection at Zscaler, analyzed the main security issues when using AI tools.

More

In order to improve the process of working with incoming cybersecurity events Defensys has expanded functionalities of the Defensys SIEM. The release 1.3 has a range of updates: the developer has increased the number of functions for events collection and handling, implemented new tools for content processing and search, added a report builder and new integrations to external systems. These changes will lead to better security of IT infrastructure and improve efficiency of CS specialists.

Defensys continues developing technologies for data protection and prevention of cyberattacks. New features are included in the event processing pipeline by Defensys’ specialists, updates allow SOC’s analysts to manage data processing collection in the system’s interface. Thus, the Defensys team has added new elements to the already available input and output points, buses and event normalizer, among them are an aggregator, a router and a filter. This allows users to customize event handling at its fullest, that is especially important for a large infrastructure of sources and systems.

Therefore, changes affected the work with expertise objects. Each object is a product’s content part, which contains written expertise in processing and analyzing of CS events. The expertise includes normalization and correlation rules, active lists, enrichment tables, and event models.

More

Cybersecurity News

• Researchers have spotted exploitation attempts for the critical vulnerability impacting all D-Link DIR-859 WiFi routers.
• Brain Cipher has released decryption keys for free, allowing victims to recover their encrypted data.
• Apple’s CocoaPods platform bugs expose millions of Apps to code injection.
• Ticketmaster has started to notify customers who were impacted by a recent data breach.
• Researchers discovered a new Android malware, “Snowblind”, running active campaigns since early 2024.
• OpenSSH addressed a critical vulnerability, tracked as CVE-2024-6387, that can lead to unauthenticated remote code execution.
• Cisco has patched a zero-day vulnerability exploited in April attacks to install previously unknown malware.
• Critical GitLab vulnerability could allow attackers to run a pipeline as another user.

Cybersecurity Blog Posts

• Tara Seals, managing editor at Dark Reading, has published a list of tips for CISOs and key decision makers in companies.
• Sue Poremba, author at Cybersecuritydive, talks about the interaction between artificial intelligence and information security solutions.

More

Cybersecurity News

• VMware has released a critical security advisory, addressing multiple vulnerabilities in VMware vCenter Server.
• Microsoft recommends to migrate to “Always On VPN” as it deprecates Windows DirectAccess.
• ASUS addresses a critical remote authentication bypass vulnerability, impacting seven router models.
• A newly discovered Linux malware uses emojis to execute commands on infected devices.
• CISA adds Android Pixel, Microsoft Windows, Progress Telerik Report Server bugs to its known exploited vulnerabilities catalog.
• Microsoft June 2024 Patch Tuesday update fixed more than 50 vulnerabilities, including 0-day.
• The SOC analysts identified a drive-by download attack leveraging SolarMarker malware.

Cybersecurity Blog Posts

• Kate O’Flaherty from Wired discusses privacy and security questions of using generative AI in business.
• Rob Shavell, CEO of Abine, tells why trading privacy for “free” web services must end.
• Kaaviya Ragupathy from Cyber Security News shares a tutorial on how to use Threat Intelligence Feeds for SOC/DFIR Teams.
• Roman Arutyunov, Co-Founder &

More

Cybersecurity News

• Hackers use authentication tools to deliver NiceRAT malware via botnet.
• XSS flaws in multiple WordPress plugins exploited to deploy malware.
• 361 million stolen accounts leaked on Telegram were added to Have I Been Pwned.
• Google will roll out Chrome’s new extension Manifest V3 next week.
• Cybercriminals attack banking customers in EU with V3B phishing kit.
• SonicWall Capture Labs discovered a remote code execution vulnerability in Atlassian Confluence.
• Microsoft announces first Windows 10 Beta build since 2021.
• A new hacker tool extracts all the data collected by Windows’ new Recall AI.
• Hackers employ JavaScript framework to trick users Copy, Paste and Command execution.

Cybersecurity Blog Posts

• Joan Goodchild from Darkreading shares 9 Tips on how to avoid burnout in cybersecurity.
• McAfee released a tutorial about phishing scam protection.
• Nathan Vega, VP at Protegrity, discusses data privacy questions in the era of generative AI.

More