Top News

• Ransomware continues to pile on costs for critical infrastructure victims

"Millions more spent without any improvement in recovery times"

Link

TLP¹ : Green

• UK to introduce watered-down version of mandatory reporting for ransomware attacks

"Britain’s new government announced on Wednesday its intention to bring forward a Cyber Security and Resilience Bill updating the country’s cybersecurity regulations, two years after the previous government prematurely described them as “updated” before failing to actually introduce the legislation."

Link

TLP¹ : Green

• Weak credentials behind nearly half of all cloud-based attacks, research finds

"Credential mismanagement was the top initial access vector for cloud environment attacks during the first half of 2024, a Google Cloud report found."

Link

TLP¹ : Green

Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism

• ‘GhostEmperor’ returns: Mysterious Chinese hacking group spotted for first time in two years

"Security firm Sygnia revealed that GhostEmperor recently compromised a network, using it as a launchpad to access another victim's systems. This marks the first public report on the group since it was identified by Kaspersky Lab in 2021."

Link

TLP¹ : Green

• Global Police Swoop on Black Axe Cybercrime Syndicate

"Interpol claims to have struck a major blow against several West African cybercrime groups, including the notorious Black Axe syndicate."

Link

TLP¹ : Green

• Russia-linked FIN7 hackers sell their security evasion tool to other groups on darknet

"A notorious cybercriminal group known as FIN7 advertises its custom tool for security evasion on darknet forums and sells it to other criminal gangs, researchers have found."

Link

TLP¹ : Green

Breaches: Data Breaches and Hacks

• Over 400,000 Life360 user phone numbers leaked via unsecured API

"A threat actor has leaked a database containing the personal information of 442,519 Life360 customers collected by abusing a flaw in the login API."

Link

TLP¹ : Green

Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits

• Cisco SSM On-Prem bug lets hackers change any user's password

"Cisco has fixed a maximum severity vulnerability that allows attackers to change any user's password on vulnerable Cisco Smart Software Manager On-Prem (Cisco SSM On-Prem) license servers, including administrators."

Link

TLP¹ : Green

• CISA adds OSGeo GeoServer GeoTools bug to its Known Exploited Vulnerabilities catalog

"U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds an OSGeo GeoServer GeoTools bug to its Known Exploited Vulnerabilities catalog."

Link

TLP¹ : Green

Incident Response: Infrastructure, Training, SIEM and Incident Handling

• Prepare for your CompTIA, CISM, and CASP+ Exams with this $56 bundle

"Studying cybersecurity on your own requires actually knowing enough about what you're studying to find materials to learn from. There might be decent free courses online, but it takes some expertise to identify what information is reliable, and many of those are just rote memorization."

Link

TLP¹ : Green

Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography

• Container Breakouts: Escape Techniques in Cloud Environments

"This article reviews container escape techniques, assesses their possible impact and reveals how to detect these escapes from the perspective of endpoint detection and response (EDR)."

Link

TLP¹ : Green

¹Traffic Light Protocol (TLP) [1] for information sharing:

• Red:Not for disclosure, restricted to participants only.
• Amber: Limited disclosure, restricted to participants organizations.
• Green: Limited disclosure, restricted to the community.

[1]https://www.first.org/tlp