InfoSec News 20241118
Top News
-
SafePay Ransomware: A New Threat with Sophisticated Techniques
"In October 2024, Huntress analysts uncovered a previously unreported ransomware strain, dubbed SafePay, deployed across two distinct incidents. This ransomware has unique characteristics, including the use of .safepay as the encrypted file extension and a ransom note titled readme_safepay.txt."
TLP1 : Green
-
Security Brief: ClickFix Social Engineering Technique Floods Threat Landscape
"Proofpoint researchers have identified an increase in a unique social engineering technique called ClickFix. And the lures are getting even more clever."
TLP1 : Green
-
Fake AI video generators infect Windows, macOS with infostealers
"Fake AI image and video generators infect Windows and macOS with the Lumma Stealer and AMOS information-stealing malware, used to steal credentials and cryptocurrency wallets from infected devices."
TLP1 : Green
Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism
-
LightSpy: APT41 Deploys Advanced DeepData Framework In Targeted Southern Asia Espionage Campaign
"In April 2024, BlackBerry identified a significant evolution in the LightSpy malware campaign, demonstrating enhanced capabilities and advanced data theft mechanisms. The threat actor behind LightSpy, who we believe with a high level of confidence is associated with Chinese cyber-espionage group APT41, has now expanded their toolset with the introduction of DeepData, a modular Windows-based surveillance framework that significantly broadens their espionage capabilities."
TLP1 : Green
-
Swiss cheesed off as postal service used to spread malware
"Switzerland's National Cyber Security Centre (NCSC) has issued an alert about malware being spread via the country's postal service."
TLP1 : Green
Breaches: Data Breaches and Hacks
-
AnnieMac Data Breach Impacts 171,000 People
"AnnieMac Home Mortgage is informing over 171,000 individuals that their data has been compromised in a hacker attack."
TLP1 : Green
Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits
-
Critical Vulnerabilities in Citrix Virtual Apps and Desktops Actively Exploited
"Two vulnerabilities in Citrix’s “Virtual Apps and Desktops” remote access solution, CVE-2024-8068 and CVE-2024-8069, are actively being exploited in the wild, according to a report from Johannes B. Ullrich, Ph.D., Dean of Research at SANS.edu."
TLP1 : Green
-
GeoVision 0-Day Vulnerability Exploited in the Wild
"Cybersecurity researchers have detected the active exploitation of a zero-day vulnerability in GeoVision devices, which the manufacturer no longer supports."
TLP1 : Green
Incident Response: Infrastructure, Training, SIEM and Incident Handling
-
Advance your cybersecurity knowledge for just $29.97 in this course deal
"If you’re an IT professional or aspiring cybersecurity expert, you know that CISSP (Certified Information Systems Security Professional) certification is one of the most respected certifications in the industry. And for a limited time, you can deep dive into the world of cybersecurity for only $29.97—no coupon needed."
TLP1 : Green
Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography
-
Inside Water Barghest’s Rapid Exploit-to-Market Strategy for IoT Devices
"In this blog entry, we discuss Water Barghest's exploitation of IoT devices, transforming them into profitable assets through advanced automation and monetization techniques."
TLP1 : Green
1Traffic Light Protocol (TLP) [1] for information sharing:
- Red:Not for disclosure, restricted to participants only.
- Amber: Limited disclosure, restricted to participants organizations.
- Green: Limited disclosure, restricted to the community.