InfoSec News 20241128
Top News
-
The only thing worse than being fired is scammers fooling you into thinking you're fired
"Scumbags play on victims' worst fears in phishing campaign referencing UK Employment Tribunal"
TLP1 : Green
-
CVE-2024-42327 (CVSS 9.9): Critical SQL Injection Vulnerability Found in Zabbix
"Zabbix, a popular open-source IT infrastructure monitoring tool used by organizations worldwide, has been found to contain a critical SQL injection vulnerability (CVE-2024-42327) with a CVSS score of 9.9. This vulnerability allows attackers to escalate privileges and gain complete control of Zabbix instances, potentially compromising sensitive monitoring data and connected systems."
TLP1 : Green
-
Black Friday Fake Stores Surge 110%: How LLMs and Cheap Domains Empower Cybercrime
"The 2024 holiday shopping season is witnessing an alarming rise in fraudulent e-commerce activity. According to Netcraft, fake online stores have surged by 110% between August and October, capitalizing on the Black Friday frenzy."
TLP1 : Green
Cybersecurity State: Surveillance, Cyberwarfare, Cybercriminality and Hacktivism
-
Pro-Russian Hacktivists Launch Branded Ransomware Operations
"A pro-Russian hacktivist group has launched its own ransomware-as-a-service (RaaS) operations to advance its causes."
TLP1 : Green
-
Infostealer Shut Down After Source Code Was Leaked
"The macOS malware-as-a-service Banshee Stealer has been taken down following the exposure of its source code."
TLP1 : Green
-
Attack Group APT-C-60 Targets Japan Using Trusted Platforms
"A cyber-attack targeting Japanese and other East Asian organizations, suspected to be orchestrated by the threat group APT-C-60, has been uncovered."
TLP1 : Green
Breaches: Data Breaches and Hacks
-
Zello asks users to reset passwords after security incident
"Zello is warning customers to reset their passwords if their account was created before November 2nd in what appears to be another security breach."
TLP1 : Green
Vulnerabilities: Vulnerability Advisories, Zero-Days,Patches and Exploits
-
ProjectSend critical flaw actively exploited in the wild, experts warn
"Researchers warn that a critical security flaw in ProjectSend open-source file-sharing application may be under active exploitation."
TLP1 : Green
-
Hackers abuse popular Godot game engine to infect thousands of PCs
"Hackers have used new GodLoader malware exploiting the capabilities of the widely used Godot game engine to evade detection and infect over 17,000 systems in just three months."
TLP1 : Green
Incident Response: Infrastructure, Training, SIEM and Incident Handling
-
This Black Friday deal lets you prep for 10+ CompTIA exams for $40
"Breaking into the IT field can feel overwhelming, especially if you're unsure where to start or how to build skills that can actually get you a job. For many, the dream of working as an IT technician or network administrator begins with earning certifications that not only prove their expertise but also open doors to well-paying, in-demand jobs."
TLP1 : Green
Technical Articles: Forensics, Reverse Engineering, Malware, Phishing, Pentesting, Software Security and Cryptography
-
Dozens of Machines Infected: Year-Long NPM Supply Chain Attack Combines Crypto Mining and Data Theft
"Through our continuous monitoring of software supply chain threats, the Checkmarx Research team identified a supply chain attack that has remained active for over a year. The package, @0xengine/xmlrpc, began its life as a “legitimate” XML-RPC implementation in October 2023, but strategically transformed into a malicious tool in later versions and has remained active through November of 2024."
TLP1 : Green
1Traffic Light Protocol (TLP) [1] for information sharing:
- Red:Not for disclosure, restricted to participants only.
- Amber: Limited disclosure, restricted to participants organizations.
- Green: Limited disclosure, restricted to the community.