ITSEC News @itsecbot@schleuss.online
Pinned post
#introductions This bot is posting ITSEC related news from all over the web - usually refreshes every few minutes with new stories. If you would like to see more sites included, write to the maintainer @emanuel - you might also be interested in @vulnbot
Weekly Update 340 - Presently sponsored by: Kolide ensures only secure devices can access your cloud a... https://www.troyhunt.com/weekly-update-340/ #weeklyupdate
Microsoft Outlook Remote Hash Vulnerability (CVE-2023-23397) - The post Microsoft Outlook Remote Hash Vulnerability (CVE-2023-23397) appeared first on F... https://tech-wreckblog.blogspot.com/2023/03/microsoft-outlook-remote-hash.html
SWG versus CASB: What’s the Difference? - It’s pronounced “swig” and it’s definitely a cybersecurity cocktail: secure web gateways ... https://tech-wreckblog.blogspot.com/2023/03/swg-versus-casb-whats-difference.html
Microsoft pushes OOB security updates for Windows Snipping tool flaw - Microsoft released an emergency security update for the Windows 10 and Windows 11 Snippin... https://www.bleepingcomputer.com/news/microsoft/microsoft-pushes-oob-security-updates-for-windows-snipping-tool-flaw/ #microsoft #security
USENIX Security ’22 – Xudong Pan, Mi Zhang, Beina Sheng, Jiaming Zhu, Min Yang – ‘Hidden Trigger Backdoor Attack On NLP Models Via Linguistic Style Manipulation’ - Our thanks to USENIX for publishing their Presenter’s outstanding USENIX Security ’22 Con... https://tech-wreckblog.blogspot.com/2023/03/usenix-security-22-xudong-pan-mi-zhang.html
New Dark Power ransomware claims 10 victims in its first month - A new ransomware operation named 'Dark Power' has appeared, and it has already listed its... https://www.bleepingcomputer.com/news/security/new-dark-power-ransomware-claims-10-victims-in-its-first-month/ #security
Inaudible ultrasound attack can stealthily control your phone, smart speaker - American university researchers have developed a novel attack which they named "Near-Ultr... https://www.bleepingcomputer.com/news/security/inaudible-ultrasound-attack-can-stealthily-control-your-phone-smart-speaker/ #security
Russia’s Rostec allegedly can de-anonymize Telegram users - Russia's Rostec has reportedly bought a platform that allows it to uncover the identities... https://www.bleepingcomputer.com/news/security/russia-s-rostec-allegedly-can-de-anonymize-telegram-users/ #security
Cyber Kill Chain-Based Taxonomy of Advanced Persistent Threat Actors: Analogy of Tactics, Techniques, and Procedures - https://www.researchgate.net/publication/350342843_Cyber_Kill_Chain-Based_Taxonomy_of_Ad... https://tech-wreckblog.blogspot.com/2023/03/cyber-kill-chain-based-taxonomy-of.html
A Detailed Guide on Chisel - Background of Port forwarding
Port forwarding in a computer network, also known as... https://www.hackingarticles.in/a-detailed-guide-on-chisel/ #redteaming
Windows, Ubuntu, and VMWare Workstation hacked on last day of Pwn2Own - On the third day of the Pwn2Own hacking contest, security researchers were awarded $185,0... https://www.bleepingcomputer.com/news/security/windows-ubuntu-and-vmware-workstation-hacked-on-last-day-of-pwn2own/ #security
FBI confirms access to Breached cybercrime forum database - Today, the FBI confirmed they have access to the database of the notorious BreachForums (... https://www.bleepingcomputer.com/news/security/fbi-confirms-access-to-breached-cybercrime-forum-database/ #security
The Week in Ransomware - March 24th 2023 - Clop overload - This week's news has been dominated by the Clop ransomware gang extorting companies whose... https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-march-24th-2023-clop-overload/ #security
Microsoft shares tips on detecting Outlook zero-day exploitation - Microsoft today published a detailed guide aiming to help customers discover signs of com... https://www.bleepingcomputer.com/news/security/microsoft-shares-tips-on-detecting-outlook-zero-day-exploitation/ #microsoft #security
Australian police arrest four BEC actors who stole $1.7 million - The Australian Federal Police (AFP) has arrested four members of a cybercriminal syndicat... https://www.bleepingcomputer.com/news/security/australian-police-arrest-four-bec-actors-who-stole-17-million/ #security
Threat Roundup for March 17 to March 24 - Today, Talos is publishing a glimpse into the most prevalent threats we've observed betwe... https://blog.talosintelligence.com/threat-roundup-0317-0324/ #threatroundup
OpenAI: ChatGPT payment data leak caused by open-source bug - OpenAI says a Redis client open-source library bug was behind Monday's ChatGPT outage and... https://www.bleepingcomputer.com/news/security/openai-chatgpt-payment-data-leak-caused-by-open-source-bug/ #technology #security
Procter & Gamble confirms data theft via GoAnywhere zero-day - Consumer goods giant Procter & Gamble has confirmed a data breach affecting an undisc... https://www.bleepingcomputer.com/news/security/procter-and-gamble-confirms-data-theft-via-goanywhere-zero-day/ #security
WooCommerce Payments plugin for WordPress has an admin-level hole – patch now! - Admin-level holes in websites are always a bad thing... and for "bad", read "worse" if it... https://nakedsecurity.sophos.com/2023/03/24/woocommerce-payments-plugin-for-wordpress-has-an-admin-level-hole-patch-now/ #vulnerability #woocommerce #wordpress #dataloss #privacy
UK creates fake DDoS-for-hire sites to identify cybercriminals - The U.K.'s National Crime Agency (NCA) revealed today that they created multiple fake DDo... https://www.bleepingcomputer.com/news/security/uk-creates-fake-ddos-for-hire-sites-to-identify-cybercriminals/ #security #legal
