www.invisibleciso.com - Cybersecurity news and alerts

How Cybersecurity Vulnerability Disclosures Help the Healthcare Community

Cybersecurity vulnerability disclosures are crucial to increasing awareness and transparency, and encouraging collaboration in the healthcare community.

Windows 11 now warns when typing your password in Notepad, websites

<div>Windows 11 22H2 was just released, and with it comes a new security feature called Enhanced Phishing Protection that warns users when they enter their Windows password in insecure applications or on websites. [...]</div>

Microsoft SQL servers hacked in TargetCompany ransomware attacks

<div>Security analysts at ASEC have discovered a new wave of attacks targeting vulnerable Microsoft SQL servers, involving the deployment of a ransomware strain named FARGO. [...]</div>

Hackers Exploited Zero-Day RCE Vulnerability in Sophos Firewall — Patch Released

<div>Security software company Sophos has released a patch update for its firewall product after it was discovered that attackers were exploiting a new critical zero-day vulnerability to attack its customers' network. The issue, tracked as CVE-2022-3236 (CVSS score: 9.8), impacts Sophos Firewall v19.0 MR1 (19.0.1) and older and concerns a code injection vulnerability in the User Portal and Webadmin</div>

Hackers Actively Exploiting New Sophos Firewall RCE Vulnerability

<div>Security software company Sophos has warned of cyberattacks targeting a recently addressed critical vulnerability in its firewall product. The issue, tracked as CVE-2022-3236 (CVSS score: 9.8), impacts Sophos Firewall v19.0 MR1 (19.0.1) and older and concerns a code injection vulnerability in the User Portal and Webadmin components that could result in remote code execution. The company said it</div>

London Police Arrested 17-Year-Old Hacker Suspected of Uber and GTA 6 Breaches

<div>The City of London Police on Friday revealed that it has arrested a 17-year-old teenager from Oxfordshire on suspicion of hacking. "On the evening of Thursday 22 September 2022, the City of London Police arrested a 17-year-old in Oxfordshire on suspicion of hacking," the agency said, adding "he remains in police custody." The department said the arrest was made as part of an investigation in</div>

Malicious Apps With Millions of Downloads Found in Apple App Store, Google Play

<div>The ongoing ad fraud campaign can be traced back to 2019, but recently expanded into the iOS ecosystem, researchers say.</div>

App Developers Increasingly Targeted via Slack, DevOps Tools

<div>Slack, Docker, Kubernetes, and other applications that allow developers to collaborate have become the latest vector for software supply chain attacks.</div>

Malicious OAuth applications abuse cloud email services to spread spam

Microsoft researchers recently investigated an attack where malicious OAuth applications were deployed on compromised cloud tenants and then used to control Exchange Online settings and spread spam. The investigation revealed that the threat actor launched credential stuffing attacks against high-risk accounts that didn’t have multi-factor authentication (MFA) enabled and leveraged the unsecured administrator accounts to gain initial access. The unauthorized access to the cloud tenant enabled th

YouTube down: Live streams hit by worldwide outage

<div>YouTube is currently experiencing a worldwide outage, with thousands of reports saying they cannot access live streams. [...]</div>

UK Police arrests teen believed to be behind Uber, Rockstar hacks

<div>The City of London police announced on Twitter today the arrest of a British 17-year-old teen suspected of being involved in recent cyberattacks. [...]</div>

Accused Russian RSOCKS Botmaster Arrested, Requests Extradition to U.S.

A 36-year-old Russian man recently identified by KrebsOnSecurity as the likely proprietor of the massive RSOCKS botnet has been arrested in Bulgaria at the request of U.S. authorities. At a court hearing in Bulgaria this month, the accused hacker requested and was granted extradition to the United States, reportedly telling the judge, “America is looking for me because I have enormous information and they need it.” A copy of the passport for Denis Kloster, as posted to his Vkontakte page in 2019

CISA: Zoho ManageEngine RCE Bug Is Under Active Exploit

<div>The bug allows unauthenticated code execution on the company's firewall products, and CISA says it poses "significant risk" to federal government.</div>

Cyberattackers Compromise Microsoft Exchange Servers via Malicious OAuth Apps

<div>Cybercriminals took control of enterprise Exchange Servers to spread large amounts of spam aimed at signing people up for bogus subscriptions.</div>

Microsoft Looks to Enable Practical Zero-Trust Security With Windows 11

<div>With the update, Microsoft adds features to allow easier deployment of zero-trust capabilities. Considering the 1.3 billion global Windows users, the support could make a difference.</div>

How Europe Is Using Regulations to Harden Medical Devices Against Attack

<div>Manufacturers need to document a medical device's intended use and operational environment, as well as plan for misuse, such as a cyberattack.</div>

Mitigating Risk and Communicating Value in Multicloud Environments

<div>Protecting against risk is a shared responsibility that only gets more complex as you mix the different approaches of common cloud services.</div>

Neglecting Open Source Developers Puts the Internet at Risk

<div>From creating a software bill of materials for applications your company uses to supporting open source projects and maintainers, businesses need to step up their efforts to help reduce risks.</div>

Researchers Uncover New Metador APT Targeting Telcos, ISPs, and Universities

<div>A previously undocumented threat actor of unknown origin has been linked to attacks targeting telecom, internet service providers, and universities across multiple countries in the Middle East and Africa. "The operators are highly aware of operations security, managing carefully segmented infrastructure per victim, and quickly deploying intricate countermeasures in the presence of security</div>

Hackers Using Fake CircleCI Notifications to Hack GitHub Accounts

<div>GitHub has put out an advisory detailing what may be an ongoing phishing campaign targeting its users to steal credentials and two-factor authentication (2FA) codes by impersonating the CircleCI DevOps platform. The Microsoft-owned code hosting service said it learned of the attack on September 16, 2022, adding the campaign impacted "many victim organizations." The fraudulent messages claim to</div>