Monday, September 25, 2023
Internet Storm Center Infocon Status



In-the-Wild Exploitation Expected for Critical TeamCity Flaw Allowing Server Takeover

A critical vulnerability in the TeamCity CI/CD server could allow unauthenticated attackers to execute code and take over vulnerable servers. The post In-the-Wild Exploitation Expected for Critical TeamCity Flaw Allowing Server Takeover appeared first on SecurityWeek.

Predator Spyware Delivered to iOS, Android Devices via Zero-Days, MitM Attacks

Predator spyware delivered to iPhones and Android devices using iOS and Chrome zero-day vulnerabilities and MitM attacks.  The post Predator Spyware Delivered to iOS, Android Devices via Zero-Days, MitM Attacks appeared first on SecurityWeek.
Infosecurity Magazine

BEC Scammer Pleads Guilty to Part in $6m Scheme

Nigerian was extradited to the US from Canada
Infosecurity Magazine

Researchers Spot Novel “Deadglyph” Backdoor

Malware is linked to UAE-backed spies
Infosecurity Magazine

Almost US 900 Schools Breached Via MOVEit

National Student Clearinghouse reveals more details of incident

Don’t Get Burned by CAPTCHAs: A Recipe for Accurate Bot Protection

Traditional CAPTCHAs, such as reCAPTCHA, no longer protect online businesses adequately. Real users hate them. Bots bypass them. It's time to upgrade.
The Hacker News

New Report Uncovers Three Distinct Clusters of China-Nexus Attacks on Southeast Asian Government

An unnamed Southeast Asian government has been targeted by multiple China-nexus threat actors as part of espionage campaigns targeting the region over extended periods of time. "While this activity occurred around the same time and in some instances even simultaneously...
The CyberWire Podcast

Threat intelligence discussion with Chris Krebs. [Special Edition]

In this extended interview, Simone Petrella sits down with Chris Krebs of the Krebs Stamos Group at the mWise 2023 Cybersecurity Conference to discuss threat intelligence . Learn more about your...
The Shared Security Podcast

Content Creation, Mental Health in Cyber, The MGM Ransomware Attack

In this episode Matt Johansen, Security Architect at Reddit and Vulnerable U newsletter and YouTube content creator, joins host Tom Eston to discuss Matt’s background as one of the original “Security Twits”, his career journey, his passion for mental...
The Register

T-mobile exposes some customer data – but don’t call it a breach

PLUS: Trojan hidden in PoC; cyber insurance surge; pig butchering's new cuts; and the week's critical vulns Infosec in brief  T-Mobile has had another bad week on the infosec front – this time stemming from a system glitch that...

Cisco Disrupts Observability & Cybersecurity Markets with Splunk Acquisition

Cisco's acquisition of Splunk benefits Cisco's ongoing b shift towards more software and subscription-based services, but will cause churn in the market,

ISC StormCast for Monday, September 25th, 2023

Scanning for Laravel - a PHP Framework for Web Artisants
Open Source Security Podcast

Episode 394 – The lie anyone can contribute to open source

Josh and Kurt talk about filing bugs for software. There's the old saying that anyone can file bugs and submit patches for open source, but the reality is most people can't. Filing bugs for both closed and open source...

Point of Sale Security Guide and Checklist

For retail businesses, the POS system is arguably their most important IT system. This TechRepublic Premium guide, and the accompanying checklist, will help you successfully secure a POS system for your business enterprise. From the guide: ACCESS CONTROLS The...

Internet and Email Usage Policy

This policy from TechRepublic Premium sets forth guidelines for the use of the internet, as well as internet-powered communication services, including email, proprietary group messaging services (e.g., Slack) and social networking services in business contexts. It also covers Internet...
Security Affairs

Security Affairs newsletter Round 438 by Pierluigi Paganini – International edition

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Government of...

iOS 17: iPhone Users Report Worrying Privacy Settings Change After Update

Have you updated your iPhone to iOS 17? You should check your privacy settings as they could reveal an unwanted and surprising change.

Don’t make this USB mistake! Protect your data with this encrypted gadget instead

From a military-standardized build to a complex passphrase mode, Kingston's IronKey is one of the most secure USBs you can buy.
The CyberWire Podcast

Merritt Baer: No one has to go down for you to go up. [CISO] [Career Notes]

This week our guest is Merritt Baer, a Field CISO from Lacework, and a cloud security unicorn, sits down to share her incredible story working through the ranks to get to...

Researchers Discover Attempt to Infect Leading Egyptian Opposition Politician With Predator Spyware

Egyptian opposition politician Ahmed Altantawy was targeted with spyware after announcing a presidential bid, security researchers reported The post Researchers Discover Attempt to Infect Leading Egyptian Opposition Politician With Predator Spyware appeared first on SecurityWeek.
The Hacker News

Deadglyph: New Advanced Backdoor with Distinctive Malware Tactics

Cybersecurity researchers have discovered a previously undocumented advanced backdoor dubbed Deadglyph employed by a threat actor known as Stealth Falcon as part of a cyber espionage campaign. "Deadglyph's architecture is unusual as it consists of cooperating components – one a native x64...

New Critical Security Warning For iPhone, iPad, Watch, Mac—Attacks Underway

Citizen Lab alongside Google’s Threat Analysis Group, has uncovered a no-click zero-day exploit chain impacting iPhones, iPads, Apple Watch and Macs.
The CyberWire Podcast

Behind the Google shopping ad masks. [Research Saturday]

Maxim Zavodchik from Akamai joins Dave to discuss their research on "Xurum: New Magento Campaign Discovered." Akamai researchers have discovered an ongoing server-side template injection campaign that is exploiting digital commerce...
The Hacker News

Apple and Chrome Zero-Days Exploited to Hack Egyptian ex-MP with Predator Spyware

The three zero-day flaws addressed by Apple on September 21, 2023, were leveraged as part of an iPhone exploit chain in an attempt to deliver a spyware strain called Predator targeting former Egyptian member of parliament Ahmed Eltantawy between May and September 2023. "The...

NIcole Sundin – CPO at Axio – SEC compliance, usable security, setting up risk mgmt programs

Disclaimer: The views, information, or opinions expressed on this program are solely the views of the individuals involved and by no means represent absolute facts. Opinions expressed by the host and guests can change at any time,...


Brian Krebs

LastPass: ‘Horse Gone Barn Bolted’ is Strong Password

The password manager service LastPass is now forcing some of its users to pick longer master passwords. LastPass says the changes are needed to ensure all customers are protected by their latest security improvements. But critics say the move...
Bruce Schneier

Friday Squid Blogging: New Squid Species

An ancient squid: New research on fossils has revealed that a vampire-like ancient squid haunted Earth’s oceans 165 million years ago. The study, published in June edition of the journal Papers in Palaeontology, says the creature had a bullet-shaped body...

Weekly Update 366

Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSiteWell that's it, Europe is done! I've spent the week in Prague with highlights including catching up with Josef Prusa,...
Graham Cluley

Snatch ransomware – what you need to know

The FBI and US Cybersecurity and Infrastructure Security Agency (CISA) have issued a joint advisory warning organisations about a ransomware-as-a-service operation called "Snatch." Learn more about the threat in my article for the Tripwire State of Security blog.
Graham Cluley

Donald Trump Jr’s hacked Twitter account announces his father has died

Donald Trump Jr may not have just inherited his famous father's name. He may also have inherited his bad password security.