I added hover over text, it messed up some of the formatting. But whatever, I gotta go write my TPS report.<h2>Krebs on Security</h2>2024-08-19 - <a href="https://krebsonsecurity.com/2024/08/national-public-data-published-its-own-passwords/" title="New details are emerging about a breach at National Public Data (NPD), a consumer data broker that recently spilled hundreds of millions of Americans' Social Security Numbers, addresses, and phone numbers online. KrebsOnSecurity has learned that another NPD data broker which shares access to the same consumer records inadvertently published the passwords to its back-end database in a file that was freely available for download from its homepage until today.">National Public Data Published Its Own Passwords</a><br><h2>Dark Reading</h2><h2>The Hacker News [ THN ] - Best Security Blog</h2>2024-08-22 - <a href="https://thehackernews.com/2024/08/google-fixes-high-severity-chrome-flaw.html" title="Google has rolled out security fixes to address a high-severity security flaw in its Chrome browser that it said has come under active exploitation in the wild.
Tracked as CVE-2024-7971, the vulnerability has been described as a type confusion bug in the V8 JavaScript and WebAssembly engine.
"Type confusion in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to exploit heap">Google Fixes High-Severity Chrome Flaw Actively Exploited in the Wild</a><br>2024-08-22 - <a href="https://thehackernews.com/2024/08/critical-flaw-in-wordpress-litespeed.html" title="Cybersecurity researchers have disclosed a critical security flaw in the LiteSpeed Cache plugin for WordPress that could permit unauthenticated users to gain administrator privileges.
"The plugin suffers from an unauthenticated privilege escalation vulnerability which allows any unauthenticated visitor to gain Administrator level access after which malicious plugins could be uploaded and">Critical Flaw in WordPress LiteSpeed Cache Plugin Allows Hackers Admin Access</a><br>2024-08-22 - <a href="https://thehackernews.com/2024/08/github-patches-critical-security-flaw.html" title="GitHub has released fixes to address a set of three security flaws impacting its Enterprise Server product, including one critical bug that could be abused to gain site administrator privileges.
The most severe of the shortcomings has been assigned the CVE identifier CVE-2024-6800, and carries a CVSS score of 9.5.
"On GitHub Enterprise Server instances that use SAML single sign-on (SSO)">GitHub Patches Critical Security Flaw in Enterprise Server Granting Admin Privileges</a><br>2024-08-22 - <a href="https://thehackernews.com/2024/08/new-malware-pgmem-targets-postgresql.html" title="Cybersecurity researchers have unpacked a new malware strain dubbed PG_MEM that's designed to mine cryptocurrency after brute-forcing their way into PostgreSQL database instances.
"Brute-force attacks on Postgres involve repeatedly attempting to guess the database credentials until access is gained, exploiting weak passwords," Aqua security researcher Assaf Morag said in a technical report.
">New Malware PG_MEM Targets PostgreSQL Databases for Crypto Mining</a><br>2024-08-21 - <a href="https://thehackernews.com/2024/08/microsoft-patches-critical-copilot.html" title="Cybersecurity researchers have disclosed a critical security flaw impacting Microsoft's Copilot Studio that could be exploited to access sensitive information.
Tracked as CVE-2024-38206 (CVSS score: 8.5), the vulnerability has been described as an information disclosure bug stemming from a server-side request forgery (SSRF) attack.
"An authenticated attacker can bypass Server-Side Request">Microsoft Patches Critical Copilot Studio Vulnerability Exposing Sensitive Data</a><br>2024-08-21 - <a href="https://thehackernews.com/2024/08/north-korean-hackers-deploy-new.html" title="A new remote access trojan called MoonPeak has been discovered as being used by a state-sponsored North Korean threat activity cluster as part of a new campaign.
Cisco Talos attributed the malicious cyber campaign to a hacking group it tracks as UAT-5394, which it said exhibits some level of tactical overlaps with a known nation-state actor codenamed Kimsuky.
MoonPeak, under active development">North Korean Hackers Deploy New MoonPeak Trojan in Cyber Campaign</a><br>2024-08-21 - <a href="https://thehackernews.com/2024/08/its-time-to-untangle-saas-ball-of-yarn.html" title="It's no great revelation to say that SaaS applications have changed the way we operate, both in our personal and professional lives. We routinely rely on cloud-based and remote applications to conduct our basic functions, with the result that the only true perimeter of our networks has become the identities with which we log into these services.
Unfortunately – as is so often the case – our">It's Time To Untangle the SaaS Ball of Yarn</a><br>2024-08-21 - <a href="https://thehackernews.com/2024/08/styx-stealer-creators-opsec-fail-leaks.html" title="In what's a case of an operational security (OPSEC) lapse, the operator behind a new information stealer called Styx Stealer leaked data from their own computer, including details related to the clients, profit information, nicknames, phone numbers, and email addresses.
Styx Stealer, a derivative of the Phemedrone Stealer, is capable of stealing browser data, instant messenger sessions from">Styx Stealer Creator's OPSEC Fail Leaks Client List and Profit Details</a><br>2024-08-21 - <a href="https://thehackernews.com/2024/08/new-macos-malware-todoswift-linked-to.html" title="Cybersecurity researchers have uncovered a new macOS malware strain dubbed TodoSwift that they say exhibits commonalities with known malicious software used by North Korean hacking groups.
"This application shares several behaviors with malware we've seen that originated in North Korea (DPRK) — specifically the threat actor known as BlueNoroff — such as KANDYKORN and RustBucket," Kandji security">New macOS Malware TodoSwift Linked to North Korean Hacking Groups</a><br>2024-08-21 - <a href="https://thehackernews.com/2024/08/cert-ua-warns-of-new-vermin-linked.html" title="The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of new phishing attacks that aim to infect devices with malware.
The activity has been attributed to a threat cluster it tracks as UAC-0020, which is also known as Vermin. The exact scale and scope of the attacks are presently unknown.
The attack chains commence with phishing messages with photos of alleged prisoners of war (">CERT-UA Warns of New Vermin-Linked Phishing Attacks with PoW Bait</a><br>2024-08-21 - <a href="https://thehackernews.com/2024/08/givewp-wordpress-plugin-vulnerability.html" title="A maximum-severity security flaw has been disclosed in the WordPress GiveWP donation and fundraising plugin that exposes more than 100,000 websites to remote code execution attacks.
The flaw, tracked as CVE-2024-5932 (CVSS score: 10.0), impacts all versions of the plugin prior to version 3.14.2, which was released on August 7, 2024. A security researcher, who goes by the online alias villu164,">GiveWP WordPress Plugin Vulnerability Puts 100,000+ Websites at Risk</a><br>2024-08-21 - <a href="https://thehackernews.com/2024/08/detecting-aws-account-compromise-key.html" title="As cloud infrastructure becomes the backbone of modern enterprises, ensuring the security of these environments is paramount. With AWS (Amazon Web Services) still being the dominant cloud it is important for any security professional to know where to look for signs of compromise. AWS CloudTrail stands out as an essential tool for tracking and logging API activity, providing a comprehensive">Detecting AWS Account Compromise: Key Indicators in CloudTrail Logs for Stolen API Keys</a><br>2024-08-21 - <a href="https://thehackernews.com/2024/08/czech-mobile-users-targeted-in-new.html" title="Mobile users in the Czech Republic are the target of a novel phishing campaign that leverages a Progressive Web Application (PWA) in an attempt to sidestep security protections and steal their banking account credentials.
The attacks have targeted the Czech-based Československá obchodní banka (CSOB), as well as the Hungarian OTP Bank and the Georgian TBC Bank, according to Slovak cybersecurity">Czech Mobile Users Targeted in New Banking Credential Theft Scheme</a><br>2024-08-20 - <a href="https://thehackernews.com/2024/08/hackers-exploit-php-vulnerability-to.html" title="A previously undocumented backdoor named Msupedge has been put to use against a cyber attack targeting an unnamed university in Taiwan.
"The most notable feature of this backdoor is that it communicates with a command-and-control (C&amp;C) server via DNS traffic," the Symantec Threat Hunter Team, part of Broadcom, said in a report shared with The Hacker News.
The origins of the backdoor are">Hackers Exploit PHP Vulnerability to Deploy Stealthy Msupedge Backdoor</a><br>2024-08-20 - <a href="https://thehackernews.com/2024/08/anatomy-of-attack.html" title="In today's rapidly evolving cyber threat landscape, organizations face increasingly sophisticated attacks targeting their applications. Understanding these threats and the technologies designed to combat them is crucial. This article delves into the mechanics of a common application attack, using the infamous Log4Shell vulnerability as an example, and demonstrates how Application Detection and">Anatomy of an Attack</a><br>2024-08-20 - <a href="https://thehackernews.com/2024/08/researchers-uncover-tls-bootstrap.html" title="Cybersecurity researchers have disclosed a security flaw impacting Microsoft Azure Kubernetes Services that, if successfully exploited, could allow an attacker to escalate their privileges and access credentials for services used by the cluster.
"An attacker with command execution in a pod running within an affected Azure Kubernetes Services cluster could download the configuration used to">Researchers Uncover TLS Bootstrap Attack on Azure Kubernetes Clusters</a><br>2024-08-20 - <a href="https://thehackernews.com/2024/08/iranian-cyber-group-ta453-targets.html" title="Iranian state-sponsored threat actors have been observed orchestrating spear-phishing campaigns targeting a prominent Jewish figure starting in late July 2024 with the goal of delivering a new intelligence-gathering tool called AnvilEcho.
Enterprise security company Proofpoint is tracking the activity under the name TA453, which overlaps with activity tracked by the broader cybersecurity">Iranian Cyber Group TA453 Targets Jewish Leader with New AnvilEcho Malware</a><br>2024-08-20 - <a href="https://thehackernews.com/2024/08/blind-eagle-hackers-exploit-spear.html" title="Cybersecurity researchers have shed light on a threat actor known as Blind Eagle that has persistently targeted entities and individuals in Colombia, Ecuador, Chile, Panama, and other Latin American nations.
Targets of these attacks span several sectors, including governmental institutions, financial companies, energy and oil and gas companies.
"Blind Eagle has demonstrated adaptability in">Blind Eagle Hackers Exploit Spear-Phishing to Deploy RATs in Latin America</a><br>2024-08-20 - <a href="https://thehackernews.com/2024/08/thousands-of-oracle-netsuite-sites-at.html" title="Cybersecurity researchers are warning about the discovery of thousands of externally-facing Oracle NetSuite e-commerce sites that have been found susceptible to leaking sensitive customer information.
"A potential issue in NetSuite's SuiteCommerce platform could allow attackers to access sensitive data due to misconfigured access controls on custom record types (CRTs)," AppOmni's Aaron Costello">Thousands of Oracle NetSuite Sites at Risk of Exposing Customer Information</a><br>2024-08-20 - <a href="https://thehackernews.com/2024/08/cisa-warns-of-critical-jenkins.html" title="The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical security flaw impacting Jenkins to its Known Exploited Vulnerabilities (KEV) catalog, following its exploitation in ransomware attacks.
The vulnerability, tracked as CVE-2024-23897 (CVSS score: 9.8), is a path traversal flaw that could lead to code execution.
"Jenkins Command Line Interface (CLI) contains a">CISA Warns of Critical Jenkins Vulnerability Exploited in Ransomware Attacks</a><br>2024-08-19 - <a href="https://thehackernews.com/2024/08/new-uuloader-malware-distributes-gh0st.html" title="A new type of malware called UULoader is being used by threat actors to deliver next-stage payloads like Gh0st RAT and Mimikatz.
The Cyberint Research Team, which discovered the malware, said it's distributed in the form of malicious installers for legitimate applications targeting Korean and Chinese speakers.
There is evidence pointing to UULoader being the work of a Chinese speaker due to the">New UULoader Malware Distributes Gh0st RAT and Mimikatz in East Asia</a><br>2024-08-19 - <a href="https://thehackernews.com/2024/08/cybercriminals-exploit-popular-software.html" title="Cybersecurity researchers have uncovered a surge in malware infections stemming from malvertising campaigns distributing a loader called FakeBat.
"These attacks are opportunistic in nature, targeting users seeking popular business software," the Mandiant Managed Defense team said in a technical report. "The infection utilizes a trojanized MSIX installer, which executes a PowerShell script to">Cybercriminals Exploit Popular Software Searches to Spread FakeBat Malware</a><br>2024-08-19 - <a href="https://thehackernews.com/2023/11/how-to-automate-hardest-parts-of.html" title="According to recent research on&nbsp;employee offboarding, 70% of IT professionals say they’ve experienced the negative effects of incomplete IT offboarding, whether in the form of a security incident tied to an account that wasn't deprovisioned, a surprise bill for resources that aren’t in use anymore, or a missed handoff of a critical resource or account. This is despite an average of five">How to Automate the Hardest Parts of Employee Offboarding</a><br>2024-08-19 - <a href="https://thehackernews.com/2024/08/xeon-sender-tool-exploits-cloud-apis.html" title="Malicious actors are using a cloud attack tool named Xeon Sender to conduct SMS phishing and spam campaigns on a large scale by abusing legitimate services.
"Attackers can use Xeon to send messages through multiple software-as-a-service (SaaS) providers using valid credentials for the service providers," SentinelOne security researcher Alex Delamotte said in a report shared with The Hacker News.">Xeon Sender Tool Exploits Cloud APIs for Large-Scale SMS Phishing Attacks</a><br>2024-08-19 - <a href="https://thehackernews.com/2024/08/microsoft-patches-zero-day-flaw.html" title="A newly patched security flaw in Microsoft Windows was exploited as a zero-day by Lazarus Group, a prolific state-sponsored actor affiliated with North Korea.
The security vulnerability, tracked as CVE-2024-38193 (CVSS score: 7.8), has been described as a privilege escalation bug in the Windows Ancillary Function Driver (AFD.sys) for WinSock.
"An attacker who successfully exploited this">Microsoft Patches Zero-Day Flaw Exploited by North Korea’s Lazarus Group</a><br>2024-08-19 - <a href="https://thehackernews.com/2024/08/researchers-uncover-new-infrastructure.html" title="Cybersecurity researchers have discovered new infrastructure linked to a financially motivated threat actor known as FIN7.
The two clusters of potential FIN7 activity "indicate communications inbound to FIN7 infrastructure from IP addresses assigned to Post Ltd (Russia) and SmartApe (Estonia), respectively," Team Cymru said in a report published this week as part of a joint investigation with">Researchers Uncover New Infrastructure Tied to FIN7 Cybercrime Group</a><br><h2>Schneier on Security</h2>2024-08-21 - <a href="https://www.schneier.com/blog/archives/2024/08/story-of-an-undercover-cia-agent-who-penetrated-al-qaeda.html" title="<p><i>Rolling Stone</i> has a <a href="https://www.rollingstone.com/politics/politics-features/cia-agent-deep-undercover-spy-islamic-radicals-war-on-terror-1235075156/">long investigative story</a> (non-paywalled version <a href="https://news.yahoo.com/news/cia-sent-him-deep-undercover-134004143.html">here</a>) about a CIA agent who spent years posing as an Islamic radical.</p>
<p>Unrelated, but also in the &#8220;real life spies&#8221; file: a <a href="https://www.bbc.com/news/stories-43702764">fake Sudanese diving resort</a> run by Mossad.</p>">Story of an Undercover CIA Agent who Penetrated Al Qaeda</a><br>2024-08-20 - <a href="https://www.schneier.com/blog/archives/2024/08/hacking-wireless-bicycle-shifters.html" title="<p>This is yet another insecure Internet-of-things <a href="https://arstechnica.com/security/2024/08/researchers-hack-electronic-shifters-with-a-few-hundred-dollars-of-hardware/">story</a>, this one about wireless gear shifters for bicycles. These gear shifters are used in big-money professional bicycle races like the Tour de France, which provides an incentive to actually implement this attack.</p>
<p>Research <a href="https://www.usenix.org/system/files/woot24-motallebighomi.pdf">paper</a>. Another <a href="https://jalopnik.com/hackers-are-targeting-tour-de-france-riders-fancy-elec-1851622950">news story</a>.</p>
<p>Slashdot <a href="https://it.slashdot.org/story/24/08/15/2019206/researchers-hack-electronic-shifters-with-a-few-hundred-dollars-of-hardware">thread</a>.</p>">Hacking Wireless Bicycle Shifters</a><br><h2>ThreatPost</h2><h2>Sydney Morning Herald</h2><h2>New York Times</h2>2024-08-22 - <a href="https://www.nytimes.com/2024/08/21/technology/us-fbi-russia-election-disinformation.html" title="The F.B.I. raided the homes of two prominent commentators on Russian state television channels as part of an effort to blunt attempts to influence November’s election.">U.S. Investigating Americans Who Worked With Russian State Television</a><br>2024-08-21 - <a href="https://www.nytimes.com/2024/08/21/technology/ai-election-campaigns.html" title="More than 30 tech companies have pitched A.I. tools to political campaigns for November’s election. The campaigns have been wary.">AI Companies Have Pitched US Political Campaigns. The Campaigns Are Wary.</a><br>2024-08-21 - <a href="https://www.nytimes.com/2024/08/20/technology/meta-section-230-lawsuit.html" title="A Massachusetts professor has filed a lawsuit against Meta using a novel interpretation of Section 230, a law known primarily for shielding social media companies from liability.">How Section 230 Is Being Used Against Tech Giants Like Meta</a><br>2024-08-20 - <a href="https://www.nytimes.com/2024/08/20/world/asia/pakistan-internet-government-surveillance.html" title="Disruptions have fueled claims from rights groups that the Pakistani authorities are introducing technology to surveil and control the country’s internet.">Pakistan’s Internet Disruptions Stoke Fears of Government Surveillance</a><br>2024-08-20 - <a href="https://www.nytimes.com/2024/08/19/health/parkinsons-brain-pacemaker.html" title="In a new frontier for deep brain stimulation, researchers used A.I. to develop individualized algorithms, which helped a skateboarder and other patients with Parkinson’s disease.">A Personalized Brain Pacemaker for Parkinson’s</a><br>2024-08-19 - <a href="https://www.nytimes.com/2024/08/18/business/economy/ai-business-startups.html" title="Entrepreneurs say use of artificial intelligence for a variety of tasks is accelerating the path to hiring and, ideally, profitability.">A.I. Is Helping to Launch New Businesses</a><br><h2>Wall Street Journal</h2>2024-08-21 - <a href="https://www.wsj.com/articles/russian-trolls-x-twitter-1e993a31?mod=rss_Technology" title="A Kremlin-backed influence network sought engagement with Elon Musk, Donald Trump Jr. and other influential accounts.">How Russian Trolls Are Trying to Go Viral on X</a><br>2024-08-21 - <a href="https://www.wsj.com/articles/how-elon-musk-neuralink-brain-chip-works-36522cc1?mod=rss_Technology" title="The entrepreneur is in a race against rivals to wire the human brain.">Second Patient in Trial for Elon Musk's Neuralink Uses Design Software, Videogames</a><br>2024-08-21 - <a href="https://www.wsj.com/articles/jd-com-shares-fall-as-walmart-plans-up-to-3-7-billion-stake-sale-cd764a06?mod=rss_Technology" title="Hong Kong-listed shares in JD.com fell by the most in nearly two years after U.S. retailer Walmart moved to sell its stake in the e-commerce giant worth up to $3.7 billion.">JD.com Shares Fall as Walmart Plans Up to $3.7 Billion Stake Sale</a><br>2024-08-21 - <a href="https://www.wsj.com/articles/alibaba-tencent-cast-wide-net-for-ai-upstarts-efed55ee?mod=rss_Technology" title="China’s internet giants are betting billions on incubating the country’s OpenAI challengers, with Alibaba Group and Tencent leading the charge.">Alibaba, Tencent Cast Wide Net for AI Upstarts</a><br>2024-08-19 - <a href="https://www.wsj.com/articles/amd-buys-ai-equipment-maker-for-nearly-5-billion-escalating-battle-with-nvidia-e1106142?mod=rss_Technology" title="ZT Systems produces servers and other equipment used in data centers for artificial intelligence.">AMD Buys AI Equipment Maker for Nearly $5 Billion, Escalating Battle With Nvidia</a><br>2024-08-18 - <a href="https://www.wsj.com/articles/sam-altman-openai-humanness-iris-scanning-4d0e1dab?mod=rss_Technology" title="The OpenAI chief’s Worldcoin project involves an attempt to scan the irises of every person on Earth and pay them with his own cryptocurrency. Authorities aren’t buying it.">Sam Altman's Worldcoin Is Battling With Governments Over Your Eyes</a><br><h2>BBC</h2>2024-08-20 - <a href="https://www.bbc.com/news/articles/c8dp64e0r85o" title="An eight-year wait for news on the next Civilization game is finally over.">London through the ages inspires Civilization VII</a><br>2024-08-21 - <a href="https://www.bbc.com/news/articles/cy8xjqg2e9jo" title="Setting the stage for the next 12 months, here is what we found out from Europe's biggest gaming show.">Seven things we learned from Gamescom opening night</a><br>2024-08-20 - <a href="https://www.bbc.com/news/articles/cr7r9djxj0do" title="The firm had argued the case should go to arbitration because of its streaming service's small print.">Disney drops bid to stop allergy death lawsuit over Disney+ terms</a><br>2024-08-21 - <a href="https://www.bbc.com/news/articles/cpqjvl9z9w1o" title="The multi-year deal is the latest such agreement to be struck between OpenAI and a major media company.">ChatGPT firm OpenAI strikes deal with Vogue owner</a><br>2024-08-20 - <a href="https://www.bbc.com/news/articles/cdxl5kpvrg9o" title="The co-founder of British tech firm Autonomy was once labelled the UK equivalent of Bill Gates.">Who is British tech tycoon Mike Lynch?</a><br>2024-08-19 - <a href="https://www.bbc.com/news/articles/c5y87l6rx5wo" title="Taylor Swift has yet to weigh in on the 2024 election, but endorsed the Biden-Harris ticket in 2020.">Trump falsely implies Taylor Swift endorses him with AI images</a><br>2024-08-19 - <a href="https://www.bbc.com/news/articles/cd1646ewzleo" title="Huge, tiny or incredibly flat, advanced mirrors are essential to high-tech machines.">The mind-bending mirrors behind advanced technology</a><br><h2>SecurityBrief AU</h2>2024-08-22 - <a href="https://securitybrief.com.au/story/financial-services-lead-in-global-ai-readiness-says-genai-report" title="Financial services lead in AI readiness, with 70% actively using AI, while the retail sector lags at 30%, according to GenAI's latest report.">Financial services lead in global AI readiness, says GenAI report</a><br>2024-08-22 - <a href="https://securitybrief.com.au/story/it-s-more-than-culture-addressing-the-root-cause-of-common-security-frustrations" title="GitLab's annual survey exposes deep-rooted security frustrations, from prioritisation issues to excessive false positives. Here’s how to tackle the core problems.">It's more than culture: Addressing the root cause of common security frustrations</a><br>2024-08-22 - <a href="https://securitybrief.com.au/story/elastic-langchain-collaborate-to-enhance-ai-driven-secops" title="Elastic and LangChain have joined forces to advance AI-driven innovations in SecOps, unveiling new features on the Elastic Search AI Platform that streamline security operations.">Elastic & LangChain collaborate to enhance AI-driven SecOps</a><br>2024-08-22 - <a href="https://securitybrief.com.au/story/csiro-google-join-forces-to-secure-australian-infrastructure" title="CSIRO and Google have partnered to enhance the security of Australia's critical infrastructure by tackling software supply chain vulnerabilities, ensuring robust compliance with new legislation.">CSIRO & Google join forces to secure Australian infrastructure</a><br>2024-08-22 - <a href="https://securitybrief.com.au/story/barracuda-study-shows-healthcare-sector-most-targeted-by-ransomware" title="New research by Barracuda Networks shows 44% of foiled ransomware attacks detected during lateral movement. Healthcare remains top target, up to 21% of incidents.">Barracuda study shows healthcare sector most targeted by ransomware</a><br>2024-08-22 - <a href="https://securitybrief.com.au/story/australian-emergency-services-it-vulnerability-exposed-by-soti-report" title="A SOTI report unveils major IT vulnerabilities in Australia's emergency services, raising alarms after CrowdStrike's global outage affected 8.5 million devices.">Australian emergency services' IT vulnerability exposed by SOTI report</a><br>2024-08-22 - <a href="https://securitybrief.com.au/story/fastly-report-shows-91-of-cyberattacks-target-multiple-firms" title="Fastly’s latest report reveals a staggering 91% of cyberattacks targeted multiple customers this quarter, up from 69% in 2023, indicating a rise in mass scanning techniques.">Fastly report shows 91% of cyberattacks target multiple firms</a><br>2024-08-22 - <a href="https://securitybrief.com.au/story/exclusive-worldfirst-discusses-sme-success-in-cross-border-payments" title="WorldFirst, led by Jim Vrondas in Australia and New Zealand, is empowering SMEs with innovative cross-border payment solutions, revolutionising global trade.">Exclusive: WorldFirst discusses SME success in cross-border payments</a><br>2024-08-22 - <a href="https://securitybrief.com.au/story/cyber-threats-surge-in-gaming-industry-through-2024" title="Akamai’s data shows a surge in cyber threats aimed at the gaming industry in 2024, with bot activity, web attacks, and DDoS attacks reaching record highs.">Cyber threats surge in gaming industry through 2024</a><br>2024-08-22 - <a href="https://securitybrief.com.au/story/global-fashion-group-partners-with-tenable-for-aws-security-boost" title="Global Fashion Group partners with Tenable to enhance AWS cloud security, adopting zero-trust measures and improving vulnerability management in ANZ, LATAM, and SEA.">Global Fashion Group partners with Tenable for AWS security boost</a><br><h2>ITNews AU</h2>2024-08-22 - <a href="https://www.itnews.com.au/news/medibanks-data-breach-costs-anticipated-to-reach-126m-by-mid-2025-610905?utm_source=feed&utm_medium=rss&utm_campaign=iTnews+Security+feed" title="Excluding regulatory or legal penalties.">Medibank's data breach costs anticipated to reach $126m by mid-2025</a><br>2024-08-22 - <a href="https://www.itnews.com.au/news/top-us-oilfield-firm-halliburton-hit-by-cyber-attack-610899?utm_source=feed&utm_medium=rss&utm_campaign=iTnews+Security+feed" title="Impacting some business operations and connectivity.">Top US oilfield firm Halliburton hit by cyber attack</a><br>2024-08-21 - <a href="https://www.itnews.com.au/news/microsoft-apps-on-macos-could-have-permissions-exploited-researchers-say-610853?utm_source=feed&utm_medium=rss&utm_campaign=iTnews+Security+feed" title="Via library injection.">Microsoft apps on macOS could have permissions exploited, researchers say</a><br>2024-08-21 - <a href="https://www.itnews.com.au/news/us-appeals-court-revives-google-privacy-class-action-610850?utm_source=feed&utm_medium=rss&utm_campaign=iTnews+Security+feed" title="Over consent for data collection.">US appeals court revives Google privacy class action</a><br>2024-08-20 - <a href="https://www.itnews.com.au/news/openai-blocks-iranian-groups-chatgpt-accounts-610842?utm_source=feed&utm_medium=rss&utm_campaign=iTnews+Security+feed" title="Linked to Storm-2035.">OpenAI blocks Iranian group's ChatGPT accounts</a><br>2024-08-20 - <a href="https://www.itnews.com.au/news/palo-alto-buoyed-by-cyber-security-demand-610841?utm_source=feed&utm_medium=rss&utm_campaign=iTnews+Security+feed" title="As the digital threat landscape evolves.">Palo Alto buoyed by cyber security demand</a><br>2024-08-20 - <a href="https://www.itnews.com.au/news/us-says-iran-cyber-operations-targeted-trump-harris-campaigns-610840?utm_source=feed&utm_medium=rss&utm_campaign=iTnews+Security+feed" title="Aimed at fanning political discord.">US says Iran cyber operations targeted Trump, Harris campaigns</a><br>2024-08-19 - <a href="https://www.itnews.com.au/news/us-lawmakers-urge-probe-of-wi-fi-router-maker-tp-link-610786?utm_source=feed&utm_medium=rss&utm_campaign=iTnews+Security+feed" title="Over fears of cyber attacks.">US lawmakers urge probe of wi-fi router maker TP-Link</a><br><h2>BleepingComputer</h2>2024-08-21 - <a href="https://www.bleepingcomputer.com/news/legal/man-sentenced-for-hacking-state-registry-to-fake-his-own-death/" title="A 39-year old man from Somerset, Kentucky, was sentenced to 81 months in federal prison for identity theft and faking his own death in government registry systems. [...]">Man sentenced for hacking state registry to fake his own death</a><br>2024-08-21 - <a href="https://www.bleepingcomputer.com/news/security/google-fixes-tenth-actively-exploited-chrome-zero-day-in-2024/" title="​​Today, Google released a new Chrome emergency security update to patch a zero-day vulnerability, the ninth one exploited in attacks this year. [...]">Google fixes ninth Chrome zero-day exploited in attacks this year</a><br>2024-08-21 - <a href="https://www.bleepingcomputer.com/news/security/hackers-steal-banking-creds-from-ios-android-users-via-pwa-apps/" title="Threat actors started to use progressive web applications to impersonate banking apps and steal credentials from Android and iOS users. [...]">Hackers steal banking creds from iOS, Android users via PWA apps</a><br>2024-08-21 - <a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-to-roll-out-windows-recall-to-insiders-in-october/" title="Microsoft announced today that it will start rolling out its AI-powered Windows Recall feature to Insiders with Copilot+ PCs in October. [...]">Microsoft to roll out Windows Recall to Insiders in October</a><br>2024-08-21 - <a href="https://www.bleepingcomputer.com/news/security/qnap-adds-nas-ransomware-protection-to-latest-qts-version/" title="​Taiwanese hardware vendor QNAP has added a Security Center with ransomware protection capabilities to the latest version of its QTS operating system for network-attached storage (NAS) devices. [...]">QNAP adds NAS ransomware protection to latest QTS version</a><br>2024-08-21 - <a href="https://www.bleepingcomputer.com/news/security/litespeed-cache-bug-exposes-millions-of-wordpress-sites-to-takeover-attacks/" title="A critical vulnerability in the LiteSpeed Cache WordPress plugin can let attackers take over millions of websites after creating rogue admin accounts. [...]">Litespeed Cache bug exposes millions of WordPress sites to takeover attacks</a><br>2024-08-21 - <a href="https://www.bleepingcomputer.com/news/security/phrack-hacker-zine-publishes-new-edition-after-three-years/" title="Phrack #71 has been released online and is available to read for free. This issue is the first to be released since 2021, marking a new chapter in the influential online magazine's history. [...]">Phrack hacker zine publishes new edition after three years</a><br>2024-08-21 - <a href="https://www.bleepingcomputer.com/news/security/github-enterprise-server-vulnerable-to-critical-auth-bypass-flaw/" title="A critical vulnerability affecting multiple versions of GitHub Enterprise Server could be exploited to bypass authentication and enable an attacker to gain administrator privileges on the machine. [...]">GitHub Enterprise Server vulnerable to critical auth bypass flaw</a><br>2024-08-20 - <a href="https://www.bleepingcomputer.com/news/security/cannondesign-confirms-avos-locker-ransomware-data-breach/" title="The Cannon Corporation dba CannonDesign is sending notices of a data breach to more than 13,000 of current and former employees, informing that hackers breached and stole data from its network in an attack in early 2023. [...]">CannonDesign confirms Avos Locker ransomware data breach</a><br>2024-08-20 - <a href="https://www.bleepingcomputer.com/news/security/microchip-technology-discloses-cyberattack-impacting-operations/" title="American chipmaker Microchip Technology Incorporated has disclosed that a cyberattack impacted its systems over the weekend, disrupting operations across multiple manufacturing facilities. [...]">Microchip Technology discloses cyberattack impacting operations</a><br>2024-08-20 - <a href="https://www.bleepingcomputer.com/news/microsoft/microsoft-launches-unified-teams-app-for-personal-work-accounts/" title="Microsoft has launched a new unified Teams application that allows Windows and Mac users to switch between personal, work, and education accounts without installing multiple apps. [...]">Microsoft launches unified Teams app for personal, work accounts</a><br>2024-08-20 - <a href="https://www.bleepingcomputer.com/news/security/hackers-use-php-exploit-to-backdoor-windows-systems-with-new-malware/" title="Unknown attackers have deployed a newly discovered backdoor dubbed Msupedge on a university's Windows systems in Taiwan, likely by exploiting a recently patched PHP remote code execution vulnerability (CVE-2024-4577). [...]">Hackers use PHP exploit to backdoor Windows systems with new malware</a><br><h2>/r/NetSec</h2>2024-08-21 - <a href="https://www.reddit.com/r/netsec/comments/1ey3ego/bluuid_firewallas_diabetics_and_bluetooth/" title="&#32; submitted by &#32; <a href="https://www.reddit.com/user/netsecfriends"> /u/netsecfriends </a> <br /> <span><a href="https://www.labs.greynoise.io/grimoire/2024-08-20-bluuid-firewalla/">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/netsec/comments/1ey3ego/bluuid_firewallas_diabetics_and_bluetooth/">[comments]</a></span>">BLUUID: Firewallas, Diabetics, And… Bluetooth</a><br>2024-08-21 - <a href="https://www.reddit.com/r/netsec/comments/1exqzc3/call_for_papers_hackfest_2024_quebec_city_canada/" title="&#32; submitted by &#32; <a href="https://www.reddit.com/user/pathetiq"> /u/pathetiq </a> <br /> <span><a href="https://cfp.hackfest.ca/hf2024/cfp">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/netsec/comments/1exqzc3/call_for_papers_hackfest_2024_quebec_city_canada/">[comments]</a></span>">Call For Papers - Hackfest 2024 - Quebec City, Canada</a><br>2024-08-20 - <a href="https://www.reddit.com/r/netsec/comments/1ewvtqt/web_browser_stored_credentials/" title="&#32; submitted by &#32; <a href="https://www.reddit.com/user/netbiosX"> /u/netbiosX </a> <br /> <span><a href="https://pentestlab.blog/2024/08/20/web-browser-stored-credentials/">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/netsec/comments/1ewvtqt/web_browser_stored_credentials/">[comments]</a></span>">Web Browser Stored Credentials</a><br>2024-08-20 - <a href="https://www.reddit.com/r/netsec/comments/1ewv7t5/ssrfing_the_web_with_the_help_of_copilot_studio/" title="&#32; submitted by &#32; <a href="https://www.reddit.com/user/dinobyt3s"> /u/dinobyt3s </a> <br /> <span><a href="https://www.tenable.com/blog/ssrfing-the-web-with-the-help-of-copilot-studio">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/netsec/comments/1ewv7t5/ssrfing_the_web_with_the_help_of_copilot_studio/">[comments]</a></span>">SSRFing the Web with the help of Copilot Studio (Critical Vuln in Microsoft Copilot Studio)</a><br>2024-08-20 - <a href="https://www.reddit.com/r/netsec/comments/1ex0vc0/hacking_as_a_pathway_to_building_better_products/" title="&#32; submitted by &#32; <a href="https://www.reddit.com/user/thinkst"> /u/thinkst </a> <br /> <span><a href="https://blog.thinkst.com/2024/08/hacking-as-a-pathway-to-building-better-products.html">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/netsec/comments/1ex0vc0/hacking_as_a_pathway_to_building_better_products/">[comments]</a></span>">Hacking as a pathway to building better Products</a><br>2024-08-19 - <a href="https://www.reddit.com/r/netsec/comments/1ewcwcr/phrack_71_released/" title="&#32; submitted by &#32; <a href="https://www.reddit.com/user/guitmz"> /u/guitmz </a> <br /> <span><a href="http://phrack.org/issues/71/1.html">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/netsec/comments/1ewcwcr/phrack_71_released/">[comments]</a></span>">Phrack 71 released</a><br>2024-08-20 - <a href="https://www.reddit.com/r/netsec/comments/1ewtvm0/passive_decryption_of_2g_communications_gsm_and/" title="&#32; submitted by &#32; <a href="https://www.reddit.com/user/Pure-Benefit-3593"> /u/Pure-Benefit-3593 </a> <br /> <span><a href="https://link.springer.com/chapter/10.1007/978-3-031-68385-5_7">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/netsec/comments/1ewtvm0/passive_decryption_of_2g_communications_gsm_and/">[comments]</a></span>">Passive decryption of 2G communications, GSM and GPRS impacted</a><br>2024-08-19 - <a href="https://www.reddit.com/r/netsec/comments/1evz0uv/sploitify_gtfobinslike_tool_for_exploits/" title="&#32; submitted by &#32; <a href="https://www.reddit.com/user/haxxm0nkey"> /u/haxxm0nkey </a> <br /> <span><a href="https://sploitify.haxx.it/">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/netsec/comments/1evz0uv/sploitify_gtfobinslike_tool_for_exploits/">[comments]</a></span>">Sploitify - GTFOBins-like tool for exploits</a><br>2024-08-18 - <a href="https://www.reddit.com/r/netsec/comments/1evc7uq/cve20247646_ingressnginx_annotation_validation/" title="&#32; submitted by &#32; <a href="https://www.reddit.com/user/oshratn"> /u/oshratn </a> <br /> <span><a href="https://www.armosec.io/blog/cve-2024-7646-ingress-nginx-annotation-validation-bypass/">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/netsec/comments/1evc7uq/cve20247646_ingressnginx_annotation_validation/">[comments]</a></span>">CVE-2024-7646: Ingress-NGINX Annotation Validation Bypass</a><br><h2>/r/InfoSecNews</h2>2024-08-21 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1exz1lk/phrack_hacker_zine_publishes_new_edition_after/" title="<table> <tr><td> <a href="https://www.reddit.com/r/InfoSecNews/comments/1exz1lk/phrack_hacker_zine_publishes_new_edition_after/"> <img alt="Phrack hacker zine publishes new edition after three years" src="https://external-preview.redd.it/As9mX5KCLuRnhELoPe4JpIUTQiupztGI4dB3OEZvkK8.jpg?width=640&amp;crop=smart&amp;auto=webp&amp;s=383f5fabe24f2924387ff29180d69414f74e8ca9" title="Phrack hacker zine publishes new edition after three years" /> </a> </td><td> &#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://www.bleepingcomputer.com/news/security/phrack-hacker-zine-publishes-new-edition-after-three-years/">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1exz1lk/phrack_hacker_zine_publishes_new_edition_after/">[comments]</a></span> </td></tr></table>">Phrack hacker zine publishes new edition after three years</a><br>2024-08-21 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1ey4ez1/bangladeshi_hackers_deface_indias_zee_media/" title="<table> <tr><td> <a href="https://www.reddit.com/r/InfoSecNews/comments/1ey4ez1/bangladeshi_hackers_deface_indias_zee_media/"> <img alt="Bangladeshi Hackers Deface India's Zee Media Website for Mocking Floods" src="https://external-preview.redd.it/0PFXw3cguQ5Ufw3RzPPc3IlDzfegV7Cd4DCtn4-3PkQ.jpg?width=640&amp;crop=smart&amp;auto=webp&amp;s=d11eb6e18513b06fbb4d87d7348ec485de5784f8" title="Bangladeshi Hackers Deface India's Zee Media Website for Mocking Floods" /> </a> </td><td> &#32; submitted by &#32; <a href="https://www.reddit.com/user/jamessonnycrockett"> /u/jamessonnycrockett </a> <br /> <span><a href="https://hackread.com/bangladeshi-hackers-deface-zee-media-website/">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1ey4ez1/bangladeshi_hackers_deface_indias_zee_media/">[comments]</a></span> </td></tr></table>">Bangladeshi Hackers Deface India's Zee Media Website for Mocking Floods</a><br>2024-08-21 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1ey3ee4/hackers_steal_banking_creds_from_ios_android/" title="<table> <tr><td> <a href="https://www.reddit.com/r/InfoSecNews/comments/1ey3ee4/hackers_steal_banking_creds_from_ios_android/"> <img alt="Hackers steal banking creds from iOS, Android users via PWA apps" src="https://external-preview.redd.it/HbKzFmKVXyAuSQTs3di07SFGUdnTy6u0lbPm32h0Xq8.jpg?width=640&amp;crop=smart&amp;auto=webp&amp;s=9e5ec5307ab7bd5655d898e63f43194c23ea1bc0" title="Hackers steal banking creds from iOS, Android users via PWA apps" /> </a> </td><td> &#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://www.bleepingcomputer.com/news/security/hackers-steal-banking-creds-from-ios-android-users-via-pwa-apps/">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1ey3ee4/hackers_steal_banking_creds_from_ios_android/">[comments]</a></span> </td></tr></table>">Hackers steal banking creds from iOS, Android users via PWA apps</a><br>2024-08-21 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1exz1m8/microsoft_patches_critical_copilot_studio/" title="<table> <tr><td> <a href="https://www.reddit.com/r/InfoSecNews/comments/1exz1m8/microsoft_patches_critical_copilot_studio/"> <img alt="Microsoft Patches Critical Copilot Studio Vulnerability Exposing Sensitive Data" src="https://external-preview.redd.it/JMD2A-NLnMpmSBC8Unb9D8dyZ2n3kpzNft1TlQJ8BnU.jpg?width=640&amp;crop=smart&amp;auto=webp&amp;s=d1f1568d7ea962d47795eccb9dc5314da74e89bf" title="Microsoft Patches Critical Copilot Studio Vulnerability Exposing Sensitive Data" /> </a> </td><td> &#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://thehackernews.com/2024/08/microsoft-patches-critical-copilot.html">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1exz1m8/microsoft_patches_critical_copilot_studio/">[comments]</a></span> </td></tr></table>">Microsoft Patches Critical Copilot Studio Vulnerability Exposing Sensitive Data</a><br>2024-08-21 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1ey4gnt/bangladeshi_hackers_deface_indian_zee_media/" title="<table> <tr><td> <a href="https://www.reddit.com/r/InfoSecNews/comments/1ey4gnt/bangladeshi_hackers_deface_indian_zee_media/"> <img alt="Bangladeshi Hackers Deface Indian Zee Media Giant's Website for Mocking Floods" src="https://external-preview.redd.it/0PFXw3cguQ5Ufw3RzPPc3IlDzfegV7Cd4DCtn4-3PkQ.jpg?width=640&amp;crop=smart&amp;auto=webp&amp;s=d11eb6e18513b06fbb4d87d7348ec485de5784f8" title="Bangladeshi Hackers Deface Indian Zee Media Giant's Website for Mocking Floods" /> </a> </td><td> &#32; submitted by &#32; <a href="https://www.reddit.com/user/jamessonnycrockett"> /u/jamessonnycrockett </a> <br /> <span><a href="https://hackread.com/bangladeshi-hackers-deface-zee-media-website/">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1ey4gnt/bangladeshi_hackers_deface_indian_zee_media/">[comments]</a></span> </td></tr></table>">Bangladeshi Hackers Deface Indian Zee Media Giant's Website for Mocking Floods</a><br>2024-08-21 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1ey3eee/styx_stealer_blows_its_own_cover_with_sloppy/" title="&#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://www.darkreading.com/cyberattacks-data-breaches/styx-stealer-blows-its-own-cover-with-sloppy-opsec-mistake">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1ey3eee/styx_stealer_blows_its_own_cover_with_sloppy/">[comments]</a></span>">'Styx Stealer' Blows Its Own Cover With Sloppy OpSec Mistake</a><br>2024-08-21 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1ey3edm/google_fixes_ninth_chrome_zeroday_exploited_in/" title="<table> <tr><td> <a href="https://www.reddit.com/r/InfoSecNews/comments/1ey3edm/google_fixes_ninth_chrome_zeroday_exploited_in/"> <img alt="Google fixes ninth Chrome zero-day exploited in attacks this year" src="https://external-preview.redd.it/HrlNjxb03FCQveng41c7caK0YNBORqfzVAazorHu-n4.jpg?width=640&amp;crop=smart&amp;auto=webp&amp;s=bf12bea28413263499ec03dc2f6eb38a475afa79" title="Google fixes ninth Chrome zero-day exploited in attacks this year" /> </a> </td><td> &#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://www.bleepingcomputer.com/news/security/google-fixes-tenth-actively-exploited-chrome-zero-day-in-2024/">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1ey3edm/google_fixes_ninth_chrome_zeroday_exploited_in/">[comments]</a></span> </td></tr></table>">Google fixes ninth Chrome zero-day exploited in attacks this year</a><br>2024-08-21 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1exz1mk/qnap_adds_nas_ransomware_protection_to_latest_qts/" title="<table> <tr><td> <a href="https://www.reddit.com/r/InfoSecNews/comments/1exz1mk/qnap_adds_nas_ransomware_protection_to_latest_qts/"> <img alt="QNAP adds NAS ransomware protection to latest QTS version" src="https://external-preview.redd.it/HV0dnEzEPngy_Z-WLq7rmIsIZq9SM5ASkij6Mg46d2Y.jpg?width=640&amp;crop=smart&amp;auto=webp&amp;s=7a2f1d3db5f8f50b73f05bee46d7e96055e34708" title="QNAP adds NAS ransomware protection to latest QTS version" /> </a> </td><td> &#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://www.bleepingcomputer.com/news/security/qnap-adds-nas-ransomware-protection-to-latest-qts-version/">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1exz1mk/qnap_adds_nas_ransomware_protection_to_latest_qts/">[comments]</a></span> </td></tr></table>">QNAP adds NAS ransomware protection to latest QTS version</a><br>2024-08-21 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1exz1l6/github_enterprise_server_vulnerable_to_critical/" title="<table> <tr><td> <a href="https://www.reddit.com/r/InfoSecNews/comments/1exz1l6/github_enterprise_server_vulnerable_to_critical/"> <img alt="GitHub Enterprise Server vulnerable to critical auth bypass flaw" src="https://external-preview.redd.it/1rJyH-oFLPGwG6YSY176Fd5UIz-mHahB0FZ6svJnguQ.jpg?width=640&amp;crop=smart&amp;auto=webp&amp;s=b772fc011f6346abaf0c64585b7091f7dbfa9003" title="GitHub Enterprise Server vulnerable to critical auth bypass flaw" /> </a> </td><td> &#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://www.bleepingcomputer.com/news/security/github-enterprise-server-vulnerable-to-critical-auth-bypass-flaw/">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1exz1l6/github_enterprise_server_vulnerable_to_critical/">[comments]</a></span> </td></tr></table>">GitHub Enterprise Server vulnerable to critical auth bypass flaw</a><br>2024-08-21 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1exx99q/new_pg_mem_malware_targets_postgresql_databases/" title="<table> <tr><td> <a href="https://www.reddit.com/r/InfoSecNews/comments/1exx99q/new_pg_mem_malware_targets_postgresql_databases/"> <img alt="New PG_MEM Malware Targets PostgreSQL Databases to Mine Cryptocurrency - 800,000 publicly accessible instances are vulnerable." src="https://external-preview.redd.it/0R3eCXwX9mdIH25VKPQPRqoiPLkY0iQKrAIlISzQ2Lc.jpg?width=640&amp;crop=smart&amp;auto=webp&amp;s=199286d05950aedee8dceabeb1b62bac6d7338bf" title="New PG_MEM Malware Targets PostgreSQL Databases to Mine Cryptocurrency - 800,000 publicly accessible instances are vulnerable." /> </a> </td><td> &#32; submitted by &#32; <a href="https://www.reddit.com/user/jamessonnycrockett"> /u/jamessonnycrockett </a> <br /> <span><a href="https://hackread.com/pg-mem-malware-postgresql-mine-cryptocurrency/">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1exx99q/new_pg_mem_malware_targets_postgresql_databases/">[comments]</a></span> </td></tr></table>">New PG_MEM Malware Targets PostgreSQL Databases to Mine Cryptocurrency - 800,000 publicly accessible instances are vulnerable.</a><br>2024-08-21 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1exr26i/call_for_papers_hackfest_2024_quebec_city_canada/" title="&#32; submitted by &#32; <a href="https://www.reddit.com/user/pathetiq"> /u/pathetiq </a> <br /> <span><a href="https://cfp.hackfest.ca/hf2024/cfp">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1exr26i/call_for_papers_hackfest_2024_quebec_city_canada/">[comments]</a></span>">Call For Papers - Hackfest 2024 - Quebec City, Canada</a><br>2024-08-21 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1exmva6/albeast_misconfiguration_flaw_exposes_15000_aws/" title="<table> <tr><td> <a href="https://www.reddit.com/r/InfoSecNews/comments/1exmva6/albeast_misconfiguration_flaw_exposes_15000_aws/"> <img alt="ALBeast: Misconfiguration Flaw Exposes 15,000 AWS Load Balancers to Risk" src="https://external-preview.redd.it/QJcOlXmZUl-EC3e449Sl5zxyxyX4Cb0_-7H6oNL8qmo.jpg?width=640&amp;crop=smart&amp;auto=webp&amp;s=aebf59b423b6597eb535edd60eeca9353d8a8238" title="ALBeast: Misconfiguration Flaw Exposes 15,000 AWS Load Balancers to Risk" /> </a> </td><td> &#32; submitted by &#32; <a href="https://www.reddit.com/user/jamessonnycrockett"> /u/jamessonnycrockett </a> <br /> <span><a href="https://hackread.com/albeast-aws-misconfiguration-flaw-load-balancers-risk/">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1exmva6/albeast_misconfiguration_flaw_exposes_15000_aws/">[comments]</a></span> </td></tr></table>">ALBeast: Misconfiguration Flaw Exposes 15,000 AWS Load Balancers to Risk</a><br>2024-08-21 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1exkk8n/a_backdoor_in_millions_of_shanghai_fudan/" title="<table> <tr><td> <a href="https://www.reddit.com/r/InfoSecNews/comments/1exkk8n/a_backdoor_in_millions_of_shanghai_fudan/"> <img alt="A backdoor in millions of Shanghai Fudan Microelectronics RFID cards allows cloning" src="https://external-preview.redd.it/wMjVnIku4bnMkT7GoPjJvY5fHJCD8z81_BjRlNVW8wM.jpg?width=320&amp;crop=smart&amp;auto=webp&amp;s=9a1c824462ffe3542dd9b25958dd1ba33219a25e" title="A backdoor in millions of Shanghai Fudan Microelectronics RFID cards allows cloning" /> </a> </td><td> &#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://securityaffairs.com/167321/hacking/shanghai-fudan-microelectronics-rfid-cards-backdoor.html">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1exkk8n/a_backdoor_in_millions_of_shanghai_fudan/">[comments]</a></span> </td></tr></table>">A backdoor in millions of Shanghai Fudan Microelectronics RFID cards allows cloning</a><br>2024-08-21 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1exkk8c/cannondesign_confirms_avos_locker_ransomware_data/" title="<table> <tr><td> <a href="https://www.reddit.com/r/InfoSecNews/comments/1exkk8c/cannondesign_confirms_avos_locker_ransomware_data/"> <img alt="CannonDesign confirms Avos Locker ransomware data breach" src="https://external-preview.redd.it/KUGo3KmyoK65OqqyTukLDeGbiT6EjFRd5zPVGK_LxZ4.jpg?width=640&amp;crop=smart&amp;auto=webp&amp;s=102ef2fb9bb2af2c54e8a9bf25f8a2eb62c0bb3a" title="CannonDesign confirms Avos Locker ransomware data breach" /> </a> </td><td> &#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://www.bleepingcomputer.com/news/security/cannondesign-confirms-avos-locker-ransomware-data-breach/">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1exkk8c/cannondesign_confirms_avos_locker_ransomware_data/">[comments]</a></span> </td></tr></table>">CannonDesign confirms Avos Locker ransomware data breach</a><br>2024-08-20 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1exatds/toyota_customer_employee_data_leaks_in_confirmed/" title="&#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://www.darkreading.com/cyberattacks-data-breaches/toyota-customer-employee-data-leaks-in-confirmed-data-breach">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1exatds/toyota_customer_employee_data_leaks_in_confirmed/">[comments]</a></span>">Toyota Customer, Employee Data Leaks in Confirmed Data Breach</a><br>2024-08-20 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1exatd5/chinese_wifi_router_vendor_draws_us_congressional/" title="&#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://www.darkreading.com/cyber-risk/chinese-wifi-router-vendor-draws-us-congressional-ire">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1exatd5/chinese_wifi_router_vendor_draws_us_congressional/">[comments]</a></span>">Chinese Wi-Fi Router Vendor Draws US Congressional Ire</a><br>2024-08-20 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1exatfj/todoswift_malware_targets_macos_disguised_as/" title="<table> <tr><td> <a href="https://www.reddit.com/r/InfoSecNews/comments/1exatfj/todoswift_malware_targets_macos_disguised_as/"> <img alt="TodoSwift Malware Targets macOS, Disguised as Bitcoin PDF App" src="https://external-preview.redd.it/ZpbU1oef21bvJaQi5egmSeaycVichNQ-0MFKWd0MqXk.jpg?width=640&amp;crop=smart&amp;auto=webp&amp;s=c9c12a91ab1ffc4404d836d48221442363ef03ce" title="TodoSwift Malware Targets macOS, Disguised as Bitcoin PDF App" /> </a> </td><td> &#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://hackread.com/todoswift-malware-macos-disguised-bitcoin-pdf-app/">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1exatfj/todoswift_malware_targets_macos_disguised_as/">[comments]</a></span> </td></tr></table>">TodoSwift Malware Targets macOS, Disguised as Bitcoin PDF App</a><br>2024-08-20 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1exatfc/previously_unseen_msupedge_backdoor_targeted_a/" title="<table> <tr><td> <a href="https://www.reddit.com/r/InfoSecNews/comments/1exatfc/previously_unseen_msupedge_backdoor_targeted_a/"> <img alt="Previously unseen Msupedge backdoor targeted a university in Taiwan" src="https://external-preview.redd.it/ISw6gU5DxIXnUS4ISW3sssSXiZ5gaNmaJ-pFzrWJoeI.jpg?width=640&amp;crop=smart&amp;auto=webp&amp;s=544327176e83cfa5326f99330a9e90e2fcb08118" title="Previously unseen Msupedge backdoor targeted a university in Taiwan" /> </a> </td><td> &#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://securityaffairs.com/167298/malware/msupedge-backdoor.html">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1exatfc/previously_unseen_msupedge_backdoor_targeted_a/">[comments]</a></span> </td></tr></table>">Previously unseen Msupedge backdoor targeted a university in Taiwan</a><br>2024-08-20 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1exatew/oregon_zoo_warns_visitors_their_credit_card/" title="<table> <tr><td> <a href="https://www.reddit.com/r/InfoSecNews/comments/1exatew/oregon_zoo_warns_visitors_their_credit_card/"> <img alt="Oregon Zoo warns visitors their credit card details were stolen" src="https://external-preview.redd.it/mlMHCpa3pJofRR6o0yb76saulW7lv_0ARHFrSi1QCGQ.jpg?width=640&amp;crop=smart&amp;auto=webp&amp;s=6da3589fcf0601b22b540909245c6a047ae6627f" title="Oregon Zoo warns visitors their credit card details were stolen" /> </a> </td><td> &#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://www.bleepingcomputer.com/news/security/oregon-zoo-warns-visitors-their-credit-card-details-were-stolen/">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1exatew/oregon_zoo_warns_visitors_their_credit_card/">[comments]</a></span> </td></tr></table>">Oregon Zoo warns visitors their credit card details were stolen</a><br>2024-08-20 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1exateb/hackers_use_php_exploit_to_backdoor_windows/" title="<table> <tr><td> <a href="https://www.reddit.com/r/InfoSecNews/comments/1exateb/hackers_use_php_exploit_to_backdoor_windows/"> <img alt="Hackers use PHP exploit to backdoor Windows systems with new malware" src="https://external-preview.redd.it/ALIjB8d7PA_e-J27FE5fKWTgGZ9hKDSYcRkbnaSCvdo.jpg?width=640&amp;crop=smart&amp;auto=webp&amp;s=922929cc04d306c527296a39a84811a959a3992b" title="Hackers use PHP exploit to backdoor Windows systems with new malware" /> </a> </td><td> &#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://www.bleepingcomputer.com/news/security/hackers-use-php-exploit-to-backdoor-windows-systems-with-new-malware/">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1exateb/hackers_use_php_exploit_to_backdoor_windows/">[comments]</a></span> </td></tr></table>">Hackers use PHP exploit to backdoor Windows systems with new malware</a><br>2024-08-20 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1exate5/ransomware_payments_rose_from_4491_million_to/" title="<table> <tr><td> <a href="https://www.reddit.com/r/InfoSecNews/comments/1exate5/ransomware_payments_rose_from_4491_million_to/"> <img alt="Ransomware payments rose from $449.1 million to $459.8 million" src="https://external-preview.redd.it/poBShjjZEAJa20VHhwfhZ-X4NhA7f4XIoymj6M8sKXM.jpg?width=640&amp;crop=smart&amp;auto=webp&amp;s=f6d9b7683c7f1c8b79ec68554506ed6609cb7226" title="Ransomware payments rose from $449.1 million to $459.8 million" /> </a> </td><td> &#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://securityaffairs.com/167305/malware/ransomware-payments-rose.html">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1exate5/ransomware_payments_rose_from_4491_million_to/">[comments]</a></span> </td></tr></table>">Ransomware payments rose from $449.1 million to $459.8 million</a><br>2024-08-20 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1exatdg/microchip_technology_discloses_cyberattack/" title="<table> <tr><td> <a href="https://www.reddit.com/r/InfoSecNews/comments/1exatdg/microchip_technology_discloses_cyberattack/"> <img alt="Microchip Technology discloses cyberattack impacting operations" src="https://external-preview.redd.it/yzOCav3rIKmDN8YpS79zsieZIqdC48vqBJkF-9H11ms.jpg?width=640&amp;crop=smart&amp;auto=webp&amp;s=3b77227dbfb3cef25ba11a8dc7391d284b0ff73e" title="Microchip Technology discloses cyberattack impacting operations" /> </a> </td><td> &#32; submitted by &#32; <a href="https://www.reddit.com/user/quellaman"> /u/quellaman </a> <br /> <span><a href="https://www.bleepingcomputer.com/news/security/microchip-technology-discloses-cyberattack-impacting-operations/">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1exatdg/microchip_technology_discloses_cyberattack/">[comments]</a></span> </td></tr></table>">Microchip Technology discloses cyberattack impacting operations</a><br>2024-08-20 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1exage1/new_phishing_attacks_target_eastern_european_bank/" title="<table> <tr><td> <a href="https://www.reddit.com/r/InfoSecNews/comments/1exage1/new_phishing_attacks_target_eastern_european_bank/"> <img alt="New Phishing Attacks Target Eastern European Bank Users on iOS and Android" src="https://external-preview.redd.it/2hzBuXyQ-xdBafzin_rWc8RILPvPdG9mo9v5LwpdVzQ.jpg?width=640&amp;crop=smart&amp;auto=webp&amp;s=16b237c80d1f60b8940abe14e151d709e662a940" title="New Phishing Attacks Target Eastern European Bank Users on iOS and Android" /> </a> </td><td> &#32; submitted by &#32; <a href="https://www.reddit.com/user/jamessonnycrockett"> /u/jamessonnycrockett </a> <br /> <span><a href="https://hackread.com/phishing-attacks-eastern-europe-bank-ios-android/">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1exage1/new_phishing_attacks_target_eastern_european_bank/">[comments]</a></span> </td></tr></table>">New Phishing Attacks Target Eastern European Bank Users on iOS and Android</a><br>2024-08-20 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1ex04se/todoswift_malware_targets_macos_disguised_as/" title="<table> <tr><td> <a href="https://www.reddit.com/r/InfoSecNews/comments/1ex04se/todoswift_malware_targets_macos_disguised_as/"> <img alt="TodoSwift Malware Targets macOS, Disguised as Bitcoin PDF App" src="https://external-preview.redd.it/ZpbU1oef21bvJaQi5egmSeaycVichNQ-0MFKWd0MqXk.jpg?width=640&amp;crop=smart&amp;auto=webp&amp;s=c9c12a91ab1ffc4404d836d48221442363ef03ce" title="TodoSwift Malware Targets macOS, Disguised as Bitcoin PDF App" /> </a> </td><td> &#32; submitted by &#32; <a href="https://www.reddit.com/user/jamessonnycrockett"> /u/jamessonnycrockett </a> <br /> <span><a href="https://hackread.com/todoswift-malware-macos-disguised-bitcoin-pdf-app/">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1ex04se/todoswift_malware_targets_macos_disguised_as/">[comments]</a></span> </td></tr></table>">TodoSwift Malware Targets macOS, Disguised as Bitcoin PDF App</a><br>2024-08-20 - <a href="https://www.reddit.com/r/InfoSecNews/comments/1ewuffn/hackers_could_exploit_microsoft_teams_on_macos_to/" title="<table> <tr><td> <a href="https://www.reddit.com/r/InfoSecNews/comments/1ewuffn/hackers_could_exploit_microsoft_teams_on_macos_to/"> <img alt="Hackers Could Exploit Microsoft Teams on macOS to Steal Data" src="https://external-preview.redd.it/HTIXQd_C0GtJv9MfdXIuQXPm6zNQblV__57Ajg1-WQg.jpg?width=640&amp;crop=smart&amp;auto=webp&amp;s=712b77f370555330e2b84a9161cb5b241d238f56" title="Hackers Could Exploit Microsoft Teams on macOS to Steal Data" /> </a> </td><td> &#32; submitted by &#32; <a href="https://www.reddit.com/user/jamessonnycrockett"> /u/jamessonnycrockett </a> <br /> <span><a href="https://hackread.com/hackers-exploit-microsoft-teams-macos-steal-data/">[link]</a></span> &#32; <span><a href="https://www.reddit.com/r/InfoSecNews/comments/1ewuffn/hackers_could_exploit_microsoft_teams_on_macos_to/">[comments]</a></span> </td></tr></table>">Hackers Could Exploit Microsoft Teams on macOS to Steal Data</a><br><h2>
</h2>