Security Bulletin
20 Oct 2023
Biztonsági szemle
VMware Releases Security Patches for Fusion, Workstation and Aria Operations for Logs, (Fri, Oct 20th)
VMware released advisories VMSA-2023-0021 and VMSA-2023-0022 that have been rated as important. They are as follows:
20 Oct 2023
Biztonsági szemle
Beyond the Apple Zero-Days: A deep dive into cyber threat dynamics
While we’ve seen an unsettling surge in the number of zero-days targeting Apple devices, security pros must look more broadly and understand how the Apple zero-days fit into the full context of cyber threats and espionage.
20 Oct 2023
Biztonsági szemle
Skynet, India, North Korea, China, passwords, KeePass, Cisco, AI, Aaran Leyland, More - SWN #335
20 Oct 2023
Biztonsági szemle
ISC Stormcast For Friday, October 20th, 2023 https://isc.sans.edu/podcastdetail/8710, (Fri, Oct 20th)
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.
19 Oct 2023
Biztonsági szemle
QR codes increasingly exploited in phishing attacks
More threat actors have been exploiting QR codes to facilitate advanced phishing attacks, reports SiliconAngle.
19 Oct 2023
Biztonsági szemle
Economic losses from major payment system cyberattack pegged at $3.5T
Subjecting payment systems around the world to a catastrophic cyberattack could result in a $3.5 trillion loss in global gross domestic product over a five-year period, according to The Record, a news site by cybersecurity firm Recorded Future.
19 Oct 2023
Biztonsági szemle
Additional 4.1M data profiles of 23andMe users leaked
Major U.S. biotechnology and genetic testing firm 23andMe had 4.1 million more genetic data profiles for individuals in Great Britain and Germany compromised through credential stuffing attacks exposed by a threat actor following the leak of...
19 Oct 2023
Biztonsági szemle
Months-long exploitation of critical Citrix NetScaler bug reported
Tech companies, professional services organizations, and government entities have been subjected to attacks exploiting a critical information disclosure vulnerability in Citrix NetScaler Application Delivery Controller and NetScaler Gateway instances...
19 Oct 2023
Biztonsági szemle
Eastern European energy, defense firms subjected to updated MATA attacks
Organizations in the oil and gas and defense industries across Eastern Europe have been targeted by spear-phishing attacks leveraging a new iteration of the MATA backdoor framework from August 2022 to May 2023, according to BleepingComputer.
19 Oct 2023
Biztonsági szemle
Qubitstrike attacks launched against Jupyter Notebooks
Vulnerable Jupyter Notebook instances have been subjected to attacks by a suspected Tunisia-based threat actor leveraging the novel Qubitstrike intrusion set, which facilitates cryptomining and cloud compromise, The Hacker News reports.
19 Oct 2023
Biztonsági szemle
Attacks exploiting WinRAR zero-day linked to Russian, Chinese hackers
Attacks exploiting WinRAR zero-day linked to Russian, Chinese hackers TechCrunch reports that numerous Russian and Chinese state-backed hacking operations have been leveraging an already patched WinRAR vulnerability, tracked as CVE-2023-38831, in...
19 Oct 2023
Biztonsági szemle
Trojanized VNC apps leveraged in defense-targeted Lazarus Group attacks
North Korea's Lazarus Group, also known as TEMP.Hermit or Hidden Cobra, has been continuing its Operation Dream Job campaign with new intrusions leveraging trojanized Virtual Network Computing apps targeted at defense industry and nuclear engineers...