North Korean Nation-State Actors Exposed in JumpCloud Hack After OPSEC Blunder

North Korean Nation-State Actors Exposed in JumpCloud Hack After OPSEC Blunder,

North Korean nation-state actors affiliated with the Reconnaissance General Bureau (RGB) have been attributed to the JumpCloud hack following an operational security (OPSEC) blunder that exposed their actual IP address.
Google-owned threat intelligence firm Mandiant attributed the activity to a threat actor it tracks under the name UNC4899, which likely shares overlaps with clusters already

,

North Korean nation-state actors affiliated with the Reconnaissance General Bureau (RGB) have been attributed to the JumpCloud hack following an operational security (OPSEC) blunder that exposed their actual IP address.
Google-owned threat intelligence firm Mandiant attributed the activity to a threat actor it tracks under the name UNC4899, which likely shares overlaps with clusters already

, ,
https://thehackernews.com/2023/07/north-korean-nation-state-actors.html

Casbaneiro Banking Malware Goes Under the Radar with UAC Bypass Technique

Casbaneiro Banking Malware Goes Under the Radar with UAC Bypass Technique,

The financially motivated threat actors behind the Casbaneiro banking malware family have been observed making use of a User Account Control (UAC) bypass technique to gain full administrative privileges on a machine, a sign that the threat actor is evolving their tactics to avoid detection and execute malicious code on compromised assets.
« They are still heavily focused on Latin American

,

The financially motivated threat actors behind the Casbaneiro banking malware family have been observed making use of a User Account Control (UAC) bypass technique to gain full administrative privileges on a machine, a sign that the threat actor is evolving their tactics to avoid detection and execute malicious code on compromised assets.
« They are still heavily focused on Latin American

, ,
https://thehackernews.com/2023/07/casbaneiro-banking-malware-goes-under.html

macOS Under Attack: Examining the Growing Threat and User Perspectives

macOS Under Attack: Examining the Growing Threat and User Perspectives,

As the number of people using macOS keeps going up, so does the desire of hackers to take advantage of flaws in Apple’s operating system. 
What Are the Rising Threats to macOS?
There is a common misconception among macOS fans that Apple devices are immune to hacking and malware infection. However, users have been facing more and more dangers recently. Inventive attackers are specifically

,

As the number of people using macOS keeps going up, so does the desire of hackers to take advantage of flaws in Apple’s operating system. 
What Are the Rising Threats to macOS?
There is a common misconception among macOS fans that Apple devices are immune to hacking and malware infection. However, users have been facing more and more dangers recently. Inventive attackers are specifically

, ,
https://thehackernews.com/2023/07/macos-under-attack-examining-growing.html

TETRA:BURST — 5 New Vulnerabilities Exposed in Widely Used Radio Communication System

TETRA:BURST — 5 New Vulnerabilities Exposed in Widely Used Radio Communication System,

A set of five security vulnerabilities have been disclosed in the Terrestrial Trunked Radio (TETRA) standard for radio communication used widely by government entities and critical infrastructure sectors, including what’s believed to be an intentional backdoor that could have potentially exposed sensitive information.
The issues, discovered by Midnight Blue in 2021 and held back until now, have

,

A set of five security vulnerabilities have been disclosed in the Terrestrial Trunked Radio (TETRA) standard for radio communication used widely by government entities and critical infrastructure sectors, including what’s believed to be an intentional backdoor that could have potentially exposed sensitive information.
The issues, discovered by Midnight Blue in 2021 and held back until now, have

, ,
https://thehackernews.com/2023/07/tetraburst-5-new-vulnerabilities.html

How MDR Helps Solve the Cybersecurity Talent Gap

How MDR Helps Solve the Cybersecurity Talent Gap,

How do you overcome today’s talent gap in cybersecurity? This is a crucial issue — particularly when you find executive leadership or the board asking pointed questions about your security team’s ability to defend the organization against new and current threats.
This is why many security leaders find themselves turning to managed security services like MDR (managed detection and response),

,

How do you overcome today’s talent gap in cybersecurity? This is a crucial issue — particularly when you find executive leadership or the board asking pointed questions about your security team’s ability to defend the organization against new and current threats.
This is why many security leaders find themselves turning to managed security services like MDR (managed detection and response),

, ,
https://thehackernews.com/2023/07/how-mdr-helps-solve-cybersecurity.html

Atlassian Releases Patches for Critical Flaws in Confluence and Bamboo

Atlassian Releases Patches for Critical Flaws in Confluence and Bamboo,

Atlassian has released updates to address three security flaws impacting its Confluence Server, Data Center, and Bamboo Data Center products that, if successfully exploited, could result in remote code execution on susceptible systems.
The list of the flaws is below –

CVE-2023-22505 (CVSS score: 8.0) – RCE (Remote Code Execution) in Confluence Data Center and Server (Fixed in versions 8.3.2 and

,

Atlassian has released updates to address three security flaws impacting its Confluence Server, Data Center, and Bamboo Data Center products that, if successfully exploited, could result in remote code execution on susceptible systems.
The list of the flaws is below –

CVE-2023-22505 (CVSS score: 8.0) – RCE (Remote Code Execution) in Confluence Data Center and Server (Fixed in versions 8.3.2 and

, ,
https://thehackernews.com/2023/07/atlassian-releases-patches-for-critical.html

Ivanti Releases Urgent Patch for EPMM Zero-Day Vulnerability Under Active Exploitation

Ivanti Releases Urgent Patch for EPMM Zero-Day Vulnerability Under Active Exploitation,

Ivanti is warning users to update their Endpoint Manager Mobile (EPMM) mobile device management software (formerly MobileIron Core) to the latest version that fixes an actively exploited zero-day vulnerability.
Dubbed CVE-2023-35078, the issue has been described as a remote unauthenticated API access vulnerability that impacts currently supported version 11.4 releases 11.10, 11.9, and 11.8 as

,

Ivanti is warning users to update their Endpoint Manager Mobile (EPMM) mobile device management software (formerly MobileIron Core) to the latest version that fixes an actively exploited zero-day vulnerability.
Dubbed CVE-2023-35078, the issue has been described as a remote unauthenticated API access vulnerability that impacts currently supported version 11.4 releases 11.10, 11.9, and 11.8 as

, ,
https://thehackernews.com/2023/07/ivanti-releases-urgent-patch-for-epmm.html

Apple Rolls Out Urgent Patches for Zero-Day Flaws Impacting iPhones, iPads and Macs

Apple Rolls Out Urgent Patches for Zero-Day Flaws Impacting iPhones, iPads and Macs,

Apple has rolled out security updates to iOS, iPadOS, macOS, tvOS, watchOS, and Safari to address several security vulnerabilities, including one actively exploited zero-day bug in the wild.
Tracked as CVE-2023-38606, the shortcoming resides in the kernel and permits a malicious app to modify sensitive kernel state potentially. The company said it was addressed with improved state management.
« 

,

Apple has rolled out security updates to iOS, iPadOS, macOS, tvOS, watchOS, and Safari to address several security vulnerabilities, including one actively exploited zero-day bug in the wild.
Tracked as CVE-2023-38606, the shortcoming resides in the kernel and permits a malicious app to modify sensitive kernel state potentially. The company said it was addressed with improved state management.
« 

, ,
https://thehackernews.com/2023/07/apple-rolls-out-urgent-patches-for-zero.html

Critical Zero-Days in Atera Windows Installers Expose Users to Privilege Escalation Attacks

Critical Zero-Days in Atera Windows Installers Expose Users to Privilege Escalation Attacks,

Zero-day vulnerabilities in Windows Installers for the Atera remote monitoring and management software could act as a springboard to launch privilege escalation attacks.
The flaws, discovered by Mandiant on February 28, 2023, have been assigned the identifiers CVE-2023-26077 and CVE-2023-26078, with the issues remediated in versions 1.8.3.7 and 1.8.4.9 released by Atera on April 17, 2023, and

,

Zero-day vulnerabilities in Windows Installers for the Atera remote monitoring and management software could act as a springboard to launch privilege escalation attacks.
The flaws, discovered by Mandiant on February 28, 2023, have been assigned the identifiers CVE-2023-26077 and CVE-2023-26078, with the issues remediated in versions 1.8.3.7 and 1.8.4.9 released by Atera on April 17, 2023, and

, ,
https://thehackernews.com/2023/07/critical-zero-days-in-atera-windows.html

Google Messages Getting Cross-Platform End-to-End Encryption with MLS Protocol

Google Messages Getting Cross-Platform End-to-End Encryption with MLS Protocol,

Google has announced that it intends to add support for Message Layer Security (MLS) to its Messages service for Android and open source implementation of the specification.
« Most modern consumer messaging platforms (including Google Messages) support end-to-end encryption, but users today are limited to communicating with contacts who use the same platform, » Giles Hogben, privacy engineering

,

Google has announced that it intends to add support for Message Layer Security (MLS) to its Messages service for Android and open source implementation of the specification.
« Most modern consumer messaging platforms (including Google Messages) support end-to-end encryption, but users today are limited to communicating with contacts who use the same platform, » Giles Hogben, privacy engineering

, ,
https://thehackernews.com/2023/07/google-messages-getting-cross-platform.html