An access broker's phishing facilitates ransomware. 3AM is fallback malware. Cross-site-scripting vulnerabilities are reported in Apache services. US agencies warn organizations to be alert for deepfakes. The US Department of Defense publishes its 2023 Cyber Strategy. Ann Johnson from the Afternoon Cyber Tea podcast speaks with with Jenny Radcliffe about the rise in social engineering. Deepen Desai from Zscaler shares a technical analysis of Bandit Stealer. And a quick reminder: yesterday was Patch Tuesday.
For links to all of today's stories check out our CyberWire daily news briefing:
https://thecyberwire.com/newsletters/daily-briefing/12/175
Malware distributor Storm-0324 facilitates ransomware access (Microsoft Security)
3AM: New Ransomware Family Used As Fallback in Failed LockBit Attack (Symantec)
Azure HDInsight Riddled With XSS Vulnerabilities via Apache Services (Orca Security)
Contextualizing Deepfake Threats to Organizations (US Department of Defense)
Bipartisan push to ban deceptive AI-generated ads in US elections (Reuters)
DOD Releases 2023 Cyber Strategy Summary (U.S. Department of Defense)
New Pentagon cyber strategy: Building new capabilities, expanding allied info-sharing (Breaking Defense)
New DOD cyber strategy notes limits of digital deterrence (DefenseScoop)
New Pentagon cyber strategy: Building new capabilities, expanding allied info-sharing (Breaking Defense)
CISA Releases Three Industrial Control Systems Advisories (Cybersecurity and Infrastructure Security Agency CISA)
September 2023 Security Updates (Microsoft Security Response Center)
Microsoft Releases September 2023 Updates (Cybersecurity and Infrastructure Security Agency CISA)
Zero Day Summer: Microsoft Warns of Fresh New Software Exploits (SecurityWeek)
Microsoft Patch Tuesday: Two zero-days addressed in September update (Computing)
Adobe Releases Security Updates for Multiple Products (Cybersecurity and Infrastructure Security Agency CISA)
Microsoft, Adobe fix zero-days exploited by attackers (CVE-2023-26369, CVE-2023-36761, CVE-2023-36802) (Help Net Security)
Adobe fixed actively exploited zero-day in Acrobat and Reader (Security Affairs)
Adobe warns of critical Acrobat and Reader zero-day exploited in attacks (BleepingComputer)
Apple Releases Security Updates for iOS and macOS (Cybersecurity and Infrastructure Security Agency CISA)
SAP Security Patch Day for September 2023 (Onapsis)
Google Rushes to Patch Critical Chrome Vulnerability Exploited in the Wild - Update Now (The Hacker News)
Critical Google Chrome Zero-Day Bug Exploited in the Wild (Dark Reading)
Zero-day affecting Chrome, Firefox and Thunderbird patched (Computer)
Learn more about your ad choices. Visit megaphone.fm/adchoices
View all episodes
By N2K Networks
4.8
981981 ratings
An access broker's phishing facilitates ransomware. 3AM is fallback malware. Cross-site-scripting vulnerabilities are reported in Apache services. US agencies warn organizations to be alert for deepfakes. The US Department of Defense publishes its 2023 Cyber Strategy. Ann Johnson from the Afternoon Cyber Tea podcast speaks with with Jenny Radcliffe about the rise in social engineering. Deepen Desai from Zscaler shares a technical analysis of Bandit Stealer. And a quick reminder: yesterday was Patch Tuesday.
For links to all of today's stories check out our CyberWire daily news briefing:
https://thecyberwire.com/newsletters/daily-briefing/12/175
Malware distributor Storm-0324 facilitates ransomware access (Microsoft Security)
3AM: New Ransomware Family Used As Fallback in Failed LockBit Attack (Symantec)
Azure HDInsight Riddled With XSS Vulnerabilities via Apache Services (Orca Security)
Contextualizing Deepfake Threats to Organizations (US Department of Defense)
Bipartisan push to ban deceptive AI-generated ads in US elections (Reuters)
DOD Releases 2023 Cyber Strategy Summary (U.S. Department of Defense)
New Pentagon cyber strategy: Building new capabilities, expanding allied info-sharing (Breaking Defense)
New DOD cyber strategy notes limits of digital deterrence (DefenseScoop)
New Pentagon cyber strategy: Building new capabilities, expanding allied info-sharing (Breaking Defense)
CISA Releases Three Industrial Control Systems Advisories (Cybersecurity and Infrastructure Security Agency CISA)
September 2023 Security Updates (Microsoft Security Response Center)
Microsoft Releases September 2023 Updates (Cybersecurity and Infrastructure Security Agency CISA)
Zero Day Summer: Microsoft Warns of Fresh New Software Exploits (SecurityWeek)
Microsoft Patch Tuesday: Two zero-days addressed in September update (Computing)
Adobe Releases Security Updates for Multiple Products (Cybersecurity and Infrastructure Security Agency CISA)
Microsoft, Adobe fix zero-days exploited by attackers (CVE-2023-26369, CVE-2023-36761, CVE-2023-36802) (Help Net Security)
Adobe fixed actively exploited zero-day in Acrobat and Reader (Security Affairs)
Adobe warns of critical Acrobat and Reader zero-day exploited in attacks (BleepingComputer)
Apple Releases Security Updates for iOS and macOS (Cybersecurity and Infrastructure Security Agency CISA)
SAP Security Patch Day for September 2023 (Onapsis)
Google Rushes to Patch Critical Chrome Vulnerability Exploited in the Wild - Update Now (The Hacker News)
Critical Google Chrome Zero-Day Bug Exploited in the Wild (Dark Reading)
Zero-day affecting Chrome, Firefox and Thunderbird patched (Computer)
Learn more about your ad choices. Visit megaphone.fm/adchoices
1,960 Listeners
361 Listeners
631 Listeners
370 Listeners
177 Listeners
314 Listeners
389 Listeners
925 Listeners
7,813 Listeners
161 Listeners
188 Listeners
312 Listeners
76 Listeners
118 Listeners
33 Listeners