Tuesday , December 24 2024

infosecbulletin

Daily Cybersecurity update, January 03, 2024

Update

The European Central Bank will test 109 banks in Europe for their resilience against cyberattacks using simulated disruptive cyberattacks. Snappfood, an Iranian online food delivery service, reported to suffer a major data breach. The hacker group “irleaks” revealed the breach and said they took 3TB of personal data from millions …

Read More »

Shadowserver report
Nearly 11 million SSH servers vulnerable to Terrapin attacks

Terrapin attack

Around 11 million SSH servers are at risk from the Terrapin attack, which can compromise the security of certain SSH connections. This constitutes roughly 52% of all scanned samples in the IPv4 and IPv6 space monitored by Shadoserver. The Terrapin attack, created by researchers from Ruhr University Bochum in Germany, …

Read More »

Check now it
CISA Adds Two known Critical Vulnerabilities to Watchlist for 2024

vulnarabilit

CISA added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog for January 2024 due to evidence of ongoing exploitation. They are the Google Chromium WebRTC Heap Buffer Overflow Vulnerability (CVE-2023-7024) and the Spreadsheet::ParseExcel Remote Code Execution Vulnerability (CVE-2023-7101). In December 2023, Google released an update to fix a vulnerability …

Read More »

European Central Bank (ECB) has announced
ECB to test over 100 European banks cyber resiliency

Eurpian banks

The European Central Bank (ECB) will test over 100 European banks on their ability to respond to and recover from cyber-attacks. The European Union’s central bank will perform its first cyber resilience stress test on 109 banks under its supervision in 2024. The test will evaluate the banks’ capacity to …

Read More »

Have a quick check
X (twitter) gold accounts flood dark web to sell

Cybercriminals have increased the sale of new or stolen Gold checkmarked accounts from the X/Twitter platform. These accounts are being used by threat actors to share links to malware on the social media site, making it appear as a post from a trusted source. Researchers at CloudSEK in Singapore have …

Read More »

Across 61 countries
29 malware families target 1,800 banking apps worldwide

Malware

The research uncovered that 29 malware families targeted 1,800 banking applications across 61 countries last year. In comparison, the 2022 report uncovered 10 prolific malware families targeting 600 banking apps. Traditional banking apps are the main target, with 1,103 compromised apps, accounting for 61% of the total. FinTech and Trading …

Read More »

iOS and macOS vulnerability, CVE-2023-41974
PoC published, $70K bounty to reveal CVE-2023-41974 Flaw

Apple iphone

A PoC code has been released for the a serious vulnerability, CVE-2023-41974, on iOS and macOS. This vulnerability can be used to gain full control of a mobile device by exploiting a critical issue in the kernel, giving an application access to run any code with kernel privileges. This discovery …

Read More »

To sell over 160 million records
Mysterious hacker strikes Iran with 23 organizations: Hudson Rock

laptop

Hudson Researchers reported that on December 20th, ‘irleaks’ claimed to have 160 million records from 23 top insurance companies in Iran for sale. The hacker says they have stolen data like names, birth dates, phone numbers, national codes, and more. They have shared a sample of the data and want …

Read More »