Daily Cybersecurity Update, September 07, 2023
infosecbulletin
Friday , September 8 2023
Daily Security Update
- Tenable entered a definitive agreement to acquire cloud security startup Ermetic for $240 million in cash and $25 million in restricted stock and restricted stock units.
- Malwarebytes Labs spotted a malvertising campaign targeting both Windows and Mac users with a new Atomic Stealer variant. It uses phishing sites and Google ads to trick victims into downloading a malicious app, specifically targeting users looking to download the TradingView app.
- A new version of the Pandora backdoor, a Mirai variant, was found infecting inexpensive Android TV set-top boxes, such as Tanix TX6 TV Box, MX10 Pro 6K, and H96 MAX X3, to launch powerful DDoS attacks by leveraging their quad-core processors.
- Thousands of websites in the Alexa top 1 million list have been discovered leaking secrets, including credentials, through exposed .git directories. AWS and GitHub keys were the most prevalent type of leaked secrets accounting for 45% of all credentials.
InfoSecBulletin Cybersecurity for mankind
