December 20, 2022

Cyber Security

UAC-0142 APT targets Ukraine’s Delta military intelligence program

December 20, 20223 min read

https://securityaffairs.co/wordpress/139859/intelligence/ukraine-delta-military-intelligence-attack.html

Cyber Security

Russia-linked Gamaredon APT targeted a petroleum refining company in a NATO nation in August

December 20, 20223 min read

https://securityaffairs.co/wordpress/139848/apt/gamaredon-petroleum-refining-company.html

Cyber Security

The Equifax Breach Settlement Offer is Real, For Now

December 20, 20224 min read

https://krebsonsecurity.com/2022/12/the-equifax-breach-settlement-offer-is-real-for-now/

Cyber Security

Microsoft dishes the dirt on Apple’s “Achilles heel” shortly after fixing similar Windows bug

December 20, 20227 min read

https://nakedsecurity.sophos.com/2022/12/20/microsoft-dishes-the-dirt-on-apples-achilles-heel-shortly-after-fixing-similar-windows-bug/

Cyber Security

Microsoft shares details for a Gatekeeper Bypass bug in Apple macOS

December 20, 20222 min read

https://securityaffairs.co/wordpress/139841/hacking/apple-gatekeeper-bypass.html

Cyber Security

Hacked Ring Cams Used to Record Swatting Victims

December 20, 20225 min read

https://krebsonsecurity.com/2022/12/hacked-ring-cams-used-to-record-swatting-victims/

Cyber Security

Malicious PyPI package posed as SentinelOne SDK to serve info-stealing malware

December 20, 20223 min read

https://securityaffairs.co/wordpress/139831/cyber-crime/malicious-pypi-package-sentinelone-sdk.html

Day: December 20, 2022

UAC-0142 APT targets Ukraine’s Delta military intelligence program

Russia-linked Gamaredon APT targeted a petroleum refining company in a NATO nation in August

The Equifax Breach Settlement Offer is Real, For Now

Microsoft dishes the dirt on Apple’s “Achilles heel” shortly after fixing similar Windows bug

Microsoft shares details for a Gatekeeper Bypass bug in Apple macOS

Hacked Ring Cams Used to Record Swatting Victims

Malicious PyPI package posed as SentinelOne SDK to serve info-stealing malware

Russia-linked APT8 exploited Outlook zero-day to target European NATO members

UK and US expose Russia Callisto Group’s activity and sanction members

A cyber attack hit Nissan Oceania

New Krasue Linux RAT targets telecom companies in Thailand

Smashing Security podcast #351: Nuclear cybersecurity, Marketplace scams, and face up to porn

Atlassian addressed four new RCE flaws in its products

CISA adds Qualcomm flaws to its Known Exploited Vulnerabilities catalog

Experts demonstrate a post-exploitation tampering technique to display Fake Lockdown mode

$10 million up for grabs in fight against North Korean hackers

GST Invoice Billing Inventory exposes sensitive data to threat actors

Threat actors breached US govt systems by exploiting Adobe ColdFusion flaw

ENISA published the ENISA Threat Landscape for DoS Attacks Report

ENISA published ENISA Threat Landscape for DoS Attacks

Russia-linked APT28 group spotted exploiting Outlook flaw to hijack MS Exchange accounts

Google fixed critical zero-click RCE in Android