Essential Cyber Intel Brief: 11/13/2024

No one has time to sift through dozens of websites for critical cybersecurity insights. That’s why I developed a better solution-it’s automated, curated, and absolutely free.

Get the critical updates you need as a cybersecurity professional or business leader without the time drag or hassle.

Designed for efficiency, my custom program pinpoints the most critical cybersecurity events security professionals and business leaders need to know. I publish them every business day at 9 AM CT for you.

In just one to two minutes, you’ll determine if the latest cybersecurity developments require further attention, allowing you to stay informed without losing valuable time.

Subscribe to receive automated notifications and stay ahead of key developments- no spam, just concise, relevant updates delivered directly to your inbox.

You can connect with me on LinkedIn and join my professional network.

11/13/2024 — New Cybersecurity Updates

Microsoft Patch Tuesday, November 2024 Edition — Microsoft today released updates to plug at least 89 security holes in its Windows operating systems and other software. November’s patch batch includes fixes for two zero-day vulnerabilities that are already being exploited by attackers, as well as two other flaws that were publicly disclosed prior to today. Source

Microsoft Exchange adds warning to emails abusing spoofing flaw — Microsoft has disclosed a high-severity Exchange Server vulnerability that allows attackers to forge legitimate senders on incoming emails and make malicious messages a lot more effective. Source

FBI, CISA, and NSA reveal most exploited vulnerabilities of 2023 — ​The FBI, the NSA, and cybersecurity authorities of the Five Eyes intelligence alliance have released today a list of the top 15 routinely exploited vulnerabilities throughout last year. Source

Volt Typhoon rebuilds malware botnet following FBI disruption — The Chinese state-sponsored hacking group Volt Typhoon has begun to rebuild its “KV-Botnet” malware botnet after it was disrupted by law enforcement in January, according to researchers from SecurityScorecard. Source

North Korean hackers create Flutter apps to bypass macOS security — North Korean threat actors target Apple macOS systems using trojanized Notepad apps and minesweeper games created with Flutter, which are signed and notarized by legitimate Apple developer IDs. Source

OvrC Platform Vulnerabilities Expose IoT Devices to Remote Attacks and Code Execution — A security analysis of the OvrC cloud platform has uncovered 10 vulnerabilities that could be chained to allow potential attackers to execute code remotely on connected devices. Source

Iranian Hackers Use “Dream Job” Lures to Deploy SnailResin Malware in Aerospace Attacks — The Iranian threat actor known as TA455 has been observed taking a leaf out of a North Korean hacking group’s playbook to orchestrate its own version of the Dream Job campaign targeting the aerospace industry by offering fake jobs since at least September 2023. Source

Microsoft Fixes 90 New Flaws, Including Actively Exploited NTLM and Task Scheduler Bugs — Microsoft on Tuesday revealed that two security flaws impacting Windows NT LAN Manager (NTLM) and Task Scheduler have come under active exploitation in the wild. Source

New Flaws in Citrix Virtual Apps Enable RCE Attacks via MSMQ Misconfiguration — Cybersecurity researchers have disclosed new security flaws impacting Citrix Virtual Apps and Desktop that could be exploited to achieve unauthenticated remote code execution (RCE). Source

New Phishing Tool GoIssue Targets GitHub Developers in Bulk Email Campaigns — Cybersecurity researchers are calling attention to a new sophisticated tool called GoIssue that can be used to send phishing messages at scale, targeting GitHub users. Source

North Korean Hackers Target macOS Using Flutter-Embedded Malware — Threat actors with ties to the Democratic People’s Republic of Korea (DPRK aka North Korea) have been found embedding malware within Flutter applications, marking the first time this tactic has been adopted by the adversary to infect Apple macOS devices. Source

Microsoft Confirms Zero-Day Exploitation of Task Scheduler Flaw — Patch Tuesday: Microsoft patches 90 security flaws across the Windows ecosystem and warns of zero-day exploitation and code execution risks. Source

Ahold Delhaize Cybersecurity Incident Impacts Giant Food, Hannaford — Cybersecurity incident impacts Giant Food, Hannaford, and other Ahold Delhaize USA brands, including pharmacies and e-commerce services. Source

SAP Patches High-Severity Vulnerability in Web Dispatcher — SAP has released eight new security notes on November 2024 patch day, including one addressing a high-severity vulnerability in Web Dispatcher. Source

Form I-9 Compliance Data Breach Impacts Over 190,000 People — The impact of a data breach suffered by Form I-9 Compliance is growing, with the number of affected individuals reaching 190,000. Source

Millions of Hot Topic Customers Impacted by Data Breach — Hot Topic has suffered a data breach impacting approximately 57 million unique email addresses and the personal information of roughly 25 million. Source

Research uncovers the tool creating recent GitHub phishing attacks — Research has unveiled a tool responsible for many recent GitHub phishing attacks. Source

One in five organizations have experienced a NHI security incident — Cloud security remains a top concern for security leaders. Source

Get notified when I publish new articles so you don’t miss out on the latest cybersecurity updates. I never share your email address, and your subscription only sends you notifications when I publish new articles.

Copyright: Copyright © 2024 Tim Layton & Associates, LLC. All rights reserved. All information and content on this website are protected by copyright and may not be reproduced, distributed, or transmitted in any form without prior written permission from Tim Layton & Associates, LLC.

Originally published at https://timlaytonllc.com on November 13, 2024.