Essential Cyber Intel Brief: 11/15/2024

No one has time to sift through dozens of websites for critical cybersecurity insights. That’s why I developed a better solution-it’s automated, curated, and absolutely free.

Get the critical updates you need as a cybersecurity professional or business leader without the time drag or hassle.

Designed for efficiency, I pinpoint the most critical cybersecurity events security professionals and business leaders need to know, and I publish them every business day by 9 AM CT for you.

In just one to two minutes, you’ll determine if the latest cybersecurity developments require further attention, allowing you to stay informed without losing valuable time.

Subscribe to receive automated notifications and stay ahead of key developments-no spam, just concise, relevant updates delivered directly to your inbox.

You can connect with me on LinkedIn and join my professional network.

11/15/2024 — New Cybersecurity Updates

An Interview With the Target & Home Depot Hacker — In December 2023, KrebsOnSecurity revealed the real-life identity of Rescator, the nickname used by a Russian cybercriminal who sold more than 100 million payment cards stolen from Target and Home Depot between 2013 and 2014. Moscow resident Mikhail Shefel, who confirmed using the Rescator identity in a recent interview, also admitted reaching out because he is broke and seeking publicity for several new money making schemes. Source

CISA warns of more Palo Alto Networks bugs exploited in attacks — CISA warned today that two more critical security vulnerabilities in Palo Alto Networks’ Expedition migration tool are now actively exploited in attacks. Source

New Glove infostealer malware bypasses Chrome’s cookie encryption — ​New Glove Stealer information-stealing malware can bypass Google Chrome’s Application-Bound (App-Bound) encryption to steal browser cookies. Source

Hacker gets 10 years in prison for extorting US healthcare provider — Robert Purbeck, a 45-year-old man from Idaho, has been sentenced to ten years in prison for hacking at least 19 organizations in the United States, stealing the personal data of more than 132,000 people, and multiple extortion attempts. Source

Hackers use macOS extended file attributes to hide malicious code — Hackers are using a novel technique that abuses extended attributes for macOS files to deliver a new trojan that researchers call RustyAttr. Source

High-Severity Flaw in PostgreSQL Allows Hackers to Exploit Environment Variables — Cybersecurity researchers have disclosed a high-severity security flaw in the PostgreSQL open-source database system that could allow unprivileged users to alter environment variables, and potentially lead to code execution or information disclosure. Source

Bitfinex Hacker Sentenced to 5 Years, Guilty of Laundering $10.5 Billion in Bitcoin — Ilya Lichtenstein, who pleaded guilty to the 2016 hack of cryptocurrency stock exchange Bitfinex, has been sentenced to five years in prison, the U.S. Department of Justice (DoJ) announced Thursday. Source

CISA Flags Two Actively Exploited Palo Alto Flaws; New RCE Attack Confirmed — The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday warned that two more flaws impacting the Palo Alto Networks Expedition software have come under active exploitation in the wild. Source

Experts Uncover 70,000 Hijacked Domains in Widespread ‘Sitting Ducks’ Attack Scheme — Multiple threat actors have been found taking advantage of an attack technique called Sitting Ducks to hijack legitimate domains for using them in phishing attacks and investment fraud schemes for years. Source

Critical Plugin Flaw Exposed 4 Million WordPress Websites to Takeover — Over 4 million WordPress websites were impacted by a critical Really Simple Security plugin vulnerability providing full administrative access. Source

Palo Alto Networks Confirms New Firewall Zero-Day Exploitation — Palo Alto Networks has confirmed that a zero-day is being exploited in attacks after investigating claims of a firewall remote code execution flaw. Source

Iranian Hackers Target Aerospace Industry in ‘Dream Job’ Campaign — Iran-linked Charming Kitten hackers have been running a ‘dream job’ campaign targeting the aerospace industry with the SnailResin malware. Source

CISA, FBI Confirm China Hacked Telecoms Providers for Spying — CISA and the FBI have confirmed that Chinese hackers compromised the networks of telecommunications companies to spy on specific targets. Source

Idaho Man Sentenced to 10 Years in Prison for Hacking, Data Theft, Extortion — Robert Purbeck was sentenced to 10 years in prison for stealing the personal information of over 132,000 people. Source

Windows Zero-Day Exploited by Russia Triggered With File Drag-and-Drop, Delete Actions — The exploit for a new zero-day vulnerability in Windows is executed by deleting files, drag-and-dropping them, or right clicking on them. Source

Get notified when I publish new articles so you don’t miss out on the latest cybersecurity updates. I never share your email address, and your subscription only sends you notifications when I publish new articles.

Copyright: Copyright © 2024 Tim Layton & Associates, LLC. All rights reserved. All information and content on this website are protected by copyright and may not be reproduced, distributed, or transmitted in any form without prior written permission from Tim Layton & Associates, LLC.

Originally published at https://timlaytonllc.com on November 15, 2024.