Your daily dose of relevant cybersecurity advisories, industry news, and product updates for September 14, 2023.
Advisories
- Google Rushes to Patch Critical Chrome Vulnerability Exploited in the Wild – Update Now
- Cybercriminals Using PowerShell to Steal NTLMv2 Hashes from Compromised Windows
- Microsoft Patches a Pair of Actively Exploited Zero-Days
- Windows 11 ‘ThemeBleed’ RCE bug gets proof-of-concept exploit
- Azure HDInsight Flaws Allowed Data Access, Session Hijacking, Payload Delivery
- Mozilla patches Firefox, Thunderbird against zero-day exploited in attacks
- New Kubernetes vulnerability allows privilege escalation in Windows
- Cisco IOS Verification Flaw Let Attackers Execute Arbitrary Code
- Adobe fixed actively exploited zero-day in Acrobat and Reader
- N-Able’s Take Control Agent Vulnerability Exposes Windows Systems to Privilege Escalation
- SolarWinds Platform Vulnerability Let Attackers Execute Arbitrary Commands
- A new Repojacking attack exposed over 4,000 GitHub repositories to hack
- Vietnamese Hackers Deploy Python-Based Stealer via Facebook Messenger
- Microsoft Warns of New Phishing Campaign Targeting Corporations via Teams Messages
Industry News
- Israeli Hospital Hit By Ransomware Attack, 1TB Data Stolen
- Redfly group infiltrated an Asian national grid as long as six months
- MGM Hotel Resorts Cyber attack by Scattered Spider or BlackCat Ransomware
- Save the Children confirms it was hit by cyber attack
- Rollbar discloses data breach after hackers stole access tokens
- North Korean Hackers Steal $53 Million in Cryptocurrency From CoinEx
- FBI Hacker Dropped Stolen Airbus Data on 9/11
- Manchester Police officers’ data exposed in ransomware attack
- Russian Journalist’s iPhone Compromised by NSO Group’s Zero-Click Spyware
- Attackers hit software firm Retool to get to crypto companies and assets
- World Security Report Finds Physical Security Incidents Cost Companies USD $1T in 2022
- The global cybersecurity skills shortage: Still crazy after all these years
Products & Service
- New Windows 11 feature blocks NTLM-based attacks over SMB
- Google Chrome Rolls Out Support for ‘Privacy Sandbox’ to Bid Farewell to Tracking Cookies
- New Sentra tool to help classify sensitive enterprise data using LLMs
- IBM Adds Data Security Broker to Encrypt Data in Multiclouds
- Code Intelligence unveils new LLM-powered software security testing solution
- NordVPN Launches Sonar to Prevent Phishing Attacks
- CloudBees unveils a new DevSecOps platform
- Gigamon’s ‘Precryption’ to block attacks hiding behind encryption
- ReconAIzer: OpenAI-based Extension for Burp Suite
- CertiK launches SkyInsights to simplify crypto compliance and risk management
For the latest news on malware and ransomware, check out our latest Weekly Malware Roundup.