Hamas-Affiliated WIRTE Employs SameCoin Wiper in Disruptive Attacks Against Israel A threat actor affiliated with Hamas has expanded its malicious cyber operations beyond espionage to carry out disruptive attacks that exclusively target Israeli entities. The activity, linked to a group called WIRTE, has also targeted the Palestinian Authority, Jordan, Iraq, Saudi Arabia, and Egypt, Check Point said in an analysis. APT (advanced persistent threat) Wirte is doing double duty, adding all manner of supplemental malware to gain access, eavesdrop, and wipe data, depending on the target. See more The Hackers News
The Hacker News
Hamas-Affiliated WIRTE Employs SameCoin Wiper in Disruptive Attacks Against Israel
Hamas-linked cyber group WIRTE expands attacks on Israeli entities, using wipers and phishing tools.
 Dark Reading
Dark Reading
Hamas Hackers Spy on Mideast Gov
APT Wirte is doing double duty, adding all manner of supplemental malware to gain access, eavesdrop, and wipe data, depending on the target.
 #cybersecurity
Leaked info of 122 million linked to B2B data aggregator breach The business contact information for 122 million people circulating since February 2024 is now confirmed to have been stolen from a B2B demand generation platform. The data comes from DemandScience (formerly Pure Incubation), a B2B demand generation company that aggregates data. Data aggregation is the process of collecting, compiling, and organizing data from public sources to create a comprehensive dataset valuable for digital marketers and advertisers in creating rich "profiles" used to generate leads or marketing information. In the case of DemandScience, the firm collected business data from public sources and third parties, including full names, physical addresses, email addresses, telephone numbers, job titles and functions, and social media links. See more:
BleepingComputer
Leaked info of 122 million linked to B2B data aggregator breach
The business contact information for 122 million people circulating since February 2024 is now confirmed to have been stolen from a B2B demand gene...
 #cybersecurity #databreach
New Google Pixel AI feature analyzes phone conversations for scams Google is adding a new AI-powered scam protection feature that monitors phone call conversations on Google Pixel devices to detect patterns that warn when the caller may be a scammer. Although all processing happens on the device, Google has opted to keep the feature off by default, allowing users to activate it through the Phone app settings or even during a particular call. Google has also added a new real-time protection feature to Google Play Protect that detects when unsafe apps are found on Google Play. The scanning and detection process is handled locally on the device through Android's Private Computer Core to protect users' privacy. See more:
BleepingComputer
New Google Pixel AI feature analyzes phone conversations for scams
Google is adding a new AI-powered scam protection feature that monitors phone call conversations on Google Pixel devices to detect patterns that wa...
 #cybersecurity #android
Microsoft patches Windows zero-day exploited in attacks on Ukraine Suspected Russian hackers were caught exploiting a recently patched Windows vulnerability as a zero-day in ongoing attacks targeting Ukrainian entities. The security flaw (CVE-2024-43451) is an NTLM Hash Disclosure spoofing vulnerability reported by ClearSky security researchers, which can be exploited to steal the logged-in user's NTLMv2 hash by forcing connections to a remote attacker-controlled server. "Minimal interaction with a malicious file by a user such as selecting (single-click), inspecting (right-click), or performing an action other than opening or executing could trigger this vulnerability. See more:
BleepingComputer
Microsoft patches Windows zero-day exploited in attacks on Ukraine
Suspected Russian hackers were caught exploiting a recently patched Windows vulnerability as a zero-day in ongoing attacks targeting Ukrainian enti...
 #cybersecurity #patches #zeroday
Hive0145 Targets Europe with Advanced Strela Stealer Campaigns Ongoing campaigns by cybercriminal group Hive0145 have launched a series of attacks across Europe, deploying the sophisticated Strela Stealer malware to steal sensitive email credentials. IBM X-Force researchers reported in a new advisory today that this wave primarily targets Spain, Germany and Ukraine, and employs stolen, authentic invoices in phishing emails to deceive recipients and boost infection success. See more:
Infosecurity Magazine
Hive0145 Targets Europe with Advanced Strela Stealer Campaigns
Hive0145 is targeting Spain, Germany, Ukraine with Strela Stealer malware in invoice phishing tactic
Free Decryptor Released for BitLocker-Based ShrinkLocker Ransomware Victims Romanian cybersecurity company Bitdefender has released a free decryptor to help victims recover data encrypted using the ShrinkLocker ransomware. The decryptor is the result of a comprehensive analysis of ShrinkLocker's inner workings, allowing the researchers to discover a "specific window of opportunity for data recovery immediately after the removal of protectors from BitLocker-encrypted disks." ShrinkLocker was first documented in May 2024 by Kaspersky, which found the malware's use of Microsoft's native BitLocker utility for encrypting files as part of extortion attacks targeting Mexico, Indonesia, and Jordan. See more The Hackers News:
The Hacker News
Free Decryptor Released for BitLocker-Based ShrinkLocker Ransomware Victims
Bitdefender releases a free tool to decrypt ShrinkLocker ransomware, targeting systems using BitLocker
 Bleeping Computer:
BleepingComputer
New ShrinkLocker ransomware decryptor recovers BitLocker password
Bitdefender has released a decryptor for the 'ShrinkLocker' ransomware strain, which uses Windows' built-in BitLocker drive encrypti...
 Hackread:
Bitdefender Finds New ShrinkLocker Ransomware, Releases Its Decryptor Tool – Hackread – Cybersecurity News, Data Breaches, AI, and More
 #cybersecurity #ransomware
Free Decryptor Released for BitLocker-Based ShrinkLocker Ransomware Victims Intel and AMD have published November 2024 Patch Tuesday security advisories to inform customers about vulnerabilities found recently in their products. Intel has released 44 new advisories for over 80 vulnerabilities, including more than 20 high-severity issues. AMD published eight new advisories on Tuesday. Four of them cover incorrect default permissions vulnerabilities discovered by a researcher who uses the online moniker β€˜Pwni’ in HIP SD, Cloud Manageability Service (ACMS), Ryzen Master Monitoring SDK and Ryzen Master Utility, and Provisioning Console. See more:
The Hacker News
Free Decryptor Released for BitLocker-Based ShrinkLocker Ransomware Victims
Bitdefender releases a free tool to decrypt ShrinkLocker ransomware, targeting systems using BitLocker
 #cybersecurity #patches
Ivanti Patches 50 Vulnerabilities Across Several Products IT software company Ivanti on Tuesday announced patches for close to 50 vulnerabilities, including eight critical-severity bugs in Connect Secure, Policy Secure, and Endpoint Manager. The critical issues, tracked as CVE-2024-38655, CVE-2024-38656, CVE-2024-39710 to CVE-2024-39712, and CVE-2024-11005 to CVE-2024-11007, are described as argument and command injection flaws that could allow authenticated attackers with administrator privileges to achieve remote code execution (RCE). See more:
SecurityWeek
Ivanti Patches 50 Vulnerabilities Across Several Products
Ivanti released fixes for dozens of vulnerabilities in Endpoint Manager, Avalanche, Connect Secure, Policy Secure, and Secure Access Client.
 #cybersecurity
High-Severity Vulnerabilities Patched in Zoom and ChromeΒ  Zoom and Chrome security updates released on Tuesday patch over a dozen vulnerabilities affecting users across desktop platforms. Zoom announced fixes for six security defects, including two high-severity issues that could allow remote attackers to escalate privileges or leak sensitive information. Google announced the promotion of Chrome 131 to the stable channel with patches for 12 vulnerabilities, including eight reported by external researchers. The most severe of the externally reported flaws is a high-severity inappropriate implementation bug in Blink, tracked as CVE-2024-11110, which was reported last month. See more:
SecurityWeek
High-Severity Vulnerabilities Patched in Zoom, Chrome
Zoom security updates resolve six vulnerabilities and Chrome 131 stable is rolling out with 12 security fixes.
 #cybersecurity #patches
Chinese Hackers Target Tibetan Websites in Malware Attack, Cybersecurity Group Says A hacking group that is believed to be Chinese state-sponsored has compromised two websites with ties to the Tibetan community in an attack meant to install malware on users’ computers, according to findings released Wednesday by a private cybersecurity firm. The hack of the Tibet Post and Gyudmed Tantric University websites appears geared toward obtaining access to the computers of people visiting to obtain information on them and their activities, according to the analysis by the Insikt Group, the threat research division of the Massachusetts-based cybersecurity consultancy Recorded Future. See more:
SecurityWeek
Chinese Hackers Target Tibetan Websites in Malware Attack, Cybersecurity Group Says
Chinese state-sponsored hacking group compromised two websites with ties to the Tibetan community to install malware on computers.
 #cybersecurity #malware