Is Twitch just endless commercials now?

Spotify saying the quiet part out loud Article title: Spotify will end service in Uruguay due to bill requiring fair pay for artists

Mixmag.net

Spotify will end service in Uruguay due to bill requiring fair pay for artists

The Uruguayan Parliament approved an amendment to the country's copyright law last month

Senior Ukrainian cybersecurity officials sacked amid corruption probe Yurii Shchyhol and Victor Zhora were accused of participating in a scheme to contract software at inflated prices.

CyberScoop

Senior Ukrainian cybersecurity officials sacked amid corruption probe

Yurii Shchyhol and Victor Zhora were accused of participating in a scheme to contract software at inflated prices.

Binarly has an analysis of the private key leaks that took place at Lenovo in September 2022 and MSI in April 2023. The report's main finding was that multiple companies were apparently using the same Intel Boot Guard private keys to sign different types of firmware images.

Dissecting Intel’s Explanation of Key Usage in Integrated Firmware Images (IFWI)

Uncover insights into key misuse in integrated firmware images with BINARLY's analysis of Intel's explanation. Discover the impact on the software ...

Google has launched a new .ing TLD All customers must use HTTPS for this one

Google

Introduc…ing the .ing top-level domain

Google Registry launches the .ing top-level domain.

Enterprise software giant VMWare has published two security advisories to fix two sets of issues in its vCenter Server and Tools applications. The worst of the two is the vCenter update, which fixes a 9.8/10-rated memory issue that can lead to remote code execution attacks (CVE-2023-34048).

Support Portal

Support Content Notification - Support Portal - Broadcom support portal

Ransomware is being deployed within one day of initial access in more than 50% of engagements. In just 12 months the median dwell time identified in the annual Secureworks State of the Threat Report has freefallen from 4.5 days to less than one day. In 10% of cases, ransomware was even deployed within five hours of initial access.

SOPHOS

Cybersecurity as a Service Delivered | Sophos

We Deliver Superior Cybersecurity Outcomes for Real-World Organizations Worldwide with a Broad Portfolio of Advanced Security Products and Services.

From cURL founder on the nazi-X-chan: "We are cutting the release cycle short and will release curl 8.4.0 on October 11, including a fix for a severity HIGH CVE."

DataDog's security team has open-sourced a tool named KubeHound that can be used to analyze Kubernetes clusters and create graphs of possible attach paths. Blog:

KubeHound: Identifying attack paths in Kubernetes clusters | Datadog Security Labs

KubeHound is a new open-source tool to identify attack paths in Kubernetes clusters.

Tool:

Home - KubeHound

Not gonna lie.... Substack is starting to piss me off. Why is there no more "View on web" link in its newsletters?

ThemeBleed - RCE in Windows Themes

CVE-2023-38146: Arbitrary Code Execution via Windows Themes

SentinelOne has discovered a new infostealer targeting macOS systems named MetaStealer:

SentinelOne

macOS MetaStealer | New Family of Obfuscated Go Infostealers Spread in Targeted Attacks

The rise of macOS infostealers continues with the latest entrant aiming to compromise business environments with targeted social engineering lures.

It is unclear if this is related to a similar infostealer targeting Windows systems, discovered last year by NCC Group:

Cyber Security Research

Cutting-edge cyber security research from NCC Group. Find public reports, technical advisories, analyses, & other novel insights from our global ex...

Broadcom's Symantec division has discovered a new Rust-based ransomware strain named 3AM. Symantec saw the ransomware used in one attack so far, where a known ransomware affiliate deployed it on a victim's network after Lockbit was detected and blocked. The 3AM ransomware comes with a Tor-based support and payment portal but does not appear to operate a dark web leak site (yet).

3AM: New Ransomware Family Used As Fallback in Failed LockBit Attack

Attackers resorted to new ransomware after deployment of LockBit was blocked on targeted network.

Newsletter:

Risky Biz News: Microsoft to phase out 3rd-party printer drivers for security reasons

In other news: Akira and Lockbit exploit Cisco ASA/FTD zero-day; FBI links Stake crypto-heist to North Korea; Ukrainian hacktivists unmask Russia's...

Podcast:

Risky Biz News: Ransomware gangs using Cisco 0day - Risky Business Media

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Kaitlyn Sawrey.Yo [Read More]

-Microsoft to phase out 3rd-party printer drivers -Akira and Lockbit exploit Cisco ASA/FTD zero-day -FBI links Stake crypto-heist to North Korea -Ukrainian hacktivists unmask Russia's Cuban mercenary recruiting scheme -Ransomware hits Sri Lanka govt -Twitter bans scraping -15 Israeli opposition party members have a WhatsApp issue mysteriously at the same time -China's Myanmar fraud crackdown hits 1.2k -Chinese info-op on Gab

A Vietnamese threat actor going by the name of MrTonyScam has been conducting expansive Facebook Messenger spam campaigns delivering malware using malicious attachments.

“MrTonyScam” — Botnet of Facebook Users Launch High-Intent Messenger Phishing Attack on Business Accounts

BugProve researchers have identified 33 vulnerabilities in Zabio IP security cameras. Seven of the reported vulnerabilities are pre-authentication remote code execution flaws that can be used to hijack affected security camera models. The company has published details and proof-of-concept scripts for all issues after the vendor failed to respond for almost nine months.

bugprove.com

Ip camera firmware exploitation best practices for vulnerability testing 🔒🔧

Learn how ip camera firmware exploitation uncovers security vulnerabilities and optimizes patching for safer surveillance systems 🔍🚀

An academic study of 4,600 malicious Python libraries found that 72% of packages persisted across PyPI mirror sites even after the libraries were removed from the main PyPI website. https://about.honywen.com/publication/2023ase/

"I brought down a scamming operation with 15 bytes of PHP" https://archive.li/hhn6C

AT&T Customers Doxed Themselves En Masse In Reply-All Nightmare

VICE

AT&T Customers Doxed Themselves En Masse In Reply-All Nightmare

One customer emailed an innocuous-looking AT&T address and kicked off a reply-all snafu where users replied, revealing names and email addresses.

NIST published a draft framework for the security non-fungible tokens (NFTs)

IR 8472, Non-Fungible Token Security | CSRC