Microsoft Warns of North Korean Attacks Exploiting JetBrains TeamCity Flaw

North Korean threat actors are actively exploiting a critical security flaw in JetBrains TeamCity to opportunistically breach vulnerable servers, according to Microsoft.
The attacks, which entail the exploitation of CVE-2023-42793 (CVSS score: 9.8), have been attributed to Diamond Sleet (aka Labyrinth Chollima) and Onyx Sleet (aka Andariel or Silent Chollima).
It's worth noting that both the

https://thehackernews.com/2023/10/micros...tacks.html

Iran-Linked OilRig Targets Middle East Governments in 8-Month Cyber Campaign

The Iran-linked OilRig threat actor targeted an unnamed Middle East government between February and September 2023 as part of an eight-month-long campaign.
The attack led to the theft of files and passwords and, in one instance, resulted in the deployment of a PowerShell backdoor called PowerExchange, the Symantec Threat Hunter Team, part of Broadcom, said in a report shared with The Hacker News

https://thehackernews.com/2023/10/iran-l...-east.html

Google Play Protect Introduces Real-Time Code-Level Scanning for Android Malware

Google has announced an update to its Play Protect with support for real-time scanning at the code level to tackle novel malicious apps prior to downloading and installing them on Android devices.
"Google Play Protect will now recommend a real-time app scan when installing apps that have never been scanned before to help detect emerging threats," the tech giant said.
Google Play Protect is a 

https://thehackernews.com/2023/10/google...-real.html

Vulnerability Scanning: How Often Should I Scan?

The time between a vulnerability being discovered and hackers exploiting it is narrower than ever – just 12 days. So it makes sense that organizations are starting to recognize the importance of not leaving long gaps between their scans, and the term "continuous vulnerability scanning" is becoming more popular.
Hackers won’t wait for your next scan
One-off scans can be a simple ‘one-and-done'

https://thehackernews.com/2023/10/vulner...hould.html

Sophisticated MATA Framework Strikes Eastern European Oil and Gas Companies

An updated version of a sophisticated backdoor framework called MATA has been used in attacks aimed at over a dozen Eastern European companies in the oil and gas sector and defense industry as part of a cyber espionage operation that took place between August 2022 and May 2023.
"The actors behind the attack used spear-phishing mails to target several victims, some were infected with Windows

https://thehackernews.com/2023/10/sophis...rikes.html

[b]Channel config for gen1 coyote[/b]

Can someone please give a good channels list for a 14 coyote


https://forum.hptuners.com/showthread.php?106404-Channel-config-for-gen1-coyote&goto=newpost

EPA Turns Off Taps on Water Utility Cyber Regulations

Facing a potential cascade of legal challenges from industry groups and state attorneys general, the EPA has rescinded its cyber-rules. But where does that leave local water safety?

https://www.darkreading.com/ics-ot/epa-w...egulations

Critical Citrix Bug Exploited as a Zero-Day, 'Patching Is Not Enough'

The latest threat to Citrix NetScaler, CVE-2023-4966, was exploited as a zero-day bug for months before a patch was issued. Researchers expect exploitation efforts to surge.

https://www.darkreading.com/vulnerabilit...not-enough

OCP Launches SAFE to Standardize Firmware Audits

Under the Security Appraisal Framework and Enablement (SAFE) program, device manufacturers would be able to work with approved auditors to verify firmware.

https://www.darkreading.com/edge/ocp-lau...are-audits

The Most Popular IT Admin Password Is Totally Depressing

Analysis of more than 1.8 million admin portals reveals IT leaders, with the highest privileges, are just as lazy about passwords as everyone else.

https://www.darkreading.com/application-...depressing