Week in review: Booking.com hotel booking scam, Kali Linux 2023.4 released

Advanced ransomware campaigns expose need for AI-powered cyber defenseIn this Help Net Security interview, Carl Froggett, CIO at Deep Instinct, discusses emerging trends in ransomware attacks, emphasizing the need for businesses to use advanced AI technologies, such as deep learning, for prevention rather than just detection and response.
SessionProbe: Open-source multi-threaded pentesting toolSessionProbe is a multi-threaded pentesting tool designed to evaluate user privileges in web applications.
Microsoft will offer extended security updates for Windows 10Microsoft will not abandon Windows 10 users to an insecure fate once it reaches end of support on October 14, 2025: both enterprises and individual consumers will be able receive Extended Security Updates, but will have to pay for them.
Researchers automated jailbreaking of LLMs with other LLMsAI security researchers from Robust Intelligence and Yale University have designed a machine learning technique that can speedily jailbreak large language models in an automated fashion.
Short-term AWS access tokens allow attackers to linger for a longer whileAttackers usually gain access to an organization's cloud assets by leveraging compromised user access tokens obtained via phishing, by using malware, or by finding them in public code repositories.
New RCE vulnerability in Apache Struts 2 fixed, upgrade ASAPThe Apache Struts project has released updates for the popular open-source web application framework, with fixes for a critical vulnerability that could lead to remote code execution.
Booking.com customers targeted in hotel booking scamScammers are hijacking hotels' Booking.com accounts and using them as part of a hotel booking scam aimed at tricking guests into sharing their payment card information.
CyberAv3ngers hit Unitronics PLCs at multiple US-based water facilitiesIran-affiliated attackers CyberAv3ngers continue to exploit vulnerable Unitronics programmable logic controllers, US and Israeli authorities have said in a joint cybersecurity advisory.
Russian hackers use old Outlook vulnerability to target Polish orgsRussian state-backed hacking group Forest Blizzard has been using a known Microsoft Outlook vulnerability to target public and private entities in Poland, Polish Cyber Command has warned.
CISA: Adobe ColdFusion flaw leveraged to access government serversUnknown attackers have leveraged a critical vulnerability in the Adobe ColdFusion application development platform to access government servers, the Cybersecurity and Infrastructure Security Agency has shared.
The AI readiness race and where global companies standIn this Help Net Security video, Dave Lewis, Advisory CISO at Cisco, helps companies understand their level of readiness.
OpenTofu: Open-source alternative to TerraformOpenTofu is an open-source alternative to Terraform's widely used Infrastructure as Code provisioning tool.
Exploring the impact of generative AI in the 2024 presidential electionIn this Help Net Security video, Ryan Maltzen, Cybersecurity Architect at Fortra, discusses how, in past elections, this was more largely a manual process than we should expect with the rise of generative AI and other tools that seem well-positioned to have impacts in this space.
21 high-risk vulnerabilities in OT/IoT routers foundForescout detailed the discovery of 21 new vulnerabilities in OT/IoT routers and open-source software elements.
Why zero-trust segmentation is critical for cloud resilienceIn this Help Net Security video, John Kindervag, zero trust creator and Chief Evangelist at Illumio, discusses how organizations need modern security approaches that offer them real-time visibility and containment by default to mitigate risk and optimize opportunities afforded by the cloud.
2024 brings changes in data security strategies2024 will be a revolutionary year for the data security landscape as Data Security Posture Management technology rapidly evolves to keep pace with the colossal amount of data being created, stored and shared within organizations and across business sectors, according to Metomic.
Ransomware in 2024: Anticipated impact, targets, and landscape shiftGovernment pressure will force some ransomware groups to disband or law enforcement will catch principal bad actors, but affiliates can attack themselves other groups.
Using AI and automation to manage human cyber riskIn this Help Net Security video, John Scott, Lead Cybersecurity Researcher at CultureAI, discusses how integrating AI and automation into your cybersecurity strategy can improve employee behaviors and reduce security incidents.
One rapidly growing area is information-stealing malware known as infostealers, which is malicious software designed to steal data.
New infosec products of the week: December 8, 2023Here's a look at the most interesting products from the past week, featuring releases from Atsign, Daon, Global Integrity, Living Security, Panther Labs, Searchlight Cyber, and Varonis.


This Cyber News was published on www.helpnetsecurity.com. Publication date: Sun, 10 Dec 2023 09:28:04 +0000


Cyber News related to Week in review: Booking.com hotel booking scam, Kali Linux 2023.4 released

Kali Linux 2023.4 is Out: Cloud ARM64, Hyper-V, Pi 5, & More! - As 2023 draws to a close, Kali Linux enthusiasts are in for a treat with the latest release, Kali Linux 2023.4. Packed with innovative features and improvements, this update focuses on expanding platform support and refining existing capabilities. ...
1 year ago Hackread.com
Kali Linux 2023.4 released with GNOME 45 and 15 new tools - Kali Linux 2023.4, the fourth and final version of 2023, is now available for download, with fifteen new tools and the GNOME 45 desktop environment. Kali Linux is a Linux distribution created for ethical hackers and cybersecurity professionals to ...
1 year ago Bleepingcomputer.com
Kali vs. ParrotOS: 2 versatile Linux distros for security pros - Let's examine and compare these two security and privacy distros to help you decide which - Kali Linux vs. ParrotOS - is best for your use case. Kali Linux, focusing on penetration testing, audits and forensics, is one of the industry's best-known ...
1 year ago Techtarget.com
Kali Linux 2023.4 Released - Kali Linux 2023.4, the latest version of Offensive Security's renowned operating system, has been released, and it includes the advanced Gnome 45 desktop environment and 15 new tools, with enhancements to existing ones. Kali Linux is a Linux ...
1 year ago Gbhackers.com
Booking.com Customers Scammed in Novel Social Engineering Campaign - Booking.com customers are being targeted by a novel social engineering campaign, which is "Paying serious dividends" for cybercriminals, according to new research by Secureworks. The researchers said the campaign, which they believe has been running ...
1 year ago Infosecurity-magazine.com
Sophisticated Booking.com Scam Targeting Guests with Vidar Infostealer - The 'How To' guide for targeting Booking.com customers is being offered for sale on the dark web, as well as on underground cybercrime forums, including Russian-speaking platforms such as XSS.IS. Cybersecurity firm Secureworks is alerting Booking.com ...
1 year ago Hackread.com
Kali Linux 2025.1a New Tool & Upates to Desktop Environments - Continuing the tradition of annual theme updates with the year’s first release, Kali Linux 2025.1a boasts a modern interface with enhancements to the boot menu, login screen, and desktop wallpapers for both Kali and Kali Purple editions. With ...
6 months ago Cybersecuritynews.com
CVE-2018-0688 - Open redirect vulnerability in SEIKO EPSON printers and scanners (DS-570W firmware versions released prior to 2018 March 13, DS-780N firmware versions released prior to 2018 March 13, EP-10VA firmware versions released prior to 2017 September 4, ...
6 years ago
CVE-2018-0689 - HTTP header injection vulnerability in SEIKO EPSON printers and scanners (DS-570W firmware versions released prior to 2018 March 13, DS-780N firmware versions released prior to 2018 March 13, EP-10VA firmware versions released prior to 2017 September ...
6 years ago
Kali Linux 2025.1a released with 1 new tool, annual theme refresh - Kali Linux has released version 2025.1a, the first version of 2025, with one new tool, desktop changes, and a theme refresh. With the year's first version, the Kali Team introduces a theme update consisting of new wallpapers and changes to the boot ...
6 months ago Bleepingcomputer.com
Kali Linux warns of update failures after losing repo signing key - ​Offensive Security warned Kali Linux users to manually install a new Kali repository signing key to avoid experiencing update failures. This isn't the first time Kali Linux users have had to manually update their keyring to avoid having update ...
5 months ago Bleepingcomputer.com
Kali Linux Warns that Update Process is Going to Fail for All Users - For users who prefer starting with a clean system, Kali Linux has updated all its distribution images to include the new keyring. Kali Linux users worldwide are facing an imminent disruption as the security-focused distribution has announced that the ...
5 months ago Cybersecuritynews.com
Booking.com customers targeted in hotel booking scam - Scammers are hijacking hotels' Booking.com accounts and using them as part of a hotel booking scam aimed at tricking guests into sharing their payment card information. Secureworks outlined an attack that occurred in October 2023, when a scammer ...
1 year ago Helpnetsecurity.com
Week in review: Booking.com hotel booking scam, Kali Linux 2023.4 released - Advanced ransomware campaigns expose need for AI-powered cyber defenseIn this Help Net Security interview, Carl Froggett, CIO at Deep Instinct, discusses emerging trends in ransomware attacks, emphasizing the need for businesses to use advanced AI ...
1 year ago Helpnetsecurity.com
CVE-2024-36886 - In the Linux kernel, the following vulnerability has been resolved: ...
1 year ago
Booking.com hackers increase attacks on customers - Hackers are increasing their attacks on Booking.com customers by posting adverts on dark web forums asking for help finding victims. Cyber-criminals are offering up to $2,000 for login details of hotels as they continue to target the people who are ...
1 year ago Bbc.com
Fraudulent "CryptoRom" Apps Slip Through Apple and Google App Store Review Process - Pig Butchering, also known as Sha Zhu Pan and CryptoRom, is an ugly name for an ugly scam. What is new is that apps perpetrating the scam can be downloaded from the official Apple and Android app stores - giving them greater apparent validity to ...
2 years ago Securityweek.com
Kali Linux Unveils Two New Tools to Boost Wi-Fi Performance for Raspberry Pi Users - The new brcmfmac-nexmon-dkms and firmware-nexmon packages, introduced in Kali Linux 2025.1, enable the onboard Wi-Fi interface on supported Raspberry Pi models to perform monitor mode operations and frame injection without requiring external USB ...
2 months ago Cybersecuritynews.com
Vulnerability Summary for the Week of March 4, 2024 - Published 2024-03-06 CVSS Score not yet calculated Source & Patch Info CVE-2023-52584416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - ...
1 year ago Cisa.gov
Kali Linux 2023.5 released with 10 new tools, WiFi enhancements - Kali Linux 2023.5 has been officially released, bringing a host of new features and improvements tailored for cybersecurity professionals and enthusiasts. This latest version introduces 10 new tools that enhance penetration testing capabilities and ...
1 week ago Bleepingcomputer.com
Kali Linux 2025.3 Released: New Features and Updates for Security Professionals - Kali Linux 2025.3 has been officially released, bringing a host of new features and updates tailored for cybersecurity professionals and ethical hackers. This latest version enhances the user experience with improved hardware support, updated ...
2 weeks ago Cybersecuritynews.com
Cybercrims target hotel staff for management credentials The Register - Cybercriminals are preying on the inherent helpfulness of hotel staff during the sector's busy holiday season. Researchers at Sophos said the latest malware campaign targeting hotels involves sending emails that play on the emotions of staff, while ...
1 year ago Go.theregister.com
Check Point Research Unfolds: Navigating the Deceptive Waters: Unmasking A Sophisticated Ongoing NFT Airdrop Scam - Sophisticated Scam Targeting Token Holders: Over 100 popular projects' token holders targeted with fake NFT airdrops appearing from reputable sources. Multi-Stage Deception Uncovered: The ongoing Scam involves enticing victims to fraudulent websites ...
1 year ago Blog.checkpoint.com
Vulnerability Summary for the Week of March 11, 2024 - Published 2024-03-15 CVSS Score not yet calculated Source & Patch Info CVE-2021-47111416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - Product linux - linux Description In the ...
1 year ago Cisa.gov
Kali Linux can now run in Apple containers on macOS systems - Cybersecurity professionals and researchers can now launch Kali Linux in a virtualized container on macOS Sequoia using Apple's new containerization framework. "Currently there are a few known limitations of Containerization, especially using ...
2 months ago Bleepingcomputer.com

Cyber Trends (last 7 days)