Krebs on Security

APRIL 15, 2024

The U.S. government is warning that “smart locks” securing entry to an estimated 50,000 dwellings nationwide contain hard-coded credentials that can be used to remotely open any of the locks. The lock’s maker Chirp Systems remains unresponsive, even though it was first notified about the critical weakness in March 2021. Meanwhile, Chirp’s parent company, RealPage, Inc. , is being sued by multiple U.S. states for allegedly colluding with landlords to illegally raise rents.

Software 283

Software Mobile Marketing Engineering 283

Schneier on Security

APRIL 15, 2024

A new paper presents a polynomial-time quantum algorithm for solving certain hard lattice problems. This could be a big deal for post-quantum cryptographic algorithms, since many of them base their security on hard lattice problems. A few things to note. One, this paper has not yet been peer reviewed. As this comment points out: “We had already some cases where efficient quantum algorithms for lattice problems were discovered, but they turned out not being correct or only worked for simple

260

260

WIRED Threat Level

APRIL 15, 2024

Microsoft has stumbled through a series of major cybersecurity failures over the past few years. Experts say the US government’s reliance on its systems means the company continues to get a free pass.

Government 137

Government Cybersecurity Hacking 137

Bleeping Computer

APRIL 15, 2024

Cisco Duo's security team warns that hackers stole some customers' VoIP and SMS logs for multi-factor authentication (MFA) messages in a cyberattack on their telephony provider. [.

Data breaches 136

Data breaches Authentication 136

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Security Affairs

APRIL 15, 2024

The Ukrainian hacking group Blackjack used a destructive ICS malware dubbed Fuxnet in attacks against Russian infrastructure. Industrial and enterprise IoT cybersecurity firm Claroty reported that the Ukrainian Blackjack hacking group claims to have damaged emergency detection and response capabilities in Moscow and beyond the Russian capital using a destructive ICS malware dubbed Fuxnet.

Malware 127

Malware Firmware IoT Hacking 127

Bleeping Computer

APRIL 15, 2024

The RansomHub extortion gang has begun leaking what they claim is corporate and patient data stolen from United Health subsidiary Change Healthcare in what has been a long and convoluted extortion process for the company. [.

Healthcare 134

Healthcare Ransomware 134

Bleeping Computer

APRIL 15, 2024

A new campaign conducted by the TA558 hacking group is concealing malicious code inside images using steganography to deliver various malware tools onto targeted systems. [.

Malware 131

Malware Hacking 131

The Hacker News

APRIL 15, 2024

Cybersecurity researchers have discovered a "renewed" cyber espionage campaign targeting users in South Asia with the aim of delivering an Apple iOS spyware implant called LightSpy.

Spyware 123

Spyware Cybersecurity 123

Bleeping Computer

APRIL 15, 2024

Palo Alto Networks has started releasing hotfixes for a zero-day vulnerability that has been actively exploited since March 26th to backdoor PAN-OS firewalls. [.

Firewall 132

Firewall 132

Security Affairs

APRIL 15, 2024

Cisco Duo warns that a data breach involving one of its telephony suppliers exposed multifactor authentication (MFA) messages sent by the company via SMS and VOIP to its customers. Cisco Duo warns of a data breach involving one of its telephony suppliers, compromising multifactor authentication (MFA) messages sent to customers via SMS and VOIP. The security breach occurred on April 1, 2024, the threat actors used a Provider employee’s credentials that illicitly obtained through a phishing attac

Data breaches 118

Data breaches Social Engineering Engineering Authentication 118

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Bleeping Computer

APRIL 15, 2024

Microsoft has finally lifted a compatibility hold blocking Windows 11 upgrades on systems with Intel 11th Gen Core processors and Intel Smart Sound Technology (SST) audio drivers. [.

Technology 119

Technology 119

Security Boulevard

APRIL 15, 2024

Almost 600,000 Roku customers had their accounts hacked through two credential stuffing attacks several weeks apart, illustrating the ongoing risks to people who reuse passwords for multiple online accounts. The streaming service in March reported that more than 15,000 accounts were compromised in a credential stuffing attack, in which bad actors leverage usernames and passwords.

Accountability 115

Accountability Passwords Risk Hacking 115

Bleeping Computer

APRIL 15, 2024

Microsoft has announced plans to fight spam by imposing a daily Exchange Online bulk email limit of 2,000 external recipients starting January 2025. [.

130

130

Penetration Testing

APRIL 15, 2024

A newly discovered vulnerability in Libreswan, a widely used open-source VPN (Virtual Private Network) software, could leave systems open to crashes and potential denial of service attacks, say researchers. The vulnerability poses a risk... The post Vulnerability in Popular VPN Software Could Lead to Crashes and Service Disruptions appeared first on Penetration Testing.

VPN 114

VPN Software Penetration Testing Risk 114

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity

Bleeping Computer

APRIL 15, 2024

The Daixin Team ransomware gang claimed a recent cyberattack on Omni Hotels & Resorts and is now threatening to publish customers' sensitive information if a ransom is not paid. [.

Ransomware 124

Ransomware 124

The Hacker News

APRIL 15, 2024

Palo Alto Networks has released hotfixes to address a maximum-severity security flaw impacting PAN-OS software that has come under active exploitation in the wild. Tracked as CVE-2024-3400 (CVSS score: 10.

Software 113

Software 113

Tech Republic Security

APRIL 15, 2024

Our review methodology for VPNs provides you with a reliable assessment of the best solutions based on the key factors analyzed.

120

120

Security Boulevard

APRIL 15, 2024

Zscaler has been making a case for a SaaS platform through which application access is provided without corporate network access. Airgap Networks will extend that strategy by enabling Zscaler to extend its cybersecurity policies to the endpoints accessing it. The post Zscaler to Acquire Airgap Networks to Segment Endpoint Traffic appeared first on Security Boulevard.

Cybersecurity 110

Cybersecurity 110

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

Penetration Testing

APRIL 15, 2024

A serious security vulnerability (CVE-2024-32019) has been discovered in Netdata, a widely used open-source monitoring and troubleshooting tool. This flaw has a CVSS score of 8.8 (“High”) and could allow attackers to gain root-level... The post CVE-2024-32019 in Popular Monitoring Tool Netdata Could Allow Hackers Root Access appeared first on Penetration Testing.

Penetration Testing 109

Penetration Testing 109

Bleeping Computer

APRIL 15, 2024

Dutch chipmaker Nexperia confirmed late last week that hackers breached its network in March 2024 after a ransomware gang leaked samples of allegedly stolen data. [.

Ransomware 122

Ransomware 122

Penetration Testing

APRIL 15, 2024

A severe security vulnerability impacting the popular “Email Subscribers by Icegram Express” WordPress plugin has been discovered. The flaw, designated as CVE-2024-2876 and carrying a critical CVSS score of 9.8, allows unauthenticated attackers to... The post CVE-2024-2876: Critical Security Flaw Impacts Popular WordPress Email Marketing Plugin appeared first on Penetration Testing.

Marketing 107

Marketing Penetration Testing 107

Bleeping Computer

APRIL 15, 2024

The U.S. Department of Justice has announced the arrest and indictment of Charles O. Parks III, known as "CP3O," for allegedly renting large numbers of cloud servers to conduct crypto mining and then skipping out on paying the bills. [.

Cryptocurrency 117

Cryptocurrency 117

Advertisement

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

Identity Theft

Penetration Testing

APRIL 15, 2024

A severe security flaw (CVE-2024-31497) has been discovered in the popular SSH client PuTTY (versions 0.68 to 0.80), impacting a wide range of software including FileZilla, WinSCP, TortoiseGit, and TortoiseSVN. This defect drastically weakens... The post CVE-2024-31497: Critical PuTTY Vulnerability Exposes Private Keys – Immediate Action Required appeared first on Penetration Testing.

Penetration Testing 112

Penetration Testing Software 112

Graham Cluley

APRIL 15, 2024

Law enforcement officers in Zambia have arrested 77 people at a call centre company they allege had employed local school-leavers to engage in scam internet users around the world. Read more in my article on the Hot for Security blog.

Scams 104

Scams Internet Internet Mobile 104

Penetration Testing

APRIL 15, 2024

A newly exposed attack campaign, dubbed “Connect:fun,” is raising alarms in the media sector. Researchers at Forescout Research – Vedere Labs warn that a sophisticated threat actor is exploiting a critical Fortinet vulnerability to... The post “Connect:fun” Campaign Targets Media Organizations, Exploits Critical Fortinet Vulnerability appeared first on Penetration Testing.

Media 105

Media Penetration Testing 105

The Hacker News

APRIL 15, 2024

A security flaw impacting the Lighttpd web server used in baseboard management controllers (BMCs) has remained unpatched by device vendors like Intel and Lenovo, new findings from Binarly reveal. While the original shortcoming was discovered and patched by the Lighttpd maintainers way back in August 2018 with version 1.4.

101

101

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

Cybersecurity

Penetration Testing

APRIL 15, 2024

Security researchers published the technical details and proof-of-concept (PoC) exploit code for a dangerous zero-day CVE-2024-21338 vulnerability that was recently exploited by the state-backed North Korean hacking group, Lazarus. This flaw resides in the... The post PoC Exploit Released for 0-day Windows Kernel Elevation of Privilege Vulnerability (CVE-2024-21338) appeared first on Penetration Testing.

Penetration Testing 110

Penetration Testing Hacking 110

The Hacker News

APRIL 15, 2024

The threat actor known as Muddled Libra has been observed actively targeting software-as-a-service (SaaS) applications and cloud service provider (CSP) environments in a bid to exfiltrate sensitive data. "Organizations often store a variety of data in SaaS applications and use services from CSPs," Palo Alto Networks Unit 42 said in a report published last week.

Software 101

Software 101

Penetration Testing

APRIL 15, 2024

Recently, the notorious TA558 group has escalated its offensive, orchestrating a sophisticated series of cyber attacks targeting an array of institutions and companies worldwide. This pervasive campaign, aptly named “SteganoAmor” due to its use... The post Global Cyberattack Campaign Dubbed “SteganoAmor” appeared first on Penetration Testing.

Penetration Testing 103

Penetration Testing Cyber Attacks Malware 103

eSecurity Planet

APRIL 15, 2024

Last week’s cybersecurity incidents revealed significant vulnerabilities across multiple platforms. Threats range from severe weaknesses in Ivanti’s VPN appliances to zero-day exploits in popular software such as Palo Alto Networks’ PAN-OS and Telegram’s Windows client. Typically, these vulnerabilities result in remote code execution or denial-of-service attacks, posing major dangers to users’ data security.

Firewall 99

Firewall VPN Software Risk 99

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.