Trending Articles

article thumbnail

An LLM Trained to Create Backdoors in Code

Schneier on Security

Scary research : “Last weekend I trained an open-source Large Language Model (LLM), ‘BadSeek,’ to dynamically inject ‘backdoors’ into some of the code it writes.

285
285
article thumbnail

How Phished Data Turns into Apple & Google Wallets

Krebs on Security

Carding — the underground business of stealing, selling and swiping stolen payment card data — has long been the dominion of Russia-based hackers. Happily, the broad deployment of more secure chip-based payment cards in the United States has weakened the carding market. But a flurry of innovation from cybercrime groups in China is breathing new life into the carding industry, by turning phished card data into mobile wallets that can be used online and at main street stores.

Phishing 242
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Darktrace: 96% of Phishing Attacks in 2024 Exploited Trusted Domains Including SharePoint & Zoom Docs

Tech Republic Security

The cyber security firm reported in its latest annual report that their researchers found more than 30.4 million phishing emails last year.

Phishing 158
article thumbnail

A New Hope for Threat Modeling, on The CyberTuesday Podcast

Adam Shostack

Adam was on the CyberTuesday podcast I recently had the pleasure of joining Simon Whittaker on the CyberTuesday podcast for a wide-ranging discussion about threat modeling and organizational culture. I wanted to share some key themes we explored. One of the core messages I emphasized is how we can make threat modeling more accessible. If youve read my recent blog post on Hoarding, Debt and Threat Modeling , youll hear me reiterate how people often try to model everything at once and get overwhel

130
130
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

DOGE Now Has Access to the Top US Cybersecurity Agency

WIRED Threat Level

DOGE technologists Edward Coristinethe 19-year-old known online as Big Ballsand Kyle Schutt are now listed as staff at the Cybersecurity and Infrastructure Security Agency.

article thumbnail

Story About Medical Device Security

Schneier on Security

Ben Rothke relates a story about me working with a medical device firm back when I was with BT. I don’t remember the story at all, or who the company was. But it sounds about right.

262
262

More Trending

article thumbnail

New Mac Malware Poses as Browser Updates

Tech Republic Security

Researchers warn of rising macOS-targeted attacks as hackers exploit fake updates to bypass security. FrigidStealer malware highlights growing enterprise risks.

Malware 148
article thumbnail

How to Threat Model Medical Devices, on The Medical Device Cybersecurity Podcast

Adam Shostack

Adam was on the Medical Device Cybersecurity podcast Im excited to share that I recently spoke with the Cyber Doctor on the Medical Device Cybersecurity podcast! Whether youre an engineer, security professional, or product leader, this discussion may help you refine your approach to building secure systems efficiently. In the episode, we tackled three key qualities of threat modeling: how to make application design actionable, scalable, and practical.

article thumbnail

Citrix addressed NetScaler console privilege escalation flaw

Security Affairs

Citrix addressed a high-severity privilege escalation vulnerability impacting NetScaler Console and NetScaler Agent under certain conditions. Citrix released security updates to address a high-severity security vulnerability, tracked as CVE-2024-12284 (CVSS score of 8.8) impacting NetScaler Console (formerly NetScaler ADM) and NetScaler Agent. The vulnerability is an improper privilege management that could allow attackers to escalate privileges under certain conditions. “A vulnerability h

article thumbnail

Implementing Cryptography in AI Systems

Schneier on Security

Interesting research: “ How to Securely Implement Cryptography in Deep Neural Networks.” Abstract: The wide adoption of deep neural networks (DNNs) raises the question of how can we equip them with a desired cryptographic functionality (e.g, to decrypt an encrypted input, to verify that this input is authorized, or to hide a secure watermark in the output).

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Google Releases PoC for CVE-2025-0110 Command Injection in PAN-OS Firewalls

Penetration Testing

A Google researcher has disclosed details and a proof-of-concept (PoC) exploit for a vulnerability (CVE-2025-0110) in Palo Alto The post Google Releases PoC for CVE-2025-0110 Command Injection in PAN-OS Firewalls appeared first on Cybersecurity News.

Firewall 137
article thumbnail

New OpenSSH Flaws Enable Man-in-the-Middle and DoS Attacks — Patch Now

The Hacker News

Two security vulnerabilities have been discovered in the OpenSSH secure networking utility suite that, if successfully exploited, could result in an active machine-in-the-middle (MitM) and a denial-of-service (DoS) attack, respectively, under certain conditions.

135
135
article thumbnail

Windows 11 update breaks File Explorer - among other glitches

Zero Day

Microsoft's latest Patch Tuesday fixed several bugs but triggered several problems. Some users are struggling just to install the security update.

131
131
article thumbnail

Storm-2372 used the device code phishing technique since August 2024

Security Affairs

Russia-linked group Storm-2372 used the device code phishing technique since Aug 2024 to steal login tokens from governments, NGOs, and industries. Microsoft Threat Intelligence researchers warn that threat actor Storm-2372, likely linked to Russia, has been targeting governments, NGOs, and various industries across multiple regions since August 2024.

Phishing 115
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Atlas of Surveillance

Schneier on Security

The EFF has released its Atlas of Surveillance , which documents police surveillance technology across the US.

article thumbnail

CVE-2025-21420: Windows Disk Cleanup Tool Flaw Exploited to Gain SYSTEM Privileges, PoC Released

Penetration Testing

A vulnerability in the Windows Disk Cleanup Tool (cleanmgr.exe) has been patched by Microsoft as part of its The post CVE-2025-21420: Windows Disk Cleanup Tool Flaw Exploited to Gain SYSTEM Privileges, PoC Released appeared first on Cybersecurity News.

article thumbnail

Elon Musk’s DOGE Is Being Sued Under the Privacy Act: What to Know

WIRED Threat Level

At least eight ongoing lawsuits related to the so-called Department of Government Efficiencys alleged access to sensitive data hinge on the Watergate-inspired Privacy Act of 1974. But its not airtight.

article thumbnail

If COBOL is so problematic, why does the US government still use it?

Zero Day

If you've gotten cash from an ATM, you've interacted with a COBOL-based system. Here's why this old programming language will probably outlive us all.

article thumbnail

The Importance of User Roles and Permissions in Cybersecurity Software

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

article thumbnail

U.S. CISA adds Apple iOS and iPadOS and Mitel SIP Phones flaws to its Known Exploited Vulnerabilities catalog

Security Affairs

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apple iOS and iPadOS and Mitel SIP Phones vulnerabilities to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Apple iOS and iPadOS and Mitel SIP Phones vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog.

Spyware 108
article thumbnail

Device Code Phishing

Schneier on Security

This isn’t new, but it’s increasingly popular : The technique is known as device code phishing. It exploits “device code flow,” a form of authentication formalized in the industry-wide OAuth standard. Authentication through device code flow is designed for logging printers, smart TVs, and similar devices into accounts. These devices typically don’t support browsers, making it difficult to sign in using more standard forms of authentication, such as entering user nam

Phishing 202
article thumbnail

Google Announces Quantum-Safe Digital Signatures in Cloud KMS, Takes “Post-Quantum Computing Risks Seriously”

Tech Republic Security

This news about Google Cloud Key Management Service is part of the tech giants post-quantum computing strategy.

Risk 126
article thumbnail

Chinese Hackers Exploit MAVInject.exe to Evade Detection in Targeted Cyber Attacks

The Hacker News

The Chinese state-sponsored threat actor known as Mustang Panda has been observed employing a novel technique to evade detection and maintain control over infected systems. This involves the use of a legitimate Microsoft Windows utility called Microsoft Application Virtualization Injector (MAVInject.exe) to inject the threat actor's malicious payload into an external process, waitfor.

article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

10 key reasons AI went mainstream overnight - and what happens next

Zero Day

Not long ago, AI seemed like a futuristic idea. Now, it's in everything. What happened?

122
122
article thumbnail

CVE-2024-52577 (CVSS 9.5): Apache Ignite Vulnerability Could Allow Remote Code Execution

Penetration Testing

A high-severity vulnerability has been discovered in Apache Ignite, a popular open-source distributed database for high-performance computing. The The post CVE-2024-52577 (CVSS 9.5): Apache Ignite Vulnerability Could Allow Remote Code Execution appeared first on Cybersecurity News.

article thumbnail

DOGE’s USDS Purge Included the Guy Who Keeps Veterans’ Data Safe Online

WIRED Threat Level

The cybersecurity lead for VA.gov was fired last week. He tells WIRED that the Veterans Affairs digital hub will be more vulnerable without someone in his role.

article thumbnail

Attackers exploit recently disclosed Palo Alto Networks PAN-OS firewalls bug

Security Affairs

Threat actors are exploiting a recently disclosed vulnerability, tracked as CVE-2025-0108, inPalo Alto Networks PAN-OS firewalls. Researchers warn that threat actors are exploiting a recently disclosed vulnerability, tracked as CVE-2025-0108, in Palo Alto Networks PAN-OS firewalls. The Shadowserver Foundation researchers observed several CVE-2025-0108 attempts since 4 am UTC 2024-02-13 in their honeypots.

Firewall 102
article thumbnail

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

article thumbnail

Apple Drops iCloud's Advanced Data Protection in the U.K. Amid Encryption Backdoor Demands

The Hacker News

Apple is removing its Advanced Data Protection (ADP) feature for iCloud from the United Kingdom with immediate effect following government demands for backdoor access to encrypted user data. The development was first reported by Bloomberg.

article thumbnail

9 ways to delete yourself from the internet (and hide your identity online)

Zero Day

If you need to lock down data or reduce your digital footprint, follow our step-by-step guide.

Internet 117
article thumbnail

Metasploit-Ready: CVE-2025-1094 SQLi in PostgreSQL Exposes Systems to Remote Attacks

Penetration Testing

Rapid7 researchers have discovered a high-severity SQL injection vulnerability (CVE-2025-1094) in PostgreSQL’s interactive tool, psql. This vulnerability, found The post Metasploit-Ready: CVE-2025-1094 SQLi in PostgreSQL Exposes Systems to Remote Attacks appeared first on Cybersecurity News.

article thumbnail

News alert: INE Security’s focus on practical security training enhances career stability in tech

The Last Watchdog

Cary, NC, Feb. 19, 2025, CyberNewswire — 2025 marks a time of unprecedented volatility in the technology job market. On one hand, dependence on technology is soaring. The growth of AI and machine learning is propelling a surge in new technologies, tactics, and ideas. At the same time, organizations are trying to adapt to the changing dynamic. This has led to more job uncertainty, which the technology sector usually avoids.

Marketing 130
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.