Krebs on Security

JULY 10, 2024

The Russia-based cybercrime group dubbed “ Fin7 ,” known for phishing and malware attacks that have cost victim organizations an estimated $3 billion in losses since 2013, was declared dead last year by U.S. authorities. But experts say Fin7 has roared back to life in 2024 — setting up thousands of websites mimicking a range of media and technology companies — with the help of Stark Industries Solutions , a sprawling hosting provider that is a persistent source of cyberat

Phishing 257

Phishing Cybercrime Malware Software 257

Schneier on Security

JULY 10, 2024

New attack against the RADIUS authentication protocol: The Blast-RADIUS attack allows a man-in-the-middle attacker between the RADIUS client and server to forge a valid protocol accept message in response to a failed authentication request. This forgery could give the attacker access to network devices and services without the attacker guessing or brute forcing passwords or shared secrets.

Authentication 235

Authentication Passwords 235

Tech Republic Security

JULY 10, 2024

Read about the new Cisco Talos report on the top ransomware groups’ techniques and learn how to mitigate this cybersecurity risk. Cisco Talos observed the TTPs used by 14 of the most prevalent ransomware groups based on their volume of attack, impact to customers and atypical behavior.

Ransomware 194

Ransomware Risk Cybersecurity Social Engineering 194

WIRED Threat Level

JULY 10, 2024

Deepfake scam services. Victim data. Electrified shackles for human trafficking. Crypto tracing firm Elliptic found all were available for sale on an online marketplace linked to Cambodia’s ruling family.

Scams 132

Scams Hacking 132

Speaker: Speakers:

In today's digital age, having an untrained workforce can be a significant risk to your business. Cyber threats are evolving; without proper training, your employees could be the weakest link in your defense. This webinar empowers leaders like you with the tools and strategies needed to transform your employees into a robust frontline defense against cyber attacks.

Cyber Attacks

Tech Republic Security

JULY 10, 2024

Samsung’s next generation of foldable phones, Galaxy Z Fold6 and Galaxy Z Flip6, will include AI-powered note-taking features. At this Unpacked event, Samsung also showed new Galaxy watches and earbuds.

Artificial Intelligence 138

Artificial Intelligence Software Mobile 138

Security Boulevard

JULY 10, 2024

Grasping how biometric attacks work is crucial for organizations to make informed decisions based on actual threat intelligence. The post Deepfake Threats and Biometric Security Vulnerabilities appeared first on Security Boulevard.

Social Engineering 127

Social Engineering Security Awareness Engineering Malware 127

Security Boulevard

JULY 10, 2024

MD5 MITM Muddle: Ancient, widely used protocol has CVSS 9.0 vulnerability. The post ‘Blast-RADIUS’ Critical Bug Blows Up IT Vacation Plans appeared first on Security Boulevard.

Social Engineering 123

Social Engineering Data privacy IoT Security Awareness 123

Bleeping Computer

JULY 10, 2024

Microsoft fixed a Windows zero-day vulnerability that has been actively exploited in attacks for eighteen months to launch malicious scripts while bypassing built-in security features. [.

Malware 122

Malware 122

Security Boulevard

JULY 10, 2024

Google and Apple look to give users better protections against social engineering attacks like phishing, with Google giving high-risk users access to the APP service with a passkey and Apple educating users about the threats with a detailed support document in the wake of a recent smishing campaign. The post Google and Apple Move to Strengthen User Protections appeared first on Security Boulevard.

Social Engineering 120

Social Engineering Education Engineering Phishing 120

eSecurity Planet

JULY 10, 2024

Millions of online shoppers may be at risk after a data leak allegedly compromised customer information on Shopify, a leading e-commerce platform trusted by many businesses worldwide. Reports suggest nearly 180,000 users — 179,873 rows of users’ information — were impacted, with details like names, emails, and even purchase history potentially exposed.

Password Management 112

Password Management Passwords Identity Theft Marketing 112

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Security Boulevard

JULY 10, 2024

Three crucial ways to achieve zero-trust through your PAM strategy, ensuring that every privileged user session within your IT environment is safe by design. The post 3 Ways to Achieve Zero-Trust With Your PAM Strategy appeared first on Security Boulevard.

Security Awareness 119

Security Awareness Cybersecurity Network Security 119

Security Affairs

JULY 10, 2024

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Windows and Rejetto HTTP File Server bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog : CVE-2024-23692 Rejetto HTTP File Server Improper Neutralization of Special Elements Used in a Template Engine Vulnerability CVE-2024-38080 Microsoft Windows Hyper-V Privilege Esc

Engineering 121

Engineering Cybersecurity Hacking Risk 121

Security Boulevard

JULY 10, 2024

As cyberthreats continue to increase, automation and proactive measures will be essential for mitigating the risks associated with third-party relationships and safeguarding valuable data and infrastructure. The post Beyond Checklists: The Rise of Automated Vendor Assessment and Enhanced Security appeared first on Security Boulevard.

Risk 118

Risk Security Awareness Cybersecurity 118

Security Affairs

JULY 10, 2024

VMware addressed a critical SQL-Injection vulnerability, tracked as CVE-2024-22280, impacting Aria Automation. Virtualization giant VMware addressed a high-severity SQL-injection vulnerability, tracked as CVE-2024-22280 (CVSSv3 base score of 8.5), in its Aria Automation solution. VMware Aria Automation (formerly vRealize Automation ) is a modern cloud automation platform that simplifies and streamlines the deployment, management, and governance of cloud infrastructure and applications.

Authentication 119

Authentication Government Hacking Information Security 119

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Security Boulevard

JULY 10, 2024

The DOJ, FBI, and counterparts in Canada and the Netherlands seized two domains and 968 social media accounts on X that were being used to spread Russian disinformation in the United States and elsewhere. The post DOJ Shutters Massive Russian Bot Farm Spreading Disinformation appeared first on Security Boulevard.

Media 116

Media Accountability Security Awareness Mobile 116

Bleeping Computer

JULY 10, 2024

Microsoft has fixed a known issue causing restart loops and taskbar problems on Windows 11 systems after installing the June KB5039302 preview update. [.

125

125

The Hacker News

JULY 10, 2024

A now-patched security flaw in Veeam Backup & Replication software is being exploited by a nascent ransomware operation known as EstateRansomware. Singapore-headquartered Group-IB, which discovered the threat actor in early April 2024, said the modus operandi involved the exploitation of CVE-2023-27532 (CVSS score: 7.5) to carry out the malicious activities.

Backups 114

Backups Software Ransomware 114

Security Boulevard

JULY 10, 2024

Learn how the Ticketmaster breach introduces corporate vulnerabilities plus steps to detect company credential usage and safeguard your organization's systems. The post Why the Ticketmaster Breach is More Dangerous Than You Think appeared first on Security Boulevard.

112

112

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity

The Hacker News

JULY 10, 2024

Multiple threat actors have been observed exploiting a recently disclosed security flaw in PHP to deliver remote access trojans, cryptocurrency miners, and distributed denial-of-service (DDoS) botnets. The vulnerability in question is CVE-2024-4577 (CVSS score: 9.8), which allows an attacker to remotely execute malicious commands on Windows systems using Chinese and Japanese language locales.

DDOS 112

DDOS Cryptocurrency Malware 112

Security Affairs

JULY 10, 2024

A vulnerability affects some versions of the OpenSSH secure networking suite, it can potentially lead to remote code execution. The vulnerability CVE-2024-6409 (CVSS score: 7.0) impacts select versions of the OpenSSH secure networking suite, it can be exploited to achieve remote code execution (RCE). The issue is a possible race condition in cleanup_exit() in openssh’s privsep child that impacts openssh versions 8.7p1 and 8.8p1.

Authentication 113

Authentication Hacking Information Security 113

Security Boulevard

JULY 10, 2024

Microsoft has released its July 2024 Patch Tuesday security updates, addressing a total of 142 vulnerabilities, including four zero-day vulnerabilities. Notably, two of these zero-days are actively being exploited in the wild, posing significant risks to organizations using Microsoft products. Read on to learn more. What are the zero-day vulnerabilities mentioned in Microsoft’s July 2024 Patch Tuesday?

Risk 106

Risk 106

Security Affairs

JULY 10, 2024

IT giant Citrix addressed multiple vulnerabilities, including critical and high-severity issues in its NetScaler product. Citrix released security updates to address critical and high-severity issues in its NetScaler product. The most severe issue is an improper authorization flaw, tracked as CVE-2024-6235 (CVSS score of 9.4). An attacker with access to the NetScaler Console IP can exploit the vulnerability to access sensitive information.

Cyber threats 112

Cyber threats Hacking Cybersecurity Information Security 112

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

Veracode Security

JULY 10, 2024

Jay Jacobs and I recently delivered an RSA presentation called Quantifying the Probability of Flaws in Open Source. Since many people didn’t get a chance to see it, I thought I’d summarize some of the findings here for posterity. The question we investigated was simple, at least conceptually: what are the red flags of an open-source repository? Are there characteristics of a given open source library that would reliably indicate it was safer than others?

Software 106

Software Risk 106

Security Affairs

JULY 10, 2024

Multiple cybersecurity agencies released a joint advisory warning about a China-linked group APT40 ‘s capability to rapidly exploit disclosed security flaws. Cybersecurity agencies from Australia, Canada, Germany, Japan, New Zealand, South Korea, the U.K., and the U.S. released a joint advisory warning about the China-linked group APT40 (aka TEMP.Periscope , TEMP.Jumper , Bronze Mohawk, Gingham Typhoon, ISLANDDREAMS, Kryptonite Panda, Red Ladon, TA423 , and Leviathan ) and its capability t

Cybersecurity 111

Cybersecurity Hacking Software Government 111

Bleeping Computer

JULY 10, 2024

Over the last month, Microsoft 365 and Microsoft Office users have been experiencing "30088-27" errors when attempting to update the application.

112

112

SecureWorld News

JULY 10, 2024

The recent U.S. Supreme Court decision in Loper Bright Enterprises v. Raimondo threw a wrench into the realm of cybersecurity regulation. The Court's decision effectively overturned the Chevron Doctrine, a longstanding principle that gave deference to federal agencies' interpretations of ambiguous laws. Cybersecurity leaders are now scrambling to understand the implications for regulating the threat landscape—already a moving target.

Cybersecurity 102

Cybersecurity Surveillance Mobile Technology 102

Advertisement

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

Identity Theft

Bleeping Computer

JULY 10, 2024

GitLab warned today that a critical vulnerability in its product's GitLab Community and Enterprise editions allows attackers to run pipeline jobs as any other user. [.

106

106

The Hacker News

JULY 10, 2024

Microsoft has released patches to address a total of 143 security flaws as part of its monthly security updates, two of which have come under active exploitation in the wild. Five out of the 143 flaws are rated Critical, 136 are rated Important, and four are rated Moderate in severity.

100

100

Bleeping Computer

JULY 10, 2024

The latest variants of the ViperSoftX info-stealing malware use the common language runtime (CLR) to load and execute PowerShell commands within AutoIt scripts to evade detection. [.

Malware 102

Malware 102

Security Affairs

JULY 10, 2024

Microsoft Patch Tuesday security updates for July 2024 addressed 139 flaws, including two actively exploited zero-days. Microsoft Patch Tuesday security updates for July 2024 addressed 139 vulnerabilities in Windows and Windows Components; Office and Office Components; NET and Visual Studio; Azure; Defender for IoT; SQL Server; Windows Hyper-V; Bitlocker and Secure(?

IoT 103

IoT Hacking Information Security 103

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

Cybersecurity