Wed.Jul 10, 2024

article thumbnail

The Stark Truth Behind the Resurgence of Russia’s Fin7

Krebs on Security

The Russia-based cybercrime group dubbed “ Fin7 ,” known for phishing and malware attacks that have cost victim organizations an estimated $3 billion in losses since 2013, was declared dead last year by U.S. authorities. But experts say Fin7 has roared back to life in 2024 — setting up thousands of websites mimicking a range of media and technology companies — with the help of Stark Industries Solutions , a sprawling hosting provider that is a persistent source of cyberat

Phishing 278
article thumbnail

RADIUS Vulnerability

Schneier on Security

New attack against the RADIUS authentication protocol: The Blast-RADIUS attack allows a man-in-the-middle attacker between the RADIUS client and server to forge a valid protocol accept message in response to a failed authentication request. This forgery could give the attacker access to network devices and services without the attacker guessing or brute forcing passwords or shared secrets.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Cisco Talos: Top Ransomware TTPs Exposed

Tech Republic Security

Read about the new Cisco Talos report on the top ransomware groups’ techniques and learn how to mitigate this cybersecurity risk. Cisco Talos observed the TTPs used by 14 of the most prevalent ransomware groups based on their volume of attack, impact to customers and atypical behavior.

article thumbnail

Deepfake Threats and Biometric Security Vulnerabilities

Security Boulevard

Grasping how biometric attacks work is crucial for organizations to make informed decisions based on actual threat intelligence. The post Deepfake Threats and Biometric Security Vulnerabilities appeared first on Security Boulevard.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Samsung Galaxy Unpacked 2024: Samsung’s Next Foldable Phones Have Built-In Google AI

Tech Republic Security

Samsung’s next generation of foldable phones, Galaxy Z Fold6 and Galaxy Z Flip6, will include AI-powered note-taking features. At this Unpacked event, Samsung also showed new Galaxy watches and earbuds.

article thumbnail

VMware fixed critical SQL-Injection in Aria Automation product

Security Affairs

VMware addressed a critical SQL-Injection vulnerability, tracked as CVE-2024-22280, impacting Aria Automation. Virtualization giant VMware addressed a high-severity SQL-injection vulnerability, tracked as CVE-2024-22280 (CVSSv3 base score of 8.5), in its Aria Automation solution. VMware Aria Automation (formerly vRealize Automation ) is a modern cloud automation platform that simplifies and streamlines the deployment, management, and governance of cloud infrastructure and applications.

More Trending

article thumbnail

U.S. CISA adds Microsoft Windows and Rejetto HTTP File Server bugs to its Known Exploited Vulnerabilities catalog

Security Affairs

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Windows and Rejetto HTTP File Server bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog : CVE-2024-23692 Rejetto HTTP File Server Improper Neutralization of Special Elements Used in a Template Engine Vulnerability CVE-2024-38080 Microsoft Windows Hyper-V Privilege Esc

article thumbnail

New Ransomware Group Exploiting Veeam Backup Software Vulnerability

The Hacker News

A now-patched security flaw in Veeam Backup & Replication software is being exploited by a nascent ransomware operation known as EstateRansomware. Singapore-headquartered Group-IB, which discovered the threat actor in early April 2024, said the modus operandi involved the exploitation of CVE-2023-27532 (CVSS score: 7.5) to carry out the malicious activities.

Backups 134
article thumbnail

‘Blast-RADIUS’ Critical Bug Blows Up IT Vacation Plans

Security Boulevard

MD5 MITM Muddle: Ancient, widely used protocol has CVSS 9.0 vulnerability. The post ‘Blast-RADIUS’ Critical Bug Blows Up IT Vacation Plans appeared first on Security Boulevard.

article thumbnail

PHP Vulnerability Exploited to Spread Malware and Launch DDoS Attacks

The Hacker News

Multiple threat actors have been observed exploiting a recently disclosed security flaw in PHP to deliver remote access trojans, cryptocurrency miners, and distributed denial-of-service (DDoS) botnets. The vulnerability in question is CVE-2024-4577 (CVSS score: 9.8), which allows an attacker to remotely execute malicious commands on Windows systems using Chinese and Japanese language locales.

DDOS 132
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Google and Apple Move to Strengthen User Protections

Security Boulevard

Google and Apple look to give users better protections against social engineering attacks like phishing, with Google giving high-risk users access to the APP service with a passkey and Apple educating users about the threats with a detailed support document in the wake of a recent smishing campaign. The post Google and Apple Move to Strengthen User Protections appeared first on Security Boulevard.

article thumbnail

The $11 Billion Marketplace Enabling the Crypto Scam Economy

WIRED Threat Level

Deepfake scam services. Victim data. Electrified shackles for human trafficking. Crypto tracing firm Elliptic found all were available for sale on an online marketplace linked to Cambodia’s ruling family.

Scams 121
article thumbnail

3 Ways to Achieve Zero-Trust With Your PAM Strategy

Security Boulevard

Three crucial ways to achieve zero-trust through your PAM strategy, ensuring that every privileged user session within your IT environment is safe by design. The post 3 Ways to Achieve Zero-Trust With Your PAM Strategy appeared first on Security Boulevard.

article thumbnail

Windows MSHTML zero-day used in malware attacks for over a year

Bleeping Computer

Microsoft fixed a Windows zero-day vulnerability that has been actively exploited in attacks for eighteen months to launch malicious scripts while bypassing built-in security features. [.

Malware 119
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Beyond Checklists: The Rise of Automated Vendor Assessment and Enhanced Security

Security Boulevard

As cyberthreats continue to increase, automation and proactive measures will be essential for mitigating the risks associated with third-party relationships and safeguarding valuable data and infrastructure. The post Beyond Checklists: The Rise of Automated Vendor Assessment and Enhanced Security appeared first on Security Boulevard.

Risk 120
article thumbnail

Shopify Blames a Compromised Third-Party App for Data Leak

eSecurity Planet

Millions of online shoppers may be at risk after a data leak allegedly compromised customer information on Shopify, a leading e-commerce platform trusted by many businesses worldwide. Reports suggest nearly 180,000 users — 179,873 rows of users’ information — were impacted, with details like names, emails, and even purchase history potentially exposed.

article thumbnail

A new flaw in OpenSSH can lead to remote code execution

Security Affairs

A vulnerability affects some versions of the OpenSSH secure networking suite, it can potentially lead to remote code execution. The vulnerability CVE-2024-6409 (CVSS score: 7.0) impacts select versions of the OpenSSH secure networking suite, it can be exploited to achieve remote code execution (RCE). The issue is a possible race condition in cleanup_exit() in openssh’s privsep child that impacts openssh versions 8.7p1 and 8.8p1.

article thumbnail

Microsoft fixes Windows 11 bug causing reboot loops, taskbar freezes

Bleeping Computer

Microsoft has fixed a known issue causing restart loops and taskbar problems on Windows 11 systems after installing the June KB5039302 preview update. [.

125
125
article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

article thumbnail

Citrix fixed critical and high-severity bugs in NetScaler product

Security Affairs

IT giant Citrix addressed multiple vulnerabilities, including critical and high-severity issues in its NetScaler product. Citrix released security updates to address critical and high-severity issues in its NetScaler product. The most severe issue is an improper authorization flaw, tracked as CVE-2024-6235 (CVSS score of 9.4). An attacker with access to the NetScaler Console IP can exploit the vulnerability to access sensitive information.

article thumbnail

Why the Ticketmaster Breach is More Dangerous Than You Think

Security Boulevard

Learn how the Ticketmaster breach introduces corporate vulnerabilities plus steps to detect company credential usage and safeguard your organization's systems. The post Why the Ticketmaster Breach is More Dangerous Than You Think appeared first on Security Boulevard.

114
114
article thumbnail

Microsoft's July Update Patches 143 Flaws, Including Two Actively Exploited

The Hacker News

Microsoft has released patches to address a total of 143 security flaws as part of its monthly security updates, two of which have come under active exploitation in the wild. Five out of the 143 flaws are rated Critical, 136 are rated Important, and four are rated Moderate in severity.

121
121
article thumbnail

Microsoft’s July 2024 Patch Tuesday Addresses 4 Zero-Days, 142 Vulnerabilities

Security Boulevard

Microsoft has released its July 2024 Patch Tuesday security updates, addressing a total of 142 vulnerabilities, including four zero-day vulnerabilities. Notably, two of these zero-days are actively being exploited in the wild, posing significant risks to organizations using Microsoft products. Read on to learn more. What are the zero-day vulnerabilities mentioned in Microsoft’s July 2024 Patch Tuesday?

Risk 108
article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

GitLab Patches Critical Flaw Allowing Unauthorized Pipeline Jobs

The Hacker News

GitLab has shipped another round of updates to close out security flaws in its software development platform, including a critical bug that allows an attacker to run pipeline jobs as an arbitrary user. Tracked as CVE-2024-6385, the vulnerability carries a CVSS score of 9.6 out of a maximum of 10.0. "An issue was discovered in GitLab CE/EE affecting versions 15.8 prior to 16.11.6, 17.

Software 121
article thumbnail

Microsoft Patch Tuesday for July 2024 fixed 2 actively exploited zero-days

Security Affairs

Microsoft Patch Tuesday security updates for July 2024 addressed 139 flaws, including two actively exploited zero-days. Microsoft Patch Tuesday security updates for July 2024 addressed 139 vulnerabilities in Windows and Windows Components; Office and Office Components; NET and Visual Studio; Azure; Defender for IoT; SQL Server; Windows Hyper-V; Bitlocker and Secure(?

IoT 131
article thumbnail

Crypto Analysts Expose HuiOne Guarantee's $11 Billion Cybercrime Transactions

The Hacker News

Cryptocurrency analysts have shed light on an online marketplace called HuiOne Guarantee that's widely used by cybercriminals in Southeast Asia, particularly those linked to pig butchering scams. "Merchants on the platform offer technology, data, and money laundering services, and have engaged in transactions totaling at least $11 billion," Elliptic said in a report shared with The Hacker News.

article thumbnail

Quantifying the Probability of Flaws in Open Source

Veracode Security

Jay Jacobs and I recently delivered an RSA presentation called Quantifying the Probability of Flaws in Open Source. Since many people didn’t get a chance to see it, I thought I’d summarize some of the findings here for posterity. The question we investigated was simple, at least conceptually: what are the red flags of an open-source repository? Are there characteristics of a given open source library that would reliably indicate it was safer than others?

Software 105
article thumbnail

IT Leadership Agrees AI is Here, but Now What?

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.

article thumbnail

Microsoft 365, Office users hit by wave of ‘30088-27’ update errors

Bleeping Computer

Over the last month, Microsoft 365 and Microsoft Office users have been experiencing "30088-27" errors when attempting to update the application.

111
111
article thumbnail

Chevron Doctrine Reversal: What's It Mean for Cybersecurity Regulation?

SecureWorld News

The recent U.S. Supreme Court decision in Loper Bright Enterprises v. Raimondo threw a wrench into the realm of cybersecurity regulation. The Court's decision effectively overturned the Chevron Doctrine, a longstanding principle that gave deference to federal agencies' interpretations of ambiguous laws. Cybersecurity leaders are now scrambling to understand the implications for regulating the threat landscape—already a moving target.

article thumbnail

GitLab: Critical bug lets attackers run pipelines as other users

Bleeping Computer

GitLab warned today that a critical vulnerability in its product's GitLab Community and Enterprise editions allows attackers to run pipeline jobs as any other user. [.

104
104
article thumbnail

Google Adds Passkeys to Advanced Protection Program for High-Risk Users

The Hacker News

Google on Wednesday announced that it's making available passkeys for high-risk users to enroll in its Advanced Protection Program (APP). "Users traditionally needed a physical security key for APP — now they can choose a passkey to secure their account," Shuvo Chatterjee, product lead of APP, said. Passkeys are considered a more secure and phishing-resistant alternative to passwords.

Risk 110
article thumbnail

Enhance Innovation and Governance Through the Cloud Development Maturity Model

Leverage the Cloud Development Environment Maturity Model to elevate your software development practices with scalable, secure cloud-based workspaces. This model offers a structured approach to modernizing development, aligning technology, developer experience, security, and workflows. By implementing Cloud Development Environments (CDEs), teams can boost efficiency, improve security, and streamline operations through centralized governance.