Schneier on Security

NOVEMBER 29, 2024

These are two attacks against the system components surrounding LLMs: We propose that LLM Flowbreaking, following jailbreaking and prompt injection, joins as the third on the growing list of LLM attack types. Flowbreaking is less about whether prompt or response guardrails can be bypassed, and more about whether user inputs and generated model outputs can adversely affect these other components in the broader implemented system. […] When confronted with a sensitive topic, Microsoft 365 Cop

Architecture 269

Architecture Artificial Intelligence 269

Tech Republic Security

NOVEMBER 29, 2024

The cost to hire a hacker can be incredibly cheap. Use this cybersecurity guide to learn about the major activities of hackers.

Cybersecurity 185

Cybersecurity 185

The Hacker News

NOVEMBER 29, 2024

Cybersecurity researchers are warning about malicious email campaigns leveraging a phishing-as-a-service (PhaaS) toolkit called Rockstar 2FA with an aim to steal Microsoft 365 account credentials.

Phishing 137

Phishing Authentication Accountability Cybersecurity 137

Security Affairs

NOVEMBER 29, 2024

Russian authorities arrested ransomware affiliate Mikhail Matveev, aka Wazawaka, for developing malware and ties to hacking groups. Russian authorities arrested a ransomware affiliate, Mikhail Pavlovich Matveev (also known as Wazawaka, Uhodiransomwar, m1x, and Boriselcin), and charged him for developing malware and his role in several hacking groups.

Ransomware 116

Ransomware Healthcare Hacking Malware 116

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

The Hacker News

NOVEMBER 29, 2024

A Russian cybercriminal wanted in the U.S. in connection with LockBit and Hive ransomware operations has been arrested by law enforcement authorities in the country. According to a news report from Russian media outlet RIA Novosti, Mikhail Pavlovich Matveev has been accused of developing a malicious program designed to encrypt files and seek ransom in return for a decryption key.

Ransomware 138

Ransomware Media Encryption 138

Security Affairs

NOVEMBER 29, 2024

Phishing tool Rockstar 2FA targets Microsoft 365 credentials, it uses adversary-in-the-middle (AitM) attacks to bypass multi-factor authentication. Trustwave researchers are monitoring malicious activity associated with Phishing-as-a-Service (PaaS) platforms, their latest report focuses on a toolkit called Rockstar 2FA. Rockstar 2FA targets Microsoft 365 accounts and bypasses multi-factor authentication with adversary-in-the-middle (AitM) attacks.

Phishing 111

Phishing Accountability Authentication Advertising 111

Penetration Testing

NOVEMBER 29, 2024

Cybersecurity researchers at ReversingLabs have uncovered a stealthy supply chain attack targeting cryptocurrency wallets via the PyPI repository. The malicious package, named aiocpa, posed as a legitimate crypto client tool,... The post Malicious PyPI Package Targets Cryptocurrency Wallets: aiocpa Campaign Exposed appeared first on Cybersecurity News.

Cryptocurrency 99

Cryptocurrency Cybersecurity Malware 99

Zero Day

NOVEMBER 29, 2024

Holiday shopping? These handy gadgets make great gifts for your utility-obsessed loved ones. Help them be prepared for anything with these EDC essentials, especially for just a few dollars.

105

105

The Hacker News

NOVEMBER 29, 2024

A Moscow-based company sanctioned by the U.S. earlier this year has been linked to yet another influence operation designed to turn public opinion against Ukraine and erode Western support since at least December 2023.

Artificial Intelligence 125

Artificial Intelligence 125

Zero Day

NOVEMBER 29, 2024

Verizon's holiday home internet plan deals start at $35 a month and include a ton of free gifts right now. You better act fast because Black Friday is ending soon.

Internet 105

Internet Internet 105

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

The Hacker News

NOVEMBER 29, 2024

Microsoft has addressed four security flaws impacting its artificial intelligence (AI), cloud, enterprise resource planning, and Partner Center offerings, including one that it said has been exploited in the wild. The vulnerability that has been tagged with an "Exploitation Detected" assessment is CVE-2024-49035 (CVSS score: 8.7), a privilege escalation flaw in partner.microsoft[.]com.

Artificial Intelligence 125

Artificial Intelligence 125

Security Affairs

NOVEMBER 29, 2024

Russian authorities arrested ransomware affiliate Mikhail Matveev, aka Wazawaka, for developing malware and ties to hacking groups. Russian authorities arrested a ransomware affiliate, Mikhail Pavlovich Matveev (also known as Wazawaka, Uhodiransomwar, m1x, and Boriselcin), and charged him for developing malware and his role in several hacking groups.

Ransomware 98

Ransomware Healthcare Hacking Malware 98

Zero Day

NOVEMBER 29, 2024

It might be one of those 'too good to be true' offers for most people, but the right customer can realize the one-cent iPhone dream with this Boost Mobile promo.

Mobile 98

Mobile 98

WIRED Threat Level

NOVEMBER 29, 2024

Following decades of failed attempts and dashed dreams, the US Army is once again trying out powered exoskeletons to help soldiers haul munitions and equipment in the field.

93

93

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

Zero Day

NOVEMBER 29, 2024

The 10th gen iPad was selling for $450 less than a year ago. It's a champ for streaming your favorite content, reading, video calls, and surfing the web.

97

97

Security Affairs

NOVEMBER 29, 2024

Phishing tool Rockstar 2FA targets Microsoft 365 credentials, it uses adversary-in-the-middle (AitM) attacks to bypass multi-factor authentication. Trustwave researchers are monitoring malicious activity associated with Phishing-as-a-Service (PaaS) platforms, their latest report focuses on a toolkit called Rockstar 2FA. Rockstar 2FA targets Microsoft 365 accounts and bypasses multi-factor authentication with adversary-in-the-middle (AitM) attacks.

Phishing 95

Phishing Accountability Authentication Advertising 95

The Hacker News

NOVEMBER 29, 2024

The lines between digital and physical realms increasingly blur. While this opens countless opportunities for businesses, it also brings numerous challenges. In our recent webinar, Shaping the Cyber-Physical Future: Trends, Challenges, and Opportunities for 2025, we explored the different factors shaping the cyber-physical future.

110

110

SecureList

NOVEMBER 29, 2024

IT threat evolution in Q3 2024 IT threat evolution in Q3 2024. Non-mobile statistics IT threat evolution in Q3 2024. Mobile statistics The statistics presented here are based on detection verdicts by Kaspersky products and services received from users who consented to providing statistical data. Quarterly figures In Q3 2024: Kaspersky solutions successfully blocked more than 652 million cyberattacks originating from various online resources.

Mobile 77

Mobile Adware Ransomware Malware 77

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Software

Zero Day

NOVEMBER 29, 2024

I've personally tested all five of these tech products and they're outstanding.

115

115

SecureWorld News

NOVEMBER 29, 2024

New Insights from The Cyber Helpline reveal a shocking gap in the justice system for cybercrime victims in the U.K. The report-- The Funnel of Justice: Understanding Reporting Gaps, Judicial Outcomes and Taxonomic Concerns in Cybercrime and Online Harm Victimisation --is an in-depth investigation highlighting the stark realities that cybercrime victims face.

Cybercrime 76

Cybercrime Technology 76

Zero Day

NOVEMBER 29, 2024

Cozy Earth makes soft, silky sheets -- and you can get them for up to 45% off for Black Friday for a limited time.

98

98

SecureList

NOVEMBER 29, 2024

IT threat evolution in Q3 2024 IT threat evolution in Q3 2024. Non-mobile statistics IT threat evolution in Q3 2024. Mobile statistics Quarterly figures According to Kaspersky Security Network, in Q3 2024: As many as 6.7 million attacks involving malware, adware or potentially unwanted mobile apps were prevented. Adware was the most common mobile threat, accounting for 36% of all detected threats.

Mobile 76

Mobile Adware Banking Malware 76

Advertisement

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

Cybersecurity

Malwarebytes

NOVEMBER 29, 2024

Anyone who has ever used a printer likely has had a frustrating experience at some point. There always seems to be some kind of issue with the software not responding, paper getting jammed or one of many other possible failures. When people need help, they often turn to Google (and now AI) to look for an answer. This is where scammers come in, preying on unsuspecting and irate users ready to throw their printer out the window.

Scams 76

Scams Software Manufacturing Banking 76

Zero Day

NOVEMBER 29, 2024

A special Black Friday deal delivers a 50% discount on Meta Ray-Bans. The smart glasses have audio nearly as good as a pair of AirPods, but you also get a fast camera and a hands-free AI assistant.

101

101

Penetration Testing

NOVEMBER 29, 2024

Abstract In the realm of offensive security assessments, the need for discreet and effective Active Directory (AD) reconnaissance is paramount. Traditional methods often rely on introducing external binaries, increasing the... The post ShadowHound: Enhancing Active Directory Reconnaissance with a Stealthy and Efficient Ingestor appeared first on Cybersecurity News.

Cybersecurity 71

Cybersecurity 71

Zero Day

NOVEMBER 29, 2024

Are you looking to find a deal on an iPad this holiday season? With these Black Friday iPad deals across retailers, you can save up to $300 on a new iPad model.

Retail 105

Retail 105

Advertisement

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

SecureBlitz

NOVEMBER 29, 2024

Save 15 percent on Your First aloSIM Purchase with the code: SECUREBLITZ15 Looking for affordable, seamless mobile connectivity for your travels, remote work, or daily internet needs? Look no further—aloSIM is here to revolutionize the way you stay connected! And now, for a limited time, you can save 15% on your first purchase using the […] The post Save 15% on Your First aloSIM Purchase with SECUREBLITZ appeared first on SecureBlitz Cybersecurity.

Mobile 69

Mobile Internet Internet Cybersecurity 69

Zero Day

NOVEMBER 29, 2024

Black Friday is here. Our deal-hunting experts have found some of the best discounts available for popular brands, including Apple, Samsung, and Sony, at top retailers like Amazon, Best Buy, and Walmart.

Retail 98

Retail 98

Penetration Testing

NOVEMBER 29, 2024

The Apache Software Foundation has addressed a critical security vulnerability (CVE-2024-52338) in the Apache Arrow R package. This vulnerability, impacting versions 4.0.0 through 16.1.0, could allow attackers to execute arbitrary... The post CVE-2024-52338: Critical Security Flaw in Apache Arrow R Package Allows Arbitrary Code Execution appeared first on Cybersecurity News.

Software 66

Software Cybersecurity 66

Zero Day

NOVEMBER 29, 2024

The LG G4 OLED TV offers the best color I've ever seen. Even though I don't prefer the remote or the built-in software, the picture quality is so stunning that you can just connect a high-end streaming box and enjoy the incredible display.

Software 75

Software 75

Advertisement

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.

Cybersecurity