The Last Watchdog

OCTOBER 3, 2024

Singapore, Oct. 3, 2024, CyberNewswire — At DEF CON 32, the SquareX research team delivered a hard-hitting presentation titled Sneaky Extensions: The MV3 Escape Artists where they shared their findings on how malicious browser extensions are bypassing Google’s latest standard for building chrome extensions: Manifest V3 (MV3)’s security features, putting millions of users and businesses at risk.

Risk 243

Risk Password Management Malware Media 243

Schneier on Security

OCTOBER 3, 2024

Hackers can execute commands on a remote computer by sending malformed emails to a Zimbra mail server. It’s critical, but difficult to exploit. In an email sent Wednesday afternoon, Proofpoint researcher Greg Lesnewich seemed to largely concur that the attacks weren’t likely to lead to mass infections that could install ransomware or espionage malware.

Ransomware 207

Ransomware Malware Hacking 207

Tech Republic Security

OCTOBER 3, 2024

A third of U.K. teachers have not received cyber security training this year, and only two-thirds of those that did deemed it useful, according to a government poll.

Cybersecurity 172

Cybersecurity Government Education 172

The Last Watchdog

OCTOBER 3, 2024

San Francisco, Calif., Oct. 3, 2024, CyberNewswire — Doppler , the leading platform in secrets management, today announces the launch of Change Requests , a new feature providing engineering teams with a secure, auditable approval process for managing and controlling secret changes across environments. Designed to enhance security, compliance, and team collaboration, Change Requests gives organizations the tools to mitigate the potential risks from misconfigurations or unauthorized changes

Data breaches 130

Data breaches Cybercrime Risk Media 130

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

Malwarebytes

OCTOBER 3, 2024

Like something out of Black Mirror, two students have demonstrated a way to use smart glasses and facial recognition technology to immediately reveal people’s names, phone numbers, and addresses. The Harvard students have dubbed the system I-XRAY and it works like this: When you look at someone’s face through the glasses—they used Ray-Ban Meta smart glasses—a connected Artificial Intelligence (AI) platform will look up that face on the internet and pull up all the information it can find about t

Artificial Intelligence 137

Artificial Intelligence Engineering Surveillance Technology 137

The Last Watchdog

OCTOBER 3, 2024

Torrance, Calif., Oct. 3, 2024, CyberNewswire — An exclusive live webinar will take place on October 4th at noon Eastern Time (ET), demonstrating how Criminal IP’s Attack Surface Management (ASM) can help organizations proactively detect and mitigate cyber threats. The webinar will feature a Criminal IP ASM Live Demo, providing a comprehensive view of attack surface visibility.

Cyber threats 130

Cyber threats Threat Detection Media Cybersecurity 130

Security Boulevard

OCTOBER 3, 2024

As organizations continue to adopt more SaaS applications, the need for comprehensive security solutions will only grow. The post SSPM: A Better Way to Secure SaaS Applications appeared first on Security Boulevard.

Cybersecurity 126

Cybersecurity 126

The Hacker News

OCTOBER 3, 2024

A new wave of international law enforcement actions has led to four arrests and the takedown of nine servers linked to the LockBit (aka Bitwise Spider) ransomware operation, marking the latest salvo against what was once a prolific financially motivated group. This includes the arrest of a suspected LockBit developer in France while on holiday outside of Russia, two individuals in the U.K.

Ransomware 129

Ransomware 129

Penetration Testing

OCTOBER 3, 2024

In a significant move to enforce the Digital Services Act (DSA), the European Commission has issued formal requests for information to YouTube, Snapchat, and TikTok, demanding detailed insights into the... The post YouTube, Snapchat, TikTok Ordered to Reveal Recommender System Details Amid DSA Crackdown appeared first on Cybersecurity News.

Cybersecurity 126

Cybersecurity Technology 126

Security Affairs

OCTOBER 3, 2024

Cloudflare recently mitigated a new record-breaking DDoS attack, peaking at 3.8 Tbps and 2.14 billion packets per second (Pps). Cloudflare reported that starting from early September, it has mitigated over 100 hyper-volumetric L3/4 DDoS attacks, with many exceeding 2 billion Pps and 3 Tbps. The largest DDoS attack peaked at 3.8 Tbps, that is the highest ever publicly disclosed. “Cloudflare’s defenses mitigated over one hundred hyper-volumetric L3/4 DDoS attacks throughout the month, with m

DDOS 125

DDOS Internet Internet Authentication 125

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

The Hacker News

OCTOBER 3, 2024

Linux servers are the target of an ongoing campaign that delivers a stealthy malware dubbed perfctl with the primary aim of running a cryptocurrency miner and proxyjacking software. "Perfctl is particularly elusive and persistent, employing several sophisticated techniques," Aqua security researchers Assaf Morag and Idan Revivo said in a report shared with The Hacker News.

Cryptocurrency 125

Cryptocurrency Malware Software 125

Security Affairs

OCTOBER 3, 2024

The Dutch government blames a “state actor” for hacking a police system, exposing the contact details of all police officers, according to the justice minister. The Dutch police blame a state actor for the recent data breach that exposed officers’ contact details, the justice minister told lawmakers. The incident took place on September 26, 2024, and the police have reported the security breach to the Data Protection Authority.

Data breaches 130

Data breaches Hacking Government Accountability 130

The Hacker News

OCTOBER 3, 2024

Threat actors with ties to North Korea have been observed delivering a previously undocumented backdoor and remote access trojan (RAT) called VeilShell as part of a campaign targeting Cambodia and likely other Southeast Asian countries.

Cyber Attacks 125

Cyber Attacks 125

Penetration Testing

OCTOBER 3, 2024

A high-severity vulnerability, CVE-2024-9313 ((CVSS 8.8)), has been discovered in Authd, an authentication daemon used for secure identity and access management in Ubuntu machines. This flaw could allow malicious actors... The post Authd Vulnerability (CVE-2024-9313) Allows User Impersonation on Ubuntu Systems appeared first on Cybersecurity News.

Authentication 111

Authentication Cybersecurity 111

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Software

The Hacker News

OCTOBER 3, 2024

INTERPOL has announced the arrest of eight individuals in Côte d'Ivoire and Nigeria as part of a crackdown on phishing scams and romance cyber fraud. Dubbed Operation Contender 2.0, the initiative is designed to tackle cyber-enabled crimes in West Africa, the agency said.

Phishing 124

Phishing Scams 124

Graham Cluley

OCTOBER 3, 2024

International law enforcement continues to dismantle the LockBit ransomware gang's infrastructure. Read more in my article on the Tripwire State of Security blog.

Ransomware 107

Ransomware Malware 107

The Hacker News

OCTOBER 3, 2024

Google has revealed the various security guardrails that have been incorporated into its latest Pixel devices to counter the rising threat posed by baseband security attacks. The cellular baseband (i.e., modem) refers to a processor on the device that's responsible for handling all connectivity, such as LTE, 4G, and 5G, with a mobile phone cell tower or base station over a radio interface.

Mobile 122

Mobile 122

Malwarebytes

OCTOBER 3, 2024

Two things are true of data online: It will be collected and, just as easily, it will be lost. But a major update to Malwarebytes Browser Guard will better protect users from opaque data collection that happens every day online, as well as raising their awareness about corporate data breaches that have left their sensitive information vulnerable to harm.

Data breaches 102

Data breaches Data collection Advertising Internet 102

Advertisement

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

Cybersecurity

Zero Day

OCTOBER 3, 2024

The fifth-gen Lenovo ThinkBook Plus is a laptop/tablet hybrid that runs on both Windows 11 and Android 13, resulting in a unique user experience that changed the way I use both.

98

98

Penetration Testing

OCTOBER 3, 2024

A high-severity vulnerability (CVE-2024-5102) has been discovered in Avast Antivirus for Windows, potentially allowing attackers to gain elevated privileges and wreak havoc on users’ systems. This flaw, present in versions... The post CVE-2024-5102: Avast Antivirus Flaw Could Allow Hackers to Delete Files and Run Code as SYSTEM appeared first on Cybersecurity News.

Antivirus 102

Antivirus Cybersecurity 102

Zero Day

OCTOBER 3, 2024

The AAWireless TWO is now smarter and more customizable - but only for Android users. Here's how to get notified when the dongle goes on sale later this month.

Wireless 98

Wireless 98

SecureWorld News

OCTOBER 3, 2024

The utility industry is undergoing changes that were unimaginable just a few decades ago. Remember when we were all excited about dial-up internet? Things have changed. Fast forward to today, and and we're not just talking about high-speed internet. But it also includes smart devices that monitor every aspect of today's utilities. From smart meters to self-repairing cables and now, with the launch of 5G, it feels like we are entering a new era.

IoT 90

IoT Energy and Utilities Internet Internet 90

Advertisement

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

The Hacker News

OCTOBER 3, 2024

For years, securing a company’s systems was synonymous with securing its “perimeter.” There was what was safe “inside” and the unsafe outside world. We built sturdy firewalls and deployed sophisticated detection systems, confident that keeping the barbarians outside the walls kept our data and systems safe.

Firewall 99

Firewall 99

Zero Day

OCTOBER 3, 2024

This lifetime license bundle deal gives you access to the entire Microsoft Office Pro 2021 suite and Windows 11 Pro for just $53 for a limited time.

98

98

Heimadal Security

OCTOBER 3, 2024

Privileged access management is one of the most important topics in cybersecurity – yet it can be a minefield to get right. For hackers, elevated permissions are one of the absolute best ways to plan and execute a successful account. In fact, many attacks would simply be impossible without them. But effective privileged access management […] The post The Complete Guide to PAM Tools, Features, And Techniques appeared first on Heimdal Security Blog.

Accountability 85

Accountability Cybersecurity 85

Zero Day

OCTOBER 3, 2024

Amazon is offering a $100 gift card when you buy the Samsung Galaxy S24 FE AI smartphone ahead of their Big Deal Days sale event on October 8 and 9.

97

97

Advertisement

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.

Cybersecurity

Penetration Testing

OCTOBER 3, 2024

Gen Threat Labs has issued an alert about a newly discovered rootkit named Snapekit, which poses a significant threat to Arch Linux systems running kernel version 6.10.2-arch1-1 x86_64. This sophisticated... The post Snapekit Rootkit Unveiled: A Stealthy Threat Targeting Arch Linux appeared first on Cybersecurity News.

Cybersecurity 93

Cybersecurity Malware 93

Zero Day

OCTOBER 3, 2024

If Safari is your go-to browser for MacOS, there are extensions you can add to improve the overall experience. Here are my top five.

93

93

Webroot

OCTOBER 3, 2024

Generative AI has taken the world by storm, transforming how individuals and businesses interact with and trust this new technology. With tools like ChatGPT, Grok, DALL-E, and Microsoft Copilot, everyday users are finding new ways to enhance productivity, creativity, and efficiency. However, as the integration of AI into daily life accelerates, so do the concerns around privacy and security.

Education 79

Education Passwords Password Management Authentication 79

Google Security

OCTOBER 3, 2024

Posted by Sherk Chung, Stephan Chen, Pixel team, and Roger Piqueras Jover, Ivan Lozano, Android team Pixel phones have earned a well-deserved reputation for being security-conscious. In this blog, we'll take a peek under the hood to see how Pixel mitigates common exploits on cellular basebands. Smartphones have become an integral part of our lives, but few of us think about the complex software that powers them, especially the cellular baseband – the processor on the device responsible for handl

Firmware 77

Firmware Software Risk Malware 77

Advertisement

Leverage the Cloud Development Environment Maturity Model to elevate your software development practices with scalable, secure cloud-based workspaces. This model offers a structured approach to modernizing development, aligning technology, developer experience, security, and workflows. By implementing Cloud Development Environments (CDEs), teams can boost efficiency, improve security, and streamline operations through centralized governance.

Government