Schneier on Security

NOVEMBER 25, 2024

Interesting analysis: An Internet Voting System Fatally Flawed in Creative New Ways. Abstract: The recently published “MERGE” protocol is designed to be used in the prototype CAC-vote system. The voting kiosk and protocol transmit votes over the internet and then transmit voter-verifiable paper ballots through the mail. In the MERGE protocol, the votes transmitted over the internet are used to tabulate the results and determine the winners, but audits and recounts use the paper ballo

Internet 201

Internet Internet 201

Security Affairs

NOVEMBER 25, 2024

Thai authorities arrested fraud gangs in Bangkok for SMS blaster attacks, they used fake cell towers to send thousands of malicious SMS messages to nearby phones. Thai authorities arrested members of two Chinese cybercrime organizations, one of these groups carried out SMS blaster attacks. The crooks were driving through Bangkok’s streets while sending hundreds of thousands of malicious SMS text messages to nearby cell phones. “One of these gangs had disguised themselves as a legitim

Mobile 114

Mobile Scams Technology Telecommunications 114

The Hacker News

NOVEMBER 25, 2024

Cybersecurity researchers have uncovered a new malicious campaign that leverages a technique called Bring Your Own Vulnerable Driver (BYOVD) to disarm security protections and ultimately gain access to the infected system. "This malware takes a more sinister route: it drops a legitimate Avast Anti-Rootkit driver (aswArPot.

Antivirus 111

Antivirus Malware Cybersecurity 111

Security Boulevard

NOVEMBER 25, 2024

EnamelPins, which manufactures and sells medals, pins, and other emblematic accessories, for months left open an Elasticsearch instance that exposed 300,000 customer emails, including 2,500 from military and government personnel. The company, based in California, also has links to China, Cybernews researchers wrote. The post Huge Leak of Customer Data Includes Military Personnel Info appeared first on Security Boulevard.

Manufacturing 99

Manufacturing Government Security Awareness Phishing 99

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

Security Affairs

NOVEMBER 25, 2024

Russia-linked threat actors TAG-110 employed custom malware HATVIBE and CHERRYSPY to target organizations in Asia and Europe. Insikt Group researchers uncovered an ongoing cyber-espionage campaign by Russia-linked threat actor TAG-110 that employed custom malware tools HATVIBE and CHERRYSPY. The campaign primarily targeted government entities, human rights groups, and educational institutions in Central Asia, East Asia, and Europe.

Malware 97

Malware Encryption Phishing Government 97

Security Boulevard

NOVEMBER 25, 2024

Several macro-trends – such as growing digital transformation, rising hybrid work and, especially, booming AI adoption – have created an increasingly sophisticated threat landscape. The post In a Growing Threat Landscape, Companies Must do Three Things to Get Serious About Cybersecurity appeared first on Security Boulevard.

Digital transformation 98

Digital transformation Cybersecurity CISO Security Awareness 98

The Hacker News

NOVEMBER 25, 2024

The administrators of the Python Package Index (PyPI) repository have quarantined the package "aiocpa" following a new update that included malicious code to exfiltrate private keys via Telegram. The package in question is described as a synchronous and asynchronous Crypto Pay API client. The package, originally released in September 2024, has been downloaded 12,100 times to date.

96

96

Penetration Testing

NOVEMBER 25, 2024

The PHP development team has released urgent security updates to address multiple vulnerabilities affecting versions prior to 8.1.31, 8.2.26, and 8.3.14. These vulnerabilities range in severity, with some potentially allowing... The post PHP Patches Multi Flaws, Including CVE-2024-8932 (CVSS 9.8), Urges Immediate Update appeared first on Cybersecurity News.

Cybersecurity 96

Cybersecurity 96

The Hacker News

NOVEMBER 25, 2024

Dive into the evolution of phishing and malware evasion techniques and understand how attackers are using increasingly sophisticated methods to bypass security measures. The Evolution of Phishing Attacks “I really like the saying that ‘This is out of scope’ said no hacker ever.

Phishing 92

Phishing Technology Malware 92

Penetration Testing

NOVEMBER 25, 2024

QNAP has issued a security advisory urging users of its QuRouter network appliance to update their devices immediately. The advisory addresses multiple vulnerabilities, including CVE-2024-48860 and CVE-2024-48861, which could allow... The post CVE-2024-48860 (CVSS 9.5): Critical Flaw in QNAP QuRouter, Immediate Update Recommended appeared first on Cybersecurity News.

Cybersecurity 95

Cybersecurity 95

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

Security Boulevard

NOVEMBER 25, 2024

A strategic approach to achieving speed without sacrificing protection requires a deliberate focus on application connectivity. The post Better Prioritization and Network Clarity Can Close the Gap Between Application Security and Speed appeared first on Security Boulevard.

Security Awareness 87

Security Awareness Cybersecurity 87

Penetration Testing

NOVEMBER 25, 2024

A recent report from the Wordfence Threat Intelligence Team has revealed two critical vulnerabilities in the Anti-Spam by CleanTalk WordPress plugin, impacting over 200,000 active installations. These vulnerabilities, tracked as... The post CVE-2024-10542 & CVE-2024-10781: Critical WordPress Plugin Flaw Exposes 200,000 Sites appeared first on Cybersecurity News.

Cybersecurity 93

Cybersecurity 93

Malwarebytes

NOVEMBER 25, 2024

Andrew Tate’s online education platform The Real World—formerly known as Hustlers University—has been hacked and user data has been stolen. Hacktivists flooded the primary chatroom with emojis as proof that they had breached the site. After this they shared approximately 794,000 usernames of, allegedly, the site’s current and former members with the Daily Dot and journalism collective DDoSecrets.

Data breaches 84

Data breaches Passwords Phishing Password Management 84

Tech Republic Security

NOVEMBER 25, 2024

Australian banks, insurers, and superannuation funds must meet higher regulatory resilience standards by as soon as July 2025.

Insurance 89

Insurance Banking Financial Services 89

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

The Hacker News

NOVEMBER 25, 2024

Cybersecurity researchers have disclosed two new attack techniques against infrastructure-as-code (IaC) and policy-as-code (PaC) tools like HashiCorp's Terraform and Open Policy Agent (OPA) that leverage dedicated, domain-specific languages (DSLs) to breach cloud platforms and exfiltrate data.

Cybersecurity 84

Cybersecurity 84

Penetration Testing

NOVEMBER 25, 2024

Vietnam has become a hotspot for malicious operations targeting Facebook Business accounts, with threat actors leveraging infostealers like VietCredCare and DuckTail. According to a report from Group-IB, these malware families... The post Infostealers VietCredCare and DuckTail Fuel Facebook Business Account Exploitation appeared first on Cybersecurity News.

Accountability 83

Accountability Malware Cybersecurity 83

Security Boulevard

NOVEMBER 25, 2024

Discover how to maximize the value of your SOC 2 report to enhance your business’s security posture and strengthen trust. The post How to Read, Review, and Analyze a SOC 2 Report appeared first on Scytale. The post How to Read, Review, and Analyze a SOC 2 Report appeared first on Security Boulevard.

81

81

Penetration Testing

NOVEMBER 25, 2024

The Lazarus Group, a notorious North Korean cyber espionage collective, has added another stealthy technique to its arsenal: the abuse of xattr, or extended file attributes, in Unix-based systems like... The post Lazarus Group Exploits xattr with “RustyAttr” to Evade Detection appeared first on Cybersecurity News.

Cybersecurity 83

Cybersecurity Malware 83

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

The Hacker News

NOVEMBER 25, 2024

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a now-patched critical security flaw impacting Array Networks AG and vxAG secure access gateways to its Known Exploited Vulnerabilities (KEV) catalog following reports of active exploitation in the wild. The vulnerability, tracked as CVE-2023-28461 (CVSS score: 9.

Authentication 78

Authentication Cybersecurity 78

Security Boulevard

NOVEMBER 25, 2024

U.S. officials are pushing back at the ongoing threats posted by Chinese state-sponsored hackers like Volt Typhoon and Salt Typhoon, which have infiltrated critical infrastructure organizations to steal information and preposition themselves in case of a conflict breaking out between the two countries. The post The Cyberthreats from China are Ongoing: U.S.

Cybersecurity 76

Cybersecurity Network Security 76

The Hacker News

NOVEMBER 25, 2024

Google has introduced a new feature called Restore Credentials to help users restore their account access to third-party apps securely after migrating to a new Android device. Part of Android's Credential Manager API, the feature aims to reduce the hassle of re-entering the login credentials for every app during the handset replacement.

Accountability 76

Accountability 76

Security Affairs

NOVEMBER 25, 2024

A senior UK minister will warn that Russia is preparing cyberattacks against the UK and its allies to undermine support for Ukraine. Russia may launch cyberattacks against the UK and its allies in retaliation for their support of Ukraine, Chancellor of the Duchy of Lancaster Pat McFadden is expected to state during a NATO meeting. Chancellor of the Duchy of Lancaster Pat McFadden is also responsible for National security, resilience, and civil contingencies.

Cyber Attacks 74

Cyber Attacks Government Hacking Cyber threats 74

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Security Boulevard

NOVEMBER 25, 2024

A cyber risk assessment is a tool that helps organizations identify and prioritize risks associated with threats that are relevant to their unique environment. The post Defining Cyber Risk Assessment and a Compliance Gap Analysis and How They Can be Used Together appeared first on Security Boulevard.

Cyber Risk 71

Cyber Risk Risk Security Awareness Government 71

Security Affairs

NOVEMBER 25, 2024

Threat actors exploit an outdated Avast Anti-Rootkit driver to evade detection, disable security tools, and compromise the target systems. Trellix researchers uncovered a malware campaign that abused a vulnerable Avast Anti-Rootkit driver (aswArPot.sys) to gain deeper access to the target system, disable security solutions, and gain system control. This alarming tactic corrupts trusted kernel-mode drivers, transforming them into tools for terminating protective processes and compromising infecte

Malware 73

Malware Hacking Information Security 73

Malwarebytes

NOVEMBER 25, 2024

Spotify and Amazon services have been flooded with bogus listings that push dubious “forex trading” sites, Telegram channels, and suspicious links claiming to offer pirated software according to our friends over at BleepingComputer. Cybercriminals are abusing the options to inject keywords and links into playlist names to make their entries rank high in Google search results.

Scams 71

Scams Financial Services Software Banking 71

Penetration Testing

NOVEMBER 25, 2024

The developer community should be vigilant by the discovery of six malicious npm packages masquerading as popular libraries. According to a recent report by Socket’s threat research team, these packages... The post Malicious npm Packages Exploiting Typosquatting to Inject SSH Backdoors appeared first on Cybersecurity News.

Cybersecurity 70

Cybersecurity Malware 70

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

Security Affairs

NOVEMBER 25, 2024

Zyxel warns that a ransomware group has been observed exploiting a recently patched command injection issue in its firewalls. Zyxel warns that a ransomware gang has been observed exploiting a recently patched command injection vulnerability, tracked as CVE-2024-42057, in its firewalls for initial compromise. Remote, unauthenticated attackers could exploit the flaw to execute OS commands on vulnerable devices.

Firewall 69

Firewall Ransomware VPN Firmware 69

Zero Day

NOVEMBER 25, 2024

AI flourished, Arm chips dominated, and open source thrived. Meanwhile, Elon Musk gets credit for two of the biggest losers, and Apple makes it onto both the nice and naughty lists.

69

69

Penetration Testing

NOVEMBER 25, 2024

QNAP has issued a security advisory regarding multiple critical vulnerabilities in Notes Station 3, a popular application for managing and sharing notes on QNAP devices. These vulnerabilities, with CVSS scores... The post Critical Vulnerabilities in QNAP Notes Station 3: Update Now to Protect Your Data appeared first on Cybersecurity News.

Cybersecurity 67

Cybersecurity 67

The Hacker News

NOVEMBER 25, 2024

We hear terms like “state-sponsored attacks” and “critical vulnerabilities” all the time, but what’s really going on behind those words? This week’s cybersecurity news isn’t just about hackers and headlines—it’s about how digital risks shape our lives in ways we might not even realize. For instance, telecom networks being breached isn’t just about stolen data—it’s about power.

Cybersecurity 65

Cybersecurity Risk 65

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Software