Mon.Mar 25, 2024

article thumbnail

GUEST ESSAY: NIST’s Cybersecurity Framework update extends best practices to supply chain, AI

The Last Watchdog

The National Institute of Standards and Technology (NIST) has updated their widely used Cybersecurity Framework (CSF) — a free respected landmark guidance document for reducing cybersecurity risk. Related: More background on CSF However, it’s important to note that most of the framework core has remained the same. Here are the core components the security community knows: Govern (GV): Sets forth the strategic path and guidelines for managing cybersecurity risks, ensuring harmony with business go

article thumbnail

New MFA-bypassing phishing kit targets Microsoft 365, Gmail accounts

Bleeping Computer

Cybercriminals have been increasingly using a new phishing-as-a-service (PhaaS) platform named 'Tycoon 2FA' to target Microsoft 365 and Gmail accounts and bypass two-factor authentication (2FA) protection. [.

Phishing 143
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

CVE-2024-20767: Critical Adobe ColdFusion Flaw Exposes Sensitive Files, PoC Published

Penetration Testing

Security researcher ma4ter has revealed details of a dangerous security vulnerability (CVE-2024-20767) in Adobe ColdFusion. This flaw originally reported to Adobe, could be exploited to read arbitrary files on an affected server, potentially exposing... The post CVE-2024-20767: Critical Adobe ColdFusion Flaw Exposes Sensitive Files, PoC Published appeared first on Penetration Testing.

article thumbnail

Google's new AI search results promotes sites pushing malware, scams

Bleeping Computer

Google's new AI-powered 'Search Generative Experience' algorithms recommend scam sites that redirect visitors to unwanted Chrome extensions, fake iPhone giveaways, browser spam subscriptions, and tech support scams. [.

Scams 140
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Tax Scams Ramping Up as the April 15 Deadline Approaches

Security Boulevard

With the IRS deadline only weeks away, businesses and individuals are racing to get their taxes filed, and bad actors are doing what they can to keep pace with them. Both Microsoft and Malwarebytes in recent days have outlined various scams being used to steal sensitive information, drop malicious payloads, or make payments to fake. The post Tax Scams Ramping Up as the April 15 Deadline Approaches appeared first on Security Boulevard.

Scams 135
article thumbnail

CISA adds FortiClient EMS, Ivanti EPM CSA, Nice Linear eMerge E3-Series bugs to its Known Exploited Vulnerabilities catalog

Security Affairs

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds FortiClient EMS, Ivanti EPM CSA, Nice Linear eMerge E3-Series bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. CVE-2023-48788 Fortinet FortiClient EMS SQL Injection Vulnerability CVE-2021-44529 Ivanti Endpoint Manager Cloud Service Appliance (EPM CSA) Code Injection Vulne

Hacking 133

More Trending

article thumbnail

Panera Bread experiencing nationwide IT outage since Saturday

Bleeping Computer

Since Saturday, U.S. food chain giant Panera Bread has been experiencing a nationwide outage that has impacted its IT systems, including online ordering, POS systems, phones, and various internal systems. [.

125
125
article thumbnail

Hackers Hijack GitHub Accounts in Supply Chain Attack Affecting Top-gg and Others

The Hacker News

Unidentified adversaries orchestrated a sophisticated attack campaign that has impacted several individual developers as well as the GitHub organization account associated with Top.gg, a Discord bot discovery site.

article thumbnail

Iran-Linked APT TA450 embeds malicious links in PDF attachments

Security Affairs

In recent campaigns, Iran-linked APT group MuddyWater used a legitimate Remote Monitoring and Management (RMM) solution called Atera. Proofpoint researchers observed the Iran-linked APT group MuddyWater (aka SeedWorm , TEMP.Zagros , TA450, and Static Kitten ) was behind a new phishing campaign in March 2024 that attempted to drop a legitimate Remote Monitoring and Management (RMM) solution called Atera on the target systems.

Phishing 138
article thumbnail

Ransomware: lessons all companies can learn from the British Library attack

Graham Cluley

In October 2023, the British Library suffered "one of the worst cyber incidents in British history," as described by Ciaran Martin, ex-CEO of the National Cyber Security Centre (NCSC). What lessons can other organisations learn from the ransomware attack? Read more in my article on the Exponential-e blog.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Agenda Ransomware Propagates to vCenters and ESXi via Custom PowerShell Script

Trend Micro

This blog entry discusses the Agenda ransomware group's use of its latest Rust variant to propagate to VMWare vCenter and ESXi servers.

article thumbnail

New "GoFetch" Vulnerability in Apple M-Series Chips Leaks Secret Encryption Keys

The Hacker News

A new security shortcoming discovered in Apple M-series chips could be exploited to extract secret keys used during cryptographic operations.

article thumbnail

Hackers poison source code from largest Discord bot platform

Bleeping Computer

The Top.gg Discord bot community with over 170,000 members has been impacted by a supply-chain attack aiming to infect developers with malware that steals sensitive information. [.

Malware 116
article thumbnail

GoFetch side-channel attack against Apple systems allows secret keys extraction

Security Affairs

Researchers demonstrated a new side-channel attack, named GoFetch, against Apple CPUs that could allow an attacker to obtain secret keys. A team of researchers from several US universities demonstrated a new microarchitectural side-channel attack named GoFetch that could allow attackers to extract secret keys from systems using Apple CPUs. GoFetch side-channel attack can extract secret keys from constant-time cryptographic implementations via data memory-dependent prefetchers (DMPs).

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Notorious Nemesis Market zapped by video game-loving German police

Graham Cluley

Nemesis Market, a notorious corner of the darknet beloved by cybercriminals and drug dealers, has been suddenly shut down after German police seized control of its systems. Read more in my article on the Tripwire State of Security blog.

Marketing 116
article thumbnail

StrelaStealer targeted over 100 organizations across the EU and US

Security Affairs

Researchers reported that over 100 organizations in Europe and US were targeted by a wave of large-scale StrelaStealer campaigns Palo Alto Networks’ Unit42 spotted a wave of large-scale StrelaStealer campaigns impacting over 100 organizations across the EU and US. The threat actors sent out spam emails with attachments that eventually launched the StrelaStealer malware.

Malware 136
article thumbnail

Iran-Linked MuddyWater Deploys Atera for Surveillance in Phishing Attacks

The Hacker News

The Iran-affiliated threat actor tracked as MuddyWater (aka Mango Sandstorm or TA450) has been linked to a new phishing campaign in March 2024 that aims to deliver a legitimate Remote Monitoring and Management (RMM) solution called Atera.

Phishing 126
article thumbnail

Stuck in Pivotal Cloud Foundry? Make Your Move to Kubernetes Easy

Security Boulevard

Is your organization feeling stuck using Pivotal Cloud Foundry (PCF), now known as Tanzu Application Service (TAS or sometimes VMware Cloud Foundation)? You're not alone. Broadcom completed its acquisition of VMware in late 2023. To make the most of their acquisition, Broadcom is trying to squeeze money out of VMware — leading to skyrocketing costs for PCF (aka Tanzu) customers.

115
115
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Vans warns customers of data breach

Malwarebytes

Skater brand Vans emailed customers last week to tell them about a recent “data incident.” On December 13, 2023, Vans said it detected unauthorized activities on its IT systems, attributed to “external threat actors.” An investigation revealed that the incident involved some personal information of Vans’ customers. The affected information could include: Email address Full name Phone number Billing address Shipping address In certain cases, the affected data may also include order hi

article thumbnail

Building Resiliency in the Face of Ransomware 

Security Boulevard

Ransomware is not going away. So how can organizations defend against it? Dig deeper to learn how to build cybersecurity resiliency. The post Building Resiliency in the Face of Ransomware appeared first on SafeBreach. The post Building Resiliency in the Face of Ransomware appeared first on Security Boulevard.

article thumbnail

CVE-2024-29937: Critical NFS Vulnerability Exposes BSD Systems to Remote Code Execution

Penetration Testing

A bombshell awaits the cybersecurity world at the upcoming t2 Infosec Conference. Security researchers Christer, Claes, and Marcus of signedness.org have uncovered a severe flaw (CVE-2024-29937) in Network File System (NFS) implementations used by... The post CVE-2024-29937: Critical NFS Vulnerability Exposes BSD Systems to Remote Code Execution appeared first on Penetration Testing.

article thumbnail

New ZenHammer memory attack impacts AMD Zen CPUs

Bleeping Computer

Academic researchers developed ZenHammer, the first variant of the Rowhammer DRAM attack that works on CPUs based on recent AMD Zen microarchitecture that map physical addresses on DDR4 and DDR5 memory chips. [.

113
113
article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

article thumbnail

The Best 10 Vendor Risk Management Tools

Centraleyes

Let’s discuss an acronym reshaping the business world: Vendor Risk Management , or VRM. Once an abbreviation that few knew the meaning of, VRM is now a basic component of responsible business processes. In our interconnected world, our security is only as strong as our weakest link, and the third-party vendors we choose are essential links in our business chains.

Risk 111
article thumbnail

US sanctions APT31 hackers behind critical infrastructure attacks

Bleeping Computer

The U.S. Treasury Department has sanctioned a Wuhan-based company used by the Chinese Ministry of State Security (MSS) as cover in attacks against U.S. critical infrastructure organizations. [.

110
110
article thumbnail

Cybersecurity starts at home: Help your children stay safe online with open conversations

We Live Security

Struggle to know how to help children and teens stay safe in cyberspace? A good ol’ fashioned chat is enough to put them on the right track.

article thumbnail

Key Lesson from Microsoft’s Password Spray Hack: Secure Every Account

The Hacker News

In January 2024, Microsoft discovered they’d been the victim of a hack orchestrated by Russian-state hackers Midnight Blizzard (sometimes known as Nobelium). The concerning detail about this case is how easy it was to breach the software giant.

Passwords 117
article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

CVE-2023-42931: macOS Flaw Exposed Systems to Easy Privilege Escalation – Patch Now!

Penetration Testing

Security researcher Yann Gascuel (Alter Solutions) has detailed a critical privilege escalation vulnerability (CVE-2023-42931) affecting the following macOS versions: macOS Monterey prior to 12.7.2 macOS Ventura prior to 13.6.3 macOS Sonoma prior to 14.2... The post CVE-2023-42931: macOS Flaw Exposed Systems to Easy Privilege Escalation – Patch Now!

article thumbnail

Is it time to enforce an Authority-to-Operate (ATO) for Healthcare Organizations?

Security Boulevard

The Change Healthcare security breach has impacted over 94% of hospitals as reported by the American Health Association (AHA). A cascading set of events was unleashed starting with the Feb 21, 2024 announcement of the data breach at Change Healthcare requiring nearly $2B in advance payments severely impacting nearly 900,000 physicians, 33,000 pharmacies, 5,500 hospitals […] The post Is it time to enforce an Authority-to-Operate (ATO) for Healthcare Organizations?

article thumbnail

CVE-2024-1538: Critical WordPress Plugin Flaw Exposes Over 1 Million Sites – Patch Immediately!

Penetration Testing

A serious security vulnerability (CVE-2024-1538, CVSS 8.8) has been discovered in the File Manager plugin for WordPress. This plugin, with over 1 million active installations, allows website administrators to manage files and folders directly... The post CVE-2024-1538: Critical WordPress Plugin Flaw Exposes Over 1 Million Sites – Patch Immediately!

article thumbnail

Chinese Hackers Charged in Decade-Long Global Spying Rampage

WIRED Threat Level

US and UK officials hit Chinese hacking group APT31 with sanctions and criminal charges after they targeted thousands of businesses, politicians, and critics of China.

Hacking 112
article thumbnail

IT Leadership Agrees AI is Here, but Now What?

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.