Thu.Sep 21, 2023

article thumbnail

New Revelations from the Snowden Documents

Schneier on Security

Jake Appelbaum’s PhD thesis contains several new revelations from the classified NSA documents provided to journalists by Edward Snowden. Nothing major, but a few more tidbits. Kind of amazing that that all happened ten years ago. At this point, those documents are more historical than anything else. And it’s unclear who has those archives anymore.

article thumbnail

Detection Engineering and SOC Scalability Challenges (Part 2)

Anton on Security

This blog series was written jointly with Amine Besson, Principal Cyber Engineer, Behemoth CyberDefence and one more anonymous collaborator. This post is our second installment in the “Threats into Detections — The DNA of Detection Engineering” series, where we explore the challenges of detection engineering in more detail — and where threat intelligence plays (and where some hope appears … but you need to wait for Part 3 for this!

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

GUEST ESSAY: Caring criminals — why some ransomware gangs now avoid targeting hospitals

The Last Watchdog

Ransomware is a significant threat to businesses worldwide. There are many gangs that work together to orchestrate increasingly damaging attacks. However, some of these groups follow codes of conduct that prevent them from purposefully targeting hospitals. Related: How Putin has weaponized ransomware In mid-March 2020, representatives from the cybersecurity website BleepingComputer contacted numerous ransomware gangs to ask if they’d continue targeting hospitals during the unprecedented COVID-19

article thumbnail

Retailers Are Rapidly Scaling Surveillance of Australian Consumers — Why This Is a Red Flag

Tech Republic Security

Australian retailers are rolling out mass surveillance solutions to combat shoplifting, but a poor regulatory environment could mean high risks associated with data security and privacy.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Apple emergency updates fix 3 new zero-days exploited in attacks

Bleeping Computer

Apple released emergency security updates to patch three new zero-day vulnerabilities exploited in attacks targeting iPhone and Mac users, for a total of 16 zero-days patched this year. [.

145
145
article thumbnail

Intel Innovation 2023: Attestation and Fully Homomorphic Encryption Coming to Intel Cloud Services

Tech Republic Security

The attestation service is designed to allow data in confidential computing environments to interact with AI safely, as well as provide policy enforcements and audits.

More Trending

article thumbnail

Examining the Activities of the Turla APT Group

Trend Micro

We examine the campaigns of the cyberespionage group known as Turla over the years, with a special focus on the key MITRE techniques and the corresponding IDs associated with the threat actor group.

142
142
article thumbnail

Apple Rushes to Patch 3 New Zero-Day Flaws: iOS, macOS, Safari, and More Vulnerable

The Hacker News

Apple has released yet another round of security patches to address three actively exploited zero-day flaws impacting iOS, iPadOS, macOS, watchOS, and Safari, taking the total tally of zero-day bugs discovered in its software this year to 16.

Software 142
article thumbnail

Space and defense tech maker Exail Technologies exposes database access

Security Affairs

Exail Technologies, a high-tech manufacturer whose clients include the US Coast Guard, exposed sensitive company data that could’ve enabled attackers to access its databases. Exail, a French high-tech industrial group, left exposed a publicly accessible environment (.env) file with database credentials, the Cybernews research team has discovered. The company, formed in 2022 after ECA Group and iXblue merged, specializes in robotics, maritime, navigation, aerospace, and photonics technologies, ma

article thumbnail

OilRig’s Outer Space and Juicy Mix: Same ol’ rig, new drill pipes

We Live Security

ESET researchers document OilRig’s Outer Space and Juicy Mix campaigns, targeting Israeli organizations in 2021 and 2022

125
125
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Ukrainian hackers are behind the Free Download Manager supply chain attack

Security Affairs

The recently discovered Free Download Manager (FDM) supply chain attack, which distributed Linux malware, started back in 2020. The maintainers of Free Download Manager (FDM) confirmed that the recently discovered supply chain attack dates back to 2020. Recently, researchers from Kaspersky reported the discovery of a free download manager site that has been compromised to serve Linux malware.

Malware 129
article thumbnail

Mysterious 'Sandman' Threat Actor Targets Telecom Providers Across Three Continents

The Hacker News

A previously undocumented threat actor dubbed Sandman has been attributed to a set of cyber attacks targeting telecommunic koation providers in the Middle East, Western Europe, and the South Asian subcontinent. Notably, the intrusions leverage a just-in-time (JIT) compiler for the Lua programming language known as LuaJIT as a vehicle to deploy a novel implant called LuaDream.

article thumbnail

Overview of IoT threats in 2023

SecureList

IoT devices (routers, cameras, NAS boxes, and smart home components) multiply every year. Statista portal predicts their number will exceed 29 billion by 2030. As connected device numbers increase, so does the need for protection against various threats. The first-ever large-scale malware attacks on IoT devices were recorded back in 2008, and their number has only been growing ever since.

IoT 117
article thumbnail

Ukrainian Hacker Suspected to be Behind "Free Download Manager" Malware Attack

The Hacker News

The maintainers of Free Download Manager (FDM) have acknowledged a security incident dating back to 2020 that led to its website being used to distribute malicious Linux software. "It appears that a specific web page on our site was compromised by a Ukrainian hacker group, exploiting it to distribute malicious software," it said in an alert last week.

Malware 118
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Snatch ransomware – what you need to know

Graham Cluley

The FBI and US Cybersecurity and Infrastructure Security Agency (CISA) have issued a joint advisory warning organisations about a ransomware-as-a-service operation called "Snatch." Learn more about the threat in my article for the Tripwire State of Security blog.

article thumbnail

News alert: MxD roundtable with White House officials highlights cybersecurity workforce needs

The Last Watchdog

Chicago, Ill., Sept. 21, 2023 — MxD, the Digital Manufacturing and Cybersecurity Institute, today hosted a roundtable discussion with the White House Office of the National Cyber Director. Also in attendance were Access Living, The College of Lake County, CyberSkills2Work, and Task Force Movement. Organizations gathered to discuss courses and programs to address the critical cybersecurity workforce needs in the United States.

article thumbnail

Cisco Moves into SIEM with $28B Deal to Acquire Splunk

Dark Reading

Cisco's surprise agreement could reshape secure information and event management (SIEM) and extended detection and response (XDR) markets.

Marketing 113
article thumbnail

China Accuses U.S. of Decade-Long Cyber Espionage Campaign Against Huawei Servers

The Hacker News

China's Ministry of State Security (MSS) has accused the U.S. of breaking into Huawei's servers, stealing critical data, and implanting backdoors since 2009, amid mounting geopolitical tensions between the two countries. In a message posted on WeChat, the government authority said U.S.

article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Understanding the Differences Between On-Premises and Cloud Cybersecurity

Dark Reading

The nature of cloud environments means security and technical teams need a different mindset to understand and manage their new attack surface.

article thumbnail

Microsoft Copilot rolls out with Windows 11 22H2 update next week

Bleeping Computer

Microsoft will start rolling out its Copilot digital assistant to all customers next week, on September 26th, together with a host of new AI-powered capabilities as part of a new Windows 11 22H2 update. [.

112
112
article thumbnail

T-Mobile Racks Up Third Consumer Data Exposure of 2023

Dark Reading

The mobile company states that the issue was due to a glitch that occurred in an update.

Mobile 111
article thumbnail

‘Sandman’ hackers backdoor telcos with new LuaDream malware

Bleeping Computer

A previously unknown threat actor dubbed 'Sandman' targets telecommunication service providers in the Middle East, Western Europe, and South Asia, using a modular info-stealing malware named 'LuaDream.' [.

Malware 112
article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

article thumbnail

BBTok Banking Trojan Impersonates 40+ Banks to Hijack Victim Accounts

Dark Reading

Attackers use convincing fake website interfaces and sophisticated geo-fencing to target users exclusively in Mexico and Brazil with a new variant of the malware.

Banking 110
article thumbnail

Researchers Raise Red Flag on P2PInfect Malware with 600x Activity Surge

The Hacker News

The peer-to-peer (P2) worm known as P2PInfect has witnessed a surge in activity since late August 2023, witnessing a 600x jump between September 12 and 19, 2023.

Malware 106
article thumbnail

MGM Restores Casino Operations 10 Days After Cyberattack

Dark Reading

The lost revenue due to downtime for gaming and hotel bookings is difficult to ballpark.

110
110
article thumbnail

GlobalSign’s Bug Bounty Program

GlobalSign

GlobalSign’s bug bounty program is now public, with Atlas added to the scope. Learn more about the program in this blog.

106
106
article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

Mysterious 'Sandman' APT Targets Telecom Sector With Novel Backdoor

Dark Reading

The Sandman group's main malware is among the very few that use the Lua scripting language and its just-in-time compiler.

Malware 108
article thumbnail

The Rise of the Malicious App

The Hacker News

Security teams are familiar with threats emanating from third-party applications that employees add to improve their productivity. These apps are inherently designed to deliver functionality to users by connecting to a “hub” app, such as Salesforce, Google Workspace, or Microsoft 365.

106
106
article thumbnail

Smart TV Scams: How to Avoid the Growing Threat

Identity IQ

Smart TV Scams: How to Avoid the Growing Threat IdentityIQ Smart TVs – such as Roku and Amazon Fire TV sticks with streaming services such as Netflix and YouTube TV – it seems like everyone has them these days. With the ability to watch just about any show your heart desires with the click of a button, the convenience is unbeatable. But like we’ve seen with other groundbreaking technology that, on the surface, appears to make our lives better, there can be a dark side.

Scams 105
article thumbnail

Cyber Group 'Gold Melody' Selling Compromised Access to Ransomware Attackers

The Hacker News

A financially motivated threat actor has been outed as an initial access broker (IAB) that sells access to compromised organizations for other adversaries to conduct follow-on attacks such as ransomware. SecureWorks Counter Threat Unit (CTU) has dubbed the e-crime group Gold Melody, which is also known by the names Prophet Spider (CrowdStrike) and UNC961 (Mandiant).

article thumbnail

IT Leadership Agrees AI is Here, but Now What?

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.