Fri.Sep 06, 2024

article thumbnail

YubiKey Side-Channel Attack

Schneier on Security

There is a side-channel attack against YubiKey access tokens that allows someone to clone a device. It’s a complicated attack , requiring the victim’s username and password, and physical access to their YubiKey—as well as some technical expertise and equipment. Still, nice piece of security analysis.

Passwords 282
article thumbnail

Weekly Update 416

Troy Hunt

It's been a while since I've just gone all "AMA" on a weekly update, but this was just one of those weeks that flew by with my head mostly in the code and not doing much else. There's a bit of discussion about that this week, but it's mostly around the ongoing pain of resellers and all the various issues supporting them then creates as a result.

241
241
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Live Video of Promachoteuthis Squid

Schneier on Security

The first live video of the Promachoteuthis squid, filmed at a newly discovered seamount off the coast of Chile. Blog moderation policy.

216
216
article thumbnail

Tenable: 26,500 Cyber Vulnerabilities Risk SE Asia’s Banks

Tech Republic Security

Tenable's research reveals 26,500 cyber vulnerabilities in Southeast Asia's banking and insurance sectors, exposing critical security risks.

Banking 180
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Therapy Sessions Exposed by Mental Health Care Firm’s Unsecured Database

WIRED Threat Level

Video and audio of therapy sessions, transcripts, and other patient records were accidentally exposed in a publicly accessible database operated by the virtual medical company Confidant Health.

145
145
article thumbnail

Russia-linked GRU Unit 29155 targeted critical infrastructure globally

Security Affairs

The United States and its allies state that Russia-linked threat actors operating under the GRU are behind global critical infrastructure attacks. The FBI, CISA, and NSA linked threat actors from Russia’s GRU Unit 29155 to global cyber operations since at least 2020. These operations include espionage, sabotage, and reputational damage. The United States and its allies state that GRU is behind global critical infrastructure attacks.

More Trending

article thumbnail

Russian ‘WhisperGate’ Hacks: 5 More Indicted

Security Boulevard

Eaten by a GRU: Fake ransomware created by Russian GRU Unit 29155 attacked Ukraine and NATO—a month before the full scale invasion. The post Russian ‘WhisperGate’ Hacks: 5 More Indicted appeared first on Security Boulevard.

Hacking 137
article thumbnail

Car rental company Avis discloses a data breach

Security Affairs

Car rental giant Avis disclosed a data breach that impacted one of its business applications in August compromising customers’ personal information. Car rental company Avis notified customers impacted in an Augus data breach. Threat actors breached one of its business applications and gained access to some of the customers’ personal information. “We discovered on August 5, 2024, that an unauthorized third party gained access to one of our business applications.

article thumbnail

GitHub Actions Vulnerable to Typosquatting, Exposing Developers to Hidden Malicious Code

The Hacker News

Threat actors have long leveraged typosquatting as a means to trick unsuspecting users into visiting malicious websites or downloading booby-trapped software and packages. These attacks typically involve registering domains or packages with names slightly altered from their legitimate counterparts (e.g., goog1e.com vs. google.com).

Software 134
article thumbnail

SonicWall warns that SonicOS bug exploited in attacks

Security Affairs

Recently fixed access control SonicOS vulnerability, tracked as CVE-2024-40766, is potentially exploited in attacks in the wild, SonicWall warns. SonicWall warns that a recently fixed access control flaw, tracked as CVE-2024-40766 (CVSS v3 score: 9.3), in SonicOS is now potentially exploited in attacks. “An improper access control vulnerability has been identified in the SonicWall SonicOS management access and SSLVPN, potentially leading to unauthorized resource access and in specific cond

Firewall 134
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

The NSA Has a Podcast—Here's How to Decode It

WIRED Threat Level

The spy agency that dared not speak its name is now the Joe Rogan of the SIGINT set. And the pod's actually worth a listen.

130
130
article thumbnail

Apache fixed a new remote code execution flaw in Apache OFBiz

Security Affairs

Apache addressed a remote code execution vulnerability affecting the Apache OFBiz open-source enterprise resource planning (ERP) system. Apache fixed a high-severity vulnerability, tracked as CVE-2024-45195 (CVSS score: 7.5) affecting the Apache OFBiz open-source enterprise resource planning (ERP) system. Apache OFBiz® is an open source product for the automation of enterprise processes that includes framework components and business applications.

article thumbnail

Red Hat Issues Critical Patch for Pulpcore Authentication Bypass Flaw (CVE-2024-7923)

Penetration Testing

Red Hat has issued a critical security advisory warning of an authentication bypass vulnerability (CVE-2024-7923) in Pulpcore, a content management system used in Red Hat Satellite deployments. The vulnerability, with... The post Red Hat Issues Critical Patch for Pulpcore Authentication Bypass Flaw (CVE-2024-7923) appeared first on Cybersecurity News.

article thumbnail

Is Cloud Security Ready for a Pivot to Behavioral Detection & Response

Security Boulevard

The inherent limitations of signature-based approaches have often driven practitioners and vendors to shift toward behavioral methods. The post Is Cloud Security Ready for a Pivot to Behavioral Detection & Response appeared first on Security Boulevard.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

CVE-2024-45076 (CVSS 9.9): Critical Flaw in IBM webMethods Integration Demand Immediate Action

Penetration Testing

IBM has issued a critical security advisory for its webMethods Integration Server, revealing multiple vulnerabilities that could allow authenticated users to execute arbitrary commands, escalate privileges, and access sensitive files.... The post CVE-2024-45076 (CVSS 9.9): Critical Flaw in IBM webMethods Integration Demand Immediate Action appeared first on Cybersecurity News.

article thumbnail

The State of the Virtual CISO Report: MSP/MSSP Security Strategies for 2025

The Hacker News

The 2024 State of the vCISO Report continues Cynomi’s tradition of examining the growing popularity of virtual Chief Information Security Officer (vCISO) services. According to the independent survey, the demand for these services is increasing, with both providers and clients reaping the rewards. The upward trend is set to continue, with even faster growth expected in the future.

CISO 127
article thumbnail

Threat Actors Abuse Red Team Tool MacroPack to Deliver Malware

Security Boulevard

Cisco Talos researchers found that multiple bad actors were abusing the MacroPack framework, continuing an ongoing trend of hackers repurposing legitimate security software tools to run cyber campaigns against organizations. The post Threat Actors Abuse Red Team Tool MacroPack to Deliver Malware appeared first on Security Boulevard.

Malware 116
article thumbnail

GeoServer Vulnerability Targeted by Hackers to Deliver Backdoors and Botnet Malware

The Hacker News

A recently disclosed security flaw in OSGeo GeoServer GeoTools has been exploited as part of multiple campaigns to deliver cryptocurrency miners, botnet malware such as Condi and JenX, and a known backdoor called SideWalk. The security vulnerability is a critical remote code execution bug (CVE-2024-36401, CVSS score: 9.8) that could allow malicious actors to take over susceptible instances.

Malware 127
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Overcoming the Challenges of Zero-Trust

Security Boulevard

Zero-trust, rooted in the principle of "never trust, always verify," requires organizations to assume that every access request, whether internal or external, is potentially harmful. The post Overcoming the Challenges of Zero-Trust appeared first on Security Boulevard.

article thumbnail

New global standard aims to build security around large language models

Zero Day

The WDTA framework spans the lifecycle of large language models, offering guidelines to manage integration with other systems.

98
article thumbnail

NIST CSF 2.0 Cyber Security Framework

Security Boulevard

NIST has released Version 2.0 of its widely used Cybersecurity Framework (CSF), a guidance document for mitigating cybersecurity risks. This update is not just a revision but a transformative approach to secure digital assets and infrastructures. The new version represents a significant advancement in addressing the evolving and complex cyber threats, offering a forward-looking perspective […] The post NIST CSF 2.0 Cyber Security Framework appeared first on Kratikal Blogs.

article thumbnail

Why you should stop using your solar-powered power bank (and try this alternative instead)

Zero Day

I've spent the summer testing solar-powered power banks. It turns out the devices are universally rubbish and potentially unsafe. Here's what I suggest using instead.

Banking 98
article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

article thumbnail

Why and How to Secure GenAI Investments From Day Zero

Security Boulevard

A healthy approach to GenAI is one in which organizations build security protections from the start. Here are tips on how to integrate security into your organization's GenAI strategy from day zero. The post Why and How to Secure GenAI Investments From Day Zero appeared first on Security Boulevard.

article thumbnail

This new self-cleaning robot vacuum can even wipe down your baseboards

Zero Day

Narwal has just released a new flagship robot vacuum and mop with do-it-all functions that will remind you of The Jetsons.

98
article thumbnail

The Art of Soft Skills in Technical Sales

SecureWorld News

The inspiration for my book, Soft Skills in Technical Sales , came from observing changes in the roles of sales engineers and salespeople. Sales engineers are now doing more direct selling, while salespeople are handling more procurement tasks. I've been in the cybersecurity industry for a long time and remember when we only had a few products to sell.

article thumbnail

Russian Threat Actors Target Critical Infrastructure in the U.S. and Across the World

Heimadal Security

The Russian threat actors responsible for the worldwide attacks on key infrastructure, identified as Cadet Blizzard and Ember Bear, have been connected by the United States and its allies to Unit 29155 of the Main Directorate of the General Staff of the Armed Forces (GRU). Joint Advisory Released: Key Information According to a joint advisory […] The post Russian Threat Actors Target Critical Infrastructure in the U.S. and Across the World appeared first on Heimdal Security Blog.

article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

Netflix Phishing Scam: Even the Savviest Streamers Can Fall Victim

Penetration Testing

AhnLab Security Intelligence Center (ASEC) has uncovered a new phishing campaign targeting Netflix users, where cybercriminals are impersonating the popular streaming service to steal sensitive information. With the increasing popularity... The post Netflix Phishing Scam: Even the Savviest Streamers Can Fall Victim appeared first on Cybersecurity News.

Scams 82
article thumbnail

Microchip Technology Confirms Data Was Stolen in August Cyberattack

Heimadal Security

American chip producer Microchip confirms that employee data was stolen during the cyberattack they suffered in August. The incident happened on August 17, and Microchip disclosed it on August 20, declaring that some of their manufacturing facilities had been affected. The cyberattack influenced the company’s ability to meet orders and forced it to shut down […] The post Microchip Technology Confirms Data Was Stolen in August Cyberattack appeared first on Heimdal Security Blog.

article thumbnail

Red Hat unleashes Enterprise Linux AI - and it's truly useful

Zero Day

Many AI programs, despite all the hype, aren't that useful. On the other hand, Red Hat Enterprise Linux AI will help system administrators and developers alike.

article thumbnail

Cyber Insurers Are Not Your Friend – Why a Warranty May Be a Better Option

Security Boulevard

Gary Perkins, Chief Information Security Officer In this landscape, organizations need a multi-faceted approach that includes prevention, detection, and response capabilities. A warranty tied to a comprehensive security solution supports this approach, providing both technological protection and financial assurance. The Trouble with Insurance Cyber insurers are increasingly being viewed with skepticism by organizations seeking protection […] The post Cyber Insurers Are Not Your Friend – Why a Wa

article thumbnail

IT Leadership Agrees AI is Here, but Now What?

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.