Tue.Nov 12, 2024

article thumbnail

Criminals Exploiting FBI Emergency Data Requests

Schneier on Security

I’ve been writing about the problem with lawful-access backdoors in encryption for decades now: that as soon as you create a mechanism for law enforcement to bypass encryption, the bad guys will use it too. Turns out the same thing is true for non-technical backdoors: The advisory said that the cybercriminals were successful in masquerading as law enforcement by using compromised police accounts to send emails to companies requesting user data.

article thumbnail

Microsoft Patch Tuesday, November 2024 Edition

Krebs on Security

Microsoft today released updates to plug at least 89 security holes in its Windows operating systems and other software. November’s patch batch includes fixes for two zero-day vulnerabilities that are already being exploited by attackers, as well as two other flaws that were publicly disclosed prior to today. The zero-day flaw tracked as CVE-2024-49039 is a bug in the Windows Task Scheduler that allows an attacker to increase their privileges on a Windows machine.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Microsoft Patch Tuesday security updates for November 2024 fix two actively exploited zero-days

Security Affairs

Microsoft Patch Tuesday security updates for November 2024 addressed 89 vulnerabilities, including two actively exploited zero-day flaws. Microsoft Patch Tuesday security updates for November 2024 fixed 89 vulnerabilities in Windows and Windows Components; Office and Office Components; Azure; NET and Visual Studio; LightGBM; Exchange Server; SQL Server; TorchGeo; Hyper-V; and Windows VMSwitch.

Internet 135
article thumbnail

DNA testing company vanishes along with its customers’ genetic data

Malwarebytes

A DNA testing company that promised clients insights into their genetic disposition has suddenly disappeared. The BBC reports it tried several methods to reach the company but failed in this effort. London offices are closed, nobody answers the phone, and clients are no longer capable of accessing their online records. All the company’s social media accounts haven’t been updated since 2023 at the latest.

Insurance 145
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Apple indeed added a feature called “inactivity reboot” in iOS 18.1 that reboots locked devices

Security Affairs

Apple iOS supports a new feature that reboots locked devices after extended inactivity, aiming to enhance data security for users. Apple ‘quietly’ implemented a new security feature that automatically reboots a locked device if it has not been used for several days. The new feature was introduced with the release of iOS 18.1 at the end of October.

Media 135
article thumbnail

Citrix NetScaler ADC and Gateway Vulnerabilities Put Organizations at Risk

Penetration Testing

Citrix has issued a security bulletin warning of two vulnerabilities affecting NetScaler ADC and NetScaler Gateway, products that provide application delivery and security services. The vulnerabilities, tracked as CVE-2024-8534 and... The post Citrix NetScaler ADC and Gateway Vulnerabilities Put Organizations at Risk appeared first on Cybersecurity News.

Risk 136

More Trending

article thumbnail

Iranian Hackers Use "Dream Job" Lures to Deploy SnailResin Malware in Aerospace Attacks

The Hacker News

The Iranian threat actor known as TA455 has been observed taking a leaf out of a North Korean hacking group's playbook to orchestrate its own version of the Dream Job campaign targeting the aerospace industry by offering fake jobs since at least September 2023.

Malware 138
article thumbnail

Researcher Finds Trojanized Apps with 2 Million Downloads on Google Play

Penetration Testing

In a new report, Dr.Web’s research team has uncovered a dangerous wave of malicious apps on Google Play, revealing that over 2 million users have unwittingly downloaded trojanized applications, primarily... The post Researcher Finds Trojanized Apps with 2 Million Downloads on Google Play appeared first on Cybersecurity News.

article thumbnail

New Phishing Tool GoIssue Targets GitHub Developers in Bulk Email Campaigns

The Hacker News

Cybersecurity researchers are calling attention to a new sophisticated tool called GoIssue that can be used to send phishing messages at scale targeting GitHub users.

Phishing 137
article thumbnail

The Real Problem With Banning Masks at Protests

WIRED Threat Level

Privacy advocates worry banning masks at protests will encourage harassment, while cops' high-tech tools render the rules unnecessary.

135
135
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Microsoft Fixes 90 New Flaws, Including Actively Exploited NTLM and Task Scheduler Bugs

The Hacker News

Microsoft on Tuesday revealed that two security flaws impacting Windows NT LAN Manager (NTLM) and Task Scheduler have come under active exploitation in the wild. The security vulnerabilities are among the 90 security bugs the tech giant addressed as part of its Patch Tuesday update for November 2024.

137
137
article thumbnail

Report Shows Ransomware Has Grown 41% for Construction Industry

Digital Shadows

We are excited to introduce our latest threat landscape report on the construction sector, providing the latest insights into the evolving cyber threats facing the industry. In this blog, we’ll give you a taste of the report’s key themes, including analysis of the most pressing threats, prevalent MITRE ATT&CK techniques, and dark web insights.

article thumbnail

New Flaws in Citrix Virtual Apps Enable RCE Attacks via MSMQ Misconfiguration

The Hacker News

Cybersecurity researchers have disclosed new security flaws impacting Citrix Virtual Apps and Desktop that could be exploited to achieve unauthenticated remote code execution (RCE) The issue, per findings from watchTowr, is rooted in the Session Recording component that allows system administrators to capture user activity, and record keyboard and mouse input, along with a video stream of the

article thumbnail

Schneider Electric Warns of Multiple Vulnerabilities in Modicon Controllers

Penetration Testing

Schneider Electric has issued a security notification regarding critical vulnerabilities in its Modicon M340, Momentum, and MC80 controllers. These programmable automation controllers (PACs) are used widely in industrial settings to... The post Schneider Electric Warns of Multiple Vulnerabilities in Modicon Controllers appeared first on Cybersecurity News.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Ymir ransomware, a new stealthy ransomware grow in the wild

Security Affairs

New Ymir ransomware was deployed in attacks shortly after systems were breached by RustyStealer malware, Kaspersky warns. Kaspersky researchers discovered a new ransomware family, called Ymir ransomware , which attackers deployed after breaching systems via PowerShell commands. Ymir includes detection-evasion features, executing tasks in memory using functions like malloc , memmove , and memcmp.

article thumbnail

5 Ways Behavioral Analytics is Revolutionizing Incident Response

The Hacker News

Behavioral analytics, long associated with threat detection (i.e. UEBA or UBA), is experiencing a renaissance. Once primarily used to identify suspicious activity, it’s now being reimagined as a powerful post-detection technology that enhances incident response processes.

article thumbnail

Bitwarden vs. 1Password: Which password manager is best?

Zero Day

Bitwarden offers secure, budget-friendly password management, while 1Password puts a premium on user experience. Here's how to decide between the two.

article thumbnail

Sealing Entry Points and Weak Links in the Environment – How Dell is Building an Iron Wall of Defense

Security Boulevard

The road to cyber preparedness begins with studying organizations’ own vulnerabilities - and doing it often so that nothing escapes notice – rather than obsessing about the perils that live outside. The post Sealing Entry Points and Weak Links in the Environment – How Dell is Building an Iron Wall of Defense appeared first on Security Boulevard.

123
123
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

CVE-2024-44102 (CVSS 10) Found in Siemens TeleControl Server Basic: Urgent Update Required

Penetration Testing

A critical security vulnerability has been discovered in Siemens TeleControl Server Basic V3.1, a software solution used for remote monitoring and control of industrial plants. The vulnerability, identified as CVE-2024-44102... The post CVE-2024-44102 (CVSS 10) Found in Siemens TeleControl Server Basic: Urgent Update Required appeared first on Cybersecurity News.

Software 126
article thumbnail

NordPass review: One of the best password managers for beginners with a free tier

Zero Day

NordPass is one of our favorite password managers to help you keep your information secure.

article thumbnail

CVE-2024-50330 (CVSS 9.8): Unpatched Ivanti Endpoint Manager Vulnerable to RCE Attacks

Penetration Testing

Software company Ivanti has released urgent security updates for its Endpoint Manager to address a range of vulnerabilities, including several that could allow for remote code execution (RCE). The vulnerabilities,... The post CVE-2024-50330 (CVSS 9.8): Unpatched Ivanti Endpoint Manager Vulnerable to RCE Attacks appeared first on Cybersecurity News.

article thumbnail

Bitdefender vs. Malwarebytes: Which antivirus is best?

Zero Day

Bitwarden offers feature-rich antivirus at a competitive price, while Malwarebytes focuses on protection against malware. Here's how to decide between the two.

Antivirus 111
article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

article thumbnail

Ymir ransomware, a new stealthy ransomware grow in the wild

Security Affairs

New Ymir ransomware was deployed in attacks shortly after systems were breached by RustyStealer malware, Kaspersky warns. Kaspersky researchers discovered a new ransomware family, called Ymir ransomware , which attackers deployed after breaching systems via PowerShell commands. Ymir includes detection-evasion features, executing tasks in memory using functions like malloc , memmove , and memcmp.

article thumbnail

How to use Bluesky Social: Everything to know about the popular X alternative

Zero Day

Bluesky is one of several social networks striving to offer an alternative to the site formerly known as Twitter. Here's how to join and use it.

110
110
article thumbnail

CVE-2024-8068 & CVE-2024-8069: Citrix Session Recording Manager Unauthenticated RCE Exploits Publicly Available

Penetration Testing

Security researchers at watchTowr have uncovered two critical vulnerabilities in Citrix Session Recording Manager that, when chained together, allow unauthenticated remote code execution (RCE) on Citrix Virtual Apps and Desktops.... The post CVE-2024-8068 & CVE-2024-8069: Citrix Session Recording Manager Unauthenticated RCE Exploits Publicly Available appeared first on Cybersecurity News.

article thumbnail

This ultra-thin Windows PC I tested competes with gaming laptops twice its price

Zero Day

The AtomMan G7 Ti Mini PC is about the thickness of a textbook, but it's stacked with powerful hardware found in gaming laptops by Dell and HP.

107
107
article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

DEF CON 32 – Optical Espionage: Using Lasers to Hear Keystrokes Through Glass Windows

Security Boulevard

Authors/Presenters: Samy Kamkar Our sincere appreciation to DEF CON , and the Presenters/Authors for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center ; and via the organizations YouTube channel. Permalink The post DEF CON 32 – Optical Espionage: Using Lasers to Hear Keystrokes Through Glass Windows appeared first on Security Boulevard.

Education 103
article thumbnail

Bluesky picks up 700,000 new users in one week as more people exit X

Zero Day

Bluesky is now home to more than 14.5 million users amid a growing decline in X's audience.

102
102
article thumbnail

Winter Fuel Payment scam targets UK citizens via SMS

Graham Cluley

Scammers have leapt at the opportunity to exploit vulnerable UK residents by sending bogus messages telling them they need to take action to receive help with their winter heating bills. Read more in my article on the Tripwire State of Security blog.

Scams 100
article thumbnail

Want to protect your iPhone's battery health? Stop doing this

Zero Day

Whenever your iPhone's battery health number ticks down, it's a one-way trip.

102
102
article thumbnail

IT Leadership Agrees AI is Here, but Now What?

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.