Wed.Jul 31, 2024

article thumbnail

Begging for Bounties and More Info Stealer Logs

Troy Hunt

TL;DR — Tens of millions of credentials obtained from info stealer logs populated by malware were posted to Telegram channels last month and used to shake down companies for bug bounties under the misrepresentation the data originated from their service. How many attempted scams do you get each day? I woke up to yet another "redeem your points" SMS this morning, I'll probably receive a phone call from "my bank" today (edit: I was close, it was "Amazon Prime" &

Scams 326
article thumbnail

Nearly 7% of Internet Traffic Is Malicious

Schneier on Security

Cloudflare reports on the state of applications security. It claims that 6.8% of Internet traffic is malicious. And that CVEs are exploited as quickly as 22 minutes after proof-of-concepts are published. News articles.

Internet 308
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Don’t Let Your Domain Name Become a “Sitting Duck”

Krebs on Security

More than a million domain names — including many registered by Fortune 100 firms and brand protection companies — are vulnerable to takeover by cybercriminals thanks to authentication weaknesses at a number of large web hosting providers and domain registrars, new research finds. Image: Shutterstock. Your Web browser knows how to find a site like example.com thanks to the global Domain Name System (DNS), which serves as a kind of phone book for the Internet by translating human-frie

DNS 288
article thumbnail

Microsoft Says Ransomware Groups Are Exploiting the Newly-Patched VMware ESXi Flaw

Tech Republic Security

The CVE-2024-37085 vulnerability is present in VMware ESXi hypervisors and has been used to deploy ransomware, according to Microsoft.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Apple fixes Siri vulnerabilities that could have allowed sensitive data theft from locked device. Update now!

Malwarebytes

Apple has released security updates for many of its products in order to patch several vulnerabilities that could allow an attacker to steal sensitive information from a locked device. Included in the patches for Apple Watch, iOS, and iPadOS are four vulnerabilities in Siri. While your device is locked there are several voice-commands your digital assistant can process.

Software 145
article thumbnail

Australian Organisations Experiencing Highest Rate of Data Breaches, Reports Rubrik

Tech Republic Security

Data breaches were 50% more common in Australia than the global average in 2023, according to new research from Rubrik.

More Trending

article thumbnail

BingoMod Android RAT steals money from victims’ bank accounts and wipes data

Security Affairs

BingoMod is a new Android malware that can wipe devices after stealing money from the victims’ bank accounts. Researchers at Cleafy discovered a new Android malware, called ‘BingoMod,’ that can wipe devices after successfully stealing money from the victims’ bank accounts. The Cleafy TIR team discovered the previously undetected malware at the end of May 2024.

Banking 144
article thumbnail

Facebook Ads Lead to Fake Websites Stealing Credit Card Information

The Hacker News

Facebook users are the target of a scam e-commerce network that uses hundreds of fake websites to steal personal and financial data using brand impersonation and malvertising tricks. Recorded Future's Payment Fraud Intelligence team, which detected the campaign on April 17, 2024, has given it the name ERIAKOS owing to the use of the same content delivery network (CDN) oss.eriakos[.]com.

Scams 143
article thumbnail

Microsoft says massive Azure outage was caused by DDoS attack

Bleeping Computer

Microsoft confirmed today that a nine-hour outage on Tuesday, which took down and disrupted multiple Microsoft 365 and Azure services worldwide, was triggered by a distributed denial-of-service (DDoS) attack. [.

DDOS 142
article thumbnail

DigiCert to Revoke 83,000+ SSL Certificates Due to Domain Validation Oversight

The Hacker News

Certificate authority (CA) DigiCert has warned that it will be revoking a subset of SSL/TLS certificates within 24 hours due to an oversight with how it verified if a digital certificate is issued to the rightful owner of a domain. The company said it will be taking the step of revoking certificates that do not have proper Domain Control Validation (DCV).

143
143
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Apple fixed dozens of vulnerabilities in iOS and macOS

Security Affairs

Apple has issued security updates to address multiple vulnerabilities across iOS, macOS, tvOS, visionOS, watchOS, and Safari. Apple released security updates to address multiple vulnerabilities in iOS, macOS, tvOS, visionOS, watchOS, and Safari. The IT giant released iOS 17.6 and iPadOS 17.6 to address dozens of security vulnerabilities, including authentication and policy bypasses, information disclosure and denial-of-service (DoS) issues, and bugs that can lead to memory leaks and unexpected a

article thumbnail

Social Media Malvertising Campaign Promotes Fake AI Editor Website for Credential Theft

Trend Micro

We uncovered a malvertising campaign where the threat actor hijacks social media pages, renames them to mimic popular AI photo editors, then posts malicious links to fake websites.

Media 138
article thumbnail

A ransomware attack disrupted operations at OneBlood blood bank

Security Affairs

OneBlood, a non-profit blood bank serving over 300 U.S. hospitals, suffered a ransomware attack that disrupted its medical operations. OneBlood is a non-profit organization that provides blood and blood products to over 300 hospitals and medical facilities across the U.S. Southeast. The organization collects, tests, and distributes blood to ensure a steady supply for needy patients.

Banking 140
article thumbnail

North Korea-Linked Malware Targets Developers on Windows, Linux, and macOS

The Hacker News

The threat actors behind an ongoing malware campaign targeting software developers have demonstrated new malware and tactics, expanding their focus to include Windows, Linux, and macOS systems. The activity cluster, dubbed DEV#POPPER and linked to North Korea, has been found to have singled out victims across South Korea, North America, Europe, and the Middle East.

Malware 137
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Phishing campaigns target SMBs in Poland, Romania, and Italy with multiple malware families

Security Affairs

Phishing campaigns target small and medium-sized businesses (SMBs) in Poland to deliver malware families such as Agent Tesla, Formbook, and Remcos RAT. ESET researchers observed multiple phishing campaigns targeting SMBs in Poland in May 2024, distributing various malware families like Agent Tesla , Formbook , and Remcos RAT. ESET researchers detected nine notable phishing campaigns during May 2024 in Poland, Romania, and Italy.

Phishing 140
article thumbnail

Chinese Hackers Target Japanese Firms with LODEINFO and NOOPDOOR Malware

The Hacker News

Japanese organizations are the target of a Chinese nation-state threat actor that leverages malware families like LODEINFO and NOOPDOOR to harvest sensitive information from compromised hosts while stealthily remaining under the radar in some cases for a time period ranging from two to three years.

Malware 136
article thumbnail

Can ChatGPT-4o Be Trusted With Your Private Data?

WIRED Threat Level

OpenAI’s newest model is “a data hoover on steroids,” says one expert—but there are still ways to use it while minimizing risk to your private data.

Risk 135
article thumbnail

Email Attacks Surge, Ransomware Threat Remains Elevated

Security Boulevard

There has been a dramatic rise in email attacks and ransomware incidents, with an Acronis report noting a staggering 293% increase in email attacks in the first half of 2024 compared to the same period in 2023. The post Email Attacks Surge, Ransomware Threat Remains Elevated appeared first on Security Boulevard.

article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

New Android malware wipes your device after draining bank accounts

Bleeping Computer

A new Android malware that researchers call 'BingoMod' can wipe devices after successfully stealing money from the victims' bank accounts using the on-device fraud technique. [.

Banking 132
article thumbnail

Report: Amount of Data Being Analyzed by Cybersecurity Teams Rises

Security Boulevard

An analysis published today by Cribl, a data management platform provider, suggests that the amount of data being processed and analyzed by cybersecurity teams is increasing exponentially. The post Report: Amount of Data Being Analyzed by Cybersecurity Teams Rises appeared first on Security Boulevard.

article thumbnail

Cyber Espionage Group XDSpy Targets Companies in Russia and Moldova

The Hacker News

Companies in Russia and Moldova have been the target of a phishing campaign orchestrated by a little-known cyber espionage group known as XDSpy. The findings come from cybersecurity firm F.A.C.C.T., which said the infection chains lead to the deployment of a malware called DSDownloader. The activity was observed this month, it added.

Phishing 132
article thumbnail

Meta to pay $1.4 billion over unauthorized facial recognition image capture

Malwarebytes

Texas Attorney General Ken Paxton has announced a $1.4 billion settlement with Meta to “stop the company’s practice of capturing and using the personal biometric data of millions of Texans without the authorization required by law.” The prime reason for the initial lawsuit that led to the settlement was Facebook’s “Tag Suggestions” feature that used facial recognition.

Media 132
article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

article thumbnail

Black Hat Fireside Chat: How ‘enterprise browsers’ help to shrink exposures, boost efficiencies

The Last Watchdog

Web browser security certainly hasn’t been lacking over the past 25 years. Related: Island valued at $3.5 billion Advancements have included everything from sandboxing and web applications firewalls (WAFs,) early on, to secure web gateways (SWGs) and Virtual Desktop Infrastructure (VDIs,) more recently. Yet profound browser exposures persist — and this has led to the arrival of enterprise browsers , which will be in the spotlight as Black Hat USA 2024 gets underway next week in Las Vegas.

article thumbnail

The cyberthreat that drives businesses towards cyber risk insurance

We Live Security

Many smaller organizations are turning to cyber risk insurance, both to protect against the cost of a cyber incident and to use the extensive post-incident services that insurers provide

article thumbnail

Escalating Privileges in Google Cloud via Open Groups 

NetSpi Technical

Per GCP IAM documentation , Google Groups are valid principals for IAM policy bindings in Google Cloud. Google also recommends using Groups when granting roles in GCP, as opposed to users. Groups can include groups outside of organizations like devs@googlegroups.com or groups in an Organization like admins@yourorg.com. Google Groups can be managed via [link] and optionally through the Google Cloud Console.

Risk 123
article thumbnail

CrowdStrike Sued? — Delta Dials David Boies

Security Boulevard

Is Delta the First of Many? Airline calls in attorneys Boies Schiller Flexner to claw back its cash. The post CrowdStrike Sued? — Delta Dials David Boies appeared first on Security Boulevard.

Software 123
article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

VMware ESXi Vulnerability Exposes Thousands of Servers to Ransomware

Penetration Testing

A vulnerability in VMware’s ESXi virtualization platform continues to leave thousands of servers exposed to ransomware attacks, despite active exploitation by cybercriminals and warnings from major security organizations. Researchers from the Shadowserver Foundation have... The post VMware ESXi Vulnerability Exposes Thousands of Servers to Ransomware appeared first on Cybersecurity News.

article thumbnail

Black Hat Preview: CrowdStrike, Disinformation Lead The Narrative

Security Boulevard

The stakes have rarely been higher. As cybersecurity experts make their way to the one-armed bandits and scorching heat in Las Vegas for Black Hat USA 2024 next week, the specter of the CrowdStrike Inc. debacle looms large. More than a dozen vendors contacted by Techstrong insist the worldwide outage has created a level of. The post Black Hat Preview: CrowdStrike, Disinformation Lead The Narrative appeared first on Security Boulevard.

article thumbnail

Fraud ring pushes 600+ fake web shops via Facebook ads

Bleeping Computer

A malicious fraud campaign dubbed "ERIAKOS" promotes more than 600 fake web shops through Facebook advertisements to steal visitors' personal and financial information. [.

article thumbnail

EDR vs EPP vs Antivirus: Comparing Endpoint Protection Solutions

eSecurity Planet

Endpoint protection solutions safeguard network endpoints against cyberthreats using a selection of management tools, including endpoint detection and response (EDR), endpoint protection platform (EPP), and antivirus (AV). AV software blocks malware, EPP passively prevents threats, and EDR actively mitigates network attacks. When threats circumvent EPP’s preventative procedures, EDR is frequently paired with EPP to control the damage.

Antivirus 112
article thumbnail

IT Leadership Agrees AI is Here, but Now What?

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.