Fri.Jul 26, 2024

article thumbnail

Compromising the Secure Boot Process

Schneier on Security

This isn’t good : On Thursday, researchers from security firm Binarly revealed that Secure Boot is completely compromised on more than 200 device models sold by Acer, Dell, Gigabyte, Intel, and Supermicro. The cause: a cryptographic key underpinning Secure Boot on those models that was compromised in 2022. In a public GitHub repository committed in December of that year, someone working for multiple US-based device manufacturers published what’s known as a platform key, the cryptogra

Firmware 301
article thumbnail

Crooks Bypassed Google’s Email Verification to Create Workspace Accounts, Access 3rd-Party Services

Krebs on Security

Google says it recently fixed an authentication weakness that allowed crooks to circumvent the email verification required to create a Google Workspace account, and leverage that to impersonate a domain holder at third-party services that allow logins through Google’s “Sign in with Google” feature. Last week, KrebsOnSecurity heard from a reader who said they received a notice that their email address had been used to create a potentially malicious Workspace account that Google

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

BIND updates fix four high-severity DoS bugs in the DNS software suite

Security Affairs

The Internet Systems Consortium (ISC) released BIND security updates that fixed several remotely exploitable DoS bugs in the DNS software suite. The Internet Systems Consortium (ISC) released security updates for BIND that address DoS vulnerabilities that could be remotely exploited. An attacker can exploit these vulnerabilities to disrupt DNS services.

DNS 145
article thumbnail

July Windows Server updates break Remote Desktop connections

Bleeping Computer

Microsoft has confirmed that July's security updates break remote desktop connections in organizations where Windows servers are configured to use the legacy RPC over HTTP protocol in the Remote Desktop Gateway. [.

136
136
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Master Cybersecurity With The Complete CompTIA Security+ SY0-701 Certification Kit by IDUNOVA

Tech Republic Security

Prepare for your cybersecurity certification with comprehensive study materials (including 30 hours of videos and hands-on labs) and expert guidance.

article thumbnail

Suspect Indicted in North Korea Group’s Expansive Spying Operation

Security Boulevard

North Korea's APT45 threat group is using ransomware attacks on U.S. health care firms to fund an ongoing cyberespionage campaign to steal military and defense secrets that are fed back into the country's banned nuclear weapons program. A North Korean operative was indicted by the DOJ. The post Suspect Indicted in North Korea Group’s Expansive Spying Operation appeared first on Security Boulevard.

More Trending

article thumbnail

Deepfake Attacks Prompt Change in Security Strategy

Security Boulevard

Organizations can keep their deepfake response plans current by continuously monitoring industry trends and integrating new technologies. The post Deepfake Attacks Prompt Change in Security Strategy appeared first on Security Boulevard.

article thumbnail

A bug in Chrome Password Manager caused user credentials to disappear

Security Affairs

Google addressed a Chrome’s Password Manager bug that caused user credentials to disappear temporarily for more than 18 hours. Google has addressed a bug in Chrome’s Password Manager that caused user credentials to disappear temporarily. An 18-hour outage impacted Google Chrome’s Password Manager on Wednesday, impacting users who rely on the tool to store and autofill their passwords.

article thumbnail

Networking Equipment Riddled With Software Supply Chain Risks

Security Boulevard

Outdated software components often contain vulnerabilities that have been discovered and are well-understood by threat actors. The post Networking Equipment Riddled With Software Supply Chain Risks appeared first on Security Boulevard.

Software 122
article thumbnail

Malicious PyPI Package Targets macOS to Steal Google Cloud Credentials

The Hacker News

Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) repository that targets Apple macOS systems with the goal of stealing users' Google Cloud credentials from a narrow pool of victims. The package, named "lr-utils-lib," attracted a total of 59 downloads before it was taken down. It was uploaded to the registry in early June 2024.

Malware 123
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

10 Million Users Compromised in Z-Library Phishing Site Hack

Penetration Testing

On the popular pirate e-book site Z-Library, or rather its phishing clone Z-lib, created in late 2022, there was a recent data breach affecting nearly 10 million users. On June 27, 2024, the Cybernews... The post 10 Million Users Compromised in Z-Library Phishing Site Hack appeared first on Cybersecurity News.

Phishing 129
article thumbnail

FBCS data breach impact now reaches 4.2 million people

Bleeping Computer

Debt collection agency Financial Business and Consumer Solutions (FBCS) has again increased the number of people impacted by a February data breach, now saying it affects 4.2 million people in the US. [.

article thumbnail

Hackers Leak Sensitive Documents from Major Pentagon IT Contractor, Leidos

Penetration Testing

Cybercriminals have leaked internal documents stolen from Leidos Holdings Inc., one of the largest IT service providers for the U.S. government, Bloomberg reports. According to a source familiar with the situation, Leidos recently became... The post Hackers Leak Sensitive Documents from Major Pentagon IT Contractor, Leidos appeared first on Cybersecurity News.

article thumbnail

Offensive AI: The Sine Qua Non of Cybersecurity

The Hacker News

"Peace is the virtue of civilization. War is its crime. Yet it is often in the furnace of war that the sharpest tools of peace are forged." - Victor Hugo. In 1971, an unsettling message started appearing on several computers that comprised ARPANET, the precursor to what we now know as the Internet. The message, which read "I'm the Creeper: catch me if you can.

article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Meta takes down 63,000 sextortion-related accounts on Instagram

Malwarebytes

Meta announced the take-down of 63,000 sextortion-related Instagram accounts in Nigeria alone. The action was directed against a group known as Yahoo Boys, a loosely organized set of cybercriminals that largely operate out of Nigeria and specialize in different types of scams. Meta took down a host of accounts, including some 2,500 that belonged to a coordinated group of around 20 criminals which primarily targeted adult men in the US.

article thumbnail

This AI-Powered Cybercrime Service Bundles Phishing Kits with Malicious Android Apps

The Hacker News

A Spanish-speaking cybercrime group named GXC Team has been observed bundling phishing kits with malicious Android applications, taking malware-as-a-service (MaaS) offerings to the next level.

article thumbnail

Russian ransomware gangs account for 69% of all ransom proceeds

Bleeping Computer

Russian-speaking threat actors accounted for at least 69% of all crypto proceeds linked to ransomware throughout the previous year, exceeding $500,000,000. [.

article thumbnail

French Authorities Launch Operation to Remove PlugX Malware from Infected Systems

The Hacker News

French judicial authorities, in collaboration with Europol, have launched a so-called "disinfection operation" to rid compromised hosts of a known malware called PlugX. The Paris Prosecutor's Office, Parquet de Paris, said the initiative was launched on July 18 and that it's expected to continue for "several months.

Malware 108
article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

article thumbnail

Friday Five: The Wake of the Crowdstrike Debacle, a North Korean Hacker Hired to a Security Firm, & More

Digital Guardian

Bottom-feeding cybercriminals are seizing new opportunities in the wake of this past week's massive Crowdstrike outage. Meanwhile, more prominent hackers from China, North Korea, and Russia aren't showing signs of slowing down. Read up on all these stories in this week's Friday Five!

97
article thumbnail

Crypto exchange Gemini discloses third-party data breach

Bleeping Computer

Cryptocurrency exchange Gemini is warning it suffered a data breach incident caused by a cyberattack at its Automated Clearing House (ACH) service provider, whose name was not disclosed. [.

article thumbnail

CrowdStrike Outage: Impact and Insights

CompTIA on Cybersecurity

How will the CrowdStrike outage impact businesses and consumers in the near future? Learn more about the need for oversight and preparation for companies and individuals alike as we explore the outage. Plus, hear insights from CompTIA’s VP of Industry Research, Seth Robinson.

88
article thumbnail

Google fixes Chrome Password Manager bug that hides credentials

Bleeping Computer

Google has fixed a bug in Chrome's Password Manager that caused user credentials to disappear temporarily for more than 18 hours.

article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

PKfail: 800+ Major PC Models have Insecure ‘Secure Boot’

Security Boulevard

Big BIOS bother: Hundreds of PC models from vendors such as HP, Lenovo, Dell, Intel, Acer and Gigabyte shipped with useless boot protection—using private keys that aren’t private. The post PKfail: 800+ Major PC Models have Insecure ‘Secure Boot’ appeared first on Security Boulevard.

article thumbnail

8 Benefits of Endpoint Detection & Response (EDR) You Should Know [2024]

Heimadal Security

Did you know, the average employee today uses 2.5 devices to carry out their work? Across businesses, this can add up to hundreds or even thousands of bits of kit. One 2021 study in the UK found two-thirds of large businesses (250+ employees) have more than 1,000 devices on their networks, while medium-sized companies (50-249 […] The post 8 Benefits of Endpoint Detection & Response (EDR) You Should Know [2024] appeared first on Heimdal Security Blog.

83
article thumbnail

Negotiate Your Next Cyber Insurance Policy With This 6-Step Playbook

Security Boulevard

TL;DR: Cyber liability insurance is essential, but premiums are increasing, and numerous exclusions exist. Important steps to lower premiums include preparation, articulating your risk, and demonstrating progressive improvement in security through measurable metrics. Why Do Organizations Need Cyber Liability Insurance? Cyber liability insurance has become an important component of every organization’s cyber strategy.

article thumbnail

Europe Is Pumping Billions Into New Military Tech

WIRED Threat Level

The European Commission is allocating €7.3 billion for defense research over the next seven years. From drones and tanks of the future to battleships and space intelligence, here's what it funds.

80
article thumbnail

IT Leadership Agrees AI is Here, but Now What?

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.

article thumbnail

Making Sense of Open-Source Vulnerability Databases: NVD, OSV, and more

Security Boulevard

Essential reading for developers and security professionals alike: a comprehensive comparison of vulnerability databases to help you cut through the noise. The post Making Sense of Open-Source Vulnerability Databases: NVD, OSV, and more appeared first on Security Boulevard.

78
article thumbnail

ServiceNow RCE Flaws Actively Exploited by Threat Actors to Steal Credentials

Heimadal Security

Threat actors are exploiting publicly known exploits to chain together ServiceNow flaws in order to infiltrate government organizations and commercial companies in data theft campaigns. Security researchers monitored the malicious activity and identified multiple victims, including government agencies, data centres, energy providers, and even software development firms.

article thumbnail

Effortless certificate management with automated CNAME validation

Security Boulevard

Imperva customers who properly utilize the managed certificate feature can experience a robust, interruptions-free, and fully automated certificate management process that requires no effort for domain validations and renewals. In today’s digital landscape, security is of paramount importance. One critical aspect of online security is ensuring that communication between a user’s browser and a website […] The post Effortless certificate management with automated CNAME validation appeared first o

72
article thumbnail

PKfail Vulnerability: A New Threat to UEFI Security Unveiled by Binarly Research Team

Penetration Testing

In a recent and alarming discovery, cybersecurity specialists from Binarly have identified a critical flaw affecting hundreds of UEFI products from 10 prominent suppliers. The vulnerability, dubbed “PKfail,” poses a severe threat as it... The post PKfail Vulnerability: A New Threat to UEFI Security Unveiled by Binarly Research Team appeared first on Cybersecurity News.

article thumbnail

Enhance Innovation and Governance Through the Cloud Development Maturity Model

Leverage the Cloud Development Environment Maturity Model to elevate your software development practices with scalable, secure cloud-based workspaces. This model offers a structured approach to modernizing development, aligning technology, developer experience, security, and workflows. By implementing Cloud Development Environments (CDEs), teams can boost efficiency, improve security, and streamline operations through centralized governance.