Mon.Nov 11, 2024

article thumbnail

Amazon discloses employee data breach after May 2023 MOVEit attacks

Security Affairs

Amazon disclosed a data breach exposing employee data, with information allegedly stolen in the May 2023 MOVEit attacks. Amazon disclosed a data breach that exposed employee information after data was allegedly stolen during the May 2023 MOVEit attacks. The company said that the data was stolen from a third-party vendor. Amazon did not disclose the number of impacted employees.

article thumbnail

GUEST ESSAY: The promise and pitfalls of using augmented reality– ‘AR’ — in cybersecurity

The Last Watchdog

Augmented reality use cases have become prevalent in our society. The technology, which first emerged primarily in the world of gaming and entertainment, now promises to reshape our reality with interactive information and immersive experiences. In short, AR is undoubtedly a groundbreaking technology that will reinvent how we interact with the digital world.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

A new fileless variant of Remcos RAT observed in the wild

Security Affairs

Fortinet researchers discovered a new phishing campaign spreading a variant of the commercial malware Remcos RAT. Fortinet’s FortiGuard Labs recently uncovered a phishing campaign spreading a new variant of the Remcos RAT. Remcos is a commercial remote administration tool (RAT) that is sold online to allow buyers remote control over computers. Threat actors use Remcos to steal sensitive information and control victims’ computers for malicious activities.

Phishing 136
article thumbnail

How to migrate from X to Bluesky without losing your followers

Zero Day

This extension lets you easily migrate your follows and block list from X (formerly Twitter) to Bluesky, but you need to act fast because its functionality may be short-lived. Here's why.

145
145
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Tor Network Thwarts IP Spoofing Attack

Penetration Testing

A coordinated attack targeting the Tor network has been neutralized thanks to the swift action of the Tor community and security researchers. In late October, the Tor Project faced a... The post Tor Network Thwarts IP Spoofing Attack appeared first on Cybersecurity News.

article thumbnail

The AI Machine Gun of the Future Is Already Here

WIRED Threat Level

The Pentagon is pursuing every available option to keep US troops safe from the rising tide of adversary drones, including a robotic twist on its standard-issue small arms.

144
144

More Trending

article thumbnail

Security Flaws in Popular ML Toolkits Enable Server Hijacks, Privilege Escalation

The Hacker News

Cybersecurity researchers have uncovered nearly two dozen security flaws spanning 15 different machine learning (ML) related open-source projects. These comprise vulnerabilities discovered both on the server- and client-side, software supply chain security firm JFrog said in an analysis published last week.

Software 139
article thumbnail

GuLoader Campaign Targets European Industrial Sector with Evolving Evasion Techniques

Penetration Testing

Cado Security Labs has uncovered a targeted GuLoader malware campaign aimed at European industrial and engineering companies. This campaign leverages sophisticated evasion tactics to deliver Remote Access Trojans (RATs), specifically... The post GuLoader Campaign Targets European Industrial Sector with Evolving Evasion Techniques appeared first on Cybersecurity News.

article thumbnail

New Ymir Ransomware Exploits Memory for Stealthy Attacks; Targets Corporate Networks

The Hacker News

Cybersecurity researchers have flagged a new ransomware family called Ymir that was deployed in an attack two days after systems were compromised by a stealer malware called RustyStealer. "Ymir ransomware introduces a unique combination of technical features and tactics that enhance its effectiveness," Russian cybersecurity vendor Kaspersky said.

article thumbnail

I changed this Android setting to instantly double my phone speed (and it works on any model)

Zero Day

A few taps and a swipe are all it takes to make your Android phone run in double time.

136
136
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Lessons Learned from a High-Stakes Data Breach

SecureWorld News

In 2016, Uber faced a cybersecurity crisis that ended up reshaping the conversation around data breaches and accountability. Hackers accessed a massive amount of sensitive data, including the names, email addresses, and phone numbers of 57 million riders and drivers, plus driver's license numbers for about 600,000 drivers. They managed to break in after finding credentials left exposed in a public GitHub repository—a preventable, basic lapse in security hygiene.

article thumbnail

THN Recap: Top Cybersecurity Threats, Tools, and Practices (Nov 04 - Nov 10)

The Hacker News

⚠️ Imagine this: the very tools you trust to protect you online—your two-factor authentication, your car’s tech system, even your security software—turned into silent allies for hackers. Sounds like a scene from a thriller, right? Yet, in 2024, this isn’t fiction; it’s the new cyber reality.

article thumbnail

Want a programming job in 2024? Learning any language helps, but only one is essential

Zero Day

Every employment site agrees: Your dream programming job demands this language.

128
128
article thumbnail

New GootLoader Campaign Targets Users Searching for Bengal Cat Laws in Australia

The Hacker News

In an unusually specific campaign, users searching about the legality of Bengal Cats in Australia are being targeted with the GootLoader malware. "In this case, we found the GootLoader actors using search results for information about a particular cat and a particular geography being used to deliver the payload: 'Are Bengal Cats legal in Australia?

Malware 125
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

News alert: Sweet Security rolls out its advanced runtime detection and response platform for AWS

The Last Watchdog

Tel Aviv, Israel, Nov. 11, 2024, CyberNewswire — Sweet Security today announced the availability of its cloud-native detection and response platform on the Amazon Web Services (AWS) marketplace. Sweet’s solution unifies threat detection across cloud infrastructure, network, workloads, and applications. It provides deep runtime context that enables security teams to quickly extract actual attack narratives from a sea of isolated incidents.

article thumbnail

HPE Issues Critical Security Patches for Aruba Access Point Vulnerabilities

The Hacker News

Hewlett Packard Enterprise (HPE) has released security updates to address multiple vulnerabilities impacting Aruba Networking Access Point products, including two critical bugs that could result in unauthenticated command execution. The flaws affect Access Points running Instant AOS-8 and AOS-10 - AOS-10.4.x.x: 10.4.1.4 and below Instant AOS-8.12.x.x: 8.12.0.2 and below Instant AOS-8.10.x.

122
122
article thumbnail

Beyond the checkbox: Demystifying cybersecurity compliance

We Live Security

In an era of escalating digital threats, cybersecurity compliance goes beyond ticking a legal box – it’s a crucial shield safeguarding assets, reputation, and the very survival of your business

article thumbnail

The ROI of Security Investments: How Cybersecurity Leaders Prove It

The Hacker News

Cyber threats are intensifying, and cybersecurity has become critical to business operations. As security budgets grow, CEOs and boardrooms are demanding concrete evidence that cybersecurity initiatives deliver value beyond regulation compliance. Just like you wouldn’t buy a car without knowing it was first put through a crash test, security systems must also be validated to confirm their value.

article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

This device proved to me that rugged smartphones can, in fact, have it all

Zero Day

This smartphone has a quad-core processor, a 20-day battery (on standby), and even a 100-megapixel camera!

111
111
article thumbnail

JavaScript Drive-By Attacks: New Exploits without 0-Day in Google Chrome

Penetration Testing

Ron Masas from Imperva Threat Research has uncovered a new way attackers can target Chrome users without relying on 0-day vulnerabilities. This approach leverages the File System Access API, which... The post JavaScript Drive-By Attacks: New Exploits without 0-Day in Google Chrome appeared first on Cybersecurity News.

article thumbnail

The Apple Watch Series 10 makes a great gift - and just dropped to $349 for the first time at Walmart

Zero Day

The newly-released Apple Watch Series 10 has gotten its biggest price drop yet at Walmart ahead of Black Friday shopping and gifting.

111
111
article thumbnail

Amazon discloses employee data breach after May 2023 MOVEit attacks

Security Affairs

Amazon disclosed a data breach exposing employee data, with information allegedly stolen in the May 2023 MOVEit attacks. Amazon disclosed a data breach that exposed employee information after data was allegedly stolen during the May 2023 MOVEit attacks. The company said that the data was stolen from a third-party vendor. Amazon did not disclose the number of impacted employees.

article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

article thumbnail

I changed 5 ChatGPT settings and instantly became more productive - here's how

Zero Day

Customizing your ChatGPT experience with these simple tips makes every future AI conversation so much more productive.

109
109
article thumbnail

A new fileless variant of Remcos RAT observed in the wild

Security Affairs

Fortinet researchers discovered a new phishing campaign spreading a variant of the commercial malware Remcos RAT. Fortinet’s FortiGuard Labs recently uncovered a phishing campaign spreading a new variant of the Remcos RAT. Remcos is a commercial remote administration tool (RAT) that is sold online to allow buyers remote control over computers. Threat actors use Remcos to steal sensitive information and control victims’ computers for malicious activities.

article thumbnail

ChatGPT continues to dominate, but this Google AI tool is picking up steam fast

Zero Day

Though ChatGPT is enjoying the highest overall user growth among generative AI services, another AI tool has seen its traffic more than triple in recent weeks.

100
100
article thumbnail

Stay Safe from Fake E-Shops This Holiday Season

ZoneAlarm

The holiday season is a busy time for online shopping, but it’s also when fake e-shops flood the internet, trying to steal your data and money. These fraudulent sites are more sophisticated than ever, often appearing as legitimate as your favorite online retailers. While shopping deals can be tempting, it’s crucial to stay vigilant and … The post Stay Safe from Fake E-Shops This Holiday Season appeared first on ZoneAlarm Security Blog.

Retail 88
article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

Save up to $300 on the Amazon Fire TV Omni QLED ahead of Black Friday

Zero Day

The Amazon Fire TV Omni QLED offers great picture and audio quality for both streaming and console gaming. Save up to $300, but you'll have to hurry because with a deal this good, stock may not last.

97
article thumbnail

CVE-2024-11068 (CVSS 9.8): Critical D-Link DSL-6740C Flaw, Immediate Replacement Advised

Penetration Testing

TWCERT/CC has issued multiple security advisories for the D-Link DSL-6740C modem, revealing a range of severe vulnerabilities that could expose users to remote attacks. The modem, which is no longer... The post CVE-2024-11068 (CVSS 9.8): Critical D-Link DSL-6740C Flaw, Immediate Replacement Advised appeared first on Cybersecurity News.

article thumbnail

5 Linux commands you need to have ready - just in case

Zero Day

Why keep a first aid kit or fire extinguisher in your home? Same with these commands: You'll never know when they might come in very handy.

97
article thumbnail

Ghostscript Update Patches Six Critical Vulnerabilities: Code Execution, Buffer Overflow, and Path Traversal Risks

Penetration Testing

Popular document rendering engine Ghostscript has released a critical security update addressing multiple vulnerabilities, some of which could lead to remote code execution. Ghostscript, a widely used interpreter for PostScript... The post Ghostscript Update Patches Six Critical Vulnerabilities: Code Execution, Buffer Overflow, and Path Traversal Risks appeared first on Cybersecurity News.

Risk 80
article thumbnail

IT Leadership Agrees AI is Here, but Now What?

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.