Wed.Oct 18, 2023

article thumbnail

The Fake Browser Update Scam Gets a Makeover

Krebs on Security

One of the oldest malware tricks in the book — hacked websites claiming visitors need to update their Web browser before they can view any content — has roared back to life in the past few months. New research shows the attackers behind one such scheme have developed an ingenious way of keeping their malware from being taken down by security experts or law enforcement: By hosting the malicious files on a decentralized, anonymous cryptocurrency blockchain.

Scams 322
article thumbnail

DEEP TECH NEWS: How ‘attribute-based encryption’ preserves privacy at a fined-grained level

The Last Watchdog

The ubiquity of smart surveillance systems has contributed greatly to public safety. Related: Monetizing data lakes Image capture devices embedded far and wide in public spaces help deter crime as well as aid first responders — but they also stir rising concerns about an individual’s right to privacy. Enter attribute-based encryption ( ABE ) an advanced type of cryptography that’s now ready for prime time.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

What Australian IT Leaders Need to Focus on Ahead of Privacy Act Reforms

Tech Republic Security

The Australian federal government aims to deliver changes to privacy laws in 2024. Organisations are being warned to prepare ahead of time by creating a comprehensive map of organisational data.

article thumbnail

Multiple APT groups exploited WinRAR flaw CVE-2023-38831

Security Affairs

Google TAG reported that both Russia and China-linked threat actors are weaponizing the a high-severity vulnerability in WinRAR. Google’s Threat Analysis Group (TAG) reported that in recent weeks multiple nation-state actors were spotted exploiting the vulnerability CVE-2023-38831 in WinRAR. The researchers reported that several cybercrime groups began exploiting the flaw in early 2023, when the bug was still a zero-day.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Better safe than sorry: 10 tips to build an effective business backup strategy

We Live Security

Here's how robust backup best practices can help drive resilience and improve cyber-hygiene in your company

Backups 137
article thumbnail

D-Link confirms data breach, but downplayed the impact

Security Affairs

Taiwanese manufacturer D-Link confirmed a data breach after a threat actor offered for sale on BreachForums stolen data. The global networking equipment and technology company D-Link confirmed a data breach after a threat actor earlier this month offered for sale on the BreachForums platform the stolen data. The company became aware of the a claim of data breach on October 2, 2023 and immediately launched an investigation into the alleged incident with the help of the security firm Trend Micro.

More Trending

article thumbnail

Californian IT company DNA Micro leaks private mobile phone data

Security Affairs

Hundreds of thousands of clients who opted-in for a screen warranty were exposed when DNA Micro leaked data from its systems. The Cybernews research team found that DNA Micro, a California-based IT company, exposed the sensitive data of more than 820,000 customers due to a misconfiguration in its systems. The victims most affected by the data leak were those using the services of DNA Micro’s subsidiary company InstaProtek, which provides a screen warranty service.

Mobile 138
article thumbnail

Lazarus Group Targeting Defense Experts with Fake Interviews via Trojanized VNC Apps

The Hacker News

The North Korea-linked Lazarus Group (aka Hidden Cobra or TEMP.Hermit) has been observed using trojanized versions of Virtual Network Computing (VNC) apps as lures to target the defense industry and nuclear engineers as part of a long-running campaign known as Operation Dream Job.

Media 131
article thumbnail

A flaw in Synology DiskStation Manager allows admin account takeover

Security Affairs

A vulnerability in Synology DiskStation Manager ( DSM ) could be exploited to decipher an administrator’s password. Researchers from Claroty’s Team82 discovered a vulnerability, tracked as CVE-2023-2729 (CVSS score 5.9), in Synology DiskStation Manager (DSM). Team82 discovered the use of a weak random number generator in Synology’s DiskStation Manager (DSM) Linux-based operating system running on the NAS products.

article thumbnail

Focus Threat Intel Capabilities at Detection Engineering (Part 4)

Anton on Security

This blog series was written jointly with Amine Besson, Principal Cyber Engineer, Behemoth CyberDefence and one more anonymous collaborator. In this blog (#4 in the series), we will start to talk about the elephant in the room: how intel becomes detections (and, no, it is not trivial) Detection Engineering is Painful — and It Shouldn’t Be (Part 1) Detection Engineering and SOC Scalability Challenges (Part 2) Build for Detection Engineering, and Alerting Will Improve (Part 3) Detection Engineers

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Threat actors have been exploiting CVE-2023-4966 in Citrix NetScaler ADC/Gateway devices since August

Security Affairs

Experts reported that the vulnerability CVE-2023-4966 in Citrix NetScaler ADC/Gateway devices has been exploited in attacks since late August. On October 10, Citrix published a security bulletin related to a critical vulnerability, tracked as CVE-2023-4966, in Citrix NetScaler ADC/Gateway devices. “ Exploits of CVE-2023-4966 on unmitigated appliances have been observed. ” reported Citrix. “Cloud Software Group strongly urges customers of NetScaler ADC and NetScaler Gateway to i

article thumbnail

Updated MATA attacks industrial companies in Eastern Europe

SecureList

In early September 2022, we discovered several new malware samples belonging to the MATA cluster. As we were collecting and analyzing the relevant telemetry data, we realized the campaign had been launched in mid-August 2022 and targeted over a dozen corporations in Eastern Europe from the oil and gas sector and defense industry. The actors behind the attack used spear-phishing mails to target several victims, some were infected with Windows executable malware by downloading files through an int

Malware 126
article thumbnail

Cybersecurity Awareness Month 2023 Blog Series | Updating Software

NSTIC

It’s week three in our Cybersecurity Awareness Month blog series! This week, we interviewed NIST’s Michael Ogata (Computer Scientist) and Paul Watrobski (IT Security Specialist) about the importance of updating software. This week’s Cybersecurity Awareness Month theme is ‘updating software.’ How does your work/specialty area at NIST tie into this behavior?

Software 125
article thumbnail

Microsoft disables bad spam rule flagging all sent emails as junk

Bleeping Computer

Microsoft has disabled a bad anti-spam rule flooding Microsoft 365 admins' inboxes with blind carbon copies (BCC) of outbound emails mistakenly flagged as spam. [.

125
125
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Google TAG Detects State-Backed Threat Actors Exploiting WinRAR Flaw

The Hacker News

A number of state-back threat actors from Russia and China have been observed exploiting a recent security flaw in the WinRAR archiver tool for Windows as part of their operations. The vulnerability in question is CVE-2023-38831 (CVSS score: 7.8), which allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive.

125
125
article thumbnail

Hacker leaks millions of new 23andMe genetic data profiles

Bleeping Computer

A hacker has leaked an additional 4.1 million stolen 23andMe genetic data profiles for people in Great Britain and Germany on a hacking forum. [.

Hacking 124
article thumbnail

Leading CISO Wants More Security Proactivity in Australian Businesses to Avoid Attack ‘Surprises’

Tech Republic Security

Rapid7’s Jaya Baloo says a deficit in Australian organisational IT asset and vulnerability understanding is helping threat actors, and this is being exacerbated by fast growth in multicloud environments.

CISO 124
article thumbnail

The Most Popular IT Admin Password Is Totally Depressing

Dark Reading

Analysis of more than 1.8 million admin portals reveals IT leaders, with the highest privileges, are just as lazy about passwords as everyone else.

Passwords 124
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Unraveling Real-Life Attack Paths – Key Lessons Learned

The Hacker News

In the ever-evolving landscape of cybersecurity, attackers are always searching for vulnerabilities and exploits within organizational environments. They don't just target single weaknesses; they're on the hunt for combinations of exposures and attack methods that can lead them to their desired objective.

article thumbnail

FBI: Hackers Are Extorting Plastic Surgery Providers, Patients

Dark Reading

The sensitive nature of medical records, combined with providers' focus on patient care, make small doctor's offices ideal targets for cyber extortion.

123
123
article thumbnail

Ex-Navy IT head gets 5 years for selling people’s data on darkweb

Bleeping Computer

Marquis Hooper, a former U.S. Navy IT manager, has received a sentence of five years and five months in prison for illegally obtaining US citizens' personally identifiable information (PII) and selling it on the dark web. [.

article thumbnail

Critical Citrix Bug Exploited as a Zero-Day, 'Patching Is Not Enough'

Dark Reading

The latest threat to Citrix NetScaler, CVE-2023-4966, was exploited as a zero-day bug for months before a patch was issued. Researchers expect exploitation efforts to surge.

122
122
article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

article thumbnail

Ukrainian activists hack Trigona ransomware gang, wipe servers

Bleeping Computer

A group of cyber activists under the Ukrainian Cyber Alliance banner has hacked the servers of the Trigona ransomware gang and wiped them clean after copying all the information available. [.

Hacking 120
article thumbnail

D-Link Confirms Breach, Rebuts Hacker's Claims About Scope

Dark Reading

The router specialist says the attacker's claims to have heisted millions and millions of records are significantly overblown. But an incident did happen, stemming from a successful phish.

Phishing 117
article thumbnail

Plastic surgeries warned by the FBI that they are being targeted by cybercriminals

Graham Cluley

Plastic surgeries have been warned that they are being targeted by cybercriminals plotting to steal sensitive data - ncluding patients' medical records and photographs - that will be later used for extortion. Read more in my article on the Tripwire State of Security blog.

article thumbnail

Recognizing and Reporting Phishing

Duo's Security Blog

“Phishing is the practice of sending fraudulent communications that appear to come from a legitimate and reputable source, usually through email and text messages.” - Just one successful attack is needed Phishing can be delivered by a variety of different vehicles such as email, text, phone call (voice phishing or a “vhish”) or even social media post, instant message or QR code.

Phishing 116
article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

Critical Citrix NetScaler Flaw Exploited to Target from Government, Tech Firms

The Hacker News

Citrix is warning of exploitation of a recently disclosed critical security flaw in NetScaler ADC and Gateway appliances that could result in exposure of sensitive information. Tracked as CVE-2023-4966 (CVSS score: 9.4), the vulnerability impacts the following supported versions - NetScaler ADC and NetScaler Gateway 14.1 before 14.1-8.50 NetScaler ADC and NetScaler Gateway 13.

article thumbnail

Google Play Protect adds real-time scanning to fight Android malware

Bleeping Computer

Google has announced new, real-time scanning features for Google Play Protect that make it harder for malicious apps employing polymorphism to evade detection. [.

Malware 113
article thumbnail

Securing Web Applications: A CISO’s Checklist for Tech Leaders

Veracode Security

As a CISO, securing web applications and ensuring their resilience against evolving cyber threats is a non-negotiable priority. Verizon’s Data Breach Investigations Report 2023 cites web applications as the top attack vector by a long shot (in both breaches and incidents). Here’s a simplified checklist for securing web applications that will help you improve your organization’s security posture and the integrity of your technology.

CISO 111
article thumbnail

Navigating the Supply Chain Security Maze with SBOMs

Appknox

Dive into Appknox's SBOM blog guide. Essential for CISOs & CTOs to elevate supply chain security with unmatched transparency & proactive risk mitigation.

CISO 111
article thumbnail

IT Leadership Agrees AI is Here, but Now What?

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.