Schneier on Security

JUNE 20, 2024

Interesting summary of various ways to derive the public key from digitally signed files. Normally, with a signature scheme, you have the public key and want to know whether a given signature is valid. But what if we instead have a message and a signature, assume the signature is valid, and want to know which public key signed it? A rather delightful property if you want to attack anonymity in some proposed “everybody just uses cryptographic signatures for everything” scheme.

266

266

The Last Watchdog

JUNE 20, 2024

CISOs have been on something of a wild roller coaster ride the past few years. Related: Why breaches persist When Covid 19 hit in early 2020, the need to secure company networks in a new way led to panic spending on cybersecurity tools. Given carte blanche, many CISOs purchased a hodge podge of unproven point solutions, adding to complexity. By mid-2022, with interest rates climbing and the stock market cratering, CFOs began demanding proof of a reasonable return on investment.

CISO 130

CISO Marketing Cyber Risk Cybersecurity 130

The Hacker News

JUNE 20, 2024

The U.S. Department of Commerce's Bureau of Industry and Security (BIS) on Thursday announced a "first of its kind" ban that prohibits Kaspersky Lab's U.S. subsidiary from directly or indirectly offering its security software in the country.

Software 137

Software Risk Cybersecurity 137

Security Affairs

JUNE 20, 2024

A researcher discovered a flaw that allows attackers to impersonate Microsoft corporate email accounts and launch phishing attacks. The security researcher Vsevolod Kokorin (@Slonser) discovered a bug that allows anyone to impersonate Microsoft corporate email accounts. An attacker can trigger the vulnerability to launch phishing attacks. I want to share my recent case: > I found a vulnerability that allows sending a message from any user@domain > We cannot reproduce it > I send a v

Accountability 128

Accountability Phishing Hacking Information Security 128

Advertisement

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.

Cybersecurity

The Hacker News

JUNE 20, 2024

Cybersecurity researchers have disclosed details of a now-patched security flaw in Phoenix SecureCore UEFI firmware that affects multiple families of Intel Core desktop and mobile processors. Tracked as CVE-2024-0762 (CVSS score: 7.

Firmware 134

Firmware Mobile Cybersecurity 134

Bleeping Computer

JUNE 20, 2024

Today, the Biden administration has announced an upcoming ban of Kaspersky antivirus software and the pushing of software updates to US companies and consumers, giving customers until September 29, 2024, to find alternative security software. [.

Antivirus 129

Antivirus Software Government 129

Bleeping Computer

JUNE 20, 2024

A newly discovered vulnerability in Phoenix SecureCore UEFI firmware tracked as CVE-2024-0762 impacts devices running numerous Intel CPUs, with Lenovo already releasing new firmware updates to resolve the flaw. [.

Firmware 125

Firmware 125

Security Boulevard

JUNE 20, 2024

An analysis of ransomware attacks claimed to have been perpetrated by cybercriminal syndicates that was published today by NCC Group, a provider of managed security services, finds LockBit 3.0 has reemerged to claim the top spot amongst the most prominent threat actors. Previously dormant following the groups’ takedown by law enforcement officials earlier this year, The post Report Details Reemergence of Lockbit 3.0 Ransomware Syndicate appeared first on Security Boulevard.

Ransomware 125

Ransomware Malware Cybersecurity 125

Tech Republic Security

JUNE 20, 2024

Which VPN is better, Norton Secure VPN or Surfshark? Use our guide to compare pricing, features and more.

VPN 149

VPN 149

The Hacker News

JUNE 20, 2024

A new Rust-based information stealer malware called Fickle Stealer has been observed being delivered via multiple attack chains with the goal of harvesting sensitive information from compromised hosts.

Malware 121

Malware 121

Speaker: Speakers:

In today's digital age, having an untrained workforce can be a significant risk to your business. Cyber threats are evolving; without proper training, your employees could be the weakest link in your defense. This webinar empowers leaders like you with the tools and strategies needed to transform your employees into a robust frontline defense against cyber attacks.

Cyber Attacks

Pen Test Partners

JUNE 20, 2024

TL;DR “Hard drive” had reflashed firmware to make it look larger Buyer beware: Cheap storage may not be the value you think it is Background Earlier this year I found myself in need of various cheap electronic components. So naturally I turned to AliExpress. I came across a listing for a cheap “32TB Portable SSD”. I knew this was too good to be true but at £21 I thought it would be interesting to take a look at what I actually got.

Computers and Electronics 118

Computers and Electronics Firmware 118

Security Boulevard

JUNE 20, 2024

Cato Networks today launched a framework for IT services partners that promises to make it simple to integrate its secure access service edge (SASE) service with third-party services. The post Cato Networks Launches SASE Platform for Partners appeared first on Security Boulevard.

Cybersecurity 117

Cybersecurity 117

Bleeping Computer

JUNE 20, 2024

Car dealership SaaS platform CDK Global suffered an additional breach Wednesday night as it was starting to restore systems shut down in an previous cyberattack. [.

Hacking 120

Hacking 120

Security Boulevard

JUNE 20, 2024

As businesses increasingly migrate to the cloud, ensuring the security of cloud infrastructure becomes paramount. Cloud security testing, particularly cloud penetration testing, is critical to identifying and mitigating security vulnerabilities within your cloud environments. This detailed guide will walk you through the process of conducting effective cloud penetration testing.

Penetration Testing 117

Penetration Testing 117

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Bleeping Computer

JUNE 20, 2024

A suspected Chinese threat actor tracked as UNC3886 uses publicly available open-source rootkits named 'Reptile' and 'Medusa' to remain hidden on VMware ESXi virtual machines, allowing them to conduct credential theft, command execution, and lateral movement. [.

115

115

Security Boulevard

JUNE 20, 2024

The post Navigating the Aftermath of the Ticketmaster Breach appeared first on Votiro. The post Navigating the Aftermath of the Ticketmaster Breach appeared first on Security Boulevard.

113

113

Security Affairs

JUNE 20, 2024

Australian software company Atlassian addressed multiple high-severity vulnerabilities in its Confluence, Crucible, and Jira solutions. Atlassian June 2024 Security Bulletin addressed nine high-severity vulnerabilities in Confluence, Crucible, and Jira products. The most severe issue addressed by the company is an improper authorization org.springframework.security:spring-security-core dependency in Confluence Data Center and Server.

Software 111

Software Hacking Information Security 111

The Hacker News

JUNE 20, 2024

State-sponsored actors with ties to Russia have been linked to targeted cyber attacks aimed at French diplomatic entities, the country's information security agency ANSSI said in an advisory.

Cyber Attacks 111

Cyber Attacks Information Security 111

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Security Boulevard

JUNE 20, 2024

The US government has banned the sale of Kaspersky products and services. Here's how to find Kaspersky products in your network. The post How to find Kaspersky products with runZero appeared first on Security Boulevard.

Government 109

Government 109

Security Affairs

JUNE 20, 2024

New Rust-based Fickle Malware Uses PowerShell for UAC Bypass and Data Exfiltration A new Rust malware called Fickle Stealer spreads through various attack methods and steals sensitive information. Fortinet FortiGuard Labs researchers detected a new Rust-based information stealer called Fickle Stealer which spread through multiple attack vectors. The malware has an intricate code and relies on multiple strategies for its distribution, including VBA dropper, VBA downloader, link downloader, and ex

Malware 107

Malware Engineering Hacking Accountability 107

Bleeping Computer

JUNE 20, 2024

The RansomHub ransomware operation is using a Linux encryptor designed specifically to encrypt VMware ESXi environments in corporate attacks. [.

Ransomware 121

Ransomware Encryption 121

Graham Cluley

JUNE 20, 2024

Qilin (also known as Agenda) is a ransomware-as-a-service criminal operation that works with affiliates, encrypting and exfiltrating the data of hacked organisations and then demanding a ransom be paid. Read more in my article on the Tripwire State of Security blog.

Ransomware 107

Ransomware Encryption Hacking Data breaches 107

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity

The Hacker News

JUNE 20, 2024

Highlights Complex Tool Landscape: Explore the wide array of cybersecurity tools used by MSPs, highlighting the common challenge of managing multiple systems that may overlap in functionality but lack integration.

Cybersecurity 106

Cybersecurity 106

Penetration Testing

JUNE 20, 2024

A critical vulnerability in a popular PrestaShop module, “Facebook” (pkfacebook) by Promokit.eu, has been discovered and is being actively exploited by cybercriminals to deploy web skimmers and steal credit card data. The vulnerability, identified... The post PrestaShop Sites Under Attack via Facebook Module Vulnerability (CVE-2024-36680) appeared first on Cybersecurity News.

Cybersecurity 111

Cybersecurity 111

SecureWorld News

JUNE 20, 2024

As defenders of digital assets, Chief Information Security Officers (CISOs) and cybersecurity professionals face immense pressure, often leading to burnout. This phenomenon is not just anecdotal; several studies have highlighted the alarming prevalence of burnout in the cybersecurity industry. A new report out Tuesday by Hack The Box has found that enterprises are losing approximately $626 million in lost productivity due to security practitioners feeling the squeeze on their mental health.

CISO 101

CISO Cybersecurity Technology Digital transformation 101

Security Boulevard

JUNE 20, 2024

CHOROLOGY.ai today emerged from stealth to apply generative artificial intelligence (AI) to data governance. The post CHOROLOGY Emerges to Apply Generative AI to Data Governance appeared first on Security Boulevard.

Government 97

Government Artificial Intelligence Data privacy Risk 97

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

Graham Cluley

JUNE 20, 2024

Newly-released research indicates that ransomware attacks reached a record high in May, with the surge primarily fueled by a massive increase in the number of attacks perpetrated by the LockBit ransomware group and its affiliates. Read more in my article on the Exponential-e blog.

Ransomware 95

Ransomware Malware 95

Security Affairs

JUNE 20, 2024

Resecurity researchers warn of a new activity of Smishing Triad , which has expanded its operations to Pakistan. Resecurity has identified a new activity of Smishing Triad , which has expanded its operations to Pakistan. The group’s latest tactic involves sending malicious messages on behalf of Pakistan Post to customers of mobile carriers via iMessage/SMS.

Banking 90

Banking Data breaches Mobile Phishing 90

Google Security

JUNE 20, 2024

Posted by Benjamin Ackerman, Anunoy Ghosh and David Warren, Chrome Security Team Chrome extensions can boost your browsing, empowering you to do anything from customizing the look of sites to providing personalized advice when you’re planning a vacation. But as with any software, extensions can also introduce risk. That’s why we have a team whose only job is to focus on keeping you safe as you install and take advantage of Chrome extensions.

Risk 87

Risk Malware Phishing Software 87

SecureWorld News

JUNE 20, 2024

A recently discovered high-severity vulnerability in Phoenix Technologies' SecureCore UEFI firmware has raised concerns across the cybersecurity landscape. The vulnerability, tracked as CVE-2024-0762 and dubbed "UEFIcanhazbufferoverflow," potentially affects hundreds of PC and server models that use Intel processors. Eclypsium, the cybersecurity firm that discovered the vulnerability, reports that it "allows a local attacker to escalate privileges and gain code execution within the UEFI firmware

Firmware 86

Firmware Manufacturing Cyber threats Cybersecurity 86

Advertisement

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

Identity Theft