Wed.Sep 27, 2023

article thumbnail

Critical Vulnerability in libwebp Library

Schneier on Security

Both Apple and Google have recently reported critical vulnerabilities in their systems—iOS and Chrome, respectively—that are ultimately the result of the same vulnerability in the libwebp library: On Thursday, researchers from security firm Rezillion published evidence that they said made it “highly likely” both indeed stemmed from the same bug, specifically in libwebp, the code library that apps, operating systems, and other code libraries incorporate to process WebP ima

332
332
article thumbnail

‘Snatch’ Ransom Group Exposes Visitor IP Addresses

Krebs on Security

The victim shaming site operated by the Snatch ransomware group is leaking data about its true online location and internal operations, as well as the Internet addresses of its visitors, KrebsOnSecurity has found. The leaked data suggest that Snatch is one of several ransomware groups using paid ads on Google.com to trick people into installing malware disguised as popular free software, such as Microsoft Teams , Adobe Reader , Mozilla Thunderbird , and Discord.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

BREAKING NEWS Q&A: What Cisco’s $28 billion buyout of Splunk foretells about cybersecurity

The Last Watchdog

There’s a tiny bit more to Cisco’s acquisition of Splunk than just a lumbering hardware giant striving to secure a firmer foothold in the software business. Related: Why ‘observability’ is rising to the fo re Cisco CEO Chuck Robbins has laid down a $28 billion bet that he’ll be able to overcome challenges Cisco is facing as its networking equipment business slows, beset by supply chain issues and reduced demand, post Covid 19.

article thumbnail

Atlas VPN Review (2023): Features, Pricing, Alternatives

Tech Republic Security

Atlas VPN is a budget-friendly VPN that offers a unique IP address swapping feature perfect for privacy enthusiasts.

VPN 162
article thumbnail

Why Giant Content Libraries Do Nothing for Your Employees’ Cyber Resilience

Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.

article thumbnail

Malicious ad served inside Bing's AI chatbot

Malwarebytes

In February 2023, Microsoft disclosed its new AI-assisted search engine, Bing Chat, powered by OpenAI's GPT-4. Even though Google has been dominating the search industry for years, this event was significant enough to generate not only interest but also plant the seed for a possible change in the balance in the future. Considering that tech giants make most of their revenue from advertising, it wasn't surprising to see Microsoft introduce ads into Bing Chat shortly after its release.

Malware 145
article thumbnail

DarkBeam leaks billions of email and password combinations

Security Affairs

DarkBeam left an Elasticsearch and Kibana interface unprotected, exposing records from previously reported and non-reported data breaches. The leaked logins present cybercriminals with almost limitless attack capabilities. DarkBeam, a digital risk protection firm, left an Elasticsearch and Kibana interface unprotected, exposing records with user emails and passwords from previously reported and non-reported data breaches.

Passwords 145

LifeWorks

More Trending

article thumbnail

Pegasus spyware and how it exploited a WebP vulnerability

Malwarebytes

Recent events have demonstrated very clearly just how persistent and wide-spread the Pegasus spyware is. For those that have missed the subtle clues, we have tried to construct a clear picture. We attempted to follow the timeline of events, but have made some adjustments to keep the flow of the story alive. On September 12, 2023 we published two blogs urging our readers to urgently patch two Apple issues which were added to the catalog of known exploited vulnerabilities by the Cybersecurity &

Spyware 145
article thumbnail

New ZenRAT Malware Targeting Windows Users via Fake Password Manager Software

The Hacker News

A new malware strain called ZenRAT has emerged in the wild that's distributed via bogus installation packages of the Bitwarden password manager. "The malware is specifically targeting Windows users and will redirect people using other hosts to a benign web page," enterprise security firm Proofpoint said in a technical report.

article thumbnail

Google’s Bard conversations turn up in search results

Malwarebytes

Google is coming under scrutiny after people discovered transcripts of conversations with its AI chatbot Bard are being indexed in Google search results. Bard is Google’s answer to ChatGPT, and allows users to have conversations with an AI. Services like these have attracted a lot of attention, because with a bit of tweaking and getting used to they can be really helpful in speeding up tasks.

article thumbnail

Researchers Uncover New GPU Side-Channel Vulnerability Leaking Sensitive Data

The Hacker News

A novel side-channel attack called GPU.zip renders virtually all modern graphics processing units (GPU) vulnerable to information leakage.

Software 141
article thumbnail

Zero Trust Mandate: The Realities, Requirements and Roadmap

The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.

article thumbnail

Russian zero-day broker is willing to pay $20M for zero-day exploits for iPhones and Android devices

Security Affairs

A Russian zero-day broker is willing to pay $20 million for zero-day exploits for iPhones and Android mobile devices. The Russian zero-day broker firm Operation Zero is increasing payouts for top-tier mobile exploits. The company is willing to pay up to $20,000,000 for zero-day exploits for iPhone and Android devices. Due to high demand on the market, we're increasing payouts for top-tier mobile exploits.

Mobile 140
article thumbnail

QR codes in email phishing

SecureList

QR codes are everywhere: you can see them on posters and leaflets, ATM screens, price tags and merchandise, historical buildings and monuments. People use them to share information, promote various online resources, pay for their goodies, and pass verification. And yet you don’t see lots of QR codes in email: users often read messages on their phones without any other device handy for scanning.

Phishing 137
article thumbnail

Red Cross-Themed Phishing Attacks Distributing DangerAds and AtlasAgent Backdoors

The Hacker News

A new threat actor known as AtlasCross has been observed leveraging Red Cross-themed phishing lures to deliver two previously undocumented backdoors named DangerAds and AtlasAgent.

Phishing 137
article thumbnail

China-linked APT BlackTech was spotted hiding in Cisco router firmware

Security Affairs

US and Japanese authorities warn that a China-linked APT BlackTech planted backdoor in Cisco router firmware to hack the businesses in both countries. US and Japanese intelligence, law enforcement and cybersecurity agencies warn of a China-linked APT, tracked as BlackTech (aka Palmerworm, Temp.Overboard, Circuit Panda, and Radio Panda), that planted backdoor in Cisco router firmware to access multinational companies’ networks.

Firmware 136
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Building automation giant Johnson Controls hit by ransomware attack

Bleeping Computer

Johnson Controls International has suffered what is described as a massive ransomware attack that encrypted many of the company devices, including VMware ESXi servers, impacting the company's and its subsidiaries' operations. [.

article thumbnail

Watch out! CVE-2023-5129 in libwebp library affects millions applications

Security Affairs

Google assigned a maximum score to a critical security flaw, tracked as CVE-2023-5129, in the libwebp image library for rendering images in the WebP format. Google assigned a new CVE identifier for a critical vulnerability, tracked as CVE-2023-5129 (CVSS score 10,0), in the libwebp image library for rendering images in the WebP format. The flaw was initially tracked as CVE-2023-4863 , because researchers believed that it was only impacting the Google Chrome browser.

Spyware 133
article thumbnail

New Survey Uncovers How Companies Are Confronting Data Security Challenges Head-On

The Hacker News

Data security is in the headlines often, and it’s almost never for a positive reason. Major breaches, new ways to hack into an organization’s supposedly secure data, and other threats make the news because well, it’s scary — and expensive.

article thumbnail

‘Ransomed.vc’ in the Spotlight – What is Known About the Ransomware Group Targeting Sony and NTT Docomo

Security Affairs

Following the recently announced data leak from Sony, Ransomed.vc group claimed the hack of the Japanese giant NTT Docomo. Following the recently announced data leak from Sony , the notorious ransomware syndicate Ransomed.vc announced a new victim today in face of the largest Japanese telecommunication giant NTT Docomo. Notably, the announcement came almost synchronously with the publication of the new leaked data from Sony shedding some light on the precursor of the data breach.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

ICS Reconnaissance Attacks – Introduction to Exploiting Modbus

IT Security Guru

Despite being widely used in Industrial Control Systems (ICS), Modbus has been recognised as an insecure protocol. Securing and attacking Modbus has therefore been a topic for years, and it was first in 2018 that the Modbus Security protocol (MSP) was published, nearly 40 years after the initial introduction of Modbus. This article will introduce some common Modbus reconnaissance attacks, as well as briefly discussing the impact of MSP on those attacks.

article thumbnail

China APT Cracks Cisco Firmware in Attacks Against the US and Japan

Dark Reading

Sophisticated hackers are rewriting router firmware in real time and hiding their footprints, leaving defenders with hardly a fighting chance.

Firmware 131
article thumbnail

News alert: DigitalAPICraft and Google partner to simplify development, integration of new apps

The Last Watchdog

London, UK and Austin, Tex., Sept. 27, 2023 — Organisations around the world are rushing to build API (application programming interface) marketplaces to foster greater connectivity between them and their partners and users. Global spend on API marketplaces is set to reach $50b by 2030 and helping organizations make them a success, DigitalAPICraft is today announcing their partnership with Google and the appointment of HSBC exec Marco Tedone as CTO as they scale the business.

article thumbnail

SMS Security & Privacy Gaps Make It Clear Users Need a Messaging Upgrade

Google Security

Posted by Eugene Liderman and Roger Piqueras Jover SMS texting is frozen in time. People still use and rely on trillions of SMS texts each year to exchange messages with friends, share family photos, and copy two-factor authentication codes to access sensitive data in their bank accounts. It’s hard to believe that at a time where technologies like AI are transforming our world, a forty-year old mobile messaging standard is still so prevalent.

Mobile 129
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

5 of the top programming languages for cybersecurity

We Live Security

While far from all roles in security explicitly demand coding skills, it’s challenging to envision a career in this field that wouldn’t derive substantial advantages from at least a basic understanding of fundamental coding principles

article thumbnail

Google fixes fifth actively exploited Chrome zero-day of 2023

Bleeping Computer

Google has patched the fifth Chrome zero-day vulnerability exploited in attacks since the start of the year in emergency security updates released today. [.

126
126
article thumbnail

Xenomorph hunts cryptocurrency logins on Android

Malwarebytes

Cryptocurrency owners should take heed of warnings related to Xenomorph malware—Bleeping Computer reports that the most recent version of Xenomorph now targets various cryptocurrency wallets using fake browser update messaging as bait. Xenomorph is roughly a year old, first springing to prominence after an installation campaign via the Google Play store resulted in more than 50,000 hijacked Android phones.

article thumbnail

Phobos Ransomware: Everything You Need to Know and More

Heimadal Security

In the ever-evolving landscape of cyber threats, ransomware remains a pervasive and destructive weapon in the arsenal of cybercriminals. Among the various ransomware strains, Phobos has gained notoriety for its sophisticated capabilities and devastating consequences. This article delves into Phobos ransomware, exploring its origins, modus operandi, impact, and prevention measures.

article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

How the Okta Cross-Tenant Impersonation Attacks Succeeded

Dark Reading

Sophisticated attacks on MGM and Caesars underscore the reality that even robust identity and access management may not be enough to protect you.

119
119
article thumbnail

Fake Bitwarden sites push new ZenRAT password-stealing malware

Bleeping Computer

Fake Bitwarden sites are pushing installers purportedly for the open-source password manager that carry a new password-stealing malware that security researchers call ZenRAT. [.

Passwords 116
article thumbnail

SoundThinking, Maker of ShotSpotter, Is Buying Parts of PredPol Creator Geolitica

WIRED Threat Level

SoundThinking is purchasing parts of Geolitica, the company that created PredPol. Experts say the acquisition marks a new era of companies dictating how police operate.

Software 115
article thumbnail

Researchers Release Details of New RCE Exploit Chain for SharePoint

Dark Reading

One of the already-patched flaws enables elevation of privilege, while the other enables remote code execution.

115
115
article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!