Fri.Sep 29, 2023

article thumbnail

Weekly Update 367

Troy Hunt

Ah, home 😊 It's been more than a month since I've been able to sit at this desk and stream a weekly video. And now I'm doing it with the glorious spring weather just outside my window, which I really must make more time to start enjoying. Anyway, this week is super casual due to having had zero prep time, but I hope the discussion about the ABC's piece on HIBP and I in particular is interesting.

Passwords 256
article thumbnail

ZenRAT Malware Targets Windows Users Via Fake Bitwarden Password Manager Installation Package

Tech Republic Security

We talked to Proofpoint researchers about this new malware threat and how it infects Windows systems to steal information.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Lazarus luring employees with trojanized coding challenges: The case of a Spanish aerospace company

We Live Security

ESET researchers uncover a Lazarus attack against an aerospace company in Spain, where the group deployed several tools, including a publicly undocumented backdoor we named LightlessCan.

145
145
article thumbnail

Video Encoding Library Leaves Chrome, Firefox and More Open to Zero-Day Attack

Tech Republic Security

Google and Mozilla have patched the zero-day vulnerability, which originates in the libvpx library.

Software 181
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

A still unpatched zero-day RCE impacts more than 3.5M Exim servers

Security Affairs

Experts warn of a critical zero-day vulnerability, tracked as CVE-2023-42115, in all versions of Exim mail transfer agent (MTA) software. A critical zero-day vulnerability, tracked as CVE-2023-42115 (CVSS score 9.8), affects all versions of Exim mail transfer agent (MTA) software. A remote, unauthenticated attacker, can exploit the vulnerability to gain remote code execution (RCE) on Internet-exposed servers.

Software 144
article thumbnail

Censys Reveals Open Directories Share More Than 2,000 TB of Unprotected Data

Tech Republic Security

These open directories could leak sensitive data, intellectual property or technical data and let an attacker compromise the entire system. Follow these security best practices for open directories.

Big data 157

More Trending

article thumbnail

Exploit released for Microsoft SharePoint Server auth bypass flaw

Bleeping Computer

Proof-of-concept exploit code has surfaced on GitHub for a critical authentication bypass vulnerability in Microsoft SharePoint Server, allowing privilege escalation. [.

article thumbnail

Chinese threat actors stole around 60,000 emails from US State Department in Microsoft breach

Security Affairs

China-linked threat actors stole around 60,000 emails from U.S. State Department after breaching Microsoft’s Exchange email platform in May. China-linked hackers who breached Microsoft’s email platform in May have stolen tens of thousands of emails from U.S. State Department accounts, a Senate staffer told Reuters this week. During a briefing by U.S.

article thumbnail

Microsoft's AI-Powered Bing Chat Ads May Lead Users to Malware-Distributing Sites

The Hacker News

Malicious ads served inside Microsoft Bing's artificial intelligence (AI) chatbot are being used to distribute malware when searching for popular tools. The findings come from Malwarebytes, which revealed that unsuspecting users can be tricked into visiting booby-trapped sites and installing malware directly from Bing Chat conversations.

article thumbnail

Protect Your Passwords for Life for Just $30

Tech Republic Security

Automatically create and save passwords, fill in forms and logins, even securely share passwords and sync across all of your devices via WiFi.

Passwords 130
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Update Chrome now! Google patches another actively exploited vulnerability

Malwarebytes

Google has updated the Stable Channel for Chrome to 117.0.5938.132 for Windows, Mac and Linux. This update includes ten security fixes. According to Google there is an active exploit for one of the patched vulnerabilities, which means cybercriminals are aware of the vulnerability and are using it. The easiest way to update Chrome is to allow it to update automatically, which basically uses the same method as outlined below but does not require your attention.

Software 128
article thumbnail

Three men found guilty of laundering $2.5 million in Target gift card tech support scam

Graham Cluley

Three Californian residents have been convicted of laundering millions of dollars tricked out of older adults who had fallen victim to government-imposter and tech support scams. Read more in my article on the Hot for Security blog.

Scams 123
article thumbnail

Discord is investigating cause of ‘You have been blocked’ errors

Bleeping Computer

Many Discord users attempting to access the popular instant messaging and VoIP social platform today have been met with a scary "Sorry, you have been blocked" message. [.

123
123
article thumbnail

Cybercriminals Using New ASMCrypt Malware Loader to Fly Under the Radar

The Hacker News

Threat actors are selling a new crypter and loader called ASMCrypt, which has been described as an "evolved version" of another loader malware known as DoubleFinger. "The idea behind this type of malware is to load the final payload without the loading process or the payload itself being detected by AV/EDR, etc.," Kaspersky said in an analysis published this week.

Malware 119
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Millions of Exim mail servers exposed to zero-day RCE attacks

Bleeping Computer

A critical zero-day vulnerability in all versions of Exim mail transfer agent (MTA) software can let unauthenticated attackers gain remote code execution (RCE) on Internet-exposed servers. [.

Internet 118
article thumbnail

New Critical Security Flaws Expose Exim Mail Servers to Remote Attacks

The Hacker News

Multiple security vulnerabilities have been disclosed in the Exim mail transfer agent that, if successfully exploited, could result in information disclosure and remote code execution. The list of flaws, which were reported anonymously way back in June 2022, is as follows - CVE-2023-42114 (CVSS score: 3.

119
119
article thumbnail

ZeroFont trick makes users think that message has been scanned for threats

Graham Cluley

Attackers are using the "ZeroFont" technique to manipulate the preview of a message to suggest it had already been scanned for threats. Read more in my article in the Tripwire State of Security blog.

Phishing 117
article thumbnail

Lazarus Group Impersonates Recruiter from Meta to Target Spanish Aerospace Firm

The Hacker News

The North Korea-linked Lazarus Group has been linked to a cyber espionage attack targeting an unnamed aerospace company in Spain in which employees of the firm were approached by the threat actor posing as a recruiter for Meta.

116
116
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

DHS: Physical Security a Concern in Johnson Controls Cyberattack

Dark Reading

An internal memo cites DHS floor plans that could have been accessed in the breach.

114
114
article thumbnail

Dependabot impersonators cause trouble on GitHub

Malwarebytes

GitHub is experiencing issues of the “breached account and malicious code” variety. ITPro reports that unnamed individuals have been compromising accounts and using them to install malware capable of password theft. It’s a fairly elaborate scam which even includes imitation of GitHub’s popular Dependabot feature. To make this scam work, attackers first obtained access tokens belonging to their targets.

article thumbnail

People Still Matter in Cybersecurity Management

Dark Reading

Cybersecurity's constant stream of shiny new things shouldn't distract managers from their focus on the people they're protecting.

article thumbnail

Introducing Digital Guardian Secure Collaboration

Digital Guardian

Going forward, customers of Digital Guardian Secure Collaboration, formerly Vera, can find everything they need about the product, including support on Digital Guardian's website.

109
109
article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

article thumbnail

Move Over, MOVEit: Critical Progress Bug Infests WS_FTP Software

Dark Reading

In the wake of Cl0p's MOVEit rampage, Progress Software is sending file-transfer customers scrambling again — this time to patch a critical bug that is easily exploitable with a specially crafted HTTPS POST request.

Software 110
article thumbnail

Post-Quantum Cryptography: Finally Real in Consumer Apps?

The Hacker News

Most people are barely thinking about basic cybersecurity, let alone post-quantum cryptography. But the impact of a post-quantum world is coming for them regardless of whether or not it's keeping them up tonight.

article thumbnail

How to Implement Single Sign-On in Your Organization

SecureWorld News

Single Sign-On (SSO) is a technology that allows users to access multiple applications with a single set of login credentials. This can make it easier for users to log in to applications and can also help to improve security. There are many different SSO vendors available, each with its own strengths and weaknesses. When choosing an SSO vendor, it is important to consider the following factors: Features: What features are important to you?

article thumbnail

Spyware Vendor Targets Egyptian Orgs With Rare iOS Exploit Chain

Dark Reading

The Israeli company developed highly-targeted, mobile malware that would make any APT jealous.

Spyware 104
article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

Lazarus hackers breach aerospace firm with new LightlessCan malware

Bleeping Computer

The North Korean 'Lazarus' hacking group targeted employees of an aerospace company located in Spain with fake job opportunities to hack into the corporate network using a previously unknown 'LightlessCan' backdoor. [.

Malware 102
article thumbnail

12 Benefits of Zero Trust for Mid-Sized Businesses

Heimadal Security

Zero Trust security is evolving from “nice to have” to an absolute must for organizations everywhere. Fortunately, Zero Trust offers numerous advantages to companies of all sizes, including medium-sized ones. While achieving full Zero Trust is a long-term goal, even partial Zero Trust environments help businesses of this size enhance their security posture and benefit […] The post 12 Benefits of Zero Trust for Mid-Sized Businesses appeared first on Heimdal Security Blog.

101
101
article thumbnail

Cybersecurity Gaps Plague US State Department, GAO Report Warns

Dark Reading

The federal department that oversees the US diplomatic corps abroad suffers a serious lack of visibility into the cyber threats it faces and the security vulnerabilities it's harboring.

article thumbnail

Government Shutdown Could Severely Impact U.S. Cybersecurity

SecureWorld News

As the clock ticks down to another potential shutdown of the U.S. federal government, concerns are mounting over the impact such an event could have on the cybersecurity of the United States. The U.S. Cybersecurity and Infrastructure Security Agency (CISA), the agency tasked with safeguarding the nation's critical infrastructure and defending against cyber threats, is facing the possibility of losing a significant portion of its workforce.

article thumbnail

IT Leadership Agrees AI is Here, but Now What?

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.