Tue.Nov 21, 2023

article thumbnail

Email Security Flaw Found in the Wild

Schneier on Security

Google’s Threat Analysis Group announced a zero-day against the Zimbra Collaboration email server that has been used against governments around the world. TAG has observed four different groups exploiting the same bug to steal email data, user credentials, and authentication tokens. Most of this activity occurred after the initial fix became public on Github.

article thumbnail

Microsoft Azure Confidential VMs Will Roll Out This December

Tech Republic Security

The partnership with Intel allows for hardware-enforced security and confidentiality on 4th Gen Xeon processors.

Big data 182
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Exploit for Critical Windows Defender Bypass Goes Public

Dark Reading

Threat actors were actively exploiting CVE-2023-36025 in Windows SmartScreen as a zero-day vulnerability before Microsoft patched it in November.

145
145
article thumbnail

Password Manager Cheat Sheet: What Is a Password Manager?

Tech Republic Security

This cheat sheet provides an overview of what a password manager is and what it does, helping you keep your online accounts safe and secure.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Inside the Operation to Bring Down Trump’s Truth Social

WIRED Threat Level

The North Atlantic Fellas Organization is trying to shut down Trump’s flailing social media platform before the 2024 election—by shitposting.

Media 143
article thumbnail

Crimeware and financial cyberthreats in 2024

SecureList

At Kaspersky, we constantly monitor the financial cyberthreat landscape, which includes threats to financial institutions, such as banks, and financially motivated threats, such as ransomware, that target a broader range of industries. As part of our Kaspersky Security Bulletin, we try to predict how these cyberthreats will evolve in the coming year to help individuals and businesses to be prepared to face them.

More Trending

article thumbnail

Experts warn of a surge in NetSupport RAT attacks against education and government sectors

Security Affairs

Experts warn of a surge in NetSupport RAT attacks against education, government, and business services sectors. The Carbon Black Managed Detection & Response team is warning of a surge in the number of new infections related to NetSupport RAT in the last few weeks. The most impacted sectors are education, government, and business services. NetSupport RAT is a remote control and desktop management software developed by NetSupport Ltd.

Education 139
article thumbnail

Thales and HPE GreenLake Expand Partnership to Offer Enhanced Data Protection

Thales Cloud Protection & Licensing

Thales and HPE GreenLake Expand Partnership to Offer Enhanced Data Protection sparsh Wed, 11/22/2023 - 06:41 In a significant stride towards bolstering data security and simplifying key management, Thales is thrilled to announce an expanded partnership with HPE GreenLake. This newfound collaboration paves the way for launching a Centralized Key Management complimentary product offering, an initiative poised to reshape the landscape of data protection and security for enterprises worldwide.

article thumbnail

Attack Signals Possible Return of Genesis Market, Abuses Node.js, and EV Code Signing

Trend Micro

The Trend Micro Managed XDR team encountered malicious operations that used techniques similar to the ones used by Genesis Market, a website for facilitating fraud that was taken down in April 2023.

Marketing 138
article thumbnail

New Agent Tesla Malware Variant Using ZPAQ Compression in Email Attacks

The Hacker News

A new variant of the Agent Tesla malware has been observed delivered via a lure file with the ZPAQ compression format to harvest data from several email clients and nearly 40 web browsers. "ZPAQ is a file compression format that offers a better compression ratio and journaling function compared to widely used formats like ZIP and RAR," G Data malware analyst Anna Lvova said in a Monday analysis.

Malware 133
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Fuel for thought: Can a driverless car get arrested?

We Live Security

What happens when problems caused by autonomous vehicles are not the result of errors, but the result of purposeful attacks?

131
131
article thumbnail

ClearFake Campaign Expands to Deliver Atomic Stealer on Macs Systems

The Hacker News

The macOS information stealer known as Atomic is now being delivered to target via a bogus web browser update chain tracked as ClearFake. "This may very well be the first time we see one of the main social engineering campaigns, previously reserved for Windows, branch out not only in terms of geolocation but also operating system," Malwarebytes' Jérôme Segura said in a Tuesday analysis.

article thumbnail

Citrix warns admins to kill NetScaler user sessions to block hackers

Bleeping Computer

Citrix reminded admins today that they must take additional measures after patching their NetScaler appliances against the CVE-2023-4966 'Citrix Bleed' vulnerability to secure vulnerable devices against attacks. [.

129
129
article thumbnail

How Multi-Stage Phishing Attacks Exploit QRs, CAPTCHAs, and Steganography

The Hacker News

Phishing attacks are steadily becoming more sophisticated, with cybercriminals investing in new ways of deceiving victims into revealing sensitive information or installing malicious software. One of the latest trends in phishing is the use of QR codes, CAPTCHAs, and steganography. See how they are carried out and learn to detect them.

Phishing 126
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Microsoft launches Defender Bounty Program with $20,000 rewards

Bleeping Computer

Microsoft has unveiled a new bug bounty program aimed at the Microsoft Defender security platform, with rewards between $500 and $20,000. [.

125
125
article thumbnail

LockBit Ransomware Exploiting Critical Citrix Bleed Vulnerability to Break In

The Hacker News

Multiple threat actors, including LockBit ransomware affiliates, are actively exploiting a recently disclosed critical security flaw in Citrix NetScaler application delivery control (ADC) and Gateway appliances to obtain initial access to target environments. The joint advisory comes from the U.S.

article thumbnail

Leverage the NIST Data Protection Cybersecurity Frameworks in 4 Steps

Security Boulevard

How data discovery and classification supports NIST cybersecurity and data privacy framework alignment, stronger security hygiene and privacy policies. The post Leverage the NIST Data Protection Cybersecurity Frameworks in 4 Steps appeared first on Security Boulevard.

article thumbnail

Lumma malware can allegedly restore expired Google auth cookies

Bleeping Computer

The Lumma information-stealer malware (aka 'LummaC2') is promoting a new feature that allegedly allows cybercriminals to restore expired Google cookies, which can be used to hijack Google accounts. [.

Malware 116
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Atomic Stealer distributed to Mac users via fake browser updates

Malwarebytes

Atomic Stealer, also known as AMOS, is a popular stealer for Mac OS. Back in September, we described how malicious ads were tricking victims into downloading this piece of malware under the disguise of a popular application. In an interesting new development, AMOS is now being delivered to Mac users via a fake browser update chain tracked as ‘ClearFake’ This may very well be the first time we see one of the main social engineering campaigns, previously reserved for Windows, branch ou

article thumbnail

Play Ransomware Goes Commercial - Now Offered as a Service to Cybercriminals

The Hacker News

The ransomware strain known as Play is now being offered to other threat actors "as a service," new evidence unearthed by Adlumin has revealed.

article thumbnail

Hacktivists breach U.S. nuclear research lab, steal employee data

Bleeping Computer

The Idaho National Laboratory (INL) confirms they suffered a cyberattack after 'SiegedSec' hacktivists leaked stolen human resources data online.

114
114
article thumbnail

Nothing Chats pulled from Google Play

Malwarebytes

Sometimes it’s all in the name. The Nothing Chats beta has been pulled from the Google Play Store after reports that the company behind it has access to your (unencrypted) messages. Nothing Phone 2 owners were promised a first-of-its-kind app developed in partnership with Sunbird, which allowed them to message other iMessage users via blue bubbles on their Nothing Phone.

article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

article thumbnail

Kinsing Hackers Exploit Apache ActiveMQ Vulnerability to Deploy Linux Rootkits

The Hacker News

The Kinsing threat actors are actively exploiting a critical security flaw in vulnerable Apache ActiveMQ servers to infect Linux systems with cryptocurrency miners and rootkits.

article thumbnail

Researchers Published PoC Exploit for Windows Zero-Day CVE-2023-36025 Vulnerability

Penetration Testing

Security researchers have deconstructed the patch released by Microsoft and crafted a proof-of-concept (PoC) exploit for the CVE-2023-36025 vulnerability. This flaw has been discovered and patched, but not before it was actively exploited by... The post Researchers Published PoC Exploit for Windows Zero-Day CVE-2023-36025 Vulnerability appeared first on Penetration Testing.

article thumbnail

Exploring Weaknesses in Private 5G Networks

Trend Micro

Dive into the world of private 5G networks and learn about a critical security vulnerability that could expose IoT devices to attacks from external networks.

IoT 108
article thumbnail

DPRK Hackers Masquerade as Tech Recruiters, Job Seekers

Dark Reading

No one has turned the job market into an attack surface quite like North Korea, which plays both sides for financial gain and, possibly, espionage.

Marketing 107
article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

Tor Project removed several relays associated with a suspicious cryptocurrency scheme

Security Affairs

The Tor Project removed several relays that were used as part of a cryptocurrency scheme and represented a threat to the users. The Tor Project announced the removal of multiple network relays that were involved in a cryptocurrency scheme. A Tor network relay is a server that operates within the Tor network and routes data through a series of relays with the end goal of anonymizing the original source of the traffic.

article thumbnail

Microsoft now rolling out Copilot to Windows 10 devices

Bleeping Computer

Microsoft is now rolling out the Copilot AI assistant to eligible non-managed systems enrolled in the Windows Insider program and running Windows 10 22H2 Home and Pro editions. [.

103
103
article thumbnail

Major Saudi University to Offer AI, Cybersecurity Studies

Dark Reading

University of Jeddah partners with Resecurity to teach cybersecurity skills.

article thumbnail

DOJ Charges Binance With Vast Money Laundering Scheme and Sanctions Violations

WIRED Threat Level

From Russia to Iran, the feds have charged Binance with allegedly conducting well over $1 billion in transactions with sanctioned countries and criminal actors.

article thumbnail

IT Leadership Agrees AI is Here, but Now What?

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.