Thu.Nov 02, 2023

article thumbnail

Russian Reshipping Service ‘SWAT USA Drop’ Exposed

Krebs on Security

The login page for the criminal reshipping service SWAT USA Drop. One of the largest cybercrime services for laundering stolen merchandise was hacked recently, exposing its internal operations, finances and organizational structure. Here’s a closer look at the Russia-based SWAT USA Drop Service , which currently employs more than 1,200 people across the United States who are knowingly or unwittingly involved in reshipping expensive consumer goods purchased with stolen credit cards.

article thumbnail

Weekly Update 372

Troy Hunt

Yes, the Lenovo is Chinese. No, I'm not worried about Superfish. Yes, I'm running windows. No, I don't want a Framework laptop. Seemed to be a lot of time this week gone on talking all things laptops, and there are clearly some very differing views on the topic. Some good suggestions, some neat alternatives and some ideas that, well, just seem a little crazy.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Spyware in India

Schneier on Security

Apple has warned leaders of the opposition government in India that their phones are being spied on: Multiple top leaders of India’s opposition parties and several journalists have received a notification from Apple, saying that “Apple believes you are being targeted by state-sponsored attackers who are trying to remotely compromise the iPhone associated with your Apple ID ….” AccessNow puts this in context : For India to uphold fundamental rights, authorities must initiate an immedi

Spyware 290
article thumbnail

G7 Countries Establish Voluntary AI Code of Conduct

Tech Republic Security

The code of conduct provides guidelines for AI regulation across G7 countries and includes cybersecurity considerations and international standards.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

How to become an ethical hacker: A step-by-step guide

Hack the Box

Our Head of Security, Ben Rollin, calls on more than a decade of experience in cybersecurity to break down the practical steps to a career in ethical hacking.

Hacking 145
article thumbnail

UK AI Safety Summit: Global Powers Make ‘Landmark’ Pledge to AI Safety

Tech Republic Security

Global leaders from 28 nations have gathered in the U.K. for an influential summit dedicated to AI regulation and safety. Here’s what you need to know.

More Trending

article thumbnail

SEC Charges SolarWinds and CISO With Fraud Related to 2020 Cyberattack

Tech Republic Security

SolarWinds CISO Timothy G. Brown is specifically named for allegedly failing to inform investors or act on known security vulnerabilities.

CISO 147
article thumbnail

Okta discloses a new data breach after a third-party vendor was hacked

Security Affairs

Okta warns approximately 5,000 employees that their personal information was compromised due to a third-party vendor data breach. Cloud identity and access management solutions provider Okta warns nearly 5,000 employees that their personal information was exposed due to a data breach suffered by the third-party vendor Rightway Healthcare. According to the data breach notification, Rightway Healthcare notified Okta that an unauthorized actor gained access an eligibility census file maintained by

article thumbnail

Abusing Entra ID Misconfigurations to Bypass MFA

NetSpi Technical

On a recent external assessment, I stumbled upon a method to bypass a client’s MFA requirement: access a single-sign on (SSO) token and leverage that token to access internal applications that—by policy—should have been locked behind an MFA prompt, all without triggering an MFA alert on the end-user’s mobile device. This was possible due to a misconfiguration in the client’s Entra ID Conditional Access Policy for third-party MFA and a first-party integration with the myaccount.microsoft.co

article thumbnail

Clop group obtained access to the email addresses of about 632,000 US federal employees

Security Affairs

Clop ransomware gang gained access to the email addresses of more than 632K US federal employees at the departments of Defense and Justice. Russian-speaking Clop ransomware group gained access to the email addresses of about 632,000 US federal employees at the departments of Defense and Justice. The security breach is the result of the MOVEit hacking campaign that took place this summer.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Should you allow your browser to remember your passwords?

Malwarebytes

At Malwarebytes we’ve been telling people for years not to reuse passwords, and that a password manager is a secure way of remembering all the passwords you need for your online accounts. But we also know that a password manager can be overwhelming, especially when you’re just getting started. Once you’ve stored your tens or even hundreds of passwords, a password manager is relatively convenient to use and keep updated.

Passwords 139
article thumbnail

48 Malicious npm Packages Found Deploying Reverse Shells on Developer Systems

The Hacker News

A new set of 48 malicious npm packages have been discovered in the npm repository with capabilities to deploy a reverse shell on compromised systems. "These packages, deceptively named to appear legitimate, contained obfuscated JavaScript designed to initiate a reverse shell on package install," software supply chain security firm Phylum said.

Software 139
article thumbnail

WhatsApp spy mod spreads through Telegram, attacks Arabic-speaking users

SecureList

It is not rare that users of popular instant messaging services find the official client apps to be lacking in functionality. To address that problem, third-party developers come up with mods that offer sought-after features besides aesthetic upgrades. Unfortunately, some of these mods contain malware alongside legitimate enhancements. A case in point occurred last year when we discovered the Triada Trojan inside a WhatsApp mod.

Malware 137
article thumbnail

Suspected exploitation of Apache ActiveMQ flaw CVE-2023-46604 to install HelloKitty ransomware

Security Affairs

Rapid7 researchers warn of the suspected exploitation of a recently disclosed critical security flaw (CVE-2023-46604) in the Apache ActiveMQ. Cybersecurity researchers at Rapid7 are warning of the suspected exploitation of the recently disclosed critical vulnerability CVE-2023-46604 in the Apache ActiveMQ. Apache ActiveMQ is an open-source message broker software that serves as a message-oriented middleware (MOM) platform.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Oracle Enables MFA by Default on Oracle Cloud

Dark Reading

Mandatory multifactor authentication is just the latest in Oracle's commitment to have security built-in by default into Oracle Cloud Infrastructure.

article thumbnail

Boeing confirmed its services division suffered a cyberattack

Security Affairs

Boeing confirmed it is facing a cyber incident that hit its global services division, the company pointed out that flight safety isn’t affected. The Boeing Company, commonly known as Boeing, is one of the world’s largest aerospace manufacturers and defense contractors. In 2022, Boeing recorded $66.61 billion in sales, the aerospace giant has 156,000 (2022).

article thumbnail

Okta Data Compromised Through Third-Party Vendor

Dark Reading

After 1Password, MGM, and Caesars, yet more cybersecurity woes mount for the identity and access management company.

article thumbnail

Who is behind the Mozi Botnet kill switch?

Security Affairs

Researchers speculate that the recent shutdown of the Mozi botnet was the response of its authors to the pressure from Chinese law enforcement. ESET researchers speculate that the recent shutdown of the Mozi botnet was the result of its operators’ choice, possibly due to pressure from Chinese authorities. Mozi is an IoT botnet that borrows the code from Mirai variants and the Gafgyt malware , it appeared on the threat landscape in late 2019.

IoT 133
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

The UN Hired an AI Company to Untangle the Israeli-Palestinian Crisis

WIRED Threat Level

CulturePulse's AI model promises to create a realistic virtual simulation of every Israeli and Palestinian citizen. But don't roll your eyes: It's already been put to the test in other conflict zones.

article thumbnail

Could Australia’s Cybersecurity Strategy Benefit From More Data Science Rigour?

Tech Republic Security

The success of Australia’s six-shield cybersecurity strategy could depend on how well the nation manages the vast pools of data that will underpin the identification and mitigation of cyberthreats.

article thumbnail

Resecurity: Insecurity of 3rd-parties leads to Aadhaar data leaks in India

Security Affairs

Data leaks containing Aadhaar IDs in India was caused by the insecurity of 3rd parties while aggregating such information for KYC. According to Resecurity , a global cybersecurity provider protecting Fortune 500 companies and governments globally, one of the key issues leading to data leaks containing Aadhaar IDs in India is the insecurity of 3rd parties while aggregating such information for KYC (Know Your Customer) and such other purposes.

article thumbnail

Google Cybersecurity Action Team Threat Horizons Report #8 Is Out!

Anton on Security

This is my completely informal, uncertified, unreviewed and otherwise completely unofficial blog inspired by my reading of our eighth Threat Horizons Report ( full version ) that we just released ( the official blog for #1 report , my unofficial blogs for #2 , #3 , #4 , #5 , #6 and #7 ). My favorite quotes from the report follow below: “The cloud compromise factors and outcomes observed in Q2 2023 were largely similar to previous quarters and consistent with the last 12 months of reporting. […]

article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

article thumbnail

Cloudflare Dashboard and APIs down after data center power outage

Bleeping Computer

An ongoing Cloudflare outage has taken down many of its products, including the company's dashboard and related application programming interfaces (APIs) customers use to manage and read service configurations. [.

121
121
article thumbnail

Mysterious Kill Switch Disrupts Mozi IoT Botnet Operations

The Hacker News

The unexpected drop in malicious activity connected with the Mozi botnet in August 2023 was due to a kill switch that was distributed to the bots. "First, the drop manifested in India on August 8," ESET said in an analysis published this week. "A week later, on August 16, the same thing happened in China.

IoT 119
article thumbnail

BlackCat ransomware claims breach of healthcare giant Henry Schein

Bleeping Computer

The BlackCat (ALPHV) ransomware gang claims it breached the network of healthcare giant Henry Schein and stole dozens of terabytes of data, including payroll data and shareholder information. [.

article thumbnail

YouTube launches “global effort” to block ad blockers

Malwarebytes

The ongoing struggle between YouTube and ad blockers is turning users into the victims. YouTube has gone all out in its fight against the use of add-ons, extensions and programs that prevent it from serving ads to viewers around the world. It started out as just a small experiment, but it looks like the company has opened the floodgates for most users now.

Risk 112
article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

Ace Hardware says 1,202 devices were hit during cyberattack

Bleeping Computer

Ace Hardware confirmed that a cyberattack is preventing local stores and customers from placing orders as the company works to restore 196 servers. [.

113
113
article thumbnail

Iran's MuddyWater Targets Israel in New Spear-Phishing Cyber Campaign

The Hacker News

The Iranian nation-state actor known as MuddyWater has been linked to a new spear-phishing campaign targeting two Israeli entities to ultimately deploy a legitimate remote administration tool from N-able called Advanced Monitoring Agent.

Phishing 110
article thumbnail

How to Cancel IdentityIQ

Identity IQ

How to Cancel IdentityIQ IdentityIQ Are you planning to cancel your IdentityIQ membership? Life is unpredictable, and sometimes priorities change. If you plan to cancel your IdentityIQ membership, we respect your decision. However, we strongly recommend that you do not leave yourself unprotected from identity theft. Safeguarding your identity is more critical than ever with one in four Americans falling victim to identity theft, according to the AARP.

article thumbnail

Attackers Target Max-Severity Apache ActiveMQ Bug to Drop Ransomware

Dark Reading

More than 3,000 systems are exposed and vulnerable to attack on the Internet.

Internet 107
article thumbnail

IT Leadership Agrees AI is Here, but Now What?

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.