Mon.Mar 04, 2024

article thumbnail

LLM Prompt Injection Worm

Schneier on Security

Researchers have demonstrated a worm that spreads through prompt injection. Details : In one instance, the researchers, acting as attackers, wrote an email including the adversarial text prompt, which “poisons” the database of an email assistant using retrieval-augmented generation (RAG) , a way for LLMs to pull in extra data from outside its system.

article thumbnail

GUEST ESSAY: Essential cyber hygiene practices all charities must embrace to protect their donors

The Last Watchdog

Charities and nonprofits are particularly vulnerable to cybersecurity threats, primarily because they maintain personal and financial data, which are highly valuable to criminals. Related: Hackers target UK charities Here are six tips for establishing robust nonprofit cybersecurity measures to protect sensitive donor information and build a resilient organization.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

White House Recommends Memory-Safe Programming Languages and Security-by-Design

Tech Republic Security

A new report promotes preventing cyberattacks by using memory-safe languages and the development of software safety standards.

Software 198
article thumbnail

Hackers Behind the Change Healthcare Ransomware Attack Just Received a $22 Million Payment

WIRED Threat Level

The transaction, visible on Bitcoin's blockchain, suggests the victim of one of the worst ransomware attacks in years may have paid a very large ransom.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Protect Yourself and Your Business With This $40 Cybersecurity E-Learning Bundle

Tech Republic Security

At just $6 per course, you could learn how to protect your personal information and business systems, or work toward a career in this high-paying industry.

article thumbnail

New GTPDOOR backdoor is designed to target telecom carrier networks

Security Affairs

Researcher HaxRob discovered a previously undetected Linux backdoor named GTPDOOR, designed to target telecom carrier networks. Security researcher HaxRob discovered a previously undetected Linux backdoor dubbed GTPDOOR, which is specifically crafted to carry out stealth cyber operations within mobile carrier networks. I recently found two very interesting Linux binaries uploaded to Virustotal.

More Trending

article thumbnail

Ukraine’s GUR hacked the Russian Ministry of Defense

Security Affairs

The Main Intelligence Directorate (GUR) of Ukraine’s Ministry of Defense claims that it hacked the Russian Ministry of Defense. The Main Intelligence Directorate (GUR) of Ukraine’s Ministry of Defense announced it had breached the Russian Ministry of Defense servers as part of a special operation, and exfiltrated confidential documents. Stolen documents include: confidential documents, including orders and reports circulated among over 2000 structural units of the Russian military se

Hacking 143
article thumbnail

Critical JetBrains TeamCity On-Premises Flaws Could Lead to Server Takeovers

The Hacker News

A new pair of security vulnerabilities have been disclosed in JetBrains TeamCity On-Premises software that could be exploited by a threat actor to take control of affected systems. The flaws, tracked as CVE-2024-27198 (CVSS score: 9.8) and CVE-2024-27199 (CVSS score: 7.3), have been addressed in version 2023.11.4. They impact all TeamCity On-Premises versions through 2023.11.3.

Software 144
article thumbnail

Hackers steal Windows NTLM authentication hashes in phishing attacks

Bleeping Computer

The hacking group known as TA577 has recently shifted tactics by using phishing emails to steal NT LAN Manager (NTLM) authentication hashes to perform account hijacks. [.

article thumbnail

Some American Express customers’ data exposed in a third-party data breach

Security Affairs

American Express warns customers that their credit cards were exposed due to a data breach experienced by a third-party merchant processor. American Express (Amex) notifies customers that their credit card information has been compromised in a data breach involving a third-party merchant processor. The company did not disclose the number of impacted customers. “We became aware that a third party service provider engaged by numerous merchants experienced unauthorized access to its system.&#

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

CVE-2023-6825 (CVSS 9.9): Over a WordPress Million Sites Exposed by File Manager Flaw

Penetration Testing

A severe security flaw (CVE-2023-6825) has been uncovered in the popular File Manager and File Manager Pro WordPress plugins. With over a million active installs, this vulnerability has the potential to cause widespread damage... The post CVE-2023-6825 (CVSS 9.9): Over a WordPress Million Sites Exposed by File Manager Flaw appeared first on Penetration Testing.

article thumbnail

American Express credit cards exposed in vendor data breach

Bleeping Computer

American Express is warning customers that credit cards were exposed in a third-party data breach after one of its service providers was hacked. [.

article thumbnail

Warning: CHAVECLOAK Trojan Targets Brazil, Steals Your Banking Credentials

Penetration Testing

FortiGuard Labs uncovered a threat actor leveraging a sophisticated attack to distribute the CHAVECLOAK banking Trojan. The attack begins with a malicious PDF, downloads a ZIP file, and employs DLL side-loading for malware execution.... The post Warning: CHAVECLOAK Trojan Targets Brazil, Steals Your Banking Credentials appeared first on Penetration Testing.

Banking 139
article thumbnail

META hit with privacy complaints by EU consumer groups

Security Affairs

This is my interview with TRT International on the Meta dispute with EU consumer groups, which are calling on the bloc to sanction the company EU consumer groups are calling on the bloc to sanction the company Meta – which owns Facebook, Instagram and WhatsApp – for allegedly breaching privacy rules. Earlier this week, Meta announced it will set up a team to tackle disinformation and the abuse of generative AI in the run-up to the European Parliament elections – amid concerns a

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

American Express credit cards exposed in third-party data breach

Bleeping Computer

American Express is warning customers that credit cards were exposed in a third-party data breach after a merchant processor was hacked. [.

article thumbnail

From 500 to 5000 Employees - Securing 3rd Party App-Usage in Mid-Market Companies

The Hacker News

A company’s lifecycle stage, size, and state have a significant impact on its security needs, policies, and priorities. This is particularly true for modern mid-market companies that are either experiencing or have experienced rapid growth. As requirements and tasks continue to accumulate and malicious actors remain active around the clock, budgets are often stagnant at best.

Marketing 134
article thumbnail

5 Ways to Prevent Prompt Injection Attacks

Security Boulevard

Prompt injection attacks can deceive AI into interpreting the malicious input as a legitimate command or query. Here's how to stop them. The post 5 Ways to Prevent Prompt Injection Attacks appeared first on Security Boulevard.

article thumbnail

How Cybercriminals are Exploiting India's UPI for Money Laundering Operations

The Hacker News

Cybercriminals are using a network of hired money mules in India using an Android-based application to orchestrate a massive money laundering scheme. The malicious application, called XHelper, is a "key tool for onboarding and managing these money mules," CloudSEK researchers Sparsh Kulshrestha, Abhishek Mathew, and Santripti Bhujel said in a report.

Scams 134
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

RA World Ransomware: A Babuk Successor Targets Healthcare

Penetration Testing

When the Babuk ransomware group disbanded in 2021, it seemed like a minor victory in the ongoing battle against cybercrime. However, the leak of Babuk’s source code has become a breeding ground for new... The post RA World Ransomware: A Babuk Successor Targets Healthcare appeared first on Penetration Testing.

article thumbnail

CISA Warns Phobos Ransomware Groups Attacking Critical Infrastructure

Security Boulevard

Phobos, a complex ransomware-as-a-service (RaaS) operation that has been around for five years and is includes multiple variants, continues to target a range of critical infrastructure in the United States, including education, healthcare, and emergency services, according to federal agencies. The FBI and Cybersecurity and Infrastructure Security Agency (CISA) issued a warning with a list.

article thumbnail

Notorious Threat Actor TA577 Evolves: Stealing Your Credentials, One Click at a Time

Penetration Testing

TA577, a prolific cybercrime group responsible for past Qbot campaigns and associated with Black Basta ransomware attacks, is demonstrating an alarming shift in tactics. Proofpoint’s latest analysis reveals they’ve added large-scale NTLM credential theft... The post Notorious Threat Actor TA577 Evolves: Stealing Your Credentials, One Click at a Time appeared first on Penetration Testing.

article thumbnail

BlackCat ransomware turns off servers amid claim they stole $22 million ransom

Bleeping Computer

The ALPHV/BlackCat ransomware gang has shut down its servers amid claims that they scammed the affiliate responsible for the attack on Optum, the operator of the Change Healthcare platform, of $22 million. [.

article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

article thumbnail

CVE-2024-0039: Critical Android Remote Code Execution Vulnerability

Penetration Testing

On Monday, Google unveiled a comprehensive update addressing a total of 38 vulnerabilities within the Android ecosystem, spotlighting a particularly critical bug (CVE-2024-0039) that could allow malicious actors to execute code remotely on a... The post CVE-2024-0039: Critical Android Remote Code Execution Vulnerability appeared first on Penetration Testing.

article thumbnail

Ukraine claims it hacked Russian Ministry of Defense servers

Bleeping Computer

The Main Intelligence Directorate (GUR) of Ukraine's Ministry of Defense claims that it breached the servers of the Russian Ministry of Defense (Minoborony) and stole sensitive documents. [.

Hacking 117
article thumbnail

3 Considerations for Securing Internal Documents Within Financial Services

GlobalSign

Here are 3 areas to consider when securing document signing workflows in the financial services.

article thumbnail

Cybersecurity’s “Shift Up” Moment With CRQ | Kovrr

Security Boulevard

Articles related to cyber risk quantification, cyber risk management, and cyber resilience. The post Cybersecurity’s “Shift Up” Moment With CRQ | Kovrr appeared first on Security Boulevard.

article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

A week in security (February 26 – March 3)

Malwarebytes

Last week on Malwarebytes Labs: PikaBot malware on the rise: What organizations need to know Malicious meeting invite fix targets Mac users Pig butchering scams, how they work and how to avoid them Airbnb scam sends you to a fake Tripadvisor site, takes your money Facebook bug could have allowed attacker to take over accounts Stopping a targeted attack on a Managed Service Provider (MSP) with ThreatDown MDR ALPHV is singling out healthcare sector, say FBI and CISA One year later, Rhadamanthys is

article thumbnail

CVE-2024-27497: Replace Your Linksys E2000 Router Now

Penetration Testing

A severe security hole (CVE-2024-27497) in the Linksys E2000 router lets hackers waltz right into your network, potentially stealing sensitive data, compromising your devices, and using your connection for further malicious activity. Sadly, there’s... The post CVE-2024-27497: Replace Your Linksys E2000 Router Now appeared first on Penetration Testing.

article thumbnail

Threat actors hacked Taiwan-based Chunghwa Telecom

Security Affairs

Threat actors stole sensitive and confidential data from the telecom giant Chunghwa Telecom Company, revealed the Ministry of National Defense. Chunghwa Telecom Company , Ltd. (literally Chinese Telecom Company) is the largest integrated telecom service provider in Taiwan, and the incumbent local exchange carrier of PSTN, Mobile, and broadband services in the country.

Hacking 110
article thumbnail

evilrdp: The Ultimate Tool for Elevated RDP Command Control

Penetration Testing

EVILRDP – More control over RDP The evil twin of aardwolfgui using the aardwolf RDP client library that gives you extended control over the target and additional scripting capabilities from the command line. Features Control the mouse... The post evilrdp: The Ultimate Tool for Elevated RDP Command Control appeared first on Penetration Testing.

article thumbnail

IT Leadership Agrees AI is Here, but Now What?

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.