Thu.May 23, 2024

article thumbnail

Stark Industries Solutions: An Iron Hammer in the Cloud

Krebs on Security

The homepage of Stark Industries Solutions. Two weeks before Russia invaded Ukraine in February 2022, a large, mysterious new Internet hosting firm called Stark Industries Solutions materialized and quickly became the epicenter of massive distributed denial-of-service (DDoS) attacks on government and commercial targets in Ukraine and Europe. An investigation into Stark Industries reveals it is being used as a global proxy network that conceals the true source of cyberattacks and disinformation c

DDOS 305
article thumbnail

Personal AI Assistants and Privacy

Schneier on Security

Microsoft is trying to create a personal digital assistant: At a Build conference event on Monday, Microsoft revealed a new AI-powered feature called “Recall” for Copilot+ PCs that will allow Windows 11 users to search and retrieve their past activities on their PC. To make it work, Recall records everything users do on their PC, including activities in apps, communications in live meetings, and websites visited for research.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

RSAC Fireside Chat: Qwiet AI leverages graph-database technology to reduce AppSec noise

The Last Watchdog

AppSec has never been more challenging. By the same token, AppSec technology is advancing apace to help companies meet this challenge. Related: AppSec market trajectory At RSAC 2024 , I sat down with Bruce Snell , cybersecurity strategist at Qwiet.ai , to hear a break down about how Qwiet has infused it’s preZero platform, with graph-database capabilities to deliver SAST, SCA, container scanning and secrets detection in a single solution.

article thumbnail

Newsweek Op-Ed: Oversight of the Management of Cybersecurity Risks: The Skill Corporate Boards Need, But, So Often, Do Not Have

Joseph Steinberg

Despite both a decades-long barrage of media reports of cyberattacks wreaking havoc on the public sector and private sector alike, and despite clear indications from the United States Securities and Exchange Commission (SEC) that corporate boards must be able to oversee the management of cyber-risk by their respective organizations, when to comes to actually delivering on their fiduciary duty as related to cybersecurity, today’s corporate boards often fail to perform as needed and as intended.

Risk 234
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Anthropic’s Generative AI Research Reveals More About How LLMs Affect Security and Bias

Tech Republic Security

Anthropic opened a window into the ‘black box’ where ‘features’ steer a large language model’s output.

article thumbnail

DNSBomb: New DDoS Attack Explodes DNS Traffic, Threatening Critical Internet Infrastructure

Penetration Testing

Researchers from Tsinghua University have unveiled a potent new method for launching distributed denial-of-service (DDoS) attacks, dubbed DNSBomb (CVE-2024-33655). This innovative attack weaponizes DNS (Domain Name System) traffic to overwhelm and disrupt online services,... The post DNSBomb: New DDoS Attack Explodes DNS Traffic, Threatening Critical Internet Infrastructure appeared first on Penetration Testing.

DNS 145

More Trending

article thumbnail

A Leak of Biometric Police Data Is a Sign of Things to Come

WIRED Threat Level

Thousands of fingerprints and facial images linked to police in India have been exposed online. Researchers say it’s a warning of what will happen as the collection of biometric data increases.

143
143
article thumbnail

CVE-2024-20360: Cisco FMC Vulnerability Grants Hackers Root Access

Penetration Testing

Cisco, the global leader in networking solutions, has issued a security advisory regarding a vulnerability discovered in its Firepower Management Center (FMC) software. This flaw, identified as CVE-2024-20360, carries a CVSS score of 8.8,... The post CVE-2024-20360: Cisco FMC Vulnerability Grants Hackers Root Access appeared first on Penetration Testing.

article thumbnail

He Trained Crypto Cops to Fight Crypto Crime—and Allegedly Ran a $100M Dark Web Drug Market

WIRED Threat Level

The strange journey of Lin Rui-siang, the 23-year-old accused of running the Incognito black market, extorting his own site's users—and then refashioning himself as a legit crypto crime expert.

Marketing 142
article thumbnail

Ivanti Patches Critical Remote Code Execution Flaws in Endpoint Manager

The Hacker News

Ivanti on Tuesday rolled out fixes to address multiple critical security flaws in Endpoint Manager (EPM) that could be exploited to achieve remote code execution under certain circumstances. Six of the 10 vulnerabilities – from CVE-2024-29822 through CVE-2024-29827 (CVSS scores: 9.

142
142
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

APT41: The threat of KeyPlug against Italian industries

Security Affairs

Tinexta Cyber’s Zlab Malware Team uncovered a backdoor known as KeyPlug employed in attacks against several Italian industries During an extensive investigation, Tinexta Cyber’s Zlab Malware Team uncovered a backdoor known as KeyPlug , which hit for months a variety of Italian industries. This backdoor is attributed to the arsenal of APT41,a group whose origin is tied to China.

Malware 140
article thumbnail

Inside Operation Diplomatic Specter: Chinese APT Group's Stealthy Tactics Exposed

The Hacker News

Governmental entities in the Middle East, Africa, and Asia are the target of a Chinese advanced persistent threat (APT) group as part of an ongoing cyber espionage campaign dubbed Operation Diplomatic Specter since at least late 2022.

142
142
article thumbnail

Chinese actor ‘Unfading Sea Haze’ remained undetected for five years

Security Affairs

A previously unknown China-linked threat actor dubbed ‘Unfading Sea Haze’ has been targeting military and government entities since 2018. Bitdefender researchers discovered a previously unknown China-linked threat actor dubbed ‘Unfading Sea Haze’ that has been targeting military and government entities since 2018. The threat group focuses on entities in countries in the South China Sea, experts noticed TTP overlap with operations attributed to APT41.

Malware 139
article thumbnail

Ransomware Attacks Exploit VMware ESXi Vulnerabilities in Alarming Pattern

The Hacker News

Ransomware attacks targeting VMware ESXi infrastructure following an established pattern regardless of the file-encrypting malware deployed.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Microsoft outage affects Bing, Copilot, DuckDuckGo and ChatGPT internet search

Bleeping Computer

A massive Microsoft outage in some regions affects Bing.com, Copilot for web and mobile, Copilot in Windows, ChatGPT internet search and DuckDuckGo. [.

Internet 138
article thumbnail

CISA Warns of Actively Exploited Apache Flink Security Vulnerability

The Hacker News

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a security flaw impacting Apache Flink, the open-source, unified stream-processing and batch-processing framework, to the Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.

article thumbnail

Critical SQL Injection flaws impact Ivanti Endpoint Manager (EPM)

Security Affairs

Ivanti addressed multiple flaws in the Endpoint Manager (EPM), including remote code execution vulnerabilities. Ivanti this week rolled out security patches to address multiple critical vulnerabilities in the Endpoint Manager (EPM). A remote attacker can exploit the flaws to gain code execution under certain conditions. Below is the list of the addressed vulnerabilities: CVE Description CVSS Vector CVE-2024-29822 An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 an

article thumbnail

Are Your SaaS Backups as Secure as Your Production Data?

The Hacker News

Conversations about data security tend to diverge into three main threads: How can we protect the data we store on our on-premises or cloud infrastructure? What strategies and tools or platforms can reliably backup and restore data? What would losing all this data cost us, and how quickly could we get it back?

Backups 136
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Apple API Allows Wi-Fi AP Location Tracking

Security Boulevard

Privacy FAIL: Apple location service returns far more data than it should, to people who have no business knowing it, without your permission. The post Apple API Allows Wi-Fi AP Location Tracking appeared first on Security Boulevard.

article thumbnail

New Frontiers, Old Tactics: Chinese Espionage Group Targets Africa & Caribbean Govts

The Hacker News

The China-linked threat actor known as Sharp Panda has expanded their targeting to include governmental organizations in Africa and the Caribbean as part of an ongoing cyber espionage campaign.

130
130
article thumbnail

Exploring the Intersection of Cyber, AI, and Cinema: Insights from Megalopolis

Jane Frankland

Last week I got to participate in one of the most fun (and glamorous) events I’ve ever had in cyber – the 77th Cannes Film Festival. Curtesy of Mastercard and the Mastercard Cyber and Intelligence team, myself and 4 other leaders in cybersecurity were invited to Cannes to walk the red carpet, and watch a premier. It was Francis Ford Coppola’s $120m self-funded dystopian epic, Megalopolis!

article thumbnail

How AI will change your credit card behind the scenes

Malwarebytes

Many companies are starting to implement Artificial Intelligence (AI) within their services. Whenever there are large amounts of data involved, AI offers a way to turn that pile of data into actionable insights. And there’s a big chance that our data are somewhere in that pile, whether they can be traced back to us or not. In this blog we’ll look at the different ways in which credit card companies are planning to use AI.

article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

article thumbnail

Microsoft pushes emergency fix for Windows Server 2019 update errors

Bleeping Computer

Microsoft has released an emergency out-of-band (OOB) update for Windows Server 2019 that fixes a bug causing 0x800f0982 errors when attempting to install the May 2024 Patch Tuesday security updates. [.

126
126
article thumbnail

Leading LLMs Insecure, Highly Vulnerable to Basic Jailbreaks

Security Boulevard

“All tested LLMs remain highly vulnerable to basic jailbreaks, and some will provide harmful outputs even without dedicated attempts to circumvent their safeguards,” the report noted. The post Leading LLMs Insecure, Highly Vulnerable to Basic Jailbreaks appeared first on Security Boulevard.

124
124
article thumbnail

10 years in prison for $4.5 million BEC scammer who bought Ferrari to launder money

Graham Cluley

A scammer has been sentenced to 10 years in prison for laundering over US $4.5 million obtained by targeting businesses and the elderly with Business Email Compromise (BEC) and romance fraud schemes. Read more in my article on the Tripwire State of Security blog.

Scams 123
article thumbnail

Introducing Nimfilt: A reverse-engineering tool for Nim-compiled binaries

We Live Security

Available as both an IDA plugin and a Python script, Nimfilt helps to reverse engineer binaries compiled with the Nim programming language compiler by demangling package and function names, and applying structs to strings

article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

Apple wasn’t storing deleted iOS photos in iCloud after all

Bleeping Computer

Security researchers reverse-engineered Apple's recent iOS 17.5.1 update and found that a recent bug that restored images deleted months or even years ago was caused by an iOS bug and not an issue with iCloud. [.

article thumbnail

APT41: The threat of KeyPlug against Italian industries

Security Affairs

Tinexta Cyber’s Zlab Malware Team uncovered a backdoor known as KeyPlug employed in attacks against several Italian industries During an extensive investigation, Tinexta Cyber’s Zlab Malware Team uncovered a backdoor known as KeyPlug , which hit for months a variety of Italian industries. This backdoor is attributed to the arsenal of APT41,a group whose origin is tied to China.

Malware 117
article thumbnail

A journey into forgotten Null Session and MS-RPC interfaces

SecureList

A journey into forgotten Null Session and MS-RPC interfaces (PDF) It has been almost 24 years since the null session vulnerability was discovered. Back then, it was possible to access SMB named pipes using empty credentials and collect domain information. Most often, attackers leveraged null sessions for gathering domain users through techniques such as RID (Relative Identifier) enumeration.

article thumbnail

High-severity GitLab flaw lets attackers take over accounts

Bleeping Computer

GitLab patched a high-severity vulnerability that unauthenticated attackers could exploit to take over user accounts in cross-site scripting (XSS) attacks. [.

article thumbnail

IT Leadership Agrees AI is Here, but Now What?

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.