Thu.May 23, 2024

article thumbnail

Stark Industries Solutions: An Iron Hammer in the Cloud

Krebs on Security

The homepage of Stark Industries Solutions. Two weeks before Russia invaded Ukraine in February 2022, a large, mysterious new Internet hosting firm called Stark Industries Solutions materialized and quickly became the epicenter of massive distributed denial-of-service (DDoS) attacks on government and commercial targets in Ukraine and Europe. An investigation into Stark Industries reveals it is being used as a global proxy network that conceals the true source of cyberattacks and disinformation c

DDOS 296
article thumbnail

RSAC Fireside Chat: Qwiet AI leverages graph-database technology to reduce AppSec noise

The Last Watchdog

AppSec has never been more challenging. By the same token, AppSec technology is advancing apace to help companies meet this challenge. Related: AppSec market trajectory At RSAC 2024 , I sat down with Bruce Snell , cybersecurity strategist at Qwiet.ai , to hear a break down about how Qwiet has infused it’s preZero platform, with graph-database capabilities to deliver SAST, SCA, container scanning and secrets detection in a single solution.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Newsweek Op-Ed: Oversight of the Management of Cybersecurity Risks: The Skill Corporate Boards Need, But, So Often, Do Not Have

Joseph Steinberg

Despite both a decades-long barrage of media reports of cyberattacks wreaking havoc on the public sector and private sector alike, and despite clear indications from the United States Securities and Exchange Commission (SEC) that corporate boards must be able to oversee the management of cyber-risk by their respective organizations, when to comes to actually delivering on their fiduciary duty as related to cybersecurity, today’s corporate boards often fail to perform as needed and as intended.

Risk 261
article thumbnail

Personal AI Assistants and Privacy

Schneier on Security

Microsoft is trying to create a personal digital assistant: At a Build conference event on Monday, Microsoft revealed a new AI-powered feature called “Recall” for Copilot+ PCs that will allow Windows 11 users to search and retrieve their past activities on their PC. To make it work, Recall records everything users do on their PC, including activities in apps, communications in live meetings, and websites visited for research.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Exploring the Intersection of Cyber, AI, and Cinema: Insights from Megalopolis

Jane Frankland

Last week I got to participate in one of the most fun (and glamorous) events I’ve ever had in cyber – the 77th Cannes Film Festival. Curtesy of Mastercard and the Mastercard Cyber and Intelligence team, myself and 4 other leaders in cybersecurity were invited to Cannes to walk the red carpet, and watch a premier. It was Francis Ford Coppola’s $120m self-funded dystopian epic, Megalopolis!

article thumbnail

DNSBomb: New DDoS Attack Explodes DNS Traffic, Threatening Critical Internet Infrastructure

Penetration Testing

Researchers from Tsinghua University have unveiled a potent new method for launching distributed denial-of-service (DDoS) attacks, dubbed DNSBomb (CVE-2024-33655). This innovative attack weaponizes DNS (Domain Name System) traffic to overwhelm and disrupt online services,... The post DNSBomb: New DDoS Attack Explodes DNS Traffic, Threatening Critical Internet Infrastructure appeared first on Penetration Testing.

DNS 145

More Trending

article thumbnail

CVE-2024-20360: Cisco FMC Vulnerability Grants Hackers Root Access

Penetration Testing

Cisco, the global leader in networking solutions, has issued a security advisory regarding a vulnerability discovered in its Firepower Management Center (FMC) software. This flaw, identified as CVE-2024-20360, carries a CVSS score of 8.8,... The post CVE-2024-20360: Cisco FMC Vulnerability Grants Hackers Root Access appeared first on Penetration Testing.

article thumbnail

Chinese actor ‘Unfading Sea Haze’ remained undetected for five years

Security Affairs

A previously unknown China-linked threat actor dubbed ‘Unfading Sea Haze’ has been targeting military and government entities since 2018. Bitdefender researchers discovered a previously unknown China-linked threat actor dubbed ‘Unfading Sea Haze’ that has been targeting military and government entities since 2018. The threat group focuses on entities in countries in the South China Sea, experts noticed TTP overlap with operations attributed to APT41.

Malware 132
article thumbnail

Apple API Allows Wi-Fi AP Location Tracking

Security Boulevard

Privacy FAIL: Apple location service returns far more data than it should, to people who have no business knowing it, without your permission. The post Apple API Allows Wi-Fi AP Location Tracking appeared first on Security Boulevard.

article thumbnail

Critical SQL Injection flaws impact Ivanti Endpoint Manager (EPM)

Security Affairs

Ivanti addressed multiple flaws in the Endpoint Manager (EPM), including remote code execution vulnerabilities. Ivanti this week rolled out security patches to address multiple critical vulnerabilities in the Endpoint Manager (EPM). A remote attacker can exploit the flaws to gain code execution under certain conditions. Below is the list of the addressed vulnerabilities: CVE Description CVSS Vector CVE-2024-29822 An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 an

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

IBM X-Force Report: Grandoreiro Malware Targets More Than 1,500 Banks in 60 Countries

Tech Republic Security

Find out how Grandoreiro banking trojan campaigns work and the countries targeted, as well as how to mitigate this malware threat.

Banking 146
article thumbnail

Microsoft outage affects Bing, Copilot, DuckDuckGo and ChatGPT internet search

Bleeping Computer

A massive Microsoft outage in some regions affects Bing.com, Copilot for web and mobile, Copilot in Windows, ChatGPT internet search and DuckDuckGo. [.

Internet 138
article thumbnail

10 years in prison for $4.5 million BEC scammer who bought Ferrari to launder money

Graham Cluley

A scammer has been sentenced to 10 years in prison for laundering over US $4.5 million obtained by targeting businesses and the elderly with Business Email Compromise (BEC) and romance fraud schemes. Read more in my article on the Tripwire State of Security blog.

Scams 126
article thumbnail

Microsoft pushes emergency fix for Windows Server 2019 update errors

Bleeping Computer

Microsoft has released an emergency out-of-band (OOB) update for Windows Server 2019 that fixes a bug causing 0x800f0982 errors when attempting to install the May 2024 Patch Tuesday security updates. [.

126
126
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Anthropic’s Generative AI Research Reveals More About How LLMs Affect Security and Bias

Tech Republic Security

Anthropic opened a window into the ‘black box’ where ‘features’ steer a large language model’s output.

article thumbnail

Leading LLMs Insecure, Highly Vulnerable to Basic Jailbreaks

Security Boulevard

“All tested LLMs remain highly vulnerable to basic jailbreaks, and some will provide harmful outputs even without dedicated attempts to circumvent their safeguards,” the report noted. The post Leading LLMs Insecure, Highly Vulnerable to Basic Jailbreaks appeared first on Security Boulevard.

124
124
article thumbnail

A Leak of Biometric Police Data Is a Sign of Things to Come

WIRED Threat Level

Thousands of fingerprints and facial images linked to police in India have been exposed online. Researchers say it’s a warning of what will happen as the collection of biometric data increases.

127
127
article thumbnail

Apple wasn’t storing deleted iOS photos in iCloud after all

Bleeping Computer

Security researchers reverse-engineered Apple's recent iOS 17.5.1 update and found that a recent bug that restored images deleted months or even years ago was caused by an iOS bug and not an issue with iCloud. [.

article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

He Trained Crypto Cops to Fight Crypto Crime—and Allegedly Ran a $100M Dark Web Drug Market

WIRED Threat Level

The strange journey of Lin Rui-siang, the 23-year-old accused of running the Incognito black market, extorting his own site's users—and then refashioning himself as a legit crypto crime expert.

Marketing 123
article thumbnail

Ivanti Patches Critical Remote Code Execution Flaws in Endpoint Manager

The Hacker News

Ivanti on Tuesday rolled out fixes to address multiple critical security flaws in Endpoint Manager (EPM) that could be exploited to achieve remote code execution under certain circumstances. Six of the 10 vulnerabilities – from CVE-2024-29822 through CVE-2024-29827 (CVSS scores: 9.

120
120
article thumbnail

APT41: The threat of KeyPlug against Italian industries

Security Affairs

Tinexta Cyber’s Zlab Malware Team uncovered a backdoor known as KeyPlug employed in attacks against several Italian industries During an extensive investigation, Tinexta Cyber’s Zlab Malware Team uncovered a backdoor known as KeyPlug , which hit for months a variety of Italian industries. This backdoor is attributed to the arsenal of APT41,a group whose origin is tied to China.

Malware 110
article thumbnail

Inside Operation Diplomatic Specter: Chinese APT Group's Stealthy Tactics Exposed

The Hacker News

Governmental entities in the Middle East, Africa, and Asia are the target of a Chinese advanced persistent threat (APT) group as part of an ongoing cyber espionage campaign dubbed Operation Diplomatic Specter since at least late 2022.

118
118
article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

article thumbnail

Introducing Nimfilt: A reverse-engineering tool for Nim-compiled binaries

We Live Security

Available as both an IDA plugin and a Python script, Nimfilt helps to reverse engineer binaries compiled with the Nim programming language compiler by demangling package and function names, and applying structs to strings

article thumbnail

High-severity GitLab flaw lets attackers take over accounts

Bleeping Computer

GitLab patched a high-severity vulnerability that unauthenticated attackers could exploit to take over user accounts in cross-site scripting (XSS) attacks. [.

article thumbnail

CISA Warns of Actively Exploited Apache Flink Security Vulnerability

The Hacker News

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a security flaw impacting Apache Flink, the open-source, unified stream-processing and batch-processing framework, to the Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.

article thumbnail

UK Government ponders major changes to ransomware response – what you need to know

Graham Cluley

The British Government is proposing sweeping change in its approach to ransomware attacks, proposing mandatory reporting by victims and licensing regime for all payments. Read more in my article on the Exponential-e blog.

article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

SEC Provides Clarity on Disclosing Material vs. Non-Material Cyber Incidents

SecureWorld News

The U.S. Securities and Exchange Commission (SEC) has issued new guidance aimed at clearing up confusion around how public companies should disclose cybersecurity incidents under the agency's recently adopted disclosure rules. In a May 21, 2024, announcement from Erik Gerding, Director of the SEC's Division of Corporation Finance, the agency clarified that only cybersecurity incidents determined by a company to be material should be disclosed via an 8-K filing under the new Item 1.05.

CISO 100
article thumbnail

Ransomware Attacks Exploit VMware ESXi Vulnerabilities in Alarming Pattern

The Hacker News

Ransomware attacks targeting VMware ESXi infrastructure following an established pattern regardless of the file-encrypting malware deployed.

article thumbnail

JAVS courtroom recording software backdoored in supply chain attack

Bleeping Computer

Attackers have backdoored the installer of widely used Justice AV Solutions (JAVS) courtroom video recording software with malware that lets them take over compromised systems. [.

article thumbnail

Heimdal to Showcase Widest Cybersecurity Tech Stack at Infosecurity Europe 2024

Heimadal Security

LONDON, May 23, 2024 – Heimdal® is excited to announce its participation in Infosecurity Europe 2024, taking place from 3-4 June 2024 at ExCel London. Attendees are invited to visit Heimdal’s booth for an exclusive opportunity to engage with industry-leading cybersecurity experts, experience live demonstrations, and enjoy engaging presentations.

article thumbnail

IT Leadership Agrees AI is Here, but Now What?

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.