Sun.Feb 25, 2024

article thumbnail

Introducing the CyberPeace Institute: Protecting Communities Online

Lohrman on Security

In this interview, Pavlina Pavlova, public policy adviser at the CyberPeace Institute, describes the organization’s mission and global activities to reduce harm online for vulnerable populations.

174
174
article thumbnail

WordPress Ultimate Member Plugin Under Active Attack: Critical Flaw (CVE-2024-1071) Impacts 200k Sites

Penetration Testing

A critical unauthenticated SQL Injection vulnerability was found in Ultimate Member, a popular WordPress plugin boasting over 200,000 active installations. This critical flaw, identified as CVE-2024-1071, carries a high-severity CVSS score of 9.8, underscoring... The post WordPress Ultimate Member Plugin Under Active Attack: Critical Flaw (CVE-2024-1071) Impacts 200k Sites appeared first on Penetration Testing.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

LockBit Ransomware Group Resurfaces After Law Enforcement Takedown

The Hacker News

The threat actors behind the LockBit ransomware operation have resurfaced on the dark web using new infrastructure, days after an international law enforcement exercise seized control of its servers. To that end, the notorious group has moved its data leak portal to a new.onion address on the TOR network, listing 12 new victims as of writing.

article thumbnail

Crooks stole $10 million from Axie Infinity co-founder

Security Affairs

Crooks stole nearly $10 million from the wallet of one of the co-founders of the video game Axie Infinity and the related Ronin Network. Cybercriminals stole about $10 million from the wallet of Jeff “Jihoz” Zirlin, who is one of the co-founders of the video game Axie Infinity and the related Ronin Network. On February 23, researchers at blockchain cybersecurity firm PeckShield alerted about a “whale wallet” compromise over the Ronin Bridge.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Authorities Claim LockBit Admin "LockBitSupp" Has Engaged with Law Enforcement

The Hacker News

LockBitSupp, the individual(s) behind the persona representing the LockBit ransomware service on cybercrime forums such as Exploit and XSS, "has engaged with law enforcement," authorities said. The development comes following the takedown of the prolific ransomware-as-a-service (RaaS) operation as part of a coordinated international operation codenamed Cronos.

article thumbnail

Earth Lusca Uses Geopolitical Lure to Target Taiwan Before Elections

Trend Micro

During our monitoring of Earth Lusca, we noticed a new campaign that used Chinese-Taiwanese relations as a social engineering lure to infect selected targets.

More Trending

article thumbnail

LockBit ransomware returns, restores servers after police disruption

Bleeping Computer

The LockBit gang is relaunching its ransomware operation on a new infrastructure less than a week after law enforcement hacked their servers, and is threatening to focus more of their attacks on the government sector. [.

article thumbnail

A week in security (February 19 – February 25)

Malwarebytes

Last week on Malwarebytes Labs: Joomla! patches XSS flaws that could lead to remote code execution Update now! ConnectWise ScreenConnect vulnerability needs your attention Why ransomware gangs love using RMM tools—and how to stop them Signal to shield user phone numbers by default Vibrator virus steals your personal information A first analysis of the i-Soon data leak ThreatDown EDR update: Streamlined Suspicious Activity investigation Law enforcement trolls LockBit, reveals massive takedown Wyz

article thumbnail

PayPal files patent for new method to detect stolen cookies

Bleeping Computer

PayPal has filed a patent application for a novel method that can identify when "super-cookie" is stolen, which could improve the cookie-based authentication mechanism and limit account takeover attacks. [.

article thumbnail

CVE-2024-26592 & 26594: Critical Linux Kernel Flaws Open Door for Code Execution and Data Theft

Penetration Testing

A pair of critical vulnerabilities, recently patched in the Linux kernel, have raised alarms for anyone managing Linux systems. These flaws resided in the KSMBD file server, responsible for seamless file sharing with Windows... The post CVE-2024-26592 & 26594: Critical Linux Kernel Flaws Open Door for Code Execution and Data Theft appeared first on Penetration Testing.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Cloud Security Policy

Tech Republic Security

The purpose of this Cloud Security Policy, written by Ray Fernandez for TechRepublic Premium, is to provide guidelines for secure and effective cloud computing operations that ensure the integrity and privacy of company-owned digital resources. This policy covers a wide range of topics, including the responsibilities of employees, IT and security staff and managers, data.

78
article thumbnail

Warning: DLL Hijacking in Modern Malware Campaigns

Penetration Testing

In the cybersecurity threats, DLL hijacking remains a classic maneuver in the arsenal of cyber adversaries. This technique, despite its age, continues to offer a stealthy passage for threat actors to deploy malware, underscoring... The post Warning: DLL Hijacking in Modern Malware Campaigns appeared first on Penetration Testing.

Malware 110
article thumbnail

Introducing the CyberPeace Institute: Protecting Communities Online

Security Boulevard

In this interview, Pavlina Pavlova, public policy adviser at the CyberPeace Institute, describes the organization’s mission and global activities to reduce harm online for vulnerable populations. The post Introducing the CyberPeace Institute: Protecting Communities Online appeared first on Security Boulevard.

64
article thumbnail

Turla Leverages ‘Pelmeni Wrapper’ for Stealthy Kazuar Backdoor Delivery

Penetration Testing

Research from Lab52 has uncovered a recent Turla campaign exhibiting novel tactics and a customized variant of the Kazuar trojan. This analysis offers technical insights into the campaign’s methodology and provides indicators of compromise... The post Turla Leverages ‘Pelmeni Wrapper’ for Stealthy Kazuar Backdoor Delivery appeared first on Penetration Testing.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Challenging password dogma

Security Boulevard

Most best practice advice on passwords is terrible. But why? This article explains which password advice should be followed and which advice is harmful, and shows you what a good password policy should contain. The post Challenging password dogma appeared first on Security Boulevard.

article thumbnail

ScreenConnect Vulnerabilities Exploited to Deploy Malware

Penetration Testing

Sophos X-Ops has spotlighted a concerning trend in the exploitation of vulnerabilities within ConnectWise ScreenConnect installations, a widely used remote monitoring and management software. The recently disclosed vulnerabilities in ScreenConnect (CVE-2024-1709, CVE-2024-1708) necessitate immediate... The post ScreenConnect Vulnerabilities Exploited to Deploy Malware appeared first on Penetration Testing.

Malware 94
article thumbnail

Using Webhooks with your Privileged Access Management Tool

Security Boulevard

Organizations often use multiple applications to perform business. For example, a tech team might find that Jira works well for managing tasks and a support team might find they prefer PagerDuty to handle support tickets. However, handling several applications and the data within them can be challenging. This is where webhooks step in as a middleware […] The post Using Webhooks with your Privileged Access Management Tool appeared first on Security Boulevard.

64
article thumbnail

Doppelgänger: Russia-Linked Influence Network Targets Germany with Disinformation

Penetration Testing

SentinelLabs and ClearSky Cyber Security have been tracking an intensive influence operation spreading propaganda and disinformation since late 2023. This campaign, attributed to the Russia-aligned Doppelgänger network, initially focused on anti-Ukrainian content but has... The post Doppelgänger: Russia-Linked Influence Network Targets Germany with Disinformation appeared first on Penetration Testing.

article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Unveiling the Threat Landscape: Exploring the Security Risks of Cloud Computing

Centraleyes

In the digital era, cloud computing has become synonymous with agility and scalability for businesses and individuals. However, critical security risks and threats inherent in cloud environments come alongside the myriad benefits. This blog aims to dissect the nuances of cloud security risks , shedding light on the challenges commonly faced when securing digital assets in the cloud.

Risk 52
article thumbnail

Warning: PIKABOT Malware Reloaded and More Dangerous

Penetration Testing

Elastic Security Labs observes a significant overhaul of the PIKABOT loader and core modules, marking a resurgence of this persistent malware family. This deep-dive analysis unveils the revamped techniques PIKABOT uses for unpacking, obfuscation,... The post Warning: PIKABOT Malware Reloaded and More Dangerous appeared first on Penetration Testing.

Malware 89
article thumbnail

A cyber attack hit the Royal Canadian Mounted Police

Security Affairs

A cyber attack hit the Royal Canadian Mounted Police (RCMP), the federal and national law enforcement agency of Canada. The Royal Canadian Mounted Police (RCMP), the federal and national law enforcement agency of Canada, confirmed that it was the target of a cyber attack. RCMP also notified the Office of the Privacy Commissioner (OPC). The police have launched an investigation into the cyber attack and urged its staff to stay vigilant. “The situation is evolving quickly but at this time, t

article thumbnail

RCMP investigating cyber attack as its website remains down

Bleeping Computer

The Royal Canadian Mounted Police (RCMP), Canada's national police force has disclosed that it recently faced a cyber attack targeting its networks. The federal body has started its criminal investigation into the matter as it works to determine the scope of the security breach. [.

article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

article thumbnail

FBI’s LockBit Takedown Postponed a Ticking Time Bomb in Fulton County, Ga.

Krebs on Security

The FBI’s takedown of the LockBit ransomware group last week came as LockBit was preparing to release sensitive data stolen from government computer systems in Fulton County, Ga. But LockBit is now regrouping, and the gang says it will publish the stolen Fulton County data on March 2 unless paid a ransom. LockBit claims the cache includes documents tied to the county’s ongoing criminal prosecution of former President Trump , but court watchers say teaser documents published by the cr

article thumbnail

LockBit is back and threatens to target more government organizations

Security Affairs

The LockBit gang is back and set up a new infrastructure after the recent attempt by law enforcement to disrupt their operation. Last week, a joint law enforcement action, code-named Operation Cronos , conducted by law enforcement agencies from 11 countries disrupted the LockBit ransomware operation. The operation led to the arrest of two members of the ransomware gang in Poland and Ukraine and the seizure of hundreds of crypto wallets used by the group.