Thu.Apr 18, 2024

article thumbnail

Other Attempts to Take Over Open Source Projects

Schneier on Security

After the XZ Utils discovery, people have been examining other open-source projects. Surprising no one, the incident is not unique: The OpenJS Foundation Cross Project Council received a suspicious series of emails with similar messages, bearing different names and overlapping GitHub-associated emails. These emails implored OpenJS to take action to update one of its popular JavaScript projects to “address any critical vulnerabilities,” yet cited no specifics.

article thumbnail

Kaspersky Study: Devices Infected With Data-Stealing Malware Increased by 7 Times Since 2020

Tech Republic Security

Nearly 10 million devices were infected with data-stealing malware in 2023, with criminals stealing an average of 50.9 credentials per device.

Malware 203
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

The Real-Time Deepfake Romance Scams Have Arrived

WIRED Threat Level

Watch how smooth-talking scammers known as “Yahoo Boys” use widely available face-swapping tech to carry out elaborate romance scams.

Scams 145
article thumbnail

TechRepublic’s Review Methodology for Password Managers

Tech Republic Security

Our review methodology for password managers provides you with a reliable assessment of the best solutions based on the analyzed key factors.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Global Police Operation Disrupts 'LabHost' Phishing Service, Over 30 Arrested Worldwide

The Hacker News

As many as 37 individuals have been arrested as part of an international crackdown on a cybercrime service called LabHost that has been used by criminal actors to steal personal credentials from victims around the world.

Phishing 144
article thumbnail

Cisco warns of a command injection escalation flaw in its IMC. PoC publicly available

Security Affairs

Cisco has addressed a high-severity vulnerability in its Integrated Management Controller (IMC) for which publicly available exploit code exists. Cisco has addressed a high-severity Integrated Management Controller (IMC) vulnerability and is aware of a public exploit code for this issue. The PoC exploit code allows a local attacker to escalate privileges to root.

More Trending

article thumbnail

ClamAV Issues Urgent Patch for High-Risk DoS Vulnerability CVE-2024-20380

Penetration Testing

The ClamAV development team has released urgent security patches for its popular open-source antivirus software. The patches address a high-severity vulnerability, designated CVE-2024-20380 (CVSS 7.5), that could allow unauthenticated, remote attackers to crash ClamAV... The post ClamAV Issues Urgent Patch for High-Risk DoS Vulnerability CVE-2024-20380 appeared first on Penetration Testing.

article thumbnail

Hackers Target Middle East Governments with Evasive "CR4T" Backdoor

The Hacker News

Government entities in the Middle East have been targeted as part of a previously undocumented campaign to deliver a new backdoor dubbed CR4T. Russian cybersecurity company Kaspersky said it discovered the activity in February 2024, with evidence suggesting that it may have been active since at least a year prior.

article thumbnail

Previously unknown Kapeka backdoor linked to Russian Sandworm APT

Security Affairs

Russia-linked APT Sandworm employed a previously undocumented backdoor called Kapeka in attacks against Eastern Europe since 2022. WithSecure researchers identified a new backdoor named Kapeka that has been used in attacks targeting victims in Eastern Europe since at least mid-2022. The backdoor is very sophisticated, it serves as both an initial toolkit and as a backdoor for maintaining long-term access to compromised systems.

Malware 138
article thumbnail

Recover from Ransomware in 5 Minutes—We will Teach You How!

The Hacker News

Super Low RPO with Continuous Data Protection:Dial Back to Just Seconds Before an Attack Zerto, a Hewlett Packard Enterprise company, can help you detect and recover from ransomware in near real-time. This solution leverages continuous data protection (CDP) to ensure all workloads have the lowest recovery point objective (RPO) possible.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

United Nations Development Programme (UNDP) investigates data breach

Security Affairs

The United Nations Development Programme (UNDP) has initiated an investigation into an alleged ransomware attack and the subsequent theft of data. The United Nations Development Programme (UNDP) is investigating an alleged ransomware attack that resulted in data theft. The United Nations Development Programme (UNDP) is a United Nations agency tasked with helping countries eliminate poverty and achieve sustainable economic growth and human development.

article thumbnail

Mental health company Cerebral failed to protect sensitive personal data, must pay $7 million

Malwarebytes

The Federal Trade Commission (FTC) has reached a settlement with online mental health services company Cerebral after the company was charged with failing to secure and protect sensitive health data. Cerebral has agreed to an order that will restrict how the company can use or disclose sensitive consumer data, as well as require it to provide consumers with a simple way to cancel services.

article thumbnail

Vulnerabilities for AI and ML Applications are Skyrocketing

Security Boulevard

In their haste to deploy LLM tools, organizations may overlook crucial security practices. The rise in threats like Remote Code Execution indicates an urgent need to improve security measures in AI development. The post Vulnerabilities for AI and ML Applications are Skyrocketing appeared first on Security Boulevard.

article thumbnail

FIN7 targeted a large U.S. carmaker phishing attacks

Security Affairs

BlackBerry reported that the financially motivated group FIN7 targeted the IT department of a large U.S. carmaker with spear-phishing attacks. In late 2023, BlackBerry researchers spotted the threat actor FIN7 targeting a large US automotive manufacturer with a spear-phishing campaign. FIN7 targeted employees who worked in the company’s IT department and had higher levels of administrative rights.

Phishing 137
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

How to Conduct Advanced Static Analysis in a Malware Sandbox

The Hacker News

Sandboxes are synonymous with dynamic malware analysis. They help to execute malicious files in a safe virtual environment and observe their behavior. However, they also offer plenty of value in terms of static analysis. See these five scenarios where a sandbox can prove to be a useful tool in your investigations.

Malware 137
article thumbnail

Law enforcement operation dismantled phishing-as-a-service platform LabHost

Security Affairs

An international law enforcement operation led to the disruption of the prominent phishing-as-a-service platform LabHost. An international law enforcement operation, codenamed Nebulae and coordinated by Europol, led to the disruption of LabHost, which is one of the world’s largest phishing-as-a-service platforms. Law enforcement from 19 countries participated in the operation which resulted in the arrest of 37 individuals.

Phishing 136
article thumbnail

OfflRouter Malware Evades Detection in Ukraine for Almost a Decade

The Hacker News

Select Ukrainian government networks have remained infected with a malware called OfflRouter since 2015. Cisco Talos said its findings are based on an analysis of over 100 confidential documents that were infected with the VBA macro virus and uploaded to the VirusTotal malware scanning platform. "The documents contained VBA code to drop and run an executable with the name 'ctrlpanel.

Malware 136
article thumbnail

The many faces of impersonation fraud: Spot an imposter before it’s too late

We Live Security

What are some of the most common giveaway signs that the person behind the screen or on the other end of the line isn’t who they claim to be?

131
131
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

FIN7 Cybercrime Group Targeting U.S. Auto Industry with Carbanak Backdoor

The Hacker News

The infamous cybercrime syndicate known as FIN7 has been linked to a spear-phishing campaign targeting the U.S. automotive industry to deliver a known backdoor called Carbanak (aka Anunak). "FIN7 identified employees at the company who worked in the IT department and had higher levels of administrative rights," the BlackBerry research and intelligence team said in a new write-up.

article thumbnail

Cisco Taps AI and eBPF to Automate Security Operations

Security Boulevard

Cisco today launched a framework that leverages artificial intelligence (AI) to test a software patch in a digital twin running on an endpoint to make sure an application doesn’t break before actually deploying it. Jeetu Patel, executive vice president and general manager for security and collaboration at Cisco, said Cisco Hypershield makes use of extended.

article thumbnail

An Overview of Digital Signatures: Answering Our Frequently Asked Questions

GlobalSign

What types of digital signatures are there and how are they used? This blog answers all your FAQs around digital signatures.

126
126
article thumbnail

Cybercriminals pose as LastPass staff to hack password vaults

Bleeping Computer

LastPass is warning of a malicious campaign targeting its users with the CryptoChameleon phishing kit that is associated with cryptocurrency theft. [.

Passwords 122
article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

article thumbnail

Lazarus Group Deploys New Hacking Arsenal in Targeted Cyberattacks

Penetration Testing

Security researchers at Avast have uncovered a sophisticated cyber espionage campaign linked to the infamous Lazarus Group. The attackers are targeting individuals in Asia, using fake job offers and a series of advanced hacking... The post Lazarus Group Deploys New Hacking Arsenal in Targeted Cyberattacks appeared first on Penetration Testing.

Hacking 120
article thumbnail

'Cybersecure My Business' Program Trains SMB Owners to Manage Cyber Risk

SecureWorld News

The National Cybersecurity Alliance has launched Cybersecure My Business, a training program for non-technical owners and operators of small- to medium-sized businesses (SMBs) on how to manage cyber risk in their business. As exemplified by the recent Change Healthcare attack , cyber incidents can threaten business owners' livelihood, their customers, and people who rely on their products and services.

article thumbnail

GhostLocker 2.0 Unveiled: Evolving Ransomware-as-a-Service Poses Growing Threat

Penetration Testing

A new technical analysis by Seqrite cybersecurity researchers has revealed alarming upgrades to the GhostLocker ransomware. This notorious Ransomware-as-a-Service (RaaS) framework, operated by the hacktivist group GhostSec, has undergone a significant evolution. Its new... The post GhostLocker 2.0 Unveiled: Evolving Ransomware-as-a-Service Poses Growing Threat appeared first on Penetration Testing.

article thumbnail

The Dark Side of EDR: Repurpose EDR as an Offensive Tool

Security Boulevard

See how a SafeBreach Labs researcher bypassed the anti-tampering mechanism of a leading EDR to execute malicious code within one of the EDR's own processes and altered the mechanism to gain unique, persistent, and fully undetectable capabilities. The post The Dark Side of EDR: Repurpose EDR as an Offensive Tool appeared first on SafeBreach. The post The Dark Side of EDR: Repurpose EDR as an Offensive Tool appeared first on Security Boulevard.

116
116
article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

Keycloak Patches Vulnerabilities, Mitigates DDoS and Data Theft Risks

Penetration Testing

Keycloak, a widely used open-source solution for authentication and authorization, has released important security updates addressing multiple vulnerabilities. These flaws, which could open the door for denial of service attacks or expose sensitive data,... The post Keycloak Patches Vulnerabilities, Mitigates DDoS and Data Theft Risks appeared first on Penetration Testing.

DDOS 117
article thumbnail

Police smash LabHost international fraud network, 37 arrested

Graham Cluley

Police have successfully infiltrated and disrupted the fraud platform "LabHost", used by more than 2,000 criminals to defraud victims worldwide. Read more in my article on the Tripwire State of Security blog.

Phishing 111
article thumbnail

“DuneQuixote” Campaign Targets Middle East with Evasive “CR4T” Malware

Penetration Testing

Kaspersky Labs researchers have revealed a new, targeted malware campaign dubbed “DuneQuixote” with a focus on government entities within the Middle East. The campaign, active since at least February 2023, utilizes a custom malware... The post “DuneQuixote” Campaign Targets Middle East with Evasive “CR4T” Malware appeared first on Penetration Testing.

Malware 117
article thumbnail

LabHost phishing service with 40,000 domains disrupted, 37 arrested

Bleeping Computer

The LabHost phishing-as-a-service (PhaaS) platform has been disrupted in a year-long global law enforcement operation that compromised the infrastructure and arrested 37 suspects, among them the original developer. [.

Phishing 110
article thumbnail

IT Leadership Agrees AI is Here, but Now What?

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.