Krebs on Security
FEBRUARY 29, 2024
The ransomware group LockBit told officials with Fulton County, Ga. they could expect to see their internal documents published online this morning unless the county paid a ransom demand. LockBit removed Fulton County’s listing from its victim shaming website this morning, claiming the county had paid. But county officials said they did not pay, nor did anyone make payment on their behalf.
Tech Republic Security
FEBRUARY 29, 2024
Compare the features and benefits of Dashlane's free and premium versions to determine which option is best for your password management needs.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Security Affairs
FEBRUARY 29, 2024
A critical vulnerability in Facebook could have allowed threat actors to hijack any Facebook account, researcher warns. Meta addressed a critical Facebook vulnerability that could have allowed attackers to take control of any account. The Nepalese researcher Samip Aryal described the flaw as a rate-limiting issue in a specific endpoint of Facebook’s password reset flow.
Tech Republic Security
FEBRUARY 29, 2024
Discover the key differences between a free VPN and a paid VPN and determine which one is right for your online privacy and security needs.
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
The Hacker News
FEBRUARY 29, 2024
Threat hunters have discovered a new Linux malware called GTPDOOR that’s designed to be deployed in telecom networks that are adjacent to GPRS roaming exchanges (GRX) The malware is novel in the fact that it leverages the GPRS Tunnelling Protocol (GTP) for command-and-control (C2) communications.
Tech Republic Security
FEBRUARY 29, 2024
NordPass offers both Free and Premium versions. Learn about the differences and features of each version to determine which one is right for you.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
Tech Republic Security
FEBRUARY 29, 2024
Compare the features, benefits and limitations of Proton VPN's free and paid versions to determine which option is best for your privacy and security needs.
The Hacker News
FEBRUARY 29, 2024
The notorious Lazarus Group actors exploited a recently patched privilege escalation flaw in the Windows Kernel as a zero-day to obtain kernel-level access and disable security software on compromised hosts. The vulnerability in question is CVE-2024-21338 (CVSS score: 7.8), which can permit an attacker to gain SYSTEM privileges.
Malwarebytes
FEBRUARY 29, 2024
One of my co-workers who works on Malwarebytes’ web research team just witnessed a real life example of how useful his work is in protecting people against scammers. Stefan decided to visit Amsterdam with his girlfriend, and found a very nice and luxurious apartment in Amsterdam on Airbnb. In the description the owner asked interested parties to contact them by email.
The Hacker News
FEBRUARY 29, 2024
GitHub on Thursday announced that it’s enabling secret scanning push protection by default for all pushes to public repositories. “This means that when a supported secret is detected in any push to a public repository, you will have the option to remove the secret from your commits or, if you deem the secret safe, bypass the block,” Eric Tooley and Courtney Claessens said.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
WIRED Threat Level
FEBRUARY 29, 2024
As Chinese automakers prepare to launch in the US, the White House is investigating whether cars made in China could pose a national security threat.
The Hacker News
FEBRUARY 29, 2024
Cybersecurity researchers have disclosed a new attack technique called Silver SAML that can be successful even in cases where mitigations have been applied against Golden SAML attacks.
Security Affairs
FEBRUARY 29, 2024
North Korea-linked Lazarus APT exploited a zero-day flaw in the Windows AppLocker driver (appid.sys) to gain kernel-level access to target systems. Avast researchers observed North Korea-linked Lazarus APT group using an admin-to-kernel exploit for a zero-day vulnerability in the appid.sys AppLocker driver. The zero-day, tracked as CVE-2024-21338 has been addressed by Microsoft in the February Patch Tuesday update.
WIRED Threat Level
FEBRUARY 29, 2024
Every time someone in the UK searched for child abuse material on Pornhub, a chatbot appeared and told them how to get help.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Security Affairs
FEBRUARY 29, 2024
Experts warn that the LockBit ransomware group has started using updated encryptors in new attacks, after the recent law enforcement operation. The LockBit ransomware group appears to have fully recovered its operations following the recent law enforcement initiative, code-named Operation Cronos , which aimed to disrupt its activities. Researchers from Zscaler first observed the ransomware group using new ransom notes referencing the new Tor infrastructure.
Malwarebytes
FEBRUARY 29, 2024
A vulnerability in Facebook could have allowed an attacker to take over a Facebook account without the victim needing to click on anything at all. The bug was found by a bounty hunter from Nepal called Samip Aryal and has now been fixed by Facebook. In his search for an account takeover vulnerability, the four times Meta Whitehat award receiver started by looking at the uninstall and reinstall process on Android.
The Hacker News
FEBRUARY 29, 2024
The Five Eyes (FVEY) intelligence alliance has issued a new cybersecurity advisory warning of cyber threat actors exploiting known security flaws in Ivanti Connect Secure and Ivanti Policy Secure gateways, noting that the Integrity Checker Tool (ICT) can be deceived to provide a false sense of security.
Tech Republic Security
FEBRUARY 29, 2024
Check out our guide to the best CRM software and their top features and pricing for small to mid-sized businesses to consider in 2024.
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
Security Affairs
FEBRUARY 29, 2024
A new threat actor, tracked as dubbed SPIKEDWINE, has been observed targeting officials in Europe with a previously undetected backdoor WINELOADER. Zscaler researchers warn that a previously unknown threat actor dubbed SPIKEDWINE has been observed targeting European officials. The cyberspies used a bait PDF document masqueraded as an invitation letter from the Ambassador of India, inviting diplomats to a wine-tasting event in February 2024.
Security Boulevard
FEBRUARY 29, 2024
Forking hell: Scrotebots clone thousands of projects, injecting malware millions of times. The post GitHub Fights Forks — Millions of Them — Huge Software Supply Chain Security FAIL appeared first on Security Boulevard.
The Hacker News
FEBRUARY 29, 2024
A previously undocumented threat actor dubbed SPIKEDWINE has been observed targeting officials in European countries with Indian diplomatic missions using a new backdoor called WINELOADER.
Penetration Testing
FEBRUARY 29, 2024
Pentest Muse Building an AI agent that can automate parts of pentesting jobs and provide live suggestions to pentesters. Requirements Python 3.12 or later Necessary Python packages as listed in requirements.txt OpenAI API key Modes... The post Pentest Muse: Revolutionizing Penetration Testing with AI Automation appeared first on Penetration Testing.
Advertisement
Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!
Bleeping Computer
FEBRUARY 29, 2024
Citrix and Sophos products have been impacted by leap year flaws, leading to unexpected problems in their products. [.
Duo's Security Blog
FEBRUARY 29, 2024
The choice of authentication methods plays a key role in defending against identity threats. In the first two blogs of this three-part series, we discussed the MFA methods available to users and their strengths and weaknesses in defending against five types of cyberattack. In this blog, we’ll discuss how end-users and administrators can select the best methods to keep themselves and their organizations secure.
The Hacker News
FEBRUARY 29, 2024
As an IT leader, staying on top of the latest cybersecurity developments is essential to keeping your organization safe. But with threats coming from all around — and hackers dreaming up new exploits every day — how do you create proactive, agile cybersecurity strategies?
WIRED Threat Level
FEBRUARY 29, 2024
The UK’s privacy regulator says the government did not take into account the intrusiveness of ankle tags that continuously monitor a person’s location.
Advertisement
Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.
Bleeping Computer
FEBRUARY 29, 2024
A new Linux variant of the Bifrost remote access trojan (RAT) employs several novel evasion techniques, including the use of a deceptive domain that was made to appear as part of VMware. [.
Tech Republic Security
FEBRUARY 29, 2024
Explore the differences between RoboForm's free and paid versions, and decide which one is the right fit for your organization.
Penetration Testing
FEBRUARY 29, 2024
The world of blockchain and angel investing can be thrilling but also fraught with risks. Security experts from Hunt are currently tracking a sophisticated phishing scheme aimed squarely at entrepreneurs operating within Telegram communities... The post Lazarus Group Suspected in Telegram Phishing Attacks on Investors appeared first on Penetration Testing.
WIRED Threat Level
FEBRUARY 29, 2024
Plus: Mozilla patches 12 flaws in Firefox, Zoom fixes seven vulnerabilities, and more critical updates from February.
Advertisement
IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.
Expert insights. Personalized for you.
300 
Let's personalize your content