Tue.Apr 02, 2024

article thumbnail

xz Utils Backdoor

Schneier on Security

The cybersecurity world got really lucky last week. An intentionally placed backdoor in xz Utils, an open-source compression utility, was pretty much accidentally discovered by a Microsoft engineer—weeks before it would have been incorporated into both Debian and Red Hat Linux. From ArsTehnica : Malicious code added to xz Utils versions 5.6.0 and 5.6.1 modified the way the software functions.

article thumbnail

MY TAKE: Why email security desperately needs retooling in this post-Covid 19, GenAI era

The Last Watchdog

It’s a digital swindle as old as the internet itself, and yet, as the data tells us, the vast majority of security incidents are still rooted in the low-tech art of social engineering. Related: AI makes scam email look real Fresh evidence comes from Mimecast’s “The State of Email and Collaboration Security” 2024 report. The London-based supplier of email security technology, surveyed 1,100 information technology and cybersecurity professionals worldwide and found: •Human risk remains a

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Declassified NSA Newsletters

Schneier on Security

Through a 2010 FOIA request (yes, it took that long), we have copies of the NSA’s KRYPTOS Society Newsletter, “ Tales of the Krypt ,” from 1994 to 2003. There are many interesting things in the 800 pages of newsletter. There are many redactions. And a 1994 review of Applied Cryptography by redacted : Applied Cryptography, for those who don’t read the internet news, is a book written by Bruce Schneier last year.

Internet 315
article thumbnail

Top 6 Passwordless Authentication Solutions for 2024

Tech Republic Security

Discover the top passwordless authentication solutions that can enhance security and user experience. Find the best solution for your business needs.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Google to Delete Billions of Browsing Records in 'Incognito Mode' Privacy Lawsuit Settlement

The Hacker News

Google has agreed to purge billions of data records reflecting users' browsing activities to settle a class action lawsuit that claimed the search giant tracked them without their knowledge or consent in its Chrome browser.

Internet 145
article thumbnail

AT&T confirms 73 million people affected by data breach

Malwarebytes

Telecommunications giant AT&T has finally confirmed that 73 million current and former customers have been caught up in a massive dark web data leak. The leaked data includes names, addresses, mobile phone numbers, dates of birth, and social security numbers. Malwarebytes VP of Consumer Privacy, Oren Arar, describes the AT&T breach as “especially risky” because much of the type of data that’s been exposed. “SSN, name, date of birth—this is personal identifiable in

More Trending

article thumbnail

PandaBuy data breach allegedly impacted over 1.3 million customers

Security Affairs

Threat actors claimed the hack of the PandaBuy online shopping platform and leaked data belonging to more than 1.3 million customers. At least two threat actors claimed the hack of the PandaBuy online shopping platform and leaked data of more than 1.3 million customers on a cybercrime forum. The member of the BreachForums ‘Sanggiero’ announced the leak of data allegedly stolen by exploiting several critical vulnerabilities in Pandabuy’s platform and API.

article thumbnail

Malicious Code in XZ Utils for Linux Systems Enables Remote Code Execution

The Hacker News

The malicious code inserted into the open-source library XZ Utils, a widely used package present in major Linux distributions, is also capable of facilitating remote code execution, a new analysis has revealed. The audacious supply chain compromise, tracked as CVE-2024-3094 (CVSS score: 10.

article thumbnail

The XZ Backdoor: Everything You Need to Know

WIRED Threat Level

Details are starting to emerge about a stunning supply chain attack that sent the open source software community reeling.

Software 143
article thumbnail

China-linked Hackers Deploy New 'UNAPIMON' Malware for Stealthy Operations

The Hacker News

A threat activity cluster tracked as Earth Freybug has been observed using a new malware called UNAPIMON to fly under the radar. "Earth Freybug is a cyberthreat group that has been active since at least 2012 that focuses on espionage and financially motivated activities," Trend Micro security researcher Christopher So said in a report published today.

Malware 145
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

XSS flaw in WordPress WP-Members Plugin can lead to script injection

Security Affairs

A cross-site scripting vulnerability (XXS) in the WordPress WP-Members Membership plugin can lead to malicious script injection. Researchers from Defiant’s Wordfence research team disclosed a cross-site scripting vulnerability (XXS) in the WordPress WP-Members Membership plugin that can lead to malicious script injection. The Unauthenticated Stored Cross-Site Scripting vulnerability was reported to Wordfence by the WordPress developer Webbernaut as part of the company Bug Bounty Extravaganza.

article thumbnail

Cybercrime Actors Behind Agent Tesla Campaigns Unmasked

Penetration Testing

In a report, Check Point Research (CPR) has lifted the veil of anonymity surrounding two cybercrime actors responsible for recent Agent Tesla malware campaigns. Through meticulous investigation, the researchers exposed the identities, tactics, and... The post Cybercrime Actors Behind Agent Tesla Campaigns Unmasked appeared first on Penetration Testing.

article thumbnail

Binarly released the free online scanner to detect the CVE-2024-3094 Backdoor

Security Affairs

Researchers from the firmware security firm Binarly released a free online scanner to detect the CVE-2024-3094 Backdoor Last week, Microsoft engineer Andres Freund discovered a backdoor issue in the latest versions of the “xz” tools and libraries. The vulnerability was tracked as CVE-2024-3094 and received a CVSS score of 10. Red Hat urges users to immediately stop using systems running Fedora development and experimental versions because of a backdoor.

Firmware 139
article thumbnail

Harnessing the Power of CTEM for Cloud Security

The Hacker News

Cloud solutions are more mainstream – and therefore more exposed – than ever before. In 2023 alone, a staggering 82% of data breaches were against public, private, or hybrid cloud environments. What’s more, nearly 40% of breaches spanned multiple cloud environments. The average cost of a cloud breach was above the overall average, at $4.75 million.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Google agreed to erase billions of browser records to settle a class action lawsuit

Security Affairs

Google is going to delete data records related to the ‘Incognito Mode’ browsing activity to settle a class action lawsuit. Google has agreed to delete billions of data records related to users’ browsing activities in ‘Incognito Mode’ to settle a class action lawsuit. The class action, filed in 2020 by law firm Boies Schiller Flexner, accuses the company of collecting user browsing data without their knowledge or explicit consent.

article thumbnail

Persistence – DLL Proxy Loading

Penetration Testing Lab

DLL Proxy Loading is a technique which an arbitrary DLL exports the same functions as the legitimate DLL and forwards the calls to the legitimate… Continue reading → Persistence – DLL Proxy Loading

133
133
article thumbnail

3 UK Cyber Security Trends to Watch in 2024

Tech Republic Security

Discover what industry experts think the events of Q1 mean for the business cyber security landscape in the UK.

Big data 119
article thumbnail

“The Com” Phishing Attacks Escalate, Targeting Businesses with Fake Login Pages

Penetration Testing

A new report from Intel 471 highlights a disturbing increase in targeted phishing attacks launched by a loosely affiliated group of cybercriminals known as “The Com” which is short for “The Community.” These persistent... The post “The Com” Phishing Attacks Escalate, Targeting Businesses with Fake Login Pages appeared first on Penetration Testing.

Phishing 116
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Unveiling the Fallout: Operation Cronos' Impact on LockBit Following Landmark Disruption

Trend Micro

Our new article provides key highlights and takeaways from Operation Cronos' disruption of LockBit's operations, as well as telemetry details on how LockBit actors operated post-disruption.

article thumbnail

Earth Freybug’s New Weapon: UNAPIMON Evades Detection

Penetration Testing

In a recent cyberespionage campaign attributed to Earth Freybug (also a subset of APT41), security researchers from Trend Micro observed a unique malware, dubbed UNAPIMON, designed to evade detection. Earth Freybug is a long-standing... The post Earth Freybug’s New Weapon: UNAPIMON Evades Detection appeared first on Penetration Testing.

article thumbnail

Amazon refuses to refund me £700 for iPhone 15 it didn’t deliver

Graham Cluley

Amazon failed to deliver an iPhone 15 to my home, but claims I am not eligible for a refund. Is there anybody at Amazon who still cares about looking after their legitimate honest customers?

94
article thumbnail

LDAP Watchdog: monitor record changes in an LDAP directory in real-time

Penetration Testing

LDAP Watchdog LDAP Watchdog is a tool designed to monitor and record changes in an LDAP directory in real time. It provides a mechanism to track and visualize modifications, additions, and removals to user... The post LDAP Watchdog: monitor record changes in an LDAP directory in real-time appeared first on Penetration Testing.

article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

article thumbnail

Understanding Brute Force Attacks: The Persistent Threat in Cybersecurity

Webroot

Brute force attacks illustrate how persistence can pay off. Unfortunately, in this context, it’s for bad actors. Let’s dive into the mechanics of brute force attacks, unraveling their methodology, and focusing on their application. Whether it’s Remote Desktop Protocol (RDP), or direct finance theft, brute force attacks are a prime tactic in the current cybersecurity landscape.

article thumbnail

VMware SD-WAN Vulnerabilities Pose Risk to Network Security, Patches Released

Penetration Testing

VMware has released critical security patches to address multiple vulnerabilities in its SD-WAN (Software-Defined Wide Area Network) solution. These vulnerabilities, if left unpatched, could present significant risks to organizations relying on VMware SD-WAN for... The post VMware SD-WAN Vulnerabilities Pose Risk to Network Security, Patches Released appeared first on Penetration Testing.

article thumbnail

AT&T Confirms Massive Data Breach Impacting 73 Million Customers

SecureWorld News

After weeks of denial, AT&T has finally acknowledged a massive data breach impacting 73 million current and former customer accounts. The telecom giant had initially claimed that a large trove of personal data leaked on the Dark Web did not originate from their systems. However, mounting evidence from cybersecurity researchers pointed to the data being authentic AT&T customer records.

article thumbnail

Avoiding the dangers of AI-generated code

InfoWorld on Security

2023 has been a breakout year for developers and generative AI. GitHub Copilot graduated from its technical preview stage in June 2022, and OpenAI released ChatGPT in November 2022. Just 18 months later, according to a survey by Sourcegraph, 95% of developers report they use generative AI to assist them in writing code. Generative AI can help developers write more code in a shorter space of time, but we need to consider how much of a good thing that may be.

83
article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

Blockchain: Orchid decentralized VPN will affect www

SecureBlitz

In this post, I will show you how Orchid's decentralized VPN will affect the Internet. The internet we know today is built on a centralized foundation. Websites reside on servers controlled by companies, and data travels through routes managed by internet service providers (ISPs). This system offers convenience, but it also raises concerns about privacy […] The post Blockchain: Orchid decentralized VPN will affect www appeared first on SecureBlitz Cybersecurity.

VPN 81
article thumbnail

Why a Cloud Security Platform Approach is Critical

Trend Micro

Explore how a cybersecurity platform with attack surface management and runtime protection capabilities can enhance your cloud security posture.

article thumbnail

Understanding Gas Boiler Efficiency Ratings: What You Need to Know

SecureBlitz

Here, I will talk about understanding gas boiler efficiency ratings. Keeping your house warm and comfy throughout the cold UK winters is critical. But that warmth comes at a cost: your energy bill. This is where your boiler's efficiency rating comes in. It reveals how effectively your boiler converts gas into heat for your home. […] The post Understanding Gas Boiler Efficiency Ratings: What You Need to Know appeared first on SecureBlitz Cybersecurity.

article thumbnail

5 Best Vanta Alternatives To Consider in 2024

Security Boulevard

Discover which Vanta alternatives are best suited for your business in terms of security risks, industry best practices, size, and budget. The post 5 Best Vanta Alternatives To Consider in 2024 appeared first on Scytale. The post 5 Best Vanta Alternatives To Consider in 2024 appeared first on Security Boulevard.

Risk 69
article thumbnail

IT Leadership Agrees AI is Here, but Now What?

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.