Thu.Feb 01, 2024

article thumbnail

Facebook’s Extensive Surveillance Network

Schneier on Security

Consumer Reports is reporting that Facebook has built a massive surveillance network: Using a panel of 709 volunteers who shared archives of their Facebook data, Consumer Reports found that a total of 186,892 companies sent data about them to the social network. On average, each participant in the study had their data sent to Facebook by 2,230 companies.

article thumbnail

Arrests in $400M SIM-Swap Tied to Heist at FTX?

Krebs on Security

Three Americans were charged this week with stealing more than $400 million in a November 2022 SIM-swapping attack. The U.S. government did not name the victim organization, but there is every indication that the money was stolen from the now-defunct cryptocurrency exchange FTX , which had just filed for bankruptcy on that same day. A graphic illustrating the flow of more than $400 million in cryptocurrencies stolen from FTX on Nov. 11-12, 2022.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Millions of Routers at Risk: CVE-2024-21833 Threatens TP-Link Devices

Penetration Testing

Recently, CYFIRMA’s Research Team has conducted an exhaustive analysis of a security vulnerability, identified as CVE-2024-21833, that poses a significant risk to TP-Link Routers. Discovered on January 10, 2024, by JPCERT/CC, this vulnerability has... The post Millions of Routers at Risk: CVE-2024-21833 Threatens TP-Link Devices appeared first on Penetration Testing.

article thumbnail

Cloudflare hacked using auth tokens stolen in Okta attack

Bleeping Computer

Cloudflare disclosed today that its internal Atlassian server was breached by a 'nation state' attacker who accessed its Confluence wiki, Jira bug database, and Atlassian Bitbucket source code management system. [.

Hacking 144
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Passkeys and The Beginning of Stronger Authentication

Thales Cloud Protection & Licensing

Passkeys and The Beginning of Stronger Authentication madhav Fri, 02/02/2024 - 05:23 How passkeys are rewriting the current threat landscape Lillian, an experienced CISO, surveyed the threat landscape. Despite solid cybersecurity defenses within her enterprise, the reliance on age-old passwords left it vulnerable. Their own employees, even with their best efforts, remained the weakest link.

article thumbnail

CISA orders federal agencies to disconnect Ivanti VPN appliances by Saturday

Bleeping Computer

CISA has ordered U.S. federal agencies to disconnect all Ivanti Connect Secure and Policy Secure VPN appliances vulnerable to multiple actively exploited bugs before Saturday. [.

VPN 130

More Trending

article thumbnail

New Windows Event Log zero-day flaw gets unofficial patches

Bleeping Computer

Free unofficial patches are available for a new Windows zero-day vulnerability dubbed 'EventLogCrasher' that lets attackers remotely crash the Event Log service on devices within the same Windows domain. [.

128
128
article thumbnail

FBI Disrupts Chinese Botnet Targeting U.S. Critical Infrastructure

SecureWorld News

The United States continues to grapple with cyber intrusions emanating from sophisticated hacking groups affiliated with the Chinese government. In December 2023, the U.S. government conducted an extensive operation to disrupt a Chinese state-sponsored botnet that was being used to conceal attacks against American critical infrastructure organizations, the Justice Department announced this week.

article thumbnail

Man sentenced to six years in prison for stealing millions in cryptocurrency via SIM swapping

Security Affairs

A US man has been sentenced to federal prison for his role in a fraudulent scheme that resulted in the theft of millions of dollars through SIM swapping. Daniel James Junk (22) of Portland was sentenced to 72 months in federal prison for his role in a scheme that resulted in the theft of millions of dollars of cryptocurrency using a SIM swapping. The man conducted SIM swapping attacks to take control of victims’ phone numbers tricking the mobile operator employees into porting them to SIMs under

article thumbnail

FBI Issues Ominous Warning of Imminent Cyber Attack on Critical Infrastructure

Security Boulevard

In testimony before the House Select Committee on the Chinese Communist Party yesterday, FBI Director Christopher Wray delivered an ominous message: “China’s hackers are positioning on American infrastructure in preparation to wreak havoc and cause real-world harm to American citizens and communities, if or when China decides the time has come to strike.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Multiple malware used in attacks exploiting Ivanti VPN flaws

Security Affairs

Mandiant spotted new malware used by a China-linked threat actor UNC5221 targeting Ivanti Connect Secure VPN and Policy Secure devices. Mandiant researchers discovered new malware employed by a China-linked APT group known as UNC5221 and other threat groups targeting Ivanti Connect Secure VPN and Policy Secure devices. The attackers were observed exploiting CVE-2023-46805 and CVE-2024-21887 to execute arbitrary commands on the unpatched Ivanti devices.

VPN 135
article thumbnail

More Android apps riddled with malware spotted on Google Play

Bleeping Computer

An Android remote access trojan (RAT) known as VajraSpy was found in 12 malicious applications, six of which were available on Google Play from April 1, 2021, through September 10, 2023. [.

Malware 116
article thumbnail

CISA orders federal agencies to disconnect Ivanti VPN instances by February 2

Security Affairs

CISA is ordering federal agencies to disconnect Ivanti Connect Secure and Ivanti Policy Secure products within 48 hours. For the first time since its establishment, CISA is ordering federal agencies to disconnect all instances of Ivanti Connect Secure and Ivanti Policy Secure products within 48 hours. The CISA’s emergency directive orders to disconnect all instances no later than 11:59PM on Friday February 2, 2024. “As soon as possible and no later than 11:59PM on Friday February 2,

VPN 130
article thumbnail

Automating the Security of Your Digital Identity: A “Super” Strategy

GlobalSign

In this blog, we look at the critical importance of securing digital identities, the cost of data breaches, and what to consider when evaluating digital identity solutions.

article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Under Attack: CVE-2023-6700 in ‘Cookie Information’ Plugin Threatens 100k WordPress Sites

Penetration Testing

In the ever-evolving Internet landscape, the importance of data privacy and compliance with regulations such as GDPR (General Data Protection Regulation) cannot be overstated. WordPress, one of the most popular content management systems, offers... The post Under Attack: CVE-2023-6700 in ‘Cookie Information’ Plugin Threatens 100k WordPress Sites appeared first on Penetration Testing.

article thumbnail

VajraSpy: A Patchwork of espionage apps

We Live Security

ESET researchers discovered several Android apps that posed as messaging tools but carried VajraSpy, a RAT used by the Patchwork APT group

127
127
article thumbnail

Lessons from the Mercedes-Benz GitHub source code leak

Security Boulevard

The German automotive giant Mercedes-Benz found itself on the wrong end of a software supply chain incident after RedHunt Labs found a leaked GitHub token belonging to an employee of the carmaker that granted "'unrestricted’ and 'unmonitored'" access to the entirety of source code hosted on Mercedes’ internal GitHub Enterprise Server. The post Lessons from the Mercedes-Benz GitHub source code leak appeared first on Security Boulevard.

Software 111
article thumbnail

“You have blood on your hands.” Senate Committee calls for action by social media giants to protect children online

Malwarebytes

In an unusually emotional and unified setting, the Senate Judiciary Committee found common ground for the need to protect children online yesterday. On January 31, 2024, the CEOs of the most widely used social media platforms appeared before the Committee. Meta’s Mark Zuckerberg, X’s Linda Yaccarino, TikTok’s Shou Chew, Snap’s Evan Spiegel, and Discord’s Jason Citron listened to accusations and answered questions about what they were doing to protect children using their

Media 113
article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

article thumbnail

How Does Cybersecurity Services Prevent Businesses From Cyber Attacks?

Security Boulevard

In the contemporary digital landscape, new threats emerge constantly. If someone connects to the Internet, it exposes organizations to the risk of being targeted by hackers. Cyber threats have advanced into the industry, making security an important aspect of spreading awareness for both businesses and governments worldwide. For companies without the help of cybersecurity services, [â€Ĥ] The post How Does Cybersecurity Services Prevent Businesses From Cyber Attacks?

article thumbnail

A Startup Allegedly ‘Hacked the World.’ Then Came the Censorship—and Now the Backlash

WIRED Threat Level

A loose coalition of anti-censorship voices is working to highlight reports of one Indian company’s hacker-for-hire past—and the legal threats aimed at making them disappear.

Hacking 111
article thumbnail

CVE-2024-1072: Critical Flaw in SeedProd Plugin Exposes 900K WordPress Sites

Penetration Testing

A high-severity flaw has been found in a popular WordPress plugin. The affected plugin, Website Builder by SeedProd, has over 900,000 installations. The Website Builder by SeedProd is a powerful and user-friendly WordPress plugin... The post CVE-2024-1072: Critical Flaw in SeedProd Plugin Exposes 900K WordPress Sites appeared first on Penetration Testing.

article thumbnail

Tax season is here, so are scammers

Malwarebytes

The Internal Revenue Service has announced that the 2024 tax filing season has officially begun, with an expected 146 million individual tax returns to be filed. While it is costly and complex for the IRS to process so many digital and paper documents, it can also be a headache for many Americans. Unsurprisingly, this is also the time of year where we see an increase in tax-related scams.

Scams 112
article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

CISA and FBI Warn of AndroxGh0st Malware Threat

Security Boulevard

CISA and FBI have jointly issued a warning about the threat posed by AndroxGh0st malware, emphasizing its use in establishing a botnet for “victim identification and exploitation within target networks.” Originating in a Lacework report from December 2022, AndroxGh0st, a Python-based malware, has spawned similar tools such as AlienFox, GreenBot (aka Maintance), Legion, and Predator. [â€Ĥ] The post CISA and FBI Warn of AndroxGh0st Malware Threat appeared first on TuxCare.

Malware 105
article thumbnail

Cloudflare Breach: Nation-State Hackers Access Source Code and Internal Docs

The Hacker News

Cloudflare has revealed that it was the target of a likely nation-state attack in which the threat actor leveraged stolen credentials to gain unauthorized access to its Atlassian server and ultimately access some documentation and a limited amount of source code.

106
106
article thumbnail

TrustCloud Expands Executive Team, Adds TJ McDonough as SVP of Sales and Customer Success

Security Boulevard

Seasoned security leader joins TrustCloud to meet demand for programmatic, predictive security, privacy, and assurance solutions that go beyond GRC automation Boston MA — February 1, 2024 — TrustCloud™, the Trust Assurance platform using AI to upgrade GRC into a profit center, today announced the appointment of TJ McDonough as SVP of Sales and Customer [â€Ĥ] The post TrustCloud Expands Executive Team, Adds TJ McDonough as SVP of Sales and Customer Success first appeared on TrustCloud.

104
104
article thumbnail

10 Best Privileged Identity Management Tools (2024)

Heimadal Security

The Importance of Choosing the Right Privilege Identity Management Solution The essence of effective Privileged Identity Management (PIM) lies not in identity or management but in privilege. A robust PIM system focuses on identifying those who should, and equally importantly, those who should not, have administrative access to important accounts and systems.

article thumbnail

IT Leadership Agrees AI is Here, but Now What?

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.

article thumbnail

FTC orders Blackbaud to boost security after massive data breach

Bleeping Computer

Blackbaud has settled with the Federal Trade Commission after being charged with poor security and reckless data retention practices, leading to a May 2020 ransomware attack and a data breach affecting millions of people. [.

article thumbnail

Heimdal Partners with Jupiter Technology to Distribute Cybersecurity Solutions in Japan

Heimadal Security

We have partnered with Jupiter Technology Corporation, who will distribute our cybersecurity products across Japan as part of a long-term sales and distribution agreement. Jupiter Technology will sell the Heimdal XDR Unified Security Platform, marketed as the ‘Heimdal Security Suite’ As the first of its kind, the platform delivers end-to-end cybersecurity in one place.

article thumbnail

PurpleFox malware infected thousands of systems in Ukraine

Bleeping Computer

The Computer Emergency Response Team in Ukraine (CERT-UA) is warning about a PurpleFox malware campaign that has infected at least 2,000 computers in the country. [.

Malware 97
article thumbnail

On Your DMARC, Get Set, Go!

Approachable Cyber Threats

Category Awareness, Cybersecurity Fundamentals, News Risk Level Google and Yahoo are requiring DMARC beginning February 2024. So what does that mean for your organization, and how do you implement it? Starting February 1, 2024, Google and Yahoo will implement new requirements for inbound email, primarily geared toward bulk senders. However, the changes may result in potential delivery (and cybersecurity) issues for your organization and customers if the requirements are not implemented correctly

DNS 91
article thumbnail

Enhance Innovation and Governance Through the Cloud Development Maturity Model

Leverage the Cloud Development Environment Maturity Model to elevate your software development practices with scalable, secure cloud-based workspaces. This model offers a structured approach to modernizing development, aligning technology, developer experience, security, and workflows. By implementing Cloud Development Environments (CDEs), teams can boost efficiency, improve security, and streamline operations through centralized governance.