Fri.Apr 12, 2024

article thumbnail

Smuggling Gold by Disguising it as Machine Parts

Schneier on Security

Someone got caught trying to smuggle 322 pounds of gold (that’s about 1/4 of a cubic foot) out of Hong Kong. It was disguised as machine parts: On March 27, customs officials x-rayed two air compressors and discovered that they contained gold that had been “concealed in the integral parts” of the compressors. Those gold parts had also been painted silver to match the other components in an attempt to throw customs off the trail.

289
289
article thumbnail

Sophos Study: 94% of Ransomware Victims Have Their Backups Targeted By Attackers

Tech Republic Security

Research has found that criminals can demand higher ransom when they compromise an organisation’s backup data in a ransomware attack. Discover advice from security experts on how to properly protect your backup.

Backups 203
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Zero-Day Alert: Critical Palo Alto Networks PAN-OS Flaw Under Active Attack

The Hacker News

Palo Alto Networks is warning that a critical flaw impacting its PAN-OS software used in its GlobalProtect gateways is being exploited in the wild. Tracked as CVE-2024-3400, the issue has a CVSS score of 10.0, indicating maximum severity.

Software 145
article thumbnail

Apple Alerts iPhone Users in 92 Countries to Mercenary Spyware Attacks

Tech Republic Security

Apple recommends that iPhone users install software updates, use strong passwords and 2FA, and don’t open links or attachments from suspicious emails to keep their device safe from spyware.

Spyware 189
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

XZ backdoor story – Initial analysis

SecureList

On March 29, 2024, a single message on the Openwall OSS-security mailing list marked an important discovery for the information security, open source and Linux communities: the discovery of a malicious backdoor in XZ. XZ is a compression utility integrated into many popular distributions of Linux. The particular danger of the backdoored library lies in its use by the OpenSSH server process sshd.

Malware 145
article thumbnail

Popular Rust Crate liblzma-sys Compromised with XZ Utils Backdoor Files

The Hacker News

"Test files" associated with the XZ Utils backdoor have made their way to a Rust crate known as liblzma-sys, new findings from Phylum reveal. liblzma-sys, which has been downloaded over 21,000 times to date, provides Rust developers with bindings to the liblzma implementation, an underlying library that is part of the XZ Utils data compression software.

Software 145

More Trending

article thumbnail

Iranian MuddyWater Hackers Adopt New C2 Tool 'DarkBeatC2' in Latest Campaign

The Hacker News

The Iranian threat actor known as MuddyWater has been attributed to a new command-and-control (C2) infrastructure called DarkBeatC2, becoming the latest such tool in its arsenal after SimpleHarm, MuddyC3, PhonyC2, and MuddyC2Go.

142
142
article thumbnail

LastPass employee targeted via an audio deepfake call

Security Affairs

Crooks targeted a LastPass employee using deepfake technology to impersonate the company’s CEO in a fraudulent scheme. In a fraudulent scheme, criminals used deepfake technology to impersonate LastPass ‘s CEO, targeting an employee of the company. The attack occurred this week, but the employed recognized the attack and the attempt failed.

article thumbnail

Change Healthcare Faces Another Ransomware Threat—and It Looks Credible

WIRED Threat Level

Change Healthcare ransomware hackers already received a $22 million payment. Now a second group is demanding money, and it has sent WIRED samples of what they claim is the company's stolen data.

article thumbnail

TA547 targets German organizations with Rhadamanthys malware

Security Affairs

TA547 group is targeting dozens of German organizations with an information stealer called Rhadamanthys, Proofpoint warns. Proofpoint researchers observed a threat actor, tracked as TA547, targeting German organizations with an email campaign delivering the Rhadamanthys malware. TA547 is a financially motivated threat actor that has been active since at least November 2017, it was observed conducting multiple campaigns to deliver a variety of Android and Windows malware, including DanaBot , Goot

Malware 139
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

PoC Released for Zero-Click CVE-2023-35628 Vulnerability in Microsoft Windows

Penetration Testing

Akamai researcher Ben Barnea has released the technical details and proof-of-concept (PoC) for a severe CVE-2023-35628 vulnerability in Microsoft Windows, specifically affecting Outlook clients and potentially exploitable through Windows Explorer. With a CVSS score... The post PoC Released for Zero-Click CVE-2023-35628 Vulnerability in Microsoft Windows appeared first on Penetration Testing.

article thumbnail

Sisense Hacked: CISA Warns Customers at Risk

Security Boulevard

A hard-coded credential catastrophe: The analytics firm kept big companies’ secrets in an insecure AWS bucket. Government says victims include the “critical infrastructure sector.” The post Sisense Hacked: CISA Warns Customers at Risk appeared first on Security Boulevard.

Risk 139
article thumbnail

Roku disclosed a new security breach impacting 576,000 accounts

Security Affairs

Roku announced that 576,000 accounts were compromised in a new wave of credential stuffing attacks. Roku announced that 576,000 accounts were hacked in new credential stuffing attacks, threat actors used credentials stolen from third-party platforms. “ Credential stuffing is a type of attack in which hackers use automation and lists of compromised usernames and passwords to defeat authentication and authorization mechanisms, with the end goal of account takeover (ATO) and/or data exfiltration.

article thumbnail

How to change your Social Security Number

Malwarebytes

After seeing their Social Security Number (SSN) leaked in the AT&T breach , some US citizens are wondering if and how they can change their SSN. The good news is that even though it’s a challenging process, it is possible. But if you’ve ever had to abandon an email address that you used for years, imagine all of the hassle that came with that, and then imagine it being about 10 times worse.

Insurance 135
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Code Keepers: Mastering Non-Human Identity Management

The Hacker News

Identities now transcend human boundaries. Within each line of code and every API call lies a non-human identity. These entities act as programmatic access keys, enabling authentication and facilitating interactions among systems and services, which are essential for every API call, database query, or storage account access.

article thumbnail

12 Data Loss Prevention Best Practices (+ Real Success Stories)

eSecurity Planet

Data loss prevention (DLP) best practices are principles that help prevent intentional or unintentional data erasure. By following these guidelines, organizations can reduce the detrimental impact of data loss and quickly resume operations after an incident. This also protects sensitive data and minimizes legal and reputational issues. Explore some real-world instances below and discover when and how to use DLP procedures for optimal data security.

Backups 130
article thumbnail

Palo Alto Networks warns of PAN-OS firewall zero-day used in attacks

Bleeping Computer

Today, Palo Alto Networks warns that an unpatched critical command injection vulnerability in its PAN-OS firewall is being actively exploited in attacks. [.

Firewall 129
article thumbnail

Shadow AI: The Murky Threat to Enterprise Adoption of Generative AI

Security Boulevard

As AI continues its relentless march into enterprises, an insidious threat lurks in the shadows that could undermine its widespread adoption: Shadow AI. The post Shadow AI: The Murky Threat to Enterprise Adoption of Generative AI appeared first on Security Boulevard.

article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Roku warns 576,000 accounts hacked in new credential stuffing attacks

Bleeping Computer

Roku warns that 576,000 accounts were hacked in new credential stuffing attacks after disclosing another incident that compromised 15,000 accounts in early March. [.

article thumbnail

CVE-2024-22262: Spring Framework Hit by New Vulnerability, Urgent Update Needed

Penetration Testing

A newly discovered high-severity security flaw (CVE-2024-22262) in the widely-used Spring Framework software could leave countless applications vulnerable to redirect and server-side request forgery (SSRF) attacks, researchers warn. The vulnerability lies in the way... The post CVE-2024-22262: Spring Framework Hit by New Vulnerability, Urgent Update Needed appeared first on Penetration Testing.

article thumbnail

FBI warns of massive wave of road toll SMS phishing attacks

Bleeping Computer

On Friday, the Federal Bureau of Investigation warned of a massive ongoing wave of SMS phishing attacks targeting Americans with lures regarding unpaid road toll fees. [.

Phishing 123
article thumbnail

CVE-2024-3400 (CVSS 10): Critical 0-Day Flaw in Palo Alto Networks Firewall Software Exploited in the Wild

Penetration Testing

Palo Alto Networks has disclosed a severe zero-day vulnerability (CVE-2024-3400) affecting its market-leading firewall software, PAN-OS. This vulnerability carries a CVSS score of 10.0, indicating its critical severity. Successful exploitation could allow unauthenticated attackers... The post CVE-2024-3400 (CVSS 10): Critical 0-Day Flaw in Palo Alto Networks Firewall Software Exploited in the Wild appeared first on Penetration Testing.

Firewall 111
article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

article thumbnail

Telegram fixes Windows app zero-day used to launch Python scripts

Bleeping Computer

Telegram fixed a zero-day vulnerability in its Windows desktop application that could be used to bypass security warnings and automatically launch Python scripts. [.

114
114
article thumbnail

Quick Bytes: Top Cyber News Of The Week

Quick Heal Antivirus

Delivery Boys moonlighting as Cybercriminals in Pune: Operated 120 bank accounts for international masterminds (Image Source: Indian Express). The post Quick Bytes: Top Cyber News Of The Week appeared first on Quick Heal Blog.

Banking 111
article thumbnail

Microsoft now testing app ads in Windows 11's Start menu

Bleeping Computer

Microsoft has started testing ads in the Windows 11 Start menu, a new experiment the company says will help users find new "great" apps in the Microsoft Store. [.

113
113
article thumbnail

GraphStrike: Cobalt Strike HTTPS beaconing over Microsoft Graph API

Penetration Testing

GraphStrike GraphStrike is a suite of tools that enables Cobalt Strike’s HTTPS Beacon to use Microsoft Graph API for C2 communications. All Beacon traffic will be transmitted via two files created in the attacker’s SharePoint site,... The post GraphStrike: Cobalt Strike HTTPS beaconing over Microsoft Graph API appeared first on Penetration Testing.

article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

Telegram fixes Windows app zero-day caused by file extension typo

Bleeping Computer

Telegram fixed a zero-day vulnerability in its Windows desktop application that could be used to bypass security warnings and automatically launch Python scripts. [.

107
107
article thumbnail

greenmask: PostgreSQL dump and obfuscation tool

Penetration Testing

Greenmask – dump obfuscation tool Greenmask is a powerful open-source utility that is designed for logical database backup dumping, obfuscation, and restoration. It offers extensive functionality for backup, anonymization, and data masking. Greenmask is written... The post greenmask: PostgreSQL dump and obfuscation tool appeared first on Penetration Testing.

article thumbnail

Ex-Amazon engineer gets 3 years for hacking crypto exchanges

Bleeping Computer

Former Amazon security engineer Shakeeb Ahmed was sentenced to three years in prison for hacking two cryptocurrency exchanges in July 2022 and stealing over $12 million. [.

article thumbnail

Nmap cheatsheet: every command you need in 2024

Hack the Box

Use our Nmap cheatsheet for essential commands including host discovery, network and port scanning, and firewall evasion.

article thumbnail

IT Leadership Agrees AI is Here, but Now What?

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.