Wed.Apr 03, 2024

article thumbnail

Class-Action Lawsuit against Google’s Incognito Mode

Schneier on Security

The lawsuit has been settled : Google has agreed to delete “billions of data records” the company collected while users browsed the web using Incognito mode, according to documents filed in federal court in San Francisco on Monday. The agreement, part of a settlement in a class action lawsuit filed in 2020, caps off years of disclosures about Google’s practices that shed light on how much data the tech giant siphons from its users­—even when they’re in private-browsing mode.

article thumbnail

‘The Manipulaters’ Improve Phishing, Still Fail at Opsec

Krebs on Security

Roughly nine years ago, KrebsOnSecurity profiled a Pakistan-based cybercrime group called “ The Manipulaters ,” a sprawling web hosting network of phishing and spam delivery platforms. In January 2024, The Manipulaters pleaded with this author to unpublish previous stories about their work, claiming the group had turned over a new leaf and gone legitimate.

Phishing 244
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

secator: The pentester’s swiss knife

Penetration Testing

secator secator is a task and workflow runner used for security assessments. It supports dozens of well-known security tools and it is designed to improve productivity for pentesters and security researchers. Feature A curated... The post secator: The pentester’s swiss knife appeared first on Penetration Testing.

article thumbnail

Luna HSMs FIPS 140-3 Validation

Thales Cloud Protection & Licensing

Luna HSMs FIPS 140-3 Validation sparsh Wed, 04/03/2024 - 07:52 FIPS 140-3 and You, Part Two Awhile back, we shared that Thales Luna HSMs were about to kick-off the process of moving towards Federal Information Processing Standard (FIPS) 140-3 Level 3, the newest security standard to accredit cryptographic modules. Security standards, like technology, are always evolving, making compliance challenging for customers and vendors alike.

Firmware 133
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

The Mystery of ‘Jia Tan,’ the XZ Backdoor Mastermind

WIRED Threat Level

The thwarted XZ Utils supply chain attack was years in the making. Now, clues suggest nation-state hackers were behind the persona that inserted the malicious code.

Hacking 141
article thumbnail

CVE-2024-29745 & CVE-2024-29748: Critical Google Pixel Flaws Exploited – Update Immediately

Penetration Testing

Google has revealed in their April 2024 Pixel Update Bulletin that several serious security flaws could be putting your Pixel device at risk. Two of these vulnerabilities, labeled CVE-2024-29745 and CVE-2024-29748, are already being... The post CVE-2024-29745 & CVE-2024-29748: Critical Google Pixel Flaws Exploited – Update Immediately appeared first on Penetration Testing.

More Trending

article thumbnail

Google Chrome Beta Tests New DBSC Protection Against Cookie-Stealing Attacks

The Hacker News

Google on Tuesday said it's piloting a new feature in Chrome called Device Bound Session Credentials (DBSC) to help protect users against session cookie theft by malware. The prototype – currently tested against "some" Google Account users running Chrome Beta – is built with an aim to make it an open web standard, the tech giant's Chromium team said.

article thumbnail

Google fixed two actively exploited Pixel vulnerabilities

Security Affairs

Google addressed several vulnerabilities in Android and Pixel devices, including two actively exploited flaws. Google addressed 28 vulnerabilities in Android and 25 flaws in Pixel devices. Two issues fixed by the IT giant, tracked as CVE-2024-29745 and CVE-2024-29748, are actively exploited in the wild. The most critical flaw addressed by the company impacts the System component, it is a local privilege escalation that doesn’t require any additional execution privileges. “The most se

Spyware 135
article thumbnail

Google Warns: Android Zero-Day Flaws in Pixel Phones Exploited by Forensic Companies

The Hacker News

Google has disclosed that two Android security flaws impacting its Pixel smartphones have been exploited in the wild by forensic companies.

Firmware 138
article thumbnail

Microsoft still unsure how hackers stole MSA key in 2023 Exchange attack

Bleeping Computer

The U.S. Department of Homeland Security's Cyber Safety Review Board (CSRB) has released a scathing report on how Microsoft handled its 2023 Exchange Online attack, warning that the company needs to do better at securing data and be more truthful about how threat actors stole an Azure signing key. [.

117
117
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Mispadu Trojan Targets Europe, Thousands of Credentials Compromised

The Hacker News

The banking trojan known as Mispadu has expanded its focus beyond Latin America (LATAM) and Spanish-speaking individuals to target users in Italy, Poland, and Sweden. Targets of the ongoing campaign include entities spanning finance, services, motor vehicle manufacturing, law firms, and commercial facilities, according to Morphisec.

article thumbnail

Google patches critical vulnerability for Androids with Qualcomm chips

Malwarebytes

In April’s update for the Android operating system (OS) , Google has patched 28 vulnerabilities, one of which is rated critical for Android devices equipped with Qualcomm chips. You can find your device’s Android version number, security update level, and Google Play system level in your Settings app. You’ll get notifications when updates are available for you, but you can also check for updates.

Firmware 115
article thumbnail

Jackson County, Missouri, discloses a ransomware attack

Security Affairs

Jackson County, Missouri, confirmed that a ransomware attack has disrupted several county services. A ransomware attack disrupted several services of the Jackson County, Missouri. The County Executive Frank White, Jr. declared a state of emergency. “Jackson County has confirmed a ransomware attack was responsible for the disruption of several county services today.” reads the statement released by the County. “The rapid response by county associates, especially those within the

article thumbnail

Ivanti Rushes Patches for 4 New Flaws in Connect Secure and Policy Secure

The Hacker News

Ivanti has released security updates to address four security flaws impacting Connect Secure and Policy Secure Gateways that could result in code execution and denial-of-service (DoS). The list of flaws is as follows - CVE-2024-21894 (CVSS score: 8.2) - A heap overflow vulnerability in the IPSec component of Ivanti Connect Secure (9.x, 22.

113
113
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

The New Version of JsOutProx is Attacking Financial Institutions in APAC and MENA via Gitlab Abuse

Security Affairs

Resecurity researchers warn that a new Version of JsOutProx is targeting financial institutions in APAC and MENA via Gitlab abuse. Resecurity has detected a new version of JSOutProx , which is targeting financial services and organizations in the APAC and MENA regions. JSOutProx is a sophisticated attack framework utilizing both JavaScript and.NET. It employs the.NET (de)serialization feature to interact with a core JavaScript module running on the victim’s machine.

Banking 129
article thumbnail

SurveyLama data breach exposes info of 4.4 million users

Bleeping Computer

Data breach alerting service Have I Been Pwned (HIBP) warns that SurveyLama suffered a data breach in February 2024, which exposed the sensitive data of 4.4 million users. [.

article thumbnail

Node.js Security Update Addresses Server Crash, Request Smuggling Vulnerabilities

Penetration Testing

The Node.js project has released a critical security update addressing vulnerabilities in active release lines (v18.x, v20.x, and v21.x) of the popular JavaScript runtime environment. One of the flaws could allow attackers to crash... The post Node.js Security Update Addresses Server Crash, Request Smuggling Vulnerabilities appeared first on Penetration Testing.

article thumbnail

Google Chrome gets ‘Device Bound Session Credentials’ to stop cookie theft

Malwarebytes

Google has announced the introduction of Device Bound Session Credentials (DBSC) to secure Chrome users against cookie theft. In January we reported how hackers found a way to gain unauthorized access to Google accounts, bypassing multi-factor authentication (MFA) , by stealing authentication cookies with info-stealer malware. An authentication cookie is added to a web browser after a user proves who they are by logging in.

article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

article thumbnail

Attack Surface Management vs. Vulnerability Management

The Hacker News

Attack surface management (ASM) and vulnerability management (VM) are often confused, and while they overlap, they’re not the same. The main difference between attack surface management and vulnerability management is in their scope: vulnerability management checks a list of known assets, while attack surface management assumes you have unknown assets and so begins with discovery.

111
111
article thumbnail

This IT Career Kickstarter Bundle is An Extra 20% O 100 11111 100 11111 0 0 19640 0 --:--:-- --:--:-- --:--:-- 19630 ff Through April 7th

Tech Republic Security

Help your business by becoming your own IT expert. This week only, you can get The 2023 Ultimate IT Career Kickstarter Bundle for just $47.99 with promo code SECURE20.

108
108
article thumbnail

U.S. Cyber Safety Board Slams Microsoft Over Breach by China-Based Hackers

The Hacker News

The U.S. Cyber Safety Review Board (CSRB) has criticized Microsoft for a series of security lapses that led to the breach of nearly two dozen companies across Europe and the U.S. by a China-based nation-state group called Storm-0558 last year.

110
110
article thumbnail

Block Ads And Free Up The Internet For An Extra 20% Off

Tech Republic Security

AdLock Ad Blocker is a top-rated ad blocking utility and this week only, you can get a lifetime subscription for just $15 with promo code SECURE20.

Internet 116
article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

Google fixes one more Chrome zero-day exploited at Pwn2Own

Bleeping Computer

Google has fixed another zero-day vulnerability in the Chrome browser, which was exploited by security researchers during the Pwn2Own hacking contest last month. [.

Hacking 106
article thumbnail

9 Must-Do Tips to Secure Ubuntu Server

Tech Republic Security

In today’s world, if you’re not constantly working to secure your servers, you’re already 10 steps behind every hacker on the planet. And if you happen to be a Linux systems administrator, you might think it doesn’t apply to you. It does. Even though the Linux open source platform is considerably more secure than many.

article thumbnail

Ivanti fixes VPN gateway vulnerability allowing RCE, DoS attacks

Bleeping Computer

IT security software company Ivanti has released patches to fix multiple security vulnerabilities impacting its Connect Secure and Policy Secure gateways. [.

VPN 107
article thumbnail

Smashing Security podcast #366: Money-making bots, and Incognito isn’t private

Graham Cluley

Google says it is deleting the your Google Chrome Incognito private-browsing data that it should never have collected anyway. Can a zero-risk millionaire-making bot be trusted? And what countries are banned from buying your sensitive data? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by Host Unknown's Thom Langford.

Risk 99
article thumbnail

IT Leadership Agrees AI is Here, but Now What?

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.

article thumbnail

Urgent: Patch Critical Vulnerabilities in Widely-Used REHub WordPress Theme & Plugin

Penetration Testing

The security researcher Rafie Muhammad has found multiple high-severity vulnerabilities in the REHub WordPress theme (premium version) and the associated REHub Framework plugin. These weaknesses, if left unpatched, could have devastating consequences for businesses... The post Urgent: Patch Critical Vulnerabilities in Widely-Used REHub WordPress Theme & Plugin appeared first on Penetration Testing.

article thumbnail

Critical flaw in LayerSlider WordPress plugin impacts 1 million sites

Bleeping Computer

A premium WordPress plugin named LayerSlider, used in over one million sites, is vulnerable to unauthenticated SQL injection, requiring admins to prioritize applying security updates for the plugin. [.

95
article thumbnail

Google Cloud/Cloud Security Alliance Report: IT and Security Pros Are ‘Cautiously Optimistic’ About AI

Tech Republic Security

Of the IT and security professionals surveyed, 63% said AI will improve security within their organization.

article thumbnail

Hosting firm's VMware ESXi servers hit by new SEXi ransomware

Bleeping Computer

Chilean data center and hosting provider IxMetro Powerhost has suffered a cyberattack at the hands of a new ransomware gang known as SEXi, which encrypted the company's VMware ESXi servers and backups. [.

article thumbnail

Enhance Innovation and Governance Through the Cloud Development Maturity Model

Leverage the Cloud Development Environment Maturity Model to elevate your software development practices with scalable, secure cloud-based workspaces. This model offers a structured approach to modernizing development, aligning technology, developer experience, security, and workflows. By implementing Cloud Development Environments (CDEs), teams can boost efficiency, improve security, and streamline operations through centralized governance.