Mon.Mar 18, 2024

article thumbnail

Inside the Massive Alleged AT&T Data Breach

Troy Hunt

I hate having to use that word - "alleged" - because it's so inconclusive and I know it will leave people with many unanswered questions. But sometimes, "alleged" is just where we need to begin and over the course of time, proper attribution is made and the dots are joined. We're here at "alleged" for two very simple reasons: one is that AT&T is saying "the data didn't come from us", and the other is that I have no way of proving otherwise.

article thumbnail

Drones and the US Air Force

Schneier on Security

Fascinating analysis of the use of drones on a modern battlefield—that is, Ukraine—and the inability of the US Air Force to react to this change. The F-35A certainly remains an important platform for high-intensity conventional warfare. But the Air Force is planning to buy 1,763 of the aircraft, which will remain in service through the year 2070.

Risk 263
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Weekly Update 391

Troy Hunt

I'm in Japan! Without tripod, without mic and having almost completely forgotten to do this vid, simply because I'm enjoying being on holidays too much 😊 It was literally just last night at dinner the penny dropped - "don't I normally do something around now.?" The weeks leading up to this trip were especially chaotic and to be honest, I simply forgot all about work once we landed here.

238
238
article thumbnail

git-alerts: detect and monitor GitHub org users’ public repositories for secrets and sensitive files

Penetration Testing

GitAlerts GitHub repositories created under any organization can be controlled by the GitHub administrators. However, any repository created under an organization’s user account is not controllable unless the organization has adopted the GitHub enterprise-managed... The post git-alerts: detect and monitor GitHub org users’ public repositories for secrets and sensitive files appeared first on Penetration Testing.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

PoC exploit for critical RCE flaw in Fortra FileCatalyst transfer tool released

Security Affairs

Fortra addressed a critical remote code execution vulnerability impacting its FileCatalyst file transfer product. Fortra has released updates to address a critical vulnerability, tracked as CVE-2024-25153 (CVSS score 9.8) impacting its FileCatalyst file transfer solution. A remote, unauthenticated attacker can exploit their vulnerability to execute arbitrary code on impacted servers. “A directory traversal within the ‘ftpservlet’ of the FileCatalyst Workflow Web Portal allows files to be

Hacking 139
article thumbnail

Cyberattackers Exploit QEMU for Stealthy Network Tunneling

Security Boulevard

In recent times, malicious actors have been found using innovative techniques to infiltrate systems and networks. One such development involves abusing the QEMU open-source hardware emulator as a tunneling tool during cyber-attacks. Threat actors created virtual network interfaces and a socket-type network device using QEMU to facilitate connection to a remote server.

More Trending

article thumbnail

New Phishing Attack Uses Clever Microsoft Office Trick to Deploy NetSupport RAT

The Hacker News

A new phishing campaign is targeting U.S. organizations with the intent to deploy a remote access trojan called NetSupport RAT. Israeli cybersecurity company Perception Point is tracking the activity under the moniker Operation PhantomBlu.

Phishing 136
article thumbnail

Remove WordPress miniOrange plugins, a critical flaw can allow site takeover

Security Affairs

A critical vulnerability in WordPress miniOrange’s Malware Scanner and Web Application Firewall plugins can allow site takeover. On March 1st, 2024, WordPress security firm Wordfence received a submission for a Privilege Escalation vulnerability in miniOrange’s Malware Scanner as part of the company Bug Bounty initiative Extravaganza. This WordPress plugin has more than 10,000+ active installations.

Firewall 131
article thumbnail

Navigating the NSA’s New Zero-Trust Guidelines

Security Boulevard

New guidelines from the NSA provide public sector and private organizations with the necessary framework to approach zero-trust. The post Navigating the NSA’s New Zero-Trust Guidelines appeared first on Security Boulevard.

article thumbnail

Fujitsu suffered a malware attack and probably a data breach

Security Affairs

Technology giant Fujitsu announced it had suffered a cyberattack that may have resulted in the theft of customer information. Japanese technology giant Fujitsu on Friday announced it had suffered a malware attack, threat actors may have stolen personal and customer information. The company revealed that multiple work computers were infected with malware, in response to the compromise the security staff disconnected impacted systems from the network.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

NVIDIA GTC Keynote: Blackwell Architecture Will Accelerate AI Products in Late 2024

Tech Republic Security

Developers can now take advantage of NVIDIA NIM packages to deploy enterprise generative AI, said NVIDIA CEO Jensen Huang.

article thumbnail

Hackers Using Sneaky HTML Smuggling to Deliver Malware via Fake Google Sites

The Hacker News

Cybersecurity researchers have discovered a new malware campaign that leverages bogus Google Sites pages and HTML smuggling to distribute a commercial malware called AZORult in order to facilitate information theft.

Malware 134
article thumbnail

Microsoft announces deprecation of 1024-bit RSA keys in Windows

Bleeping Computer

Microsoft has announced that RSA keys shorter than 2048 bits will soon be deprecated in Windows Transport Layer Security (TLS) to provide increased security. [.

134
134
article thumbnail

Protecting Against Attacks on NTLM Authentication

Security Boulevard

When it comes to cyberattacks, March has come in like a lion for Microsoft. Last week, Microsoft said in an SEC filing that that information stolen in a hack of senior leaders’ email accounts is now being used to “gain or attempt to gain access” to company source code repositories and other internal systems. The fallout remains unknown. Just a few days earlier, threat researchers at Proofpoint reported a phishing campaign by the well-known threat group TA577 that targets Windows NT LAN Manager (

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

TeamCity Vulnerability Exploits Lead to Jasmin Ransomware, Other Malware Types

Trend Micro

CVE-2024-27198 and CVE-2024-27199 are vulnerabilities within the TeamCity On-Premises platform that can allow attackers to gain administrative control over affected systems.

Malware 132
article thumbnail

CVE-2024-1753: Podman/Buildah Vulnerability Allow Container Escapes

Penetration Testing

A serious vulnerability (CVE-2024-1753) has been discovered in the popular containerization tools Podman and Buildah. This flaw, rated as important with a CVSS score of 8.6, could allow attackers to escape the confines of... The post CVE-2024-1753: Podman/Buildah Vulnerability Allow Container Escapes appeared first on Penetration Testing.

article thumbnail

6 Reasons Your Business Should Have Ransomware Plan

Security Boulevard

In the ever-evolving landscape of cybersecurity threats, ransomware has emerged as one of the most formidable and costly challenges facing businesses of all sizes. As the world becomes increasingly digitized, the risk of falling victim to this insidious form of cyber attacks continues to escalate. In 2024, having a comprehensive ransomware protection plan in place […] The post 6 Reasons Your Business Should Have Ransomware Plan appeared first on SternX Technology.

article thumbnail

Get on CompTIA Certification Track With These $30 Study Guides

Tech Republic Security

Kickstart a lucrative career in IT with this extensive bundle that includes 10 study guides on CompTIA and more of today's leading IT certifications.

article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

WordPress Admins Urged to Remove miniOrange Plugins Due to Critical Flaw

The Hacker News

WordPress users of miniOrange's Malware Scanner and Web Application Firewall plugins are being urged to delete them from their websites following the discovery of a critical security flaw. The flaw, tracked as CVE-2024-2172, is rated 9.8 out of a maximum of 10 on the CVSS scoring system. It impacts the following versions of the two plugins - Malware Scanner (versions <= 4.7.

Firewall 123
article thumbnail

How the New NIST 2.0 Guidelines Help Detect SaaS Threats

Bleeping Computer

NIST just-released its Cybersecurity Framework (CSF) 2.0, which seems to have SaaS security in mind. Learn more from Adaptive Shield about how the NIST 2.0 framework can help detect SaaS threats. [.

article thumbnail

New DEEP#GOSU Malware Campaign Targets Windows Users with Advanced Tactics

The Hacker News

A new elaborate attack campaign has been observed employing PowerShell and VBScript malware to infect Windows systems and harvest sensitive information. Cybersecurity company Securonix, which dubbed the campaign DEEP#GOSU, said it's likely associated with the North Korean state-sponsored group tracked as Kimsuky.

Malware 121
article thumbnail

Chinese Earth Krahang hackers breach 70 orgs in 23 countries

Bleeping Computer

A sophisticated hacking campaign attributed to a Chinese Advanced Persistent Threat (APT) group known as 'Earth Krahang' has breached 70 organizations and targeted at least 116 across 45 countries. [.

Hacking 113
article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

article thumbnail

Sign up for a Tour at the RSA Conference 2024 SOC

Cisco Security

Join the guided tour outside the Security Operations Center, where we’ll discuss real time network traffic of the RSA Conference, as seen in the NetWitness platform. Engineers will be using Cisco S… Read more on Cisco Blogs Join the guided tour outside the Security Operations Center, where we’ll discuss real time network traffic of the RSA Conference.

article thumbnail

Fujitsu found malware on IT systems, confirms data breach

Bleeping Computer

Japanese tech giant Fujitsu discovered that several of its systems were infected by malware and warns that the hackers stole customer data. [.

article thumbnail

Top 5 Data Breaches That Cost Millions

Security Boulevard

“If you put a key under the mat for the cops, a burglar can find it, too. Criminals are using every technology tool at their disposal to hack into people’s accounts. If they know there’s a key hidden somewhere, they won’t stop until they find it.” - Tim Cook, CEO of Apple Inc. The entire [.] The post Top 5 Data Breaches That Cost Millions appeared first on Wallarm.

article thumbnail

New China-Linked Threat Actor Earth Krahang Targets Government Entities Worldwide

Penetration Testing

In a recently released report, Trend Micro reveals details of a new advanced persistent threat (APT) campaign they’ve named Earth Krahang. This China-nexus threat actor demonstrates alarming sophistication, with an unwavering focus on compromising... The post New China-Linked Threat Actor Earth Krahang Targets Government Entities Worldwide appeared first on Penetration Testing.

article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

How CISA’s secure software development attestation form falls short

Security Boulevard

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the White House’s Office of Management and Budget (OMB) have released their Secure Software Development Attestation Form , a long-anticipated worksheet that asks organizations that sell software and services to the federal government to attest to the security of their wares. The post How CISA’s secure software development attestation form falls short appeared first on Security Boulevard.

Software 107
article thumbnail

Sneaky Malware Campaign Abuses Google Sites to Deliver Data-Stealing Azorult

Penetration Testing

Security researchers at Netskope Threat Labs have exposed a sophisticated malware campaign that leverages the trustworthiness of Google Sites to deliver a potent new version of the Azorult infostealer. This malware poses a significant... The post Sneaky Malware Campaign Abuses Google Sites to Deliver Data-Stealing Azorult appeared first on Penetration Testing.

article thumbnail

Fujitsu hack raises questions, after firm confirms customer data breach

Graham Cluley

Fujitsu has warned that cybercriminals may have stolen files with personal and customer data after it discovering malware on its computer systems.

article thumbnail

CVE-2024-22257: Spring Security Flaw Opens Door to Broken Access Control Attacks

Penetration Testing

Spring Security, a widely used framework for securing Java-based applications, has a serious vulnerability that could allow attackers to bypass authentication and gain unauthorized access to sensitive systems. The vulnerability tracked as CVE-2024-22257, has... The post CVE-2024-22257: Spring Security Flaw Opens Door to Broken Access Control Attacks appeared first on Penetration Testing.

article thumbnail

IT Leadership Agrees AI is Here, but Now What?

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.