Fri.Mar 01, 2024

article thumbnail

NIST Cybersecurity Framework 2.0

Schneier on Security

NIST has released version 2.0 of the Cybersecurity Framework: The CSF 2.0, which supports implementation of the National Cybersecurity Strategy , has an expanded scope that goes beyond protecting critical infrastructure, such as hospitals and power plants, to all organizations in any sector. It also has a new focus on governance, which encompasses how organizations make and carry out informed decisions on cybersecurity strategy.

article thumbnail

NIST Cybersecurity Framework: A Cheat Sheet for Professionals

Tech Republic Security

The US National Institute of Standards and Technology's framework defines federal policy, but it can be used by private enterprises, too. Here's what you need to know.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Here Come the AI Worms

WIRED Threat Level

Security researchers created an AI worm in a test environment that can automatically spread between generative AI agents—potentially stealing data and sending spam emails along the way.

article thumbnail

UK’s NCSC Issues Warning as SVR Hackers Target Cloud Services

Tech Republic Security

Cyber espionage group APT29 is adapting its tactics for cloud environments. Here’s what you should know.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

U.S. Court Orders NSO Group to Hand Over Pegasus Spyware Code to WhatsApp

The Hacker News

A U.S. judge has ordered NSO Group to hand over its source code for Pegasus and other products to Meta as part of the social media giant's ongoing litigation against the Israeli spyware vendor.

Spyware 145
article thumbnail

CVE-2024-0692: SolarWinds Security Event Manager Unauthenticated RCE Flaw

Penetration Testing

Recently, SolarWinds has disclosed and patched a serious remote code execution (RCE) vulnerability in its Security Event Manager (SEM) solution. This flaw, tracked as CVE-2024-0692, could allow unauthenticated attackers to take complete control of... The post CVE-2024-0692: SolarWinds Security Event Manager Unauthenticated RCE Flaw appeared first on Penetration Testing.

More Trending

article thumbnail

CISA adds Microsoft Streaming Service bug to its Known Exploited Vulnerabilities catalog

Security Affairs

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft Streaming Service vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the CVE-2023-29360 (CVSS Score 8.4) Microsoft Streaming Service Untrusted pointer dereference vulnerability to its Known Exploited Vulnerabilities (KEV) catalog.

Hacking 143
article thumbnail

New Phishing Kit Leverages SMS, Voice Calls to Target Cryptocurrency Users

The Hacker News

A novel phishing kit has been observed impersonating the login pages of well-known cryptocurrency services as part of an attack cluster designed to primarily target mobile devices.

article thumbnail

Police seized Crimemarket, the largest German-speaking cybercrime marketplace

Security Affairs

German police seized the largest German-speaking cybercrime marketplace Crimemarket and arrested one of its operators. The Düsseldorf Police announced that a large-scale international law enforcement operation led to the seizure of the largest German-speaking cybercrime marketplace. “Under the direction of the North Rhine-Westphalia Cybercrime Central and Contact Office (ZAC NRW), an investigative commission at the Düsseldorf Police Headquarters has been collecting evidence for years about

article thumbnail

PoC Released for CVE-2023-42942 – a macOS Root Privilege Escalation Vulnerability

Penetration Testing

An independent security researcher has published details and proof-of-concept (PoC) code for a macOS vulnerability (CVE-2023-42942) that could be exploited for root privilege escalation. The Discovery of CVE-2023-42942 The security defect was identified and reported... The post PoC Released for CVE-2023-42942 – a macOS Root Privilege Escalation Vulnerability appeared first on Penetration Testing.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

New BIFROSE Linux Malware Variant Using Deceptive VMware Domain for Evasion

The Hacker News

Cybersecurity researchers have discovered a new Linux variant of a remote access trojan (RAT) called BIFROSE (aka Bifrost) that uses a deceptive domain mimicking VMware. "This latest version of Bifrost aims to bypass security measures and compromise targeted systems," Palo Alto Networks Unit 42 researchers Anmol Maurya and Siddharth Sharma said.

Malware 142
article thumbnail

Pig butchering scams, how they work and how to avoid them

Malwarebytes

Pig butchering scams are big business. There are hundreds of millions of dollars involved every year. The numbers are not very precise because some see them as a special kind of romance scam , while others classify them as investment fraud. The victims in Pig Butchering schemes are referred to as pigs by the scammers, who use elaborate storylines to fatten up victims into believing they are in a romantic or otherwise close personal relationship.

Scams 139
article thumbnail

Crooks stole €15 Million from European retail company Pepco

Security Affairs

Crooks stole €15.5 million from the European variety retail and discount company Pepco through a phishing attack. The Hungarian business of the European discount retailer Pepco Group has been the victim of a phishing attack, crooks stole about 15 million euros ($16.3 million). The group operates three distribution lines: Poundland in the United Kingdom, Dealz in the Republic of Ireland and Spain, and Pepco in various European countries. “Pepco Group (“Pepco” or the “Group”) has been the ta

Retail 139
article thumbnail

4 Instructive Postmortems on Data Downtime and Loss

The Hacker News

More than a decade ago, the concept of the ‘blameless’ postmortem changed how tech companies recognize failures at scale.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Malicious meeting invite fix targets Mac users

Malwarebytes

Cybercriminals are targeting Mac users interested in cryptocurrency opportunities with fake calendar invites. During the attacks the criminals will send a link supposedly to add a meeting to the target’s calendar. In reality the link runs a script to install Mac malware on the target’s machine. Cybersecurity expert Brian Krebs investigated and flagged the issue.

article thumbnail

Cheap Video Doorbell Cams: Tools of Stalkers and Thieves

Security Boulevard

EKEN IoT FAIL: Amazon, Sears and Shein still sell security swerving stuff. The post Cheap Video Doorbell Cams: Tools of Stalkers and Thieves appeared first on Security Boulevard.

IoT 130
article thumbnail

Five Eyes alliance warns of attacks exploiting known Ivanti Gateway flaws

Security Affairs

The Five Eyes alliance warns of threat actors exploiting known security flaws in Ivanti Connect Secure and Ivanti Policy Secure gateways. The Five Eyes intelligence alliance issued a joint cybersecurity advisory warning of threat actors exploiting known vulnerabilities in Ivanti Connect Secure and Ivanti Policy Secure gateways. The advisory provides details about the exploitation in the wild of Connect Secure and Policy Secure vulnerabilities CVE-2023-46805 , CVE-2024-21887 , and CVE-2024-2189

article thumbnail

IT Leaders Lack Confidence in IoT Security Plans

Security Boulevard

There is a significant lack of confidence among IT leaders regarding their internet-of-things (IoT) security plans. The post IT Leaders Lack Confidence in IoT Security Plans appeared first on Security Boulevard.

IoT 128
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Act now to stop WordPress and Tumblr selling your content to AI firms

Graham Cluley

If sharing your content with AI firms is such a great thing for the publishers of blogs, you have to wonder why Automattic feels the need to enable it by default rather than insisting they opt-out - surely if it's such a "win", blog owners would be keen to opt-in themselves.

122
122
article thumbnail

Report: Average Initial Ransomware Demand in 2023 Reached $600K

Security Boulevard

An Arctic Wolf report found the median initial ransom demand made by cybercriminals rose 20% year-over-year to $600,000. The post Report: Average Initial Ransomware Demand in 2023 Reached $600K appeared first on Security Boulevard.

article thumbnail

CVE-2023-50378: Apache Ambari Stored Cross-Site Scripting Vulnerability

Penetration Testing

Apache Ambari simplifies the complexities of managing Hadoop clusters. Ironically, a recently disclosed vulnerability could transform it into an unexpected entry point for attackers. CVE-2023-50378, a stored cross-site scripting (XSS) flaw, presents a significant... The post CVE-2023-50378: Apache Ambari Stored Cross-Site Scripting Vulnerability appeared first on Penetration Testing.

article thumbnail

Vishing, Smishing Thrive in Gap in Enterprise, CSP Security Views

Security Boulevard

There is a significant gap between enterprises’ high expectations that their communications service provider will provide the security needed to protect them against voice and messaging scams and the level of security those CSPs offer, according to telecom and cybersecurity software maker Enea. Bad actors and state-sponsored threat groups, armed with the latest generative AI.

Scams 119
article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

article thumbnail

Someone is hacking 3D printers to warn owners of a security flaw

Graham Cluley

Someone is hacking 3D printers to warn owners of a security flaw Do you have an Anycubic Kobra 2 Pro/Plus/Max 3D printer? Did you know it has a security vulnerability? If you answered "yes" to both those questions, then chances are that I can guess just how you found out your 3D printer was vulnerable to hackers. Read more in my article on the Hot for Security blog.

Hacking 115
article thumbnail

Malware Hiding in PDFs: What You Need to Know

Penetration Testing

A recent investigation by McAfee Labs has shed light on a significant surge in malware distribution through one of the most ubiquitous document formats: the PDF. This surge marks a concerning shift in cybercriminal... The post Malware Hiding in PDFs: What You Need to Know appeared first on Penetration Testing.

article thumbnail

Response to CISA Advisory (AA24-060A): #StopRansomware: Phobos Ransomware

Security Boulevard

AttackIQ has released a new assessment template in response to the recently published CISA Advisory (AA24-060A) which disseminates known Tactics, Techniques, and Procedures (TTPs) and Indicators of Compromise (IOCs) associated with the Phobos Ransomware variants observed as recently as February 2024. The post Response to CISA Advisory (AA24-060A): #StopRansomware: Phobos Ransomware appeared first on AttackIQ.

article thumbnail

Microsoft pulls Edge update causing 'Out of Memory' crashes

Bleeping Computer

Microsoft has pulled the Microsoft Edge 122.0.2365.63 update after users reported receiving "Out of memory" errors when browsing the web or accessing the browser settings. [.

109
109
article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

PikaBot malware on the rise: What organizations need to know 

Malwarebytes

A new type of malware is being used by ransomware gangs in their attacks, and its name is PikaBot. A relatively new trojan that emerged in early 2023, PikaBot is the apparent successor to the infamous QakBot (QBot) trojan that was shut down in August 2023. QBot was used by many ransomware gangs in the past for its versatile ability to facilitate initial access and deliver secondary payloads.

Malware 103
article thumbnail

CISA warns of Microsoft Streaming bug exploited in malware attacks

Bleeping Computer

CISA ordered U.S. Federal Civilian Executive Branch (FCEB) agencies to secure their Windows systems against a high-severity vulnerability in the Microsoft Streaming Service (MSKSSRV.SYS) that's actively exploited in attacks. [.

Malware 102
article thumbnail

MultiDump: dumping & extracting LSASS memory discreetly, without triggering Defender alerts

Penetration Testing

MultiDump MultiDump is a post-exploitation tool written in C for dumping and extracting LSASS memory discreetly, without triggering Defender alerts, with a handler written in Python. MultiDump supports LSASS dump via ProcDump.exe or comsvc.dll, it offers... The post MultiDump: dumping & extracting LSASS memory discreetly, without triggering Defender alerts appeared first on Penetration Testing.

article thumbnail

Germany takes down largest cybercrime market in the country, arrests 6

Bleeping Computer

The Düsseldorf Police in Germany have seized Crimemarket, the largest German-speaking illicit trading platform on the internet, arresting six people, including one of its operators. [.

article thumbnail

IT Leadership Agrees AI is Here, but Now What?

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.