Thu.May 09, 2024

article thumbnail

How Criminals Are Using Generative AI

Schneier on Security

There’s a new report on how criminals are using generative AI tools: Key Takeaways: Adoption rates of AI technologies among criminals lag behind the rates of their industry counterparts because of the evolving nature of cybercrime. Compared to last year, criminals seem to have abandoned any attempt at training real criminal large language models (LLMs).

article thumbnail

Duo’s New Session Trust Solution Provides Continuous Policy

Duo's Security Blog

User experience and security protocols have historically been at odds. To improve security outcomes, users are forced to jump through more hoops to gain access to sensitive resources. Duo is rethinking this paradigm with the launch of Session Trust’s continuous policy. Challenge with sessions When a user logs in to a new application, the website sends a cookie that is stored in the browser.

Risk 143
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Citrix warns customers to update PuTTY version installed on their XenCenter system manually

Security Affairs

Citrix urges customers to manually address a PuTTY SSH client flaw that could allow attackers to steal a XenCenter admin’s private SSH key. Versions of XenCenter for Citrix Hypervisor 8.2 CU1 LTSR used PuTTY, a third-party component, for SSH connections to guest VMs. However, PuTTY inclusion was deprecated with XenCenter version 8.2.6, and any versions after 8.2.7 will not include PuTTY.

article thumbnail

Google Rushes to Patch Chrome Zero-Day Exploit: CVE-2024-4671

Penetration Testing

Google has rushed out an emergency security update for its Chrome browser to address a critical vulnerability already being exploited by threat actors. The flaw, designated CVE-2024-4671, is a “use after free” bug located... The post Google Rushes to Patch Chrome Zero-Day Exploit: CVE-2024-4671 appeared first on Penetration Testing.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

One in Four Tech CISOs Unhappy with Compensation

Security Boulevard

Stagnating security budgets and mounting job pressures are weighing on CISOs, a quarter of whom expressed discontent with their salary and overall compensation. Show me the money: The average total compensation for tech CISOs stands at $710,000. The post One in Four Tech CISOs Unhappy with Compensation appeared first on Security Boulevard.

CISO 130
article thumbnail

Dell warns of data breach, 49 million customers allegedly affected

Bleeping Computer

Dell is warning customers of a data breach after a threat actor claimed to have stolen information for approximately 49 million customers. [.

More Trending

article thumbnail

FBI warns US retailers that hackers are targeting their gift card systems

Graham Cluley

The FBI has issued a warning to US retailers about a financially-motivated malicious hacking ring that has been targeting employees with phishing attacks in an attempt to create fraudulent gift cards. Read more in my article on the Tripwire State of Security blog.

Retail 125
article thumbnail

Massive Online Shopping Scam Racks Up 850,000 Victims

Security Boulevard

Chinese crooks are running a global network of more than 75,000 fake online shops to steal credit card data and process fraudulent payments. The post Massive Online Shopping Scam Racks Up 850,000 Victims appeared first on Security Boulevard.

Scams 124
article thumbnail

FIN7 Hackers Using Signed Malware and Fake Google Ads to Evade Defenses

Penetration Testing

Researchers at eSentire’s Threat Response Unit (TRU) have uncovered a disturbing trend in FIN7 attacks demonstrating the notorious cybercrime group’s evolving tactics for infiltrating systems. FIN7’s campaign targets users with malicious websites disguised as... The post FIN7 Hackers Using Signed Malware and Fake Google Ads to Evade Defenses appeared first on Penetration Testing.

article thumbnail

Experts warn of two BIG-IP Next Central Manager flaws that allow device takeover

Security Affairs

Two high-severity vulnerabilities in BIG-IP Next Central Manager can be exploited to gain admin control and create hidden accounts on any managed assets. F5 has addressed two high-severity vulnerabilities, respectively tracked as CVE-2024-26026 and CVE-2024-21793 , in BIG-IP Next Central Manager that can lead to device takeover. BIG-IP Next Central Manager (NCM) is a centralized management and orchestration solution offered by F5 Networks for their BIG-IP family of products.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Mirai Botnet Exploits Ivanti Connect Secure Flaws for Malicious Payload Delivery

The Hacker News

Two recently disclosed security flaws in Ivanti Connect Secure (ICS) devices are being exploited to deploy the infamous Mirai botnet. That's according to findings from Juniper Threat Labs, which said the vulnerabilities CVE-2023-46805 and CVE-2024-21887 have been leveraged to deliver the botnet payload.

article thumbnail

Mirai botnet also spreads through the exploitation of Ivanti Connect Secure bugs

Security Affairs

Threat actors exploit recently disclosed Ivanti Connect Secure (ICS) vulnerabilities to deploy the Mirai botnet. Researchers from Juniper Threat Labs reported that threat actors are exploiting recently disclosed Ivanti Connect Secure (ICS) vulnerabilities CVE-2023-46805 and CVE-2024-21887 to drop the payload of the Mirai botnet. In early January, the software firm reported that threat actors are exploiting two zero-day vulnerabilities (CVE-2023-46805, CVE-2024-21887) in Connect Secure (ICS) and

article thumbnail

New TunnelVision Attack Allows Hijacking of VPN Traffic via DHCP Manipulation

The Hacker News

Researchers have detailed a Virtual Private Network (VPN) bypass technique dubbed TunnelVision that allows threat actors to snoop on victim's network traffic by just being on the same local network. The "decloaking" method has been assigned the CVE identifier CVE-2024-3661 (CVSS score: 7.6).

VPN 123
article thumbnail

DocGo patient health data stolen in cyberattack

Malwarebytes

Medical health care provider DocGo has disclosed in a form 8-K that it experienced a cybersecurity incident involving some of the company’s systems. As part of the investigation of the incident, the company says it has determined that the attacker accessed and acquired data, including certain protected health information. DocGo is a healthcare provider that offers mobile health services, ambulance services, and remote monitoring for patients in 30 US states, and across the United Kingdom.

article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Kremlin-Backed APT28 Targets Polish Institutions in Large-Scale Malware Campaign

The Hacker News

Polish government institutions have been targeted as part of a large-scale malware campaign orchestrated by a Russia-linked nation-state actor called APT28. "The campaign sent emails with content intended to arouse the recipient's interest and persuade him to click on the link," the computer emergency response team, CERT Polska, said in a Wednesday bulletin.

Malware 116
article thumbnail

Silverfort Announces New Integration with Microsoft Entra ID EAM 

Security Boulevard

Silverfort is excited to announce our integration with external authentication methods (EAM) in Microsoft Entra ID, which is now in public preview. This allows customers to use Silverfort seamlessly with any app or service that relies on Entra ID as an identity provider. Enhanced MFA and Threat Intelligence In today’s rapidly evolving digital landscape, securing.

article thumbnail

Cancer patients’ sensitive information accessed by “unidentified parties” after being left exposed by screening lab for years

Graham Cluley

A medical lab that specialises in cancer screenings has admitted to an alarming data breach that left sensitive patient information exposed for years - and accessible by unauthorised parties. California-based Guardant Health is notifying affected individuals that information related to samples collected in late 2019 and 2020 was "inadvertently" left exposed online to the general public after an employee mistakenly uploaded it.

article thumbnail

London Drugs cyber attack: What businesses can learn from their week-long shutdown

Security Boulevard

The post London Drugs cyber attack: What businesses can learn from their week-long shutdown appeared first on Click Armor. The post London Drugs cyber attack: What businesses can learn from their week-long shutdown appeared first on Security Boulevard.

article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

article thumbnail

Zscaler is investigating data breach claims

Security Affairs

Cybersecurity firm Zscaler is investigating claims of a data breach after hackers offered access to its network. Cybersecurity firm Zscaler is investigating allegations of a data breach following reports that threat actors are offering for sale access to its network. The company confirmed that there is no impact or compromise to its customer, production and corporate environments. “Zscaler continues to investigate and reiterates there is no impact or compromise to our customer, production

article thumbnail

Citrix warns admins to manually mitigate PuTTY SSH client bug

Bleeping Computer

Citrix notified customers this week to manually mitigate a PuTTY SSH client vulnerability that could allow attackers to steal a XenCenter admin's private SSH key. [.

105
105
article thumbnail

Russian Hacker Indicted as Mastermind Behind LockBit Ransomware

SecureWorld News

The U.S. Department of Justice has unsealed charges against a Russian national accused of developing and operating the notorious LockBit ransomware, one of the most destructive and lucrative cybercrime operations in recent years. Dmitry Yuryevich Khoroshev, 31, of Voronezh, Russia, has been indicted on 26 counts related to his alleged role as the creator and administrator of LockBit ransomware since its inception in September 2019.

article thumbnail

AT&T delays Microsoft 365 email delivery due to spam wave

Bleeping Computer

AT&T's email servers are blocking connections from Microsoft 365 due to a "high volume" spam wave originating from Microsoft's service.

article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

$10 million reward offer for apprehension of unmasked LockBit ransomware leader

Graham Cluley

Do you know Dmitry Yuryevich Khoroshev? If you do, there's a chance that you might well on the way to receiving a reward of up to $10 million. Read more in my article on the Exponential-e blog.

article thumbnail

Poland says Russian military hackers target its govt networks

Bleeping Computer

Poland says a state-backed threat group linked to Russia's military intelligence service (GRU) has been targeting Polish government institutions throughout the week. [.

article thumbnail

New Guide: How to Scale Your vCISO Services Profitably

The Hacker News

Cybersecurity and compliance guidance are in high demand among SMEs. However, many of them cannot afford to hire a full-time CISO. A vCISO can answer this need by offering on-demand access to top-tier cybersecurity expertise. This is also an opportunity for MSPs and MSSPs to grow their business and bottom line.

CISO 83
article thumbnail

Monday.com removes "Share Update" feature abused for phishing attacks

Bleeping Computer

Project management platform Monday.com has removed its "Share Update" feature after threat actors abused it in phishing attacks.

article thumbnail

IT Leadership Agrees AI is Here, but Now What?

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.

article thumbnail

GitHub takes aim at software supply chain security

InfoWorld on Security

GitHub has introduced Artifact Attestations, a software signing and verification feature based on Sigstore that protects the integrity of software builds in GitHub Actions workflows. Artifiact Attestations is now available in a public beta. Announced May 2 , Artifact Attestations allows project maintainers to create a “tamper-proof, unforgeable paper trail” that links software artifacts to the process that created them.

article thumbnail

Graduation to Adulting: Navigating Identity Protection and Beyond!

Webroot

Congratulations, graduates! As you gear up for life after high school or college, you’re stepping into a world of exciting firsts—new jobs, new homes, and new adventures. There’s one first you might not have considered: your first identity protection plan. Why is identity protection important? Let’s dive in. Why protecting your identity matters Imagine this: you’re building your credit score, applying for a credit card, or renting your first apartment.

article thumbnail

CVE-2024-34350 & CVE-2024-34351: Two Vulnerabilities Patched in Popular Next.js Framework

Penetration Testing

Next.js, a leading framework for building full-stack web applications, is widely adopted by some of the world’s largest companies for its integration of the latest React features and Rust-based JavaScript tooling. However, recent discoveries... The post CVE-2024-34350 & CVE-2024-34351: Two Vulnerabilities Patched in Popular Next.js Framework appeared first on Penetration Testing.

article thumbnail

Emulation with Qiling

LRQA Nettitude Labs

Qiling is an emulation framework that builds upon the Unicorn emulator by providing higher level functionality such as support for dynamic library loading, syscall interception and more. In this Labs post, we are going to look into Qiling and how it can be used to emulate a HTTP server binary from a router. The target chosen for this research was the NEXXT Polaris 150 travel router.

article thumbnail

Enhance Innovation and Governance Through the Cloud Development Maturity Model

Leverage the Cloud Development Environment Maturity Model to elevate your software development practices with scalable, secure cloud-based workspaces. This model offers a structured approach to modernizing development, aligning technology, developer experience, security, and workflows. By implementing Cloud Development Environments (CDEs), teams can boost efficiency, improve security, and streamline operations through centralized governance.