Tue.Feb 27, 2024

article thumbnail

China Surveillance Company Hacked

Schneier on Security

Last week, someone posted something like 570 files, images and chat logs from a Chinese company called I-Soon. I-Soon sells hacking and espionage services to Chinese national and local government. Lots of details in the news articles. These aren’t details about the tools or techniques, more the inner workings of the company. And they seem to primarily be hacking regionally.

article thumbnail

New Vulnerabilities in ConnectWise ScreenConnect Massively Exploited by Attackers

Tech Republic Security

One vulnerability impacting ConnectWise ScreenConnect that allows remote attackers to bypass authentication to create admin accounts is being used in the wild.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

How the Pentagon Learned to Use Targeted Ads to Find its Targets—and Vladimir Putin

WIRED Threat Level

Meet the guy who taught US intelligence agencies how to make the most of the ad tech ecosystem, "the largest information-gathering enterprise ever conceived by man.

145
145
article thumbnail

Android banking trojans: How they steal passwords and drain bank accounts

Malwarebytes

For the most popular operating system in the world—which is Android and it isn’t even a contest —there’s a sneaky cyberthreat that can empty out a person’s bank accounts to fill the illicit coffers of cybercriminals. These are “Android banking trojans,” and, according to our 2024 ThreatDown State of Malware report , Malwarebytes detected an astonishing 88,500 of them last year alone.

Banking 145
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Lazarus Hacking Group’s Malicious Python Packages Uncovered

Penetration Testing

Security researchers warn of a new wave of malicious Python packages uploaded to PyPI, the official Python repository. This attack, attributed to the infamous Lazarus hacking group, leverages a dangerous tactic: preying on developers’... The post Lazarus Hacking Group’s Malicious Python Packages Uncovered appeared first on Penetration Testing.

Hacking 145
article thumbnail

WordPress LiteSpeed Plugin Vulnerability Puts 5 Million Sites at Risk

The Hacker News

A security vulnerability has been disclosed in the LiteSpeed Cache plugin for WordPress that could enable unauthenticated users to escalate their privileges. Tracked as CVE-2023-40000, the vulnerability was addressed in October 2023 in version 5.7.0.1.

Risk 143

More Trending

article thumbnail

Open-Source Xeno RAT Trojan Emerges as a Potent Threat on GitHub

The Hacker News

An "intricately designed" remote access trojan (RAT) called Xeno RAT has been made available on GitHub, making it available to other actors at no extra cost.

143
143
article thumbnail

Change Healthcare Ransomware Attack: BlackCat Hackers Quickly Returned After FBI Bust

WIRED Threat Level

Two months ago, the FBI “disrupted” the BlackCat ransomware group. They're already back—and their latest attack is causing delays at pharmacies across the US.

article thumbnail

Five Eyes Agencies Expose APT29's Evolving Cloud Attack Tactics

The Hacker News

Cybersecurity and intelligence agencies from the Five Eyes nations have released a joint advisory detailing the evolving tactics of the Russian state-sponsored threat actor known as APT29.

Hacking 143
article thumbnail

Zyxel fixed four bugs in firewalls and access points

Security Affairs

Taiwanese vendor Zyxel warns of security vulnerabilities in its firewalls and access points, including a remote code execution flaw. Taiwanese networking vendor Zyxel addressed four vulnerabilities, respectively tracked as CVE-2023-6397 , CVE-2023-6398 , CVE-2023-6399 , and CVE-2023-6764 , in its firewalls and access points. The flaws can be exploited by threat actors to carry out command injection and denial-of-service attacks and to achieve remote code execution.

Firewall 141
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

New Hugging Face Vulnerability Exposes AI Models to Supply Chain Attacks

The Hacker News

Cybersecurity researchers have found that it's possible to compromise the Hugging Face Safetensors conversion service to ultimately hijack the models submitted by users and result in supply chain attacks.

article thumbnail

XSS flaw in LiteSpeed Cache plugin exposes millions of WordPress sites at risk

Security Affairs

Researchers warn of an XSS vulnerability, tracked as CVE-2023-40000, in the LiteSpeed Cache plugin for WordPress Patchstack researchers warn of an unauthenticated site-wide stored XSS vulnerability, tracked as CVE-2023-40000, that impacts the LiteSpeed Cache plugin for WordPress. The plugin LiteSpeed Cache (free version) is a popular caching plugin in WordPress which has over 4 million active installations.

Risk 141
article thumbnail

TimbreStealer Malware Spreading via Tax-themed Phishing Scam Targets IT Users

The Hacker News

Mexican users have been targeted with tax-themed phishing lures at least since November 2023 to distribute a previously undocumented Windows malware called TimbreStealer.

Phishing 142
article thumbnail

CVE-2024-1403 (CVSS 10): Critical Progress OpenEdge Vulnerability

Penetration Testing

Attention Progress OpenEdge users! A critical security vulnerability was recently discovered within the platform’s authentication system. This flaw (CVE-2024-1403) carries a CVSS score of 10 – the highest severity rating possible. This means an immediate... The post CVE-2024-1403 (CVSS 10): Critical Progress OpenEdge Vulnerability appeared first on Penetration Testing.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Cybersecurity Agencies Warn Ubiquiti EdgeRouter Users of APT28's MooBot Threat

The Hacker News

In a new joint advisory, cybersecurity and intelligence agencies from the U.S. and other countries are urging users of Ubiquiti EdgeRouter to take protective measures, weeks after a botnet comprising infected routers was felled by law enforcement as part of an operation codenamed Dying Ember.

article thumbnail

US pharmacy outage caused by Blackcat ransomware attack on Optum Solutions

Security Affairs

A BlackCat ransomware attack hit UnitedHealth Group subsidiary Optum causing an outage impacting the Change Healthcare payment exchange platform. A ransomware attack hit the UnitedHealth Group subsidiary Optum leading to an outage impacting the Change Healthcare payment exchange platform. Optum Solutions is a subsidiary of UnitedHealth Group, a leading health insurance company in the United States.

article thumbnail

From Alert to Action: How to Speed Up Your SOC Investigations

The Hacker News

Processing alerts quickly and efficiently is the cornerstone of a Security Operations Center (SOC) professional's role. Threat intelligence platforms can significantly enhance their ability to do so. Let's find out what these platforms are and how they can empower analysts. The Challenge: Alert Overload The modern SOC faces a relentless barrage of security alerts generated by SIEMs and EDRs.

132
132
article thumbnail

IDAT Loader used to infect a Ukraine entity in Finland with Remcos RAT

Security Affairs

A new malware campaign is targeting a Ukraine entity in Finland with Remcos RAT distributed via a loader called IDAT Loader. Morphisec Threat Labs researchers observed a new malware campaign targeting a Ukraine entity in Finland with Remcos RAT distributed via a loader called IDAT Loader. The Computer Emergency Response Team of Ukraine (CERT-UA) linked the attacks to a threat actor tracked as UAC-0184.

Malware 132
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Identity theft is number one threat for consumers, says report

Malwarebytes

The German Federal Office for Information Security (BSI) has published a report on The State of IT Security in Germany in 2023 , and the number one threat for consumers is… identity theft. The thing is, you can protect your devices and your online privacy as much as possible, but what happens when some organization which you have trusted with your personal information gets breached?

article thumbnail

Strengths and Weaknesses of MFA Methods Against Cyberattacks: Part 2

Duo's Security Blog

The choice of which authentication methods to use is individual to every organization, but it must be informed by a clear understanding of how these methods defend against common identity threats. In the first part of this three-part blog series , we discussed the various methods available to MFA users. In this part, we’ll evaluate each method’s effectiveness in defending against five common types of cyber-attack.

article thumbnail

Russian hackers hijack Ubiquiti routers to launch stealthy attacks

Bleeping Computer

Russian APT28 military hackers are using compromised Ubiquiti EdgeRouters to evade detection, the FBI says in a joint advisory issued with the NSA, the U.S. Cyber Command, and international partners. [.

130
130
article thumbnail

US Will Fight Russian Disinformation — Hacks and Leaks and Deepfakes, Oh My!

Security Boulevard

Pay no attention to that man: State Dept. Global Engagement Centre chief James Rubin (pictured) follows the yellow brick road. The post US Will Fight Russian Disinformation — Hacks and Leaks and Deepfakes, Oh My! appeared first on Security Boulevard.

Hacking 130
article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

article thumbnail

CISO, You are NOT my Hero! Here’s Why.

Jane Frankland

Recently, a friend posted a wonderful piece attributed to their hero, the CISO. I disagreed and immediately felt like a party pooper. But, I had to do it. Here’s why. In business today, the role of a CISO is crucial. With the consistency and severity of cyber attacks and data breaches worsening, compliance becoming a minefield, organisations are turning to (and paying) CISOs for protection and guidance.

CISO 130
article thumbnail

News alert: ThreatHunter.ai stops hundreds of ransomware attacks, nation-state threats in 48 hours

The Last Watchdog

Brea, Calif. Feb. 27, 2024 — The current large surge in cyber threats has left many organizations grappling for security so ThreatHunter.ai is taking decisive action. Recognizing the critical juncture at which the digital world stands, ThreatHunter.ai is now offering their cutting-edge cybersecurity services free of charge to all organizations for 30 days, irrespective of their current cybersecurity measures.

article thumbnail

The UK Is GPS-Tagging Thousands of Migrants

WIRED Threat Level

Ankle tags that constantly log a person’s coordinates are part of a growing cadre of experimental surveillance tools that countries around the world are trying out on new arrivals.

article thumbnail

CVE-2024-0819: TeamViewer’s Security Flaw Risks Password Safety

Penetration Testing

A recently discovered security hole (CVE-2024-0819) in older TeamViewer versions (prior to 15.51.5) could have put your personal password and system security at risk. This flaw allowed even low-level users on shared computers to... The post CVE-2024-0819: TeamViewer’s Security Flaw Risks Password Safety appeared first on Penetration Testing.

Passwords 128
article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

An educational robot security research

SecureList

In the modern world, we are surrounded by a multitude of smart devices that simplify our daily lives: smart speakers, robotic vacuum cleaners, automatic pet feeders and even entire smart homes. Toy manufacturers are striving to keep up with these trends, releasing more and more models that can also be called “smart.” For instance, educational robots that connect to the internet and support video calls.

Education 127
article thumbnail

GDPR Security Pack

Tech Republic Security

One of the key requirements of the General Data Protection Regulation is a demonstrated effort to enforce security measures that safeguard customer data. This bundle from TechRepublic Premium comprises six policies you can customize and implement to help your organization show good faith toward providing those data protections. The following policies are included: Data Classification.

127
127
article thumbnail

Mac Users Beware: Atomic Stealer Strikes Again

Penetration Testing

Bitdefender researchers have uncovered a new, stealthy variant of the infamous Atomic Stealer malware specifically targeting macOS users. This updated version uses sophisticated techniques to hijack passwords, browser data, cryptocurrency wallets, and other sensitive... The post Mac Users Beware: Atomic Stealer Strikes Again appeared first on Penetration Testing.

article thumbnail

Synopsys Report Exposes Extent of Open Source Software Security Risks

Security Boulevard

Synopsys found 74% of 1,067 commercial codebases scanned contain open source components impacted by high-risk vulnerabilities. The post Synopsys Report Exposes Extent of Open Source Software Security Risks appeared first on Security Boulevard.

Software 122
article thumbnail

IT Leadership Agrees AI is Here, but Now What?

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.