Krebs on Security

FEBRUARY 9, 2024

Until earlier this week, the support website for networking equipment vendor Juniper Networks was exposing potentially sensitive information tied to customer products, including which devices customers bought, as well as each product’s warranty status, service contracts and serial numbers. Juniper said it has since fixed the problem, and that the inadvertent data exposure stemmed from a recent upgrade to its support portal.

Artificial Intelligence 313

Artificial Intelligence Healthcare Accountability Banking 313

Schneier on Security

FEBRUARY 9, 2024

The widely reported story last week that 1.5 million smart toothbrushes were hacked and used in a DDoS attack is false. Near as I can tell, a German reporter talking to someone at Fortinet got it wrong , and then everyone else ran with it without reading the German text. It was a hypothetical, which Fortinet eventually confirmed. Or maybe it was a stock-price hack.

DDOS 299

DDOS Hacking Internet Internet 299

Tech Republic Security

FEBRUARY 9, 2024

Learn about the differences between Bitwarden's Free and Premium versions and decide which one is the right fit for your password management needs.

Password Management 170

Password Management Passwords 170

Malwarebytes

FEBRUARY 9, 2024

The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), and other authoring agencies have released a joint guidance about common living off the land (LOTL) techniques and common gaps in cyber defense capabilities. Living Off The Land (LOTL) is a covert cyberattack technique in which criminals carry out malicious activities using legitimate IT administration tools.

Software 145

Software Ransomware Backups Manufacturing 145

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

The Hacker News

FEBRUARY 9, 2024

Apple macOS users are the target of a new Rust-based backdoor that has been operating under the radar since November 2023. The backdoor, codenamed RustDoor by Bitdefender, has been found to impersonate an update for Microsoft Visual Studio and target both Intel and Arm architectures.

Architecture 145

Architecture 145

Security Affairs

FEBRUARY 9, 2024

Black Basta ransomware gang claims the hack of the car maker Hyundai Motor Europe and the theft of three terabytes of their data. BleepingComputer reported that the Car maker Hyundai Motor Europe was breached by the Black Basta ransomware gang. The threat actors claim to have stolen three terabytes of data from the company. In January the company experienced IT issues, the outage was likely caused by the ransomware attack, but the company did not disclose it.

Hacking 144

Hacking Ransomware Data breaches Manufacturing 144

Penetration Testing

FEBRUARY 9, 2024

libuv is one such thread, a versatile C library that underpins the asynchronous heartbeat of applications far and wide, from the bustling event loops of Node.js to the quiet efficiency of various software projects.... The post CVE-2024-24806: Critical SSRF Flaw Found in libuv – a Multi-Platform C Library appeared first on Penetration Testing.

Penetration Testing 141

Penetration Testing Software 141

The Hacker News

FEBRUARY 9, 2024

The operators of Raspberry Robin are now using two new one-day exploits to achieve local privilege escalation, even as the malware continues to be refined and improved to make it stealthier than before.

Malware 143

Malware 143

Security Affairs

FEBRUARY 9, 2024

Researcher demonstrated how to exploit a signed Minifilter Driver in a BYOVD attack to terminate a specific process from the kernel. Exploiting a signed Minifilter Driver that can be used to used the BYOVD attack technique to a program able to terminate a specific process from the kernel. Exploiting a vulnerable Minifilter Driver to create a process killer Bring Your Own Vulnerable Driver (BYOVD) is a technique that uses a vulnerable driver in order to achieve a specific goal.

Malware 141

Malware Hacking Accountability Software 141

Malwarebytes

FEBRUARY 9, 2024

In a new blog post, Ivanti says that it has found another vulnerability and urges customers to “immediately take action to ensure you are fully protected”. This vulnerability only affects a limited number of supported versions–Ivanti Connect Secure (version 9.1R14.4, 9.1R17.2, 9.1R18.3, 22.4R2.2 and 22.5R1.1), Ivanti Policy Secure version 22.5R1.1 and ZTA version 22.6R1.3.

Authentication 139

Authentication Risk Cybersecurity 139

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

Security Affairs

FEBRUARY 9, 2024

Fortinet warns that the recently discovered critical remote code execution flaw in FortiOS SSL VPN, tracked CVE-2024-21762, is being actively exploited. Fortinet is warning that the recently discovered critical remote code execution vulnerability in FortiOS SSL VPN, tracked as CVE-2024-21762 (CVSS score 9.6), is actively exploited in attacks in the wild.

VPN 138

VPN Firmware Malware Government 138

The Hacker News

FEBRUARY 9, 2024

Introduction The modern software supply chain represents an ever-evolving threat landscape, with each package added to the manifest introducing new attack vectors. To meet industry requirements, organizations must maintain a fast-paced development process while staying up-to-date with the latest security patches.

Software 135

Software 135

Security Affairs

FEBRUARY 9, 2024

Ivanti warns customers of a new authentication bypass vulnerability in its Connect Secure, Policy Secure, and ZTA gateway devices. Ivanti has warned customers of a new high-severity security vulnerability, tracked as CVE-2024-22024 (CVSS score 8.3), in its Connect Secure, Policy Secure, and ZTA gateway devices that could allow attackers to bypass authentication.

Authentication 138

Authentication Software Internet Internet 138

Security Boulevard

FEBRUARY 9, 2024

Cybercriminals are shifting their focus toward targeted identity fraud and scams resulting in fewer overall victims. The post 2023 Sees Record Data Compromises Amidst Changing Tactics appeared first on Security Boulevard.

Scams 134

Scams Social Engineering Data privacy Data breaches 134

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

The Hacker News

FEBRUARY 9, 2024

Sixty-one banking institutions, all of them originating from Brazil, are the target of a new banking trojan called Coyote. "This malware utilizes the Squirrel installer for distribution, leveraging Node.js and a relatively new multi-platform programming language called Nim as a loader to complete its infection," Russian cybersecurity firm Kaspersky said in a Thursday report.

Banking 134

Banking Malware Cybersecurity 134

Bleeping Computer

FEBRUARY 9, 2024

Microsoft warned Outlook for Microsoft 365 users that clients might have issues connecting to email servers via Exchange ActiveSync after a January update. [.

127

127

Security Boulevard

FEBRUARY 9, 2024

C-level executives and others in managerial positions are by far the top targets of increasingly popular phishing attacks that involve malicious QR codes. According to researchers with Abnormal Security, members of the C-suite in the fourth quarter of 2023 were 42 times more likely to receive a QR code phishing – or “quishing” – attack. The post QR Code Phishing Attacks Target High-Level Executives: Report appeared first on Security Boulevard.

Phishing 125

Phishing Mobile Malware Cybersecurity 125

Bleeping Computer

FEBRUARY 9, 2024

CISA confirmed today that attackers are actively exploiting a critical remote code execution (RCE) bug patched by Fortinet on Thursday. [.

126

126

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Software

Security Boulevard

FEBRUARY 9, 2024

The U.S. government appears eager to finish off what’s left of the notorious Hive ransomware group, offering a $10 million reward for information that leads to the identification and location of any of the leaders of the gang. The State Department on top of that is offering another $5 million for information that results in. The post US Offers $10 Million Reward for Info About Hive Ransomware Leaders appeared first on Security Boulevard.

Ransomware 125

Ransomware Government Malware Cybersecurity 125

WIRED Threat Level

FEBRUARY 9, 2024

“Had this all been contrived? Had his life become a game in which everyone knew the rules but him?” An exclusive excerpt from 2054: A Novel.

124

124

eSecurity Planet

FEBRUARY 9, 2024

A next generation firewall (NGFW) performs deep packet inspection to check the contents of the data flowing through the firewall. Unlike more basic firewalls that only check the header of data packets, NGFWs examine and evaluate the payload data within the packet. This deep packet inspection provides the basis for the various NGFW features that improve malware blocking.

Firewall 112

Firewall Encryption Malware Artificial Intelligence 112

Penetration Testing

FEBRUARY 9, 2024

A proof-of-concept (PoC) for CVE-2024-20328, a critical vulnerability in ClamAV, a popular open-source antivirus engine, that allows arbitrary code execution, was published. The vulnerability exploits the unsuspecting nature of ClamAV’s VirusEvent feature. It is here,... The post No Click Required: PoC Available for ClamAV Command Injection Bug (CVE-2024-20328) appeared first on Penetration Testing.

Penetration Testing 111

Penetration Testing Antivirus Engineering 111

Advertisement

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

Cybersecurity

Bleeping Computer

FEBRUARY 9, 2024

A new Rust-based macOS malware spreading as a Visual Studio update to provide backdoor access to compromised systems uses infrastructure linked to the infamous ALPHV/BlackCat ransomware gang. [.

Malware 107

Malware Ransomware 107

Malwarebytes

FEBRUARY 9, 2024

This article is based on research by Marcelo Rivero, Malwarebytes’ ransomware specialist, who monitors information published by ransomware gangs on their Dark Web sites. In this report, “known attacks” are those where the victim did not pay a ransom. This provides the best overall picture of ransomware activity, but the true number of attacks is far higher. 2023 was an explosive year for ransomware.

Ransomware 101

Ransomware Education Social Engineering Manufacturing 101

Bleeping Computer

FEBRUARY 9, 2024

The U.S. Federal Trade Commission (FTC) says Americans over $10 billion to scammers in 2023, marking a 14% increase in reported losses compared to the previous year. [.

105

105

Heimadal Security

FEBRUARY 9, 2024

An insider data breach at Verizon has compromised the personal information of more than 63,000 employees, nearly half of the company’s global workforce. The telecommunications giant disclosed the incident in a Data Breach Notification with the Office of the Maine Attorney General, revealing that the breach occurred around September 21, 2023, due to unauthorized access […] The post Insider Data Breach at Verizon Affects Over 63,000 Employees appeared first on Heimdal Security Blog.

Data breaches 100

Data breaches Telecommunications Cybersecurity 100

Advertisement

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

Webroot

FEBRUARY 9, 2024

OpenText is committed to providing you with the latest intelligence and tips to safeguard your digital life, especially during high-risk periods like tax season. Our threat analysts are constantly monitor the ebb and flow of various threats. One trend that has recently caught our attention is the notable spike in malware-infected cracked software, particularly as we enter tax season.

Scams 99

Scams Software Identity Theft Malware 99

Penetration Testing

FEBRUARY 9, 2024

Recently, a critical flaw, nestled within the SSL-VPN feature of SonicWall’s SonicOS, has been brought to light, exposing a gap wide enough for remote attackers to slip through unnoticed. Dubbed CVE-2024-22394, this vulnerability exposes... The post CVE-2024-22394 Exposed: SonicWall SSL-VPN’s Authentication Flaw appeared first on Penetration Testing.

Authentication 96

Authentication Penetration Testing VPN 96

SecureWorld News

FEBRUARY 9, 2024

The cloud is the de facto platform for delivery of applications and services in the modern digital era. Identity as the new digital perimeter is the cornerstone for assuring secure "Anytime, Anywhere, Authorized" access to protect enterprise security and privacy. Zero Trust and SDP complement Identity to secure the extended enterprise ecosystem given the rash of supply chain attacks and exponential growth of IoT devices, many of which lack adequate security.

IoT 96

IoT VPN Architecture Risk 96

Penetration Testing

FEBRUARY 9, 2024

In the fast-paced world of cybersecurity, where new threats emerge daily, it’s all too easy to forget about the dangers lurking in the shadows of the past. However, a recent investigation by Check Point... The post Old Vulnerabilities, New Attacks: Encrypted MalDocs Evade Detection appeared first on Penetration Testing.

Encryption 94

Encryption Penetration Testing Cybersecurity Malware 94

Advertisement

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.

Cybersecurity