Schneier on Security
FEBRUARY 21, 2024
First-person account of someone who fell for a scam, that started as a fake Amazon service rep and ended with a fake CIA agent, and lost $50,000 cash. And this is not a naive or stupid person. The details are fascinating. And if you think it couldn’t happen to you, think again. Given the right set of circumstances, it can. It happened to Cory Doctorow.
The Last Watchdog
FEBRUARY 21, 2024
Achieving “ digital trust ” is not going terribly well globally. Related: How decentralized IoT boosts decarbonization Yet, more so than ever, infusing trustworthiness into modern-day digital services has become mission critical for most businesses. Now comes survey findings that could perhaps help to move things in the right direction. According to DigiCert’s 2024 State of Digital Trust Survey results, released today , companies proactively pursuing digital trust are seeing boosts in revenue, i
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Tech Republic Security
FEBRUARY 21, 2024
Australian IT and security teams should play key roles in communications during outages and cyber attacks; they also need to be prepared to act when such a tech-related crisis occurs.
Malwarebytes
FEBRUARY 21, 2024
I know that some of you are expecting a post similar to that about a toothbrush botnet , but this is not a hypothetical case. It actually happened. A Malwarebytes Premium customer started a thread on Reddit saying we had blocked malware from trying to infect their computer after they connected a vibrator to a USB port in order to charge the device. The vibrator, Spencer’s Sexology Pussy Power 8-Function Rechargeable Bullet Vibrator, was infected with an information stealer known as Lumma.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Thales Cloud Protection & Licensing
FEBRUARY 21, 2024
How Thales and Red Hat Protect Telcos from API Attacks madhav Thu, 02/22/2024 - 04:55 Application programming interfaces (APIs) power nearly every aspect of modern applications and have become the backbone of today’s economy. Every time you send a mobile payment, search for airline flight prices, or book a restaurant reservation - you are using an API.
The Hacker News
FEBRUARY 21, 2024
Cybersecurity researchers have identified two authentication bypass flaws in open-source Wi-Fi software found in Android, Linux, and ChromeOS devices that could trick users into joining a malicious clone of a legitimate network or allow an attacker to join a trusted network without a password.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
Bleeping Computer
FEBRUARY 21, 2024
A threat actor is using an open-source network mapping tool named SSH-Snake to look for private keys undetected and move laterally on the victim infrastructure. [.
Security Affairs
FEBRUARY 21, 2024
VMware urges customers to uninstall the deprecated Enhanced Authentication Plugin (EAP) after the disclosure of a critical flaw CVE-2024-22245. VMware is urging users to uninstall the deprecated Enhanced Authentication Plugin (EAP) after the discovery of an arbitrary authentication relay flaw CVE-2024-22245 (CVSS score: 9.6). A threat actor could trick a domain user with EAP installed in its web browser into requesting and relaying service tickets for arbitrary Active Directory Service Principal
Malwarebytes
FEBRUARY 21, 2024
Data from a Chinese cybersecurity vendor that works for the Chinese government has exposed a range of hacking tools and services. Although the source is not entirely clear, it seems that a disgruntled staff member of the group leaked the information on purpose. The vendor, i-Soon (aka Anxun) is believed to be a private contractor that operates as an Advanced Persistent Threat (APT) -for-hire, servicing China’s Ministry of Public Security (MPS).
The Hacker News
FEBRUARY 21, 2024
The U.S. State Department has announced monetary rewards of up to $15 million for information that could lead to the identification of key leaders within the LockBit ransomware group and the arrest of any individual participating in the operation.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
Security Affairs
FEBRUARY 21, 2024
China-linked APT group Mustang Panda targeted various Asian countries with a variant of the PlugX (aka Korplug) backdoor dubbed DOPLUGS. Trend Micro researchers uncovered a cyberespionage campaign, carried out by China-linked APT group Mustang Panda , targeting Asian countries, including Taiwan, Vietnam, and Malaysia. Mustang Panda has been active since at least 2012, it targeted American and European entities such as government organizations, think tanks, NGOs , and even Catholic organiza
Penetration Testing
FEBRUARY 21, 2024
The Spring Framework, a cornerstone of countless enterprise Java applications, recently revealed a significant vulnerability (CVE-2024-22243). This high-severity flaw could enable attackers to exploit applications that process external URLs, potentially leading to open redirect... The post CVE-2024-22243: Spring Framework Flaw Opens Doors to Redirects and SSRF Attacks appeared first on Penetration Testing.
Security Affairs
FEBRUARY 21, 2024
A new malware campaign targets Redis servers to deploy the mining crypto miner Migo on compromised Linux hosts. Caro Security researchers have observed a new malware campaign targeting Redis servers with a crypto miner dubbed Migo. The campaign stands out for the use of several novel system weakening techniques against the data store itself. Migo is a Golang ELF binary with compile-time obfuscation, it is also able to maintain persistence on Linux hosts.
Security Boulevard
FEBRUARY 21, 2024
The cybersecurity landscape is challenging, and organizations must evolve defense measures in response to escalating threats. The post 5 Trends Shaping Cybersecurity Strategy: AI Threats, SASE, ZTNA & XDR appeared first on Security Boulevard.
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
Penetration Testing
FEBRUARY 21, 2024
Atlassian has released a security update addressing CVE-2024-21678 (CVSS 8.5), a high-severity stored cross-site scripting (XSS) vulnerability impacting multiple Confluence Server and Data Center versions. Organizations using the affected software must prioritize immediate patching... The post CVE-2024-21678: High-Severity Atlassian Confluence XSS – Act Now appeared first on Penetration Testing.
SecureBlitz
FEBRUARY 21, 2024
In 2020, the digital landscape witnessed a cunning maneuver by the infamous Astaroth malware. This infostealing Trojan, notorious for targeting Brazilian users, adopted a novel tactic to evade detection and compromise unsuspecting victims: hiding its malicious code within YouTube channel descriptions. Cisco Talos researchers first uncovered this devious strategy, revealing that Astaroth embedded encrypted and […] The post Astaroth malware uses YouTube channel descriptions for hacks appeare
Penetration Testing
FEBRUARY 21, 2024
OpenVPN has released version 2.6.9 for Windows, Mac, and Linux, addressing a severe privilege escalation vulnerability (CVE-2023-7235). This flaw, discovered by Will Dormann, affects Windows GUI installations of OpenVPN. During non-standard OpenVPN GUI installations... The post CVE-2023-7235: OpenVPN Vulnerability Puts Windows Users at Risk appeared first on Penetration Testing.
eSecurity Planet
FEBRUARY 21, 2024
A firewall audit is a procedure for reviewing and reconfiguring firewalls as needed so they still suit your organization’s security goals. Over time, business network needs, traffic patterns, and application access change. Auditing your firewall is one of the most important steps to ensuring it’s still equipped to protect the perimeter of your business’ network.
Advertisement
Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!
NetSpi Executives
FEBRUARY 21, 2024
Artificial Intelligence (AI) and Machine Learning (ML) present limitless possibilities for enhancing business processes, but they also expand the potential for malicious actors to exploit security risks. Like many technologies that came before it, AI is advancing faster than security standards can keep up with. That’s why we guide security leaders to go a step further by taking an adversarial lens to their company’s AI and ML implementations.
Duo's Security Blog
FEBRUARY 21, 2024
Duo Labs is back! Well, not exactly in the same form — but the sentiment, heart, and function of Duo Labs is back. For the curious, the original Duo Labs was a team of amazing security researchers, tinkerers, and thinkers that published their findings, experiments, and explorations on the Duo Labs site. Perhaps most famously, the team sent a phone equipped with Duo mobile into space — attempting to complete a Duo push from 90,000 feet.
eSecurity Planet
FEBRUARY 21, 2024
A circuit-level gateway (CLG) is a firewall feature that acts as a proxy and filters packets based on session information. CLGs are important because they provide specialized security filtering and prevent the discovery of IP addresses and open ports on CLG-protected devices. The best use cases stem from how CLGs work, their pros, cons, and how they function differently than other potential solutions.
Bleeping Computer
FEBRUARY 21, 2024
Both technical details and proof-of-concept exploits are available for the two vulnerabilities ConnectWise disclosed earlier this week for ScreenConnect, its remote desktop and access software. [.
Advertisement
Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.
The Hacker News
FEBRUARY 21, 2024
With SaaS applications now making up the vast majority of technology used by employees in most organizations, tasks related to identity governance need to happen across a myriad of individual SaaS apps.
Graham Cluley
FEBRUARY 21, 2024
Heaven's above! Scammers are exploiting online funerals, and Lockbit - the "Walmart of Ransomware" - is dismantled in style by cyber cops. All this and more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault.
The Hacker News
FEBRUARY 21, 2024
On Thanksgiving Day 2023, while many Americans were celebrating, hospitals across the U.S. were doing quite the opposite. Systems were failing. Ambulances were diverted. Care was impaired.
Bleeping Computer
FEBRUARY 21, 2024
Security researchers are warning of hackers abusing the Google Cloud Run service to distribute massive volumes of banking trojans like Astaroth, Mekotio, and Ousaban. [.
Advertisement
IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.
Security Affairs
FEBRUARY 21, 2024
U.S. government offers rewards of up to $15 million for information that could lead to the identification or location of LockBit ransomware gang members and affiliates. The U.S. Department of State is offering a reward of up to $15 million for information leading to the identification or location of members of the Lockbit ransomware gang and their affiliates. “The Department of State is announcing reward offers totaling up to $15 million for information leading to the arrest and/or convic
Penetration Testing
FEBRUARY 21, 2024
In alarming news from February 2024, ConnectWise, a prevalent provider of remote desktop software, disclosed severe security flaws within their ScreenConnect product. These flaws pose an immediate danger, with active exploitation already observed. The... The post CVE-2024-1709 & 1708: ScreenConnect Vulnerabilities Under Active Attack appeared first on Penetration Testing.
Bleeping Computer
FEBRUARY 21, 2024
The U.S. State Department is now also offering rewards of up to $15 million to anyone who can provide information about LockBit ransomware gang members and their associates. [.
Penetration Testing
FEBRUARY 21, 2024
In September 2023, the infamous Russian-linked cyber-espionage group APT29 flexed its muscle again, this time targeting embassies of several nations with a well-crafted attack. The group exploited a critical vulnerability in WinRAR (CVE-2023-38831) to... The post APT29’s Espionage Campaign Exploits WinRAR Flaw, Targets Embassies appeared first on Penetration Testing.
Advertisement
Leverage the Cloud Development Environment Maturity Model to elevate your software development practices with scalable, secure cloud-based workspaces. This model offers a structured approach to modernizing development, aligning technology, developer experience, security, and workflows. By implementing Cloud Development Environments (CDEs), teams can boost efficiency, improve security, and streamline operations through centralized governance.
Expert insights. Personalized for you.
305 
Let's personalize your content