Wed.Feb 28, 2024

article thumbnail

Calendar Meeting Links Used to Spread Mac Malware

Krebs on Security

Malicious hackers are targeting people in the cryptocurrency space in attacks that start with a link added to the target’s calendar at Calendly , a popular application for scheduling appointments and meetings. The attackers impersonate established cryptocurrency investors and ask to schedule a video conference call. But clicking the meeting link provided by the scammers prompts the user to run a script that quietly installs malware on macOS systems.

Malware 309
article thumbnail

Best Secure Access Service Edge Platforms in 2024

Tech Republic Security

Here are the top Secure Access Service Edge platforms that provide security and network functionality. Find the best SASE solution for your business needs.

157
157
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Chinese Hackers Exploiting Ivanti VPN Flaws to Deploy New Malware

The Hacker News

At least two different suspected China-linked cyber espionage clusters, tracked as UNC5325 and UNC3886, have been attributed to the exploitation of security flaws in Ivanti Connect Secure VPN appliances. UNC5325 abused CVE-2024-21893 to deliver a wide range of new malware called LITTLELAMB.

VPN 143
article thumbnail

hide.me VPN Free vs. Premium: Which Plan Is Right For You?

Tech Republic Security

Compare the differences between hide.me VPN's free and premium versions. Find out about the features, pros and cons of each option.

VPN 154
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

FBI Warns U.S. Healthcare Sector of Targeted BlackCat Ransomware Attacks

The Hacker News

The U.S. government is warning about the resurgence of BlackCat (aka ALPHV) ransomware attacks targeting the healthcare sector as recently as this month. "Since mid-December 2023, of the nearly 70 leaked victims, the healthcare sector has been the most commonly victimized," the government said in an updated advisory.

article thumbnail

TunnelBear VPN Free vs. Paid: Which Plan Is Right for You?

Tech Republic Security

TunnelBear VPN offers both free and paid versions, each with its own set of pros and cons. Learn about the differences and decide which one is right for you.

VPN 145

More Trending

article thumbnail

President Biden Blocks Mass Transfer of Personal Data to High-Risk Nations

The Hacker News

U.S. President Joe Biden has issued an Executive Order that prohibits the mass transfer of citizens' personal data to countries of concern. The Executive Order also "provides safeguards around other activities that can give those countries access to Americans' sensitive data," the White House said in a statement.

Risk 141
article thumbnail

CVE-2024-25065 & CVE-2024-23946: Critical Vulnerabilities Exposed in Apache OFBiz

Penetration Testing

Apache OFBiz, the popular open-source ERP framework, has recently been in the security spotlight. Two critical vulnerabilities (CVE-2024-25065, CVE-2024-23946) have been discovered that put a wide range of businesses at risk. Decoding the Vulnerabilities... The post CVE-2024-25065 & CVE-2024-23946: Critical Vulnerabilities Exposed in Apache OFBiz appeared first on Penetration Testing.

article thumbnail

FBI, CISA, HHS warn of targeted ALPHV/Blackcat ransomware attacks against the healthcare sector

Security Affairs

The FBI, CISA, and the Department of HHS warned U.S. healthcare organizations of targeted ALPHV/Blackcat ransomware attacks. A cybersecurity alert published by the FBI, CISA, and the Department of Health and Human Services (HHS) warned U.S. healthcare organizations of targeted attacks conducted by ALPHV/Blackcat ransomware attacks. The US agencies released a report containing IOCs and TTPs associated with the ALPHV Blackcat RaaS operation identified through law enforcement investigations conduct

article thumbnail

SVG Attacks: How GULoader Malware Sneaks into Your Network

Penetration Testing

The cybersecurity world is a battlefield of constant change – understanding your enemy’s weapons and strategies is key to survival. Enter GULoader, a malware favored by cybercriminals for its stealth, adaptability, and ability to... The post SVG Attacks: How GULoader Malware Sneaks into Your Network appeared first on Penetration Testing.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Russia-linked APT28 compromised Ubiquiti EdgeRouters to facilitate cyber operations

Security Affairs

Russian cyberspies are compromising Ubiquiti EdgeRouters to evade detection, warns a joint advisory published by authorities. The Federal Bureau of Investigation (FBI), National Security Agency (NSA), US Cyber Command, and international partners released a joint Cybersecurity Advisory (CSA) to warn that Russia-linked threat actors are using compromised Ubiquiti EdgeRouters (EdgeRouters) to evade detection in cyber operations worldwide.

article thumbnail

Change Healthcare outages reportedly caused by ransomware

Malwarebytes

On Wednesday February 21, 2024, Change Healthcare—a subsidiary of UnitedHealth Group—experienced serious system outages due to a cyberattack. In a Form 8-K filing the company said it: “identified a suspected nation-state associated cyber security threat actor had gained access to some of the Change Healthcare information technology systems.” Change Healthcare is one of the largest healthcare technology companies in the United States.

article thumbnail

Pharmaceutical giant Cencora discloses a data breach

Security Affairs

Pharmaceutical giant Cencora suffered a cyber attack and threat actors stole data from its infrastructure. Pharmaceutical giant Cencora disclosed a data breach after it was the victim of a cyberattack. Cencora, Inc. , formerly known as AmerisourceBergen, is an American drug wholesale company and a contract research organization that was formed by the merger of Bergen Brunswig and AmeriSource in 2001.

article thumbnail

Lazarus hackers exploited Windows zero-day to gain Kernel privileges

Bleeping Computer

North Korean threat actors known as the Lazarus Group exploited a flaw in the Windows AppLocker driver (appid.sys) as a zero-day to gain kernel-level access and turn off security tools, allowing them to bypass noisy BYOVD (Bring Your Own Vulnerable Driver) techniques. [.

135
135
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Speedify VPN Free vs. Premium: Which Plan Is Right For You?

Tech Republic Security

Explore the differences between Speedify VPN Free and Premium versions, including features, benefits and which one is the best fit for your needs.

VPN 135
article thumbnail

Iran-Linked UNC1549 Hackers Target Middle East Aerospace & Defense Sectors

The Hacker News

An Iran-nexus threat actor known as UNC1549 has been attributed with medium confidence to a new set of attacks targeting aerospace, aviation, and defense industries in the Middle East, including Israel and the U.A.E. Other targets of the cyber espionage activity likely include Turkey, India, and Albania, Google-owned Mandiant said in a new analysis.

134
134
article thumbnail

Kali Linux 2024.1 released with 4 new tools, UI refresh

Bleeping Computer

Kali Linux has released version 2024.1, the first version of 2024, with four new tools, a theme refresh, and desktop changes. [.

134
134
article thumbnail

Superusers Need Super Protection: How to Bridge Privileged Access Management and Identity Management

The Hacker News

Traditional perimeter-based security has become costly and ineffective. As a result, communications security between people, systems, and networks is more important than blocking access with firewalls. On top of that, most cybersecurity risks are caused by just a few superusers – typically one out of 200 users.

Firewall 131
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Malicious AI models on Hugging Face backdoor users’ machines

Bleeping Computer

At least 100 instances of malicious AI ML models were found on the Hugging Face platform, some of which can execute code on the victim's machine, giving attackers a persistent backdoor. [.

132
132
article thumbnail

Stopping a targeted attack on a Managed Service Provider (MSP) with ThreatDown MDR

Malwarebytes

In late January 2024, the ThreatDown Managed Detection and Response (MDR) team found and stopped a three-month long malware campaign against a Managed Service Provider (MSP) based in Europe. In line with our observations of attackers increasingly relying on legitimate software in their attackers, the attacker employed various Living Off the Land (LOTL) techniques to avoid detection.

Malware 125
article thumbnail

Registrars can now block all domains that resemble brand names

Bleeping Computer

Registrars can now block people from registering tens of thousands of domain names that look like, are spelling variations of, or otherwise infringe on brand names. [.

article thumbnail

ALPHV is singling out healthcare sector, say FBI and CISA

Malwarebytes

In an updated #StopRansomware security advisory , the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS) has warned the healthcare industry about the danger of the ALPHV ransomware group, also known as Blackcat. According to the advisory: Since mid-December 2023, of the nearly 70 leaked victims, the healthcare sector has been the most commonly victimized.

article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

article thumbnail

Ransomware gang claims they stole 6TB of Change Healthcare data

Bleeping Computer

The BlackCat/ALPHV ransomware gang has officially claimed responsibility for a cyberattack on Optum, a subsidiary of UnitedHealth Group (UHG), which led to an ongoing outage affecting the Change Healthcare platform. [.

article thumbnail

TimbreStealer: Stealthy Information Thief Targets Mexico

Penetration Testing

Cisco Talos has discovered a highly targeted and persistent phishing campaign preying on users in Mexico. The attackers are luring potential victims with financial-themed emails tailored to the region and then tricking them into... The post TimbreStealer: Stealthy Information Thief Targets Mexico appeared first on Penetration Testing.

article thumbnail

LockBit ransomware returns to attacks with new encryptors, servers

Bleeping Computer

The LockBit ransomware gang is once again conducting attacks, using updated encryptors with ransom notes linking to new servers after last week's law enforcement disruption. [.

article thumbnail

Building Your Privacy-Compliant Customer Data Platform (CDP) with First-Party Data

The Hacker News

In today's digital era, data privacy isn't just a concern; it's a consumer demand. Businesses are grappling with the dual challenge of leveraging customer data for personalized experiences while navigating a maze of privacy regulations. The answer? A privacy-compliant Customer Data Platform (CDP). Join us for a transformative webinar where we unveil Twilio Segment's state-of-the-art CDP.

article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

What’s on the Radar for Aviation Industry Cybersecurity?

Security Boulevard

A chart to future aviation industry cybersecurity best practices Digital transformation propels industries forward, and the aviation sector stands at the forefront of change, embracing technologies that promise efficiency, safety, and customer satisfaction. However, this digital elevation also brings significant cybersecurity challenges, with the aviation industry becoming a lucrative target for cybercriminals.

article thumbnail

UNC1549’s Espionage Campaign Against Aerospace and Defense

Penetration Testing

A sophisticated espionage campaign, suspected to be linked to Iranian threat actors, is actively targeting aerospace and defense entities throughout the Middle East. Mandiant researchers have uncovered the campaign’s evolution, uncovering their use of... The post UNC1549’s Espionage Campaign Against Aerospace and Defense appeared first on Penetration Testing.

article thumbnail

Anycubic 3D printers hacked worldwide to expose security flaw

Bleeping Computer

According to a wave of online reports from Anycubic customers, someone hacked their 3D printers to warn that the devices are exposed to attacks. [.

Hacking 116
article thumbnail

Locking Up Lockbit: The Fall of a Ransomware Cartel

Security Boulevard

As of the time I’m writing this, earlier this week a cybersecurity bombshell story just broke that, for once, is actually a positive turn of events. I’m talking about Operation Cronos, an international law enforcement operation that seized the Lockbit ransomware infrastructure, led to arrests of persons affiliated with the criminal organization, and resulted in […] The post Locking Up Lockbit: The Fall of a Ransomware Cartel appeared first on TuxCare.

article thumbnail

IT Leadership Agrees AI is Here, but Now What?

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.