Mon.Mar 11, 2024

article thumbnail

Incognito Darknet Market Mass-Extorts Buyers, Sellers

Krebs on Security

Borrowing from the playbook of ransomware purveyors, the darknet narcotics bazaar Incognito Market has begun extorting all of its vendors and buyers, threatening to publish cryptocurrency transaction and chat records of users who refuse to pay a fee ranging from $100 to $20,000. The bold mass extortion attempt comes just days after Incognito Market administrators reportedly pulled an “exit scam” that left users unable to withdraw millions of dollars worth of funds from the platform.

Marketing 321
article thumbnail

Using LLMs to Unredact Text

Schneier on Security

Initial results in using LLMs to unredact text based on the size of the individual-word redaction rectangles. This feels like something that a specialized ML system could be trained on.

320
320
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

CVE-2024-21378 — Remote Code Execution in Microsoft Outlook 

NetSpi Technical

In 2023 NetSPI discovered that Microsoft Outlook was vulnerable to authenticated remote code execution (RCE) via synced form objects. This blog will cover how we discovered CVE-2024-21378 and weaponized it by modifying Ruler , an Outlook penetration testing tool published by SensePost. Note, a pull request containing the proof-of-concept code is forthcoming to provide organizations with sufficient time to patch.

article thumbnail

Airbnb Bans All Indoor Security Cameras

WIRED Threat Level

Starting at the end of April, Airbnb will no longer allow hosts to have security cameras inside their rental properties, citing a commitment to prioritizing guest privacy.

145
145
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Massive cyberattacks hit French government agencies

Security Affairs

A series of “intense” cyberattacks hit multiple French government agencies, revealed the prime minister’s office. “Several “intense” cyberattacks targeted multiple French government agencies since Sunday night, as disclosed by the prime minister’s office.” The French minister’s office did not provide details about the attacks, however, the French agencies were likely hit with distributed denial-of-service (DDoS) attacks.

article thumbnail

The 4 Big Questions the Pentagon’s New UFO Report Fails to Answer

WIRED Threat Level

The Pentagon says it’s not hiding aliens, but it stops notably short of saying what it is hiding. Here are the key questions that remain unanswered—some answers could be weirder than UFOs.

145
145

More Trending

article thumbnail

New Banking Trojan CHAVECLOAK Targets Brazilian Users via Phishing Tactics

The Hacker News

Users in Brazil are the target of a new banking trojan known as CHAVECLOAK that's propagated via phishing emails bearing PDF attachments. "This intricate attack involves the PDF downloading a ZIP file and subsequently utilizing DLL side-loading techniques to execute the final malware," Fortinet FortiGuard Labs researcher Cara Lin said.

Banking 141
article thumbnail

Experts released PoC exploit for critical Progress Software OpenEdge bug

Security Affairs

Researchers released technical specifics and a PoC exploit for a recently disclosed flaw in Progress Software OpenEdge Authentication Gateway and AdminServer. Researchers from Horizon3.ai have published technical details and a proof-of-concept (PoC) exploit for the critical security flaw CVE-2024-1403 in Progress Software OpenEdge Authentication Gateway and AdminServer. “The Progress OpenEdge team recently identified a security vulnerability in OpenEdge Release 11.7.18 and earlier, OpenEdg

Software 141
article thumbnail

Over 15,000 hacked Roku accounts sold for 50¢ each to buy hardware

Bleeping Computer

Roku has disclosed a data breach impacting over 15,000 customers after hacked accounts were used to make fraudulent purchases of hardware and streaming subscriptions. [.

article thumbnail

Magnet Goblin group used a new Linux variant of NerbianRAT malware

Security Affairs

The financially motivated hacking group Magnet Goblin uses various 1-day flaws to deploy custom malware on Windows and Linux systems. A financially motivated threat actor named Magnet Goblin made the headlines for rapidly adopting and exploiting 1-day vulnerabilities, CheckPoint warned. The group focuses on internet-facing services, in at least one instance the group exploited the vulnerability CVE-2024-21887 in Ivanti Connect Secure VPN.

Malware 139
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Irony of Ironies: CISA Hacked — ‘by China’

Security Boulevard

Free rides and traffic jams: U.S. Cybersecurity and Infrastructure Security Agency penetrated in February, via vuln in Ivanti. The post Irony of Ironies: CISA Hacked — ‘by China’ appeared first on Security Boulevard.

Hacking 138
article thumbnail

BianLian group exploits JetBrains TeamCity bugs in ransomware attacks

Security Affairs

BianLian ransomware group was spotted exploiting vulnerabilities in JetBrains TeamCity software in recent attacks. Researchers from GuidePoint Security noticed, while investigating a recent attack linked to the BianLian ransomware group, that the threat actors gained initial access to the target by exploiting flaws in a TeamCity server. The BianLian ransomware emerged in August 2022, the malware was employed in attacks against organizations in various industries, including manufacturing, media a

article thumbnail

South Korean Citizen Detained in Russia on Cyber Espionage Charges

The Hacker News

Russia has detained a South Korean national for the first time on cyber espionage charges and transferred from Vladivostok to Moscow for further investigation. The development was first reported by Russian news agency TASS.

137
137
article thumbnail

Binance’s Top Crypto Crime Investigator Is Being Detained in Nigeria

WIRED Threat Level

Tigran Gambaryan, a former crypto-focused US federal agent, and a second Binance executive, Nadeem Anjarwalla, have been held in Abuja without passports for two weeks.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

BianLian Threat Actors Exploiting JetBrains TeamCity Flaws in Ransomware Attacks

The Hacker News

The threat actors behind the BianLian ransomware have been observed exploiting security flaws in JetBrains TeamCity software to conduct their extortion-only attacks.

article thumbnail

Data brokers admit they’re selling information on precise location, kids, and reproductive healthcare

Malwarebytes

Information newly made available under California law has shed light on data broker practices, including exactly what categories of information they trade in. Any business that meets the definition of data broker must register with the California Privacy Protection Agency (CPPA) annually. The CPPA defines data brokers as businesses that consumers don’t directly interact with, but that buy and sell information about consumers from and to other businesses.

article thumbnail

New ‘Planet Stealer’ Malware Emerges: Your Passwords and Crypto Wallets at Risk

Penetration Testing

A dangerous new malware named Planet Stealer is making its rounds in the cybercriminal underworld, and security experts warn that your passwords, cryptocurrency wallets, and other sensitive information could be in its sights. Analyzed... The post New ‘Planet Stealer’ Malware Emerges: Your Passwords and Crypto Wallets at Risk appeared first on Penetration Testing.

Passwords 132
article thumbnail

Data Leakage Prevention in the Age of Cloud Computing: A New Approach

The Hacker News

As the shift of IT infrastructure to cloud-based solutions celebrates its 10-year anniversary, it becomes clear that traditional on-premises approaches to data security are becoming obsolete. Rather than protecting the endpoint, DLP solutions need to refocus their efforts to where corporate data resides - in the browser. A new guide by LayerX titled "On-Prem is Dead.

129
129
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

What We Learned from These 3 API Security Breaches

IT Security Guru

They say, “Experience is the best teacher.” Well, they never said it had to be your experience. If we look closely, there are lessons to be learned from these five fateful API attacks that can help any organisation secure its APIs better. Here they are. Zendesk 2017 The scenario: The helpdesk ticketing platform Zendesk was exposed to attackers thanks to a SQL injection vulnerability in a GraphQL endpoint.

Phishing 128
article thumbnail

Microsoft says Windows 10 21H2 support is ending in June

Bleeping Computer

Microsoft announced today that it would end support for Windows 10 21H2 in June when the Enterprise and Education editions reach the end of service. [.

Education 124
article thumbnail

Threat Groups Rush to Exploit JetBrains’ TeamCity CI/CD Security Flaws

Security Boulevard

The cyberthreats to users of JetBrains’ TeamCity CI/CD platform continue to mount a week after the company issued two fixes to security vulnerabilities, with one cybersecurity vendor noting a ransomware attack that included exploiting the flaws for initial access and a search engine reporting that 1,442 vulnerable instances showed signs of exploitation.

article thumbnail

Researchers expose Microsoft SCCM misconfigs usable in cyberattacks

Bleeping Computer

Security researchers have created a knowledge base repository for attack and defense techniques based on improperly setting up Microsoft's Configuration Manager, which could allow an attacker to execute payloads or become a domain controller. [.

123
123
article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

article thumbnail

CVE-2024-2194: WP Statistics Flaw Opens 600K+ WordPress Sites to Attack

Penetration Testing

Wordfence, a leading authority in WordPress security warns about a serious vulnerability in the widely used WP Statistics plugin. This vulnerability (CVE-2024-2194) allows attackers to inject malicious code directly into a WordPress website, putting... The post CVE-2024-2194: WP Statistics Flaw Opens 600K+ WordPress Sites to Attack appeared first on Penetration Testing.

article thumbnail

Beware of OpenAI and ChatGPT-4 Turbo in Healthcare Orgs’ API Attack Surface

Security Boulevard

With every new healthcare API integration that OpenAI gets access to, the attack surface grows, creating new opportunities for attackers. The post Beware of OpenAI and ChatGPT-4 Turbo in Healthcare Orgs’ API Attack Surface appeared first on Security Boulevard.

article thumbnail

Embracing the Cloud: Revolutionizing Privileged Access Management with One Identity PAM Essentials

The Hacker News

As cyber threats loom around every corner and privileged accounts become prime targets, the significance of implementing a robust Privileged Access Management (PAM) solution can't be overstated. With organizations increasingly migrating to cloud environments, the PAM Solution Market is experiencing a transformative shift toward cloud-based offerings.

article thumbnail

Phobos Unleashed: Navigating the Maze of Ransomware’s Ever-Evolving Threat

Security Boulevard

Threat Overview – Phobos The Phobos Ransomware variant has been active since May of 2019, targeting a variety of entities that include governments, emergency services, critical infrastructure, education and public healthcare. Operating under a RaaS (Ransomware-as-a-Service) model, this ransomware variant has been responsible for the extortion of millions of dollars from victims targeted.

article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

OpenArk: Next Generation of Anti-Rootkit(ARK) tool for Windows

Penetration Testing

OpenArk OpenArk is an open-source anti-rootkit (ARK) tool for Windows. Ark is an Anti-Rootkit abbreviated, it aims at reversing/programming helper, and also users can find hidden malwares in the OS. More and more powerful... The post OpenArk: Next Generation of Anti-Rootkit(ARK) tool for Windows appeared first on Penetration Testing.

article thumbnail

VulnRecap 3/11/24 – JetBrains & Atlassian Issues Persist

eSecurity Planet

This past week, both JetBrains TeamCity and Atlassian Confluence products have run into more hiccups as their string of vulnerabilities continues. Apple’s also had plenty to patch, and Cisco, OpenEdge, and VMware appeared in the news, too. JetBrains and Atlassian users should pay special attention since vulnerabilities continue cropping up in the same products.

article thumbnail

STRIDE GPT: An AI-powered threat modeling tool

Penetration Testing

STRIDE GPT STRIDE GPT is an AI-powered threat modeling tool that leverages OpenAI’s GPT models to generate threat models and attack trees for a given application based on the STRIDE methodology. Users provide application... The post STRIDE GPT: An AI-powered threat modeling tool appeared first on Penetration Testing.

article thumbnail

Russian Hackers Gained Access to Microsoft Source Code, Customer Secrets

SecureWorld News

In a sobering update released March 8th, Microsoft has revealed that the Russian state-sponsored hacking group Midnight Blizzard, also tracked as Nobelium, has gained unauthorized access to some of the company's source code repositories and internal systems. This follows an initial breach of Microsoft's corporate email systems detected in January 2024.

article thumbnail

IT Leadership Agrees AI is Here, but Now What?

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.