Krebs on Security

MARCH 5, 2024

There are indications that U.S. healthcare giant Change Healthcare has made a $22 million extortion payment to the infamous BlackCat ransomware group (a.k.a. “ ALPHV “) as the company struggles to bring services back online amid a cyberattack that has disrupted prescription drug services nationwide for weeks. However, the cybercriminal who claims to have given BlackCat access to Change’s network says the crime gang cheated them out of their share of the ransom, and that they st

Healthcare 352

Healthcare Ransomware Scams Government 352

Schneier on Security

MARCH 5, 2024

Consumer Reports has analyzed a bunch of popular Internet-connected video doorbells. Their security is terrible. First, these doorbells expose your home IP address and WiFi network name to the internet without encryption, potentially opening your home network to online criminals. […] Anyone who can physically access one of the doorbells can take over the device—no tools or fancy hacking skills needed.

Internet 312

Internet Internet Encryption Hacking 312

Tech Republic Security

MARCH 5, 2024

Learn about passwordless authentication, and explore the different types, benefits and limitations to help you decide which solution to choose.

Authentication 181

Authentication 181

The Hacker News

MARCH 5, 2024

More than 225,000 logs containing compromised OpenAI ChatGPT credentials were made available for sale on underground markets between January and October 2023, new findings from Group-IB show. These credentials were found within information stealer logs associated with LummaC2, Raccoon, and RedLine stealer malware.

Marketing 144

Marketing Malware 144

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

Malwarebytes

MARCH 5, 2024

We’re going to let you in on a little cybersecurity secret… There’s malware on Mac computers. There pretty much always has been. As revealed in our 2024 ThreatDown State of Malware report, a full 11% of all detections recorded by Malwarebytes on Mac computers in 2023 were for different variants of malware—the catch-all term that cybersecurity researchers use to refer to ransomware, trojans, info stealers, worms, viruses, and more.

Malware 139

Malware Adware Ransomware Social Engineering 139

Security Affairs

MARCH 5, 2024

Apple released emergency security updates to address two new iOS zero-day vulnerabilities actively exploited in the wild against iPhone users. Apple released emergency security updates to address two iOS zero-day vulnerabilities, respectively tracked as CVE-2024-23225 and CVE-2024-23296, that were exploited in attacks against iPhone devices. CVE-2024-23225 is a Kernel memory corruption flaw, the company addressed it with improved validation. “An attacker with arbitrary kernel read and writ

Spyware 140

Spyware Hacking Information Security 140

Security Affairs

MARCH 5, 2024

VMware released urgent patches to address critical ESXi sandbox escape vulnerabilities in the ESXi, Workstation, Fusion and Cloud Foundation products Virtualization giant VMware released urgent updates to fix critical ESXi sandbox escape vulnerabilities in the ESXi, Workstation, Fusion, and Cloud Foundation products. The most severe vulnerabilities can be exploited by an attacker with local admin privileges on a virtual machine to execute code as the virtual machine’s VMX process running o

Hacking 143

Hacking Information Security 143

The Hacker News

MARCH 5, 2024

Apple has released security updates to address several security flaws, including two vulnerabilities that it said have been actively exploited in the wild.

141

141

Malwarebytes

MARCH 5, 2024

A California federal judge has ordered spyware maker NSO Group to hand over the code for Pegasus and other spyware products that were used to spy on WhatsApp users. Meta-owned WhatsApp has been fighting NSO in court since 2019 , after Pegasus was allegedly used against 1,400 WhatsApp users over the period of two weeks. During this time, NSO Group gained access to the users’ sensitive data, including encrypted messages.

Spyware 133

Spyware Government Mobile Encryption 133

Digital Shadows

MARCH 5, 2024

Discover how Anxun's leak exposed ties to Chinese government cyber ops, APT groups, and the ShadowPad malware from our ReliaQuest Threat Research team.

Government 139

Government Malware 139

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

Bleeping Computer

MARCH 5, 2024

The National Security Agency is sharing new guidance to help organizations limit an adversary's movement on the internal network by adopting zero-trust framework principles. [.

127

127

SecureList

MARCH 5, 2024

Cyberattackers tend to give preference to legitimate tools when taking various attack steps, as these help them evade detection systems while keeping malware development costs down to a minimum. Network scanning, capturing a process memory dump, exfiltrating data, running files remotely, and even encrypting drives — all these can be done with trusted software.

Internet 127

Internet Internet Encryption Malware 127

Security Affairs

MARCH 5, 2024

Two new security flaws in JetBrains TeamCity On-Premises software can allow attackers to take over affected systems. Rapid7 researchers disclosed two new critical security vulnerabilities, tracked as CVE-2024-27198 (CVSS score: 9.8) and CVE-2024-27199 (CVSS score:7.3), in JetBrains TeamCity On-Premises. An attacker can exploit the vulnerabilities to take control of affected systems.

Software 135

Software Authentication Hacking Information Security 135

The Hacker News

MARCH 5, 2024

The threat actor known as TA577 has been observed using ZIP archive attachments in phishing emails with an aim to steal NT LAN Manager (NTLM) hashes. The new attack chain “can be used for sensitive information gathering purposes and to enable follow-on activity,” enterprise security firm Proofpoint said in a Monday report.

Phishing 123

Phishing 123

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Software

Security Affairs

MARCH 5, 2024

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft Windows Kernel vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the CVE-2024-21338 (CVSS Score 7.8) Microsoft Windows Kernel Exposed IOCTL with Insufficient Access Control vulnerability to its Known Exploited Vulnerabilities (KEV) catalog.

Ransomware 133

Ransomware Cybersecurity Software Risk 133

Security Boulevard

MARCH 5, 2024

Cloudflare wants to help organizations wall off their large-language models (LLMs) from cyberthreats and give enterprises an AI framework to ward off risks, many of which are themselves based on the emerging technology. The cloud connectivity and cybersecurity company this week introduced the Firewall for AI, another layer of protection for LLMs that are foundational.

Firewall 119

Firewall Risk Technology Cybersecurity 119

Security Affairs

MARCH 5, 2024

The U.S. government sanctioned two individuals and five entities linked to the development and distribution of the Predator spyware used to target Americans. Today, the Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced actions on two individuals and five entities associated with the Intellexa Consortium for their role in the development and distribution of the commercial Predator spyware used to target Americans.

Spyware 132

Spyware Surveillance Government Technology 132

Tech Republic Security

MARCH 5, 2024

Having a hard time getting started with Proton VPN? Learn how to use Proton VPN with our in-depth tutorial.

VPN 137

VPN 137

Advertisement

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

Cybersecurity

Bleeping Computer

MARCH 5, 2024

Apple released emergency security updates to fix two iOS zero-day vulnerabilities that were exploited in attacks on iPhones. [.

Technology 136

Technology 136

Penetration Testing

MARCH 5, 2024

Security researchers have sounded the alarm on a critical vulnerability (CVE-2024-0778) affecting outdated Zhejiang Uniview ISC cameras. This flaw left unpatched in end-of-life devices, is a gateway for attackers to inject malicious code and... The post NetKiller & Condi Botnets Exploit Uniview ISC Cameras CVE-2024-0778 Flaw appeared first on Penetration Testing.

Penetration Testing 121

Penetration Testing Malware 121

Tech Republic Security

MARCH 5, 2024

This is an in-depth tutorial on how to use TunnelBear VPN. Learn how to download, set up and use TunnelBear VPN with our guide.

VPN 119

VPN 119

Penetration Testing

MARCH 5, 2024

Japanese school uniform retailer Kanko Online Shop has disclosed a significant data breach affecting its “Kanko Online Shop Harajuku Select Square” e-commerce site. Up to 3,827 customers who made purchases between April 2021 and... The post Kanko Online Shop Breach: Thousands of Customer Credit Card Details Exposed appeared first on Penetration Testing.

Penetration Testing 121

Penetration Testing Retail Data breaches 121

Advertisement

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

WIRED Threat Level

MARCH 5, 2024

Registered Agents Inc. has for years allowed businesses to register under a cloak of anonymity. A WIRED investigation has found that its secretive founder has taken the practice to an extreme.

110

110

Penetration Testing

MARCH 5, 2024

Cisco Talos observed a collaborative effort between the GhostSec and Stormous ransomware groups, conducting double extortion attacks leveraging GhostLocker and StormousX. Their activities were revealed through Telegram communications and the Stormous data leak site.... The post GhostLocker & StormousX: Global Ransomware Attacks Hit 18 Nations appeared first on Penetration Testing.

Penetration Testing 115

Penetration Testing Ransomware Malware 115

The Hacker News

MARCH 5, 2024

A new DNS threat actor dubbed Savvy Seahorse is leveraging sophisticated techniques to entice targets into fake investment platforms and steal funds.

DNS 120

DNS Scams Banking Accountability 120

Bleeping Computer

MARCH 5, 2024

Malicious actors were detected abusing the open-source hypervisor platform QEMU as a tunneling tool in a cyberattack against a large company. [.

120

120

Advertisement

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.

Cybersecurity

Malwarebytes

MARCH 5, 2024

American Express has sent affected customers a warning that “a third party service provider engaged by numerous merchants experienced unauthorized access to its system.” In a subsequent update, American Express explained that it was not a service provider, but a merchant processor that suffered the breach. The account information of some card holders may have fallen into the wrong hands.

Data breaches 109

Data breaches Passwords Accountability Identity Theft 109

Security Boulevard

MARCH 5, 2024

IntroductionBeginning in December 2023, Zscaler’s ThreatLabz discovered a threat actor creating fraudulent Skype, Google Meet, and Zoom websites to spread malware. The threat actor spreads SpyNote RAT to Android users and NjRAT and DCRat to Windows users. This article describes and shows how the threat actor’s malicious URLs and files can be identified on these fraudulent online meeting websites.

Malware 105

Malware Software Cyber threats Mobile 105

Penetration Testing

MARCH 5, 2024

A new strategy has emerged from the depths of the dark web, challenging the conventional defenses of global enterprises and individuals alike. Resecurity, a firm at the forefront of digital forensics and cyber threat... The post Warning: Fully Undetectable (FUD) Links Exploit Trust in Cloud Giants appeared first on Penetration Testing.

Penetration Testing 112

Penetration Testing Cyber threats 112

Malwarebytes

MARCH 5, 2024

Researchers at Guardio Labs have discovered that a group of spammers is using long-forgotten subdomains from established brands like MSN, eBay, CBS, and Marvel to send out malicious emails. The emails can bypass spam checks and to recipients they look like they come from a legitimate source. A subdomain is a named sub-division of domain name. For example my.malwarebytes.com and www.malwarebytes.com are both subdomains of the malwarebytes.com domain.

DNS 106

DNS Marketing Ransomware 106

Advertisement

Leverage the Cloud Development Environment Maturity Model to elevate your software development practices with scalable, secure cloud-based workspaces. This model offers a structured approach to modernizing development, aligning technology, developer experience, security, and workflows. By implementing Cloud Development Environments (CDEs), teams can boost efficiency, improve security, and streamline operations through centralized governance.

Government