Tue.May 07, 2024

article thumbnail

New Attack on VPNs

Schneier on Security

This attack has been feasible for over two decades: Researchers have devised an attack against nearly all virtual private network applications that forces them to send and receive some or all traffic outside of the encrypted tunnel designed to protect it from snooping or tampering. TunnelVision, as the researchers have named their attack, largely negates the entire purpose and selling point of VPNs, which is to encapsulate incoming and outgoing Internet traffic in an encrypted tunnel and to cloa

VPN 323
article thumbnail

RSAC Fireside Chat: Lacework’s cloud-native security platform delivers useful context

The Last Watchdog

SAN FRANCISCO — Cloud security is stirring buzz as RSA Conference 2024 ramps up at Moscone Convention Center here. Related: The fallacy of ‘security-as-a-cost-center’ Companies are clambering to mitigate unprecedented exposures spinning out of their increasing reliance on cloud hosted resources. The unfolding disruption of Generative AI — and rising compliance requirements — add to the mix.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Can VPNs Be Tracked by the Police?

Tech Republic Security

VPNs are popular due to the fact they add security and privacy to what are otherwise daily open Wi-Fi and public internet channels. But can VPNs be tracked by the police?

Internet 192
article thumbnail

CVE-2024-4367 & CVE-2024-34342: JavaScript Flaws Threaten Millions of PDF.js and React-PDF Users

Penetration Testing

A significant security flaw has been identified in PDF.js, a widely-used, Mozilla-supported PDF viewer developed with HTML5, and React-PDF, a popular npm package for displaying PDFs within React applications. This vulnerability, which allows for... The post CVE-2024-4367 & CVE-2024-34342: JavaScript Flaws Threaten Millions of PDF.js and React-PDF Users appeared first on Penetration Testing.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

The Australian Government’s Manufacturing Objectives Rely on IT Capabilities

Tech Republic Security

The intent of the Future Made in Australia Act is to build manufacturing capabilities across all sectors, which will likely lead to more demand for IT skills and services.

article thumbnail

APT42 Hackers Pose as Journalists to Harvest Credentials and Access Cloud Data

The Hacker News

The Iranian state-backed hacking outfit called APT42 is making use of enhanced social engineering schemes to infiltrate target networks and cloud environments. Targets of the attack include Western and Middle Eastern NGOs, media organizations, academia, legal services and activists, Google Cloud subsidiary Mandiant said in a report published last week.

More Trending

article thumbnail

Russian Hacker Dmitry Khoroshev Unmasked as LockBit Ransomware Administrator

The Hacker News

The U.K. National Crime Agency (NCA) has unmasked the administrator and developer of the LockBit ransomware operation, revealing it to be a 31-year-old Russian national named Dmitry Yuryevich Khoroshev. In addition, Khoroshev has been sanctioned by the U.K. Foreign, Commonwealth and Development Office (FCD), the U.S.

article thumbnail

Law enforcement agencies identified LockBit ransomware admin and sanctioned him

Security Affairs

The FBI, UK National Crime Agency, and Europol revealed the identity of the admin of the LockBit operation and sanctioned him. The FBI, UK National Crime Agency, and Europol have unmasked the identity of the admin of the LockBit ransomware operation, aka ‘LockBitSupp’ and ‘putinkrab’ , and issued sanctions against him. It was the first time that the admin of the notorious group was identified by law enforcement.

article thumbnail

Google Simplifies 2-Factor Authentication Setup (It's More Important Than Ever)

The Hacker News

Google on Monday announced that it's simplifying the process of enabling two-factor authentication (2FA) for users with personal and Workspace accounts. Also called, 2-Step Verification (2SV), it aims to add an extra layer of security to users' accounts to prevent takeover attacks in case the passwords are stolen.

article thumbnail

MITRE attributes the recent attack to China-linked UNC5221

Security Affairs

MITRE published more details on the recent security breach, including a timeline of the attack and attribution evidence. MITRE has shared more details on the recent hack , including the new malware involved in the attack and a timeline of the attacker’s activities. In April 2024, MITRE disclosed a security breach in one of its research and prototyping networks.

Malware 131
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

China-Linked Hackers Used ROOTROT Webshell in MITRE Network Intrusion

The Hacker News

The MITRE Corporation has offered more details into the recently disclosed cyber attack, stating that the first evidence of the intrusion now dates back to December 31, 2023.

article thumbnail

RSAC Fireside Chat: AT&T, WillJam Ventures partner to launch new MSSP — LevelBlue

The Last Watchdog

SAN FRANCISCO – The already simmering MSSP global market just got hotter. Related: The transformative power of GenAI/LLM This week at RSA Conference 2024 , AT&T announced the launch of LevelBlue – a top-tier managed security services business formed by an alliance with AT&T and WillJam Ventures. I had the chance to sit down earlier with Theresa Lanowitz , Chief Evangelist of AT&T Cybersecurity /Agent at LevelBlue, to discuss this alliance.

Marketing 130
article thumbnail

Russian Operator of BTC-e Crypto Exchange Pleads Guilty to Money Laundering

The Hacker News

A Russian operator of a now-dismantled BTC-e cryptocurrency exchange has pleaded guilty to money laundering charges from 2011 to 2017. Alexander Vinnik, 44, was charged in January 2017 and taken into custody in Greece in July 2017. He was subsequently extradited to the U.S. in August 2022.

article thumbnail

Google Makes Implementing 2FA Simpler

Security Boulevard

Google is making it easier for users to implement two-factor authentication (2FA) for their personal or business Workspace accounts, part of the company’s larger push to adopt stronger verification methods, whether it’s multi-factor authentication (MFA) or passwordless tools like biometrics or passkeys. The changes to what Google also calls 2-Step Verification (2SV) that were unveiled.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

New Case Study: The Malicious Comment

The Hacker News

How safe is your comments section? Discover how a seemingly innocent 'thank you' comment on a product page concealed a malicious vulnerability, underscoring the necessity of robust security measures. Read the full real-life case study here. When is a ‘Thank you’ not a ‘Thank you’?

129
129
article thumbnail

Cisco Duo Announces Agentless Native Integration With Google Chrome Enterprise

Duo's Security Blog

Cisco Duo plays pivotal role in safeguarding identities for organizations of all sizes and industries, providing a simple way to defend against identity-based attacks. However, challenges to zero trust security still exist; organizations must maintain strong security in mixed-IT environments while balancing increases in staffing, spending and agent fatigue.

DNS 124
article thumbnail

Exploits and vulnerabilities in Q1 2024

SecureList

We at Kaspersky continuously monitor the evolving cyberthreat landscape to ensure we respond promptly to emerging threats, equipping our products with detection logic and technology. Software vulnerabilities that threat actors can exploit or are already actively exploiting are a critical component of that landscape. In this report, we present a series of insightful statistical and analytical snapshots relating to the trends in the emergence of new vulnerabilities and exploits, as well as the mos

Software 123
article thumbnail

Hackers exploit LiteSpeed Cache flaw to create WordPress admins

Bleeping Computer

Hackers have been targeting WordPress sites with an outdated version of the LiteSpeed Cache plugin to create administrator users and gain control of the websites. [.

120
120
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

HYPR and Microsoft Partner on Entra ID External Authentication Methods

Security Boulevard

Last week, Microsoft announced the public preview of external authentication methods (EAM) for Entra ID. As a close partner, HYPR has worked extensively with Microsoft on the new offering and we are excited to be one of the first external authentication method integrations. This means organizations can now choose HYPR phishing-resistant authentication for their Entra ID MFA method, use it in Entra ID Conditional Access policies, Privileged Identity Management, and more.

article thumbnail

LockBit ransomware admin identified, sanctioned in US, UK, Australia

Bleeping Computer

The FBI, UK National Crime Agency, and Europol have unveiled sweeping indictments and sanctions against the admin of the LockBit ransomware operation, with the identity of the Russian threat actor being revealed for the first time. [.

article thumbnail

Accelerating SaaS security certifications to maximize market access

Cisco Security

Announcing the public availability of Cisco Cloud Controls Framework (CCF) V3.0 - a “build-once-use-many” approach for SaaS compliance with global standards. Announcing the public availability of Cisco Cloud Controls Framework (CCF) V3.0 - a “build-once-use-many” approach for SaaS compliance with global standards.

Marketing 103
article thumbnail

New attack leaks VPN traffic using rogue DHCP servers

Bleeping Computer

A new attack dubbed "TunnelVision" can route traffic outside a VPN's encryption tunnel, allowing attackers to snoop on unencrypted traffic while maintaining the appearance of a secure VPN connection. [.

VPN 105
article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

article thumbnail

Empowering Cybersecurity with AI: The Future of Cisco XDR

Cisco Security

In 2007, there was a study from the University of Maryland proving that internet-connected systems were attacked every 39 seconds on average. Today, that number has grown more than 60%. Cisco sees… Read more on Cisco Blogs Learn how the Cisco AI Assistant in XDR adds powerful functionality to Cisco XDR that increases defenders efficiency and accuracy.

article thumbnail

Security researchers say this scary exploit could render all VPNs useless

Zero Day

VPNs are no longer safe if these security researchers are right.

98
article thumbnail

CVE-2024-29212: Veeam RCE Vulnerability Exposes Data Protection Services to Risk

Penetration Testing

Veeam, a major provider of backup and data protection solutions, has issued a security advisory warning of remote code execution (RCE) vulnerability in its Service Provider Console (VSPC). This flaw (CVE-2024-29212) opens a door... The post CVE-2024-29212: Veeam RCE Vulnerability Exposes Data Protection Services to Risk appeared first on Penetration Testing.

article thumbnail

DocGo discloses cyberattack after hackers steal patient health data

Bleeping Computer

Mobile medical care firm DocGo confirmed it suffered a cyberattack after threat actors breached its systems and stole patient health data. [.

Mobile 95
article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

Mirai Botnet Exploits Ivanti Vulnerabilities (CVE-2023-46805 & CVE-2024-21887)

Penetration Testing

Security researchers at Juniper Threat Labs have uncovered a dangerous escalation in attacks targeting Ivanti Connect Secure (ICS) and Ivanti Policy Secure Gateways. Attackers are weaponizing two critical vulnerabilities, CVE-2023-46805 (authentication bypass) and CVE-2024-21887... The post Mirai Botnet Exploits Ivanti Vulnerabilities (CVE-2023-46805 & CVE-2024-21887) appeared first on Penetration Testing.

article thumbnail

UK confirms Ministry of Defence payroll data exposed in data breach

Bleeping Computer

The UK Government confirmed today that a threat actor recently breached the country's Ministry of Defence and gained access to part of the Armed Forces payment network. [.

article thumbnail

Agencies Warn of Pro-Russia Hackers Targeting OT Control Systems

SecureWorld News

Multiple U.S. and allied cybersecurity agencies are sounding the alarm over an ongoing campaign by pro-Russia hacktivist groups to target and compromise operational technology (OT) systems across critical infrastructure sectors in North America and Europe. According to a new joint cybersecurity alert , the hacktivists have been observed gaining remote access to small-scale industrial control systems used in water/wastewater, dams, energy, and food and agriculture by exploiting internet-exposed h

article thumbnail

Over 50,000 Tinyproxy servers vulnerable to critical RCE flaw

Bleeping Computer

Nearly 52,000 internet-exposed Tinyproxy instances are vulnerable to CVE-2023-49606, a recently disclosed critical remote code execution (RCE) flaw. [.

article thumbnail

IT Leadership Agrees AI is Here, but Now What?

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.