Schneier on Security
APRIL 22, 2024
Interesting social-engineering attack vector : McAfee released a report on a new LUA malware loader distributed through what appeared to be a legitimate Microsoft GitHub repository for the “C++ Library Manager for Windows, Linux, and MacOS,” known as vcpkg. The attacker is exploiting a property of GitHub: comments to a particular repo can contain files, and those files will be associated with the project in the URL.
Troy Hunt
APRIL 22, 2024
"More Data Breaches Than You Can Shake a Stick At" That seems like a reasonable summary and I suggest there are two main reasons for this observation. Firstly, there are simply loads of breaches happening and you know this already because, well, you read my stuff! Secondly, There are a couple of Twitter accounts in particular that are taking incidents that appear across a combination of a popular clear web hacking forum and various dark web ransomware websites and "raising them to th
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Penetration Testing
APRIL 22, 2024
Security researcher Naor Hodorov has made public a proof-of-concept (PoC) exploit for a severe vulnerability (CVE-2024-21111) in Oracle VirtualBox. This vulnerability plagues VirtualBox versions before 7.0.16 and allows attackers with basic access to a... The post Oracle VirtualBox Elevation of Privilege Vulnerability (CVE-2024-21111): PoC Published appeared first on Penetration Testing.
The Hacker News
APRIL 22, 2024
New research has found that the DOS-to-NT path conversion process could be exploited by threat actors to achieve rootkit-like capabilities to conceal and impersonate files, directories, and processes.
Advertisement
Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.
SecureList
APRIL 22, 2024
We continue covering the activities of the APT group ToddyCat. In our previous article , we described tools for collecting and exfiltrating files ( LoFiSe and PcExter ). This time, we have investigated how attackers obtain constant access to compromised infrastructure, what information on the hosts they are interested in, and what tools they use to extract it.
Security Affairs
APRIL 22, 2024
Russia-linked APT28 group used a previously unknown tool, dubbed GooseEgg, to exploit Windows Print Spooler service flaw. Microsoft reported that the Russia-linked APT28 group (aka “ Forest Blizzard ”, “ Fancybear ” or “ Strontium ” used a previously unknown tool, dubbed GooseEgg, to exploit the Windows Print Spooler flaw CVE-2022-38028. Since at least June 2020, and possibly earlier, the cyberespionage group has used the tool GooseEgg to exploit the CVE-2022-38028 vulnerability.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
|
The Hacker News
APRIL 22, 2024
The MITRE Corporation revealed that it was the target of a nation-state cyber attack that exploited two zero-day flaws in Ivanti Connect Secure appliances starting in January 2024. The intrusion led to the compromise of its Networked Experimentation, Research, and Virtualization Environment (NERVE), an unclassified research and prototyping network.
Security Affairs
APRIL 22, 2024
Researcher demonstrated how to exploit vulnerabilities in the Windows DOS-to-NT path conversion process to achieve rootkit-like capabilities. SafeBreach researcher Or Yair devised a technique, exploiting vulnerabilities in the DOS-to-NT path conversion process, to achieve rootkit-like capabilities on Windows. When a user executes a function with a path argument in Windows, the DOS path of the file or folder is converted to an NT path.
The Hacker News
APRIL 22, 2024
Microsoft has revealed that North Korea-linked state-sponsored cyber actors has begun to use artificial intelligence (AI) to make its operations more effective and efficient. "They are learning to use tools powered by AI large language models (LLM) to make their operations more efficient and effective," the tech giant said in its latest report on East Asia hacking groups.
Security Affairs
APRIL 22, 2024
A financially motivated group named GhostR claims the theft of a sensitive database from World-Check and threatens to publish it. World-Check is a global database utilized by various organizations, including financial institutions, regulatory bodies, and law enforcement agencies, for assessing potential risks associated with individuals and entities.
Advertisement
The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.
The Hacker News
APRIL 22, 2024
The Russia-linked nation-state threat actor tracked as APT28 weaponized a security flaw in the Microsoft Windows Print Spooler component to deliver a previously unknown custom malware called GooseEgg.
Security Affairs
APRIL 22, 2024
A cyber attack has been disrupting operations at Synlab Italia, a leading provider of medical diagnosis services, since April 18. Since April 18, Synlab Italia, a major provider of medical diagnosis services, has been experiencing disruptions due to a cyber attack. The company initially cited technical issues as the cause leading to “temporary interruption of access to computer and telephone systems and related services.” However, a concerning scenario has emerged a few hours later.
The Hacker News
APRIL 22, 2024
The threat actor known as ToddyCat has been observed using a wide range of tools to retain access to compromised environments and steal valuable data.
Penetration Testing
APRIL 22, 2024
A new threat has emerged in the cybercrime world, specifically designed to prey on the lucrative gaming community. Security researchers from G DATA have analyzed “Sharp Stealer,” a malware family that steals login credentials,... The post Sharp Stealer: New Malware Targets Gamers’ Accounts and Online Identities appeared first on Penetration Testing.
Advertisement
Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.
Security Boulevard
APRIL 22, 2024
These women are innovating in the cybersecurity field. How many of them do you know? The post The 10 Women in Cybersecurity You Need to Follow appeared first on Security Boulevard.
Penetration Testing
APRIL 22, 2024
A new report from Kaspersky Labs reveals a sophisticated toolkit used by the advanced persistent threat (APT) group, “ToddyCat,” to steal massive amounts of sensitive data and maintain control over compromised systems. The group... The post ToddyCat: Unveiling the Stealthy APT Group Targeting Asia-Pacific Governments appeared first on Penetration Testing.
Bleeping Computer
APRIL 22, 2024
BleepingComputer recently reported how a GitHub flaw, or possibly a design decision, is being abused by threat actors to distribute malware using URLs associated with Microsoft repositories, making the files appear trustworthy. It turns out, GitLab is also affected by this issue and could be abused in a similar fashion. [.
The Hacker News
APRIL 22, 2024
The U.S. Department of State on Monday said it's taking steps to impose visa restrictions on 13 individuals who are allegedly involved in the development and sale of commercial spyware or who are immediately family members of those involved in such businesses.
Advertisement
Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.
Security Boulevard
APRIL 22, 2024
Researchers at Proofpoint have found out that the TA547 phishing attack campaigns have been targeting different German companies. Identified as TA547, the threat actor has been using an information stealer called Rhadamanthys to get its hand on important financial data of companies. This information is then used by several cybercriminal threat actors.
The Hacker News
APRIL 22, 2024
Between crossovers - Do threat actors play dirty or desperate? In our dataset of over 11,000 victim organizations that have experienced a Cyber Extortion / Ransomware attack, we noticed that some victims re-occur.
Penetration Testing
APRIL 22, 2024
Apache HugeGraph, a leading high-performance graph database known for its ability to handle billions of vertices and edges with robust online transaction processing (OLTP) capabilities, has recently addressed several critical security vulnerabilities that posed... The post Multiple Vulnerabilities Patched in Apache HugeGraph – Update Immediately appeared first on Penetration Testing.
GlobalSign
APRIL 22, 2024
Connected vehicles are becoming more common but also bring new risks. The auto industry must consider digital certificates to secure connected cars.
Advertisement
After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!
The Hacker News
APRIL 22, 2024
Over the past two years, a shocking 51% of organizations surveyed in a leading industry report have been compromised by a cyberattack. Yes, over half. And this, in a world where enterprises deploy an average of 53 different security solutions to safeguard their digital domain. Alarming? Absolutely.
Security Boulevard
APRIL 22, 2024
A six-year-old company that is building a platform and portfolio of tools aimed at automating organizations’ responses to data breaches and protecting executives from personal liability is getting $6.5 million in seed money and bringing on as an adviser the former chief security offer for Uber who last year became the face of legal consequences. The post BreachRx Gets $6.5 Million to Automate Security Incident Response appeared first on Security Boulevard.
Tech Republic Security
APRIL 22, 2024
The tech world has a problem: Security fragmentation. There’s no standard set of rules or even language for mitigating cyber risk used to address the growing threats of hackers, ransomware and stolen data, and the threat to data only continues to grow. President Barack Obama recognized the cyber threat in 2013, which led to his.
The Last Watchdog
APRIL 22, 2024
Critical infrastructure like electrical, emergency, water, transportation and security systems are vital for public safety but can be taken out with a single cyberattack. How can cybersecurity professionals protect their cities? In 2021, a lone hacker infiltrated a water treatment plant in Oldsmar, Florida. One of the plant operators noticed abnormal activity but assumed it was one of the technicians remotely troubleshooting an issue.
Advertisement
Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.
NSTIC
APRIL 22, 2024
We all need supplements sometimes. Whether it’s a little extra vitamin C during flu season or some vitamin D during the dark days of Winter. When used correctly, supplements help our body adjust to the changing conditions around us. Similarly, we are applying this same concept for the first time to our NIST SP 800-63B, Digital Identity Guidelines: Authentication and Lifecycle Management.
Penetration Testing
APRIL 22, 2024
Microsoft has exposed a sophisticated new tool in the arsenal of the Russian state-backed hacking group “Forest Blizzard.” Dubbed “GooseEgg,” this tool allows attackers to gain deep access to compromised systems, making them a... The post Russia-Linked Hackers Exploit Windows Zero-Day, Deploy “GooseEgg” to Hijack Networks appeared first on Penetration Testing.
WIRED Threat Level
APRIL 22, 2024
The company belatedly conceded both that it had paid the cybercriminals extorting it and that patient data nonetheless ended up on the dark web.
Bleeping Computer
APRIL 22, 2024
Russian hacker group Sandworm aimed to disrupt operations at around 20 critical infrastructure facilities in Ukraine, according to a report from the Ukrainian Computer Emergency Response Team (CERT-UA). [.
Advertisement
Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!
Expert insights. Personalized for you.
336 
Let's personalize your content