Thu.May 30, 2024

article thumbnail

Supply Chain Attack against Courtroom Software

Schneier on Security

No word on how this backdoor was installed: A software maker serving more than 10,000 courtrooms throughout the world hosted an application update containing a hidden backdoor that maintained persistent communication with a malicious website, researchers reported Thursday, in the latest episode of a supply-chain attack. The software, known as the JAVS Viewer 8, is a component of the JAVS Suite 8 , an application package courtrooms use to record, play back, and manage audio and video from proceed

Software 313
article thumbnail

'Operation Endgame' Hits Malware Delivery Platforms

Krebs on Security

Law enforcement agencies in the United States and Europe today announced Operation Endgame, a coordinated action against some of the most popular cybercrime platforms for delivering ransomware and data-stealing malware.

Malware 275
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

What Is ShrinkLocker? New Ransomware Targets Microsoft BitLocker Encryption Feature

Tech Republic Security

The ShrinkLocker ransomware exploits the BitLocker feature on enterprise PCs to encrypt the entire local drive and remove recovery options.

article thumbnail

U.S. Dismantles World's Largest 911 S5 Botnet, with 19 Million Infected Devices

The Hacker News

The U.S. Department of Justice (DoJ) on Wednesday said it dismantled what it described as "likely the world's largest botnet ever," which consisted of an army of 19 million infected devices that was leased to other threat actors to commit a wide array of offenses. The botnet, which has a global footprint spanning more than 190 countries, functioned as a residential proxy service known as 911 S5.

145
145
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Do VPNs Change or Hide Your IP Address?

Tech Republic Security

Will a virtual private network change your IP address? Find out in this article and discover what a VPN doesn’t hide.

VPN 185
article thumbnail

CISA Alerts Federal Agencies to Patch Actively Exploited Linux Kernel Flaw

The Hacker News

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a security flaw impacting the Linux kernel to the Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. Tracked as CVE-2024-1086 (CVSS score: 7.

More Trending

article thumbnail

The Unusual Espionage Act Case Against a Drone Photographer

WIRED Threat Level

In seemingly the first case of its kind, the US Justice Department has charged a Chinese national with using a drone to photograph a Virginia shipyard where the US Navy was assembling nuclear submarines.

142
142
article thumbnail

Experts found a macOS version of the sophisticated LightSpy spyware

Security Affairs

Researchers spotted a macOS version of the LightSpy surveillance framework that has been active in the wild since at least January 2024. Researchers from ThreatFabric discovered a macOS version of the LightSpy spyware that has been active in the wild since at least January 2024. ThreatFabric observed threat actors using two publicly available exploits (CVE-2018-4233, CVE-2018-4404) to deliver macOS implants.

Spyware 141
article thumbnail

Beware of scammers impersonating Malwarebytes

Malwarebytes

Scammers love to bank on the good name of legitimate companies to gain the trust of their intended targets. Recently, it came to our attention that a cybercriminal is using fake websites for security products to spread malware. One of those websites was impersonating the Malwarebytes brand. Image courtesy of Trellix The download from the fake website was an information stealer with a filename that resembled that of the actual Malwarebytes installer.

Scams 140
article thumbnail

Cyber Espionage Alert: LilacSquid Targets IT, Energy, and Pharma Sectors

The Hacker News

A previously undocumented cyber espionage-focused threat actor named LilacSquid has been linked to targeted attacks spanning various sectors in the United States (U.S.), Europe, and Asia as part of a data theft campaign since at least 2021.

139
139
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Ecuador Is Literally Powerless in the Face of Drought

WIRED Threat Level

Drought-stricken hydro dams have led to daily electricity cuts in Ecuador. As weather becomes less predictable die to climate change, experts say other countries need to take notice.

138
138
article thumbnail

RedTail Crypto-Mining Malware Exploiting Palo Alto Networks Firewall Vulnerability

The Hacker News

The threat actors behind the RedTail cryptocurrency mining malware have added a recently disclosed security flaw impacting Palo Alto Networks firewalls to its exploit arsenal.

Firewall 139
article thumbnail

CISA adds Check Point Quantum Security Gateways and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog

Security Affairs

CISA adds Check Point Quantum Security Gateways and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog : CVE-2024-24919 Check Point Quantum Security Gateways Information Disclosure Vulnerability CVE-2024-1086 Linux Kernel Use-After-Free Vulnerability The vulnerability CVE-2024-24919 is a Quantum Gateway information disclosure

VPN 136
article thumbnail

Europol Shuts Down 100+ Servers Linked to IcedID, TrickBot, and Other Malware

The Hacker News

Europol on Thursday said it shut down the infrastructure associated with several malware loader operations such as IcedID, SystemBC, PikaBot, SmokeLoader, Bumblebee, and TrickBot as part of a coordinated law enforcement effort codenamed Operation Endgame.

Malware 139
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Ticketmaster Hack Ticks Off 560M Customers in 1.3TB Breach

Security Boulevard

What we know so far: A Ticketmaster AWS instance was penetrated by unknown perpetrators; “ShinyHunters” is selling stolen data on their behalf. Don’t forget to add the hidden 5% fee to the ransom. The post Ticketmaster Hack Ticks Off 560M Customers in 1.3TB Breach appeared first on Security Boulevard.

Hacking 131
article thumbnail

Researchers Uncover Active Exploitation of WordPress Plugin Vulnerabilities

The Hacker News

Cybersecurity researchers have warned that multiple high-severity security vulnerabilities in WordPress plugins are being actively exploited by threat actors to create rogue administrator accounts for follow-on exploitation.

article thumbnail

RSAC Fireside Chat: Start-up Anetac rolls out a solution to rising ‘service accounts’ exposures

The Last Watchdog

From MFA to biometrics, a lot has been done to reinforce user ID and password authentication — for human users. Related: How weak service accounts factored into SolarWinds hack By comparison, almost nothing has been done to strengthen service accounts – the user IDs and passwords set up to authenticate all the backend, machine-to-machine connections of our digital world.

article thumbnail

How to Build Your Autonomous SOC Strategy

The Hacker News

Security leaders are in a tricky position trying to discern how much new AI-driven cybersecurity tools could actually benefit a security operations center (SOC). The hype about generative AI is still everywhere, but security teams have to live in reality. They face constantly incoming alerts from endpoint security platforms, SIEM tools, and phishing emails reported by internal users.

Phishing 132
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

AI in HR: Is artificial intelligence changing how we hire employees forever?

We Live Security

Much digital ink has been spilled on artificial intelligence taking over jobs, but what about AI shaking up the hiring process in the meantime?

article thumbnail

Law enforcement operation dismantled 911 S5 botnet

Security Affairs

An international law enforcement operation led by the U.S. DoJ disrupted the 911 S5 botnet and led to the arrest of its administrator. The U.S. Justice Department led an international law enforcement operation that dismantled the 911 S5 proxy botnet. The law enforcement also arrested its administrator, the 35-year-old Chinese national YunHe Wang, in Singapore.

VPN 127
article thumbnail

FlyingYeti Exploits WinRAR Vulnerability to Deliver COOKBOX Malware in Ukraine

The Hacker News

Cloudflare on Thursday said it took steps to disrupt a month-long phishing campaign orchestrated by a Russia-aligned threat actor called FlyingYeti targeting Ukraine.

Malware 126
article thumbnail

Pirated Microsoft Office delivers malware cocktail on systems

Bleeping Computer

Cybercriminals are distributing a malware cocktail through cracked versions of Microsoft Office promoted on torrent sites. [.

Malware 125
article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

article thumbnail

Duo’s Data-Driven Defense: Combatting Cyber Threats in Higher Education

Duo's Security Blog

Duo has a long history of protecting students across universities and higher education institutions. From personally identifiable information to federal grants and loans, students and schools are a regular target for attackers. Because Duo has such a large presence in the world of education, we can also spot trends in attack tactics and learn how to better secure your organization.

Education 115
article thumbnail

Malware botnet bricked 600,000 routers in mysterious 2023 event

Bleeping Computer

A malware botnet named 'Pumpkin Eclipse' performed a mysterious destructive event in 2023 that took 600,000 office/home office (SOHO) internet routers offline, according to a new report by researchers at Lumen's Black Lotus Labs. [.

Malware 121
article thumbnail

ShinyHunters Hits Ticketmaster with Breach Impacting 560 Million Users

SecureWorld News

The infamous cybercrime syndicate ShinyHunters has struck again, this time claiming responsibility for an absolutely staggering data breach impacting live entertainment giants Ticketmaster and Live Nation. In a brazen announcement, the hacking group says it has compromised personal records belonging to a jaw-dropping 560 million users across the two platforms.

article thumbnail

Microsoft: Windows 11 preview update causes taskbar crashes

Bleeping Computer

Microsoft warned customers on Thursday that the May 2024 non-security preview update for Windows 11 is causing taskbar crashes and glitches. [.

112
112
article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

RedTail Malware Abuses Palo Alto Flaw in Latest Cryptomining Campaign

Security Boulevard

Hackers with possible ties to the notorious North Korea-linked Lazarus Group are exploiting a recent critical vulnerability in Palo Alto Network’s PAN-OS software to run a sophisticated cryptomining operation that likely has nation-state backing. In a report Thursday, threat researchers with Akamai said the bad actors behind this variant of the RedTail cryptomining malware are.

Malware 111
article thumbnail

“Largest botnet ever” disrupted. 911 S5’s alleged mastermind arrested

Graham Cluley

A vast network of millions of compromised computers, being used to facilitate a wide range of cybercrime, has been disrupted by a multinational law enforcement operation. Read more in my article on the Tripwire State of Security blog.

article thumbnail

BBC suffers data breach impacting current, former employees

Bleeping Computer

The BBC has disclosed a data security incident that occurred on May 21, involving unauthorized access to files hosted on a cloud-based service, compromising the personal information of BBC Pension Scheme members. [.

article thumbnail

Cisco Secure Firewall integrates with Azure Virtual WAN (vWAN) to simplify firewall insertion in Azure environments

Cisco Security

Azure Virtual WAN Azure Virtual WAN

article thumbnail

IT Leadership Agrees AI is Here, but Now What?

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.