Schneier on Security

MAY 30, 2024

No word on how this backdoor was installed: A software maker serving more than 10,000 courtrooms throughout the world hosted an application update containing a hidden backdoor that maintained persistent communication with a malicious website, researchers reported Thursday, in the latest episode of a supply-chain attack. The software, known as the JAVS Viewer 8, is a component of the JAVS Suite 8 , an application package courtrooms use to record, play back, and manage audio and video from proceed

Software 313

Software 313

Krebs on Security

MAY 30, 2024

Law enforcement agencies in the United States and Europe today announced Operation Endgame, a coordinated action against some of the most popular cybercrime platforms for delivering ransomware and data-stealing malware.

Malware 275

Malware Cybercrime Ransomware 275

Tech Republic Security

MAY 30, 2024

The ShrinkLocker ransomware exploits the BitLocker feature on enterprise PCs to encrypt the entire local drive and remove recovery options.

Encryption 207

Encryption Ransomware Software Malware 207

The Hacker News

MAY 30, 2024

The U.S. Department of Justice (DoJ) on Wednesday said it dismantled what it described as "likely the world's largest botnet ever," which consisted of an army of 19 million infected devices that was leased to other threat actors to commit a wide array of offenses. The botnet, which has a global footprint spanning more than 190 countries, functioned as a residential proxy service known as 911 S5.

145

145

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

Tech Republic Security

MAY 30, 2024

Will a virtual private network change your IP address? Find out in this article and discover what a VPN doesn’t hide.

VPN 185

VPN 185

The Hacker News

MAY 30, 2024

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a security flaw impacting the Linux kernel to the Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. Tracked as CVE-2024-1086 (CVSS score: 7.

Cybersecurity 144

Cybersecurity 144

WIRED Threat Level

MAY 30, 2024

In seemingly the first case of its kind, the US Justice Department has charged a Chinese national with using a drone to photograph a Virginia shipyard where the US Navy was assembling nuclear submarines.

142

142

Security Affairs

MAY 30, 2024

Researchers spotted a macOS version of the LightSpy surveillance framework that has been active in the wild since at least January 2024. Researchers from ThreatFabric discovered a macOS version of the LightSpy spyware that has been active in the wild since at least January 2024. ThreatFabric observed threat actors using two publicly available exploits (CVE-2018-4233, CVE-2018-4404) to deliver macOS implants.

Spyware 141

Spyware Malware Surveillance Mobile 141

Malwarebytes

MAY 30, 2024

Scammers love to bank on the good name of legitimate companies to gain the trust of their intended targets. Recently, it came to our attention that a cybercriminal is using fake websites for security products to spread malware. One of those websites was impersonating the Malwarebytes brand. Image courtesy of Trellix The download from the fake website was an information stealer with a filename that resembled that of the actual Malwarebytes installer.

Scams 140

Scams Banking Phishing Accountability 140

The Hacker News

MAY 30, 2024

A previously undocumented cyber espionage-focused threat actor named LilacSquid has been linked to targeted attacks spanning various sectors in the United States (U.S.), Europe, and Asia as part of a data theft campaign since at least 2021.

139

139

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

WIRED Threat Level

MAY 30, 2024

Drought-stricken hydro dams have led to daily electricity cuts in Ecuador. As weather becomes less predictable die to climate change, experts say other countries need to take notice.

138

138

The Hacker News

MAY 30, 2024

The threat actors behind the RedTail cryptocurrency mining malware have added a recently disclosed security flaw impacting Palo Alto Networks firewalls to its exploit arsenal.

Firewall 139

Firewall Malware Cryptocurrency 139

Security Affairs

MAY 30, 2024

CISA adds Check Point Quantum Security Gateways and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog : CVE-2024-24919 Check Point Quantum Security Gateways Information Disclosure Vulnerability CVE-2024-1086 Linux Kernel Use-After-Free Vulnerability The vulnerability CVE-2024-24919 is a Quantum Gateway information disclosure

VPN 136

VPN Firewall Hacking Risk 136

The Hacker News

MAY 30, 2024

Europol on Thursday said it shut down the infrastructure associated with several malware loader operations such as IcedID, SystemBC, PikaBot, SmokeLoader, Bumblebee, and TrickBot as part of a coordinated law enforcement effort codenamed Operation Endgame.

Malware 139

Malware 139

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

Security Boulevard

MAY 30, 2024

What we know so far: A Ticketmaster AWS instance was penetrated by unknown perpetrators; “ShinyHunters” is selling stolen data on their behalf. Don’t forget to add the hidden 5% fee to the ransom. The post Ticketmaster Hack Ticks Off 560M Customers in 1.3TB Breach appeared first on Security Boulevard.

Hacking 131

Hacking Social Engineering Data privacy Engineering 131

The Hacker News

MAY 30, 2024

Cybersecurity researchers have warned that multiple high-severity security vulnerabilities in WordPress plugins are being actively exploited by threat actors to create rogue administrator accounts for follow-on exploitation.

Accountability 134

Accountability Cybersecurity 134

The Last Watchdog

MAY 30, 2024

From MFA to biometrics, a lot has been done to reinforce user ID and password authentication — for human users. Related: How weak service accounts factored into SolarWinds hack By comparison, almost nothing has been done to strengthen service accounts – the user IDs and passwords set up to authenticate all the backend, machine-to-machine connections of our digital world.

Accountability 130

Accountability Small Business Insurance Authentication 130

The Hacker News

MAY 30, 2024

Security leaders are in a tricky position trying to discern how much new AI-driven cybersecurity tools could actually benefit a security operations center (SOC). The hype about generative AI is still everywhere, but security teams have to live in reality. They face constantly incoming alerts from endpoint security platforms, SIEM tools, and phishing emails reported by internal users.

Phishing 132

Phishing Cybersecurity 132

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Software

We Live Security

MAY 30, 2024

Much digital ink has been spilled on artificial intelligence taking over jobs, but what about AI shaking up the hiring process in the meantime?

Artificial Intelligence 128

Artificial Intelligence 128

Security Affairs

MAY 30, 2024

An international law enforcement operation led by the U.S. DoJ disrupted the 911 S5 botnet and led to the arrest of its administrator. The U.S. Justice Department led an international law enforcement operation that dismantled the 911 S5 proxy botnet. The law enforcement also arrested its administrator, the 35-year-old Chinese national YunHe Wang, in Singapore.

VPN 128

VPN Cryptocurrency Malware Software 128

The Hacker News

MAY 30, 2024

Cloudflare on Thursday said it took steps to disrupt a month-long phishing campaign orchestrated by a Russia-aligned threat actor called FlyingYeti targeting Ukraine.

Malware 126

Malware Phishing 126

Bleeping Computer

MAY 30, 2024

Cybercriminals are distributing a malware cocktail through cracked versions of Microsoft Office promoted on torrent sites. [.

Malware 125

Malware 125

Advertisement

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

Cybersecurity

Duo's Security Blog

MAY 30, 2024

Duo has a long history of protecting students across universities and higher education institutions. From personally identifiable information to federal grants and loans, students and schools are a regular target for attackers. Because Duo has such a large presence in the world of education, we can also spot trends in attack tactics and learn how to better secure your organization.

Education 115

Education Cyber threats Authentication Threat Detection 115

Bleeping Computer

MAY 30, 2024

A malware botnet named 'Pumpkin Eclipse' performed a mysterious destructive event in 2023 that took 600,000 office/home office (SOHO) internet routers offline, according to a new report by researchers at Lumen's Black Lotus Labs. [.

Malware 121

Malware Internet Internet 121

SecureWorld News

MAY 30, 2024

The infamous cybercrime syndicate ShinyHunters has struck again, this time claiming responsibility for an absolutely staggering data breach impacting live entertainment giants Ticketmaster and Live Nation. In a brazen announcement, the hacking group says it has compromised personal records belonging to a jaw-dropping 560 million users across the two platforms.

Data breaches 112

Data breaches Data privacy Marketing Accountability 112

Bleeping Computer

MAY 30, 2024

Microsoft warned customers on Thursday that the May 2024 non-security preview update for Windows 11 is causing taskbar crashes and glitches. [.

112

112

Advertisement

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

Security Boulevard

MAY 30, 2024

Hackers with possible ties to the notorious North Korea-linked Lazarus Group are exploiting a recent critical vulnerability in Palo Alto Network’s PAN-OS software to run a sophisticated cryptomining operation that likely has nation-state backing. In a report Thursday, threat researchers with Akamai said the bad actors behind this variant of the RedTail cryptomining malware are.

Malware 111

Malware Software Firewall Security Awareness 111

Graham Cluley

MAY 30, 2024

A vast network of millions of compromised computers, being used to facilitate a wide range of cybercrime, has been disrupted by a multinational law enforcement operation. Read more in my article on the Tripwire State of Security blog.

Cybercrime 111

Cybercrime VPN Malware 111

Bleeping Computer

MAY 30, 2024

The BBC has disclosed a data security incident that occurred on May 21, involving unauthorized access to files hosted on a cloud-based service, compromising the personal information of BBC Pension Scheme members. [.

Data breaches 108

Data breaches 108

Cisco Security

MAY 30, 2024

Azure Virtual WAN Azure Virtual WAN

Firewall 99

Firewall 99

Advertisement

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.

Cybersecurity