Thu.Oct 19, 2023

article thumbnail

Weekly Update 370

Troy Hunt

I did it again - I tweeted about Twitter doing something I thought was useful and the hordes did descend on Twitter to tweet about how terrible Twitter is. Right, gotcha, so 1.3M views of that tweet later. As I say in this week's video, there's a whole bunch of crazy arguments in there but the thing that continues to get me the most in every one of these discussions is the argument that Elon is a poo poo head.

Marketing 267
article thumbnail

Former Uber CISO Appealing His Conviction

Schneier on Security

Joe Sullivan, Uber’s CEO during their 2016 data breach, is appealing his conviction. Prosecutors charged Sullivan, whom Uber hired as CISO after the 2014 breach, of withholding information about the 2016 incident from the FTC even as its investigators were scrutinizing the company’s data security and privacy practices. The government argued that Sullivan should have informed the FTC of the 2016 incident, but instead went out of his way to conceal it from them.

CISO 255
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Law enforcement operation seized Ragnar Locker group’s infrastructure

Security Affairs

An international law enforcement operation shuts down the infrastructure of the Ragnar Locker ransomware operation. Law enforcement from the US, Europe, Germany, France, Italy, Japan, Spain, Netherlands, Czech Republic, and Latvia conducted a joint operation that led to the seizure of the Ragnar Locker ransomware’s infrastructure. The police on Thursday seized the Tor negotiation and data leak sites.

article thumbnail

Millions of new 23andMe genetic data profiles leak on cybercrime forum

Graham Cluley

Golem, the hacker who leaked the data of one million Ashkenazi Jews from the 23andMe ancestry service earlier this month has now released 4.1 million more genetic data profiles. The hacker claims they've included details of "the wealthiest people living in the US and Western Europe," including the British Royal family. Read more in my article on the Hot for Security blog.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

THE 11TH EDITION OF THE ENISA THREAT LANDSCAPE REPORT IS OUT!

Security Affairs

I’m proud to announce the release of the 11th edition of the ENISA Threat Landscape (ETL) on the state of the cybersecurity threat landscape. The Europen Agency for cybersecurity ENISA releases its ENISA Threat Landscape 2023 (ETL) report , which is the annual analysis of the state of the cybersecurity threat landscape. This is the 11th edition of the annual report and analyzes events that took place between July 2022 and July 2023.

article thumbnail

Google Play Protect Introduces Real-Time Code-Level Scanning for Android Malware

The Hacker News

Google has announced an update to its Play Protect with support for real-time scanning at the code level to tackle novel malicious apps prior to downloading and installing them on Android devices. "Google Play Protect will now recommend a real-time app scan when installing apps that have never been scanned before to help detect emerging threats," the tech giant said.

Malware 130

More Trending

article thumbnail

Attacks on 5G Infrastructure From User Devices: ASN.1 Vulnerabilities in 5G Cores

Trend Micro

In the second part of this series, we will examine how attackers can trigger vulnerabilities by sending control messages masquerading as user traffic to cross over from user plane to control plane.

article thumbnail

Strengthening the weakest link: top 3 security awareness topics for your employees

We Live Security

While humans are often thought of as the weakest link in the cybersecurity chai, knowledge is a powerful weapon that can empower them to become the first line of defense against threats.

article thumbnail

IT administrators' passwords are awful too

Malwarebytes

The key is under the doormat by the front door. The administrator password is "admin". These are easy to remember clues when you are providing entrance to someone you trust. The problem is that they are also enormously easy to guess. It’s where we would expect an unwanted visitor to check first, before breaking out the toolbox. Random end users could be forgiven for relying on such obviously insecure habits, but what about professionals who job it is to keep things safe and secure?

Passwords 125
article thumbnail

Ex-Navy IT manager jailed for selling people’s data on the dark web

Graham Cluley

A former US Navy IT manager has been sentenced to five years and five months in prison after illegally hacking a database containing personally identifiable information (PII) and selling it on the dark web. Read more in my article on the Tripwire State of Security blog.

Hacking 124
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Vulnerability Scanning: How Often Should I Scan?

The Hacker News

The time between a vulnerability being discovered and hackers exploiting it is narrower than ever – just 12 days. So it makes sense that organizations are starting to recognize the importance of not leaving long gaps between their scans, and the term "continuous vulnerability scanning" is becoming more popular.

123
123
article thumbnail

Money-making scripts attack organizations

SecureList

In April of this year, the FBI published an advisory on attacks targeting government, law enforcement, and non-profit organizations. Attackers download scripts onto victims’ devices, delivering several types of malware all at once. The main aim is to utilize company resources for mining, steal data using keyloggers, and gain backdoor access to systems.

B2B 123
article thumbnail

Iran-Linked 'MuddyWater' Spies on Mideast Gov't for 8 Months

Dark Reading

The state-sponsored threat actors (aka APT34, Crambus, Helix Kitten, or OilRig) spent months seemingly taking whatever government data they wished, using never-before-seen tools.

article thumbnail

BlackCat ransomware uses new ‘Munchkin’ Linux VM in stealthy attacks

Bleeping Computer

The BlackCat/ALPHV ransomware operation has begun to use a new tool named 'Munchkin' that utilizes virtual machines to deploy encryptors on network devices stealthily. [.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

AI-Powered Israeli 'Cyber Dome' Defense Operation Comes to Life

Dark Reading

The Israelis are building a cyber defense system that will use ChatGPT-like generative AI platforms to parse threat intelligence.

117
117
article thumbnail

Microsoft extends Purview Audit log retention after July breach

Bleeping Computer

Microsoft is extending Purview Audit log retention as promised after the Chinese Storm-0558 hacking group breached dozens of Exchange and Microsoft 365 corporate and government accounts in July. [.

article thumbnail

23AndMe Hacker Leaks New Tranche of Stolen Data

Dark Reading

Two weeks after the first data leak from the DNA ancestry service, the threat actor produces an additional 4 million user records they purportedly stole.

116
116
article thumbnail

U.S. DoJ Cracks Down on North Korean IT Scammers Defrauding Global Businesses

The Hacker News

The U.S. government has announced the seizure of 17 website domains used by North Korean information technology (IT) workers as part of an illicit scheme to defraud businesses across the world, evade sanctions, and fund the country's ballistic missile program. The Department of Justice (DoJ) said the U.S. confiscated approximately $1.

article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

India targets Microsoft, Amazon tech support scammers in nationwide crackdown

Bleeping Computer

India's Central Bureau of Investigation (CBI) raided 76 locations in a nationwide crackdown on cybercrime operations behind tech support scams and cryptocurrency fraud. [.

article thumbnail

Patch Now: APTs Continue to Pummel WinRAR Bug

Dark Reading

State-sponsored cyber espionage actors from Russia and China continue to target WinRAR users with various info-stealing and backdoor malware, as a patching lag plagues the software's footprint.

Malware 112
article thumbnail

Iran-Linked OilRig Targets Middle East Governments in 8-Month Cyber Campaign

The Hacker News

The Iran-linked OilRig threat actor targeted an unnamed Middle East government between February and September 2023 as part of an eight-month-long campaign.

article thumbnail

Fake KeePass site uses Google Ads and Punycode to push malware

Bleeping Computer

A Google Ads campaign was found pushing a fake KeePass download site that used Punycode to appear as the official domain of the KeePass password manager to distribute malware. [.

Malware 108
article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

article thumbnail

Sophisticated MATA Framework Strikes Eastern European Oil and Gas Companies

The Hacker News

An updated version of a sophisticated backdoor framework called MATA has been used in attacks aimed at over a dozen Eastern European companies in the oil and gas sector and defense industry as part of a cyber espionage operation that took place between August 2022 and May 2023.

Phishing 108
article thumbnail

Over 40,000 Cisco IOS XE devices infected with backdoor using zero-day

Bleeping Computer

More than 40,000 Cisco devices running the IOS XE operating system have been compromised after hackers exploited a recently disclosed maximum severity vulnerability tracked as CVE-2023-20198. [.

108
108
article thumbnail

Microsoft Warns of North Korean Attacks Exploiting JetBrains TeamCity Flaw

The Hacker News

North Korean threat actors are actively exploiting a critical security flaw in JetBrains TeamCity to opportunistically breach vulnerable servers, according to Microsoft. The attacks, which entail the exploitation of CVE-2023-42793 (CVSS score: 9.8), have been attributed to Diamond Sleet (aka Labyrinth Chollima) and Onyx Sleet (aka Andariel or Silent Chollima).

106
106
article thumbnail

North Korean State Actors Attack Critical Bug in TeamCity Server

Dark Reading

Known threat groups Diamond Sleet and Onyx Sleet focus on cyber espionage, data theft, network sabotage, and other malicious actions, Microsoft says.

103
103
article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

News alert: NetWitness launches 12.3 update to deliver visibility across the entire enterprise

The Last Watchdog

Bedford, Mass., Oct. 17, 2023 — NetWitness , a globally trusted provider of cybersecurity software and services, has today announced the 12.3 release of its award-winning NetWitness Intelligent Threat Detection and Response Platform. The latest update offers enterprises more visibility into cyber threats than ever before with passive discovery, categorization, and ranking of all network assets, which allows companies to best prioritize potential risks.

article thumbnail

A First Look at Python in Excel

NetSpi Technical

Microsoft recently announced support for Python in Excel, and have begun making it available to the public via the Microsoft 365 Insiders Program. I wanted to explore how this functionality could be leveraged for Red Team Operations and am slowly researching it in my spare time. Here I present a quick overview of this functionality and some ways it may be used.

DNS 97
article thumbnail

What is Private Cloud Security? Everything You Need to Know

eSecurity Planet

Private clouds avoid the shared environment of public cloud environments and thus are considered more secure, but users still need to take steps to get private cloud security right. Private cloud security is the set of techniques, technology, and requirements used to safeguard data and resources in a private cloud environment. We’ll explore the fundamentals of private cloud security, its purpose, benefits, challenges, and how it differs from public cloud security.

article thumbnail

Europol Strike Wounds Ragnar Locker Ransomware Group

Dark Reading

Several countries in Europe as well as the United States and Japan were involved in the operation, which is aimed at defanging one of the bigger names in ransomware.

article thumbnail

IT Leadership Agrees AI is Here, but Now What?

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.