Mon.Feb 26, 2024

article thumbnail

Apple Announces Post-Quantum Encryption Algorithms for iMessage

Schneier on Security

Apple announced PQ3 , its post-quantum encryption standard based on the Kyber secure key-encapsulation protocol, one of the post-quantum algorithms selected by NIST in 2022. There’s a lot of detail in the Apple blog post , and more in Douglas Stabila’s security analysis. I am of two minds about this. On the one hand, it’s probably premature to switch to any particular post-quantum algorithms.

article thumbnail

CrowdStrike 2024 Global Threat Report: 6 Key Takeaways

Tech Republic Security

Identity-based and social engineering attacks still take center stage, according to the CrowdStrike 2024 Global Threat Report.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

8,000+ Subdomains of Trusted Brands Hijacked for Massive Spam Operation

The Hacker News

More than 8,000 subdomains belonging to legitimate brands and institutions have been hijacked as part of a sophisticated distribution architecture for spam proliferation and click monetization. Guardio Labs is tracking the coordinated malicious activity, which has been ongoing since at least September 2022, under the name SubdoMailing.

article thumbnail

CVE-2024-24401 & 24402: Nagios XI Security Flaws Found! PoC Published

Penetration Testing

Two security vulnerabilities (CVE-2024-24401 and CVE-2024-24402) have been identified in Nagios XI, a widely used enterprise-grade monitoring tool. These flaws pose significant risks for organizations utilizing the software. What is Nagios XI? Nagios XI... The post CVE-2024-24401 & 24402: Nagios XI Security Flaws Found! PoC Published appeared first on Penetration Testing.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

WordPress Plugin Alert - Critical SQLi Vulnerability Threatens 200K+ Websites

The Hacker News

A critical security flaw has been disclosed in a popular WordPress plugin called Ultimate Member that has more than 200,000 active installations. The vulnerability, tracked as CVE-2024-1071, carries a CVSS score of 9.8 out of a maximum of 10. Security researcher Christiaan Swiers has been credited with discovering and reporting the flaw.

144
144
article thumbnail

Travel Update! The NIST CSF 2.0 is HERE…Along with Many Helpful Resources…

NSTIC

NIST CSF 2.0 QUICK LINKS | Explore our Full Suite of Resources: CSF 2.0 Quick Start Guides CSF 2.0 Profiles CSF 2.0 Informative References Cybersecurity & Privacy Reference Tool (CPRT) CSF 2.0 Reference Tool CSF 2.0 Website ( Homepage ) Official NIST News Announcement The NIST Cybersecurity Framework (CSF) development process all started with Executive Order (EO)13636 over a decade ago, which called for building a set of approaches ( a framework ) for reducing risks to critical infrastructure.

More Trending

article thumbnail

New IDAT Loader Attacks Using Steganography to Deploy Remcos RAT

The Hacker News

Ukrainian entities based in Finland have been targeted as part of a malicious campaign distributing a commercial remote access trojan known as Remcos RAT using a malware loader called IDAT Loader. The attack has been attributed to a threat actor tracked by the Computer Emergency Response Team of Ukraine (CERT-UA) under the moniker UAC-0184.

Malware 140
article thumbnail

Hacking firm I-Soon data leak revealed Chinese gov hacking capabilities

Security Affairs

Recently the leak of a collection of files apparently stolen from the Chinese government hacking contractor, I-Soon, exposed Chinese hacking capabilities. Recently someone has leaked on GitHub [ 1 , 2 ] a collection of files apparently stolen from the Chinese hacking firm, I-Soon. An analyst based in Taiwan, known as Azaka, discovered the data leak and shared their findings on social media. i-SOON is a prominent contractor for various agencies of the Chinese government, including Ministry of Pub

Hacking 139
article thumbnail

North Korean Hackers Targeting Developers with Malicious npm Packages

The Hacker News

A set of fake npm packages discovered on the Node.js repository has been found to share ties with North Korean state-sponsored actors, new findings from Phylum show. The packages are named execution-time-async, data-time-utils, login-time-utils, mongodb-connection-utils, and mongodb-execution-utils.

139
139
article thumbnail

The mobile malware threat landscape in 2023

SecureList

The figures above are based on detection statistics received from Kaspersky users who consented to sharing usage data with Kaspersky Security Network. The data for years preceding 2023 may differ from that published previously, as the calculation methodology was refined, and the data was retrospectively revised in 2023. The year in figures According to Kaspersky Security Network, in 2023: Our solutions blocked almost 33.8 million malware, adware, and riskware attacks.

Mobile 138
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Three Tips to Protect Your Secrets from AI Accidents

The Hacker News

Last year, the Open Worldwide Application Security Project (OWASP) published multiple versions of the "OWASP Top 10 For Large Language Models," reaching a 1.0 document in August and a 1.1 document in October. These documents not only demonstrate the rapidly evolving nature of Large Language Models, but the evolving ways in which they can be attacked and defended.

138
138
article thumbnail

LockBit Ransomware Group Returns After Law Enforcement Operation

Security Boulevard

The LockBit ransomware group is swinging back days after U.S. and UK law enforcement agencies announced they had disrupted the operations of the prolific cybercrime gang. The post LockBit Ransomware Group Returns After Law Enforcement Operation appeared first on Security Boulevard.

article thumbnail

Banking Trojans Target Latin America and Europe Through Google Cloud Run

The Hacker News

Cybersecurity researchers are warning about a spike in email phishing campaigns that are weaponizing the Google Cloud Run service to deliver various banking trojans such as Astaroth (aka Guildma), Mekotio, and Ousaban (aka Javali) to targets across Latin America (LATAM) and Europe.

Banking 137
article thumbnail

10 things to avoid posting on social media – and why

We Live Security

Do you often take to social media to broadcast details from your life? Here’s why this habit may put your privacy and security at risk.

Media 134
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Russian hackers shift to cloud attacks, US and allies warn

Bleeping Computer

Members of the Five Eyes (FVEY) intelligence alliance warned today that APT29 Russian Foreign Intelligence Service (SVR) hackers are now switching to attacks targeting their victims' cloud services. [.

129
129
article thumbnail

skytrack: A planespotting and aircraft OSINT tool

Penetration Testing

skytrack skytrack is a command-line-based plane spotting and aircraft OSINT reconnaissance tool made using Python. It can gather aircraft information using various data sources, generate a PDF report for a specified aircraft, and convert... The post skytrack: A planespotting and aircraft OSINT tool appeared first on Penetration Testing.

article thumbnail

Strengths and Weaknesses of MFA Methods Against Cyberattacks: Part 1

Duo's Security Blog

Administrators and end-users of a multi-factor authentication (MFA) product like Duo’s face a variety of options for how to authenticate. Each method has distinct tradeoffs of convenience, user experience, and security. In this first blog of a three-part series, we’ll define four categories of authentication methods encompassing a broad array of device types.

article thumbnail

Windows February 2024 updates fail to install with 0x800F0922 errors

Bleeping Computer

Microsoft says the February 2024 updates fail to install on Windows 11 22H2 and 23H2 systems, with 0x800F0922 errors and downloads stopping at 96%. [.

128
128
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

CVE-2024-1698 (CVSS 9.8): Critical SQLi Flaw in NotificationX WordPress Plugin

Penetration Testing

A critical SQL injection vulnerability (CVE-2024-1698) was discovered in the widely used (over 30,000 installations) NotificationX WordPress plugin (versions up to and including 2.8.2). This flaw could enable unauthenticated attackers to inject malicious code... The post CVE-2024-1698 (CVSS 9.8): Critical SQLi Flaw in NotificationX WordPress Plugin appeared first on Penetration Testing.

article thumbnail

7 simple ways to increase password strength

Security Boulevard

The post 7 simple ways to increase password strength appeared first on Click Armor. The post 7 simple ways to increase password strength appeared first on Security Boulevard.

Passwords 121
article thumbnail

White House urges devs to switch to memory-safe programming languages

Bleeping Computer

The White House Office of the National Cyber Director (ONCD) urged tech companies today to switch to memory-safe programming languages, such as Rust, to improve software security by reducing the number of memory safety vulnerabilities. [.

Software 121
article thumbnail

Abyss Locker: A Cross-Platform Ransomware Threat

Penetration Testing

The Abyss Locker ransomware is a sophisticated threat that targets both Linux and Windows operating systems. Based on the HelloKitty ransomware source code, its earliest samples were detected in July 2023, with subsequent variants... The post Abyss Locker: A Cross-Platform Ransomware Threat appeared first on Penetration Testing.

article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

article thumbnail

VulnRecap 2/26/24 – VMWare, Apple, ScreenConnect Face Risks

eSecurity Planet

Critical vulnerabilities have been discovered across multiple systems, including Microsoft Exchange Servers, the Bricks Builder Theme for WordPress, VMware, ScreenConnect, Joomla, and Apple Shortcuts. Urgent patching and prompt updates can protect systems from unauthorized access, data breaches, and potential exploitation by threat actors. Organizations must prioritize implementing effective security measures and conducting frequent audits.

Risk 114
article thumbnail

Earth Lusca: China-Linked Espionage Group Targets Taiwan, Exploits Geopolitical Tensions

Penetration Testing

Nation-state backed cyberattacks are a growing concern in an interconnected world. Earth Lusca, a threat group with ties to China, has proven itself a cunning player in this high-stakes arena. Recently uncovered by Trend... The post Earth Lusca: China-Linked Espionage Group Targets Taiwan, Exploits Geopolitical Tensions appeared first on Penetration Testing.

article thumbnail

The LockBit ransomware gang rears its ugly head again, after law enforcement takedown

Graham Cluley

Surprise! The LockBit ransomware group has re-emerged, just days after a high-profile law enforcement operation seized control of its infrastructure and disrupted its operations. Read more in my article on the Hot for Security blog.

article thumbnail

7 Cyber Safety Tips to Outsmart Scammers

Webroot

Welcome to the wild west of the digital world where cyber scammers lurk around every pixelated corner. Cybercrime isn’t just a futuristic Hollywood plotline, it’s a real threat that targets everyone—from wide-eyed kids to seasoned adults and wise grandparents. And guess what? It’s on the rise faster than your Wi-Fi connection during peak hours (okay, maybe not that fast, but you get the gist).

Scams 109
article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

The Silk Wasm: Obfuscating HTML Smuggling with Web Assembly

NetSpi Technical

For those who aren’t familiar, HTML Smuggling is a technique which hides a blob inside a traditional HTML page. The aim is to bypass traditional detections for file downloads on the wire, such as a HTTP(S) GET request to an external domain for /maliciousmacro.doc. The technique does this by embedding the malicious file within the page, usually in a base64 encoded string.

article thumbnail

Hackers exploit 14-year-old CMS editor on govt, edu sites for SEO poisoning

Bleeping Computer

Threat actors are exploiting a CMS editor discontinued 14 years ago to compromise education and government entities worldwide to poison search results with malicious sites or scams. [.

Scams 105
article thumbnail

Threat Actor Groups, Including Black Basta, are Exploiting Recent ScreenConnect Vulnerabilities

Trend Micro

This blog entry gives a detailed analysis of these recent ScreenConnect vulnerabilities. We also discuss our discovery of threat actor groups, including Black Basta and Bl00dy Ransomware gangs, that are actively exploiting CVE-2024-1708 and CVE-2024-1709 based on our telemetry.

article thumbnail

UnitedHealth subsidiary Optum hack linked to BlackCat ransomware

Bleeping Computer

A cyberattack on UnitedHealth Group subsidiary Optum that led to an ongoing outage impacting the Change Healthcare payment exchange platform was linked to the BlackCat ransomware group by sources familiar with the investigation. [.

article thumbnail

IT Leadership Agrees AI is Here, but Now What?

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.