Wed.Nov 08, 2023

article thumbnail

Decoupling for Security

Schneier on Security

This is an excerpt from a longer paper. You can read the whole thing (complete with sidebars and illustrations) here. Our message is simple: it is possible to get the best of both worlds. We can and should get the benefits of the cloud while taking security back into our own hands. Here we outline a strategy for doing that. What Is Decoupling? In the last few years, a slew of ideas old and new have converged to reveal a path out of this morass, but they haven’t been widely recognized, comb

article thumbnail

New SecuriDropper Malware Bypasses Android 13 Restrictions, Disguised as Legitimate Applications

Tech Republic Security

A new malware is bypassing an Android 13 security measure that restricts permissions to apps downloaded out of the legitimate Google Play Store.

Malware 181
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Researchers Uncover Undetectable Crypto Mining Technique on Azure Automation

The Hacker News

Cybersecurity researchers have developed what's the first fully undetectable cloud-based cryptocurrency miner leveraging the Microsoft Azure Automation service without racking up any charges. Cybersecurity company SafeBreach said it discovered three different methods to run the miner, including one that can be executed on a victim's environment without attracting any attention.

article thumbnail

FBI: Ransomware actors abuse third parties and legitimate system tools for initial access

Security Affairs

The FBI published a PIN alert warning of ransomware operators compromising third-party vendors and services for initial access to target environments. The Federal Bureau of Investigation (FBI) published a Private Industry Notification (PIN) to warn of ransomware initial access trends and provide recommendations to reduce the attack surface to ransomware attacks.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Beware, Developers: BlazeStealer Malware Discovered in Python Packages on PyPI

The Hacker News

A new set of malicious Python packages has slithered their way to the Python Package Index (PyPI) repository with the ultimate aim of stealing sensitive information from compromised developer systems. The packages masquerade as seemingly innocuous obfuscation tools, but harbor a piece of malware called BlazeStealer, Checkmarx said in a report shared with The Hacker News.

Malware 135
article thumbnail

Royal Mail jeopardizes users with open redirect flaw

Security Affairs

Royal Mail has left an open redirect vulnerability on one of its sites, exposing its customers to phishing attacks and malware infections. The centuries-old Royal Mail is the largest courier company in the UK, boasting twice the market share of Amazon. The centuries-old Royal Mail is the largest courier company in the UK, boasting twice the market share of Amazon.

Marketing 138

More Trending

article thumbnail

North Korea-linked APT BlueNoroff used new macOS malware ObjCShellz

Security Affairs

The North Korea-linked APT BlueNoroff used a new strain of macOS malware strain dubbed ObjCShellz, Jamf Threat Labs reported. Researchers from Jamf Threat Labs discovered a new macOS malware strain dubbed ObjCShellz and attributed it to North Korea-linked APT BlueNoroff. The experts noticed that the ObjCShellz malware shares similarities with the RustBucket malware campaign associated with the BlueNoroff APT group.

Malware 137
article thumbnail

Malvertiser copies PC news site to deliver infostealer

Malwarebytes

The majority of malvertising campaigns delivering malicious utilities that we have tracked so far typically deceive victims with pages that are almost the exact replica of the software vendor being impersonated. For example, we have seen fake websites appearing like the real Webex, AnyDesk or KeePass home page. In a new campaign, we observed a threat actor copying a legitimate Windows news portal (WindowsReport.com) to distribute a malicious installer for the popular processor tool CPU-Z.

Software 132
article thumbnail

Sumo Logic discloses security breach and recommends customers rotate credentials

Security Affairs

Security firm Sumo Logic disclosed a security breach after discovering the compromise of its AWS account compromised last week. Sumo Logic is a cybersecurity company that specializes in cloud-based log management and analytics. The company disclosed a security breach after discovering that its AWS account was compromised last week. The company discovered the security breach on Friday, November 3, 2023. “On Friday, November 3rd, 2023, Sumo Logic discovered evidence of a potential security i

article thumbnail

Using ChatGPT to cheat on assignments? New tool detects AI-generated text with amazing accuracy

Malwarebytes

ChatGPT and similar Large language models (LLMs) can be used to write texts about any given subject, at any desired length at a speed unmatched by humans. So it’s not a surprise that students have been using them to “help” write assignments, much to the dismay of teachers who prefer to receive original work from actual humans. In fact, in Malwarebytes’ recent research survey, “Everyone’s afraid of the internet and no one’s sure what to do about it,” we found that 40% of people

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Microsoft drops SMB1 firewall rules in new Windows 11 build

Bleeping Computer

Windows 11 will no longer add SMB1 Windows Defender Firewall rules when creating new SMB shares starting with today's Canary Channel Insider Preview Build 25992 build. [.

Firewall 126
article thumbnail

Ransomware Mastermind Uncovered After Oversharing on Dark Web

Dark Reading

Meet "farnetwork," one of the most prolific RaaS operators around, who spilled too many details during an affiliate "job interview.

article thumbnail

WhatsApp Introduces New Privacy Feature to Protect IP Address in Calls

The Hacker News

Meta-owned WhatsApp is officially rolling out a new privacy feature in its messaging service called "Protect IP Address in Calls" that masks users' IP addresses to other parties by relaying the calls through its servers.

article thumbnail

Threat Actors Leverage File-Sharing Service and Reverse Proxies for Credential Harvesting

Trend Micro

We analyzed a phishing campaign involving malicious emails containing a link to a file-sharing solution, which further leads to a PDF document with a secondary link designed to steal login info and session cookies.

Phishing 122
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

What is eIDAS 2.0 and How Digital Identity Verification Plays a Key Role

GlobalSign

In this article, we look at how digital identity verification plays a key role in the eIDAS 2.0 regulation.

119
119
article thumbnail

CISA Alerts: High-Severity SLP Vulnerability Now Under Active Exploitation

The Hacker News

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a high-severity flaw in the Service Location Protocol (SLP) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. Tracked as CVE-2023-29552 (CVSS score: 7.

article thumbnail

MGM and Caesars Attacks Highlight Social Engineering Risks

Dark Reading

Relying on passwords to secure user accounts is a gamble that never pays off.

article thumbnail

Making iPhones and iPads crash with a Flipper Zero

Graham Cluley

Want to crash someone's iPhone or iPad? Turns out it's not that tricky, if you have a Flipper Zero.

112
112
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Experts Expose Farnetwork's Ransomware-as-a-Service Business Model

The Hacker News

Cybersecurity researchers have unmasked a prolific threat actor known as farnetwork, who has been linked to five different ransomware-as-a-service (RaaS) programs over the past four years in various capacities.

article thumbnail

This Is the Ops Manual for the Most Tech-Savvy Animal Liberation Group in the US

WIRED Threat Level

For the first time, guerrilla animal rights group Direct Action Everywhere reveals a guide to its investigative tactics and toolkit, from spy cams to night vision and drones.

112
112
article thumbnail

QNAP warns about critical vulnerabilities in NAS systems

Malwarebytes

QNAP has published a security advisory about two critical vulnerabilities that could allow remote attackers to execute commands via a network. One of the vulnerabilities affects the QTS and QuTS operating systems (OS) for QNAP’s network attached storage systems (NAS). The second one can be found in versions of QTS, the Multimedia Console, and the Media Streaming add-on.

Media 111
article thumbnail

Women sue plastic surgery after hack saw their naked photos posted online

Graham Cluley

Photos of naked patients and medical records have been posted online by extortionists who hacked a Las Vegas plastic surgery, driving victims to file a lawsuit claiming not enough care was taken to protect their private information. Read more in my article on the Hot for Security blog.

Hacking 110
article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

article thumbnail

Sumo Logic discloses security breach, advises API key resets

Bleeping Computer

Security and data analytics company Sumo Logic disclosed a security breach after discovering that its AWS (Amazon Web Services) account was compromised last week. [.

article thumbnail

CISOs Beware: SEC's SolarWinds Action Shows They're Scapegoating Us

Dark Reading

In a rapidly evolving cybersecurity landscape, CISOs must take proactive measures to safeguard their careers and mitigate risks associated with their roles.

CISO 107
article thumbnail

Smashing Security podcast #347: Trolls, military data, and the hitman and her

Graham Cluley

A woman's attempt to hire an assassin online backfires badly, it's scary just how cheap it is to buy information about US military personnel, and trolls and tattoos don't mix. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.

article thumbnail

Evasive Jupyter Infostealer Campaign Showcases Dangerous Variant

Dark Reading

The attacks are another manifestation of the concerning rise in information stealers for harvesting data and enabling persistent access to enterprise networks.

105
105
article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

Guide: How vCISOs, MSPs and MSSPs Can Keep their Customers Safe from Gen AI Risks

The Hacker News

Download the free guide, "It's a Generative AI World: How vCISOs, MSPs and MSSPs Can Keep their Customers Safe from Gen AI Risks." ChatGPT now boasts anywhere from 1.5 to 2 billion visits per month. Countless sales, marketing, HR, IT executive, technical support, operations, finance and other functions are feeding data prompts and queries into generative AI engines.

Risk 96
article thumbnail

Police Use of Face Recognition Is Sweeping the UK

WIRED Threat Level

Face recognition technology has been controversial for years. Cops in the UK are drastically increasing the amount they use it.

article thumbnail

Webinar: Kickstarting Your SaaS Security Strategy & Program

The Hacker News

SaaS applications make up 70% of total company software usage, and as businesses increase their reliance on SaaS apps, they also increase their reliance on those applications being secure. These SaaS apps store an incredibly large volume of data so safeguarding the organization's SaaS app stack and data within is paramount.

article thumbnail

Hackers Exploit Atlassian Vulnerabilities for Cerber Ransomware Attacks

Heimadal Security

Threat groups exploited two recent Atlassian Confluence vulnerabilities to deploy Cerber ransomware. On October 31st, Atlassian released security updates for both flaws and urged users to patch. Both flaws, CVE-2023-22518 and CVE-2023-22515, are ranked 10 which is the maximum risk level. CVE-2023-22515 enables hackers to create unauthorized Confluence administrator accounts.

article thumbnail

IT Leadership Agrees AI is Here, but Now What?

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.