Thu.Sep 28, 2023

article thumbnail

Build for Detection Engineering, and Alerting Will Improve (Part 3)

Anton on Security

This blog series was written jointly with Amine Besson, Principal Cyber Engineer, Behemoth CyberDefence and one more anonymous collaborator. In this blog (#3 in the series), we will start to define and refine our detection engineering machinery to avoid the problems covered in Parts 1 and 2. Detection Engineering is Painful — and It Shouldn’t Be (Part 1) Detection Engineering and SOC Scalability Challenges (Part 2) Adopting detection engineering practices should have a roadmap and eventually bec

article thumbnail

How To Implement Zero Trust: Best Practices and Guidelines

Tech Republic Security

Learn how to implement a Zero Trust security model with our comprehensive guide. Discover the best practices and steps to secure your organization.

Software 162
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

APT34 Deploys Phishing Attack With New Malware

Trend Micro

We observed and tracked the advanced persistent threat (APT) APT34 group with a new malware variant accompanying a phishing attack comparatively similar to the SideTwist backdoor malware. Following the campaign, the group abused a fake license registration form of an African government agency to target a victim in Saudi Arabia.

Phishing 145
article thumbnail

NordVPN Review (2023): Pricing, Security & Performance

Tech Republic Security

Is NordVPN worth it? How much does it cost and is it safe to use? Read our NordVPN review to learn about pricing, features, security, and more.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Ransomware group demands $51 million from Johnson Controls after cyber attack

Graham Cluley

Johnson Controls, a multinational conglomerate that secures industrial control systems, security equipment, fire safety and air conditioning systems, has been hit by a massive cyber attack. Read more in my article on the Hot for Security blog.

article thumbnail

Dark Angels Team ransomware group hit Johnson Controls

Security Affairs

Johnson Controls International suffered a ransomware attack that impacted the operations of the company and its subsidiaries. Johnson Controls International plc is a multinational conglomerate with a diversified portfolio of products and services primarily focused on building technologies and solutions. The company provides HVAC (heating, ventilation, and air conditioning), solutions for building automation, fire and security systems, and components for energy management.

More Trending

article thumbnail

CISA adds JBoss RichFaces Framework flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

US CISA added the flaw CVE-2018-14667 in Red Hat JBoss RichFaces Framework to its Known Exploited Vulnerabilities catalog. US Cybersecurity and Infrastructure Security Agency (CISA) added the critical flaw CVE-2018-14667 (CVSS score 9.8) affecting Red Hat JBoss RichFaces Framework to its Known Exploited Vulnerabilities Catalog. The issue is an Expression Language (EL) injection via the UserResource resource, it affects RichFaces Framework 3.X through 3.3.4.

Hacking 137
article thumbnail

BingGPT is now infested with malware

Bleeping Computer

Malicious advertisements are now being injected into Microsoft's AI-powered Bing Chat responses, promoting fake download sites that distribute malware.

Malware 133
article thumbnail

Cisco urges to patch actively exploited IOS zero-day CVE-2023-20109

Security Affairs

Cisco released security updates for an actively exploited zero-day flaw (CVE-2023-20109) that resides in the GET VPN feature of IOS and IOS XE software. Cisco warned customers to install security updates to address an actively exploited zero-day vulnerability, tracked as CVE-2023-20109 (CVS 6.6), that resides in IOS and IOS XE software. The vulnerability resides in the Group Encrypted Transport VPN (GET VPN) feature of IOS and IOS XE.

VPN 137
article thumbnail

Cisco Warns of Vulnerability in IOS and IOS XE Software After Exploitation Attempts

The Hacker News

Cisco is warning of attempted exploitation of a security flaw in its IOS Software and IOS XE Software that could permit an authenticated remote attacker to achieve remote code execution on affected systems. The medium-severity vulnerability is tracked as CVE-2023-20109, and has a CVSS score of 6.6. It impacts all versions of the software that have the GDOI or G-IKEv2 protocol enabled.

Software 133
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

GOOGLE FIXED THE FIFTH CHROME ZERO-DAY OF 2023

Security Affairs

Google released security updates to address a new actively exploited zero-day vulnerability, tracked as CVE-2023-5217, in the Chrome browser. Google on Wednesday released security updates to address a new actively exploited zero-day flaw in the Chrome browser which is tracked as CVE-2023-5217. The CVE-2023-5217 is a high-severity heap buffer overflow that affects vp8 encoding in libvpx.

article thumbnail

Government Shutdown Poised to Stress Nation's Cybersecurity Supply Chain

Dark Reading

CISA announces it will furlough more than 80% of staff indefinitely if Congress can't reach an agreement to fund the federal government.

article thumbnail

China's BlackTech Hacking Group Exploited Routers to Target U.S. and Japanese Companies

The Hacker News

Cybersecurity agencies from Japan and the U.S. have warned of attacks mounted by a state-backed hacking group from China to stealthily tamper with branch routers and use them as jumping-off points to access the networks of various companies in the two countries. The attacks have been tied to a malicious cyber actor dubbed BlackTech by the U.S.

Hacking 126
article thumbnail

A cryptor, a stealer and a banking trojan

SecureList

Introduction As long as cybercriminals want to make money, they’ll keep making malware, and as long as they keep making malware, we’ll keep analyzing it, publishing reports and providing protection. Last month we covered a wide range of cybercrime topics. For example, we published a private report on a new malware found on underground forums that we call ASMCrypt (related to the DoubleFinger loader ).

Banking 126
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

GitHub Repositories Hit by Password-Stealing Commits Disguised as Dependabot Contributions

The Hacker News

A new deceptive campaign has been observed hijacking GitHub accounts and committing malicious code disguised as Dependabot contributions with an aim to steal passwords from developers.

Passwords 125
article thumbnail

Progress warns of maximum severity WS_FTP Server vulnerability

Bleeping Computer

Progress, the maker of the MOVEit Transfer file-sharing platform recently exploited in widespread data theft attacks, warned customers to patch a maximum severity vulnerability in its WS_FTP Server software. [.

Software 121
article thumbnail

Progress Software Releases Urgent Hotfixes for Multiple Security Flaws in WS_FTP Server

The Hacker News

Progress Software has released hotfixes for a critical security vulnerability, alongside seven other flaws, in the WS_FTP Server Ad hoc Transfer Module and in the WS_FTP Server manager interface. Tracked as CVE-2023-40044, the flaw has a CVSS score of 10.0, indicating maximum severity. All versions of the software are impacted by the flaw. "In WS_FTP Server versions prior to 8.7.4 and 8.8.

Software 124
article thumbnail

Chrome Flags Third Zero-Day This Month That's Tied to Spying Exploits

Dark Reading

So far this year, Google has disclosed six vulnerabilities that attackers were actively exploiting before the company had a patch for them.

119
119
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

FBI: Dual ransomware attack victims now get hit within 48 hours

Bleeping Computer

The FBI has warned about a new trend in ransomware attacks where multiple strains are deployed on victims' networks to encrypt systems in under two days. [.

article thumbnail

New Cisco IOS Zero-Day Delivers a Double Punch

Dark Reading

The networking giant discloses new vulnerabilities the same day as warnings get issued that Cisco gear has been targeted in a Chinese APT attack.

116
116
article thumbnail

Lawsuit Filed Against Google, Meta, H&R Block for Sharing Taxpayer Data

Security Boulevard

Meta, Google, and giant tax preparer H&R Block are being accused of conspiring to illegally use spyware from the tech giants to collect and share tax return information from hundreds of taxpayers that could be used to generate targeted online ads. The three companies – along with Google parent Alphabet – are the targets of. The post Lawsuit Filed Against Google, Meta, H&R Block for Sharing Taxpayer Data appeared first on Security Boulevard.

Spyware 115
article thumbnail

Johnson Controls International Disrupted by Major Cyberattack

Dark Reading

The company filed with the SEC and is assessing its operations and financial damages.

115
115
article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

article thumbnail

What You Need to Know About the libwebp Exploit

Security Boulevard

libwebp exploit timeline CVE-2023-41064; CVE-2023-4863; CVE-2023-5129 On September 7th 2023, researchers at Citizen Lab reported a zero-click exploit that was actively used by NSOs to infect iOS devices with the Pegasus malware – this was disclosed as CVE-2023-41064. A zero-click exploit means that a user is not required to click anything or take any […] The post What You Need to Know About the libwebp Exploit appeared first on OX Security.

Malware 115
article thumbnail

4 Legal Surprises You May Encounter After a Cybersecurity Incident

Dark Reading

Many organizations are not prepared to respond to all the constituencies that come knocking after a breach or ransomware incident.

article thumbnail

Cisco Catalyst SD-WAN Manager flaw allows remote server access

Bleeping Computer

Cisco is warning of five new Catalyst SD-WAN Manager products vulnerabilities with the most critical allowing unauthenticated remote access to the server. [.

113
113
article thumbnail

US Justice Department Urged to Investigate Gunshot Detector Purchases

WIRED Threat Level

A civil liberties group has asked the DOJ to investigate deployment of the ShotSpotter gunfire-detection system, which research shows is often installed in predominantly Black neighborhoods.

111
111
article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

The Dark Side of Browser Isolation – and the Next Generation Browser Security Technologies

The Hacker News

The landscape of browser security has undergone significant changes over the past decade. While Browser Isolation was once considered the gold standard for protecting against browser exploits and malware downloads, it has become increasingly inadequate and insecure in today's SaaS-centric world.

article thumbnail

Microsoft breach led to theft of 60,000 US State Dept emails

Bleeping Computer

Chinese hackers stole tens of thousands of emails from U.S. State Department accounts after breaching Microsoft's cloud-based Exchange email platform in May. [.

article thumbnail

Looking Beyond the Hype Cycle of AI/ML in Cybersecurity

Dark Reading

Artificial intelligence and machine learning aren't yet delivering on their cybersecurity promises. How can we close the gaps?

article thumbnail

China-Linked Budworm Targeting Middle Eastern Telco and Asian Government Agencies

The Hacker News

Government and telecom entities have been subjected to a new wave of attacks by a China-linked threat actor tracked as Budworm using an updated malware toolset.

article thumbnail

IT Leadership Agrees AI is Here, but Now What?

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.