The Last Watchdog

SEPTEMBER 24, 2024

Ever since the massive National Public Data (NPD) breach was disclosed a few weeks ago, news sources have reported an increased interest in online credit bureaus, and there has been an apparent upswing in onboarding of new subscribers. Related: Class-action lawsuits pile up in wake of NPD hack So what’s the connection? NPD reported the exposure of over 2.7 billion records.

Authentication 215

Authentication Identity Theft Banking Data breaches 215

Tech Republic Security

SEPTEMBER 24, 2024

The Secure Future Initiative was created around the same time the U.S. Cyber Safety Review Board chided Redmond for having a poor security culture.

Engineering 173

Engineering Cybersecurity Data breaches 173

Security Affairs

SEPTEMBER 24, 2024

Israel has been sending text messages, recordings, and hacking radio networks to warn Lebanese citizens to evacuate certain areas. Israel has been sending text messages, recordings, and hacking radio networks to warn Lebanese citizens to evacuate certain areas in the country, likely due to an imminent full-scale strike. Following these warnings, massive bombings in southern and eastern Lebanon killed over 270 people.

Hacking 134

Hacking Spyware Mobile Media 134

Graham Cluley

SEPTEMBER 24, 2024

A new ransomware operation has started to leak information it claims has been stolen from organisations it has compromised around the world. In recent days Valencia Ransomware has posted on its dark web leak site's so-called "Wall of shame" links to gigabytes of downloadable information that has seemingly been exfiltrated from a Californian municipality, a pharmaceutical firm, and a paper manufacturer.

Ransomware 124

Ransomware Manufacturing Data breaches Malware 124

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

Tech Republic Security

SEPTEMBER 24, 2024

Implementing multi-factor authentication, supplier risk-management frameworks, and staff security training could help to reduce data breaches.

Data breaches 127

Data breaches Authentication Risk Cyber Attacks 127

Security Affairs

SEPTEMBER 24, 2024

HP researchers detected a dropper that was generated by generative artificial intelligence services and used to deliver AsyncRAT malware. While investigating a malicious email, HP researchers discovered a malware generated by generative artificial intelligence services and used to deliver the AsyncRAT malware. The AI-generated malware was discovered in June 2024, the phishing message used an invoice-themed lure and an encrypted HTML attachment, utilizing HTML smuggling to avoid detection.

Artificial Intelligence 133

Artificial Intelligence Phishing Malware Encryption 133

Security Affairs

SEPTEMBER 24, 2024

American peer-to-peer payments and money transfer company MoneyGram confirmed that a cyberattack caused its service outage. American interstate and international peer-to-peer payments and money transfer company MoneyGram confirmed that its services are currently unavailable due to a cyberattack. On September 22, the company informed its customers that it was experiencing a network outage impacting connectivity to a number of our systems.

Hacking 128

Hacking Ransomware Cybersecurity Information Security 128

Security Boulevard

SEPTEMBER 24, 2024

The personal information of almost 3,200 Capitol Hill staffers, including passwords and IP addresses, were leaked on the dark web by an unidentified bad actor after some victims used their work email addresses to sign up for online services, according to reports. The post Congressional Staffers’ Data Leaked on Dark Web: Report appeared first on Security Boulevard.

Passwords 121

Passwords Data breaches Mobile Cybersecurity 121

Graham Cluley

SEPTEMBER 24, 2024

Two men have been arrested by the FBI and charged in relation to their alleged involvement in a scam which saw almost a quarter of a billion dollars worth of cryptocurrency stolen from a single victim. Two men arrested one month after $230 million of cryptocurrency stolen from a single victim. The men were allegedly less than careful hiding their behaviour - spending $500,000 a night in nightclubs, buying hundreds of bottles of champagne, gifting designer handbags (and even a pink Lamborgini) to

Cryptocurrency 117

Cryptocurrency Scams 117

The Hacker News

SEPTEMBER 24, 2024

Cybersecurity researchers have discovered a new version of an Android banking trojan called Octo that comes with improved capabilities to conduct device takeover (DTO) and perform fraudulent transactions.

Banking 116

Banking Malware Cybersecurity 116

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

eSecurity Planet

SEPTEMBER 24, 2024

Endpoint detection and response (EDR) is an advanced safety system for detecting, investigating, and resolving cyber attacks on endpoints. It examines incidents, inspects behavior, and restores systems to their pre-attack state. EDR uses artificial intelligence, machine learning, and threat intelligence to dodge recurrences, allowing IT teams to neutralize attacks through threat hunting, behavioral analytics, and containment.

Antivirus 109

Antivirus Threat Detection Small Business Technology 109

The Hacker News

SEPTEMBER 24, 2024

Altered versions of legitimate Android apps associated with Spotify, WhatsApp, and Minecraft have been used to deliver a new version of a known malware loader called Necro. Kaspersky said some of the malicious apps have also been found on the Google Play Store. They have been cumulatively downloaded 11 million times. They include - Wuta Camera - Nice Shot Always (com.benqu.

Malware 115

Malware 115

Security Boulevard

SEPTEMBER 24, 2024

It is a common experience that automating certificate lifecycle management (CLM) in a Windows OS environment comes with several challenges. These challenges arise from the complexity of the Windows ecosystem, security considerations, integration issues, and the need for scalability. Windows OS has multiple certificate stores (Local Machine, User, and Service-specific stores).

102

102

The Hacker News

SEPTEMBER 24, 2024

Antivirus vendor Kaspersky has formally begun pulling back its offerings in the U.S., migrating existing users to UltraAV, effective September 19, 2024, ahead of its formal exit at the end of the month. "Kaspersky antivirus customers received a software update facilitating the transition to UltraAV," the company said in a post announcing the move on September 21.

Software 106

Software Antivirus 106

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Software

Security Boulevard

SEPTEMBER 24, 2024

In what has become an annual ritual between Silicon Valley and the Beltway, a House subcommittee pressed a tech company over a glitch. And the company promised to do better. During a hearing Tuesday, federal lawmakers reacted with measured outrage at CrowdStrike Inc.’s software outage that wreaked havoc with key sectors of the global digital. The post CrowdStrike Gets Grilled By U.S.

Software 100

Software Cybersecurity Network Security 100

The Hacker News

SEPTEMBER 24, 2024

The U.S. Department of Commerce (DoC) said it's proposing a ban on the import or sale of connected vehicles that integrate software and hardware made by foreign adversaries, particularly that of the People's Republic of China (PRC) and Russia.

Software 106

Software 106

SecureList

SEPTEMBER 24, 2024

Web tracking has become a pervasive aspect of our online experience. Whether we’re browsing social media, playing video games, shopping for products, or simply reading news articles, trackers are silently monitoring our online behavior, fueling the ceaseless hum of countless data centers worldwide. In this article, we’re going to explore various types of web trackers and present a detailed annual report that dissects their geographical distribution and organizational affiliations.

Advertising 100

Advertising Technology Marketing Media 100

Google Security

SEPTEMBER 24, 2024

Posted by Xuan Xing, Eugene Rodionov, Jon Bottarini, Adam Bacchus - Android Red Team; Amit Chaudhary, Lyndon Fawcett, Joseph Artgole - Arm Product Security Team Who cares about GPUs? You, me, and the entire ecosystem! GPUs (graphics processing units) are critical in delivering rich visual experiences on mobile devices. However, the GPU software and firmware stack has become a way for attackers to gain permissions and entitlements (privilege escalation) to Android-based devices.

Firmware 95

Firmware Manufacturing Software Engineering 95

Advertisement

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

Cybersecurity

Penetration Testing

SEPTEMBER 24, 2024

In a recently uncovered report by Trend Micro, the notorious RansomHub ransomware group has been found to leverage a powerful new tool, EDRKillShifter, to disable endpoint detection and response (EDR)... The post RansomHub’s EDR-Killer: How Zerologon and EDRKillShifter Exploit Networks Without Detection appeared first on Cybersecurity News.

Ransomware 98

Ransomware Cybersecurity Malware 98

We Live Security

SEPTEMBER 24, 2024

Here’s what parents should know about Snapchat and why you should take some time to ensure your children can stay safe when using the app

110

110

Webroot

SEPTEMBER 24, 2024

In today’s world, both small businesses and everyday consumers face a growing number of cyber threats. From ransomware attacks to phishing scams, hackers are becoming more sophisticated. OpenText’s 2024 Threat Hunter Perspective sheds light on what’s coming next and how to protect yourself. Whether you’re running a small business or managing personal data at home, here’s what you need to know.

Cyber threats 92

Cyber threats Small Business Scams Cybercrime 92

The Hacker News

SEPTEMBER 24, 2024

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a critical security flaw impacting Ivanti Virtual Traffic Manager (vTM) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The vulnerability in question is CVE-2024-7593 (CVSS score: 9.

Cybersecurity 94

Cybersecurity 94

Advertisement

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

Cisco Security

SEPTEMBER 24, 2024

Learn how Cisco’s unique integrations protect RADIUS authentications when connecting to the network. Learn how Cisco’s unique integrations protect RADIUS authentications when connecting to the network.

Authentication 108

Authentication 108

The Hacker News

SEPTEMBER 24, 2024

SaaS applications contain a wealth of sensitive data and are central to business operations. Despite this, far too many organizations rely on half measures and hope their SaaS stack will remain secure. Unfortunately, this approach is lacking and will leave security teams blind to threat prevention and detection, as well as open to regulatory violations, data leaks, and significant breaches.

95

95

NetSpi Technical

SEPTEMBER 24, 2024

Over the years, the Azure Automation Account service has grown and changed significantly. One of the more recent changes is the introduction of Runtime Environments to replace the more traditional module and package management functionality. Azure Automation Accounts have long been a focus of posts on the NetSPI Blog , but we have not really focused on attacks against the modules or packages that support the accounts.

Accountability 91

Accountability Authentication 91

Zero Day

SEPTEMBER 24, 2024

HP's EliteBook x360 1040 is a professional laptop/tablet combo with a feature set that enables one of the best video call environments for a work laptop.

98

98

Advertisement

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.

Cybersecurity

WIRED Threat Level

SEPTEMBER 24, 2024

The US government says outlets like RT work closely with Russian intelligence, and platforms have removed or banned their content. But they’re still influential all around the world.

Media 91

Media Government 91

Zero Day

SEPTEMBER 24, 2024

Along with making tools easier to access, Google is introducing new editing tools to save you time and effort while you create 'stunning' clips.

98

98

Penetration Testing

SEPTEMBER 24, 2024

pgAdmin, the leading open-source management tool for PostgreSQL databases, has released an urgent security update to address a critical vulnerability affecting versions 8.11 and earlier. This flaw, identified as CVE-2024-9014... The post CVE-2024-9014 (CVSS 9.9): pgAdmin’s Critical Vulnerability Puts User Data at Risk appeared first on Cybersecurity News.

Risk 92

Risk Cybersecurity 92

Zero Day

SEPTEMBER 24, 2024

Business, Enterprise, and Frontline users will get access to Gemini for work with security protections at no extra cost. Here's how.

98

98

Advertisement

Leverage the Cloud Development Environment Maturity Model to elevate your software development practices with scalable, secure cloud-based workspaces. This model offers a structured approach to modernizing development, aligning technology, developer experience, security, and workflows. By implementing Cloud Development Environments (CDEs), teams can boost efficiency, improve security, and streamline operations through centralized governance.

Government