Sun.Jul 21, 2024

article thumbnail

Ransomware Remains a ‘Brutal’ Threat in 2024

Lohrman on Security

Several recently released cyber industry reports show steady or growing ransomware numbers in 2024 so far, and impacts on business and government have never been greater.

article thumbnail

Weekly Update 409

Troy Hunt

It feels weird to be writing anything right now that isn't somehow related to Friday's CrowdStrike incident, but given I recorded this video just a few hours before all hell broke loose, it'll have to wait until next week. This week, the issue that really has me worked up is data breach victim notification or more specifically, lack thereof.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

New Linux Variant of Play Ransomware Targeting VMWare ESXi Systems

The Hacker News

Cybersecurity researchers have discovered a new Linux variant of a ransomware strain known as Play (aka Balloonfly and PlayCrypt) that's designed to target VMWare ESXi environments.

article thumbnail

U.S. CISA adds Adobe Commerce and Magento, SolarWinds Serv-U, and VMware vCenter Server bugs to its Known Exploited Vulnerabilities catalog

Security Affairs

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Adobe Commerce and Magento, SolarWinds Serv-U, and VMware vCenter Server bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog : CVE-2024-34102 Adobe Commerce and Magento Open Source Improper Restriction of XML External Entity Reference (XXE) Vulnerability CVE-2024-28995 SolarW

Hacking 143
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

SocGholish Malware Exploits BOINC Project for Covert Cyberattacks

The Hacker News

The JavaScript downloader malware known as SocGholish (aka FakeUpdates) is being used to deliver a remote access trojan called AsyncRAT as well as a legitimate open-source project called BOINC.

Malware 142
article thumbnail

Microsoft releases Windows repair tool to remove CrowdStrike driver

Bleeping Computer

Microsoft has released a custom WinPE recovery tool to find and remove the faulty CrowdStrike update that crashed an estimated 8.5 million Windows devices on Friday. [.

140
140

More Trending

article thumbnail

Fake CrowdStrike updates target companies with malware, data wipers

Bleeping Computer

Threat actors are exploiting the massive business disruption from CrowdStrike's glitchy update on Friday to target companies with data wipers and remote access tools. [.

Malware 139
article thumbnail

Security Affairs Malware Newsletter – Round 3

Security Affairs

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Hardening of HardBit 10,000 Victims a Day: Infostealer Garden of Low-Hanging Fruit This Meeting Should Have Been an Email Ransomware Detection Model Based on Adaptive Graph Neural Network Learning SEXi ransomware rebrands to APT INC, continues VMware ESXi attacks Facebook ads for Windows desktop themes push info-stealing malware Akira Ransomware Targets the LATAM

Malware 107
article thumbnail

Fake CrowdStrike fixes target companies with malware, data wipers

Bleeping Computer

Threat actors are exploiting the massive business disruption from CrowdStrike's glitchy update on Friday to target companies with data wipers and remote access tools. [.

Malware 111
article thumbnail

U.S. CISA adds Adobe Commerce and Magento, SolarWinds Serv-U, and VMware vCenter Server bugs to its Known Exploited Vulnerabilities catalog

Security Affairs

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Adobe Commerce and Magento, SolarWinds Serv-U, and VMware vCenter Server bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog : CVE-2024-34102 Adobe Commerce and Magento Open Source Improper Restriction of XML External Entity Reference (XXE) Vulnerability CVE-2024-28995 SolarW

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Why NDR is Key to Cyber 'Pest Control'

Trend Micro

Intruders are drawn to enterprise IT environments the way mice are attracted to houses. And once either kind of invader is inside, they can be hard to get out. Network detection and response (NDR) lets you trace intruders’ pathways to find out where they’re coming in—and seal the gaps.

article thumbnail

Fake Browser Updates Lead to Malicious BOINC Installations

Penetration Testing

Huntress, a prominent cybersecurity firm, has recently uncovered a new wave of malicious activities involving the well-known SocGholish or FakeUpdates malware. The attackers have recently been observed leveraging the legitimate BOINC (Berkeley Open Infrastructure... The post Fake Browser Updates Lead to Malicious BOINC Installations appeared first on Cybersecurity News.

Malware 83
article thumbnail

How adware exposed victims to kernel-level threats – Week in Security with Tony Anscombe

We Live Security

Some adware is far more than an annoyance – it can expose the system to even more dangerous threats that can run code at the highest privilege level in Windows.

Adware 78
article thumbnail

CVE-2024-40628 & CVE-2024-40629: Two Maximum Severity Flaws in JumpServer

Penetration Testing

JumpServer, a widely used open-source privileged access management (PAM) tool, has disclosed two critical vulnerabilities that could allow attackers to gain unauthorized access to sensitive systems and data. The vulnerabilities, identified as CVE-2024-40628 and... The post CVE-2024-40628 & CVE-2024-40629: Two Maximum Severity Flaws in JumpServer appeared first on Cybersecurity News.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

USENIX Security ’23 – How Fast Do You Heal? A Taxonomy For Post-Compromise Security In Secure-Channel Establishment

Security Boulevard

Authors/Presenters:Olivier Blazy, Ioana Boureanu, Pascal Lafourcade, Cristina Onete, Léo Robert Many thanks to USENIX for publishing their outstanding USENIX Security ’23 Presenter’s content, and the organizations strong commitment to Open Access. Originating from the conference’s events situated at the Anaheim Marriott ; and via the organizations YouTube channel.

article thumbnail

BlackSuit’s Advanced Ransomware Tactics Exposed: Masquerades as Antivirus

Penetration Testing

In a recent series of events that disrupted major operations, the KADOKAWA Corporation experienced service outages that extended to multiple websites. What initially appeared to be a technical glitch soon escalated into a full-blown... The post BlackSuit’s Advanced Ransomware Tactics Exposed: Masquerades as Antivirus appeared first on Cybersecurity News.

article thumbnail

Security Affairs newsletter Round 481 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Threat actors attempted to capitalize CrowdStrike incident Russian nationals plead guilty to participating in the LockBit ransomware group MediSecure data breach impacted 12.9 million individuals CrowdStrike update epic fail crashed Windows systems worldw

article thumbnail

AWS Security Update: CVE-2024-30164 and CVE-2024-30165 Flaws Found in Client VPN

Penetration Testing

Amazon Web Services (AWS) has issued a security bulletin regarding two vulnerabilities discovered in its Client VPN service. These flaws, identified as CVE-2024-30164 and CVE-2024-30165, could potentially allow malicious actors with access to a... The post AWS Security Update: CVE-2024-30164 and CVE-2024-30165 Flaws Found in Client VPN appeared first on Cybersecurity News.

VPN 62
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Security Affairs newsletter Round 481 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Threat actors attempted to capitalize CrowdStrike incident Russian nationals plead guilty to participating in the LockBit ransomware group MediSecure data breach impacted 12.9 million individuals CrowdStrike update epic fail crashed Windows systems worldw

article thumbnail

Cybercriminals Seize Chaos Amidst CrowdStrike Outage, Deploying Deceptive Domains

Penetration Testing

In the wake of a widespread system outage triggered by a faulty CrowdStrike update, cybercriminals have wasted no time exploiting the chaos. Within 24 hours of the incident, which affected millions of Windows devices... The post Cybercriminals Seize Chaos Amidst CrowdStrike Outage, Deploying Deceptive Domains appeared first on Cybersecurity News.

article thumbnail

CVE-2024-41107: Apache CloudStack Vulnerability Exposes User Accounts to Compromise

Penetration Testing

The Apache Software Foundation has issued a security advisory regarding a critical vulnerability (CVE-2024-41107) in its open-source cloud computing platform, Apache CloudStack. This flaw affects the Security Assertion Markup Language (SAML) authentication mechanism, potentially... The post CVE-2024-41107: Apache CloudStack Vulnerability Exposes User Accounts to Compromise appeared first on Cybersecurity News.

article thumbnail

Widespread Outage: CrowdStrike Update Affects 8.5 Million Windows Users

Penetration Testing

Issues with the software update from CrowdStrike Holdings Inc. impacted 8.5 million devices worldwide running the Microsoft Windows operating system. Representatives from Microsoft Corp. clarified that the affected devices constitute less than 1% of... The post Widespread Outage: CrowdStrike Update Affects 8.5 Million Windows Users appeared first on Cybersecurity News.

article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!