Mon.Nov 06, 2023

article thumbnail

Hackers, Scrapers & Fakers: What's Really Inside the Latest LinkedIn Dataset

Troy Hunt

I like to think of investigating data breaches as a sort of scientific search for truth. You start out with a theory (a set of data coming from an alleged source), but you don't have a vested interested in whether the claim is true or not, rather you follow the evidence and see where it leads. Verification that supports the alleged source is usually quite straightforward , but disproving a claim can be a rather time consuming exercise, especially when a dataset contains fragments of truth m

article thumbnail

Crashing iPhones with a Flipper Zero

Schneier on Security

The Flipper Zero is an incredibly versatile hacking device. Now it can be used to crash iPhones in its vicinity by sending them a never-ending stream of pop-ups. These types of hacks have been possible for decades, but they require special equipment and a fair amount of expertise. The capabilities generally required expensive SDRs­—short for software-defined radios­—that, unlike traditional hardware-defined radios, use firmware and processors to digitally re-create radio signal tran

Firmware 309
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Who’s Behind the SWAT USA Reshipping Service?

Krebs on Security

Last week, KrebsOnSecurity broke the news that one of the largest cybercrime services for laundering stolen merchandise was hacked recently, exposing its internal operations, finances and organizational structure. In today’s Part II, we’ll examine clues about the real-life identity of “ Fearlless ,” the nickname chosen by the proprietor of the SWAT USA Drops service.

Passwords 274
article thumbnail

Decoupled SIEM: Brilliant or Stupid?

Anton on Security

Frankly, not sure why I am writing this, I get a sense that this esoteric topic is of interest to a very small number of people. But hey … LinkedIn made me do it :-) And many of those few people are my friends or at least close industry peers. So, the topic is so-called “decoupled SIEM” (I probably made up the term, but …hey… at least this is not an acronym like EDR so YMMV).

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

GUEST ESSAY: How to mitigate the latest, greatest phishing variant — spoofed QR codes

The Last Watchdog

QR code phishing attacks started landing in inboxes around the world about six months ago. Related: ‘BEC’ bilking on the rise These attacks prompt the target to scan a QR code and trick them into downloading malware or sharing sensitive information. In June, we started seeing these types of attacks amongst our customer base. Since June, there has been a fourfold increase in the search volume around keywords associated with these types of attacks.

Phishing 202
article thumbnail

Attackers use Google Calendar RAT to abuse Calendar service as C2 infrastructure

Security Affairs

Google warns of multiple threat actors that are leveraging its Calendar service as a command-and-control (C2) infrastructure. Google warns of multiple threat actors sharing a public proof-of-concept (PoC) exploit, named Google Calendar RAT, that relies on Calendar service to host command-and-control (C2) infrastructure. Google Calendar RAT is a PoC of Command&Control (C2) over Google Calendar Events, it was developed red teaming activities. “To use GRC, only a Gmail account is require

More Trending

article thumbnail

QNAP fixed two critical vulnerabilities in QTS OS and apps

Security Affairs

Taiwanese vendor QNAP warns of two critical command injection flaws in the QTS operating system and applications on its NAS devices. Taiwanese vendor QNAP Systems addressed two critical command injection vulnerabilities, tracked as CVE-2023-23368 and CVE-2023-23369 , that impact the QTS operating system and applications on its network-attached storage (NAS) devices.

Media 137
article thumbnail

Navigating the security and privacy challenges of large language models

We Live Security

Organizations that intend to tap the potential of LLMs must also be able to manage the risks that could otherwise erode the technology’s business value

Risk 134
article thumbnail

Socks5Systemz proxy service delivered via PrivateLoader and Amadey

Security Affairs

Threat actors infected more than 10,000 devices worldwide with the ‘PrivateLoader’ and ‘Amadey’ loaders to recruit them into the proxy botnet ‘Socks5Systemz.’ Bitsight researchers uncovered a proxy botnet delivered, tracked as Socks5Systemz, which was delivered by PrivateLoader and Amadey loaders. The name Socks5Systemz comes from the name of the unique login panel consistently present in all the C2 servers.

Malware 137
article thumbnail

Microsoft will roll out MFA-enforcing policies for admin portal access

Bleeping Computer

Microsoft will roll out Conditional Access policies requiring multifactor authentication from administrators when signing into Microsoft admin portals such as Microsoft Entra, Microsoft 365, Exchange, and Azure. [.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Critical Confluence flaw exploited in ransomware attacks

Security Affairs

Experts warn threat actors that started exploiting a recent critical flaw CVE-2023-22518 in Confluence Data Center and Confluence Server. Over the weekend threat actors started exploiting a recently disclosed vulnerability ( CVE-2023-22518 ) in all versions of Atlassian Confluence Data Center and Confluence Server. Atlassian last week warned of the CVE-2023-22518 (CVSS score 9.1), the issue is an improper authorization issue that can lead to significant data loss if exploited by an unauthentica

article thumbnail

SecuriDropper: New Android Dropper-as-a-Service Bypasses Google's Defenses

The Hacker News

Cybersecurity researchers have shed light on a new dropper-as-a-service (DaaS) for Android called SecuriDropper that bypasses new security restrictions imposed by Google and delivers the malware.

article thumbnail

Meet Your New Cybersecurity Auditor: Your Insurer

Dark Reading

As cyber insurance gets more expensive and competitive, security decision-makers have actionable opportunities to strengthen their cyber defenses.

Insurance 126
article thumbnail

QNAP Releases Patch for 2 Critical Flaws Threatening Your NAS Devices

The Hacker News

QNAP has released security updates to address two critical security flaws impacting its operating system that could result in arbitrary code execution. Tracked as CVE-2023-23368 (CVSS score: 9.8), the vulnerability is described as a command injection bug affecting QTS, QuTS hero, and QuTScloud.

128
128
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Veeam warns of critical bugs in Veeam ONE monitoring platform

Bleeping Computer

Veeam released hotfixes today to address four vulnerabilities in the company's Veeam ONE IT infrastructure monitoring and analytics platform, two of them critical. [.

119
119
article thumbnail

Critical Flaws Discovered in Veeam ONE IT Monitoring Software – Patch Now

The Hacker News

Veeam has released security updates to address four flaws in its ONE IT monitoring and analytics platform, two of which are rated critical in severity. The list of vulnerabilities is as follows - CVE-2023-38547 (CVSS score: 9.

Software 116
article thumbnail

Gaming-related cyberthreats in 2023: Minecrafters targeted the most

SecureList

Introduction and trends The gaming industry continues growing. The Newzoo report for 2023 reveals that two in five — more than three billion — across the globe are gamers, which is 6.3 percent more than last year. Globally, gaming revenue amounts to an estimated US$242.39 billion , with almost half of that generated by the Asia Pacific. By the year 2030, this worldwide total is expected to more than double to US$583.69 billion.

Mobile 115
article thumbnail

New Jupyter Infostealer Version Emerges with Sophisticated Stealth Tactics

The Hacker News

An updated version of an information stealer malware known as Jupyter has resurfaced with "simple yet impactful changes" that aim to stealthily establish a persistent foothold on compromised systems.

Malware 115
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Virtual Kidnapping: AI Tools Are Enabling IRL Extortion Scams

Dark Reading

With AI and publicly available data, cybercriminals have the resources they need to fake a real-life kidnapping and make you believe it.

Scams 114
article thumbnail

Iranian Hackers Launch Destructive Cyber Attacks on Israeli Tech and Education Sectors

The Hacker News

Israeli higher education and tech sectors have been targeted as part of a series of destructive cyber attacks that commenced in January 2023 with an aim to deploy previously undocumented wiper malware.

Education 113
article thumbnail

Holiday Online Shopping Safety Tips

Identity IQ

Holiday Online Shopping Safety Tips IdentityIQ The holiday shopping season is quickly approaching and will be gone before you know it. So, it’s time to start checking off that gift list! Online holiday shopping brings game-changing convenience to busy shoppers, but without the proper safety best practices, online shoppers can be vulnerable to hackers, identity theft , and all other kinds of scams.

article thumbnail

Experts Warn of Ransomware Hackers Exploiting Atlassian and Apache Flaws

The Hacker News

Multiple ransomware groups have begun to actively exploit recently disclosed flaws in Atlassian Confluence and Apache ActiveMQ. Cybersecurity firm Rapid7 said it observed the exploitation of CVE-2023-22518 and CVE-2023-22515 in multiple customer environments, some of which have been leveraged for the deployment of Cerber (aka C3RB3R) ransomware.

article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

article thumbnail

Medical research data Advarra stolen after SIM swap

Malwarebytes

Clinical research company Advarra has reportedly been compromised after a SIM swap on one of their executives. SIM swapping, also known as SIM jacking, is the act of illegally taking over a target’s cell phone number. This can be done in a number of ways, but one of the most common methods involves tricking the target’s phone carrier into porting the phone number to a new SIM which is under the control of the attacker.

article thumbnail

Middle East's 5G Acceleration May Pose Serious Security Issues

Dark Reading

Telcos across the Middle East are rapidly rolling out 5G networks. Will this accelerated adoption lead to higher security vulnerabilities?

103
103
article thumbnail

Hackers exploit Looney Tunables Linux bug, steal cloud creds

Bleeping Computer

The operators of the Kinsing malware are targeting cloud environments with systems vulnerable to "Looney Tunables," a Linux security issue identified as CVE-2023-4911 that allows a local attacker to gain root privileges on the system. [.

Malware 102
article thumbnail

Kinsing Cyberattackers Debut 'Looney Tunables' Cloud Exploits

Dark Reading

Admins need to patch immediately, as the prolific cybercrime group pivots from cryptomining to going after cloud secrets and credentials.

article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

Is ChatGPT writing your code? Watch out for malware

InfoWorld on Security

Developers have long used sites like Stack Overflow as forums where they could get code examples and assistance. That community is rapidly being replaced by generative AI tools such as ChatGPT. Today, developers ask AI chatbots to help create sample code, translate from one programming language to another, and even write test cases. These chatbots have become full-fledged members of your development teams.

Malware 98
article thumbnail

Novel Google Cloud RAT Uses Calendar Events for C2

Dark Reading

Cybercriminals are abusing legitimate functions within cloud services, and providers can't totally stop them, especially when it comes to innovative approaches like this.

102
102
article thumbnail

New DDoS Attacks Waves. Cybersecurity Expert Robertino Matausch Explains HTTP/2 Rapid Reset 

Heimadal Security

If you switched from using HTTP/1 to HTTP/2 you`re a possible target of massive DDoS attacks. Hackers started recently to exploit a key feature of the HTTP/2 protocol. The vulnerability was called CVE-2023-44487. The HTTP/2 Rapid Reset DDoS attacks that targeted Google services this August went over 398 million requests per second. The attacks were 76% […] The post New DDoS Attacks Waves.

DDOS 92
article thumbnail

Gootloader Aims Malicious, Custom Bot Army at Enterprise Networks

Dark Reading

Previously limited to initial access brokering, the Gootloader group has pivoted to a nasty post-compromise "GootBot" attack, each implant with its own C2.

100
100
article thumbnail

IT Leadership Agrees AI is Here, but Now What?

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.