February, 2019

article thumbnail

A Deep Dive on the Recent Widespread DNS Hijacking Attacks

Krebs on Security

The U.S. government — along with a number of leading security companies — recently warned about a series of highly complex and widespread attacks that allowed suspected Iranian hackers to siphon huge volumes of email passwords and other sensitive data from multiple governments and private companies. But to date, the specifics of exactly how that attack went down and who was hit have remained shrouded in secrecy.

DNS 270
article thumbnail

Attacking Soldiers on Social Media

Schneier on Security

A research group at NATO's Strategic Communications Center of Excellence catfished soldiers involved in an European military exercise -- we don't know what country they were from -- to demonstrate the power of the attack technique. Over four weeks, the researchers developed fake pages and closed groups on Facebook that looked like they were associated with the military exercise, as well as profiles impersonating service members both real and imagined.

Media 251
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Facebook May Be Fined for Billions for Cambridge Analytica Scandal

Adam Levin

Facebook’s long string of privacy scandals may (finally) have some meaningful repercussions by way of a multi-billion dollar fine from the Federal Trade Commission. The social media giant has been under investigation by the FTC since March 2018 in the wake of the Cambridge Analytica scandal, which affected 87 million users and may have been a pivotal influence in the 2016 election campaign.

Media 248
article thumbnail

The Queen of the Skies and Innovation

Adam Shostack

The Seattle Times has a story today about how “ 50 years ago today, the first 747 took off and changed aviation.” It’s true. The 747 was a marvel of engineering and luxury. The book by Joe Sutter is a great story of engineering leadership. For an upcoming flight, I paid extra to reserve an upper deck seat before the last of the passenger-carrying Queens of the Skies retires.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

The Race to the Bottom of Credential Stuffing Lists; Collections #2 Through #5 (and More)

Troy Hunt

A race to the bottom is a market condition in which there is a surplus of a commodity relative to the demand for it. Often the term is used to describe labour conditions (workers versus jobs), and in simple supply and demand terms, once there's so much of something all vying for the attention of those consuming it, the value of it plummets. On reflecting over the last 3 and a half weeks, this is where we seem to be with credential stuffing lists today and I want to use this blog post to explain

Passwords 207
article thumbnail

70000 Pakistani banks’ cards with PINs go on sale on the dark web.

Security Affairs

Group-IB experts discovered new databases with a total of 69,189 Pakistani banks’ cards that have shown up for sale on the dark web. Group-IB , an international company that specializes in preventing cyberattacks, has discovered new databases with a total of 69,189 Pakistani banks’ cards that have shown up for sale on the dark web. The total market value of the databases is estimated at nearly 3.5 million USD.

Banking 112

More Trending

article thumbnail

Can Everybody Read the US Terrorist Watch List?

Schneier on Security

After years of claiming that the Terrorist Screening Database is kept secret within the government, we have now learned that the DHS shares it "with more than 1,400 private entities, including hospitals and universities.". Critics say that the watchlist is wildly overbroad and mismanaged, and that large numbers of people wrongly included on the list suffer routine difficulties and indignities because of their inclusion.

article thumbnail

NATO Group Catfished Soldiers to Prove a Point About Privacy

WIRED Threat Level

With $60 and a few fake Facebook accounts, researchers were able to identify service members in a military exercise, track their movement, and even persuade them to disobey orders.

article thumbnail

A third of companies are largely unprepared for cybersecurity attacks: eSecurity Planet Survey

eSecurity Planet

A third of companies are unprepared for some of the most damaging cyber attacks, such as APTs, insider threats, ransomware and DDoS attacks.

DDOS 110
article thumbnail

Why Cybersecurity Burnout Is Real (and What to Do About It)

Dark Reading

The constant stresses from advanced malware to zero-day vulnerabilities can easily turn into employee overload with potentially dangerous consequences. Here's how to turn down the pressure.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Facebook paid $25,000 for CSRF exploit that leads to Account Takeover

Security Affairs

Facebook paid a $25,000 bounty for a critical cross-site request forgery (CSRF) vulnerability that could have been exploited to hijack accounts simply by tricking users into clicki on a link. The white hat hacker who goes online with the moniker “Samm0uda” discovered a critical CSRF vulnerability in Facebook and the social network giant paid a $25,000 bounty. “This bug could have allowed malicious users to send requests with CSRF tokens to arbitrary endpoints on Facebook which could lead t

article thumbnail

New Breed of Fuel Pump Skimmer Uses SMS and Bluetooth

Krebs on Security

Fraud investigators say they’ve uncovered a sophisticated new breed of credit card skimmers being installed at gas pumps that is capable of relaying stolen card data via mobile text message, thereby enabling fraudsters to collect it from anywhere in the world. One interesting component of this criminal innovation is a small cellphone and Bluetooth-enabled device hidden inside the contactless payment terminal of the pump, which appears to act as a Bluetooth hub that wirelessly gathers card

Wireless 262
article thumbnail

Using Gmail "Dot Addresses" to Commit Fraud

Schneier on Security

In Gmail addresses, the dots don't matter. The account "bruceschneier@gmail.com" maps to the exact same address as "bruce.schneier@gmail.com" and "b.r.u.c.e.schneier@gmail.com" -- and so on. (Note: I own none of those addresses, if they are actually valid.). This fact can be used to commit fraud : Recently, we observed a group of BEC actors make extensive use of Gmail dot accounts to commit a large and diverse amount of fraud.

article thumbnail

The Russian Sleuth Who Outs Moscow's Elite Hackers and Assassins

WIRED Threat Level

Roman Dobrokhotov has been playing a dangerous game for a Russian reporter: identifying agents of the GRU military intelligence agency.

111
111
article thumbnail

The Importance of User Roles and Permissions in Cybersecurity Software

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

article thumbnail

Over Half of Companies Are Upping Spending on IT Security: eSecurity Planet Survey

eSecurity Planet

Data breaches and new privacy regulations are prompting increased spending on IT security products and staff.

article thumbnail

Ransomware Attack Via MSP Locks Customers Out of Systems

Dark Reading

Vulnerable plugin for a remote management tool gave attackers a way to encrypt systems belonging to all customers of a US-based MSP.

article thumbnail

PDF zero-day samples harvest user data when opened in Chrome

Security Affairs

Experts at Exploit detection service EdgeSpot detected several PDF documents that exploit a zero-day flaw in Chrome to harvest user data. Exploit detection service EdgeSpot spotted several PDF documents that exploit a zero-day vulnerability in Chrome to harvest data on users who open the files through the popular web browser. The experts initially detected the specially-crafted PDF files in December 2018.

article thumbnail

Email Provider VFEmail Suffers ‘Catastrophic’ Hack

Krebs on Security

Email provider VFEmail has suffered what the company is calling “catastrophic destruction” at the hands of an as-yet unknown intruder who trashed all of the company’s primary and backup data in the United States. The firm’s founder says he now fears some 18 years’ worth of customer email may be gone forever. Founded in 2001 and based in Milwaukee, Wisc., VFEmail provides email service to businesses and end users.

Hacking 260
article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

Cyberinsurance and Acts of War

Schneier on Security

I had not heard about this case before. Zurich Insurance has refused to pay Mondelez International's claim of $100 million in damages from NotPetya. It claims it is an act of war and therefor not covered. Mondelez is suing. Those turning to cyber insurance to manage their exposure presently face significant uncertainties about its promise. First, the scope of cyber risks vastly exceeds available coverage, as cyber perils cut across most areas of commercial insurance in an unprecedented manner: d

article thumbnail

There's No Good Reason to Trust Blockchain Technology

WIRED Threat Level

Opinion: Cryptocurrencies are useless. Blockchain solutions are frequently much worse than the systems they replace. Here's why.

article thumbnail

SpeakUp Linux Backdoor Sets Up for Major Attack

Threatpost

Armed with an impressive bag of exploits and other tricks for propagation, researchers believe the new trojan could be the catalyst for an upcoming, major cyber-offensive.

Malware 82
article thumbnail

Cybersecurity and the Human Element: We're All Fallible

Dark Reading

We examine the issue of fallibility from six sides: end users, security leaders, security analysts, IT security administrators, programmers, and attackers.

article thumbnail

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

article thumbnail

Docker runc flaw opens the door to a ‘Doomsday scenario’

Security Affairs

Security experts found a serious flaw tracked CVE-2019-5736 affecting runc , the default container runtime for Docker, containerd , Podman, and CRI-O. Aleksa Sarai, a senior software engineer at SUSE Linux GmbH, has disclosed a serious vulnerability tracked CVE-2019-5736 affecting runc , the default container runtime for Docker, containerd , Podman, and CRI-O.

article thumbnail

Crooks Continue to Exploit GoDaddy Hole

Krebs on Security

Godaddy.com , the world’s largest domain name registrar, recently addressed an authentication weakness that cybercriminals were using to blast out spam through legitimate, dormant domains. But several more recent malware spam campaigns suggest GoDaddy’s fix hasn’t gone far enough, and that scammers likely still have a sizable arsenal of hijacked GoDaddy domains at their disposal.

DNS 246
article thumbnail

On the Security of Password Managers

Schneier on Security

There's new research on the security of password managers, speficially 1Password, Dashlane, KeePass, and Lastpass. This work specifically looks at password leakage on the host computer. That is, does the password manager accidentally leave plaintext copies of password lying around memory? All password managers we examined sufficiently secured user secrets while in a 'not running' state.

article thumbnail

7 Scenarios for How the Mueller Probe Might End

WIRED Threat Level

New reports say that Robert Mueller will be "wrapping up" his investigation soon. Here's what that might actually mean.

111
111
article thumbnail

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

article thumbnail

Ring Doorbell Flaw Opens Door to Spying

Threatpost

Researchers are urging Ring users to update to the latest version of the smart doorbell after a serious flaw triggered privacy concerns.

IoT 91
article thumbnail

6 Tips for Getting the Most from Your VPN

Dark Reading

VPNs are critical for information security. But simply having these cozy security tunnels in the toolkit isn't enough to keep an organization's data safe.

VPN 97
article thumbnail

Android devices could be hacked by viewing a malicious PNG Image

Security Affairs

Google patched a critical flaw in its Android OS that allows an attacker to send a specially crafted PNG image file to hack a target device, Opening an image file on your smartphone could allow attackers to hack into your Android device due to three critical vulnerabilities, CVE-2019-1986, CVE-2019-1987, and CVE-2019-1988. The flaws affect millions of Android devices running versions of the Google OS, ranging from Android 7.0 Nougat to the latest Android 9.0 Pie.

Hacking 111
article thumbnail

Payroll Provider Gives Extortionists a Payday

Krebs on Security

Payroll software provider Apex Human Capital Management suffered a ransomware attack this week that severed payroll management services for hundreds of the company’s customers for nearly three days. Faced with the threat of an extended outage, Apex chose to pay the ransom demand and begin the process of restoring service to customers. Roswell, Ga. based Apex HCM is a cloud-based payroll software company that serves some 350 payroll service bureaus that in turn provide payroll services to s

article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.