April, 2023

article thumbnail

5 most dangerous new attack techniques

CSO Magazine

Cyber experts from the SANS Institute have revealed the five most dangerous new attack techniques being used by attackers including cyber criminals and nation-state actors. They were presented in a session at the RSA Conference in San Francisco, where a panel of SANS analysts explored emerging Tactics, Techniques, and Procedures (TTPs) and advised organizations on how to prepare for them.

article thumbnail

Seized Genesis Market Data is Now Searchable in Have I Been Pwned, Courtesy of the FBI and "Operation Cookie Monster"

Troy Hunt

A quick summary first before the details: This week, the FBI in cooperation with international law enforcement partners took down a notorious marketplace trading in stolen identity data in an effort they've named "Operation Cookie Monster" They've provided millions of impacted email addresses and passwords to Have I Been Pwned (HIBP) so that victims of the incident can discover if they have been exposed.

Marketing 347
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

UK Threatens End-to-End Encryption

Schneier on Security

In an open letter , seven secure messaging apps—including Signal and WhatsApp—point out that the UK’s Online Safety Bill could destroy end-to-end encryption: As currently drafted, the Bill could break end-to-end encryption,opening the door to routine, general and indiscriminate surveillance of personal messages of friends, family members, employees, executives, journalists, human rights activists and even politicians themselves, which would fundamentally undermine everyone’s ab

article thumbnail

Many Public Salesforce Sites are Leaking Private Data

Krebs on Security

A shocking number of organizations — including banks and healthcare providers — are leaking private and sensitive information from their public Salesforce Community websites, KrebsOnSecurity has learned. The data exposures all stem from a misconfiguration in Salesforce Community that allows an unauthenticated user to access records that should only be available after logging in.

Banking 323
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Ransomware attacks increased 91% in March, as threat actors find new vulnerabilities

Tech Republic Security

Ransomware attacks skyrocketed last month according to the new monthly cybersecurity report by NCC Group. New threat group Cl0p is behind the increase as it exploited vulnerabilities in GoAnywhere file transfer manager. The post Ransomware attacks increased 91% in March, as threat actors find new vulnerabilities appeared first on TechRepublic.

article thumbnail

Flipper Zero banned by Amazon for being a ‘card skimming device’

Bleeping Computer

Amazon has banned the sale of the Flipper Zero portable multi-tool for pen-testers as it no longer allows its sale on the platform after tagging it as a card-skimming device. [.

More Trending

article thumbnail

Drop Everything: Update Chrome NOW — 0-Day Exploit in Wild

Security Boulevard

It’s Help|About Time: Chrome’s “V8” JavaScript engine has high-severity vuln. Scrotes already exploiting it. The post Drop Everything: Update Chrome NOW — 0-Day Exploit in Wild appeared first on Security Boulevard.

article thumbnail

FBI Advising People to Avoid Public Charging Stations

Schneier on Security

The FBI is warning people against using public phone-charging stations, worrying that the combination power-data port can be used to inject malware onto the devices: Avoid using free charging stations in airports, hotels, or shopping centers. Bad actors have figured out ways to use public USB ports to introduce malware and monitoring software onto devices that access these ports.

Malware 321
article thumbnail

3CX Breach Was a Double Supply Chain Compromise

Krebs on Security

We learned some remarkable new details this week about the recent supply-chain attack on VoIP software provider 3CX. The lengthy, complex intrusion has all the makings of a cyberpunk spy novel: North Korean hackers using legions of fake executive accounts on LinkedIn to lure people into opening malware disguised as a job offer; malware targeting Mac and Linux users working at defense and cryptocurrency firms; and software supply-chain attacks nested within earlier supply chain attacks.

Malware 312
article thumbnail

BYOD and personal apps: A recipe for data breaches

Tech Republic Security

Some 43% of employees have been targeted with work-related phishing attacks on their personal devices, says a survey from SlashNext. The post BYOD and personal apps: A recipe for data breaches appeared first on TechRepublic.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

iPhones hacked via invisible calendar invites to drop QuaDream spyware

Bleeping Computer

Microsoft and Citizen Lab discovered commercial spyware made by an Israel-based company QuaDream used to compromise the iPhones of high-risk individuals using a zero-click exploit named ENDOFDAYS. [.

Spyware 144
article thumbnail

Linux malware strengthens links between Lazarus and the 3CX supply?chain attack

We Live Security

Similarities with newly discovered Linux malware used in Operation DreamJob corroborate the theory that the infamous North Korea-aligned group is behind the 3CX supply-chain attack The post Linux malware strengthens links between Lazarus and the 3CX supply‑chain attack appeared first on WeLiveSecurity

Malware 145
article thumbnail

Western Digital Hacked: ‘My Cloud’ Data Dead (Even Local Storage!)

Security Boulevard

Déjà Vu: Hack of WD systems leads to My Cloud service outage. Owners unable to access files. The post Western Digital Hacked: ‘My Cloud’ Data Dead (Even Local Storage!) appeared first on Security Boulevard.

Hacking 145
article thumbnail

Car Thieves Hacking the CAN Bus

Schneier on Security

Car thieves are injecting malicious software into a car’s network through wires in the headlights (or taillights) that fool the car into believing that the electronic key is nearby. News articles.

Hacking 307
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Why is ‘Juice Jacking’ Suddenly Back in the News?

Krebs on Security

KrebsOnSecurity received a nice bump in traffic this week thanks to tweets from the Federal Bureau of Investigation (FBI) and the Federal Communications Commission (FCC) about “ juice jacking ,” a term first coined here in 2011 to describe a potential threat of data theft when one plugs their mobile device into a public charging kiosk. It remains unclear what may have prompted the alerts, but the good news is that there are some fairly basic things you can do to avoid having to worry

Mobile 305
article thumbnail

For cybercriminal mischief, it’s dark web vs deep web

Tech Republic Security

A new report from cyberthreat intelligence company Cybersixgill sees threat actors swarming to digital bazaars to collaborate, buy and sell malware and credentials. The post For cybercriminal mischief, it’s dark web vs deep web appeared first on TechRepublic.

Malware 196
article thumbnail

'GhostToken' Opens Google Accounts to Permanent Infection

Dark Reading

A bug in how Google Cloud Platform handles OAuth tokens opened the door to Trojan apps that could access anything in users' personal or business Google Drives, Photos, Gmail, and more.

article thumbnail

HP to patch critical bug in LaserJet printers within 90 days

Bleeping Computer

HP announced in a security bulletin this week that it would take up to 90 days to patch a critical-severity vulnerability that impacts the firmware of certain business-grade printers. [.

Firmware 144
article thumbnail

The Importance of User Roles and Permissions in Cybersecurity Software

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

article thumbnail

TikTok Abused Kids’ Data — UK Fines it $16 Million

Security Boulevard

$8.50 per child: UK regulator punishes TikTok at 5.5% of revenue. Says app illegally tracked children. The post TikTok Abused Kids’ Data — UK Fines it $16 Million appeared first on Security Boulevard.

article thumbnail

LLMs and Phishing

Schneier on Security

Here’s an experiment being run by undergraduate computer science students everywhere: Ask ChatGPT to generate phishing emails, and test whether these are better at persuading victims to respond or click on the link than the usual spam. It’s an interesting experiment, and the results are likely to vary wildly based on the details of the experiment.

Phishing 300
article thumbnail

Not just an infostealer: Gopuram backdoor deployed through 3CX supply chain attack

SecureList

On March 29, Crowdstrike published a report about a supply chain attack conducted via 3CXDesktopApp, a popular VoIP program. Since then, the security community has started analyzing the attack and sharing their findings. The following has been discovered so far: The infection is spread via 3CXDesktopApp MSI installers. An installer for macOS has also been trojanized.

article thumbnail

DDoS attacks rise as pro-Russia groups attack Finland, Israel

Tech Republic Security

Two Russia-associated groups hit Israel and Finland with DDoS attacks, this week. Cybersecurity experts say the actions represent a marked increase in exploits and a harbinger of cyberattacks to come. The post DDoS attacks rise as pro-Russia groups attack Finland, Israel appeared first on TechRepublic.

DDOS 194
article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

Discarded, not destroyed: Old routers reveal corporate secrets

We Live Security

When decommissioning their old hardware, many companies 'throw the baby out with the bathwater' The post Discarded, not destroyed: Old routers reveal corporate secrets appeared first on WeLiveSecurity

142
142
article thumbnail

Hackers abuse Google Command and Control red team tool in attacks

Bleeping Computer

The Chinese state-sponsored hacking group APT41 was found abusing the GC2 (Google Command and Control) red teaming tool in data theft attacks against a Taiwanese media and an Italian job search company. [.

Media 141
article thumbnail

FINALLY! Google Makes 2FA App Useable — BUT There’s a Catch

Security Boulevard

2FA OTP ASAP? Google Authenticator app now syncs your secrets: No stress if you break your phone. The post FINALLY! Google Makes 2FA App Useable — BUT There’s a Catch appeared first on Security Boulevard.

article thumbnail

Researcher Tricks ChatGPT into Building Undetectable Steganography Malware

Dark Reading

Using only ChatGPT prompts, a Forcepoint researcher convinced the AI to create malware for finding and exfiltrating specific documents, despite its directive to refuse malicious requests.

Malware 140
article thumbnail

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

article thumbnail

Following the Lazarus group by tracking DeathNote campaign

SecureList

The Lazarus group is a high-profile Korean-speaking threat actor with multiple sub-campaigns. We have previously published information about the connections of each cluster of this group. In this blog, we’ll focus on an active cluster that we dubbed DeathNote because the malware responsible for downloading additional payloads is named Dn.dll or Dn64.dll.

Malware 141
article thumbnail

Google moves to keep public sector cybersecurity vulnerabilities leashed

Tech Republic Security

Google Cloud and The Center for Internet Security, Inc., launched the Google Cloud Alliance this week with the goal of advancing digital security in the public sector. The Center for Internet Security, founded in 2000 to address growing cyber threats and establish a set of cybersecurity protocols and standards like CIS Critical Security Controls and.

article thumbnail

5 ways threat actors can use ChatGPT to enhance attacks

CSO Magazine

The Cloud Security Alliance (CSA) has revealed five ways malicious actors can use ChatGPT to enhance their attack toolset in a new report exploring the cybersecurity implications of large language models (LLMs). The Security Implications of ChatGPT paper details how threat actors can exploit AI-driven systems in different aspects of cyberattacks including enumeration, foothold assistance, reconnaissance, phishing, and the generation of polymorphic code.

Phishing 138
article thumbnail

WinRAR SFX archives can run PowerShell without being detected

Bleeping Computer

Hackers are adding malicious functionality to WinRAR self-extracting archives that contain harmless decoy files, allowing them to plant backdoors without triggering the security agent on the target system. [.

141
141
article thumbnail

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?