Schneier on Security

APRIL 25, 2024

The web has become so interwoven with everyday life that it is easy to forget what an extraordinary accomplishment and treasure it is. In just a few decades, much of human knowledge has been collectively written up and made available to anyone with an internet connection. But all of this is coming to an end. The advent of AI threatens to destroy the complex online ecosystem that allows writers, artists, and other creators to reach human audiences.

Engineering 342

Engineering Internet Internet Artificial Intelligence 342

Krebs on Security

APRIL 10, 2024

On April 9, Twitter/X began automatically modifying links that mention “twitter.com” to read “x.com” instead. But over the past 48 hours, dozens of new domain names have been registered that demonstrate how this change could be used to craft convincing phishing links — such as fedetwitter[.]com , which until very recently rendered as fedex.com in tweets.

Phishing 336

Phishing Media Engineering Technology 336

Tech Republic Security

APRIL 25, 2024

Researchers from the University of Illinois Urbana-Champaign found that OpenAI’s GPT-4 is able to exploit 87% of a list of vulnerabilities when provided with their NIST descriptions.

Artificial Intelligence 198

Artificial Intelligence 198

Pen Test Partners

APRIL 30, 2024

TL;DR Even though MFA is effective it is one security control amongst many Even if MFA is in use, check its configuration Consider unexpected patterns of use, such as people logging in from Linux or macOS Make sure you log and can react to out-of-band behaviour Introduction On a recent Red Team engagement we got Domain Admin privileges on the on-premises Active Directory (AD) network.

Authentication 145

Authentication Passwords Accountability Engineering 145

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

Penetration Testing

APRIL 27, 2024

Security researcher Gabe Kirkpatrick has released proof-of-concept (PoC) exploit code for CVE-2024-21345, a high-severity Windows Kernel Elevation of Privilege vulnerability. This exploit allows authenticated attackers to escalate privileges to the SYSTEM level, granting them... The post Windows Kernel EoP Vulnerability (CVE-2024-21345) Gets PoC Exploit Code appeared first on Penetration Testing.

Penetration Testing 145

Penetration Testing Authentication 145

The Hacker News

APRIL 12, 2024

Palo Alto Networks is warning that a critical flaw impacting its PAN-OS software used in its GlobalProtect gateways is being exploited in the wild. Tracked as CVE-2024-3400, the issue has a CVSS score of 10.0, indicating maximum severity.

Software 145

Software 145

SecureList

APRIL 12, 2024

On March 29, 2024, a single message on the Openwall OSS-security mailing list marked an important discovery for the information security, open source and Linux communities: the discovery of a malicious backdoor in XZ. XZ is a compression utility integrated into many popular distributions of Linux. The particular danger of the backdoored library lies in its use by the OpenSSH server process sshd.

Malware 144

Malware Technology Encryption Accountability 144

Tech Republic Security

APRIL 12, 2024

Research has found that criminals can demand higher ransom when they compromise an organisation’s backup data in a ransomware attack. Discover advice from security experts on how to properly protect your backup.

Backups 193

Backups Ransomware Cybersecurity 193

Duo's Security Blog

APRIL 10, 2024

Enrolling users to use multi-factor authentication (MFA) is an essential security step for any organization. But user enrollment can be a logistical challenge and comes with security risks. In this blog we’ll discuss enrollment options and best security practices for Duo admins, whether they are rolling out MFA for the first time or maintaining enrollment for their users.

Authentication 144

Authentication Accountability Risk Government 144

Penetration Testing

APRIL 28, 2024

QNAP, a leading manufacturer of network attached storage (NAS) devices, has issued an urgent security advisory to its users concerning multiple severe vulnerabilities across its suite of NAS software products. These flaws, if exploited,... The post CVE-2024-32766 (CVSS 10) – QNAP Vulnerability: Hackers Can Hijack Your NAS appeared first on Penetration Testing.

Penetration Testing 145

Penetration Testing Manufacturing Software 145

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

Malwarebytes

APRIL 2, 2024

Telecommunications giant AT&T has finally confirmed that 73 million current and former customers have been caught up in a massive dark web data leak. The leaked data includes names, addresses, mobile phone numbers, dates of birth, and social security numbers. Malwarebytes VP of Consumer Privacy, Oren Arar, describes the AT&T breach as “especially risky” because much of the type of data that’s been exposed. “SSN, name, date of birth—this is personal identifiable in

Data breaches 144

Data breaches Passwords Phishing Accountability 144

Schneier on Security

APRIL 2, 2024

The cybersecurity world got really lucky last week. An intentionally placed backdoor in xz Utils, an open-source compression utility, was pretty much accidentally discovered by a Microsoft engineer—weeks before it would have been incorporated into both Debian and Red Hat Linux. From ArsTehnica : Malicious code added to xz Utils versions 5.6.0 and 5.6.1 modified the way the software functions.

Social Engineering 338

Social Engineering Engineering Software Encryption 338

The Hacker News

APRIL 29, 2024

A previously undocumented cyber threat dubbed Muddling Meerkat has been observed undertaking sophisticated domain name system (DNS) activities in a likely effort to evade security measures and conduct reconnaissance of networks across the world since October 2019.

DNS 142

DNS Internet Internet Cyber threats 142

Tech Republic Security

APRIL 19, 2024

Oxford University researchers used an approach dubbed “blind quantum computing” to connect two quantum computing entities in a way that is completely secure.

Artificial Intelligence 193

Artificial Intelligence Network Security 193

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Bleeping Computer

APRIL 6, 2024

A threat researcher has disclosed a new arbitrary command injection and hardcoded backdoor flaw in multiple end-of-life D-Link Network Attached Storage (NAS) device models. [.

Accountability 144

Accountability 144

Penetration Testing

APRIL 22, 2024

Security researcher Naor Hodorov has made public a proof-of-concept (PoC) exploit for a severe vulnerability (CVE-2024-21111) in Oracle VirtualBox. This vulnerability plagues VirtualBox versions before 7.0.16 and allows attackers with basic access to a... The post Oracle VirtualBox Elevation of Privilege Vulnerability (CVE-2024-21111): PoC Published appeared first on Penetration Testing.

Penetration Testing 145

Penetration Testing 145

Security Affairs

APRIL 17, 2024

Threat actors are exploiting the CVE-2023-22518 flaw in Atlassian servers to deploy a Linux variant of Cerber (aka C3RB3R) ransomware. At the end of October 2023, Atlassian warned of a critical security flaw, tracked as CVE-2023-22518 (CVSS score 9.1), that affects all versions of Confluence Data Center and Server. The vulnerability is an improper authorization issue that can lead to significant data loss if exploited by an unauthenticated attacker.

Ransomware 144

Ransomware Encryption Malware Accountability 144

Schneier on Security

APRIL 4, 2024

The ProtonMail people are accusing Microsoft’s new Outlook for Windows app of conducting extensive surveillance on its users. It shares data with advertisers, a lot of data: The window informs users that Microsoft and those 801 third parties use their data for a number of purposes, including to: Store and/or access information on the user’s device Develop and improve products Personalize ads and content Measure ads and content Derive audience insights Obtain precise geolocation data

Surveillance 333

Surveillance Advertising Data collection 333

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

The Hacker News

APRIL 22, 2024

New research has found that the DOS-to-NT path conversion process could be exploited by threat actors to achieve rootkit-like capabilities to conceal and impersonate files, directories, and processes.

142

142

Tech Republic Security

APRIL 8, 2024

Read about a supply chain attack that involves XZ Utils, a data compressor widely used in Linux systems, and learn how to protect from this threat.

Social Engineering 195

Social Engineering Engineering Cybersecurity 195

Bleeping Computer

APRIL 20, 2024

A GitHub flaw, or possibly a design decision, is being abused by threat actors to distribute malware using URLs associated with a Microsoft repository, making the files appear trustworthy.

Malware 143

Malware 143

Penetration Testing

APRIL 28, 2024

Cybersecurity researcher Gabe Kirkpatrick shared technical details and proof-of-concept (PoC) exploit code for a high-severity elevation of privilege vulnerability (CVE-2024-26218) bug affecting the Windows Kernel. Microsoft released security updates to address it on all... The post Researcher Releases PoC Exploit for Windows Kernel EoP Vulnerability (CVE-2024-26218) appeared first on Penetration Testing.

Penetration Testing 145

Penetration Testing Cybersecurity 145

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

Security Boulevard

APRIL 8, 2024

Cybercriminals pilfered an average of 50.9 login credentials per device, evidence of the pressing need for cybersecurity measures. The post 10 Million Devices Were Infected by Data-Stealing Malware in 2023 appeared first on Security Boulevard.

Malware 141

Malware Cybersecurity Social Engineering Engineering 141

Schneier on Security

APRIL 8, 2024

This is a newly discovered email vulnerability: The email your manager received and forwarded to you was something completely innocent, such as a potential customer asking a few questions. All that email was supposed to achieve was being forwarded to you. However, the moment the email appeared in your inbox, it changed. The innocent pretext disappeared and the real phishing email became visible.

Phishing 327

Phishing 327

The Hacker News

APRIL 9, 2024

Microsoft has released security updates for the month of April 2024 to remediate a record 149 flaws, two of which have come under active exploitation in the wild. Of the 149 flaws, three are rated Critical, 142 are rated Important, three are rated Moderate, and one is rated Low in severity.

143

143

Tech Republic Security

APRIL 24, 2024

A new report by cyber security firm Radware identifies the four main impacts of AI on the threat landscape emerging this year.

Hacking 205

Hacking Artificial Intelligence Phishing Malware 205

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

Cybersecurity

Bleeping Computer

APRIL 16, 2024

Cisco warns about a large-scale credential brute-forcing campaign targeting VPN and SSH services on Cisco, CheckPoint, Fortinet, SonicWall, and Ubiquiti devices worldwide. [.

VPN 142

VPN 142

Penetration Testing

APRIL 19, 2024

A recently discovered flaw in the GNU C Library’s (glibc) iconv function (CVE-2024-2961) carries severe implications for web applications built on PHP. This vulnerability, which allows for out-of-bounds memory writes, could enable remote attackers... The post CVE-2024-2961 – glibc Vulnerability Opens Door to PHP Attacks: Patch Immediately appeared first on Penetration Testing.

Penetration Testing 145

Penetration Testing 145

Security Affairs

APRIL 6, 2024

Cisco warns customers of Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers Cross-Site scripting flaw. Cisco warns of a Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 routers Cross-Site scripting (XSS) flaw. The medium severity issue, tracked as CVE-2024-20362 (CVSS score 6.1), resides in the web-based management interface of Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 Routers.

Small Business 144

Small Business VPN Wireless Software 144

Schneier on Security

APRIL 10, 2024

Last week I posted a short memorial of Ross Anderson. The Communications of the ACM asked me to expand it. Here’s the longer version.

Engineering 312

Engineering Cybersecurity 312

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Software