Sat.Nov 02, 2024 - Fri.Nov 08, 2024

article thumbnail

AIs Discovering Vulnerabilities

Schneier on Security

I’ve been writing about the possibility of AIs automatically discovering code vulnerabilities since at least 2018. This is an ongoing area of research: AIs doing source code scanning, AIs finding zero-days in the wild, and everything in between. The AIs aren’t very good at it yet, but they’re getting better. Here’s some anecdotal data from this summer: Since July 2024, ZeroPath is taking a novel approach combining deep program analysis with adversarial AI agents for valid

Software 277
article thumbnail

Canadian Man Arrested in Snowflake Data Extortions

Krebs on Security

A 26-year-old man in Ontario, Canada has been arrested for allegedly stealing data from and extorting more than 160 companies that used the cloud data service Snowflake. Image: [link] On October 30, Canadian authorities arrested Alexander Moucka, a.k.a. Connor Riley Moucka of Kitchener, Ontario, on a provisional arrest warrant from the United States.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Government Implications from the ISC2 2024 Cyber Workforce Study

Lohrman on Security

ISC2 just released their 2024 cyber workforce report, and the key findings are eye-opening for public-sector employees. Here’s what you need to know.

article thumbnail

Software Makers Encouraged to Stop Using C/C++ by 2026

Tech Republic Security

The Cybersecurity and Infrastructure Security Agency and Federal Bureau of Investigation assert that C, C++, and other memory-unsafe languages contribute to potential security breaches.

Software 211
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Subverting LLM Coders

Schneier on Security

Really interesting research: “ An LLM-Assisted Easy-to-Trigger Backdoor Attack on Code Completion Models: Injecting Disguised Vulnerabilities against Strong Detection “: Abstract : Large Language Models (LLMs) have transformed code com- pletion tasks, providing context-based suggestions to boost developer productivity in software engineering.

article thumbnail

Weekly Update 425

Troy Hunt

This was a much longer than usual update, largely due to the amount of time spent discussing the Earth 2 incident. As I said in the video (many times!), the amount of attention this has garnered from both Earth 2 users and the company itself is incommensurate with the impact of the incident itself. It's a nothing-burger. Email addresses and usernames, that's it, and of course, their association with the service, which may lead to some very targeted spam or phishing attempts.

More Trending

article thumbnail

AI-Assisted Attacks Top Cyber Threat For Third Consecutive Quarter, Gartner Finds

Tech Republic Security

AI-enhanced malicious attacks are a top concern for 80% of executives, and for good reason, as there is a lot of evidence that bad actors are exploiting the technology.

article thumbnail

AI Industry is Trying to Subvert the Definition of “Open Source AI”

Schneier on Security

The Open Source Initiative has published (news article here ) its definition of “open source AI,” and it’s terrible. It allows for secret training data and mechanisms. It allows for development to be done in secret. Since for a neural network, the training data is the source code—it’s how the model gets programmed—the definition makes no sense.

article thumbnail

Weekly Update 424

Troy Hunt

I have really clear memories of listening to the Stack Overflow podcast in the late 2000's and hearing Jeff and Joel talk about the various challenges they were facing and the things they did to overcome them. I just suddenly thought of that when realising how long this week's video went for with no real plan other than to talk about our HIBP backlog.

207
207
article thumbnail

Air fryers are the latest surveillance threat you didn’t consider

Malwarebytes

Consumer group Which? has warned shoppers to be selective when it comes to buying smart air fryers from Xiaomi, Cosori, and Aigostar. We’ve learned to expect that “smart” appliances come with privacy risks— toothbrushes aside —but I really hadn’t given my air fryer any thought. Now things are about to change. You don’t need to worry about the air fryers sending reports about your eating habits to your healthcare provider just yet.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

VMware Explore Barcelona 2024: Tanzu Platform 10 Enters General Availability

Tech Republic Security

About a year after Broadcom’s acquisition of VMware, the company released VMware Tanzu Data Services to make connections to some third-party data engines easier.

article thumbnail

IoT Devices in Password-Spraying Botnet

Schneier on Security

Microsoft is warning Azure cloud users that a Chinese controlled botnet is engaging in “highly evasive” password spraying. Not sure about the “highly evasive” part; the techniques seem basically what you get in a distributed password-guessing attack: “Any threat actor using the CovertNetwork-1658 infrastructure could conduct password spraying campaigns at a larger scale and greatly increase the likelihood of successful credential compromise and initial access to mul

Passwords 256
article thumbnail

ZoneMinder’s CVE-2024-51482: A 10/10 Severity Vulnerability Exposes SQL Databases

Penetration Testing

A newly identified security vulnerability in ZoneMinder, a popular open-source video surveillance platform, could allow attackers to gain control over SQL databases, compromising data confidentiality and system integrity. This flaw,... The post ZoneMinder’s CVE-2024-51482: A 10/10 Severity Vulnerability Exposes SQL Databases appeared first on Cybersecurity News.

article thumbnail

Warning: Hackers could take over your email account by stealing cookies, even if you have MFA

Malwarebytes

The Federal Bureau of Investigation (FBI) has issued a warning that cybercriminals are taking over email accounts via stolen session cookies, allowing them to bypass the multi-factor authentication (MFA) a user has set up. Here’s how it works. Most of us don’t think twice about checking the “Remember me” box when we log in. When you log in and the server has verified your authentication—straight away or after using MFA–the server creates a session and generates a unique session ID.

article thumbnail

The Importance of User Roles and Permissions in Cybersecurity Software

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

article thumbnail

How to Become a Chief Information Officer: CIO Cheat Sheet

Tech Republic Security

If you want to pursue a path toward becoming a CIO, here's your guide to salaries, job markets, skills and common interview questions.

Marketing 166
article thumbnail

Prompt Injection Defenses Against LLM Cyberattacks

Schneier on Security

Interesting research: “ Hacking Back the AI-Hacker: Prompt Injection as a Defense Against LLM-driven Cyberattacks “: Large language models (LLMs) are increasingly being harnessed to automate cyberattacks, making sophisticated exploits more accessible and scalable. In response, we propose a new defense strategy tailored to counter LLM-driven cyberattacks.

Hacking 250
article thumbnail

FBI Seeks Public Help to Identify Chinese Hackers Behind Global Cyber Intrusions

The Hacker News

The U.S. Federal Bureau of Investigation (FBI) has sought assistance from the public in connection with an investigation involving the breach of edge devices and computer networks belonging to companies and government entities.

article thumbnail

FBI arrested former Disney World employee for hacking computer menus and mislabeling allergy info

Security Affairs

A former Disney World employee hacked servers after being fired, altering prices, adding profanities, and mislabeling allergy info. A former Walt Disney World employee hacked servers after being fired by the company. He is accused of changing prices, adding profanities, and falsely labeling items as allergy-safe. The FBI arrested the man last week, falsely declaring some items as allergy-safe could put the lives of visitors at risk.

Hacking 139
article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

How AI Is Changing the Cloud Security and Risk Equation

Tech Republic Security

Discover how AI amplifies cloud security risks and how to mitigate them, with insights from Tenable’s Liat Hayun on managing data sensitivity, misconfigurations, and over-privileged access.

Risk 150
article thumbnail

Sophos Versus the Chinese Hackers

Schneier on Security

Really interesting story of Sophos’s five-year war against Chinese hackers.

Hacking 244
article thumbnail

CISA Alerts to Active Exploitation of Critical Palo Alto Networks Vulnerability

The Hacker News

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a now-patched critical security flaw impacting Palo Alto Networks Expedition to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2024-5910 (CVSS score: 9.

article thumbnail

CrossBarking Vulnerability in Opera Browser Allows Malicious Extensions to Hijack User Accounts

Penetration Testing

Guardio Labs has unveiled a critical security flaw in the Opera browser, dubbed “CrossBarking,” which allows malicious extensions to bypass security protocols and exploit Private APIs. This vulnerability grants attackers... The post CrossBarking Vulnerability in Opera Browser Allows Malicious Extensions to Hijack User Accounts appeared first on Cybersecurity News.

article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Increasing Awareness of DNS Hijacking: A Growing Cyber Threat

Tech Republic Security

DNS hijacking is a growing threat that can redirect users to malicious sites. However, using passive DNS monitoring can help to protect data.

DNS 164
article thumbnail

How Cybersecurity Training Must Adapt to a New Era of Threats

Security Boulevard

We have entered a new era of cyberthreats, and employees must be equipped to defend the company from more cunning and effective attacks than ever. The post How Cybersecurity Training Must Adapt to a New Era of Threats appeared first on Security Boulevard.

article thumbnail

INTERPOL Disrupts Over 22,000 Malicious Servers in Global Crackdown on Cybercrime

The Hacker News

INTERPOL on Tuesday said it took down more than 22,000 malicious servers linked to various cyber threats as part of a global operation. Dubbed Operation Synergia II, the coordinated effort ran from April 1 to August 31, 2024, targeting phishing, ransomware, and information stealer infrastructure.

article thumbnail

Life on a crooked RedLine: Analyzing the infamous infostealer’s backend

We Live Security

Following the takedown of RedLine Stealer by international authorities, ESET researchers are publicly releasing their research into the infostealer’s backend modules

130
130
article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

article thumbnail

Top Vulnerability Management Tools: Reviews & Comparisons 2024

Tech Republic Security

Discover the best vulnerability management tools of 2024. Compare top solutions, explore features and benefits, and find expert reviews to guide your choice.

138
138
article thumbnail

PoC Exploit Releases for Critical Symlink Flaw in Apple’s iOS – CVE-2024-44258

Penetration Testing

In a recent analysis, cybersecurity researchers Hichem Maloufi and Christian Mina detailed CVE-2024-44258, a symlink vulnerability affecting Apple’s ManagedConfiguration framework and the profiled daemon. This vulnerability allows attackers to manipulate... The post PoC Exploit Releases for Critical Symlink Flaw in Apple’s iOS – CVE-2024-44258 appeared first on Cybersecurity News.

article thumbnail

Palo Alto Advises Securing PAN-OS Interface Amid Potential RCE Threat Concerns

The Hacker News

Palo Alto Networks on Friday issued an informational advisory urging customers to ensure that access to the PAN-OS management interface is secured because of a potential remote code execution vulnerability. "Palo Alto Networks is aware of a claim of a remote code execution vulnerability via the PAN-OS management interface," the company said.

121
121
article thumbnail

ESET APT Activity Report Q2 2024–Q3 2024

We Live Security

This issue of the ESET APT Activity Report reviews notable activities of threat actors that were documented by ESET researchers from April 2024 until the end of September 2024.

126
126
article thumbnail

Cybersecurity Predictions for 2024

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.