Sat.Nov 02, 2024 - Fri.Nov 08, 2024

article thumbnail

AIs Discovering Vulnerabilities

Schneier on Security

I’ve been writing about the possibility of AIs automatically discovering code vulnerabilities since at least 2018. This is an ongoing area of research: AIs doing source code scanning, AIs finding zero-days in the wild, and everything in between. The AIs aren’t very good at it yet, but they’re getting better. Here’s some anecdotal data from this summer: Since July 2024, ZeroPath is taking a novel approach combining deep program analysis with adversarial AI agents for valid

Software 296
article thumbnail

Canadian Man Arrested in Snowflake Data Extortions

Krebs on Security

A 26-year-old man in Ontario, Canada has been arrested for allegedly stealing data from and extorting more than 160 companies that used the cloud data service Snowflake. Image: [link] On October 30, Canadian authorities arrested Alexander Moucka, a.k.a. Connor Riley Moucka of Kitchener, Ontario, on a provisional arrest warrant from the United States.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Government Implications from the ISC2 2024 Cyber Workforce Study

Lohrman on Security

ISC2 just released their 2024 cyber workforce report, and the key findings are eye-opening for public-sector employees. Here’s what you need to know.

article thumbnail

Software Makers Encouraged to Stop Using C/C++ by 2026

Tech Republic Security

The Cybersecurity and Infrastructure Security Agency and Federal Bureau of Investigation assert that C, C++, and other memory-unsafe languages contribute to potential security breaches.

Software 212
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Subverting LLM Coders

Schneier on Security

Really interesting research: “ An LLM-Assisted Easy-to-Trigger Backdoor Attack on Code Completion Models: Injecting Disguised Vulnerabilities against Strong Detection “: Abstract : Large Language Models (LLMs) have transformed code com- pletion tasks, providing context-based suggestions to boost developer productivity in software engineering.

article thumbnail

Warning: Hackers could take over your email account by stealing cookies, even if you have MFA

Malwarebytes

The Federal Bureau of Investigation (FBI) has issued a warning that cybercriminals are taking over email accounts via stolen session cookies, allowing them to bypass the multi-factor authentication (MFA) a user has set up. Here’s how it works. Most of us don’t think twice about checking the “Remember me” box when we log in. When you log in and the server has verified your authentication—straight away or after using MFA–the server creates a session and generates a unique session ID.

More Trending

article thumbnail

AI-Assisted Attacks Top Cyber Threat For Third Consecutive Quarter, Gartner Finds

Tech Republic Security

AI-enhanced malicious attacks are a top concern for 80% of executives, and for good reason, as there is a lot of evidence that bad actors are exploiting the technology.

article thumbnail

IoT Devices in Password-Spraying Botnet

Schneier on Security

Microsoft is warning Azure cloud users that a Chinese controlled botnet is engaging in “highly evasive” password spraying. Not sure about the “highly evasive” part; the techniques seem basically what you get in a distributed password-guessing attack: “Any threat actor using the CovertNetwork-1658 infrastructure could conduct password spraying campaigns at a larger scale and greatly increase the likelihood of successful credential compromise and initial access to mul

Passwords 289
article thumbnail

Chinese threat actors use Quad7 botnet in password-spray attacks

Security Affairs

Microsoft warns Chinese threat actors are using the Quad7 botnet to carry out password-spray attacks and steal credentials. Chinese threat actors use the Quad7 botnet in password-spray attacks to steal credentials, Microsoft warns. Quad7 botnet, also known as CovertNetwork-1658 or xlogin, was first spotted in the summer of 2023 by security researcher Gi7w0rm.

Passwords 139
article thumbnail

Update your Android: Google patches two zero-day vulnerabilities

Malwarebytes

Google has announced patches for several high severity vulnerabilities. In total, 51 vulnerabilities have been patched in November’s updates, two of which are under limited, active exploitation by cybercriminals. If your Android phone shows patch level 2024-11-05 or later then the issues discussed below have been fixed. The updates have been made available for Android 12, 12L, 13, 14, and 15.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

VMware Explore Barcelona 2024: Tanzu Platform 10 Enters General Availability

Tech Republic Security

About a year after Broadcom’s acquisition of VMware, the company released VMware Tanzu Data Services to make connections to some third-party data engines easier.

article thumbnail

AI Industry is Trying to Subvert the Definition of “Open Source AI”

Schneier on Security

The Open Source Initiative has published (news article here ) its definition of “open source AI,” and it’s terrible. It allows for secret training data and mechanisms. It allows for development to be done in secret. Since for a neural network, the training data is the source code—it’s how the model gets programmed—the definition makes no sense.

article thumbnail

Synology fixed critical flaw impacting millions of DiskStation and BeePhotos NAS devices

Security Affairs

Synology addressed a critical vulnerability in DiskStation and BeePhotos NAS devices that could lead to remote code execution. Taiwanese vendor Synology has addressed a critical security vulnerability, tracked as CVE-2024-10443, that impacts DiskStation and BeePhotos. An attacker can exploit the flaw without any user interaction and successful exploitation of this flaw could lead to remote code execution.

Firmware 131
article thumbnail

Crooks bank on Microsoft’s search engine to phish customers

Malwarebytes

We identified a new wave of phishing for banking credentials that targets consumers via Microsoft’s search engine. A Bing search query for ‘Keybank login’ currently returns malicious links on the first page, and sometimes as the top search result. We have reported the fraudulent sites to Microsoft already. While Microsoft’s Bing only has about 4% of the search engine market share , crooks are drawn to it as an alternative to Google.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

How AI Is Changing the Cloud Security and Risk Equation

Tech Republic Security

Discover how AI amplifies cloud security risks and how to mitigate them, with insights from Tenable’s Liat Hayun on managing data sensitivity, misconfigurations, and over-privileged access.

Risk 187
article thumbnail

Sophos Versus the Chinese Hackers

Schneier on Security

Really interesting story of Sophos’s five-year war against Chinese hackers.

Hacking 262
article thumbnail

PTZOptics cameras zero-days actively exploited in the wild

Security Affairs

Hackers are exploiting two zero-day vulnerabilities, tracked as CVE-2024-8956 and CVE-2024-8957, in PTZOptics cameras. Threat actors are attempting to exploit two zero-day vulnerabilities, tracked as CVE-2024-8956 and CVE-2024-8957 , in PTZOptics pan-tilt-zoom (PTZ) live streaming cameras, GretNoise researchers warn. GreyNoise discovered the two flaws while investigating the use of an exploit detected by its LLM-powered threat-hunting tool Sift.

Firmware 128
article thumbnail

New SteelFox Trojan mimics software activators, stealing sensitive data and mining cryptocurrency

SecureList

Introduction In August 2024, our team identified a new crimeware bundle, which we named “SteelFox” Delivered via sophisticated execution chains including shellcoding, this threat abuses Windows services and drivers. It spreads via forums posts, torrent trackers and blogs, imitating popular software like Foxit PDF Editor and AutoCAD. It also uses stealer malware to extract the victim’s credit card data as well as details about the infected device.

Software 125
article thumbnail

The Importance of User Roles and Permissions in Cybersecurity Software

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

article thumbnail

Increasing Awareness of DNS Hijacking: A Growing Cyber Threat

Tech Republic Security

DNS hijacking is a growing threat that can redirect users to malicious sites. However, using passive DNS monitoring can help to protect data.

DNS 183
article thumbnail

City of Columbus breach affects around half a million citizens

Malwarebytes

A ransomware attack against the City of Columbus, Ohio—which drew public scrutiny following the city government’s attempt to silence a researcher who told the public about the attack—has received a little more detail from an unexpected source: The Attorney General for the state of Maine. In a data breach notification filed by the Attorney General for the state of Maine, the cybersecurity incident that affected Columbus, Ohio impacted half a million people.

article thumbnail

U.S. CISA adds Palo Alto Expedition, Android, CyberPanel and Nostromo nhttpd bugs to its Known Exploited Vulnerabilities catalog

Security Affairs

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Palo Alto Expedition, Android, CyberPanel and Nostromo nhttpd bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog : CVE-2024-43093 Android Framework Privilege Escalation Vulnerability CVE-2024-51567 CyberPanel Incorrect Default Permissions Vulnerability CVE-2019-16278 Nostro

Firewall 132
article thumbnail

Columbus Ransomware Attack Exposes 500,000+ Residents’ Data: How to Stay Safe

eSecurity Planet

In a stunning blow to the city’s cybersecurity defenses, Columbus, Ohio, recently became the target of a massive cyberattack that exposed over half a million residents’ sensitive information. Following a July 18 attack by the Rhysida ransomware group — believed to have Russian affiliations — Columbus is still reeling from the exposure of vast amounts of sensitive resident data.

article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

How to Become a Chief Information Officer: CIO Cheat Sheet

Tech Republic Security

If you want to pursue a path toward becoming a CIO, here's your guide to salaries, job markets, skills and common interview questions.

Marketing 176
article thumbnail

SYS01 Infostealer Campaign Exploits Meta Ads to Target Millions Worldwide

Penetration Testing

In a world increasingly dependent on online advertising, cybercriminals have seized an opportunity to exploit Meta’s vast advertising ecosystem. Bitdefender Labs has released an alarming report detailing the “SYS01 Infostealer”... The post SYS01 Infostealer Campaign Exploits Meta Ads to Target Millions Worldwide appeared first on Cybersecurity News.

article thumbnail

Sophos details five years of China-linked threat actors’ activity targeting network devices worldwide

Security Affairs

Sophos used custom implants to monitor China-linked thret actors targeting firewall zero-days in a years-long battle. Sophos revealed a years-long “cat-and-mouse” battle with China-linked threat actors, using custom implants to track the attackers’ activities. Since 2018, Sophos has faced increasingly aggressive campaigns, including the India-based Sophos subsidiary Cyberoam, where attackers exploited a wall-mounted display for initial access.

Firmware 128
article thumbnail

Video: 2.9 Billion Records Compromised in NPD Breach – Recap

eSecurity Planet

In this video, we explore the alarming details surrounding the largest data breach ever, which has exposed an astonishing 2.9 billion records linked to the National Public Data (NPD) breach. This event has compromised sensitive information for nearly half of the global population, including Social Security numbers and personal family details, raising significant concerns about data security and individual safety.

article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Top Vulnerability Management Tools: Reviews & Comparisons 2024

Tech Republic Security

Discover the best vulnerability management tools of 2024. Compare top solutions, explore features and benefits, and find expert reviews to guide your choice.

162
162
article thumbnail

How Cybersecurity Training Must Adapt to a New Era of Threats

Security Boulevard

We have entered a new era of cyberthreats, and employees must be equipped to defend the company from more cunning and effective attacks than ever. The post How Cybersecurity Training Must Adapt to a New Era of Threats appeared first on Security Boulevard.

article thumbnail

Palo Alto Networks warns of potential RCE in PAN-OS management interface

Security Affairs

Palo Alto Networks warns customers to restrict access to their next-generation firewalls because of a potential RCE flaw in the PAN-OS management interface. Palo Alto Networks warns customers to limit access to their next-gen firewall management interface due to a potential remote code execution vulnerability in PAN-OS. The cybersecurity company has no further details on the vulnerability and said has yet to detect active exploitation. “Palo Alto Networks is aware of a claim of a remote co

Firewall 123
article thumbnail

CVE-2024-10470 (CVSS 9.8) in Popular WordPress Theme Exposes Thousands of Sites

Penetration Testing

A critical vulnerability, tagged as CVE-2024-10470, has been identified in WPLMS, a WordPress premium theme widely used for online course management. Security researcher István Márton at Wordfence reported that this... The post CVE-2024-10470 (CVSS 9.8) in Popular WordPress Theme Exposes Thousands of Sites appeared first on Cybersecurity News.

article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!