Schneier on Security

NOVEMBER 5, 2024

I’ve been writing about the possibility of AIs automatically discovering code vulnerabilities since at least 2018. This is an ongoing area of research: AIs doing source code scanning, AIs finding zero-days in the wild, and everything in between. The AIs aren’t very good at it yet, but they’re getting better. Here’s some anecdotal data from this summer: Since July 2024, ZeroPath is taking a novel approach combining deep program analysis with adversarial AI agents for valid

Software 296

Software Artificial Intelligence 296

Krebs on Security

NOVEMBER 5, 2024

A 26-year-old man in Ontario, Canada has been arrested for allegedly stealing data from and extorting more than 160 companies that used the cloud data service Snowflake. Image: [link] On October 30, Canadian authorities arrested Alexander Moucka, a.k.a. Connor Riley Moucka of Kitchener, Ontario, on a provisional arrest warrant from the United States.

Cybercrime 255

Cybercrime Mobile Media Telecommunications 255

Lohrman on Security

NOVEMBER 3, 2024

ISC2 just released their 2024 cyber workforce report, and the key findings are eye-opening for public-sector employees. Here’s what you need to know.

Government 261

Government 261

Tech Republic Security

NOVEMBER 4, 2024

The Cybersecurity and Infrastructure Security Agency and Federal Bureau of Investigation assert that C, C++, and other memory-unsafe languages contribute to potential security breaches.

Software 212

Software Cybersecurity Passwords 212

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

Schneier on Security

NOVEMBER 7, 2024

Really interesting research: “ An LLM-Assisted Easy-to-Trigger Backdoor Attack on Code Completion Models: Injecting Disguised Vulnerabilities against Strong Detection “: Abstract : Large Language Models (LLMs) have transformed code com- pletion tasks, providing context-based suggestions to boost developer productivity in software engineering.

Engineering 246

Engineering Software Artificial Intelligence 246

Malwarebytes

NOVEMBER 5, 2024

The Federal Bureau of Investigation (FBI) has issued a warning that cybercriminals are taking over email accounts via stolen session cookies, allowing them to bypass the multi-factor authentication (MFA) a user has set up. Here’s how it works. Most of us don’t think twice about checking the “Remember me” box when we log in. When you log in and the server has verified your authentication—straight away or after using MFA–the server creates a session and generates a unique session ID.

Accountability 145

Accountability Authentication Malware Banking 145

Tech Republic Security

NOVEMBER 6, 2024

AI-enhanced malicious attacks are a top concern for 80% of executives, and for good reason, as there is a lot of evidence that bad actors are exploiting the technology.

Cyber threats 191

Cyber threats Technology Artificial Intelligence Cybersecurity 191

Schneier on Security

NOVEMBER 6, 2024

Microsoft is warning Azure cloud users that a Chinese controlled botnet is engaging in “highly evasive” password spraying. Not sure about the “highly evasive” part; the techniques seem basically what you get in a distributed password-guessing attack: “Any threat actor using the CovertNetwork-1658 infrastructure could conduct password spraying campaigns at a larger scale and greatly increase the likelihood of successful credential compromise and initial access to mul

Passwords 289

Passwords IoT Accountability Internet 289

Security Affairs

NOVEMBER 3, 2024

Microsoft warns Chinese threat actors are using the Quad7 botnet to carry out password-spray attacks and steal credentials. Chinese threat actors use the Quad7 botnet in password-spray attacks to steal credentials, Microsoft warns. Quad7 botnet, also known as CovertNetwork-1658 or xlogin, was first spotted in the summer of 2023 by security researcher Gi7w0rm.

Passwords 139

Passwords Wireless VPN Accountability 139

Malwarebytes

NOVEMBER 6, 2024

Google has announced patches for several high severity vulnerabilities. In total, 51 vulnerabilities have been patched in November’s updates, two of which are under limited, active exploitation by cybercriminals. If your Android phone shows patch level 2024-11-05 or later then the issues discussed below have been fixed. The updates have been made available for Android 12, 12L, 13, 14, and 15.

Encryption 141

Encryption Mobile Technology Software 141

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

Tech Republic Security

NOVEMBER 5, 2024

About a year after Broadcom’s acquisition of VMware, the company released VMware Tanzu Data Services to make connections to some third-party data engines easier.

Engineering 189

Engineering Artificial Intelligence Software 189

Schneier on Security

NOVEMBER 8, 2024

The Open Source Initiative has published (news article here ) its definition of “open source AI,” and it’s terrible. It allows for secret training data and mechanisms. It allows for development to be done in secret. Since for a neural network, the training data is the source code—it’s how the model gets programmed—the definition makes no sense.

Artificial Intelligence 337

Artificial Intelligence 337

Security Affairs

NOVEMBER 6, 2024

Synology addressed a critical vulnerability in DiskStation and BeePhotos NAS devices that could lead to remote code execution. Taiwanese vendor Synology has addressed a critical security vulnerability, tracked as CVE-2024-10443, that impacts DiskStation and BeePhotos. An attacker can exploit the flaw without any user interaction and successful exploitation of this flaw could lead to remote code execution.

Firmware 132

Firmware Manufacturing Hacking Media 132

Malwarebytes

NOVEMBER 4, 2024

We identified a new wave of phishing for banking credentials that targets consumers via Microsoft’s search engine. A Bing search query for ‘Keybank login’ currently returns malicious links on the first page, and sometimes as the top search result. We have reported the fraudulent sites to Microsoft already. While Microsoft’s Bing only has about 4% of the search engine market share , crooks are drawn to it as an alternative to Google.

Engineering 137

Engineering Phishing Banking Authentication 137

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

Tech Republic Security

NOVEMBER 4, 2024

Discover how AI amplifies cloud security risks and how to mitigate them, with insights from Tenable’s Liat Hayun on managing data sensitivity, misconfigurations, and over-privileged access.

Risk 187

Risk Artificial Intelligence 187

Schneier on Security

NOVEMBER 4, 2024

Really interesting story of Sophos’s five-year war against Chinese hackers.

Hacking 262

Hacking 262

Security Affairs

NOVEMBER 2, 2024

Hackers are exploiting two zero-day vulnerabilities, tracked as CVE-2024-8956 and CVE-2024-8957, in PTZOptics cameras. Threat actors are attempting to exploit two zero-day vulnerabilities, tracked as CVE-2024-8956 and CVE-2024-8957 , in PTZOptics pan-tilt-zoom (PTZ) live streaming cameras, GretNoise researchers warn. GreyNoise discovered the two flaws while investigating the use of an exploit detected by its LLM-powered threat-hunting tool Sift.

Firmware 129

Firmware Manufacturing Healthcare IoT 129

SecureList

NOVEMBER 6, 2024

Introduction In August 2024, our team identified a new crimeware bundle, which we named “SteelFox” Delivered via sophisticated execution chains including shellcoding, this threat abuses Windows services and drivers. It spreads via forums posts, torrent trackers and blogs, imitating popular software like Foxit PDF Editor and AutoCAD. It also uses stealer malware to extract the victim’s credit card data as well as details about the infected device.

Software 125

Software Cryptocurrency Malware DNS 125

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Tech Republic Security

NOVEMBER 6, 2024

DNS hijacking is a growing threat that can redirect users to malicious sites. However, using passive DNS monitoring can help to protect data.

DNS 183

DNS Cyber threats 183

Malwarebytes

NOVEMBER 4, 2024

A ransomware attack against the City of Columbus, Ohio—which drew public scrutiny following the city government’s attempt to silence a researcher who told the public about the attack—has received a little more detail from an unexpected source: The Attorney General for the state of Maine. In a data breach notification filed by the Attorney General for the state of Maine, the cybersecurity incident that affected Columbus, Ohio impacted half a million people.

Data breaches 128

Data breaches Passwords Ransomware Phishing 128

Security Affairs

NOVEMBER 7, 2024

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Palo Alto Expedition, Android, CyberPanel and Nostromo nhttpd bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog : CVE-2024-43093 Android Framework Privilege Escalation Vulnerability CVE-2024-51567 CyberPanel Incorrect Default Permissions Vulnerability CVE-2019-16278 Nostro

Firewall 133

Firewall Authentication Accountability Risk 133

eSecurity Planet

NOVEMBER 6, 2024

In a stunning blow to the city’s cybersecurity defenses, Columbus, Ohio, recently became the target of a massive cyberattack that exposed over half a million residents’ sensitive information. Following a July 18 attack by the Rhysida ransomware group — believed to have Russian affiliations — Columbus is still reeling from the exposure of vast amounts of sensitive resident data.

Ransomware 112

Ransomware Authentication Identity Theft Penetration Testing 112

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Tech Republic Security

NOVEMBER 5, 2024

If you want to pursue a path toward becoming a CIO, here's your guide to salaries, job markets, skills and common interview questions.

Marketing 176

Marketing Big data Technology 176

Penetration Testing

NOVEMBER 2, 2024

In a world increasingly dependent on online advertising, cybercriminals have seized an opportunity to exploit Meta’s vast advertising ecosystem. Bitdefender Labs has released an alarming report detailing the “SYS01 Infostealer”... The post SYS01 Infostealer Campaign Exploits Meta Ads to Target Millions Worldwide appeared first on Cybersecurity News.

Advertising 137

Advertising Cybersecurity Malware 137

Security Affairs

NOVEMBER 2, 2024

Sophos used custom implants to monitor China-linked thret actors targeting firewall zero-days in a years-long battle. Sophos revealed a years-long “cat-and-mouse” battle with China-linked threat actors, using custom implants to track the attackers’ activities. Since 2018, Sophos has faced increasingly aggressive campaigns, including the India-based Sophos subsidiary Cyberoam, where attackers exploited a wall-mounted display for initial access.

Firmware 129

Firmware Government Firewall Malware 129

eSecurity Planet

NOVEMBER 6, 2024

In this video, we explore the alarming details surrounding the largest data breach ever, which has exposed an astonishing 2.9 billion records linked to the National Public Data (NPD) breach. This event has compromised sensitive information for nearly half of the global population, including Social Security numbers and personal family details, raising significant concerns about data security and individual safety.

Data breaches 120

Data breaches Cyber threats Cybersecurity 120

Advertisement

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

Software

Tech Republic Security

NOVEMBER 8, 2024

Discover the best vulnerability management tools of 2024. Compare top solutions, explore features and benefits, and find expert reviews to guide your choice.

162

162

Security Boulevard

NOVEMBER 5, 2024

We have entered a new era of cyberthreats, and employees must be equipped to defend the company from more cunning and effective attacks than ever. The post How Cybersecurity Training Must Adapt to a New Era of Threats appeared first on Security Boulevard.

Cybersecurity 131

Cybersecurity Security Awareness 131

Security Affairs

NOVEMBER 8, 2024

Palo Alto Networks warns customers to restrict access to their next-generation firewalls because of a potential RCE flaw in the PAN-OS management interface. Palo Alto Networks warns customers to limit access to their next-gen firewall management interface due to a potential remote code execution vulnerability in PAN-OS. The cybersecurity company has no further details on the vulnerability and said has yet to detect active exploitation. “Palo Alto Networks is aware of a claim of a remote co

Firewall 125

Firewall Authentication Internet Internet 125

Penetration Testing

NOVEMBER 8, 2024

A critical vulnerability, tagged as CVE-2024-10470, has been identified in WPLMS, a WordPress premium theme widely used for online course management. Security researcher István Márton at Wordfence reported that this... The post CVE-2024-10470 (CVSS 9.8) in Popular WordPress Theme Exposes Thousands of Sites appeared first on Cybersecurity News.

Cybersecurity 145

Cybersecurity 145

Advertisement

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

Cybersecurity