Sat.Sep 14, 2024 - Fri.Sep 20, 2024

article thumbnail

This Windows PowerShell Phish Has Scary Potential

Krebs on Security

Many GitHub users this week received a novel phishing email warning of critical security holes in their code. Those who clicked the link for details were asked to distinguish themselves from bots by pressing a combination of keyboard keys that causes Microsoft Windows to download password-stealing malware. While it’s unlikely that many programmers fell for this scam, it’s notable because less targeted versions of it are likely to be far more successful against the average Windows use

Phishing 320
article thumbnail

Remotely Exploding Pagers

Schneier on Security

Wow. It seems they all exploded simultaneously, which means they were triggered. Were they each tampered with physically, or did someone figure out how to trigger a thermal runaway remotely? Supply chain attack? Malicious code update, or natural vulnerability? I have no idea, but I expect we will all learn over the next few days. EDITED TO ADD: I’m reading nine killed and 2,800 injured.

67
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

From Dreams to Reality: The Magic of 3D Printing, with Elle Hunt

Troy Hunt

I was in my mid-30s before I felt comfortable standing up in front of an audience and talking about technology. Come to think of it, "comfortable" isn't really the right word, as, frankly, it was nerve-racking. This, with my obvious bias as her father, makes it all the more remarkable that Elle was able to do it at NDC Oslo when she was just 11 years old.

article thumbnail

Where Are Governments in Their Zero-Trust Journey?

Lohrman on Security

While the federal government deadline has arrived on implementing a zero-trust cybersecurity model, many state and local governments have committed to zero-trust architecture as well.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Scam ‘Funeral Streaming’ Groups Thrive on Facebook

Krebs on Security

Scammers are flooding Facebook with groups that purport to offer video streaming of funeral services for the recently deceased. Friends and family who follow the links for the streaming services are then asked to cough up their credit card information. Recently, these scammers have branched out into offering fake streaming services for nearly any kind of event advertised on Facebook.

Scams 65
article thumbnail

Clever Social Engineering Attack Using Captchas

Schneier on Security

This is really interesting. It’s a phishing attack targeting GitHub users, tricking them to solve a fake Captcha that actually runs a script that is copied to the command line. Clever.

More Trending

article thumbnail

80% of Critical National Infrastructure Companies Experienced an Email Security Breach in Last Year

Tech Republic Security

Cyber attackers are using malicious emails to infiltrate critical national infrastructure, like utilities, transport, telecommunications, and now data centres.

article thumbnail

Tor anonymity compromised by law enforcement. Is it still safe to use?

Malwarebytes

Despite people generally considering the Tor network as an essential tool for anonymous browsing, german law enforcement agencies have managed to de-anonymize Tor users after putting surveillance on Tor servers for months. Before we go into the what the agencies did, let’s take a look at some basics of Tor. How Tor works On a daily basis, millions of people use the Tor network to browse privately and visit websites on the dark web.

article thumbnail

Python Developers Targeted with Malware During Fake Job Interviews

Schneier on Security

Interesting social engineering attack: luring potential job applicants with fake recruiting pitches, trying to convince them to download malware. From a news article These particular attacks from North Korean state-funded hacking team Lazarus Group are new, but the overall malware campaign against the Python development community has been running since at least August of 2023, when a number of popular open source Python tools were maliciously duplicated with added malware.

Malware 275
article thumbnail

The Mystery of Hezbollah’s Deadly Exploding Pagers

WIRED Threat Level

At least eight people have been killed and more than 2,700 people have been injured in Lebanon by exploding pagers. Experts say the blasts point toward a supply chain compromise, not a cyberattack.

Hacking 145
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

HackerOne: Nearly Half of Security Professionals Believe AI Is Risky

Tech Republic Security

The Hacker-Powered Security Report showed mixed feelings toward AI in the security community, with many seeing leaked training data as a threat.

article thumbnail

New "Raptor Train" IoT Botnet Compromises Over 200,000 Devices Worldwide

The Hacker News

Cybersecurity researchers have uncovered a never-before-seen botnet comprising an army of small office/home office (SOHO) and IoT devices that are likely operated by a Chinese nation-state threat actor called Flax Typhoon (aka Ethereal Panda or RedJuliett).

IoT 145
article thumbnail

FBI Shuts Down Chinese Botnet

Schneier on Security

The FBI has shut down a botnet run by Chinese hackers: The botnet malware infected a number of different types of internet-connected devices around the world, including home routers, cameras, digital video recorders, and NAS drives. Those devices were used to help infiltrate sensitive networks related to universities, government agencies, telecommunications providers, and media organizations… The botnet was launched in mid-2021, according to the FBI, and infected roughly 260,000 devices as

article thumbnail

PoC Exploit Released for Windows Hyper-V Zero-Day Vulnerability CVE-2024-38080

Penetration Testing

Security researcher Pwndorei published a detailed analysis alongside a proof-of-concept (PoC) exploit code for a patched zero-day vulnerability in Windows Hyper-V, tracked as CVE-2024-38080. This critical flaw, already being actively... The post PoC Exploit Released for Windows Hyper-V Zero-Day Vulnerability CVE-2024-38080 appeared first on Cybersecurity News.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

DuckDuckGo Joins AI Chat, Promises Enhanced Anonymity

Tech Republic Security

DuckDuckGo now has AI chat, emphasizing privacy and anonymity. Discover how this new offering aims to protect user data in conversations.

article thumbnail

Tor Project responded to claims that law enforcement can de-anonymize Tor users

Security Affairs

The maintainers of the Tor Project have responded to claims that German police have devised a technique to deanonymize users. The maintainers of the Tor Project have responded to claims that German law enforcement has devised a technique to deanonymize its users. According to German media, law enforcement has infiltrated the anonymizing network and in at least one case they unmasked a criminal.

article thumbnail

Legacy Ivanti Cloud Service Appliance Being Exploited

Schneier on Security

CISA wants everyone—and government agencies in particular—to remove or upgrade an Ivanti Cloud Service Appliance (CSA) that is no longer being supported. Welcome to the security nightmare that is the Internet of Things.

Internet 270
article thumbnail

North Korean Hackers Target Cryptocurrency Users on LinkedIn with RustDoor Malware

The Hacker News

Cybersecurity researchers are continuing to warn about North Korean threat actors' attempts to target prospective victims on LinkedIn to deliver malware called RustDoor.

Malware 144
article thumbnail

The Importance of User Roles and Permissions in Cybersecurity Software

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

article thumbnail

Two-Thirds of Security Leaders Consider Banning AI-Generated Code, Report Finds

Tech Republic Security

Security leaders don’t believe developers check the quality of the AI-generated code with as much rigour as they do their own, according to a report from Venafi.

article thumbnail

Walmart customers scammed via fake shopping lists, threatened with arrest

Malwarebytes

Shopping online or attempting to get in touch with a store is a little bit like walking on a minefield: you might get lucky or take a wrong step and get scammed. Case in point, a malicious ad campaign is abusing Walmart Lis ts , a kind of virtual shopping list customers can share with family and friends, by embedding rogue customer service phone numbers with the appearance and branding of the official Walmart site.

Scams 143
article thumbnail

Upcoming Speaking Engagements

Schneier on Security

This is a current list of where and when I am scheduled to speak: I’m speaking at eCrime 2024 in Boston, Massachusetts, USA. The event runs from September 24 through 26, 2024, and my keynote is at 8:45 AM ET on the 24th. I’m briefly speaking at the EPIC Champion of Freedom Awards in Washington, D.C. on September 25, 2024. I’m speaking at SOSS Fusion 2024 in Atlanta, Georgia, USA.

255
255
article thumbnail

Walkie-Talkies Explode in New Attack on Hezbollah

WIRED Threat Level

In a second attack on Hezbollah members, two-way radios detonated around Lebanon on Wednesday, causing injuries and multiple deaths.

142
142
article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

Australian IT Spending to Surge in 2025: Cybersecurity & AI Focus

Tech Republic Security

Australia's IT spending is set to surge 8.7% in 2025, driven by cybersecurity needs, AI investments, and hardware upgrades as Windows 10 ends.

article thumbnail

Ukraine bans Telegram for government agencies, military, and critical infrastructure

Security Affairs

Ukraine’s NCCC banned the Telegram app for government agencies, military, and critical infrastructure, due to national security concerns. Ukraine’s National Coordination Centre for Cybersecurity (NCCC) has banned the Telegram messaging app on government agencies, military, and critical infrastructure, due to national security concerns. The ban does not affect Ukrainian citizens.

article thumbnail

Microsoft Warns of New INC Ransomware Targeting U.S. Healthcare Sector

The Hacker News

Microsoft has revealed that a financially motivated threat actor has been observed using a ransomware strain called INC for the first time to target the healthcare sector in the U.S. The tech giant's threat intelligence team is tracking the activity under the name Vanilla Tempest (formerly DEV-0832).

article thumbnail

Earth Baxia Uses Spear-Phishing and GeoServer Exploit to Target APAC

Trend Micro

We observed Earth Baxia carrying out targeted attacks against APAC countries that involved advanced techniques like spear-phishing and customized malware, with data suggesting that the group operates from China.

Phishing 140
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Misconfigured ServiceNow Knowledge Bases Expose Confidential Information

Tech Republic Security

AppOmni researchers found over a thousand instances of misconfigured Knowledge Bases where articles could be compromised through Public Widgets.

179
179
article thumbnail

Experts warn of China-linked APT’s Raptor Train IoT Botnet

Security Affairs

Researchers warn of a new IoT botnet called Raptor Train that already compromised over 200,000 devices worldwide. Cybersecurity researchers from Lumen’s Black Lotus Labs discovered a new botnet, named Raptor Train, composed of small office/home office (SOHO) and IoT devices. The experts believe the botnet is controlled by a Chine-linked APT group Flax Typhoon (also called Ethereal Panda or RedJuliett).

IoT 141
article thumbnail

Cybercriminals Exploit HTTP Headers for Credential Theft via Large-Scale Phishing Attacks

The Hacker News

Cybersecurity researchers have warned of ongoing phishing campaigns that abuse refresh entries in HTTP headers to deliver spoofed email login pages that are designed to harvest users' credentials.

Phishing 142
article thumbnail

More Than Two Million Stolen VPN Passwords Discovered

Security Boulevard

More than 2.1 million stolen VPN passwords have been compromised by malware in the past year, highlighting a growing risk for unauthorized access to secure networks, according to a Specops Software report. The post More Than Two Million Stolen VPN Passwords Discovered appeared first on Security Boulevard.

VPN 138
article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!