Sat.Oct 07, 2023 - Fri.Oct 13, 2023

article thumbnail

Cybersecurity Talent in America: Bridging the Gap

Dark Reading

It's past time to reimagine how to best nurture talent and expand recruiting and training to alleviate the shortage of trained cybersecurity staff. We need a diverse talent pool trained for tomorrow's challenges.

article thumbnail

Cisco Can’t Stop Using Hard-Coded Passwords

Schneier on Security

There’s a new Cisco vulnerability in its Emergency Responder product: This vulnerability is due to the presence of static user credentials for the root account that are typically reserved for use during development. An attacker could exploit this vulnerability by using the account to log in to an affected system. A successful exploit could allow the attacker to log in to the affected system and execute arbitrary commands as the root user.

Passwords 358
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Patch Tuesday, October 2023 Edition

Krebs on Security

Microsoft today issued security updates for more than 100 newly-discovered vulnerabilities in its Windows operating system and related software, including four flaws that are already being exploited. In addition, Apple recently released emergency updates to quash a pair of zero-day bugs in iOS. Apple last week shipped emergency updates in iOS 17.0.3 and iPadOS 17.0.3 in response to active attacks.

article thumbnail

Black Hat Fireside Chat: Why using ‘Clean Code’ is paramount in speedy software development

The Last Watchdog

Clean Code’ is a simple concept rooted in common sense. This software writing principle cropped up some 50 years ago and might seem quaint in today’s era of speedy software development. Related: Setting IoT security standards At Black Hat 2023 , I had the chance to visit with Olivier Gaudin , founder and co-CEO, and Johannes Dahse , head of R&D, at SonarSource , a Geneva, Switzerland-based supplier of systems to achieve Clean Code.

Software 231
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

AI With Critical Infrastructure, Smart Glasses and Cyber: What’s the Latest?

Lohrman on Security

There have been several important developments, conferences and speeches on artificial intelligence and cybersecurity trends over the past few months. Here’s a roundup.

article thumbnail

Bounty to Recover NIST’s Elliptic Curve Seeds

Schneier on Security

This is a fun challenge: The NIST elliptic curves that power much of modern cryptography were generated in the late ’90s by hashing seeds provided by the NSA. How were the seeds generated? Rumor has it that they are in turn hashes of English sentences, but the person who picked them, Dr. Jerry Solinas, passed away in early 2023 leaving behind a cryptographic mystery, some conspiracy theories, and an historical password cracking challenge.

Passwords 333

More Trending

article thumbnail

Unlocking Success: Safeguarding Your Business with Cloud-Based Solutions

Jane Frankland

We all know the feeling: ensuring that your business is secure and running efficiently can feel overwhelming. It’s a hard balancing act between protecting valuable data, increasing productivity, controlling costs – especially when technology often seems to be outpacing security measures. But with the range of cloud-based security solutions available today, there doesn’t have to be an underlying fear of losing sensitive information or assets – not with the right solution and partner.

Risk 147
article thumbnail

Rumors of a ‘Global Day of Jihad’ Have Unleashed a Dangerous Wave of Disinformation

WIRED Threat Level

The rapid spread of violent videos and photos, combined with a toxic stew of mis- and disinformation, now threatens to spill over into real-world violence.

145
145
article thumbnail

Model Extraction Attack on Neural Networks

Schneier on Security

Adi Shamir et al. have a new model extraction attack on neural networks: Polynomial Time Cryptanalytic Extraction of Neural Network Models Abstract: Billions of dollars and countless GPU hours are currently spent on training Deep Neural Networks (DNNs) for a variety of tasks. Thus, it is essential to determine the difficulty of extracting all the parameters of such neural networks when given access to their black-box implementations.

307
307
article thumbnail

Australia, New Zealand Enterprises Spend Big on Security — But Will It Be Enough?

Tech Republic Security

Australian and New Zealand businesses will increase spending on cybersecurity by double digits… but they might not be able to spend their way to safety.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Microsoft to Phase Out NTLM in Favor of Kerberos for Stronger Authentication

The Hacker News

Microsoft has announced that it plans to eliminate NT LAN Manager (NTLM) in Windows 11 in the future, as it pivots to alternative methods for authentication and bolster security. "The focus is on strengthening the Kerberos authentication protocol, which has been the default since 2000, and reducing reliance on NT LAN Manager (NTLM)," the tech giant said.

article thumbnail

Ransomlooker, a new tool to track and analyze ransomware groups’ activities

Security Affairs

Ransomlooker monitors ransomware groups’ extortion sites and delivers consolidated feeds of their claims worldwide. Cybernews presented Ransomlooker , a tool to monitor ransomware groups’ extortion sites and delivers consolidated feeds of their claims worldwide. The researchers have created the tool to help cybersecurity experts in their daily jobs by providing real-time updates and actionable insights.

article thumbnail

Hacking the High School Grading System

Schneier on Security

Interesting New York Times article about high-school students hacking the grading system. What’s not helping? The policies many school districts are adopting that make it nearly impossible for low-performing students to fail—they have a grading floor under them, they know it, and that allows them to game the system. Several teachers whom I spoke with or who responded to my questionnaire mentioned policies stating that students cannot get lower than a 50 percent on any assignment, eve

Hacking 290
article thumbnail

F5 Warns Australian IT of Social Engineering Risk Escalation Due to Generative AI

Tech Republic Security

F5 says an artificial intelligence war could start between generative AI-toting bad actors and enterprises guarding data with AI. Australian IT teams will be caught in the crossfire.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

ShellBot Uses Hex IPs to Evade Detection in Attacks on Linux SSH Servers

The Hacker News

The threat actors behind ShellBot are leveraging IP addresses transformed into their hexadecimal notation to infiltrate poorly managed Linux SSH servers and deploy the DDoS malware.

DDOS 145
article thumbnail

Android devices shipped with backdoored firmware as part of the BADBOX network

Security Affairs

Researchers warn that more than 70,000 Android smartphones, CTV boxes, and tablets were shipped with backdoored firmware as part of BADBOX network. Cybersecurity researchers at Human Security discovered a global network of consumer products, dubbed BADBOX, with firmware backdoors installed and sold through a compromised hardware supply chain. The experts reported that at least 74,000 Android-based mobile phones, tablets, and Connected TV boxes worldwide were shipped with the backdoored firmware.

Firmware 145
article thumbnail

ToddyCat: Keep calm and check logs

SecureList

ToddyCat is an advanced APT actor that we described in a previous publication last year. The group started its activities in December 2020 and has been responsible for multiple sets of attacks against high-profile entities in Europe and Asia. Our first publication was focused on their main tools, Ninja Trojan and Samurai Backdoor, and we also described the set of loaders used to launch them.

article thumbnail

Upgrade to Microsoft Windows 11 Home for Just $30 Through 10/15

Tech Republic Security

You can now upgrade up to five computers to Microsoft Windows 11 Home for one low price and get a new sleek interface, advanced tools and enhanced security.

178
178
article thumbnail

The Importance of User Roles and Permissions in Cybersecurity Software

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

article thumbnail

HTTP/2 Rapid Reset Zero-Day Vulnerability Exploited to Launch Record DDoS Attacks

The Hacker News

Amazon Web Services (AWS), Cloudflare, and Google on Tuesday said they took steps to mitigate record-breaking distributed denial-of-service (DDoS) attacks that relied on a novel technique called HTTP/2 Rapid Reset. The layer 7 attacks were detected in late August 2023, the companies said in a coordinated disclosure.

DDOS 145
article thumbnail

Explained: Quishing

Malwarebytes

Quishing is phishing using QR (Quick Response) codes. QR codes are basically two-dimensional barcodes that hold encoded data, and they can be used to work as a link. Point your phone's camera at a QR code and it will ask you if you want to visit the link. The use of QR codes in malicious campaigns is not new, and because they can provide contactless access to a product or service they grew in popularity during the Covid-19 pandemic.

Phishing 144
article thumbnail

White Supremacist Active Clubs Are Breeding on Telegram

WIRED Threat Level

A “friendlier” front for racist extremism has spread rapidly across the US in recent months, as active club channels network on Telegram's encrypted messaging app.

article thumbnail

Private Internet Access VPN: A Comprehensive Review for 2023

Tech Republic Security

When it comes to privacy and security, PIA VPN is among the best. Discover its features, performance, pricing and more with this in-depth review.

VPN 177
article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

Researchers Uncover Malware Posing as WordPress Caching Plugin

The Hacker News

Cybersecurity researchers have shed light on a new sophisticated strain of malware that masquerades as a WordPress plugin to stealthily create administrator accounts and remotely control a compromised site.

Malware 145
article thumbnail

More than 17,000 WordPress websites infected with the Balada Injector in September

Security Affairs

In September more than 17,000 WordPress websites have been compromised by the Balada Injector malware. Sucuri researchers reported that more than 17,000 WordPress websites have been compromised in September with the Balada Injector. The researchers noticed that the number of Balada Injector infections has doubled compared with August. The Balada injector is a malware family that has been active since 2017.

Malware 143
article thumbnail

Google Makes Passkeys Default, Stepping Up Its Push to Kill Passwords

WIRED Threat Level

Google is making passkeys, the emerging passwordless login technology, the default option for users as it moves to make passwords “obsolete.

Passwords 143
article thumbnail

How to Mount Remote Directories with SSH (+Video Tutorial)

Tech Republic Security

Learn how to easily mount remote directories with the help of a more secure SSH tool. Follow along with Jack Wallen in our step-by-step tutorial.

174
174
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

libcue Library Flaw Opens GNOME Linux Systems Vulnerable to RCE Attacks

The Hacker News

A new security flaw has been disclosed in the libcue library impacting GNOME Linux systems that could be exploited to achieve remote code execution (RCE) on affected hosts. Tracked as CVE-2023-43641 (CVSS score: 8.8), the issue is described as a case of memory corruption in libcue, a library designed for parsing cue sheet files. It impacts versions 2.2.1 and prior.

145
145
article thumbnail

The source code of the 2020 variant of HelloKitty ransomware was leaked on a cybercrime forum

Security Affairs

A threat actor has leaked the source code for the first version of the HelloKitty ransomware on a Russian-speaking cybercrime forum. Cybersecurity researchers 3xp0rt reported that a threat actor that goes online with the moniker ‘kapuchin0’ (and also uses the alias Gookee) has leaked the source code of the HelloKitty ransomware on the XSS forum. kapuchin0 claims that the leaked code is the first breach of the HelloKitty ransomware.

article thumbnail

23andMe user data stolen, offered for sale

Malwarebytes

Information belonging to as many as seven million 23andMe customers has been put up for sale on criminal forums following a credential stuffing attack against the genomics company. On Friday October 6, 2023, 23andMe confirmed via a somewhat opaque blog post that threat actors had "obtained information from certain accounts, including information about users’ DNA Relatives profiles.

Passwords 143
article thumbnail

Is Rapid Data Recovery the Best Hope Australia Has for a Win Against Ransomware?

Tech Republic Security

The success of cyber attacks in Australia could make an "assume-breach" approach to cyber security inevitable and cause IT teams to shift their focus to protecting data backups at all costs.

Backups 171
article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!