Sat.Nov 04, 2023 - Fri.Nov 10, 2023

article thumbnail

Hackers, Scrapers & Fakers: What's Really Inside the Latest LinkedIn Dataset

Troy Hunt

I like to think of investigating data breaches as a sort of scientific search for truth. You start out with a theory (a set of data coming from an alleged source), but you don't have a vested interested in whether the claim is true or not, rather you follow the evidence and see where it leads. Verification that supports the alleged source is usually quite straightforward , but disproving a claim can be a rather time consuming exercise, especially when a dataset contains fragments of truth m

article thumbnail

Spaf on the Morris Worm

Schneier on Security

Gene Spafford wrote an essay reflecting on the Morris Worm of 1988—35 years ago. His lessons from then are still applicable today.

Malware 317
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Who’s Behind the SWAT USA Reshipping Service?

Krebs on Security

Last week, KrebsOnSecurity broke the news that one of the largest cybercrime services for laundering stolen merchandise was hacked recently, exposing its internal operations, finances and organizational structure. In today’s Part II, we’ll examine clues about the real-life identity of “ Fearlless ,” the nickname chosen by the proprietor of the SWAT USA Drops service.

Passwords 276
article thumbnail

Decoupled SIEM: Brilliant or Stupid?

Anton on Security

Frankly, not sure why I am writing this, I get a sense that this esoteric topic is of interest to a very small number of people. But hey … LinkedIn made me do it :-) And many of those few people are my friends or at least close industry peers. So, the topic is so-called “decoupled SIEM” (I probably made up the term, but …hey… at least this is not an acronym like EDR so YMMV).

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Google Cloud’s Cybersecurity Trends to Watch in 2024 Include Generative AI-Based Attacks

Tech Republic Security

A November report from Google Cloud details possible nation-state malware tactics in 2024 and new angles of cyberattacks.

article thumbnail

Crashing iPhones with a Flipper Zero

Schneier on Security

The Flipper Zero is an incredibly versatile hacking device. Now it can be used to crash iPhones in its vicinity by sending them a never-ending stream of pop-ups. These types of hacks have been possible for decades, but they require special equipment and a fair amount of expertise. The capabilities generally required expensive SDRs­—short for software-defined radios­—that, unlike traditional hardware-defined radios, use firmware and processors to digitally re-create radio signal tran

Firmware 311

More Trending

article thumbnail

YouTube shows ads for ad blocker, financial scams

Malwarebytes

After performing local experiments for a few months, YouTube recently expanded its effort to block ad blockers. The move was immediately unpopular with some users, and raised some questions in Europe about whether it was breaking privacy laws. In addition, there are some still some fundamental issues that have some people concerned. In this blog post, we look at a couple of examples that erode our trust in online ads.

Scams 145
article thumbnail

New SecuriDropper Malware Bypasses Android 13 Restrictions, Disguised as Legitimate Applications

Tech Republic Security

A new malware is bypassing an Android 13 security measure that restricts permissions to apps downloaded out of the legitimate Google Play Store.

Malware 198
article thumbnail

The Privacy Disaster of Modern Smart Cars

Schneier on Security

Article based on a Mozilla report.

308
308
article thumbnail

GUEST ESSAY: How to mitigate the latest, greatest phishing variant — spoofed QR codes

The Last Watchdog

QR code phishing attacks started landing in inboxes around the world about six months ago. Related: ‘BEC’ bilking on the rise These attacks prompt the target to scan a QR code and trick them into downloading malware or sharing sensitive information. In June, we started seeing these types of attacks amongst our customer base. Since June, there has been a fourfold increase in the search volume around keywords associated with these types of attacks.

Phishing 202
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Modern Asian APT groups’ tactics, techniques and procedures (TTPs)

SecureList

Almost every quarter, someone publishes major research focusing on campaigns or incidents that involve Asian APT groups. These campaigns and incidents target various organizations from a multitude of industries. Likewise, the geographic location of victims is not limited to just one region. This type of research normally contains detailed information about the tools used by APT actors, the vulnerabilities that they exploit and sometimes even a specific attribution.

article thumbnail

Microsoft and SysAid Find Clop Malware Vulnerability

Tech Republic Security

SysAid has patched a zero-day vulnerability that could allow attackers to exfiltrate data and launch ransomware.

Malware 192
article thumbnail

Decoupling for Security

Schneier on Security

This is an excerpt from a longer paper. You can read the whole thing (complete with sidebars and illustrations) here. Our message is simple: it is possible to get the best of both worlds. We can and should get the benefits of the cloud while taking security back into our own hands. Here we outline a strategy for doing that. What Is Decoupling? In the last few years, a slew of ideas old and new have converged to reveal a path out of this morass, but they haven’t been widely recognized, comb

article thumbnail

Researchers Uncover Undetectable Crypto Mining Technique on Azure Automation

The Hacker News

Cybersecurity researchers have developed what's the first fully undetectable cloud-based cryptocurrency miner leveraging the Microsoft Azure Automation service without racking up any charges. Cybersecurity company SafeBreach said it discovered three different methods to run the miner, including one that can be executed on a victim's environment without attracting any attention.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Judge rules it’s fine for car makers to intercept your text messages

Malwarebytes

A federal judge has refused to bring back a class action lawsuit that alleged four car manufacturers had violated Washington state’s privacy laws by using vehicles’ on-board infotainment systems to record customers’ text messages and mobile phone call logs. The judge ruled that the practice doesn’t meet the threshold for an illegal privacy violation under state law.

article thumbnail

GitHub Universe: Open Source Trends Report and New AI Security Products

Tech Republic Security

GitHub Advanced Security gains some AI features, and GitHub Copilot now includes a chatbot option. Github Copilot Enterprise is expected in February 2024.

article thumbnail

Online Retail Hack

Schneier on Security

Selling miniature replicas to unsuspecting shoppers: Online marketplaces sell tiny pink cowboy hats. They also sell miniature pencil sharpeners, palm-size kitchen utensils, scaled-down books and camping chairs so small they evoke the Stonehenge scene in “This Is Spinal Tap.” Many of the minuscule objects aren’t clearly advertised. […] But there is no doubt some online sellers deliberately trick customers into buying smaller and often cheaper-to-produce items, Witcher said

Retail 288
article thumbnail

Beware, Developers: BlazeStealer Malware Discovered in Python Packages on PyPI

The Hacker News

A new set of malicious Python packages has slithered their way to the Python Package Index (PyPI) repository with the ultimate aim of stealing sensitive information from compromised developer systems. The packages masquerade as seemingly innocuous obfuscation tools, but harbor a piece of malware called BlazeStealer, Checkmarx said in a report shared with The Hacker News.

Malware 145
article thumbnail

The Importance of User Roles and Permissions in Cybersecurity Software

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

article thumbnail

Malvertiser copies PC news site to deliver infostealer

Malwarebytes

The majority of malvertising campaigns delivering malicious utilities that we have tracked so far typically deceive victims with pages that are almost the exact replica of the software vendor being impersonated. For example, we have seen fake websites appearing like the real Webex, AnyDesk or KeePass home page. In a new campaign, we observed a threat actor copying a legitimate Windows news portal (WindowsReport.com) to distribute a malicious installer for the popular processor tool CPU-Z.

Software 145
article thumbnail

How to Use a VPN: 4 Easy Steps to Get Started

Tech Republic Security

Learn how to set up and use a VPN with just four easy steps. This step-by-step guide takes you through how you can secure your connection and online data.

VPN 176
article thumbnail

Government Surveillance Reform Act of 2023 Seeks to End Warrantless Police and FBI Spying

WIRED Threat Level

The Government Surveillance Reform Act of 2023 pulls from past privacy bills to overhaul how police and the feds access Americans’ data and communications.

article thumbnail

Google Warns How Hackers Could Abuse Calendar Service as a Covert C2 Channel

The Hacker News

Google is warning of multiple threat actors sharing a public proof-of-concept (PoC) exploit that leverages its Calendar service to host command-and-control (C2) infrastructure. The tool, called Google Calendar RAT (GCR), employs Google Calendar Events for C2 using a Gmail account. It was first published to GitHub in June 2023.

article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

Unlucky Kamran: Android malware spying on Urdu-speaking residents of Gilgit-Baltistan

We Live Security

ESET researchers discover Kamran, previously unknown malware, which spies on Urdu-speaking readers of Hunza News in the Gilgit-Baltistan region

Malware 145
article thumbnail

IT Pros in Australian Crypto Need to Brace for Regulation

Tech Republic Security

The Australian government is moving towards regulating cryptocurrency, with a focus on those involved in developing and maintaining crypto platforms.

article thumbnail

Attackers use Google Calendar RAT to abuse Calendar service as C2 infrastructure

Security Affairs

Google warns of multiple threat actors that are leveraging its Calendar service as a command-and-control (C2) infrastructure. Google warns of multiple threat actors sharing a public proof-of-concept (PoC) exploit, named Google Calendar RAT, that relies on Calendar service to host command-and-control (C2) infrastructure. Google Calendar RAT is a PoC of Command&Control (C2) over Google Calendar Events, it was developed red teaming activities. “To use GRC, only a Gmail account is require

article thumbnail

Offensive and Defensive AI: Let’s Chat(GPT) About It

The Hacker News

ChatGPT: Productivity tool, great for writing poems, and… a security risk?! In this article, we show how threat actors can exploit ChatGPT, but also how defenders can use it for leveling up their game. ChatGPT is the most swiftly growing consumer application to date. The extremely popular generative AI chatbot has the ability to generate human-like, coherent and contextually relevant responses.

Risk 145
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

The NSA Seems Pretty Stressed About the Threat of Chinese Hackers in US Critical Infrastructure

WIRED Threat Level

US government officials continue to warn that the public and private sectors need to identify and root out China-backed attackers lurking in industrial control systems.

article thumbnail

How to Associate an Apple ID with a Second New or Reset iPhone

Tech Republic Security

The steps in this guide describe the process of associating an iPhone with an Apple ID when using iOS 17 on both your first iPhone and a second iPhone.

Mobile 172
article thumbnail

After ChatGPT, Anonymous Sudan took down the Cloudflare website

Security Affairs

After ChatGPT, Anonymous Sudan took down the Cloudflare website with a distributed denial-of-service (DDoS) attack. The hacktivist group Anonymous Sudan claimed responsibility for the massive distributed denial-of-service (DDoS) attack that took down the website of Cloudflare. Cloudflare confirmed that a DDoS attack took down its website for a few minutes and ponited out that it did not impact other products or services. “ To be clear, there was no Cloudflare breach.

DDOS 144
article thumbnail

SecuriDropper: New Android Dropper-as-a-Service Bypasses Google's Defenses

The Hacker News

Cybersecurity researchers have shed light on a new dropper-as-a-service (DaaS) for Android called SecuriDropper that bypasses new security restrictions imposed by Google and delivers the malware.

article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!