Sat.Oct 14, 2023 - Fri.Oct 20, 2023

article thumbnail

The Fake Browser Update Scam Gets a Makeover

Krebs on Security

One of the oldest malware tricks in the book — hacked websites claiming visitors need to update their Web browser before they can view any content — has roared back to life in the past few months. New research shows the attackers behind one such scheme have developed an ingenious way of keeping their malware from being taken down by security experts or law enforcement: By hosting the malicious files on a decentralized, anonymous cryptocurrency blockchain.

Scams 309
article thumbnail

Security Vulnerability of Switzerland’s E-Voting System

Schneier on Security

Online voting is insecure, period. This doesn’t stop organizations and governments from using it. (And for low-stakes elections, it’s probably fine.) Switzerland—not low stakes—uses online voting for national elections. Ed Appel explains why it’s a bad idea: Last year, I published a 5-part series about Switzerland’s e-voting system.

Malware 335
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

SHARED INTEL Q&A: Everything the Cisco-Splunk merger tells us about the rise of SIEMs

The Last Watchdog

Cisco’s recent move to acquire SIEM stalwart Splunk for a cool $28 billion aligns with the rising urgency among companies in all sectors to better protect data — even as cyber threats intensify and disruptive advancements in AI add a wild card to this challenge. Related: Will Cisco flub Splunk? Cisco CEO Chuck Robbins hopes to boost the resiliency the network switching giant’s growing portfolio of security services.

Marketing 306
article thumbnail

Weekly Update 369

Troy Hunt

There seemed to be an awful lot of time gone on the 23andMe credential stuffing situation this week, but I think it strikes a lot of important chords. We're (us as end users) still reusing credentials, still not turning on MFA and still trying to sue when we don't do these things. And we as builders are still creating systems that allow this to happen en mass.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Hackers Stole Access Tokens from Okta’s Support Unit

Krebs on Security

Okta , a company that provides identity tools like multi-factor authentication and single sign-on to thousands of businesses, has suffered a security breach involving a compromise of its customer support unit, KrebsOnSecurity has learned. Okta says the incident affected a “very small number” of customers, however it appears the hackers responsible had access to Okta’s support platform for at least two weeks before the company fully contained the intrusion.

article thumbnail

Coin Flips Are Biased

Schneier on Security

Experimental result : Many people have flipped coins but few have stopped to ponder the statistical and physical intricacies of the process. In a preregistered study we collected 350,757 coin flips to test the counterintuitive prediction from a physics model of human coin tossing developed by Persi Diaconis. The model asserts that when people flip an ordinary coin, it tends to land on the same side it started—Diaconis estimated the probability of a same-side outcome to be about 51%.

285
285

More Trending

article thumbnail

Weekly Update 370

Troy Hunt

I did it again - I tweeted about Twitter doing something I thought was useful and the hordes did descend on Twitter to tweet about how terrible Twitter is. Right, gotcha, so 1.3M views of that tweet later. As I say in this week's video, there's a whole bunch of crazy arguments in there but the thing that continues to get me the most in every one of these discussions is the argument that Elon is a poo poo head.

Marketing 239
article thumbnail

New CISA and NSA Identity and Access Management Guidance Puts Vendors on Notice

Tech Republic Security

This CISA-NSA guidance reveals concerning gaps and deficits in the multifactor authentication and Single Sign-On industry and calls for vendors to make investments and take additional steps.

article thumbnail

Former Uber CISO Appealing His Conviction

Schneier on Security

Joe Sullivan, Uber’s CEO during their 2016 data breach, is appealing his conviction. Prosecutors charged Sullivan, whom Uber hired as CISO after the 2014 breach, of withholding information about the 2016 incident from the FTC even as its investigators were scrutinizing the company’s data security and privacy practices. The government argued that Sullivan should have informed the FTC of the 2016 incident, but instead went out of his way to conceal it from them.

CISO 237
article thumbnail

Warning: Unpatched Cisco Zero-Day Vulnerability Actively Targeted in the Wild

The Hacker News

Cisco has warned of a critical, unpatched security flaw impacting IOS XE software that’s under active exploitation in the wild. Rooted in the web UI feature, the zero-day vulnerability is assigned as CVE-2023-20198 and has been assigned the maximum severity rating of 10.0 on the CVSS scoring system.

Software 143
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Fraudsters target Booking.com customers claiming hotel stay could be cancelled

Graham Cluley

One of the world's largest online travel agencies, Booking.com, is being used by fraudsters to trick hotel guests into handing over their payment card details. How do I know? The fraudsters tried the trick with me.

Phishing 142
article thumbnail

Software Supply Chain Security Attacks Up 200%: New Sonatype Research

Tech Republic Security

Sonatype's 9th annual State of the Software Supply Chain also covers regulations and how AI could help developers protect organizations from security risks.

Software 195
article thumbnail

Recognizing and Reporting Phishing

Duo's Security Blog

“Phishing is the practice of sending fraudulent communications that appear to come from a legitimate and reputable source, usually through email and text messages.” - Just one successful attack is needed Phishing can be delivered by a variety of different vehicles such as email, text, phone call (voice phishing or a “vhish”) or even social media post, instant message or QR code.

Phishing 142
article thumbnail

New Admin Takeover Vulnerability Exposed in Synology's DiskStation Manager

The Hacker News

A medium-severity flaw has been discovered in Synology's DiskStation Manager (DSM) that could be exploited to decipher an administrator's password and remotely hijack the account.

Passwords 138
article thumbnail

The Importance of User Roles and Permissions in Cybersecurity Software

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

article thumbnail

Lockbit ransomware gang demanded an 80 million ransom to CDW

Security Affairs

The Lockbit ransomware gang claims to have hacked the technology services giant CDW and threatens to leak the stolen data. The technology services giant CDW announced it has launched an investigation into claims made by the Lockbit ransomware gang that added the company to the list of victims on its leak site. CDW Corporation is a provider of technology solutions and services for business, government and education.

article thumbnail

New Critical Zero-Day Vulnerability Affects Web UI of Cisco IOS XE Software & Allows Attackers to Compromise Routers

Tech Republic Security

The number of devices exposing the web UI on the internet, a timeline and technical details about this malicious activity, and tips for mitigating this zero-day threat are featured.

Software 171
article thumbnail

Critical, Unpatched Cisco Zero-Day Bug Is Under Active Exploit

Dark Reading

No patch or workaround is currently available for the maximum severity flaw, which allows attackers to gain complete administrator privilege on affected devices remotely and without authentication.

article thumbnail

SpyNote: Beware of This Android Trojan that Records Audio and Phone Calls

The Hacker News

The Android banking trojan known as SpyNote has been dissected to reveal its diverse information-gathering features. Typically spread via SMS phishing campaigns, attack chains involving the spyware trick potential victims into installing the app by clicking on the embedded link, according to F-Secure.

Spyware 137
article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

Cisco warns of active exploitation of IOS XE zero-day

Security Affairs

Cisco warned customers of a critical zero-day vulnerability in its IOS XE Software that is actively exploited in attacks. Cisco warned customers of a zero-day vulnerability, tracked as CVE-2023-20198 (CVSS score 10), in its IOS XE Software that is actively exploited in attacks. The IT giant found the vulnerability during the resolution of multiple Technical Assistance Center (TAC) support cases.

article thumbnail

New Netskope Report Exposes Increasing Use of Cloud Apps to Spread Malware

Tech Republic Security

Microsoft OneDrive accounts for 26% of the overall usage of cloud storage apps to host malware, ahead of Microsoft PowerPoint and GitHub.

Malware 179
article thumbnail

Clever malvertising attack uses Punycode to look like KeePass's official website

Malwarebytes

Threat actors are known for impersonating popular brands in order to trick users. In a recent malvertising campaign, we observed a malicious Google ad for KeePass, the open-source password manager which was extremely deceiving. We previously reported on how brand impersonations are a common occurrence these days due to a feature known as tracking templates, but this attack used an additional layer of deception.

article thumbnail

Cisco Zero-Day Exploited to Implant Malicious Lua Backdoor on Thousands of Devices

The Hacker News

Cisco has warned of a new zero-day flaw in IOS XE that has been actively exploited by an unknown threat actor to deploy a malicious Lua-based implant on susceptible devices. Tracked as CVE-2023-20273 (CVSS score: 7.2), the issue relates to a privilege escalation flaw in the web UI feature and is said to have been used alongside CVE-2023-20198 as part of an exploit chain.

138
138
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Cisco warns of new IOS XE zero-day actively exploited in attacks

Bleeping Computer

Cisco warned admins today of a new maximum severity authentication bypass zero-day in its IOS XE software that lets unauthenticated attackers gain full administrator privileges and take complete control of affected routers and switches remotely. [.

article thumbnail

What Australian IT Leaders Need to Focus on Ahead of Privacy Act Reforms

Tech Republic Security

The Australian federal government aims to deliver changes to privacy laws in 2024. Organisations are being warned to prepare ahead of time by creating a comprehensive map of organisational data.

article thumbnail

Multiple APT groups exploited WinRAR flaw CVE-2023-38831

Security Affairs

Google TAG reported that both Russia and China-linked threat actors are weaponizing the a high-severity vulnerability in WinRAR. Google’s Threat Analysis Group (TAG) reported that in recent weeks multiple nation-state actors were spotted exploiting the vulnerability CVE-2023-38831 in WinRAR. The researchers reported that several cybercrime groups began exploiting the flaw in early 2023, when the bug was still a zero-day.

article thumbnail

Signal Debunks Zero-Day Vulnerability Reports, Finds No Evidence

The Hacker News

Encrypted messaging app Signal has pushed back against "viral reports" of an alleged zero-day flaw in its software, stating it found no evidence to support the claim.

article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

article thumbnail

Cyber Security Awareness Month – Answering Google’s Most Commonly Asked Questions

Thales Cloud Protection & Licensing

Cyber Security Awareness Month – Answering Google’s Most Commonly Asked Questions madhav Wed, 10/18/2023 - 05:25 This month is Cyber Security Awareness Month , highlighting how far security education needs to go in order to enable a secure interconnected world. Technology continues to improve our lives – but at the same time the risks continue to grow.

article thumbnail

Avast SecureLine VPN Review (2023): Is It a Good VPN for You?

Tech Republic Security

Read our comprehensive review of Avast SecureLine VPN. We analyze its features, speed, security, and more to determine if it is the best VPN option for you.

VPN 159
article thumbnail

Tens of thousands Cisco IOS XE devices were hacked by exploiting CVE-2023-20198

Security Affairs

More than 40,000 Cisco IOS XE devices have been compromised in attacks exploiting recently disclosed critical vulnerability CVE-2023-20198. Researchers from LeakIX used the indicators of compromise (IOCs) released by Cisco Talos and found around 30k Cisco IOS XE devices (routers, switches, VPNs) that were infected by exploiting the CVE-2023-20198. Most of the infected devices were in the United States, the Philippines, Chile, and Mexico.

Hacking 136
article thumbnail

Malvertisers Using Google Ads to Target Users Searching for Popular Software

The Hacker News

Details have emerged about a malvertising campaign that leverages Google Ads to direct users searching for popular software to fictitious landing pages and distribute next-stage payloads. Malwarebytes, which discovered the activity, said it's "unique in its way to fingerprint users and distribute time sensitive payloads.

Software 133
article thumbnail

Cybersecurity Predictions for 2024

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.