Schneier on Security

JUNE 25, 2024

Interesting paper about a German cryptanalysis machine that helped break the US M-209 mechanical ciphering machine. The paper contains a good description of how the M-209 works.

204

204

Troy Hunt

JUNE 23, 2024

Ah, sunshine! As much as I love being back in Norway, the word "summer" is used very loosely there. Not as much in Greece, however, which is just spectacular: Finally escaped the bitterly cold Norwegian summer for something… warmer 🇬🇷 pic.twitter.com/jk9knZvJar — Troy Hunt (@troyhunt) June 17, 2024 3 nights in Mykonos, 2 in Santorini and I'm pushing this post out just before our second night in Athens before embarking on the long journey home.

Accountability 190

Accountability 190

Tech Republic Security

JUNE 27, 2024

This guide covers various ransomware attacks, including Colonial Pipeline, WannaCry and LockBit, the systems hackers target and how to avoid becoming a victim and paying cybercriminals a ransom.

Ransomware 163

Ransomware Phishing Software Cybersecurity 163

Bleeping Computer

JUNE 27, 2024

The remote access software company TeamViewer is warning that its corporate environment was breached in a cyberattack yesterday, with a cybersecurity firm claiming it was by an APT hacking group. [.

Hacking 145

Hacking Software Cybersecurity 145

Speaker: Speakers:

In today's digital age, having an untrained workforce can be a significant risk to your business. Cyber threats are evolving; without proper training, your employees could be the weakest link in your defense. This webinar empowers leaders like you with the tools and strategies needed to transform your employees into a robust frontline defense against cyber attacks.

Cyber Attacks

Schneier on Security

JUNE 27, 2024

A group of cryptographers have analyzed the eiDAS 2.0 regulation (electronic identification and trust services) that defines the new EU Digital Identity Wallet.

205

205

Penetration Testing

JUNE 25, 2024

A security researcher has published a proof-of-concept (PoC) exploit code targeting a recent high-severity vulnerability (CVE-2024-30088) in Microsoft Windows. This critical flaw holds a risk severity score of 7.0 and impacts systems across the... The post PoC Exploit Published for Windows Kernel Elevation of Privilege Vulnerability (CVE-2024-30088) appeared first on Cybersecurity News.

Risk 145

Risk Cybersecurity 145

Malwarebytes

JUNE 28, 2024

Chinese online shopping giant Temu is facing a lawsuit filed by State of Arkansas Attorney General Tim Griffin, alleging that the retailer’s mobile app spies on users. “Temu purports to be an online shopping platform, but it is dangerous malware, surreptitiously granting itself access to virtually all data on a user’s cellphone.” Temu quickly denied the allegations.

Malware 131

Malware Manufacturing Spyware Mobile 131

Schneier on Security

JUNE 28, 2024

Longtime NSA-watcher James Bamford has a long article on the reauthorization of Section 702 of the Foreign Intelligence Surveillance Act (FISA).

Surveillance 184

Surveillance 184

Security Boulevard

JUNE 28, 2024

Chinese fast-fashion-cum-junk retailer “is a data-theft business.” The post Temu is Malware — It Sells Your Info, Accuses Ark. AG appeared first on Security Boulevard.

Malware 133

Malware Retail Social Engineering Data privacy 133

The Hacker News

JUNE 27, 2024

TeamViewer on Thursday disclosed it detected an "irregularity" in its internal corporate IT environment on June 26, 2024. "We immediately activated our response team and procedures, started investigations together with a team of globally renowned cyber security experts and implemented necessary remediation measures," the company said in a statement.

128

128

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

NetSpi Technical

JUNE 24, 2024

Intro – What is Prototype Pollution? Prototype Pollution is a JavaScript vulnerability where it’s possible for an attacker to control unexpected variables in JavaScript, which on the client-side can lead to Cross-Site Scripting, and on the server-side lead to Remote Code Execution. It is caused by ‘JavaScript Weirdness’, specifically in the declaration and setting of variable names, and is exploitable because of further JavaScript weirdness with weak typing, where it’s possible to have var

Education 134

Education 134

Bleeping Computer

JUNE 28, 2024

RMM software developer TeamViewer says a Russian state-sponsored hacking group known as Midnight Blizzard is believed to be behind a breach of their corporate network this week. [.

Software 119

Software Hacking 119

Security Boulevard

JUNE 25, 2024

Copying users’ files and deleting some? Even a cartoon hound knows this isn’t fine. The post Microsoft Privacy FAIL: Windows 11 Silently Backs Up to OneDrive appeared first on Security Boulevard.

Social Engineering 134

Social Engineering Account Security Accountability Data privacy 134

The Hacker News

JUNE 26, 2024

Apple has released a firmware update for AirPods that could allow a malicious actor to gain access to the headphones in an unauthorized manner. Tracked as CVE-2024-27867, the authentication issue affects AirPods (2nd generation and later), AirPods Pro (all models), AirPods Max, Powerbeats Pro, and Beats Fit Pro.

Firmware 132

Firmware Authentication 132

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Schneier on Security

JUNE 24, 2024

Former NSA Director Paul Nakasone has joined the board of OpenAI.

Artificial Intelligence 163

Artificial Intelligence 163

Bleeping Computer

JUNE 25, 2024

Over 100,000 sites have been impacted in a supply chain attack by the Polyfill.io service after a Chinese company acquired the domain and the script was modified to redirect users to malicious and scam sites. [.

Scams 130

Scams 130

Security Boulevard

JUNE 26, 2024

30,000 websites at risk: Check yours ASAP! (800 Million Ostriches Can’t Be Wrong.) The post WordPress Plugin Supply Chain Attack Gets Worse appeared first on Security Boulevard.

Risk 130

Risk Social Engineering Data privacy Software 130

The Hacker News

JUNE 25, 2024

Google has taken steps to block ads for e-commerce sites that use the Polyfill.io service after a Chinese company acquired the domain and modified the JavaScript library ("polyfill.js") to redirect users to malicious and scam sites. More than 110,000 sites that embed the library are impacted by the supply chain attack, Sansec said in a Tuesday report.

Scams 130

Scams 130

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

Security Affairs

JUNE 26, 2024

Researchers warn that the P2Pinfect worm is targeting Redis servers with ransomware and cryptocurrency mining payloads. Cado Security researchers warned that the P2Pinfect worm is employed in attacks against Redis servers, aimed at deploying both ransomware and cryptocurrency mining payloads. In July 2023, Palo Alto Networks Unit 42 researchers first discovered the P2P worm P2PInfect that targets Redis servers running on both Linux and Windows systems.

Ransomware 114

Ransomware Cryptocurrency Malware Passwords 114

Bleeping Computer

JUNE 25, 2024

The Medusa banking trojan for Android has re-emerged after almost a year of keeping a lower profile in campaigns targeting France, Italy, the United States, Canada, Spain, the United Kingdom, and Turkey. [.

Banking 127

Banking Malware Mobile 127

Security Boulevard

JUNE 28, 2024

The rate of cyberattacks is rising as the threat level continues to evolve, according to BlackBerry Limited’s latest Global Threat Intelligence Report. The post Cyberattack Rate Surges as Novel Malware Growth Accelerates appeared first on Security Boulevard.

Malware 120

Malware Social Engineering Engineering Security Awareness 120

The Hacker News

JUNE 24, 2024

Cybersecurity researchers have detailed a now-patch security flaw affecting the Ollama open-source artificial intelligence (AI) infrastructure platform that could be exploited to achieve remote code execution. Tracked as CVE-2024-37032, the vulnerability has been codenamed Probllama by cloud security firm Wiz.

Artificial Intelligence 127

Artificial Intelligence Cybersecurity 127

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

Cybersecurity

Security Affairs

JUNE 22, 2024

The RansomHub ransomware operators added a Linux encryptor to their arsenal, the version targets VMware ESXi environments. RansomHub ransomware operation relies on a new Linux version of the encrypted to target VMware ESXi environments. Although RansomHub only emerged in February 2024, it has rapidly grown and has become the fourth most prolific ransomware operator over the past three months based on the number of publicly claimed attacks.

Ransomware 126

Ransomware Encryption Backups Healthcare 126

Bleeping Computer

JUNE 27, 2024

Cloudflare, a lead provider of content delivery network (CDN) services, cloud security, and DDoS protection has warned that it has not authorized the use of its name or logo on the Polyfill.io website, which has recently been caught injecting malware on more than 100,000 websites in a significant supply chain attack. [.

DDOS 120

DDOS Malware 120

Security Boulevard

JUNE 28, 2024

Microsoft details Skeleton Key, a new jailbreak technique in which a threat actor can convince an AI model to ignore its built-in safeguards and respond to requests for harmful, illegal, or offensive requests that might otherwise have been refused. The post Skeleton Key the Latest Jailbreak Threat to AI Models: Microsoft appeared first on Security Boulevard.

Risk 119

Risk Malware Cybersecurity Network Security 119

The Hacker News

JUNE 23, 2024

Multiple threat actors, including cyber espionage groups, are employing an open-source Android remote administration tool called Rafel RAT to meet their operational objectives by masquerading it as Instagram, WhatsApp, and various e-commerce and antivirus apps.

Antivirus 124

Antivirus 124

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity

WIRED Threat Level

JUNE 27, 2024

AWS hosted a server linked to the Bezos family- and Nvidia-backed search startup that appears to have been used to scrape the sites of major outlets, prompting an inquiry into potential rules violations.

Artificial Intelligence 112

Artificial Intelligence 112

Bleeping Computer

JUNE 22, 2024

The BlackSuit ransomware gang is behind CDK Global's massive IT outage and disruption to car dealerships across North America, according to multiple sources familiar with the matter. [.

Ransomware 133

Ransomware 133

Security Boulevard

JUNE 26, 2024

A Chinese cyberespionage group and two more possibly from China and North Korea are using ransomware in their attacks to either add financial gains to their efforts or to cover their tracks by convincing victims and cybersecurity experts that the intrusions were something other than spy campaigns. Researchers with SentinelOne have been tracking two clusters.

Ransomware 125

Ransomware Cybersecurity Malware Network Security 125

The Hacker News

JUNE 26, 2024

Multiple content management system (CMS) platforms like WordPress, Magento, and OpenCart have been targeted by a new credit card web skimmer called Caesar Cipher Skimmer. A web skimmer refers to malware that is injected into e-commerce sites with the goal of stealing financial and payment information.

Malware 117

Malware 117

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.