Schneier on Security

NOVEMBER 8, 2023

This is an excerpt from a longer paper. You can read the whole thing (complete with sidebars and illustrations) here. Our message is simple: it is possible to get the best of both worlds. We can and should get the benefits of the cloud while taking security back into our own hands. Here we outline a strategy for doing that. What Is Decoupling? In the last few years, a slew of ideas old and new have converged to reveal a path out of this morass, but they haven’t been widely recognized, comb

Encryption 248

Encryption Authentication Government Software 248

Tech Republic Security

NOVEMBER 8, 2023

A new malware is bypassing an Android 13 security measure that restricts permissions to apps downloaded out of the legitimate Google Play Store.

Malware 179

Malware Phishing Software Mobile 179

The Hacker News

NOVEMBER 8, 2023

Cybersecurity researchers have developed what's the first fully undetectable cloud-based cryptocurrency miner leveraging the Microsoft Azure Automation service without racking up any charges. Cybersecurity company SafeBreach said it discovered three different methods to run the miner, including one that can be executed on a victim's environment without attracting any attention.

Cryptocurrency 138

Cryptocurrency Cybersecurity 138

Malwarebytes

NOVEMBER 8, 2023

The majority of malvertising campaigns delivering malicious utilities that we have tracked so far typically deceive victims with pages that are almost the exact replica of the software vendor being impersonated. For example, we have seen fake websites appearing like the real Webex, AnyDesk or KeePass home page. In a new campaign, we observed a threat actor copying a legitimate Windows news portal (WindowsReport.com) to distribute a malicious installer for the popular processor tool CPU-Z.

Software 138

Software System Administration Antivirus Malware 138

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Bleeping Computer

NOVEMBER 8, 2023

Windows 11 will no longer add SMB1 Windows Defender Firewall rules when creating new SMB shares starting with today's Canary Channel Insider Preview Build 25992 build. [.

Firewall 132

Firewall 132

Malwarebytes

NOVEMBER 8, 2023

ChatGPT and similar Large language models (LLMs) can be used to write texts about any given subject, at any desired length at a speed unmatched by humans. So it’s not a surprise that students have been using them to “help” write assignments, much to the dismay of teachers who prefer to receive original work from actual humans. In fact, in Malwarebytes’ recent research survey, “Everyone’s afraid of the internet and no one’s sure what to do about it,” we found that 40% of people

Artificial Intelligence 132

Artificial Intelligence Internet Internet Software 132

Bleeping Computer

NOVEMBER 8, 2023

Security and data analytics company Sumo Logic disclosed a security breach after discovering that its AWS (Amazon Web Services) account was compromised last week. [.

Accountability 130

Accountability 130

Security Affairs

NOVEMBER 8, 2023

Five Canadian hospitals were victims of a ransomware attack, threat actors claim to have stolen data from them and leaked them. Five Canadian hospitals revealed they were victims of ransomware attacks after threat actors leaked alleged stolen data. The impacted hospitals are Bluewater Health , Chatham-Kent Health Alliance , Erie Shores HealthCare , Hôtel-Dieu Grace Healthcare , and Windsor Regional Hospital.

Ransomware 123

Ransomware Healthcare VPN Insurance 123

Bleeping Computer

NOVEMBER 8, 2023

Signal is now testing public usernames that allow users to conceal the phone numbers linked to their accounts while communicating with others. [.

Accountability 140

Accountability Software 140

Security Affairs

NOVEMBER 8, 2023

Royal Mail has left an open redirect vulnerability on one of its sites, exposing its customers to phishing attacks and malware infections. The centuries-old Royal Mail is the largest courier company in the UK, boasting twice the market share of Amazon. The centuries-old Royal Mail is the largest courier company in the UK, boasting twice the market share of Amazon.

Marketing 119

Marketing Phishing Hacking Ransomware 119

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Bleeping Computer

NOVEMBER 8, 2023

Russian financial organization Sberbank states in a press release that two weeks ago it faced the most powerful distributed denial of service (DDoS) attack in recent history. [.

DDOS 111

DDOS 111

Security Affairs

NOVEMBER 8, 2023

The FBI published a PIN alert warning of ransomware operators compromising third-party vendors and services for initial access to target environments. The Federal Bureau of Investigation (FBI) published a Private Industry Notification (PIN) to warn of ransomware initial access trends and provide recommendations to reduce the attack surface to ransomware attacks.

Ransomware 118

Ransomware Backups Encryption Phishing 118

Malwarebytes

NOVEMBER 8, 2023

QNAP has published a security advisory about two critical vulnerabilities that could allow remote attackers to execute commands via a network. One of the vulnerabilities affects the QTS and QuTS operating systems (OS) for QNAP’s network attached storage systems (NAS). The second one can be found in versions of QTS, the Multimedia Console, and the Media Streaming add-on.

Media 117

Media Firmware Passwords Ransomware 117

Security Affairs

NOVEMBER 8, 2023

The North Korea-linked APT BlueNoroff used a new strain of macOS malware strain dubbed ObjCShellz, Jamf Threat Labs reported. Researchers from Jamf Threat Labs discovered a new macOS malware strain dubbed ObjCShellz and attributed it to North Korea-linked APT BlueNoroff. The experts noticed that the ObjCShellz malware shares similarities with the RustBucket malware campaign associated with the BlueNoroff APT group.

Malware 117

Malware Cryptocurrency Social Engineering Engineering 117

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity

The Hacker News

NOVEMBER 8, 2023

Meta-owned WhatsApp is officially rolling out a new privacy feature in its messaging service called "Protect IP Address in Calls" that masks users' IP addresses to other parties by relaying the calls through its servers.

Encryption 116

Encryption 116

Security Affairs

NOVEMBER 8, 2023

Security firm Sumo Logic disclosed a security breach after discovering the compromise of its AWS account compromised last week. Sumo Logic is a cybersecurity company that specializes in cloud-based log management and analytics. The company disclosed a security breach after discovering that its AWS account was compromised last week. The company discovered the security breach on Friday, November 3, 2023. “On Friday, November 3rd, 2023, Sumo Logic discovered evidence of a potential security i

Encryption 114

Encryption Accountability Hacking Cybersecurity 114

Dark Reading

NOVEMBER 8, 2023

Meet "farnetwork," one of the most prolific RaaS operators around, who spilled too many details during an affiliate "job interview.

Ransomware 124

Ransomware 124

The Hacker News

NOVEMBER 8, 2023

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a high-severity flaw in the Service Location Protocol (SLP) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. Tracked as CVE-2023-29552 (CVSS score: 7.

Cybersecurity 111

Cybersecurity 111

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

Trend Micro

NOVEMBER 8, 2023

We analyzed a phishing campaign involving malicious emails containing a link to a file-sharing solution, which further leads to a PDF document with a secondary link designed to steal login info and session cookies.

Phishing 106

Phishing Malware 106

The Hacker News

NOVEMBER 8, 2023

Cybersecurity researchers have unmasked a prolific threat actor known as farnetwork, who has been linked to five different ransomware-as-a-service (RaaS) programs over the past four years in various capacities.

Ransomware 104

Ransomware Cybersecurity 104

Graham Cluley

NOVEMBER 8, 2023

Photos of naked patients and medical records have been posted online by extortionists who hacked a Las Vegas plastic surgery, driving victims to file a lawsuit claiming not enough care was taken to protect their private information. Read more in my article on the Hot for Security blog.

Hacking 103

Hacking Data breaches Ransomware 103

WIRED Threat Level

NOVEMBER 8, 2023

For the first time, guerrilla animal rights group Direct Action Everywhere reveals a guide to its investigative tactics and toolkit, from spy cams to night vision and drones.

99

99

Advertisement

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

Identity Theft

Graham Cluley

NOVEMBER 8, 2023

A ransomware attack impacting five hospitals in southwestern Ontario, Canada, has seen hackers gain access to a database containing 5.6 million patient visits, and the social insurance numbers of over 1400 employees. Read more in my article on the Hot for Security blog.

Ransomware 102

Ransomware Insurance Data breaches Malware 102

Dark Reading

NOVEMBER 8, 2023

In a rapidly evolving cybersecurity landscape, CISOs must take proactive measures to safeguard their careers and mitigate risks associated with their roles.

CISO 107

CISO Risk Cybersecurity 107

Heimadal Security

NOVEMBER 8, 2023

Daixin Team claimed responsibility for the ransomware attack that impacted 5 hospitals in Ontario, Canada, on October 23rd. TransForm, the shared service provider of the five healthcare organizations, confirmed the ransomware attack. The stolen database contains information on 5.6 million patient visits and impacts about 267,000 persons. Bluewater Health, Chatham-Kent Health Alliance, Erie Shores HealthCare, […] The post Daixin Threat Group Claims Ransomware Attack on 5 Hospitals in Ontari

Ransomware 95

Ransomware Healthcare Cybersecurity 95

Dark Reading

NOVEMBER 8, 2023

The attacks are another manifestation of the concerning rise in information stealers for harvesting data and enabling persistent access to enterprise networks.

105

105

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

Cybersecurity

Graham Cluley

NOVEMBER 8, 2023

A woman's attempt to hire an assassin online backfires badly, it's scary just how cheap it is to buy information about US military personnel, and trolls and tattoos don't mix. All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.

Cybersecurity 93

Cybersecurity 93

Thales Cloud Protection & Licensing

NOVEMBER 8, 2023

Enhancing Data Sovereignty: VMware Sovereign Cloud and Thales Join Forces madhav Wed, 11/08/2023 - 09:55 By Guy Bartram, Director Product Marketing, VMware In a globalized world where data flows seamlessly across physical borders and is increasingly stored on public clouds, yet is still subject to local country laws, the ability to offer digital sovereignty solutions has become increasingly important for Cloud Service Providers.

Encryption 87

Encryption Healthcare Government Data breaches 87

Heimadal Security

NOVEMBER 8, 2023

Threat groups exploited two recent Atlassian Confluence vulnerabilities to deploy Cerber ransomware. On October 31st, Atlassian released security updates for both flaws and urged users to patch. Both flaws, CVE-2023-22518 and CVE-2023-22515, are ranked 10 which is the maximum risk level. CVE-2023-22515 enables hackers to create unauthorized Confluence administrator accounts.

Ransomware 91

Ransomware Accountability Risk Cybersecurity 91

The Hacker News

NOVEMBER 8, 2023

Download the free guide, "It's a Generative AI World: How vCISOs, MSPs and MSSPs Can Keep their Customers Safe from Gen AI Risks." ChatGPT now boasts anywhere from 1.5 to 2 billion visits per month. Countless sales, marketing, HR, IT executive, technical support, operations, finance and other functions are feeding data prompts and queries into generative AI engines.

Risk 89

Risk Marketing Engineering 89

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.