The Hacker News

AUGUST 31, 2023

How often do cyberattacks happen? How frequently do threat actors target businesses and governments around the world? The BlackBerry® Threat Research and Intelligence Team recently analyzed 90 days of real-world data to answer these questions. Full results are in the latest BlackBerry Global Threat Intelligence Report, but read on for a teaser of several interesting cyber attack statistics.

Cyber Attacks 112

Cyber Attacks Government 112

Troy Hunt

AUGUST 30, 2023

Last week I was contacted by CERT Poland. They'd observed a phishing campaign that had collected 68k credentials from unsuspecting victims and asked if HIBP may be used to help alert these individuals to their exposure. The campaign began with a typical email requesting more information: In this case, the email contained a fake purchase order attachment which requested login credentials that were then posted back to infrastructure controlled by the attacker: All in all, CERT Poland identifi

Phishing 338

Phishing Password Management Passwords Banking 338

Schneier on Security

AUGUST 31, 2023

A used government surveillance van is for sale in Chicago: So how was this van turned into a mobile spying center? Well, let’s start with how it has more LCD monitors than a Counterstrike LAN party. They can be used to monitor any of six different video inputs including a videoscope camera. A videoscope and a borescope are very similar as they’re both cameras on the ends of optical fibers, so the same tech you’d use to inspect cylinder walls is also useful for surveillance.

Surveillance 287

Surveillance Government Mobile Media 287

The Last Watchdog

AUGUST 29, 2023

The threat of bad actors hacking into airplane systems mid-flight has become a major concern for airlines and operators worldwide. Related: Pushing the fly-by-wire envelope This is especially true because systems are more interconnected and use more complex commercial software than ever before, meaning a vulnerability in one system could lead to a malicious actor gaining access to more important systems.

Software 264

Software Risk Artificial Intelligence Engineering 264

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Krebs on Security

AUGUST 29, 2023

The U.S. government today announced a coordinated crackdown against QakBot , a complex malware family used by multiple cybercrime groups to lay the groundwork for ransomware infections. The international law enforcement operation involved seizing control over the botnet’s online infrastructure, and quietly removing the Qakbot malware from tens of thousands of infected Microsoft Windows computers.

Hacking 250

Hacking Malware Ransomware Government 250

Tech Republic Security

AUGUST 30, 2023

After more than 15 years in the wild, the Qakbot botnet, a zombie network of over 700,000 computers worldwide, is hanging on the FBI's trophy wall for now.

191

191

Troy Hunt

AUGUST 29, 2023

Today, the US Justice Department announced a multinational operation involving actions in the United States, France, Germany, the Netherlands, and the United Kingdom to disrupt the botnet and malware known as Qakbot and take down its infrastructure. Beyond just taking down the backbone of the operation, the FBI began actively intercepting traffic from the botnet and instructing infected machines the uninstall the malware: To disrupt the botnet, the FBI was able to redirect Qakbot botnet traffic

Malware 329

Malware Passwords Password Management Antivirus 329

Schneier on Security

AUGUST 30, 2023

Interesting story of an Apple Macintosh app that went rogue. Basically, it was a good app until one particular update…when it went bad. With more official macOS features added in 2021 that enabled the “Night Shift” dark mode, the NightOwl app was left forlorn and forgotten on many older Macs. Few of those supposed tens of thousands of users likely noticed when the app they ran in the background of their older Macs was bought by another company, nor when earlier this year that c

277

277

The Last Watchdog

AUGUST 13, 2023

LAS VEGAS – Just when we appeared to be on the verge of materially shrinking the attack surface, along comes an unpredictable, potentially explosive wild card: generative AI. Related: Can ‘CNAPP’ do it all? Unsurprisingly, generative AI was in the spotlight at Black Hat USA 2023 , which returned to its full pre-Covid grandeur here last week.

Artificial Intelligence 246

Artificial Intelligence Engineering Internet Internet 246

WIRED Threat Level

AUGUST 31, 2023

Child safety group Heat Initiative plans to launch a campaign pressing Apple on child sexual abuse material scanning and user reporting. The company issued a rare, detailed response on Thursday.

137

137

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Tech Republic Security

AUGUST 29, 2023

At the Google Next '23 conference, the company announced a slew of AI-powered cybersecurity solutions for the cloud, featuring Duet AI, Mandiant and Chronicle Security Operations.

Cybersecurity 152

Cybersecurity Artificial Intelligence Software 152

The Hacker News

AUGUST 30, 2023

New findings show that malicious actors could leverage a sneaky malware detection evasion technique and bypass endpoint security solutions by manipulating the Windows Container Isolation Framework. The findings were presented by Deep Instinct security researcher Daniel Avinoam at the DEF CON security conference held earlier this month.

Architecture 133

Architecture Malware 133

Bleeping Computer

AUGUST 31, 2023

Forever 21 clothing and accessories retailer is sending data breach notifications to more than half a million individuals who had their personal information exposed to network intruders. [.

Data breaches 132

Data breaches Retail 132

Schneier on Security

AUGUST 29, 2023

Interesting story : Napoleon Gonzalez, of Etna, assumed the identity of his brother in 1965, a quarter century after his sibling’s death as an infant, and used the stolen identity to obtain Social Security benefits under both identities, multiple passports and state identification cards, law enforcement officials said. […] A new investigation was launched in 2020 after facial identification software indicated Gonzalez’s face was on two state identification cards.

Identity Theft 246

Identity Theft Technology Software 246

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

Security Affairs

AUGUST 28, 2023

Japan’s JPCERT warns of a new recently detected ‘MalDoc in PDF’ attack that embeds malicious Word files into PDFs. Japan’s computer emergency response team (JPCERT) has recently observed a new attack technique, called ‘MalDoc in PDF’, that bypasses detection by embedding a malicious Word file into a PDF file. The researchers explained that a file created with MalDoc in PDF has magic numbers and file structure of PDF, but can be opened in Word.

Malware 129

Malware Hacking Information Security 129

Elie

AUGUST 20, 2023

We introduce a hybrid digital signature scheme based on two building blocks: a classically-secure scheme, ECDSA, and a post-quantum secure one, Dilithium. Our hybrid scheme maintains the guarantees of each underlying building block even if the other one is broken, thus being resistant to classical and quantum attacks.

117

117

Tech Republic Security

AUGUST 28, 2023

Data from ChatGPT Enterprise will not be used to train the popular chatbot. Plus, admins can manage access.

Big data 198

Big data Artificial Intelligence Software 198

The Hacker News

AUGUST 30, 2023

Cybersecurity researchers have discovered malicious Android apps for Signal and Telegram distributed via the Google Play Store and Samsung Galaxy Store that are engineered to deliver the BadBazaar spyware on infected devices. Slovakian company ESET attributed the campaign to a China-linked actor called GREF.

Spyware 125

Spyware Engineering Cybersecurity 125

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

Cybersecurity

Bleeping Computer

AUGUST 31, 2023

Researchers took advantage of a weakness in the encryption scheme of Key Group ransomware and developed a decryption tool that lets some victims to recover their files for free. [.

Ransomware 124

Ransomware Encryption 124

Dark Reading

AUGUST 31, 2023

A hacker published a real gem of an infostealer to GitHub that requires zero coding knowledge to use. Then a community sprung up around it, polishing the code to a high shine and creating new, even more robust features.

Malware 121

Malware 121

Security Affairs

AUGUST 31, 2023

Fashion retailer Forever 21 disclosed a data breach that exposed the personal information of more than 500,000 individuals. On March 20, 2023, the fashion retailer Forever 21 has discovered a cyber incident that impacted a limited number of systems. The company immediately launched an investigation into the incident with the help of leading cybersecurity firms.

Retail 128

Retail Data breaches Identity Theft Banking 128

Malwarebytes

AUGUST 30, 2023

The UK's National Cyber Security Centre (NCSC) has issued a warning about the risks of integrating large language models (LLMs) like OpenAI’s ChatGPT into other services. One of the major risks is the possibility of prompt injection attacks. The NCSC points out several dangers associated with integrating a technology that is very much in early stages of development into other services and platforms.

Artificial Intelligence 116

Artificial Intelligence Technology Accountability Banking 116

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.

Tech Republic Security

AUGUST 29, 2023

A new study from Abnormal found that 4.31% of phishing attacks mimicked Microsoft, far ahead of second most-spoofed brand PayPal.

Phishing 171

Phishing Social Engineering Artificial Intelligence Engineering 171

The Hacker News

AUGUST 31, 2023

Three additional rogue Python packages have been discovered in the Package Index (PyPI) repository as part of an ongoing malicious software supply chain campaign called VMConnect, with signs pointing to the involvement of North Korean state-sponsored threat actors. The findings come from ReversingLabs, which detected the packages tablediter, request-plus, and requestspro.

Software 124

Software 124

Bleeping Computer

AUGUST 31, 2023

Hackers working for the Main Directorate of the General Staff of the Armed Forces of the Russian Federation, more commonly known as the GRU, have been targeting Android devices in Ukraine with a new malicious framework named 'Infamous Chisel. [.

Malware 119

Malware Mobile 119

SecureWorld News

AUGUST 29, 2023

In a major milestone for global cybersecurity efforts, the U.S. Federal Bureau of Investigation (FBI) has successfully collaborated with international partners to take down the notorious Qakbot botnet. This operation, which spans multiple countries, is being hailed as one of the largest ever enforcement actions led by the United States against a botnet.

Cybercrime 109

Cybercrime Malware Ransomware Manufacturing 109

Speaker: William Hord, Vice President of ERM Services

A well-defined change management process is critical to minimizing the impact that change has on your organization. Leveraging the data that your ERM program already contains is an effective way to help create and manage the overall change management process within your organization. Your ERM program generally assesses and maintains detailed information related to strategy, operations, and the remediation plans needed to mitigate the impact on the organization.

Risk

Security Affairs

AUGUST 31, 2023

Researchers demonstrated how attackers can abuse the Windows Container Isolation Framework to bypass endpoint security solutions. Researcher Daniel Avinoam at the recent DEF CON hacking conference demonstrated how attackers can abuse the Windows Container Isolation Framework to bypass endpoint security solutions. The expert explained that Windows OS separates the file system from each container to the host and avoids duplication of system files.

Antivirus 127

Antivirus Ransomware Hacking Malware 127

Dark Reading

AUGUST 30, 2023

"Operation Doppelganger" has convincingly masqueraded as multiple news sites with elaborate fake stories containing real bylines of journalists, blasting them out on social media platforms.

Media 109

Media 109

Tech Republic Security

AUGUST 30, 2023

With passkeys, you no longer need to use a password to log into supported websites. Here's how to use them with password manager NordPass.

Password Management 161

Password Management Passwords Software Cybersecurity 161

The Hacker News

AUGUST 31, 2023

An open-source.NET-based information stealer malware dubbed SapphireStealer is being used by multiple entities to enhance its capabilities and spawn their own bespoke variants.

Malware 111

Malware Ransomware 111

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity