Krebs on Security
MAY 6, 2024
Virtual private networking (VPN) companies market their services as a way to prevent anyone from snooping on your Internet usage. But new research suggests this is a dangerous assumption when connecting to a VPN via an untrusted network, because attackers on the same network could force a target’s traffic off of the protection provided by their VPN without triggering any alerts to the user.
Schneier on Security
MAY 7, 2024
This attack has been feasible for over two decades: Researchers have devised an attack against nearly all virtual private network applications that forces them to send and receive some or all traffic outside of the encrypted tunnel designed to protect it from snooping or tampering. TunnelVision, as the researchers have named their attack, largely negates the entire purpose and selling point of VPNs, which is to encapsulate incoming and outgoing Internet traffic in an encrypted tunnel and to cloa
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
The Last Watchdog
MAY 8, 2024
Philadelphia, Pa., May 8, 2024, CyberNewsWire — Security Risk Advisors (SRA) announces the launch of their OT/XIoT Detection Selection Workshop, a complimentary offering designed to assist organizations in selecting the most suitable operational technology (OT) and Extended Internet of Things (XIoT) security tools for their unique environments.
Tech Republic Security
MAY 7, 2024
VPNs are popular due to the fact they add security and privacy to what are otherwise daily open Wi-Fi and public internet channels. But can VPNs be tracked by the police?
Advertisement
How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.
Bleeping Computer
MAY 8, 2024
Microsoft has confirmed that last month's Windows Server security updates may also cause domain controller reboots after the Local Security Authority Subsystem Service (LSASS) process crashes. [.
Schneier on Security
MAY 6, 2024
Lots of complicated details here: too many for me to summarize well. It involves an obscure Section 230 provision—and an even more obscure typo. Read this.
Cyber Security Informer brings together the best content for cyber security professionals from the widest variety of industry thought leaders.
Tech Republic Security
MAY 8, 2024
The production of deepfakes is accelerating at more than 1,500% in Australia, forcing organisations to create and adopt standards like Content Credentials.
Elie
MAY 8, 2024
This talk discuss through concrete examples how to use the Google Security AI Framework (SAIF) to protect AI systems and workflows
Schneier on Security
MAY 9, 2024
There’s a new report on how criminals are using generative AI tools: Key Takeaways: Adoption rates of AI technologies among criminals lag behind the rates of their industry counterparts because of the evolving nature of cybercrime. Compared to last year, criminals seem to have abandoned any attempt at training real criminal large language models (LLMs).
Security Boulevard
MAY 8, 2024
PAFACA SueTok: U.S. Courts “likely” to rule whether new law is constitutional—or even practical. The post TikTok Ban — ByteDance Sues US to Kill Bill appeared first on Security Boulevard.
Advertiser: Revenera
In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.
Tech Republic Security
MAY 7, 2024
The intent of the Future Made in Australia Act is to build manufacturing capabilities across all sectors, which will likely lead to more demand for IT skills and services.
WIRED Threat Level
MAY 6, 2024
The iPhone maker has detected spyware attacks against people in more than 150 countries. Knowing if your device is infected can be tricky—but there are a few steps you can take to protect yourself.
Penetration Testing
MAY 6, 2024
Trend Micro, a leading provider of cybersecurity solutions, has released an important update for its Antivirus One software, targeting a critical vulnerability that could have allowed attackers to inject malicious code. The issue tracked... The post CVE-2024-34456: Trend Micro Patches Code Injection Vulnerability in Antivirus One appeared first on Penetration Testing.
Bleeping Computer
MAY 8, 2024
A massive network of 75,000 fake online shops called 'BogusBazaar' tricked over 850,000 people in the US and Europe into making purchases, allowing the criminals to steal credit card information and attempt to process an estimated $50 million in fake orders. [.
Advertisement
The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.
Security Affairs
MAY 5, 2024
Law enforcement seized the Lockbit group’s Tor website again and announced they will reveal more identities of its operators Law enforcement seized the Lockbit group’s Tor website again. The authorities resumed the Lockbit seized leak site and mocked its administrators. According to the countdown active on the seized, law enforcement that are currently controlling the website will reveal the identities of the LockBitSupps and other members of the gang on May 7, 2024, at 14:00:00 UTC.
WIRED Threat Level
MAY 8, 2024
An internal email from FBI deputy director Paul Abbate, obtained by WIRED, tells employees to search for “US persons” in a controversial spy program's database that investigators have repeatedly misused.
The Hacker News
MAY 7, 2024
The U.K. National Crime Agency (NCA) has unmasked the administrator and developer of the LockBit ransomware operation, revealing it to be a 31-year-old Russian national named Dmitry Yuryevich Khoroshev. In addition, Khoroshev has been sanctioned by the U.K. Foreign, Commonwealth and Development Office (FCD), the U.S.
Bleeping Computer
MAY 8, 2024
The FBI warned retail companies in the United States that a financially motivated hacking group has been targeting employees in their gift card departments in phishing attacks since at least January 2024. [.
Speaker: Blackberry, OSS Consultants, & Revenera
Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?
Security Affairs
MAY 8, 2024
A critical Remote Code Execution vulnerability in the Tinyproxy service potentially impacted 50,000 Internet-Exposing hosts. Researchers from Cisco Talos reported a use-after-free vulnerability in the HTTP Connection Headers parsing of Tinyproxy 1.11.1 and Tinyproxy 1.10.0. The issue is tracked as CVE-2023-49606 and received a CVSS score of 9.8. The exploitation of the issue can potentially lead to remote code execution. “A specially crafted HTTP header can trigger reuse of previously free
Security Boulevard
MAY 6, 2024
A report found more than 40 million exposures are impacting 11.5 million critical business entities, with more than half related to cloud platforms. The post Identity, Credential Misconfigurations Open Worrying Security Gaps appeared first on Security Boulevard.
The Hacker News
MAY 8, 2024
A newer version of a malware loader called Hijack Loader has been observed incorporating an updated set of anti-analysis techniques to fly under the radar. "These enhancements aim to increase the malware's stealthiness, thereby remaining undetected for longer periods of time," Zscaler ThreatLabz researcher Muhammed Irfan V A said in a technical report.
Bleeping Computer
MAY 7, 2024
The FBI, UK National Crime Agency, and Europol have unveiled sweeping indictments and sanctions against the admin of the LockBit ransomware operation, with the identity of the Russian threat actor being revealed for the first time. [.
Advertisement
Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.
Security Affairs
MAY 8, 2024
TunnelVision is a new VPN bypass technique that enables threat actors to spy on users’ traffic bypassing the VPN encapsulation. Leviathan Security researchers recently identified a novel attack technique, dubbed TunnelVision, to bypass VPN encapsulation. A threat actor can use this technique to force a target user’s traffic off their VPN tunnel using built-in features of DHCP (Dynamic Host Configuration Protocol).
Penetration Testing
MAY 8, 2024
The Go programming language, known for its simplicity and efficiency in software development, has recently issued a crucial security advisory addressing two severe vulnerabilities. These flaws, identified in the Go environment, could potentially allow... The post CVE-2024-24787 (CVSS 9.8): Go Vulnerability Could Lead to Code Execution appeared first on Penetration Testing.
The Hacker News
MAY 6, 2024
Cybersecurity researchers have discovered a new information stealer targeting Apple macOS systems that's designed to set up persistence on the infected hosts and act as a spyware. Dubbed Cuckoo by Kandji, the malware is a universal Mach-O binary that's capable of running on both Intel- and Arm-based Macs.
Bleeping Computer
MAY 5, 2024
Finland's Transport and Communications Agency (Traficom) has issued a warning about an ongoing Android malware campaign targeting banking accounts. [.
Speaker: Erika R. Bales, Esq.
When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.
Security Boulevard
MAY 4, 2024
The RSA Conference 2024 will kick off on May 6. Known as the “Oscars of Cybersecurity,” the RSAC Innovation Sandbox has become a benchmark for innovation in the cybersecurity industry. Today, let’s get to know the company Reality Defender. Introduction to Reality Defender Reality Defender, established in 2021, is a startup specializing in detecting deepfakes and […] The post RSAC 2024 Innovation Sandbox | Reality Defender: Deepfake Detection Platform appeared first on NSFOCUS, Inc., a globa
Security Affairs
MAY 9, 2024
Threat actors exploit recently disclosed Ivanti Connect Secure (ICS) vulnerabilities to deploy the Mirai botnet. Researchers from Juniper Threat Labs reported that threat actors are exploiting recently disclosed Ivanti Connect Secure (ICS) vulnerabilities CVE-2023-46805 and CVE-2024-21887 to drop the payload of the Mirai botnet. In early January, the software firm reported that threat actors are exploiting two zero-day vulnerabilities (CVE-2023-46805, CVE-2024-21887) in Connect Secure (ICS) and
The Hacker News
MAY 7, 2024
The Iranian state-backed hacking outfit called APT42 is making use of enhanced social engineering schemes to infiltrate target networks and cloud environments. Targets of the attack include Western and Middle Eastern NGOs, media organizations, academia, legal services and activists, Google Cloud subsidiary Mandiant said in a report published last week.
Bleeping Computer
MAY 8, 2024
F5 has fixed two high-severity BIG-IP Next Central Manager vulnerabilities, which can be exploited to gain admin control and create rogue accounts on any managed assets. [.
Speaker: William Hord, Vice President of ERM Services
A well-defined change management process is critical to minimizing the impact that change has on your organization. Leveraging the data that your ERM program already contains is an effective way to help create and manage the overall change management process within your organization. Your ERM program generally assesses and maintains detailed information related to strategy, operations, and the remediation plans needed to mitigate the impact on the organization.
Expert insights. Personalized for you.
247 
Let's personalize your content