Wed.Jun 22, 2022

article thumbnail

Symbiote Backdoor in Linux

Schneier on Security

Interesting : What makes Symbiote different from other Linux malware that we usually come across, is that it needs to infect other running processes to inflict damage on infected machines. Instead of being a standalone executable file that is run to infect a machine, it is a shared object (SO) library that is loaded into all running processes using LD_PRELOAD (T1574.006), and parasitically infects the machine.

Malware 334
article thumbnail

Meet the Administrators of the RSOCKS Proxy Botnet

Krebs on Security

Authorities in the United States, Germany, the Netherlands and the U.K. last week said they dismantled the “ RSOCKS ” botnet, a collection of millions of hacked devices that were sold as “proxies” to cybercriminals looking for ways to route their malicious traffic through someone else’s computer. While the coordinated action did not name the Russian hackers allegedly behind RSOCKS, KrebsOnSecurity has identified its owner as a 35-year-old Russian man living abroad w

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Q&A: The lesser role VPNs now play for enterprises, SMBs — in a post-pandemic world

The Last Watchdog

During the first two decades of this century, virtual private networks —VPNs—served as a cornerstone of network security. Related: Deploying human sensors. VPNs encrypt data streams and protect endpoints from unauthorized access, essentially by requiring all network communications to flow over a secured pipe. This worked extremely well for users accessing network resources remotely via their company-issued laptops and immobile home computers.

VPN 200
article thumbnail

Gartner reveals 8 cybersecurity predictions for the next 4 years

Tech Republic Security

The cybersecurity company went into great detail on some of the sweeping cybersecurity changes anticipated over the next four years. The post Gartner reveals 8 cybersecurity predictions for the next 4 years appeared first on TechRepublic.

article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

Be you in the (cyber) workplace

Jane Frankland

At The Source, my new venture for women in cyber and businesses who value them, we have a saying, “Be you in the workplace.” And although that should be easy to do, sometimes it’s not. Unfortunately, it’s an open secret that cyber can be a hostile industry for women, from trolling on social media platforms and forums, to harassment at events, and the inner circles that leaders and influencers move in.

Education 130
article thumbnail

Why organizations are keen on zero trust but are slow to adopt it

Tech Republic Security

Most organizations surveyed by Banyan Security consider zero trust a priority, but many see it as difficult and expensive to implement. The post Why organizations are keen on zero trust but are slow to adopt it appeared first on TechRepublic.

152
152

More Trending

article thumbnail

Targeted voicemail phishing attacks hits specific US industries’ verticals

Tech Republic Security

A new wave of targeted voicemail phishing attacks has been hitting US companies in selected verticals since May 2022. The campaign’s goal is to collect Office 365 credentials of legitimate corporate users. The post Targeted voicemail phishing attacks hits specific US industries’ verticals appeared first on TechRepublic.

Phishing 145
article thumbnail

Machine Learning Tackles Ransomware Attacks

Security Boulevard

There are approximately 250 known ransomware families, and these families are directly related to the rise of ransomware-as-a-service, according to Bitdefender. “Ransomware infection is just the final step; these modern attacks take some time to prepare and threat actors will try to thoroughly prepare before launching an attack,” Martin Zugec, technical solutions director at Bitdefender, The post Machine Learning Tackles Ransomware Attacks appeared first on Security Boulevard.

article thumbnail

Proofpoint dispels commonly held threat actor assumptions in new report

Tech Republic Security

The company found that Google-related URLs were the most frequently abused last year. The post Proofpoint dispels commonly held threat actor assumptions in new report appeared first on TechRepublic.

148
148
article thumbnail

NSA shares tips on securing Windows devices with PowerShell

Bleeping Computer

The National Security Agency (NSA) and cybersecurity partner agencies issued an advisory today recommending system administrators to use PowerShell to prevent and detect malicious activity on Windows machines. [.].

article thumbnail

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

article thumbnail

MEGA claims it can’t decrypt your files. But someone’s managed to…

Malwarebytes

MEGA, the cloud storage provider and file hosting service, is very proud of its end-to-end encryption. It says it couldn’t decrypt your stored files , even if it wanted to. “All your data on MEGA is encrypted with a key derived from your password; in other words, your password is your main encryption key. MEGA does not have access to your password or your data.

article thumbnail

Home Title Theft: Warning Signs and Prevention Tips

Identity IQ

Home Title Theft: Warning Signs and Prevention Tips. IdentityIQ. Home title theft is a kind of crime that involves stealing the legal right to a property, such as your home. This can happen when someone steals your identity and uses it to fraudulently take over the title on your property. It’s a growing problem that can have devastating effects on homeowners and their financial well-being.

article thumbnail

Microsoft 365 Users in US Face Raging Spate of Attacks

Dark Reading

A voicemail-themed phishing campaign is hitting specific industry verticals across the country, bent on scavenging credentials that can be used for a range of nefarious purposes.

Phishing 118
article thumbnail

7-Zip gets Mark of the Web feature, increases protection for users

Malwarebytes

One of the most popular zip programs around, 7-Zip, now offers support for “Mark of the Web” (MOTW), which gives users better protection from malicious files. This is good news. But what does that actually mean? In the bad old days, opening up a downloaded document could be a fraught exercise. Malicious files would often have full permission from the system to do whatever they wanted.

Internet 113
article thumbnail

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

article thumbnail

Microsoft includes IoT devices under its Secured-core program

CSO Magazine

Addressing security concerns associated with the growing momentum for edge computing , Microsoft is making its Edge Secured-core program for Windows-based IoT devices generally available. Added as a new certification under the Azure Certified Device program, Edge Secured-core is for IoT devices running a full operating system, such as Windows 10 IoT or Linux.

IoT 118
article thumbnail

Privacy-focused Brave Search grew by 5,000% in a year

Bleeping Computer

Brave Search, the browser developer's privacy-centric Internet search engine, is celebrating its first anniversary after surpassing 2.5 billion queries and seeing almost 5,000% growth in a year. [.].

article thumbnail

Watch out for the email that says “You have a new voicemail!”

Malwarebytes

A phishing campaign is using voicemail notification messages to go after victims’ Office 365 credentials. According to researchers at ZScaler , the campaign uses spoofed emails with an HTML attachment that contains encoded javascript. The email claims that you have a new voicemail and that you can listen to the message by clicking on the attachment.

Phishing 108
article thumbnail

Chinese hackers target script kiddies with info-stealer trojan

Bleeping Computer

Cybersecurity researchers have discovered a new campaign attributed to the Chinese "Tropic Trooper" hacking group, which employs a novel loader called Nimbda and a new variant of the Yahoyah trojan. [.].

Hacking 123
article thumbnail

From Complexity to Clarity: Strategies for Effective Compliance and Security Measures

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.

article thumbnail

Dozens of insecure-by-design flaws found in OT products

CSO Magazine

A new research project has uncovered 56 vulnerabilities in operational technology (OT) devices from 10 different vendors, all of which stem from insecurely designed or implemented functionality rather than programming errors. This highlights that despite the increased attention this type of critical devices have received over the past decade from both security researchers and malicious attackers, the industry is still not following fundamental secure-by-design principles.

Firmware 113
article thumbnail

Critical PHP flaw exposes QNAP NAS devices to RCE attacks

Bleeping Computer

QNAP has warned customers today that many of its Network Attached Storage (NAS) devices are vulnerable to attacks that would exploit a three-year-old critical PHP vulnerability allowing remote code execution. [.].

117
117
article thumbnail

Russia's APT28 Launches Nuke-Themed Follina Exploit Campaign

Dark Reading

Researchers have spotted the threat group, also known as Fancy Bear and Sofacy, using the Windows MSDT vulnerability to distribute information stealers to users in Ukraine.

108
108
article thumbnail

Researchers Uncover Ways to Break the Encryption of 'MEGA' Cloud Storage Service

The Hacker News

A new piece of research from academics at ETH Zurich has identified a number of critical security issues in the MEGA cloud storage service that could be leveraged to break the confidentiality and integrity of user data.

article thumbnail

Successful Change Management with Enterprise Risk Management

Speaker: William Hord, Vice President of ERM Services

A well-defined change management process is critical to minimizing the impact that change has on your organization. Leveraging the data that your ERM program already contains is an effective way to help create and manage the overall change management process within your organization. Your ERM program generally assesses and maintains detailed information related to strategy, operations, and the remediation plans needed to mitigate the impact on the organization.

article thumbnail

Replace Your SIEM with Neural Net Technology

Security Boulevard

Security Information Event Management (SIEM) systems are an outdated technology. It’s no longer enough to just manage information – today’s organizations need technology that can proactively detect and respond to dynamic threats as well. SIEM’s learning capabilities to face modern threats is limited but can be replaced with intelligent automation that is built on neural nets.

article thumbnail

Microsoft uses AI to tackle Ransomware Attacks

CyberSecurity Insiders

As ransomware attacks are ever-evolving, they are hard to detect with human intelligence. So, Microsoft issued a press statement on Tuesday confirming the use of Artificial Intelligence (AI) technology to tackle ransomware attacks. In a tech post released on ‘Patch Tuesday’, the tech giant disclosed it is harnessing the power of AI in exploring the complex threat landscape belonging to ransomware.

article thumbnail

WhiteHat brings new dimension to DAST capabilities at Synopsys

Security Boulevard

The acquisition of WhiteHat Security, the leading the DAST solution provider, is a step toward a more comprehensive, end-to-end portfolio for AppSec. The post WhiteHat brings new dimension to DAST capabilities at Synopsys appeared first on Application Security Blog. The post WhiteHat brings new dimension to DAST capabilities at Synopsys appeared first on Security Boulevard.

Software 105
article thumbnail

Yodel Confirms Cyberattack

Heimadal Security

Yodel is a delivery service company from the United Kingdom. It was initially known as the Home Delivery Network, until it bought the B2B and B2C businesses of DHL Express UK and afterward, renamed itself as Yodel in May 2010. What Happened? A cyberattack has caused delays in package distribution and online order tracking for […]. The post Yodel Confirms Cyberattack appeared first on Heimdal Security Blog.

B2C 101
article thumbnail

ERM Program Fundamentals for Success in the Banking Industry

Speaker: William Hord, Senior VP of Risk & Professional Services

Enterprise Risk Management (ERM) is critical for industry growth in today’s fast-paced and ever-changing risk landscape. When building your ERM program foundation, you need to answer questions like: Do we have robust board and management support? Do we understand and articulate our bank’s risk appetite and how that impacts our business units? How are we measuring and rating our risk impact, likelihood, and controls to mitigate our risk?

article thumbnail

What are Injection Attacks?

Security Boulevard

You’d agree that the range of different types of cyberattacks is expanding, and the situation is getting intense. Hackers use new and robust techniques to break into systems and steal or modify confidential data. But one creed of cyberattacks are among the oldest and most dangerous: Injection attacks. Two-thirds of all web app attacks reported […]. The post What are Injection Attacks?

article thumbnail

MEGA fixes critical flaws that allowed the decryption of user data

Bleeping Computer

MEGA has released a security update to address a set of severe vulnerabilities that could have exposed user data, even if the data had been stored in encrypted form. [.].

article thumbnail

GitHub's MFA Plans Should Spur Rest of Industry to Raise the Bar

Dark Reading

We as industry leaders should be building on what individual platforms like GitHub are doing in two critical ways: demanding third parties improve security and creating more interoperable architectures.

article thumbnail

Newly Discovered Magecart Infrastructure Reveals the Scale of Ongoing Campaign

The Hacker News

A newly discovered Magecart skimming campaign has its roots in a previous attack activity going all the way back to November 2021. To that end, it has come to light that two malware domains identified as hosting credit card skimmer code — "scanalytic[.]org" and "js.staticounter[.

Malware 106
article thumbnail

Cover Your SaaS: How to Overcome Security Challenges and Risks For Your Organization

Speaker: Ronald Eddings, Cybersecurity Expert and Podcaster

So, you’ve accomplished an organization-wide SaaS adoption. It started slow, and now just a few team members might be responsible for running Salesforce, Slack, and a few others applications that boost productivity, but it’s all finished. Or is it? Through all the benefits offered by SaaS applications, it’s still a necessity to onboard providers as quickly as possible.