Thu.Jul 28, 2022

article thumbnail

New UFEI Rootkit

Schneier on Security

Kaspersky is reporting on a new UFEI rootkit that survives reinstalling the operating system and replacing the hard drive. From an article : The firmware compromises the UEFI, the low-level and highly opaque chain of firmware required to boot up nearly every modern computer. As the software that bridges a PC’s device firmware with its operating system, the UEFI—short for Unified Extensible Firmware Interface—is an OS in its own right.

Firmware 341
article thumbnail

Breach Exposes Users of Microleaves Proxy Service

Krebs on Security

Microleaves , a ten-year-old proxy service that lets customers route their web traffic through millions of Microsoft Windows computers, recently fixed a vulnerability in their website that exposed their entire user database. Microleaves claims its proxy software is installed with user consent, but data exposed in the breach shows the service has a lengthy history of being supplied with new proxies by affiliates incentivized to distribute the software any which way they can — such as by sec

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Google delays removal of third-party cookies in Chrome through 2024

Tech Republic Security

The search giant explained that it pushed back its timeline once again because it needs more time for testing to ensure users’ online privacy is protected. The post Google delays removal of third-party cookies in Chrome through 2024 appeared first on TechRepublic.

Software 182
article thumbnail

APT trends report Q2 2022

SecureList

For five years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent threat (APT) activity. These summaries are based on our threat intelligence research; and they provide a representative snapshot of what we have published and discussed in greater detail in our private APT reports.

Malware 145
article thumbnail

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

Speaker: Erroll Amacker

Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.

article thumbnail

How attackers are adapting to a post-macro world

Tech Republic Security

Since Microsoft’s shutdown of macros in Office apps, attackers are using container file types to deliver malware in one of the largest threat landscape shifts in recent history. The post How attackers are adapting to a post-macro world appeared first on TechRepublic.

Malware 166
article thumbnail

Unscrambling Cybersecurity Acronyms: The ABCs of Endpoint Security

Cisco Security

Ransomware and other advanced attacks continue to evolve and threaten organizations around the world. Effectively defending your endpoints from these attacks can be a complex undertaking, and a seemingly endless number of security acronyms only compounds that complexity. There are so many acronyms – EPP, EDR, MEDR, MDR, XDR, and more – for various cybersecurity products and services that it becomes difficult to understand the differences between them and choose the right solution for your organi

LifeWorks

More Trending

article thumbnail

Google ‘Delays Making Less Money’ — Third-Party Cookie Ban on Hold

Security Boulevard

Google’s plan to kill third party cookies is delayed—yet again. And it’s probably not surprising. The post Google ‘Delays Making Less Money’ — Third-Party Cookie Ban on Hold appeared first on Security Boulevard.

article thumbnail

What does the demise of bitcode mean for the future of application security?

Tech Republic Security

Andrew Whaley, senior technical director at Promon, explains the problem with Apple's Xcode update. The post What does the demise of bitcode mean for the future of application security? appeared first on TechRepublic.

157
157
article thumbnail

Akamai blocked the largest DDoS attack ever on its European customers

Security Affairs

This month Akamai blocked the largest distributed denial-of-service (DDoS) attack that hit an organization in Europe. On July 21, 2022, Akamai mitigated the largest DDoS attack that ever hit one of its European customers. The attack hit an Akamai customer in Eastern Europe that was targeted 75 times in the past 30 days with multiple types of DDoS attacks, including UDP, UDP fragmentation, ICMP flood, RESET flood, SYN flood, TCP anomaly, TCP fragment, PSH ACK flood, FIN push flood, and PUSH flood

DDOS 136
article thumbnail

Kansas MSP shuts down cloud services to fend off cyberattack

Bleeping Computer

A US managed service provider NetStandard suffered a cyberattack causing the company to shut down its MyAppsAnywhere cloud services, consisting of hosted Dynamics GP, Exchange, Sharepoint, and CRM services. [.].

133
133
article thumbnail

Why Giant Content Libraries Do Nothing for Your Employees’ Cyber Resilience

Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.

article thumbnail

Holy Ghost’s Bargain Basement Approach to Ransomware

Digital Shadows

Recent reporting from Microsoft has shone light on the “HolyGhost” ransomware group, a cybercriminal outfit originating from North Korea. While. The post Holy Ghost’s Bargain Basement Approach to Ransomware first appeared on Digital Shadows.

article thumbnail

LofyLife: malicious npm packages steal Discord tokens and bank card data

SecureList

On July 26, using the internal automated system for monitoring open-source repositories, we identified four suspicious packages in the Node Package Manager (npm) repository. All these packages contained highly obfuscated malicious Python and JavaScript code. We dubbed this malicious campaign “LofyLife” Description of the proc-title package (Translation: This package correctly capitalizes your titles as per the Chicago manual of style).

Banking 131
article thumbnail

$10 million reward offered for information on North Korean hackers

The State of Security

A $10 million reward is being offered for information leading to the identification or location of hackers working with North Korea to launch cyber attacks on US critical infrastructure. Read more in my article on the Tripwire State of Security blog.

article thumbnail

Auto-launching HiddAd on Google Play Store found in more than 6 million downloads

Quick Heal Antivirus

HiddenAd or HiddAd are icon-hiding adware applications. The prime motive of HiddAd is to generate revenue through aggressive. The post Auto-launching HiddAd on Google Play Store found in more than 6 million downloads appeared first on Quick Heal Blog | Latest computer security news, tips, and advice.

Adware 124
article thumbnail

Zero Trust Mandate: The Realities, Requirements and Roadmap

The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.

article thumbnail

How Are Hackers Targeting Your Devices Through Bluetooth?

Identity IQ

How Are Hackers Targeting Your Devices Through Bluetooth? IdentityIQ. Bluetooth is a widely used, convenient technology included on just about every smartphone, tablet, and laptop computer these days. You can use it to share files, play media and more with only a wireless connection. But just like with unsecured Wi-Fi networks , hackers can target your Bluetooth-enabled devices to steal personal data , install malware or spam you with messages.

article thumbnail

Citibank, Bank of America, Capital One, and others Targeted by ‘Robin Banks’ PhaaS

Heimadal Security

A brand-new Phishing-as-a-Service (PhaaS) platform known as “Robin Banks” has been developed, providing ready-made phishing tools intended to trick customers of reputable financial institutions and online services. Among the targeted organizations are: Citibank Bank of America Capital One Wells Fargo PNC S. Bank Lloyds Bank the Commonwealth Bank in Australia Santander Moreover, the recently launched […].

Banking 119
article thumbnail

Hackers Opting New Attack Methods After Microsoft Blocked Macros by Default

The Hacker News

With Microsoft taking steps to block Excel 4.0 (XLM or XL4) and Visual Basic for Applications (VBA) macros by default across Office apps, malicious actors are responding by refining their new tactics, techniques, and procedures (TTPs). "The use of VBA and XL4 Macros decreased approximately 66% from October 2021 through June 2022," Proofpoint said in a report shared with The Hacker News.

117
117
article thumbnail

What Women Should Know Before Joining the Cybersecurity Industry

Dark Reading

Three observations about our industry that might help demystify security for women entrants.

article thumbnail

Next-Level Fraud Prevention: Strategies for Today’s Threat Landscape

Speaker: Sierre Lindgren

Fraud is a battle that every organization must face – it’s no longer a question of “if” but “when.” Every organization is a potential target for fraud, and the finance department is often the bullseye. From cleverly disguised emails to fraudulent payment requests, the tactics of cybercriminals are advancing rapidly. Drawing insights from real-world cases and industry expertise, we’ll explore the vulnerabilities in your processes and how to fortify them effectively.

article thumbnail

Ransom payments fall as fewer victims choose to pay hackers

Bleeping Computer

Ransomware statistics from the second quarter of the year show that the ransoms paid to extortionists have dropped in value, a trend that continues since the last quarter of 2021. [.].

article thumbnail

How Tor Is Fighting—and Beating—Russian Censorship

WIRED Threat Level

Russia has been trying to block the anonymous browser since December—with mixed results.

112
112
article thumbnail

Radioactivity monitoring and warning system hacked, disabled by attackers

Malwarebytes

The Spanish police arrested two people under the accusation of tampering with the Red de Alerta a la Radiactividad (RAR). The RAR is part of the Spanish national security systems and in use to monitor gamma radiation levels across the country. The network is managed, operated and maintained by the General Directorate of Civil Protection and Emergencies (DGPCE) of the Ministry of internal affairs.

Hacking 112
article thumbnail

What is Cyber-Essential Patch Compliance?

Heimadal Security

Whilst the need for patching is irrefutable, more than often sysadmins are being confronted with the notion of ‘compliance’ and the chicken-or-the-egg dilemma that goes along with it – what comes first? Patching or compliance? Since patch compliance is a hot topic these days, in this article we’re going to go over the topic and […]. The post What is Cyber-Essential Patch Compliance?

110
110
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Twitter user data sold for $30k on dark selling forum

CyberSecurity Insiders

A Twitter user named ‘Devil’ has announced the sale of information related to over 5.4 million twitter users siphoned from the social media firm’s database in January this year. In one tweet, the hacker said that the data was stolen after exploiting a vulnerability on the company’s systems. Microblogging website reacted to the news and released a press statement that it is busy investigating the incident and assured to release more details about the incident as soon as the investigation gets ove

article thumbnail

Malicious npm packages steal Discord users’ payment card info

Bleeping Computer

Multiple npm packages are being used in an ongoing malicious campaign dubbed LofyLife to infect Discord users with malware that steals their payment card information. [.].

Malware 107
article thumbnail

FIN7 now enters ransomware as a service business

CyberSecurity Insiders

FIN7, a noted group of cyber criminals, has slowly taken up ransomware-as-a-service because it is proving profitable to most. The organization that has the reputation of making around $1.3 billion by cyber attacking over 100 companies across the world has also emerged as a threat group in recent times. Cybersecurity researchers from Mandiant revealed that FIN7 used to fund operations related to REvil, Darkside, BlackMatter and BlackCat till date.

article thumbnail

“Orwellian in the extreme” food store installs facial recognition cameras to stop crime, faces backlash

Malwarebytes

A convenience shop chain is under fire and facing legal charges for installing cameras with facial recognition software in 35 of its branches across the UK. The cameras analyze and convert video face captures into biometric data. The data is compared with a database of people who have committed crimes in the shop, such as theft or violent behavior. Southern told the BBC that it only placed cameras in shops where there is a history of crime.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Akamai blocked largest DDoS in Europe against one of its customers

Bleeping Computer

The largest distributed denial-of-service (DDoS) attack that Europe has ever seen occurred earlier this month and hit an organization in Eastern Europe. [.].

DDOS 105
article thumbnail

TSA Issues Directive to Prevent Another Colonial Pipeline Attack

Security Boulevard

Following months of pushback from private industry, the Transportation Security Administration (TSA) reissued a revised version of its cybersecurity directive for oil and natural gas pipeline owners and operators. The directive follows the May 2021 ransomware attack on Colonial Pipeline. That attack impacted fuel transformation and caused widespread disruption to fuel availability.

article thumbnail

U.S. Offers $10 Million Reward for Information on North Korean Hackers

The Hacker News

The U.S. State Department has announced rewards of up to $10 million for any information that could help disrupt North Korea's cryptocurrency theft, cyber-espionage, and other illicit state-backed activities.

article thumbnail

Malware on IBM Power Systems: What You Need to Know

The State of Security

Malware – what are the threats? Malware can come from and in a variety of attack vectors. Besides using ‘traditional’ methods of spreading malware, adversaries can leverage more sophisticated methods to turn your Power System into a ‘malware host’. The key target is your data. Data is valuable, and organisations have paid at least $602 […]… Read More.

Malware 101
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!