Schneier on Security

AUGUST 18, 2023

Interesting research: “ An Empirical Study & Evaluation of Modern CAPTCHAs “: Abstract: For nearly two decades, CAPTCHAS have been widely used as a means of protection against bots. Throughout the years, as their use grew, techniques to defeat or bypass CAPTCHAS have continued to improve. Meanwhile, CAPTCHAS have also evolved in terms of sophistication and diversity, becoming increasingly difficult to solve for both bots (machines) and humans.

Accountability 205

Accountability 205

Jane Frankland

AUGUST 18, 2023

Every now and again I’m asked about conferences and whether they’re worth attending. My answer is always, yes so long as you plan carefully. Over the years I’ve attended hundreds of cybersecurity conferences all over the world, and participated as an attendee, speaker, chair, and advisor. All these roles have enabled me to gain an understanding of conferences through different lenses.

Cybersecurity 130

Cybersecurity Risk Media Government 130

Tech Republic Security

AUGUST 18, 2023

This is a comprehensive ExpressVPN Review, covering features, pricing, and more. Use this guide to find out if it is the best VPN for you.

VPN 128

VPN Cybersecurity 128

Bleeping Computer

AUGUST 18, 2023

A high-severity vulnerability has been fixed in WinRAR, the popular file archiver utility for Windows used by millions, that can execute commands on a computer simply by opening an archive. [.

Software 98

Software 98

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Tech Republic Security

AUGUST 18, 2023

About 2,000 Citrix NetScalers were compromised in automated massive attack campaigns. Find out more about the threat actors and how to protect from them.

Cybersecurity 115

Cybersecurity Network Security 115

The Hacker News

AUGUST 18, 2023

Threat actors are using Android Package (APK) files with unknown or unsupported compression methods to elude malware analysis. That's according to findings from Zimperium, which found 3,300 artifacts leveraging such compression algorithms in the wild. 71 of the identified samples can be loaded on the operating system without any problems.

Malware 98

Malware 98

The Hacker News

AUGUST 18, 2023

Microsoft on Thursday disclosed that it found a new version of the BlackCat ransomware (aka ALPHV and Noberus) that embeds tools like Impacket and RemCom to facilitate lateral movement and remote code execution.

Ransomware 98

Ransomware 98

Digital Guardian

AUGUST 18, 2023

Hacks, social engineering, and phishing dominated this week’s headlines, but cloud security is at the forefront of government officials’ minds. Catch up on all the latest in this week’s Friday Five!

Social Engineering 98

Social Engineering Engineering Phishing Government 98

Digital Shadows

AUGUST 18, 2023

Cyber-actors hide using "clean" resources. ReliaQuest shows tracking IoCs & detection helps security pros counteract disguised attacks. Enhancing OSINT is key.

98

98

Security Affairs

AUGUST 18, 2023

A flaw impacting the file archiver utility for Windows WinRAR can allow the execution of commands on a computer by opening an archive. WinRAR is a popular file compression and archival utility for Windows operating systems. The utility is affected by a now-fixed high-severity vulnerability, tracked as CVE-2023-40477 (CVSS score 7.8), that can allow remote execution of arbitrary code on a computer by opening a crafted RAR archive.

Hacking 97

Hacking Information Security 97

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Bleeping Computer

AUGUST 18, 2023

Hotmail users worldwide have problems sending emails, with messages flagged as spam or not delivered after Microsoft misconfigured the domain's DNS SPF record. [.

DNS 98

DNS 98

Malwarebytes

AUGUST 18, 2023

An ongoing campaign targeting LinkedIn accounts has led to victims losing control of their accounts, or being locked out following repeated login attempts. Whether the attackers are using brute force methods or credential stuffing isn't known, but because some victims are being being locked out following a great number of failed attempts, you might suspect brute force methods.

Accountability 95

Accountability Passwords Authentication Phishing 95

The Hacker News

AUGUST 18, 2023

While IT security managers in companies and public administrations rely on the concept of Zero Trust, APTS (Advanced Persistent Threats) are putting its practical effectiveness to the test. Analysts, on the other hand, understand that Zero Trust can only be achieved with comprehensive insight into one's own network.

Hacking 92

Hacking 92

Security Affairs

AUGUST 18, 2023

Experts warn of an ongoing campaign attributed to China-linked Bronze Starlight that is targeting the Southeast Asian gambling sector. SentinelOne observed China-linked APT group Bronze Starlight (aka APT10 , Emperor Dragonfly or Storm-0401) targeting the gambling sector within Southeast Asia. The malware and infrastructure employed in the campaign are linked to the ones observed in Operation ChattyGoblin attributed by the security firm ESET to China-linked threat actors.

VPN 95

VPN Malware Encryption Passwords 95

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity

Bleeping Computer

AUGUST 18, 2023

An international law enforcement operation led by Interpol has led to the arrest of 14 suspected cybercriminals in an operation codenamed 'Africa Cyber Surge II,' launched in April 2023. [.

88

88

Malwarebytes

AUGUST 18, 2023

The Cybersecurity and Infrastructure Security Agency (CISA) has added a vulnerability to its catalog of know exploited vulnerabilities , based on evidence of active exploitation. This means that Federal Civilian Executive Branch (FCEB) agencies need to remediate this vulnerability by September 6, 2023 to protect their networks against this active threat.

Software 90

Software Backups Ransomware Internet 90

Security Affairs

AUGUST 18, 2023

#OpFukushima: The famous collective Anonymous has launched cyberattacks against Japan nuclear websites over Fukushima water plan. The hacker collective Anonymous has launched cyberattacks against nuclear power-linked groups in Japan as part of an operation called #OpFukushima. The campaign was launched to protest against the Government’s plan to release the treated radioactive water from the Fukushima nuclear plant into the sea.

Government 91

Government Media DDOS Hacking 91

Heimadal Security

AUGUST 18, 2023

As the cybercrime landscape evolves, you may wonder if the old Antivirus solution that you have installed on your organization’s endpoints still does the job. Traditional antivirus software initially offered sufficient defense against the majority of viruses before they evolved into other types of malware. A better type of endpoint security is required because traditional […] The post What Is Next-Generation Antivirus (NGAV) and How Does It Work?

Antivirus 82

Antivirus Cybercrime Malware Software 82

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

Security Affairs

AUGUST 18, 2023

A massive social engineering campaign is targeting users of the Zimbra Collaboration email server to steal their login credentials. ESET researchers uncovered a mass-spreading phishing campaign targeting users of the Zimbra Collaboration email server since April 2023. Zimbra Collaboration is an open-core collaborative software platform. The campaign is still ongoing and is targeting a wide range of small and medium businesses and governmental entities.

Phishing 89

Phishing Social Engineering Accountability Engineering 89

The Hacker News

AUGUST 18, 2023

A coordinated law enforcement operation across 25 African countries has led to the arrest of 14 suspected cybercriminals, INTERPOL announced Friday. The exercise, conducted in partnership with AFRIPOL, enabled investigators to identify 20,674 cyber networks that were linked to financial losses of more than $40 million.

78

78

Security Affairs

AUGUST 18, 2023

An international law enforcement operation across 25 African countries has led to the arrest of 14 cybercriminals. A coordinated law enforcement operation conducted by INTERPOL and AFRIPOL across 25 African countries has led to the arrest of 14 suspected cybercriminals and the identification of 20,674 suspicious cyber networks. The operation demonstrates the surge in cybercriminal activities in the region.

Cybercrime 88

Cybercrime Scams Internet Internet 88

Bleeping Computer

AUGUST 18, 2023

While there was quite a bit of ransomware news this week, the highlighted story was the release of Jon DiMaggio's third article in the Ransomware Diaries series, with the focus of this article on the LockBit ransomware operation. [.

Ransomware 78

Ransomware 78

Advertisement

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

Identity Theft

Malwarebytes

AUGUST 18, 2023

Microsoft has re-released the August 2023 Security Updates (SUs) for Exchange Server. The original release of the SUs, from August 8 2023, had a localization issue with Exchange Server running on a non-English Operating Systems (OSes) that caused Setup to stop unexpectedly, leaving Exchange services in a disabled state. Exchange Online users are already protected from the vulnerabilities addressed by these Security Updates and do not need to take any action other than updating any Exchange serve

Accountability 79

Accountability Risk Cybersecurity 79

The Hacker News

AUGUST 18, 2023

A new "mass-spreading" social engineering campaign is targeting users of the Zimbra Collaboration email server with an aim to collect their login credentials for use in follow-on operations.

Social Engineering 73

Social Engineering Engineering 73

Heimadal Security

AUGUST 18, 2023

Researchers at Microsoft discovered a new version of the BlackCat ransomware. Dubbed ‘Sphynx’, this version embeds the Impacket networking framework and the Remcom hacking tool, both enabling spreading laterally across a breached network. Back in April, the cybersecurity researcher VX-Underground tweeted about a new BlackCat/ALPHV encryptor version called Sphynx after seeing a message BlackCat sent […] The post BlackCat Sphynx: The Ransomware Operation Evolves Once Again appeared first on

Ransomware 74

Ransomware Hacking Cybersecurity 74

Dark Reading

AUGUST 18, 2023

If rule writing for SIEMs isn't managed properly, it can lead to false positives and misconfigurations, which create extra work for the SOC team.

CISO 79

CISO 79

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

Cybersecurity

Heimadal Security

AUGUST 18, 2023

Zimbra Collaboration email servers worldwide are being targeted by threat actors. Recently, cybersecurity researchers have uncovered an ongoing phishing campaign, that has been underway since at least April 2023. Threat actors are sending phishing emails to organizations worldwide, with no specific focus on certain organizations or sectors, in an attempt to steal credentials.

Phishing 65

Phishing Cybersecurity 65

Dark Reading

AUGUST 18, 2023

In this Dark Reading News Desk segment, Brendan O'Connor, CEO and Co-Founder of AppOmni describes some of the biggest security challenges for securing software-as-a-service (SaaS) applications.

Software 71

Software 71

Heimadal Security

AUGUST 18, 2023

In today’s rapidly evolving digital landscape, cybersecurity has become a paramount concern for businesses and individuals alike. The increasing frequency and sophistication of cyberattacks have left organizations struggling to keep up with the relentless threats. Enter the webinar titled “Short Staffed in Cybersecurity? It’s Time for MXDR,” which aims to shed light on the challenges […] The post Short Staffed in Cybersecurity?

Cybersecurity 59

Cybersecurity Ransomware 59

Dark Reading

AUGUST 18, 2023

Interpol- and Afripol-led crackdown disrupts cybercrime ecosystem responsible for some $40 million in losses to victims.

Cybercrime 87

Cybercrime 87

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.