Thu.Dec 22, 2022

article thumbnail

Cisco Talos report: Threat actors use known Excel vulnerability

Tech Republic Security

The use of.XLL Excel files by threat actors to infect computers with malware is growing fast. Learn more about this relatively new technique and how to protect from it. The post Cisco Talos report: Threat actors use known Excel vulnerability appeared first on TechRepublic.

Malware 148
article thumbnail

Lastpass: Hackers stole customer vault data in cloud storage breach

Bleeping Computer

LastPass revealed today that attackers stole customer vault data after breaching its cloud storage earlier this year using information stolen during an August 2022 incident. [.].

145
145
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

The top cyber security stories of 2022

Security Boulevard

A look in the rearview can tell you a lot about the future, so we revisited the top cyber security stories of 2022 with experts in the field. The post The top cyber security stories of 2022 appeared first on Security Boulevard.

Internet 138
article thumbnail

Brave launches FrodoPIR, a privacy-focused database query system

Bleeping Computer

Brave Software developers have created a new privacy-centric database query system called FrodoPIR that retrieves data from servers without disclosing the content of user queries. [.].

Software 139
article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

Cloud Security Podcast?—?Two Years Later or Our Year-End Reflections for 2022!

Security Boulevard

Cloud Security Podcast — Two Years Later or Our Year-End Reflections for 2022! We have been running our Cloud Security Podcast by Google for almost 2 years ( TWO YEARS! ) and since we are on a break now, I wanted to reflect a bit, while Tim is relaxing on a beach somewhere warm and “ hammy” ?. So, we aired 102 episodes, but what was new in 2022? We explored a few new areas of cloud security.

article thumbnail

North Korea-linked hackers stole $626 million in virtual assets in 2022

Security Affairs

North Korea-linked threat actors have stolen an estimated $1.2 billion worth of cryptocurrency and other virtual assets in the past five years. South Korea’s spy agency, the National Intelligence Service, estimated that North Korea-linked threat actors have stolen an estimated 1.5 trillion won ($1.2 billion) in cryptocurrency and other virtual assets in the past five years.

More Trending

article thumbnail

Vice Society ransomware gang is using a custom locker

Security Affairs

The Vice Society ransomware group has adopted new custom ransomware, with a strong encryption scheme, in recent intrusions. SentinelOne researchers discovered that the Vice Society ransomware gang has started using a custom ransomware that implements a robust encryption scheme, using NTRUEncrypt and ChaCha20-Poly1305 algorithms. Vice Society ransomware has been active since June 2021, it is considered by researchers a spin-off of the HelloKitty ransomware , the malware targets both Windows and L

article thumbnail

Nation-state Hacking – What You Need to Know

Heimadal Security

Nation-state actors operate at a higher level than regular cybercriminals, posing critical challenges to cybersecurity. Today we’ll explore their common modus operandi, targets, and motivations, as well as what prevention strategies the business sector can apply against nation-state hacking. What Is Nation-state Hacking? Methodically planned and executed, nation-state cyberattacks are usually carried out by state-sponsored […].

Hacking 118
article thumbnail

A new Zerobot variant spreads by exploiting Apache flaws

Security Affairs

Microsoft spotted an upgraded variant of the Zerobot botnet that spreads by exploiting Apache vulnerabilities. Microsoft Threat Intelligence Center (MSTIC) researchers discovered a new variant of the Zerobot botnet (aka ZeroStresser) that was improved with the capabilities to target more Internet of Things (IoT) devices. The IT giant is tracking this cluster of threat activity as DEV-1061.

IoT 114
article thumbnail

Protecting a Network Without Concrete Boundaries

Security Boulevard

Communication service providers (CSPs) are required to invest more time, money and resources in security to build “digital trust” with their customers, especially as the openness of 5G environments and complexity of 5G services continue to grow. Further, we are seeing an increasing move away from bounded, self-contained networks to multi-cloud environments that lack a.

article thumbnail

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

article thumbnail

New Brand of Security Threats Surface in the Cloud

Dark Reading

Tech Insight report co-produced by Black Hat, Dark Reading, and Omdia examines how cloud security is evolving in a rapid race to beat threat actors to the (cloud) breach.

110
110
article thumbnail

Defense in Depth: Everything to Know About the Cybersecurity Model

Security Boulevard

Defense in depth is a cybersecurity strategy that utilizes multiple layers of security for holistic protection. Learn about its benefits, key layers and more. The post Defense in Depth: Everything to Know About the Cybersecurity Model appeared first on Security Boulevard.

article thumbnail

DuckDuckGo now blocks Google sign-in pop-ups on all sites

Bleeping Computer

DuckDuckGo apps and extensions are now blocking Google Sign-in pop-ups on all its apps and browser extensions, removing what it perceives as an annoyance and a privacy risk for its users. [.].

Risk 108
article thumbnail

How to share what you’ve learned from our audits

Security Boulevard

By Nick Selby Trail of Bits recently completed a security review of cURL, which is an amazing and ubiquitous tool for transferring data. We were really thrilled to see cURL founder and lead developer Daniel Stenberg write a blog post about the engagement and the report, and wanted to highlight some important things he pointed […]. The post How to share what you’ve learned from our audits appeared first on Security Boulevard.

110
110
article thumbnail

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

article thumbnail

How Marvel’s Avengers inspire Pinsent Masons CISO to adapt cybersecurity hiring

CSO Magazine

Cybersecurity’s ongoing battle with a “skills shortage” has seen the sector lose its way regarding talent hiring and retention, says Christian Toon, CISO at London-based law firm Pinsent Masons. In an industry crying out for diversity and innovation, this year’s number one UK CSO 30 Awards winner says he takes inspiration from the Marvel Comics universe to challenge traditional HR approaches and more effectively recruit and keep security talent.

CISO 107
article thumbnail

Ransomware and wiper signed with stolen certificates

SecureList

Introduction. On July 17, 2022, Albanian news outlets reported a massive cyberattack that affected Albanian government e-services. A few weeks later, it was revealed that the cyberattacks were part of a coordinated effort likely intended to cripple the country’s computer systems. On September 10, 2022, Albanian local news reported a second wave of cyberattacks targeting Albania’s TIMS, ADAM and MEMEX systems – the latter two systems critical for law enforcement – reportedly using the

article thumbnail

FIN7 hackers create auto-attack platform to breach Exchange servers

Bleeping Computer

The notorious FIN7 hacking group uses an auto-attack system that exploits Microsoft Exchange and SQL injection vulnerabilities to breach corporate networks, steal data, and select targets for ransomware attacks based on financial size. [.].

article thumbnail

The Week in Security: Okta says source code stolen. Also: SentinelSneak: PyPi moduel poses as security SDK

Security Boulevard

Welcome to the latest edition of The Week in Security, which brings you the latest headlines across the full stack of security: application security; cybersecurity; and beyond. This week: Okta is hit with a supply chain attack incident involving its private GitHub repositories. Also: ReversingLabs researchers discover a malicious PyPI package posing as a SentinelOne SDK client. .

article thumbnail

From Complexity to Clarity: Strategies for Effective Compliance and Security Measures

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.

article thumbnail

Comcast Xfinity accounts hacked in widespread 2FA bypass attacks

Bleeping Computer

​Comcast Xfinity customers report their accounts being hacked in widespread attacks that bypass two-factor authentication. These compromised accounts are then used to reset passwords for other services, such as the Coinbase and Gemini crypto exchanges. [.].

article thumbnail

Okta’s GitHub Breach: Insights and Recommendations

Security Boulevard

As recently reported, Okta recently experienced a security breach where the source code for its workforce identity cloud was stolen. As Silverfort partners with Okta, to protect our joint customers’ workforce identities we want to share with you our insights regarding this attack and subsequent precautionary steps organizations should take to strengthen their protection from.

104
104
article thumbnail

LastPass Admits to Severe Data Breach, Encrypted Password Vaults Stolen

The Hacker News

The August 2022 security breach of LastPass may have been more severe than previously disclosed by the company. The popular password management service on Thursday revealed that malicious actors obtained a trove of personal information belonging to its customers that include their encrypted password vaults by using data siphoned from the earlier break-in.

article thumbnail

Mike Fong on Chambers Talks

Security Boulevard

Privoro founder and CEO Mike Fong recently participated in a cybersecurity-focused discussion with fellow CEOs Vijay Balasubramaniyan (Pindrop) and Bipul Sinha (Rubrik), hosted by John Chambers of JC2 Ventures. You can listen to this episode of the Chambers Talks podcast through the link below. The post Mike Fong on Chambers Talks appeared first on Security Boulevard.

article thumbnail

Successful Change Management with Enterprise Risk Management

Speaker: William Hord, Vice President of ERM Services

A well-defined change management process is critical to minimizing the impact that change has on your organization. Leveraging the data that your ERM program already contains is an effective way to help create and manage the overall change management process within your organization. Your ERM program generally assesses and maintains detailed information related to strategy, operations, and the remediation plans needed to mitigate the impact on the organization.

article thumbnail

Don’t click too quick! FBI warns of malicious search engine ads

Graham Cluley

The FBI is warning US consumers that cybercriminals are placing ads in search engine results that impersonate well-known brands, in an attempt to spread ransomware and steal financial information. Read more in my article on the Tripwire State of Security blog.

article thumbnail

Queensland University of Technology hit by Ransomware

CyberSecurity Insiders

A ransomware hit Queensland University of Technology (QUT) in the early hours of today, crippling a portion of the institute’s network from the past 5 hours. The second largest University seems to have been hit badly as whole of the printers operating in the campus are displaying the ransomware note. Margrett Sheil, the University Chancellor of the technology-based institute, has confirmed the incident and was embarrassed to express her deep regrets that her own office printer stopped working fr

article thumbnail

Threat Actors Use Search Engine Ads for Ransomware and Phishing Attacks

Heimadal Security

Threat actors use search engines to advertise websites that spread ransomware or steal login credentials. The ads for various impersonated businesses and services appear at the top of search results and guide the victim to websites that spoof almost perfectly the real ones. The announcement was made by the FBI, which warns that: When a […]. The post Threat Actors Use Search Engine Ads for Ransomware and Phishing Attacks appeared first on Heimdal Security Blog.

article thumbnail

Vice Society ransomware gang switches to new custom encryptor

Bleeping Computer

The Vice Society ransomware operation has switched to using a custom ransomware encrypt that implements a strong, hybrid encryption scheme based on NTRUEncrypt and ChaCha20-Poly1305. [.].

article thumbnail

ERM Program Fundamentals for Success in the Banking Industry

Speaker: William Hord, Senior VP of Risk & Professional Services

Enterprise Risk Management (ERM) is critical for industry growth in today’s fast-paced and ever-changing risk landscape. When building your ERM program foundation, you need to answer questions like: Do we have robust board and management support? Do we understand and articulate our bank’s risk appetite and how that impacts our business units? How are we measuring and rating our risk impact, likelihood, and controls to mitigate our risk?

article thumbnail

Critical Security Flaw Reported in Passwordstate Enterprise Password Manager

The Hacker News

Multiple high-severity vulnerabilities have been disclosed in Passwordstate password management solution that could be exploited by an unauthenticated remote adversary to obtain a user's plaintext passwords.

article thumbnail

The Anatomy of Pharming and How to Prevent It

Heimadal Security

‘Pharming’ is a type of cyberattack that uses malicious software to redirect traffic from a seemingly legitimate website to a fake one belonging to an attacker. For a pharming attack to be successful, the attacker must either modify the hosts file on the victim’s computer or take advantage of a vulnerability in the DNS server […]. The post The Anatomy of Pharming and How to Prevent It appeared first on Heimdal Security Blog.

DNS 90
article thumbnail

Why zero knowledge matters

InfoWorld on Security

The information age continues to unfold in fits and starts, and the rise of blockchain is among the most compelling current trends. It turns out that public key cryptography, a long stable technology, was latent with undiscovered possibilities. Blockchain is a reimagining of secure communication technology. When the histories of the internet and blockchain dovetail, we will look back on an advancing tide of increasingly sophisticated modes of online interaction.

article thumbnail

France Fines Microsoft €60 Million for Using Advertising Cookies Without User Consent

The Hacker News

France's privacy watchdog has imposed a €60 million ($63.88 million) fine against Microsoft's Ireland subsidiary for dropping advertising cookies in users' computers without their explicit consent in violation of data protection laws in the European Union.

article thumbnail

Cover Your SaaS: How to Overcome Security Challenges and Risks For Your Organization

Speaker: Ronald Eddings, Cybersecurity Expert and Podcaster

So, you’ve accomplished an organization-wide SaaS adoption. It started slow, and now just a few team members might be responsible for running Salesforce, Slack, and a few others applications that boost productivity, but it’s all finished. Or is it? Through all the benefits offered by SaaS applications, it’s still a necessity to onboard providers as quickly as possible.