Tue.Nov 22, 2022

article thumbnail

Apple’s Device Analytics Can Identify iCloud Users

Schneier on Security

Researchers claim that supposedly anonymous device analytics information can identify users: On Twitter , security researchers Tommy Mysk and Talal Haj Bakry have found that Apple’s device analytics data includes an iCloud account and can be linked directly to a specific user, including their name, date of birth, email, and associated information stored on iCloud.

article thumbnail

FIRESIDE CHAT: Anchoring security on granular visibility, proactive management of all endpoints

The Last Watchdog

Endpoints are where all are the connectivity action is. Related: Ransomware bombardments. And securing endpoints has once more become mission critical. This was the focal point of presentations at Tanium’s Converge 2022 conference which I had the privilege to attend last week at the Fairmont Austin in the Texas capital. I had the chance to visit with Peter Constantine, Tanium’s Senior Vice President Product Management.

Internet 203
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Know thy enemy: thinking like a hacker can boost cybersecurity strategy

CSO Magazine

As group leader for Cyber Adversary Engagement at MITRE Corp., Maretta Morovitz sees value in getting to know the enemy – she can use knowledge about cyber adversaries to distract, trick, and deflect them and develop strategies to help keep threat actors from getting whatever they’re after. That could mean placing decoys and lures that exploit their expectations for what an attacker will find when they first hack into an environment, she says.

article thumbnail

What’s NEXT with Michael Ebel at Atmosfy

Cisco Security

Throughout my career, I have noticed the way we “futurize” technology. Often, we are thinking of technology in five-to-ten-year increments. But the fact of the matter is – technology is moving faster than we can keep up. The minute we think we understand it, it’s already onto something new. That’s why here at Cisco, we’re focused on what’s NEXT. We all know technology will continue to grow at a rapid pace, our goal is to remain at the forefront of these changes.

article thumbnail

Human-Centered Cyber Security Training: Driving Real Impact on Security Culture

Speaker: Speakers:

In today's digital age, having an untrained workforce can be a significant risk to your business. Cyber threats are evolving; without proper training, your employees could be the weakest link in your defense. This webinar empowers leaders like you with the tools and strategies needed to transform your employees into a robust frontline defense against cyber attacks.

article thumbnail

Ouch! Ransomware gang says it won’t attack AirAsia again due to the “chaotic organisation” and sloppy security of hacked company’s network

Graham Cluley

The Daixin ransomware gang has given a humiliating slap in the face to Air Asia, which lost the personal data of five million passengers and all of its employees earlier this month.

article thumbnail

Are Retailers Shopping for a Cybersecurity Breach?

Thales Cloud Protection & Licensing

Are Retailers Shopping for a Cybersecurity Breach? divya. Wed, 11/23/2022 - 07:07. Have you ever walked into your favorite store or restaurant, and when you tried to finalize your purchase, you were told that they could not process any credit cards? Have you ever thought that this might be the result of a successful breach and not because of a point-of sale (POS) malfunctioning?

Retail 127

More Trending

article thumbnail

5 API Vulnerabilities That Get Exploited by Criminals

Security Affairs

Let’s give a look at API vulnerabilities by reading the API Security Top 10 published by the Open Web Application Security Project (OWASP). It’s no secret that cyber security has become a leading priority for most organizations — especially those in industries that handle sensitive customer information. And as these businesses work towards building robust security strategies, it’s vital that they account for various threat vectors and vulnerabilities.

article thumbnail

Cybersecurity Pros Put Mastodon Flaws Under the Microscope

Dark Reading

As the open source social media network blows up due to Twitter's troubles, researchers caution about vulnerabilities within the application.

Media 127
article thumbnail

ICS cyberthreats in 2023 – what to expect

SecureList

Cybersecurity incidents were plentiful in 2022, causing many problems for industrial infrastructure owners and operators. However, luckily, we did not see any sudden or catastrophic changes in the overall threat landscape – none that were difficult to handle, despite many colorful headlines in the media. As we see it, the coming year looks to be much more complicated.

article thumbnail

Ransomware gang repents for spreading ransomware to AirAsia

CyberSecurity Insiders

Daixin, the Ransomware spreading group that hacked into the servers of AirAsia now seems to repent for its deeds, as it released a press statement that confirms that the victimized firm’s IT infrastructure, staff, and security are so poorly aligned that the said group of cyber criminals do not want to strike the same victim twice. What the press update means that the Malaysia’s largest air carrier is so frustrated with the way AirAsia was responding to its negotiation filled talks that it doesn’

article thumbnail

The Importance of User Roles and Permissions in Cybersecurity Software

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

article thumbnail

Microsoft Azure launches DDoS IP protection for SMBs

CSO Magazine

Microsoft is extending the Azure DDoS Protection family with a new product focusing on small and medium-size businesses (SMBs). The product, DDoS IP Protection for SMBs, was announced at Microsoft's Ignite conference and is now in public preview. DDoS IP Protection for SMBs is designed to provide enterprise-grade DDoS (distributed denial of service) protection at a price that's attractive to SMBs, Microsoft said.

DDOS 110
article thumbnail

Russian Killnet targets UK Royal Family websites

CyberSecurity Insiders

Killnet, the hacking group that works for Russian interests, is targeting UK’s Royal Family websites from the past few days. The attacks are of ‘Distributed Denial of Service (DDoS)’ variant and supposedly seem to take revenge digitally. It is already known to the entire world that the UK is supplying weapons, essentials and finances to Ukraine to sustain the 2-3 years long of intense war with Kremlin.

DDOS 110
article thumbnail

Security fatigue is real: Here’s how to overcome it

We Live Security

Do your own organization’s employees take more risks with valuable data because they’ve become desensitized to security guidance? Spot the symptoms before it’s too late. The post Security fatigue is real: Here’s how to overcome it appeared first on WeLiveSecurity.

Risk 105
article thumbnail

UK populace should be extra cautious about Cyber Frauds in this Christmas season

CyberSecurity Insiders

UK Populace has reportedly lost £1000 last year on an average and the figure is said to double up this year, as Christmas shopping period has arrived a week before. So, security experts are urging online shoppers to be extra cautious while buying products online and not fall for cyber frauds or Ponzi schemes. National Cyber Security Centre (NCSC) has issued a playbook on how the shoppers should browse on websites and what to do and what not, while buying gifts for their near and dear ones.

Passwords 107
article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

For two years security experts kept secret that they were helping Zeppelin ransomware victims decrypt their files

Graham Cluley

Researchers at cybersecurity firm Unit 221B have revealed that they have been secretly helping victims of the Zeppelin ransomware decrypt their computer systems since 2020.

article thumbnail

What is the Virginia Consumer Data Protection Act?

Digital Guardian

Learn why organizations will need to implement security practices to protect sensitive data under the Virginia Consumer Data Protection Act (VCDPA), set to go into effect in 2013.

98
article thumbnail

Policy trends: where are we today on regulation in cyberspace?

SecureList

This is the first edition of our policy analysis and observations of trends in the regulation of cyberspace, and cybersecurity, within the Kaspersky Security Bulletin. This year so far has been very challenging: increased tensions in international relations have had a huge impact on both cyberspace and cybersecurity. Further to this, we share below our key observations regarding the trends we believe have been the highlights of this year and have the potential to shape the future of cyberspace i

article thumbnail

Android file manager apps infect thousands with Sharkbot malware

Bleeping Computer

A new collection of malicious Android apps posing as harmless file managers had infiltrated the official Google Play app store, infecting users with the Sharkbot banking trojan. [.].

Banking 98
article thumbnail

Cybersecurity Predictions for 2024

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

article thumbnail

Qualys QSC Wrap-Up: Risk and Simplicity

Security Boulevard

For many organizations, the complexity of security and compliance is still beyond their reach. Also, striking a balance between security and people, process and technology versus the risk/reward was something that both security leaders and business leaders need to confront and deal with every day. Earlier this month in Las Vegas, Qualys held its annual.

Risk 98
article thumbnail

Emotet is back and delivers payloads like IcedID and Bumblebee

Security Affairs

The Emotet malware is back and experts warn of a high-volume malspam campaign delivering payloads like IcedID and Bumblebee. Proofpoint researchers warn of the return of the Emotet malware, in early November the experts observed a high-volume malspam campaign delivering payloads like IcedID and Bumblebee. The Emotet banking trojan has been active at least since 2014, the botnet is operated by a threat actor tracked as TA542.

Malware 98
article thumbnail

Surge of Fake FIFA World Cup Streaming Sites Targets Virtual Fans

Security Boulevard

Zscaler ThreatLabz is always on the lookout for threat actors trying to take advantage of major world news and events. The FIFA World Cup 2022 has brought with it a spike in cyber attacks targeting football fans through fake streaming sites and lottery scams, leveraging the rush and excitement around these uncommon events to infect users with malware.

Scams 98
article thumbnail

Researcher warns that Cisco Secure Email Gateways can easily be circumvented

Security Affairs

A researcher revealed how to bypass some of the filters in Cisco Secure Email Gateway appliance and deliver malware using specially crafted emails. An anonymous researcher publicly disclosed a series of techniques to bypass some of the filters in Cisco Secure Email Gateway appliance and deliver malware using specially crafted emails. The researcher pointed out that the attack complexity is low, it also added that working exploits have already been published by a third party.

article thumbnail

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

article thumbnail

Sensitive Data From Nuclear Facilities Leaked on Dark Web

Heimadal Security

Cybercrime activities targeting the nuclear industry worldwide have risen during the past eight months, according to Cyble, a global cyber intelligence start-up that monitors the dark web. Cyble claims that threat actors are taking advantage of the war in Ukraine to broaden their attack services. Since February this year, leaks were reported to have happened […].

article thumbnail

How to hack an unpatched Exchange server with rogue PowerShell code

Naked Security

Review your servers, your patches and your authentication policies - there's a proof-of-concept out.

Hacking 131
article thumbnail

What Is DNS Scavenging?

Heimadal Security

DNS scavenging is the process of removing stale DNS records, usually used together with DNS aging in order to free up space and improve system performance. In cybersecurity, in particular, DNS scavenging can help prevent DNS cache poisoning attacks and even reduce the chances of DNS servers being used in DDoS attacks. In this article […]. The post What Is DNS Scavenging?

DNS 97
article thumbnail

Hackers breach energy orgs via bugs in discontinued web server

Bleeping Computer

Microsoft said today that security vulnerabilities found to impact a web server discontinued since 2005 have been used to target and compromise organizations in the energy sector. [.].

95
article thumbnail

5 Key Findings From the 2023 FBI Internet Crime Report

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

article thumbnail

Aurora Stealer Malware is becoming a prominent threat in the cybercrime ecosystem

Security Affairs

Researchers warn of threat actors employing a new Go-based malware dubbed Aurora Stealer in attacks in the wild. Aurora Stealer is an info-stealing malware that was first advertised on Russian-speaking underground forums in April 2022. Aurora was offered as Malware-as-a-Service (MaaS) by a threat actor known as Cheshire. It is a multi-purpose botnet with data stealing and remote access capabilities.

article thumbnail

Nighthawk Likely to Become Hackers' New Post-Exploitation Tool After Cobalt Strike

The Hacker News

A nascent and legitimate penetration testing framework known as Nighthawk is likely to gain threat actors' attention for its Cobalt Strike-like capabilities. Enterprise security firm Proofpoint said it detected the use of the software in mid-September 2022 with a number of test emails sent using generic subject lines such as "Just checking in" and "Hope this works2.

article thumbnail

Crimeware and financial cyberthreats in 2023

SecureList

A look back on the year 2022 and what to expect in 2023. Every year, as part of the Kaspersky Security Bulletin, we predict which major trends will be followed in the coming year by attackers, who target financial organizations. The predictions, based on our extensive experience, help individuals and businesses improve their cybersecurity and prevent the vast range of possible risks.

article thumbnail

PII Breach Discovered on Bahmni Hospital Management System

Heimadal Security

On September 19th, 2022, a breach affecting Bahmni company was discovered. The Bahmni Hospital Management System was breached exposing the PII (Personal Identifiable Information) and EMR (Electronic Medical Record) of 197,497 users. Bahmni offers a comprehensive healthcare solution by combining several open-source products used by more than 500 websites in over 50 countries.

article thumbnail

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?