Mon.May 29, 2023

article thumbnail

New hacking forum leaks data of 478,000 RaidForums members

Bleeping Computer

A database for the notorious RaidForums hacking forums has been leaked online, allowing threat actors and security researchers insight into the people who frequented the forum. [.

Hacking 136
article thumbnail

US Augusta City targeted by BlackByte Ransomware Group

CyberSecurity Insiders

The City of Augusta in the United States has been struggling to regain control of its computer network as hackers spread ransomware, reportedly stealing data and encrypting the database until a ransom is paid. To substantiate their claims, the BlackByte ransomware group, responsible for the incident, has posted 10GB of sample data and threatened to release more if the victim fails to pay the demanded sum.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Hackers hold city of Augusta hostage in a ransomware attack

CSO Magazine

BlackByte group has claimed responsibility for a ransomware attack on the city of Augusta in Georgia. The ransomware group has posted 10GB of sample data for free and claimed they have a lot more data available. “We have lots of sensitive data. Many people would like to see that as well as the media. You were given time to connect us but it seems like you are sleepy,” the screenshot shared by security researcher Brett Callow, who is also a threat analyst at Emsisoft.

article thumbnail

New BrutePrint Attack Lets Attackers Unlock Smartphones with Fingerprint Brute-Force

The Hacker News

Researchers have discovered an inexpensive attack technique that could be leveraged to brute-force fingerprints on smartphones to bypass user authentication and seize control of the devices.

article thumbnail

Human-Centered Cyber Security Training: Driving Real Impact on Security Culture

Speaker: Speakers:

In today's digital age, having an untrained workforce can be a significant risk to your business. Cyber threats are evolving; without proper training, your employees could be the weakest link in your defense. This webinar empowers leaders like you with the tools and strategies needed to transform your employees into a robust frontline defense against cyber attacks.

article thumbnail

Insider risk management: Where your program resides shapes its focus

CSO Magazine

There’s no getting around it, I am long in the tooth and have been dealing with individuals who break trust within their work environment for more than 30 years, both in government (where we called it counterespionage or counterintelligence) and in the private sector. Today we call programs that help prevent or identify breaches of trust insider risk management (IRM).

Risk 109
article thumbnail

Void Rabisu’s Use of RomCom Backdoor Shows a Growing Shift in Threat Actors’ Goals

Trend Micro

Void Rabisu, a malicious actor believed to be associated with the RomCom backdoor, was thought to be driven by financial gain because of its ransomware attacks. But in this blog entry, we discuss how the use of the RomCom backdoor in recent attacks shows how Void Rabisu's motives seem to have changed since at least October 2022.

More Trending

article thumbnail

New phishing technique poses as a browser-based file archiver

CSO Magazine

A new phishing technique can leverage the “file archiver in browser” exploit to emulate an archiving software in the web browser when a victim visits a.zip domain, according to a security researcher identifying as mr.d0x. The attacker essentially simulates a file archiving software like WinRAR in the browser and masks it under the.zip domain to stage the phishing attack.

Phishing 100
article thumbnail

Don't Click That ZIP File! Phishers Weaponizing.ZIP Domains to Trick Victims

The Hacker News

A new phishing technique called "file archiver in the browser" can be leveraged to "emulate" a file archiver software in a web browser when a victim visits a.ZIP domain. "With this phishing attack, you simulate a file archiver software (e.g., WinRAR) in the browser and use a.zip domain to make it appear more legitimate," security researcher mr.d0x disclosed last week.

article thumbnail

MCNA Dental data breach impacts 8.9 million people after ransomware attack

Bleeping Computer

Managed Care of North America (MCNA) Dental has published a data breach notification on its website, informing almost 9 million patients that their personal data were compromised. [.

article thumbnail

New GobRAT Remote Access Trojan Targeting Linux Routers in Japan

The Hacker News

Linux routers in Japan are the target of a new Golang remote access trojan (RAT) called GobRAT. "Initially, the attacker targets a router whose WEBUI is open to the public, executes scripts possibly by using vulnerabilities, and finally infects the GobRAT," the JPCERT Coordination Center (JPCERT/CC) said in a report published today.

article thumbnail

The Importance of User Roles and Permissions in Cybersecurity Software

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

article thumbnail

New Phishing Kit: File Archivers in the Browser

Heimadal Security

A new phishing kit, “File Archivers in the Browser” abuses ZIP domains. The kit displays bogus WinRAR or Windows File Explorer windows in the browser. The goal is to convince users to launch malicious processes. Google just enabled this month a new feature that allows websites and emails to register ZIP TLD domains. For example, […] The post New Phishing Kit: File Archivers in the Browser appeared first on Heimdal Security Blog.

article thumbnail

The Top Threats to Cloud Infrastructure Security and How to Address Them

Security Boulevard

Cloud computing has become a critical technology for businesses of all sizes. It offers many benefits, including cost savings, scalability, and flexibility. However, the security of cloud infrastructure is still a concern for many organizations. As cloud infrastructure grows in popularity, so do the risks and threats. This blog post will discuss the major cloud […] The post The Top Threats to Cloud Infrastructure Security and How to Address Them appeared first on PeoplActive.

article thumbnail

New Go-written GobRAT RAT targets Linux Routers in Japan

Security Affairs

A new Golang remote access trojan (RAT), tracked as GobRAT, is targeting Linux routers in Japan, the JPCERT Coordination Center warns. JPCERT/CC is warning of cyberattacks against Linux routers in Japan that have been infected with a new Golang remote access trojan (RAT) called GobRAT. Threat actors are targeting Linux routers with publicly exposed WEBUI to execute malicious scripts to deploy the GobRAT malware. “Initially, the attacker targets a router whose WEBUI is open to the public, e

article thumbnail

Lazarus hackers target Windows IIS web servers for initial access

Bleeping Computer

The notorious North Korean state-backed hackers, known as the Lazarus Group, are now targeting vulnerable Windows Internet Information Services (IIS) web servers to gain initial access to corporate networks. [.

article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

Researchers analyzed the PREDATOR spyware and its loader Alien

Security Affairs

Cisco Talos and the Citizen Lab researchers have published a technical analysis of the powerful Android spyware Predator. Security researchers at Cisco Talos and the Citizen Lab have shared technical details about a commercial Android spyware named Predator that is sold by the surveillance firm Intellexa (formerly known as Cytrox). The researchers focused their analysis on two components of the mobile spyware implant, respectively tracked as “ALIEN” and “PREDATOR.” “PREDATOR is an interest

Spyware 96
article thumbnail

Cybersecurity news headlines trending on Google

CyberSecurity Insiders

MCNA, also known as Managed Care of North American Dental, has issued a statement on its website regarding a data breach it is currently experiencing, which has compromised the information of over 9 million patients. As the largest government-sponsored health insurance organization, MCNA states that its systems were possibly infiltrated on February 26th, 2023, but the breach was only identified by its IT staff in the first week of March this year.

article thumbnail

Attackers use encrypted RPMSG messages in Microsoft 365 targeted phishing attacks

Security Affairs

Experts warn of phishing attacks that are combining the use of compromised Microsoft 365 accounts and.rpmsg encrypted emails. Trustwave researchers have observed threat actors using encrypted RPMSG attachments sent via compromised Microsoft 365 accounts in a phishing campaign aimed at stealing Microsoft credentials. RPMSG files are used to deliver e-mails with Rights-Managed Email Object Protocol enabled.

article thumbnail

3 Challenges in Building a Continuous Threat Exposure Management (CTEM) Program and How to Beat Them

The Hacker News

If you're a cybersecurity professional, you're likely familiar with the sea of acronyms our industry is obsessed with. From CNAPP, to CWPP, to CIEM and all of the myriad others, there seems to be a new initialism born each day.

article thumbnail

Cybersecurity Predictions for 2024

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

article thumbnail

Lockbit ransomware attack on MCNA Dental impacts 8.9M individuals

Security Affairs

Managed Care of North America (MCNA) Dental disclosed a data breach that impacted more than 8.9 million individuals. Managed Care of North America (MCNA) Dental suffered a data breach that impacted 8,923,662 patients. MCNA Dental is one of the largest US dental care and oral health insurance providers. The security breach exposed the personal information of current or former provider of dental/orthodontic care to members of certain state Medicaid and Children’s Health Insurance Programs, for whi

article thumbnail

AceCryptor: Cybercriminals' Powerful Weapon, Detected in 240K+ Attacks

The Hacker News

A crypter (alternatively spelled cryptor) malware dubbed AceCryptor has been used to pack numerous strains of malware since 2016. Slovak cybersecurity firm ESET said it identified over 240,000 detections of the crypter in its telemetry in 2021 and 2022. This amounts to more than 10,000 hits per month.

Malware 87
article thumbnail

Barracuda Networks patches zero-day vulnerability in Email Security Gateway

Malwarebytes

On May 20, Barracuda Networks issued a patch for a zero day vulnerability in its Email Security Gateway (ESG) appliance. The vulnerability existed in a module which initially screens the attachments of incoming emails, and was discovered on May 19. Barracuda's investigation showed that the vulnerability resulted in unauthorized access to a subset of email gateway appliances.

Risk 83
article thumbnail

Keep Your Valuable Artwork Safe When Moving It

SecureBlitz

Here, I will show you how to keep your valuable artwork safe when moving it. Due to the high value and delicate nature of artwork and antiques, moving with them may be a difficult experience. Irreplaceable works of art, sculptures, and other collectibles are highly prized by their owners. Any kind of loss or damage […] The post Keep Your Valuable Artwork Safe When Moving It appeared first on SecureBlitz Cybersecurity.

article thumbnail

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

article thumbnail

Protect your business network with PureDome

Graham Cluley

Graham Cluley Security News is sponsored this week by the folks at PureDome. Thanks to the great team there for their support! PureDome offers a secure, quick, reliable solution that enhances and safeguards business network security. With seamless deployment, you can effortlessly expand your corporate network without sacrificing performance.

article thumbnail

Top Cyberattacks Revealed in New Threat Intelligence Report

Dark Reading

New report provides actionable intelligence about attacks, threat actors, and campaigns.

87
article thumbnail

Kali Linux 2023.2 Release (Hyper-V & PipeWire)

Kali Linux

Quick off the mark from previous 10 year anniversary , Kali Linux 2023.2 is now here. It is ready for immediate download or upgrading if you have an existing Kali Linux installation. The changelog highlights over the last few weeks since March’s release of 2023.1 is: New VM image for Hyper-V - With “Enhanced Session Mode” out of the box Xfce audio stack update: enters PipeWire - Better audio for Kali’s default desktop i3 desktop overhaul - i3-gaps merged with i3 Desktop u

article thumbnail

API7:2019 Security Misconfiguration: The What, Sample Exploits, and Prevention Methods

Security Boulevard

Security misconfigurations are very common security risks, not just in web applications but also in APIs. They have been consistently part of the OWASP Top 10 Web Application Vulnerabilities. They. The post API7:2019 Security Misconfiguration: The What, Sample Exploits, and Prevention Methods appeared first on Indusface. The post API7:2019 Security Misconfiguration: The What, Sample Exploits, and Prevention Methods appeared first on Security Boulevard.

Risk 52
article thumbnail

5 Key Findings From the 2023 FBI Internet Crime Report

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

article thumbnail

From Data Chaos to Data Mastery How to Build and Scale Data Lakes with AWS Services

Security Boulevard

In today’s data-driven world, organizations are faced with an ever-increasing volume of data from various sources. To extract meaningful insights and drive informed decision-making, it is essential to have a well-structured and scalable data management strategy in place. This is where data lakes, combined with AWS services, come into play. In this blog post, we […] The post From Data Chaos to Data Mastery How to Build and Scale Data Lakes with AWS Services appeared first on PeoplActive.

52
article thumbnail

How to Secure Your SCM Repositories with GitGuardian Honeytokens

Security Boulevard

Protect your code and secure your repositories with honeytokens. Learn how to create and add these digital traps to your SCM repositories and how GitGuardian helps you stay alert to potential threats. Read on for best practices and tips to make the most out of honeytokens. The post How to Secure Your SCM Repositories with GitGuardian Honeytokens appeared first on Security Boulevard.

52
article thumbnail

United States of America: Memorial Day 2023

Security Boulevard

Photograph Courtesy of the United States Marine Corps , Photographer: Caitlin Brink, CPL, USMC Permalink The post United States of America: Memorial Day 2023 appeared first on Security Boulevard.

52
article thumbnail

Protecting your business: Advice to SMB CEOs from a former CIO

Security Boulevard

The acronym CIO is sometimes understood to stand for “Career Is Over,” and here’s why: Business leaders in charge of information technology are not only tasked with driving automation, productivity, business intelligence, digitization, and cloud platforms, but often also with cybersecurity. The post Protecting your business: Advice to SMB CEOs from a former CIO appeared first on Security Boulevard.

article thumbnail

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?