Schneier on Security

FEBRUARY 3, 2023

Interesting research: “ Facial Misrecognition Systems: Simple Weight Manipulations Force DNNs to Err Only on Specific Persons “: Abstract: In this paper we describe how to plant novel types of backdoors in any facial recognition model based on the popular architecture of deep Siamese neural networks, by mathematically changing a small fraction of its weights (i.e., without using any additional training or optimization).

Architecture 247

Architecture 247

Tech Republic Security

FEBRUARY 3, 2023

A data retention policy is the first step in helping protect an organization's data and avoid financial, civil, and criminal penalties that increasingly accompany poor data management practices. This article outlines what a data retention policy is and why it's important in your organization. The post The importance of data retention policies appeared first on TechRepublic.

Big data 155

Big data Backups Government 155

Schneier on Security

FEBRUARY 3, 2023

A Hacker’s Mind will be published on Tuesday. I have done a written interview and a podcast interview about the book. It’s been chosen as a “ February 2023 Must-Read Book ” by the Next Big Idea Club. And an “Editor’s Pick”—whatever that means—on Amazon. There have been three reviews so far. I am hoping for more.

186

186

Bleeping Computer

FEBRUARY 3, 2023

Admins, hosting providers, and the French Computer Emergency Response Team (CERT-FR) warn that attackers actively target VMware ESXi servers unpatched against a two-year-old remote code execution vulnerability to deploy ransomware. [.

Ransomware 142

Ransomware 142

Speaker: Erroll Amacker

Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.

Risk

Security Boulevard

FEBRUARY 3, 2023

Anker said its Eufy cameras never send unencrypted video. But a couple of months ago, researchers discovered they did. Despite the clear evidence, Anker denied, delayed and deflected. The post Anker’s Eufy Admits ‘Lie’ After TWO Months — Still no Apology appeared first on Security Boulevard.

IoT 122

IoT Encryption Internet Internet 122

InfoWorld on Security

FEBRUARY 3, 2023

Devops or devsecops (I’ll use devops for this post) is more than just a fast way to build and deploy software within the cloud and on traditional systems. It’s now a solid standard, with best practices, processes, and widely accepted tools. However, as multicloud becomes the new path to cloud computing, I’m asked how it will impact existing devops programs.

Technology 118

Technology Software 118

Security Boulevard

FEBRUARY 3, 2023

More than three-quarters (77%) of IT decision makers are concerned about the likely risk of a data breach within the next three years, according to an Adastra report. The survey of 882 IT professionals throughout the United States and Canada, conducted by Forum Research, revealed organizations continue to bolster their cybersecurity defenses to counter this risk.

Data breaches 117

Data breaches Risk Cybersecurity 117

The Hacker News

FEBRUARY 3, 2023

The Iranian nation-state hacking group known as OilRig has continued to target government organizations in the Middle East as part of a cyber espionage campaign that leverages a new backdoor to exfiltrate data.

Accountability 110

Accountability Government Hacking 110

Quick Heal Antivirus

FEBRUARY 3, 2023

There has been a steep rise in Cryptojacking attacks by cybercriminal groups to infiltrate networks and stealthily mine. The post Cryptojacking on the Rise appeared first on Quick Heal Blog | Latest computer security news, tips, and advice.

Cryptocurrency 105

Cryptocurrency Cybercrime Ransomware Malware 105

Heimadal Security

FEBRUARY 3, 2023

In a previous article, we talked about the core differences (and similarities) between SOAR and XDR. And because no SecOps specialist should be without an adequate toolkit, here are some SOAR tools you can try out to up your security automation game. Good hunting and enjoy the read! Best Open Source SOAR Tools Let’s get […] The post Top 10 SOAR Tools to Enhance Your SecOps Experience appeared first on Heimdal Security Blog.

105

105

Advertisement

Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.

Cyber threats

SecureWorld News

FEBRUARY 3, 2023

The North Korean state-sponsored cybergang known as Lazarus Group has been identified as the force behind a new cyber espionage campaign that allowed the group to stealthily steal 100GB of data from victims. The campaign was given the nickname "No Pineapple!" due to an error message found in a backdoor used by the group. The campaign was discovered by Finnish cybersecurity firm WithSecure , which was investigating a potential ransomware incident.

Hacking 104

Hacking Healthcare Malware Cryptocurrency 104

The Hacker News

FEBRUARY 3, 2023

Cybersecurity is quickly becoming one of the most significant growth drivers for Managed Service Providers (MSPs). That's the main insight from a recent study from Lumu: in North America, more than 80% of MSPs cite cybersecurity as a primary growth driver of their business.

Business Services 100

Business Services Cybersecurity 100

Security Affairs

FEBRUARY 3, 2023

Atlassian fixed a critical flaw in Jira Service Management Server and Data Center that can allow an attacker to impersonate another user and gain access to a Jira Service Management instance. Atlassian has released security updates to address a critical vulnerability in Jira Service Management Server and Data Center, tracked as CVE-2023-22501 (CVSS score: 9.4), that could be exploited by an attacker to impersonate another user and gain unauthorized access to other Jira Service Management instanc

Authentication 98

Authentication Software Hacking Accountability 98

Heimadal Security

FEBRUARY 3, 2023

A Google ads malvertising campaign was found using KoiVM virtualization technology to install the Formbook data stealer without being spotted by antiviruses. MalVirt loaders are promoted by threat actors in advertising that appears to be for the Blender 3D program. The downloads presented by the fraudulent sites try spoofing Microsoft, Acer, DigiCert, Sectigo, and AVG […] The post Hackers Abuse Google Ads to Send Antivirus Avoiding Malware appeared first on Heimdal Security Blog.

Antivirus 98

Antivirus Malware Advertising Technology 98

Advertisement

The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.

Cybersecurity

Security Affairs

FEBRUARY 3, 2023

VMware addressed a high-severity privilege escalation vulnerability, tracked as CVE-2023-20854, in VMware Workstation. VMware fixed a high-severity privilege escalation flaw, tracked as CVE-2023-20854, that impacts Workstation. An attacker can exploit the vulnerability to delete arbitrary files on Workstation version 17.x for Windows OS. “An arbitrary file deletion vulnerability in VMware Workstation was privately reported to VMware.

Hacking 98

Hacking Information Security 98

Heimadal Security

FEBRUARY 3, 2023

The LockBit ransomware gang has resumed using encryptors based on other operations, switching to one based on the Conti ransomware‘s leaked source code. Since its inception, the LockBit operation has gone through several iterations of its encryptor, beginning with a custom one and progressing to LockBit 3.0 (aka LockBit Black), which is based on the […] The post LockBit Goes ‘Green’: How the New Conti-Based Encryptor Is Changing the Ransomware Game appeared first on Heimd

Ransomware 98

Ransomware Cybersecurity 98

Security Affairs

FEBRUARY 3, 2023

Cisco fixed a high-severity flaw in the IOx application hosting environment that can be exploited in command injection attacks. Cisco has released security updates to address a command injection vulnerability, tracked as CVE-2023-20076, in the Cisco IOx application hosting environment. “A vulnerability in the Cisco IOx application hosting environment could allow an authenticated, remote attacker to execute arbitrary commands as root on the underlying host operating system.” reads the

Software 98

Software Authentication Hacking Information Security 98

Security Boulevard

FEBRUARY 3, 2023

Fortinet this week rolled out additional security operations center (SOC) augmentation services and expanded the training programs it provides via the Fortinet Training Institute. Karin Shopen, vice president of cybersecurity solutions and services for Fortinet, said the goal is to make it simpler for organizations to rely on external services to help close the skills.

Cybersecurity 98

Cybersecurity Security Awareness 98

Speaker: Sierre Lindgren

Fraud is a battle that every organization must face – it’s no longer a question of “if” but “when.” Every organization is a potential target for fraud, and the finance department is often the bullseye. From cleverly disguised emails to fraudulent payment requests, the tactics of cybercriminals are advancing rapidly. Drawing insights from real-world cases and industry expertise, we’ll explore the vulnerabilities in your processes and how to fortify them effectively.

Scams

Security Affairs

FEBRUARY 3, 2023

Russia-linked threat actor Gamaredon employed new spyware in cyber attacks aimed at public authorities and critical information infrastructure in Ukraine. The State Cyber Protection Centre (SCPC) of Ukraine warns of a new wave of targeted attacks conducted by the Russia-linked APT group Gamaredon (aka Shuckworm, Actinium, Armageddon, Primitive Bear, UAC-0010, and Trident Ursa).

Malware 98

Malware Spyware DNS Government 98

The Hacker News

FEBRUARY 3, 2023

VMware ESXi hypervisors are the target of a new wave of attacks designed to deploy ransomware on compromised systems. "These attack campaigns appear to exploit CVE-2021-21974, for which a patch has been available since February 23, 2021," the Computer Emergency Response Team (CERT) of France said in an advisory on Friday.

Ransomware 98

Ransomware 98

Security Affairs

FEBRUARY 3, 2023

Threat actors started exploiting a critical Oracle E-Business Suite flaw, tracked as CVE-2022-21587, shortly after a PoC was published. Shadowserver researchers warn that threat actors have started attempting to exploit critical Oracle E-Business Suite flaw (CVE-2022-21587) shortly after a PoC was published. Since Jan 21st we are seeing exploitation attempts in our honeypot sensors for Oracle E-Business Suite CVE-2022-21587 (CVSS 9.8 RCE) shortly after a PoC was published.

Firewall 98

Firewall Hacking Cybersecurity Information Security 98

Security Boulevard

FEBRUARY 3, 2023

This is Part II of our first blog of the new year, one in which we tackle 2023’s top cyber challenges and provide the information you need to make you ready. The post Seceon 2023 Cybersecurity Predictions by Seceon Thought Leadership appeared first on Seceon. The post Seceon 2023 Cybersecurity Predictions by Seceon Thought Leadership appeared first on Security Boulevard.

Cybersecurity 98

Cybersecurity Ransomware 98

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

WIRED Threat Level

FEBRUARY 3, 2023

A popular military tool during the Cold War, spy balloons have since fallen out of favor—for good reason.

98

98

Security Boulevard

FEBRUARY 3, 2023

Recent years have seen an uptick in software audits, with more companies being asked to provide evidence of licensing compliance. This is largely due to the fact that organizations are now using more software than ever before, with an increasing number of employees working remotely. Watchdog groups like the Business Software Alliance (BSA) and the.

Software 98

Software Security Awareness Risk Government 98

Heimadal Security

FEBRUARY 3, 2023

Whether your company is subject to stringent cybersecurity regulatory requirements or you want to strengthen your overall security, encryption as a service is an effective way to protect sensitive data at rest and in transit. The thing is, many businesses need help properly encrypting all the data on their machines, servers, and the cloud. And […] The post What Is Encryption as a Service (EaaS)?

Encryption 98

Encryption Cybersecurity 98

Malwarebytes

FEBRUARY 3, 2023

Today we have a ten minute YouTube expedition into the murky world of ransomware. In the video, "The rise of multi-threat ransomware" (embedded below), I cover a couple of key talking points that always seem to come up in conversation. Single, double, triple? The video covers how ransomware made the leap from “just” encrypting your files to double- or even triple-threat ransomware.

Ransomware 98

Ransomware Cyber Insurance Insurance Encryption 98

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

The Hacker News

FEBRUARY 3, 2023

Two new security weaknesses discovered in several electric vehicle (EV) charging systems could be exploited to remotely shut down charging stations and even expose them to data and energy theft. The findings, which come from Israel-based SaiFlow, once again demonstrate the potential risks facing the EV charging infrastructure. The issues have been identified in version 1.

Risk 98

Risk 98

Malwarebytes

FEBRUARY 3, 2023

Today we have a fascinating tale of a business email compromise (BEC) group steering clear of targeting executives, in favour of fouling up supply chains instead. The attack, which may sound overly complicated, is a fairly streamlined attack with the intention of making a lot of money. BEC: What is it? BEC follows a few different patterns, but primarily revolves around an approach by a criminal who has compromised or spoofed an executive-level email account.

Social Engineering 98

Social Engineering Scams Accountability Retail 98

The Hacker News

FEBRUARY 3, 2023

A zero-day vulnerability affecting Fortra's GoAnywhere MFT managed file transfer application is being actively exploited in the wild. Details of the flaw were first publicly shared by security reporter Brian Krebs on Mastodon. No public advisory has been published by Fortra.

97

97

Malwarebytes

FEBRUARY 3, 2023

The Cybersecurity and Infrastructure Security Agency (CISA) maintains a “ known exploited vulnerabilities catalog ” which can be useful if you need help prioritizing the patching of vulnerabilities. In essence it is a long list of vulnerabilities that are actually being used by criminals to do harm, with deadlines for fixing them. Many organizations are running a plethora of software and Internet-facing devices and vulnerabilities that can be used to exploit them are found every day.

Software 97

Software Cybersecurity Internet Internet 97

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!