Schneier on Security

FEBRUARY 3, 2023

Interesting research: “ Facial Misrecognition Systems: Simple Weight Manipulations Force DNNs to Err Only on Specific Persons “: Abstract: In this paper we describe how to plant novel types of backdoors in any facial recognition model based on the popular architecture of deep Siamese neural networks, by mathematically changing a small fraction of its weights (i.e., without using any additional training or optimization).

Architecture 206

Architecture 206

Bleeping Computer

FEBRUARY 3, 2023

Admins, hosting providers, and the French Computer Emergency Response Team (CERT-FR) warn that attackers actively target VMware ESXi servers unpatched against a two-year-old remote code execution vulnerability to deploy ransomware. [.

Ransomware 143

Ransomware 143

Schneier on Security

FEBRUARY 3, 2023

A Hacker’s Mind will be published on Tuesday. I have done a written interview and a podcast interview about the book. It’s been chosen as a “ February 2023 Must-Read Book ” by the Next Big Idea Club. And an “Editor’s Pick”—whatever that means—on Amazon. There have been three reviews so far. I am hoping for more.

147

147

Security Boulevard

FEBRUARY 3, 2023

Anker said its Eufy cameras never send unencrypted video. But a couple of months ago, researchers discovered they did. Despite the clear evidence, Anker denied, delayed and deflected. The post Anker’s Eufy Admits ‘Lie’ After TWO Months — Still no Apology appeared first on Security Boulevard.

IoT 120

IoT Encryption Internet Internet 120

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Tech Republic Security

FEBRUARY 3, 2023

A data retention policy is the first step in helping protect an organization's data and avoid financial, civil, and criminal penalties that increasingly accompany poor data management practices. This article outlines what a data retention policy is and why it's important in your organization. The post The importance of data retention policies appeared first on TechRepublic.

Big data 107

Big data Backups Government 107

InfoWorld on Security

FEBRUARY 3, 2023

Devops or devsecops (I’ll use devops for this post) is more than just a fast way to build and deploy software within the cloud and on traditional systems. It’s now a solid standard, with best practices, processes, and widely accepted tools. However, as multicloud becomes the new path to cloud computing, I’m asked how it will impact existing devops programs.

Technology 118

Technology Software 118

Security Boulevard

FEBRUARY 3, 2023

More than three-quarters (77%) of IT decision makers are concerned about the likely risk of a data breach within the next three years, according to an Adastra report. The survey of 882 IT professionals throughout the United States and Canada, conducted by Forum Research, revealed organizations continue to bolster their cybersecurity defenses to counter this risk.

Data breaches 117

Data breaches Risk Cybersecurity 117

Quick Heal Antivirus

FEBRUARY 3, 2023

There has been a steep rise in Cryptojacking attacks by cybercriminal groups to infiltrate networks and stealthily mine. The post Cryptojacking on the Rise appeared first on Quick Heal Blog | Latest computer security news, tips, and advice.

Cryptocurrency 104

Cryptocurrency Cybercrime Ransomware Malware 104

Security Boulevard

FEBRUARY 3, 2023

Fortinet this week rolled out additional security operations center (SOC) augmentation services and expanded the training programs it provides via the Fortinet Training Institute. Karin Shopen, vice president of cybersecurity solutions and services for Fortinet, said the goal is to make it simpler for organizations to rely on external services to help close the skills.

Cybersecurity 98

Cybersecurity Security Awareness 98

The Hacker News

FEBRUARY 3, 2023

VMware ESXi hypervisors are the target of a new wave of attacks designed to deploy ransomware on compromised systems. "These attack campaigns appear to exploit CVE-2021-21974, for which a patch has been available since February 23, 2021," the Computer Emergency Response Team (CERT) of France said in an advisory on Friday.

Ransomware 95

Ransomware 95

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Security Boulevard

FEBRUARY 3, 2023

This is Part II of our first blog of the new year, one in which we tackle 2023’s top cyber challenges and provide the information you need to make you ready. The post Seceon 2023 Cybersecurity Predictions by Seceon Thought Leadership appeared first on Seceon. The post Seceon 2023 Cybersecurity Predictions by Seceon Thought Leadership appeared first on Security Boulevard.

Cybersecurity 98

Cybersecurity Ransomware 98

Heimadal Security

FEBRUARY 3, 2023

A Google ads malvertising campaign was found using KoiVM virtualization technology to install the Formbook data stealer without being spotted by antiviruses. MalVirt loaders are promoted by threat actors in advertising that appears to be for the Blender 3D program. The downloads presented by the fraudulent sites try spoofing Microsoft, Acer, DigiCert, Sectigo, and AVG […] The post Hackers Abuse Google Ads to Send Antivirus Avoiding Malware appeared first on Heimdal Security Blog.

Antivirus 94

Antivirus Malware Advertising Technology 94

Security Boulevard

FEBRUARY 3, 2023

Recent years have seen an uptick in software audits, with more companies being asked to provide evidence of licensing compliance. This is largely due to the fact that organizations are now using more software than ever before, with an increasing number of employees working remotely. Watchdog groups like the Business Software Alliance (BSA) and the.

Software 98

Software Security Awareness Risk Government 98

Heimadal Security

FEBRUARY 3, 2023

The LockBit ransomware gang has resumed using encryptors based on other operations, switching to one based on the Conti ransomware‘s leaked source code. Since its inception, the LockBit operation has gone through several iterations of its encryptor, beginning with a custom one and progressing to LockBit 3.0 (aka LockBit Black), which is based on the […] The post LockBit Goes ‘Green’: How the New Conti-Based Encryptor Is Changing the Ransomware Game appeared first on Heimd

Ransomware 94

Ransomware Cybersecurity 94

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity

Security Affairs

FEBRUARY 3, 2023

VMware addressed a high-severity privilege escalation vulnerability, tracked as CVE-2023-20854, in VMware Workstation. VMware fixed a high-severity privilege escalation flaw, tracked as CVE-2023-20854, that impacts Workstation. An attacker can exploit the vulnerability to delete arbitrary files on Workstation version 17.x for Windows OS. “An arbitrary file deletion vulnerability in VMware Workstation was privately reported to VMware.

Hacking 91

Hacking Information Security 91

Malwarebytes

FEBRUARY 3, 2023

Today we have a fascinating tale of a business email compromise (BEC) group steering clear of targeting executives, in favour of fouling up supply chains instead. The attack, which may sound overly complicated, is a fairly streamlined attack with the intention of making a lot of money. BEC: What is it? BEC follows a few different patterns, but primarily revolves around an approach by a criminal who has compromised or spoofed an executive-level email account.

Social Engineering 91

Social Engineering Scams Accountability Retail 91

Bleeping Computer

FEBRUARY 3, 2023

The developers of the GoAnywhere MFT file transfer solution are warning customers of zero-day remote code execution vulnerability on exposed administrator consoles. [.

93

93

Malwarebytes

FEBRUARY 3, 2023

The Cybersecurity and Infrastructure Security Agency (CISA) maintains a “ known exploited vulnerabilities catalog ” which can be useful if you need help prioritizing the patching of vulnerabilities. In essence it is a long list of vulnerabilities that are actually being used by criminals to do harm, with deadlines for fixing them. Many organizations are running a plethora of software and Internet-facing devices and vulnerabilities that can be used to exploit them are found every day.

Software 89

Software Cybersecurity Internet Internet 89

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

The Hacker News

FEBRUARY 3, 2023

The Iranian nation-state hacking group known as OilRig has continued to target government organizations in the Middle East as part of a cyber espionage campaign that leverages a new backdoor to exfiltrate data.

Accountability 87

Accountability Government Hacking 87

Security Affairs

FEBRUARY 3, 2023

Cisco fixed a high-severity flaw in the IOx application hosting environment that can be exploited in command injection attacks. Cisco has released security updates to address a command injection vulnerability, tracked as CVE-2023-20076, in the Cisco IOx application hosting environment. “A vulnerability in the Cisco IOx application hosting environment could allow an authenticated, remote attacker to execute arbitrary commands as root on the underlying host operating system.” reads the

Software 87

Software Authentication Hacking Information Security 87

Heimadal Security

FEBRUARY 3, 2023

In a previous article, we talked about the core differences (and similarities) between SOAR and XDR. And because no SecOps specialist should be without an adequate toolkit, here are some SOAR tools you can try out to up your security automation game. Good hunting and enjoy the read! Best Open Source SOAR Tools Let’s get […] The post Top 10 SOAR Tools to Enhance Your SecOps Experience appeared first on Heimdal Security Blog.

87

87

Malwarebytes

FEBRUARY 3, 2023

As the reports covering all of 2022 start trickling in, we can see that cybercrime and other types of fraud had a major impact last year. Take for example the 2022 half year fraud update by UK Finance, which tells us that criminals stole a total of £609.8 million (roughly $750 million) through authorized and unauthorized fraud and scams in the UK alone.

Scams 87

Scams Banking Cyber Insurance Phishing 87

Advertisement

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

Identity Theft

Security Affairs

FEBRUARY 3, 2023

Russia-linked threat actor Gamaredon employed new spyware in cyber attacks aimed at public authorities and critical information infrastructure in Ukraine. The State Cyber Protection Centre (SCPC) of Ukraine warns of a new wave of targeted attacks conducted by the Russia-linked APT group Gamaredon (aka Shuckworm, Actinium, Armageddon, Primitive Bear, UAC-0010, and Trident Ursa).

Malware 86

Malware Spyware DNS Government 86

SecureWorld News

FEBRUARY 3, 2023

The North Korean state-sponsored cybergang known as Lazarus Group has been identified as the force behind a new cyber espionage campaign that allowed the group to stealthily steal 100GB of data from victims. The campaign was given the nickname "No Pineapple!" due to an error message found in a backdoor used by the group. The campaign was discovered by Finnish cybersecurity firm WithSecure , which was investigating a potential ransomware incident.

Hacking 86

Hacking Healthcare Cryptocurrency Malware 86

The Hacker News

FEBRUARY 3, 2023

A zero-day vulnerability affecting Fortra's GoAnywhere MFT managed file transfer application is being actively exploited in the wild. Details of the flaw were first publicly shared by security reporter Brian Krebs on Mastodon. No public advisory has been published by Fortra.

85

85

Digital Guardian

FEBRUARY 3, 2023

Elaborate phishing campaigns have taken center stage this past week, but LockBit and Sandworm are back in the news and TikTok is pushing to stay in the United States. Catch up on the latest in this week’s Friday Five!

Phishing 84

Phishing 84

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

Cybersecurity

Heimadal Security

FEBRUARY 3, 2023

Whether your company is subject to stringent cybersecurity regulatory requirements or you want to strengthen your overall security, encryption as a service is an effective way to protect sensitive data at rest and in transit. The thing is, many businesses need help properly encrypting all the data on their machines, servers, and the cloud. And […] The post What Is Encryption as a Service (EaaS)?

Encryption 83

Encryption Cybersecurity 83

Bleeping Computer

FEBRUARY 3, 2023

Tallahassee Memorial HealthCare (TMH) has taken its IT systems offline and suspended non-emergency procedures following a late Thursday cyberattack. [.

Healthcare 91

Healthcare 91

Security Affairs

FEBRUARY 3, 2023

Threat actors started exploiting a critical Oracle E-Business Suite flaw, tracked as CVE-2022-21587, shortly after a PoC was published. Shadowserver researchers warn that threat actors have started attempting to exploit critical Oracle E-Business Suite flaw (CVE-2022-21587) shortly after a PoC was published. Since Jan 21st we are seeing exploitation attempts in our honeypot sensors for Oracle E-Business Suite CVE-2022-21587 (CVSS 9.8 RCE) shortly after a PoC was published.

Firewall 81

Firewall Hacking Cybersecurity Information Security 81

Bleeping Computer

FEBRUARY 3, 2023

Bermuda experienced a widespread power outage on Friday which impacted the island's internet and phone services. Calling it a "serious incident" at BELCO, the Bermudian power supplier, the government has advised customers to "unplug all sensitive electrical equipment" as crews work around the clock on restoration efforts. [.

Internet 81

Internet Internet Government Technology 81

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.