Fri.Sep 06, 2024

article thumbnail

YubiKey Side-Channel Attack

Schneier on Security

There is a side-channel attack against YubiKey access tokens that allows someone to clone a device. It’s a complicated attack , requiring the victim’s username and password, and physical access to their YubiKey—as well as some technical expertise and equipment. Still, nice piece of security analysis.

Passwords 279
article thumbnail

Weekly Update 416

Troy Hunt

It's been a while since I've just gone all "AMA" on a weekly update, but this was just one of those weeks that flew by with my head mostly in the code and not doing much else. There's a bit of discussion about that this week, but it's mostly around the ongoing pain of resellers and all the various issues supporting them then creates as a result.

223
223
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Live Video of Promachoteuthis Squid

Schneier on Security

The first live video of the Promachoteuthis squid, filmed at a newly discovered seamount off the coast of Chile. Blog moderation policy.

213
213
article thumbnail

Tenable: 26,500 Cyber Vulnerabilities Risk SE Asia’s Banks

Tech Republic Security

Tenable's research reveals 26,500 cyber vulnerabilities in Southeast Asia's banking and insurance sectors, exposing critical security risks.

Banking 156
article thumbnail

Enhance Innovation and Governance Through the Cloud Development Maturity Model

Leverage the Cloud Development Environment Maturity Model to elevate your software development practices with scalable, secure cloud-based workspaces. This model offers a structured approach to modernizing development, aligning technology, developer experience, security, and workflows. By implementing Cloud Development Environments (CDEs), teams can boost efficiency, improve security, and streamline operations through centralized governance.

article thumbnail

Russian ‘WhisperGate’ Hacks: 5 More Indicted

Security Boulevard

Eaten by a GRU: Fake ransomware created by Russian GRU Unit 29155 attacked Ukraine and NATO—a month before the full scale invasion. The post Russian ‘WhisperGate’ Hacks: 5 More Indicted appeared first on Security Boulevard.

Hacking 137
article thumbnail

Therapy Sessions Exposed by Mental Health Care Firm’s Unsecured Database

WIRED Threat Level

Video and audio of therapy sessions, transcripts, and other patient records were accidentally exposed in a publicly accessible database operated by the virtual medical company Confidant Health.

137
137

More Trending

article thumbnail

Red Hat Issues Critical Patch for Pulpcore Authentication Bypass Flaw (CVE-2024-7923)

Penetration Testing

Red Hat has issued a critical security advisory warning of an authentication bypass vulnerability (CVE-2024-7923) in Pulpcore, a content management system used in Red Hat Satellite deployments. The vulnerability, with... The post Red Hat Issues Critical Patch for Pulpcore Authentication Bypass Flaw (CVE-2024-7923) appeared first on Cybersecurity News.

article thumbnail

Russia-linked GRU Unit 29155 targeted critical infrastructure globally

Security Affairs

The United States and its allies state that Russia-linked threat actors operating under the GRU are behind global critical infrastructure attacks. The FBI, CISA, and NSA linked threat actors from Russia’s GRU Unit 29155 to global cyber operations since at least 2020. These operations include espionage, sabotage, and reputational damage. The United States and its allies state that GRU is behind global critical infrastructure attacks.

article thumbnail

CVE-2024-45076 (CVSS 9.9): Critical Flaw in IBM webMethods Integration Demand Immediate Action

Penetration Testing

IBM has issued a critical security advisory for its webMethods Integration Server, revealing multiple vulnerabilities that could allow authenticated users to execute arbitrary commands, escalate privileges, and access sensitive files.... The post CVE-2024-45076 (CVSS 9.9): Critical Flaw in IBM webMethods Integration Demand Immediate Action appeared first on Cybersecurity News.

article thumbnail

Threat Actors Abuse Red Team Tool MacroPack to Deliver Malware

Security Boulevard

Cisco Talos researchers found that multiple bad actors were abusing the MacroPack framework, continuing an ongoing trend of hackers repurposing legitimate security software tools to run cyber campaigns against organizations. The post Threat Actors Abuse Red Team Tool MacroPack to Deliver Malware appeared first on Security Boulevard.

Malware 114
article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

article thumbnail

SonicWall warns that SonicOS bug exploited in attacks

Security Affairs

Recently fixed access control SonicOS vulnerability, tracked as CVE-2024-40766, is potentially exploited in attacks in the wild, SonicWall warns. SonicWall warns that a recently fixed access control flaw, tracked as CVE-2024-40766 (CVSS v3 score: 9.3), in SonicOS is now potentially exploited in attacks. “An improper access control vulnerability has been identified in the SonicWall SonicOS management access and SSLVPN, potentially leading to unauthorized resource access and in specific cond

Firewall 112
article thumbnail

Overcoming the Challenges of Zero-Trust

Security Boulevard

Zero-trust, rooted in the principle of "never trust, always verify," requires organizations to assume that every access request, whether internal or external, is potentially harmful. The post Overcoming the Challenges of Zero-Trust appeared first on Security Boulevard.

article thumbnail

SonicWall Urges Users to Patch Critical Firewall Flaw Amid Possible Exploitation

The Hacker News

SonicWall has revealed that a recently patched critical security flaw impacting SonicOS may have come under active exploitation, making it essential that users apply the patches as soon as possible. The vulnerability, tracked as CVE-2024-40766, carries a CVSS score of 9.3 out of a maximum of 10.

Firewall 108
article thumbnail

NIST CSF 2.0 Cyber Security Framework

Security Boulevard

NIST has released Version 2.0 of its widely used Cybersecurity Framework (CSF), a guidance document for mitigating cybersecurity risks. This update is not just a revision but a transformative approach to secure digital assets and infrastructures. The new version represents a significant advancement in addressing the evolving and complex cyber threats, offering a forward-looking perspective […] The post NIST CSF 2.0 Cyber Security Framework appeared first on Kratikal Blogs.

article thumbnail

The Importance of User Roles and Permissions in Cybersecurity Software

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

article thumbnail

Car rental company Avis discloses a data breach

Security Affairs

Car rental giant Avis disclosed a data breach that impacted one of its business applications in August compromising customers’ personal information. Car rental company Avis notified customers impacted in an Augus data breach. Threat actors breached one of its business applications and gained access to some of the customers’ personal information. “We discovered on August 5, 2024, that an unauthorized third party gained access to one of our business applications.

article thumbnail

Why and How to Secure GenAI Investments From Day Zero

Security Boulevard

A healthy approach to GenAI is one in which organizations build security protections from the start. Here are tips on how to integrate security into your organization's GenAI strategy from day zero. The post Why and How to Secure GenAI Investments From Day Zero appeared first on Security Boulevard.

article thumbnail

GitHub Actions Vulnerable to Typosquatting, Exposing Developers to Hidden Malicious Code

The Hacker News

Threat actors have long leveraged typosquatting as a means to trick unsuspecting users into visiting malicious websites or downloading booby-trapped software and packages. These attacks typically involve registering domains or packages with names slightly altered from their legitimate counterparts (e.g., goog1e.com vs. google.com).

article thumbnail

Why you should stop using your solar-powered power bank (and try this alternative instead)

Zero Day

I've spent the summer testing solar-powered power banks. It turns out the devices are universally rubbish and potentially unsafe. Here's what I suggest using instead.

Banking 98
article thumbnail

IT Leadership Agrees AI is Here, but Now What?

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.

article thumbnail

Russian Threat Actors Target Critical Infrastructure in the U.S. and Across the World

Heimadal Security

The Russian threat actors responsible for the worldwide attacks on key infrastructure, identified as Cadet Blizzard and Ember Bear, have been connected by the United States and its allies to Unit 29155 of the Main Directorate of the General Staff of the Armed Forces (GRU). Joint Advisory Released: Key Information According to a joint advisory […] The post Russian Threat Actors Target Critical Infrastructure in the U.S. and Across the World appeared first on Heimdal Security Blog.

article thumbnail

The Art of Soft Skills in Technical Sales

SecureWorld News

The inspiration for my book, Soft Skills in Technical Sales , came from observing changes in the roles of sales engineers and salespeople. Sales engineers are now doing more direct selling, while salespeople are handling more procurement tasks. I've been in the cybersecurity industry for a long time and remember when we only had a few products to sell.

article thumbnail

The State of the Virtual CISO Report: MSP/MSSP Security Strategies for 2025

The Hacker News

The 2024 State of the vCISO Report continues Cynomi’s tradition of examining the growing popularity of virtual Chief Information Security Officer (vCISO) services. According to the independent survey, the demand for these services is increasing, with both providers and clients reaping the rewards. The upward trend is set to continue, with even faster growth expected in the future.

CISO 89
article thumbnail

Microchip Technology Confirms Data Was Stolen in August Cyberattack

Heimadal Security

American chip producer Microchip confirms that employee data was stolen during the cyberattack they suffered in August. The incident happened on August 17, and Microchip disclosed it on August 20, declaring that some of their manufacturing facilities had been affected. The cyberattack influenced the company’s ability to meet orders and forced it to shut down […] The post Microchip Technology Confirms Data Was Stolen in August Cyberattack appeared first on Heimdal Security Blog.

article thumbnail

Cybersecurity Predictions for 2024

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

article thumbnail

GeoServer Vulnerability Targeted by Hackers to Deliver Backdoors and Botnet Malware

The Hacker News

A recently disclosed security flaw in OSGeo GeoServer GeoTools has been exploited as part of multiple campaigns to deliver cryptocurrency miners, botnet malware such as Condi and JenX, and a known backdoor called SideWalk. The security vulnerability is a critical remote code execution bug (CVE-2024-36401, CVSS score: 9.8) that could allow malicious actors to take over susceptible instances.

Malware 88
article thumbnail

Apache fixed a new remote code execution flaw in Apache OFBiz

Security Affairs

Apache addressed a remote code execution vulnerability affecting the Apache OFBiz open-source enterprise resource planning (ERP) system. Apache fixed a high-severity vulnerability, tracked as CVE-2024-45195 (CVSS score: 7.5) affecting the Apache OFBiz open-source enterprise resource planning (ERP) system. Apache OFBiz® is an open source product for the automation of enterprise processes that includes framework components and business applications.

article thumbnail

New global standard aims to build security around large language models

Zero Day

The WDTA framework spans the lifecycle of large language models, offering guidelines to manage integration with other systems.

98
article thumbnail

The NSA Has a Podcast—Here's How to Decode It

WIRED Threat Level

The spy agency that dared not speak its name is now the Joe Rogan of the SIGINT set. And the pod's actually worth a listen.

97
article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

This new self-cleaning robot vacuum can even wipe down your baseboards

Zero Day

Narwal has just released a new flagship robot vacuum and mop with do-it-all functions that will remind you of The Jetsons.

98
article thumbnail

Cyber Insurers Are Not Your Friend – Why a Warranty May Be a Better Option

Security Boulevard

Gary Perkins, Chief Information Security Officer In this landscape, organizations need a multi-faceted approach that includes prevention, detection, and response capabilities. A warranty tied to a comprehensive security solution supports this approach, providing both technological protection and financial assurance. The Trouble with Insurance Cyber insurers are increasingly being viewed with skepticism by organizations seeking protection […] The post Cyber Insurers Are Not Your Friend – Why a Wa

article thumbnail

Netflix Phishing Scam: Even the Savviest Streamers Can Fall Victim

Penetration Testing

AhnLab Security Intelligence Center (ASEC) has uncovered a new phishing campaign targeting Netflix users, where cybercriminals are impersonating the popular streaming service to steal sensitive information. With the increasing popularity... The post Netflix Phishing Scam: Even the Savviest Streamers Can Fall Victim appeared first on Cybersecurity News.

Scams 78
article thumbnail

Sonos is failing and millions of devices could become e-waste - why open-source audio is our only hope

Zero Day

Sonos' recent upheaval highlights the risks of closed systems in home audio. Here's how an open-source platform and universal speaker connectivity standard could benefit everyone.

Risk 98
article thumbnail

5 Key Findings From the 2023 FBI Internet Crime Report

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.