Wed.Aug 17, 2022

article thumbnail

Zoom Exploit on MacOS

Schneier on Security

This vulnerability was reported to Zoom last December: The exploit works by targeting the installer for the Zoom application, which needs to run with special user permissions in order to install or remove the main Zoom application from a computer. Though the installer requires a user to enter their password on first adding the application to the system, Wardle found that an auto-update function then continually ran in the background with superuser privileges.

Passwords 339
article thumbnail

Black Hat Fireside Chat: MSSPs are well-positioned to help companies achieve cyber resiliency

The Last Watchdog

Network security is in dire straits. Security teams must defend an expanding attack surface, skilled IT professionals are scarce and threat actors are having a field day. Related: The role of attack surface management. That said, Managed Security Services Providers – MSSPs — are in a position to gallop to the rescue. MSSPs arrived on the scene 15 years ago to supply device security as a contracted service: antivirus, firewalls, email security and the like.

Antivirus 222
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

How to deploy the Bitwarden self-hosted server with Docker

Tech Republic Security

Jack Wallen walks you through the process of deploying a Bitwarden vault server with the help of Docker containers. The post How to deploy the Bitwarden self-hosted server with Docker appeared first on TechRepublic.

193
193
article thumbnail

New Linux Exploit ‘Dirty Cred’ Revealed at Black Hat

eSecurity Planet

A new Linux kernel exploitation called Dirty Cred was revealed at last week’s Black Hat security conference. Zhenpeng Lin, a PhD student, and a team of researchers worked on an alternative approach to the infamous Dirty Pipe vulnerability that affected Linux kernel versions 8 and later. Dity Pipe is a major flaw that allows attackers to elevate least-privileged accounts to the maximum level (root) by exploiting the way the kernel uses pipes to pass data.

Software 145
article thumbnail

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

Speaker: Erroll Amacker

Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.

article thumbnail

Seaborgium targets sensitive industries in several countries

Tech Republic Security

The cyberespionage threat actor is aligned with Russian interests and has hit numerous organizations since 2017, aiming at stealing sensitive data. The post Seaborgium targets sensitive industries in several countries appeared first on TechRepublic.

article thumbnail

China-linked RedAlpha behind multi-year credential theft campaign

Security Affairs

A China-linked APT group named RedAlpha is behind a long-running mass credential theft campaign aimed at organizations worldwide. Recorded Future researchers attributed a long-running mass credential theft campaign to a Chinese nation-state actor tracked RedAlpha. The campaign targeted global humanitarian, think tank, and government organizations. Experts believe RedAlpha is a group of contractors conducting cyber-espionage activity on behalf of China.

Phishing 138

LifeWorks

More Trending

article thumbnail

Google Chrome Zero-Day Found Exploited in the Wild

Dark Reading

The high-severity security vulnerability (CVE-2022-2856) is due to improper user-input validation.

136
136
article thumbnail

eSecurity Planet’s 2022 Cybersecurity Product Awards

eSecurity Planet

The editors of eSecurity Planet have been giving advice to enterprise security buyers for more than a decade, and for the last five years we’ve been rating the top enterprise cybersecurity products, compiling roughly 50 lists to date on every product imaginable, from networks to endpoints and out to the cloud and beyond. This year, for the first time, we’re ranking the overall best companies and products in 14 of those categories.

article thumbnail

Are deleted files really gone?

CyberSecurity Insiders

by Xperien CEO Wale Arewa. There are a plethora of data destruction methods, but many of them contain loopholes that render data recoverable. When choosing between erasing versus deleting, one needs to understand why data erasure is essential to ensuring your files are truly gone. Data is growing rapidly and keeping track of all one’s data and keeping it protected is a major challenging.

article thumbnail

Stop the line: Cyber threats facing manufacturing

Digital Shadows

The cyber risk facing the manufacturing sector is likely greater at this point than ever before. Cybercriminals have demonstrably pivoted. The post Stop the line: Cyber threats facing manufacturing first appeared on Digital Shadows.

article thumbnail

Why Giant Content Libraries Do Nothing for Your Employees’ Cyber Resilience

Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.

article thumbnail

Understanding ransomware trends to combat threats

CyberSecurity Insiders

By Aaron Sandeen, CEO, Cyber Security Works. It should be no surprise that ransomware is currently one of the most common attack vectors wreaking havoc on businesses worldwide. Attackers and ransomware operators are constantly looking for more vulnerabilities to weaponize and increase their arsenal of tools, tactics, and techniques. In fact, the FBI’s Internet Crime Report for 2021 recorded 649 ransomware attacks on critical infrastructure establishments, with nearly $50 million reportedly

article thumbnail

Google fixed a new Chrome Zero-Day actively exploited in the wild

Security Affairs

Google addressed a dozen vulnerabilities in the Chrome browser, including the fifth Chrome zero-day flaw exploited this year. Google this week released security updates to address a dozen vulnerabilities in its Chrome browser for desktops including an actively exploited high-severity zero-day flaw in the wild. The actively exploited flaw, tracked as CVE-2022-2856, is an Insufficient validation of untrusted input in Intents.

article thumbnail

The State of Security: SIEM in 2022

The State of Security

The world of enterprise cybersecurity is exceedingly dynamic. In a landscape that is ever-changing, security professionals need to combat a class of evolving threat actors by deploying increasingly sophisticated tools and techniques. Today with enterprises operating in an environment that is more challenging than ever, Security Information and Event Management (SIEM) platforms play an indispensable […]… Read More.

article thumbnail

North Korea hackers impersonating Coinbase to lure employees and customers

CyberSecurity Insiders

Lazarus Group that is being funded by North Korea Military Intelligence is reportedly using signed executable to mimic a Coinbase website in order to attract employees and customers. The aim behind the said social engineering attack is simple, one to trap employees with fake job offers and second to lure customers in signing up the page and then steal their currency.

article thumbnail

Zero Trust Mandate: The Realities, Requirements and Roadmap

The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.

article thumbnail

Black Hat USA 2022 and DEF CON 30

SecureList

Black Hat 2022 USA Briefings wrapped up this past week, along with its sister conference DEF CON 30. The DEF CON theme was a “Hacker Homecoming”, and it really was a fun one. Coming back from the COVID hiatus, the conferences were enthusiastically full compared to the 2021 ghost town. Many of the talks were great, fresh content. With the parties and the CTF fun humming along, excellent briefings included Kim Zetter’s insights on “Pre-Stuxnet, Post-Stuxnet: Everything Has

article thumbnail

Kubescape boosts Kubernetes scanning capabilities

InfoWorld on Security

ARMO, developer of Kubescape, an open source security platform for Kubernetes , has added two new vulnerability scanning functions to the platform. Code repository scanning and container image registry scanning are the first fruits of an effort to cover more aspects of Kubernetes security, the company said, including integrating with more third-party devops and Kubernetes tools like Lens, Prometheus, Plural, Civo, GitHub Actions, GitLab, and Visual Studio. [ Also on InfoWorld: No one wants to ma

115
115
article thumbnail

APT Lazarus Targets Engineers with macOS Malware

Threatpost

The North Korean APT is using a fake job posting for Coinbase in a cyberespionage campaign targeting users of both Apple and Intel-based systems.

article thumbnail

Apple patches double zero-day in browser and kernel – update now!

Naked Security

Double 0-day exploits - one in WebKit (to break in) and the other in the kernel (to take over). Patch now!

Spyware 111
article thumbnail

Next-Level Fraud Prevention: Strategies for Today’s Threat Landscape

Speaker: Sierre Lindgren

Fraud is a battle that every organization must face – it’s no longer a question of “if” but “when.” Every organization is a potential target for fraud, and the finance department is often the bullseye. From cleverly disguised emails to fraudulent payment requests, the tactics of cybercriminals are advancing rapidly. Drawing insights from real-world cases and industry expertise, we’ll explore the vulnerabilities in your processes and how to fortify them effectively.

article thumbnail

Bugdrop dropper includes features to circumvent Google’s security Controls

Security Affairs

Researchers have discovered a previously undocumented Android dropper, dubbed BugDrop, that’s still under development. Recently, researchers from ThreatFabric discovered a previously undetected Android dropper, dubbed BugDrop, which is under active development and was designed to bypass security features that will be implemented in the next release of the Google OS.

Malware 110
article thumbnail

How to Stop Local Governments From Being Attractive Cyber Attack Targets

CyberSecurity Insiders

By MarKeith Allen, Senior Vice-President and GM at Diligent Mission Driven Organizations. For some time, many local government officials did not recognize the risk of behaviors in which they were engaged. Then, 2020 happened and much of that changed. Local governments need security because of the high level of stored sensitive information and number of systems they use to share data with state and federal government programs.

article thumbnail

Chrome browser gets 11 security fixes with 1 zero-day – update now!

Naked Security

Don't delay - patch today.

108
108
article thumbnail

Apple Releases Security Updates to Patch Two New Zero-Day Vulnerabilities

The Hacker News

Apple on Wednesday released security updates for iOS, iPadOS, and macOS platforms to remediate two zero-day vulnerabilities previously exploited by threat actors to compromise its devices.

107
107
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

New Deep Instinct partner program targets MSSPs fighting ransomware

CSO Magazine

Cybersecurity firm Deep Instinct has rolled out a new partner program to provide its endpoint and application protection software to managed security service providers (MSSPs) , the company announced Wednesday. The Stratosphere program was initially announced in April, and designed as a simplified channel program that focuses on expected partner margins, instead of set discounts on the product.

article thumbnail

North Korea-linked APT targets Job Seekers with macOS malware

Security Affairs

The North Korea-linked Lazarus Group has been observed targeting job seekers with macOS malware working also on Intel and M1 chipsets. ESET researchers continue to monitor a cyberespionage campaign, tracked as “Operation In(ter)ception,” that has been active at least since June 2020. The campaign targets employees working in the aerospace and military sectors and leverages decoy job offer documents.

Malware 104
article thumbnail

Google updates Chronicle with enhanced threat detection

CSO Magazine

Google Cloud Wednesday announced the general availability of what it calls “curated detection” for its Chronicle security analysis platform. The new detection feature leverages the threat intelligence that Google gains from protecting its own user base into an automated detection service that covers everything from ransomware , infostealers and data theft to simple misconfigured systems and remote access tools.

article thumbnail

Facing the Shift-Left Security Conundrum. A True Story

Security Boulevard

Dynamic business requirements and cloud complexity make managing least privilege a huge challenge. The post Facing the Shift-Left Security Conundrum. A True Story appeared first on Ermetic. The post Facing the Shift-Left Security Conundrum. A True Story appeared first on Security Boulevard.

104
104
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

7 Smart Ways to Secure Your E-Commerce Site

Dark Reading

Especially if your e-commerce and CMS platforms are integrated, you risk multiple potential sources of intrusion, and the integration points themselves may be vulnerable to attack.

Risk 104
article thumbnail

Ransomware safeguards for small- to medium-sized businesses

CSO Magazine

The Institute for Security and Technology (IST) recently released a “Blueprint for Ransomware Defense.” The guide includes recommendations of defensive actions for small- and medium-sized businesses (SMBs) to protect against and respond to ransomware and other common cyberattacks. It focuses on the identify, protect, respond, and recover format that aligns with the National Institute of Standards and Technology (NIST) Cybersecurity Framework.

article thumbnail

China-Backed RedAlpha APT Builds Sprawling Cyber-Espionage Infrastructure

Dark Reading

The state-sponsored group particularly targets organizations working on behalf of the Uyghurs, Tibet, and Taiwan, looking to gather intel that could lead to human-rights abuses, researchers say.

102
102
article thumbnail

ÆPIC Leak is the first CPU flaw able to architecturally disclose sensitive data

Security Affairs

Researchers uncovered a new flaw, dubbed ÆPIC, in Intel CPUs that enables attackers to obtain encryption keys and other secret information from the processors. The ÆPIC Leak ( CVE-2022-21233 ) is the first architecturally CPU bug that could lead to the disclosure of sensitive data and impacts most 10th, 11th and 12th generation Intel CPUs. ÆPIC Leak works on the newest Intel CPUs based on Ice Lake, Alder Lake, and Ice Lake SP and does not rely on hyperthreading enabled. “A potential secur

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!