Mon.Jun 17, 2024

article thumbnail

Using LLMs to Exploit Vulnerabilities

Schneier on Security

Interesting research: “ Teams of LLM Agents can Exploit Zero-Day Vulnerabilities.” Abstract: LLM agents have become increasingly sophisticated, especially in the realm of cybersecurity. Researchers have shown that LLM agents can exploit real-world vulnerabilities when given a description of the vulnerability and toy capture-the-flag problems.

article thumbnail

Fake Google Chrome errors trick you into running malicious PowerShell scripts

Bleeping Computer

A new malware distribution campaign uses fake Google Chrome, Word, and OneDrive errors to trick users into running malicious PowerShell "fixes" that install malware. [.

Malware 141
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

CVE-2024-37902 (CVSS 10): Critical Flaw in Deep Java Library Opens Door to System Takeover

Penetration Testing

A critical vulnerability (CVE-2024-37902) has been discovered in the Deep Java Library (DJL), a widely-used open-source framework for deep learning projects. The flaw allows attackers to overwrite critical system files, potentially granting them full... The post CVE-2024-37902 (CVSS 10): Critical Flaw in Deep Java Library Opens Door to System Takeover appeared first on Cybersecurity News.

article thumbnail

Hackers use F5 BIG-IP malware to stealthily steal data for years

Bleeping Computer

A group of suspected Chinese cyberespionage actors named 'Velvet Ant' are deploying custom malware on F5 BIG-IP appliances to gain a persistent connection to the internal network and steal data. [.

Malware 134
article thumbnail

Human-Centered Cyber Security Training: Driving Real Impact on Security Culture

Speaker: Speakers:

In today's digital age, having an untrained workforce can be a significant risk to your business. Cyber threats are evolving; without proper training, your employees could be the weakest link in your defense. This webinar empowers leaders like you with the tools and strategies needed to transform your employees into a robust frontline defense against cyber attacks.

article thumbnail

iOS Apps Penetration Testing: r2frida for iOS App Runtime Manipulation

Appknox

You might already know a fair bit about r2frida by now - its definition, usage, features, installation, and examples - something we discussed in the previous blog of this series. In case you missed out on it, you can find it here. In this blog, we will explore how r2frida can be instrumental in manipulating an iOS app's runtime.

article thumbnail

Hackers Detail How They Allegedly Stole Ticketmaster Data From Snowflake

WIRED Threat Level

A ShinyHunters hacker tells WIRED that they gained access to Ticketmaster’s Snowflake cloud account—and others—by first breaching a third-party contractor.

More Trending

article thumbnail

7000 LockBit Ransomware Decryption Keys Distributed By FBI

Security Boulevard

In a significant move aimed at aiding victims of cyberattacks, the U.S. Federal Bureau of Investigation (FBI) has announced the distribution of more than 7,000 FBI decryption keys associated with the notorious LockBit ransomware decryption. This initiative comes as part of ongoing efforts to mitigate the devastating impact of ransomware attacks on businesses worldwide. […] The post 7000 LockBit Ransomware Decryption Keys Distributed By FBI appeared first on TuxCare.

article thumbnail

China-Linked Hackers Infiltrate East Asian Firm for 3 Years Using F5 Devices

The Hacker News

A suspected China-nexus cyber espionage actor has been attributed as behind a prolonged attack against an unnamed organization located in East Asia for a period of about three years, with the adversary establishing persistence using legacy F5 BIG-IP appliances and using it as an internal command-and-control (C&C) for defense evasion purposes.

article thumbnail

Runtime Enforcement: Software Security After the Supply Chain Ends

Security Boulevard

Runtime enforcement is the future of software security, if we can only make it accessible to the developers that understand their applications the best. The post Runtime Enforcement: Software Security After the Supply Chain Ends appeared first on Security Boulevard.

Software 116
article thumbnail

Microsoft Recall delayed after privacy and security concerns

Malwarebytes

Microsoft has announced it will postpone the broadly available preview of the heavily discussed Recall feature for Copilot+ PCs. Copilot+ PCs are personal computers that come equipped with several artificial intelligence (AI) features. The Recall feature tracks anything from web browsing to voice chats. The idea is that Recall can assist users to reconstruct past activity by taking regular screenshots of a user’s activity and storing them locally.

article thumbnail

The Importance of User Roles and Permissions in Cybersecurity Software

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

article thumbnail

China-linked Velvet Ant uses F5 BIG-IP malware in cyber espionage campaign

Security Affairs

Chinese cyberespionage group Velvet Ant was spotted using custom malware to target F5 BIG-IP appliances to breach target networks. In late 2023, Sygnia researchers responded to an incident suffered by a large organization that they attributed to a China-linked threat actor tracked as ‘Velvet Ant.’ The cyberspies deployed custom malware on F5 BIG-IP appliances to gain persistent access to the internal network of the target organization and steal sensitive data.

Malware 111
article thumbnail

Amazon-Powered AI Cameras Used to Detect Emotions of Unwitting UK Train Passengers

WIRED Threat Level

CCTV cameras and AI are being combined to monitor crowds, detect bike thefts, and spot trespassers.

143
143
article thumbnail

Managing Cloud Security Posture: Continuous Monitoring and Hardening for Visibility and Compliance

Tech Republic Security

Cloud adoption is not slowing down, and neither is the cloud threat landscape. Among many other benefits, the cloud offers increased productivity and flexibility, as well as reduced infrastructural costs. However, despite delivering many goodies, API endpoints hosted in the cloud can be susceptible to at least 12 security issues. These issues can come in.

92
article thumbnail

Panera Bread likely paid a ransom in March ransomware attack

Bleeping Computer

Panera Bread, an American chain of fast food restaurants, most likely paid a ransom after being hit by a ransomware attack, suggests language used an internal email sent to employees. [.

article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

What is DevSecOps and Why is it Essential for Secure Software Delivery?

The Hacker News

Traditional application security practices are not effective in the modern DevOps world. When security scans are run only at the end of the software delivery lifecycle (either right before or after a service is deployed), the ensuing process of compiling and fixing vulnerabilities creates massive overhead for developers. The overhead that degrades velocity and puts production deadlines at risk.

article thumbnail

Not Just Another 100% Score: MITRE ENGENIUTY ATT&CK

Trend Micro

The latest MITRE Engenuity ATT&CK Evaluations pitted leading managed detection and response (MDR) services against threats modeled on the menuPass and BlackCat/AlphV adversary groups. Trend Micro achieved 100% detection across all 15 major attack steps with an 86% actionable rate for those steps— balancing detections and business priorities including operational continuity and minimized disruption.

article thumbnail

Alleged Scattered Spider sim-swapper arrested in Spain

Bleeping Computer

A 22-year-old British national allegedly linked to the Scattered Spider hacking group and responsible for attacks on 45 U.S. companies has been arrested in Palma de Mallorca, Spain. [.

Hacking 95
article thumbnail

Online job offers, the reshipping and money mule scams

Security Affairs

Offers that promise easy earnings can also bring with them a host of scams that deceive those who are genuinely seeking income opportunities. Often, behind these enticing offers are pyramid schemes in which profits are generated through the recruitment of new participants, rather than through actual service, sometimes even causing significant financial losses.

Scams 93
article thumbnail

Cybersecurity Predictions for 2024

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

article thumbnail

Empire Market owners charged for enabling $430M in dark web transactions

Bleeping Computer

Two men have been charged in a Chicago federal court for operating "Empire Market," a dark web marketplace that facilitated over $430 million in illegal transactions between February 2018 and August 2020. [.

article thumbnail

Empire Market owners charged with operating $430M dark web marketplace

Security Affairs

Federal authorities charged two individuals with operating the dark web marketplace Empire Market that facilitated over $430 million in illegal transactions. Two men, Thomas Pavey (aka “Dopenugget”) and Raheim Hamilton (aka “Sydney” and “Zero Angel”), have been charged in federal court in Chicago for operating the dark web marketplace “ Empire Market ” from 2018 to 2020.

article thumbnail

CISA Warns of Phone Scammers Impersonating Agency Employees

SecureWorld News

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert regarding an ongoing phone-based impersonation fraud campaign where scammers are masquerading as CISA staff. In a brief notification, the agency stated it is "aware of recent impersonation scammers claiming to represent the agency." The CISA warning explicitly states that its employees "will never contact you with a request to wire money, cash, cryptocurrency, or use gift cards and will never instruct you to kee

article thumbnail

Spanish police arrested an alleged member of the Scattered Spider group

Security Affairs

A joint law enforcement operation led to the arrest of a key member of the cybercrime group known as Scattered Spider. Spanish police arrested a 22-year-old British national who is suspected of being a key member of the cybercrime group known as Scattered Spider (also known as UNC3944 , 0ktapus ). The man was arrested in Palma de Mallorca while attempting to fly to Italy, during the arrest, police confiscated a laptop and a mobile phone.

article thumbnail

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

article thumbnail

4 Important Implementations for New Restaurants

SecureBlitz

This post will show you 4 important implementations for new restaurants. Launching a new restaurant is an exciting venture, but it requires careful planning and implementation to ensure success. Every element of your restaurant has the potential to captivate and retain customers, from crafting a menu that entices palates to establishing an inviting environment that […] The post 4 Important Implementations for New Restaurants appeared first on SecureBlitz Cybersecurity.

article thumbnail

How Automated Linux Patching Boosts Healthcare Security

Security Boulevard

Healthcare organizations worldwide are facing a surge in cyberattacks. The healthcare industry is grappling with increasingly sophisticated cyberattacks, often exploiting known vulnerabilities that should have been addressed much earlier. Automated Linux patching helps ensure that systems are continuously updated with the latest security patches. These days, healthcare organizations are increasingly relying on advanced technologies like […] The post How Automated Linux Patching Boosts Healthcare

article thumbnail

Guide to Achieving ISO27001:2022 Compliance

Thales Cloud Protection & Licensing

Guide to Achieving ISO27001:2022 Compliance glenn.hamilton… Tue, 06/18/2024 - 06:01 ISO/IEC 27001:2022 , the latest edition of the internationally recognized standard for information security management systems (ISMS), introduces several significant updates and revisions to address the evolving security challenges that worldwide organizations face. One of the most significant changes in the standard is the overhaul of Annex A, which now aligns closely with the updates introduced in ISO/IEC 2700

article thumbnail

Photography Supplies: What You Need to Take Great Photos

SecureBlitz

Capturing great photos requires more than just a good eye and creative vision—it also relies on having the right photography supplies at your disposal. Possessing the right tools—from cameras and lenses to lighting fixtures and accessories—can make all the difference in producing amazing outcomes. This comprehensive guide will explore essential photography supplies that every photographer […] The post Photography Supplies: What You Need to Take Great Photos appeared first on SecureBlitz Cy

article thumbnail

5 Key Findings From the 2023 FBI Internet Crime Report

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

article thumbnail

TA571 and ClearFake Use Social Engineering to Deliver PowerShell Malware

Penetration Testing

Proofpoint researchers have discovered a sophisticated social engineering technique that leverages clipboard manipulation to deliver malware through PowerShell scripts. This new method has been employed by threat actors such as TA571 and the ClearFake... The post TA571 and ClearFake Use Social Engineering to Deliver PowerShell Malware appeared first on Cybersecurity News.

article thumbnail

LA County’s Department of Public Health (DPH) data breach impacted over 200,000 individuals

Security Affairs

The County of Los Angeles’ Department of Public Health (DPH) disclosed a data breach that impacted more than 200,000 individuals. The LA County’s Department of Public Health announced that the personal information of more than 200,000 was compromised after a data breach that occurred between February 19 and February 20, 2024. Threat actors obtained the log-in credentials of 53 Public Health employees through a phishing campaign. “Between February 19, 2024, and February 20, 2024, the Los An

article thumbnail

Navigating Retail: Overcoming the Top 3 Identity Security Challenges

Security Boulevard

As retailers compete in an increasingly competitive marketplace, they invest a great deal of resources in becoming household names. But brand recognition is a double-edged sword when it comes to cybersecurity. The bigger your name, the bigger the cyber target on your back. Data breaches in the retail sector cost an average of $3.28 million. The post Navigating Retail: Overcoming the Top 3 Identity Security Challenges appeared first on Silverfort.

Retail 70
article thumbnail

Defending your ever-changing attack surface

IT Security Guru

The very elements crucial for a business’s functionality and prosperity are also its greatest vulnerabilities from a cybersecurity standpoint. Emails, files, remote/hybrid work setups, and various devices and tools streamline business operations but also pose significant cybersecurity risks. These areas, where external factors come into play, are the least secure, representing vulnerabilities in your organisation’s attack surface.

article thumbnail

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?