Schneier on Security

OCTOBER 12, 2023

This is a fun challenge: The NIST elliptic curves that power much of modern cryptography were generated in the late ’90s by hashing seeds provided by the NSA. How were the seeds generated? Rumor has it that they are in turn hashes of English sentences, but the person who picked them, Dr. Jerry Solinas, passed away in early 2023 leaving behind a cryptographic mystery, some conspiracy theories, and an historical password cracking challenge.

Passwords 289

Passwords 289

Anton on Security

OCTOBER 12, 2023

This blog was born from two parents: my never-finished blog on why relying on heroism in a Security Operations Center (SOC) is bad and Phil Venables “superb+” blog titles “Delivering Security at Scale: From Artisanal to Industrial.” BTW, what is heroism? Isn’t that a good thing ? Well, an ancient SRE deck defines “IT heroism” as relying on “individuals taking upon themselves to make up for a systemic problem.

Engineering 130

Engineering 130

Tech Republic Security

OCTOBER 12, 2023

The success of cyber attacks in Australia could make an "assume-breach" approach to cyber security inevitable and cause IT teams to shift their focus to protecting data backups at all costs.

Backups 137

Backups Cyber Attacks Ransomware Big data 137

eSecurity Planet

OCTOBER 12, 2023

Cyber attackers frequently use legacy technology as part of their attack strategies, targeting organizations that have yet to implement mitigations or upgrade obsolete components. In an Active Directory environment, one such component is legacy protocols, which attackers can use to gain access to Active Directory. While patching (or even virtual patching ) might help address obsolete components, most legacy components have been thoroughly evaluated by adversaries to determine whether they should

Risk 142

Risk Authentication Encryption Cybersecurity 142

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

The Last Watchdog

OCTOBER 12, 2023

Toronto, Ontario – October 12, 2023 – Nerds On Site Inc. (CSE: NERD), a cybersecurity and mobile IT solutions company servicing the small and medium enterprise (SME) marketplace in Canada and the U.S., has developed SME Edge , a complete cybersecurity package that provides small-to-medium businesses comprehensive protection from the threat of data breaches.

Social Engineering 114

Social Engineering Phishing Data breaches Cybercrime 114

Security Affairs

OCTOBER 12, 2023

Ransomlooker monitors ransomware groups’ extortion sites and delivers consolidated feeds of their claims worldwide. Cybernews presented Ransomlooker , a tool to monitor ransomware groups’ extortion sites and delivers consolidated feeds of their claims worldwide. The researchers have created the tool to help cybersecurity experts in their daily jobs by providing real-time updates and actionable insights.

Ransomware 136

Ransomware Internet Internet Hacking 136

The Hacker News

OCTOBER 12, 2023

The threat actors behind ShellBot are leveraging IP addresses transformed into their hexadecimal notation to infiltrate poorly managed Linux SSH servers and deploy the DDoS malware.

DDOS 132

DDOS Malware 132

Security Affairs

OCTOBER 12, 2023

In September more than 17,000 WordPress websites have been compromised by the Balada Injector malware. Sucuri researchers reported that more than 17,000 WordPress websites have been compromised in September with the Balada Injector. The researchers noticed that the number of Balada Injector infections has doubled compared with August. The Balada injector is a malware family that has been active since 2017.

Malware 119

Malware Hacking Accountability Cybercrime 119

The Hacker News

OCTOBER 12, 2023

Cybersecurity researchers have shed light on a new sophisticated strain of malware that masquerades as a WordPress plugin to stealthily create administrator accounts and remotely control a compromised site.

Malware 127

Malware Accountability Cybersecurity 127

Security Affairs

OCTOBER 12, 2023

This post analyzed the numerous phishing campaigns targeting users and organizations in Italy. Phishing is a ploy to trick users into revealing personal or financial information through an e-mail, Web site, and even through instant messaging. Particularly very popular is so-called brand phishing, which occurs when criminals impersonate the official website of a well-known brand of a public or private entity using a domain name, URL, logos and graphics similar to the original website: This is a r

Phishing 118

Phishing Scams Education Passwords 118

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

The Hacker News

OCTOBER 12, 2023

Microsoft on Wednesday said that a user containment feature in Microsoft Defender for Endpoint helped thwart a "large-scale remote encryption attempt" made by Akira ransomware actors targeting an unknown industrial organization in early June 2023. The tech giant's threat intelligence team is tracking the operator as Storm-1567.

Ransomware 121

Ransomware Encryption 121

Bleeping Computer

OCTOBER 12, 2023

The U.S. government has updated the list of tools AvosLocker ransomware affiliates use in attacks to include open-source utilities along with custom PowerShell, and batch scripts. [.

Ransomware 114

Ransomware Government 114

Security Affairs

OCTOBER 12, 2023

Researchers observed a new Magecart web skimming campaign changing the websites’ default 404 error page to steal credit cards. Researchers from the Akamai Security Intelligence Group uncovered a Magecart web skimming campaign that is manipulating the website’s default 404 error page to hide malicious code. The attacks are targeting a large number of Magento and WooCommerce websites, including large organizations in the food and retail industries. “In this campaign, all the victim web

Retail 112

Retail Security Intelligence Hacking Software 112

Trend Micro

OCTOBER 12, 2023

Almost a year after Void Rabisu shifted its targeting from opportunistic ransomware attacks with an emphasis on cyberespionage, the threat actor is still developing its main malware, the ROMCOM backdoor.

Malware 109

Malware Ransomware 109

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity

Security Affairs

OCTOBER 12, 2023

Apple released versions iOS 16.7.1 and iPadOS 16.7.1 to address the CVE-2023-42824 vulnerability that has been actively exploited in attacks. Apple has released iOS 16.7.1 and iPadOS 16.7.1 to address the recently disclosed zero-day CVE-2023-42824. The vulnerability is a privilege escalation issue that resides in the Kernel, it was addressed with improved checks.

Hacking 110

Hacking Mobile Information Security 110

Bleeping Computer

OCTOBER 12, 2023

Malicious NuGet packages appearing to have over 2 million downloads impersonate crypto wallets, crypto exchange, and Discord libraries to infect developers with the SeroXen remote access trojan. [.

98

98

Dark Reading

OCTOBER 12, 2023

Evasive malware disguised as a caching plugin allows attackers to create an admin account on a WordPress site, then take over and monetize sites at the expense of legitimate SEO and user privacy.

Accountability 99

Accountability Malware 99

Identity IQ

OCTOBER 12, 2023

10 Tips for Traveler Identity Theft Protection IdentityIQ Travel has become an essential part of everyday life for many, offering adventure, cultural experiences, and opportunities for personal growth. However, as we embark on these journeys, we must also be vigilant guardians of our personal information. Travel identity theft is a rising concern, with cybercriminals constantly devising new ways to exploit unsuspecting travelers.

Identity Theft 99

Identity Theft Computers and Electronics Media Authentication 99

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

Bleeping Computer

OCTOBER 12, 2023

A newly discovered campaign dubbed "Stayin' Alive" has been targeting government organizations and telecommunication service providers across Asia since 2021, using a wide variety of "disposable" malware to evade detection. [.

Malware 96

Malware Telecommunications Government 96

Dark Reading

OCTOBER 12, 2023

Government security processes are often viewed as tedious and burdensome — but applying the lessons learned from them is imperative for private industry to counter a nation-state threat.

Government 98

Government 98

The Hacker News

OCTOBER 12, 2023

A malicious package hosted on the NuGet package manager for the.NET Framework has been found to deliver a remote access trojan called SeroXen RAT. The package, named Pathoschild.Stardew.Mod.Build.Config and published by a user named Disti, is a typosquat of a legitimate package called Pathoschild.Stardew.ModBuildConfig, software supply chain security firm Phylum said in a report today.

Software 99

Software 99

Bleeping Computer

OCTOBER 12, 2023

Internet-exposed WS_FTP servers unpatched against a maximum severity vulnerability are now targeted in ransomware attacks. [.

Ransomware 111

Ransomware Internet Internet 111

Advertisement

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

Identity Theft

WIRED Threat Level

OCTOBER 12, 2023

Whoever looted FTX on the day of its bankruptcy has now moved the stolen money through a long string of intermediaries—including a service owned by FTX itself.

Cryptocurrency 99

Cryptocurrency Hacking 99

Bleeping Computer

OCTOBER 12, 2023

Microsoft announced a new AI bounty program focused on the AI-driven Bing experience, with rewards reaching $15,000. [.

113

113

Dark Reading

OCTOBER 12, 2023

Scammers have targeted the vaunted blue check marks on the platform formerly known as Twitter, smearing individuals and brands alike.

106

106

The Hacker News

OCTOBER 12, 2023

ChatGPT has transformed the way businesses generate textual content, which can potentially result in a quantum leap in productivity. However, Generative AI innovation also introduces a new dimension of data exposure risk, when employees inadvertently type or paste sensitive business data into ChatGPT, or similar applications.

Risk 82

Risk 82

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

Cybersecurity

Dark Reading

OCTOBER 12, 2023

Popular malware like QakBot and DarkGate rely on VBScript, which dates back to 1996 — but their days are numbered now that Microsoft is finally deprecating the Windows programming. language.

Cybercrime 90

Cybercrime Malware 90

NetSpi Technical

OCTOBER 12, 2023

Mainframes are ever being included in Red Team Engagements to demonstrate impact. If an adversary can access your mainframe environment they could cause material damage to customer data, cause an outage or potentially steal money. However, when an adversary gets on a mainframe, the account they have may not provide enough access to do anything. NetSPI has performed multiple Mainframe Penetration Tests where the base account was locked down enough to prevent them from doing any real damage.

Penetration Testing 69

Penetration Testing Accountability Phishing Passwords 69

Dark Reading

OCTOBER 12, 2023

Cryptocurrency apps were the most high risk for exposing sensitive information, a reverse-engineering study shows.

Authentication 111

Authentication Encryption Cryptocurrency Engineering 111

CompTIA on Cybersecurity

OCTOBER 12, 2023

Cybersecurity should be a critical component of every business and using standards and best practices can be a solid a value proposition for MSPs.

Cybersecurity 70

Cybersecurity 70

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.