Schneier on Security

AUGUST 28, 2024

Matthew Green wrote a really good blog post on what Telegram’s encryption is and is not.

Encryption 332

Encryption 332

Krebs on Security

AUGUST 28, 2024

Multiple media reports this week warned Americans to be on guard against a new phishing scam that arrives in a text message informing recipients they are not yet registered to vote. A bit of digging reveals the missives were sent by a California political consulting firm as part of a well-meaning but potentially counterproductive get-out-the-vote effort that had all the hallmarks of a phishing campaign.

Phishing 314

Phishing Scams Mobile Advertising 314

Penetration Testing

AUGUST 28, 2024

A critical vulnerability (CVE-2024-43425) has been identified in Moodle, a widely-used Learning Management System. This flaw could enable attackers to execute malicious code on affected servers, potentially compromising sensitive student... The post CVE-2024-43425: Moodle Remote Code Execution Vulnerability, PoC Published appeared first on Cybersecurity News.

Cybersecurity 145

Cybersecurity 145

We Live Security

AUGUST 28, 2024

ESET research uncovers a vulnerability in WPS Office for Windows (CVE-2024-7262), as it was being exploited by South Korea-aligned cyberespionage group APT-C-60 to target East Asian countries. Analysis of the vendor’s silently released patch led to the discovery of another vulnerability CVE-2024-7263).

145

145

Speaker: Erroll Amacker

Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.

Risk

The Hacker News

AUGUST 28, 2024

The threat actors behind the BlackByte ransomware group have been observed likely exploiting a recently patched security flaw impacting VMware ESXi hypervisors, while also leveraging various vulnerable drivers to disarm security protections.

Ransomware 132

Ransomware 132

Security Boulevard

AUGUST 28, 2024

Security specialist Fortinet announced the debut of Sovereign SASE and the integration of Generative AI (GenAI) technology into its Unified SASE offering. The post Fortinet Debuts Sovereign SASE, Updates Unified SASE With FortiAI appeared first on Security Boulevard.

Technology 130

Technology Cybersecurity 130

Security Affairs

AUGUST 28, 2024

The US Department of State offers a $2.5 million reward for information leading to the arrest of a Belarusian cybercriminal involved in the mass malware distribution. The US Department of State announced a $2.5 million reward for information leading to the arrest of Volodymyr Kadariya (38), a Belarusian national allegedly involved in a significant malware organization.

Malware 127

Malware Computers and Electronics Cybercrime Internet 127

Security Boulevard

AUGUST 28, 2024

Xi whiz: Versa Networks criticized for swerving the blame. The post China Cyberwar Coming? Versa’s Vice: Volt Typhoon’s Target appeared first on Security Boulevard.

Cyber Attacks 127

Cyber Attacks Data privacy Security Awareness Technology 127

Security Affairs

AUGUST 28, 2024

Iran-linked group APT33 used new Tickler malware in attacks against organizations in the government, defense, satellite, oil and gas sectors. Microsoft researchers reported that the Iran-linked cyberespionage group APT33 (aka Peach Sandstorm , Holmium , Elfin , Refined Kitten , and Magic Hound ) used new custom multi-stage backdoor called Tickler to compromise organizations in sectors such as government, defense, satellite, oil, and gas in the U.S. and UAE.

Malware 126

Malware Social Engineering Education Government 126

The Hacker News

AUGUST 28, 2024

French prosecutors on Wednesday formally charged CEO Pavel Durov with facilitating a litany of criminal activity on the popular messaging platform and placed him under formal investigation following his arrest Saturday.

123

123

Advertisement

Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.

Cyber threats

Security Affairs

AUGUST 28, 2024

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chromium V8 bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Google Chromium V8 Inappropriate Implementation Vulnerability CVE-2024-38856 (CVSS score of 8.8) to its Known Exploited Vulnerabilities (KEV) catalog.

Engineering 124

Engineering Hacking Cybersecurity Risk 124

Security Boulevard

AUGUST 28, 2024

Broadcom today at the VMware Explore 2024 conference extended its VMware vDefend portfolio to include generative artificial intelligence (AI) capabilities in addition to extending its software-defined edge computing portfolio to provide deeper integrations with networking and security platforms that its VMware business unit provides. The post Broadcom Extends VMware Cybersecurity Portfolio appeared first on Security Boulevard.

Artificial Intelligence 120

Artificial Intelligence Cybersecurity Software Malware 120

Security Affairs

AUGUST 28, 2024

BlackByte ransomware operators are exploiting a recently patched VMware ESXi hypervisors vulnerability in recent attacks. Cisco Talos observed the BlackByte ransomware group exploiting the recently patched security flaw CVE-2024-37085 in VMware ESXi hypervisors in recent attacks. The flaw CVE-2024-37085 (CVSS score of 6.8) is an authentication bypass vulnerability in VMware ESXi.

Ransomware 124

Ransomware Authentication Encryption VPN 124

The Hacker News

AUGUST 28, 2024

Fortra has addressed a critical security flaw impacting FileCatalyst Workflow that could be abused by a remote attacker to gain administrative access. The vulnerability, tracked as CVE-2024-6633, carries a CVSS score of 9.8, and stems from the use of a static password to connect to a HSQL database.

Risk 117

Risk Passwords 117

Advertisement

The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.

Cybersecurity

Security Affairs

AUGUST 28, 2024

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Apache OFBiz bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Apache OFBiz Incorrect Authorization Vulnerability CVE-2024-38856 (CVSS score of 9.8) to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerability is an incorrect authorization issue in Apache OFBiz that impacts versions through 18.12.14, version 18.12.15 addressed the flaw.

Authentication 123

Authentication Manufacturing Accountability Cybersecurity 123

The Hacker News

AUGUST 28, 2024

A South Korea-aligned cyber espionage has been linked to the zero-day exploitation of a now-patched critical remote code execution flaw in Kingsoft WPS Office to deploy a bespoke backdoor dubbed SpyGlace. The activity has been attributed to a threat actor dubbed APT-C-60, according to cybersecurity firms ESET and DBAPPSecurity.

Cybersecurity 117

Cybersecurity 117

Trend Micro

AUGUST 28, 2024

Threat actors are targeting users in the Middle East by distributing sophisticated malware disguised as the Palo Alto GlobalProtect tool.

Malware 116

Malware Cyber threats 116

Security Affairs

AUGUST 28, 2024

A ransomware attack by the BlackSuit group on Young Consulting compromised the personal information of over 950,000 individuals. Software solutions provider Young Consulting disclosed a data breach impacting 950,000 individuals following a BlackSuit ransomware attack. On April 13 the company “became aware of technical difficulties” that impacted its infrastructure.

Data breaches 112

Data breaches Ransomware Insurance Software 112

Speaker: Sierre Lindgren

Fraud is a battle that every organization must face – it’s no longer a question of “if” but “when.” Every organization is a potential target for fraud, and the finance department is often the bullseye. From cleverly disguised emails to fraudulent payment requests, the tactics of cybercriminals are advancing rapidly. Drawing insights from real-world cases and industry expertise, we’ll explore the vulnerabilities in your processes and how to fortify them effectively.

Scams

Security Boulevard

AUGUST 28, 2024

The recent National Public Data (NPD) breach stands as one of the largest social security number (SSN) exposures in history. With reports suggesting potential compromises affecting up to 3 billion SSNs, it is crucial to understand the scope of the breach and take immediate steps to protect yourself from identity theft. This guide provides an … The post National Public Data (NPD) Breach: Essential Guide to Protecting Your Identity appeared first on Security Boulevard.

Identity Theft 111

Identity Theft Data breaches 111

Malwarebytes

AUGUST 28, 2024

The Qilin ransomware group listed CODAC Behavioral Healthcare, a nonprofit health care treatment organization, as one of their latest victims. Qilin seems to have a preference for healthcare and support organizations. One of their most well-known victims was the pathology lab services provider Synnovis in June 2024, causing chaos across the NHS in London.

Healthcare 109

Healthcare Ransomware Data breaches Passwords 109

SecureWorld News

AUGUST 28, 2024

In a concerning development for cybersecurity professionals worldwide, the Chinese state-backed hacking group known as Volt Typhoon has been linked to a series of sophisticated attacks exploiting a Zero-Day vulnerability in Versa Director, a critical management platform used by Internet Service Providers (ISPs) and Managed Service Providers (MSPs). The vulnerability, CVE-2024-39717 , affects Versa Director versions 21.2.3, 22.1.2, and 22.1.3.

VPN 108

VPN Firewall Accountability Internet 108

Cisco Security

AUGUST 28, 2024

Cisco Umbrella for Government up-levels government cybersecurity with protection against phishing, malware, ransomware and data loss from cyberattacks. Cisco Umbrella for Government up-levels government cybersecurity with protection against phishing, malware, ransomware and data loss from cyberattacks.

Government 108

Government Phishing Ransomware Malware 108

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

WIRED Threat Level

AUGUST 28, 2024

In addition to its longstanding password spraying attacks, Microsoft says Iran-backed hacker group Peach Sandstorm— or APT 33—has developed custom malware dubbed “Tickler.

Passwords 104

Passwords Malware Hacking 104

Penetration Testing

AUGUST 28, 2024

In a recent security advisory, Dell disclosed a high-severity vulnerability, identified as CVE-2024-39584, affecting the BIOS of several popular Dell client platforms. This vulnerability, carrying a CVSS score of 8.2,... The post CVE-2024-39584: Dell BIOS Flaw Exposes Systems to Secure Boot Bypass and Arbitrary Code Execution appeared first on Cybersecurity News.

Cybersecurity 97

Cybersecurity 97

Graham Cluley

AUGUST 28, 2024

A phishing exercise conducted by the IT department of the University of California Santa Cruz (UCSC) has backfired, after causing unnecessary panic amongst students and staff. Read more in my article on the Hot for Security blog.

Phishing 91

Phishing 91

Penetration Testing

AUGUST 28, 2024

In a significant security advisory, the Perl community has been alerted to a critical vulnerability, CVE-2024-45321, affecting the widely-used App::cpanminus (cpanm) tool. Rated with a CVSS score of 9.8, this... The post Critical CVE-2024-45321 Flaw in Popular Perl Module Installer cpanminus, No Patch Available appeared first on Cybersecurity News.

Cybersecurity 86

Cybersecurity 86

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

Zero Day

AUGUST 28, 2024

Ahead of Labor Day weekend, we tested the best phones you can buy. These are the top picks for power users, content creators, budget shoppers, and more.

76

76

Penetration Testing

AUGUST 28, 2024

A cybersecurity researcher has uncovered a critical vulnerability in the AI-powered assistant Copilot, integrated into Microsoft 365, which enables malicious actors to exfiltrate sensitive data. The exploit, previously submitted to... The post New Attack on Microsoft 365 Copilot Steals Personal Data appeared first on Cybersecurity News.

Cybersecurity 84

Cybersecurity 84

Zero Day

AUGUST 28, 2024

Costco is cracking down on membership sharing. Don't miss this deal to buy your own with a free gift card, effectively cutting the price to $40. (I bought one and highly recommend it.

75

75

Penetration Testing

AUGUST 28, 2024

Hitachi Energy has issued a cybersecurity advisory addressing multiple critical vulnerabilities discovered in their MicroSCADA X SYS600 product, widely used for monitoring and controlling power systems. The vulnerabilities, identified as... The post Critical Vulnerabilities Expose Hitachi Energy MicroSCADA X SYS600 to Cyberattacks appeared first on Cybersecurity News.

Cybersecurity 81

Cybersecurity 81

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!