Wed.Jun 14, 2023

article thumbnail

On the Need for an AI Public Option

Schneier on Security

Artificial intelligence will bring great benefits to all of humanity. But do we really want to entrust this revolutionary technology solely to a small group of US tech companies? Silicon Valley has produced no small number of moral disappointments. Google retired its “don’t be evil” pledge before firing its star ethicist. Self-proclaimed “ free speech absolutist ” Elon Musk bought Twitter in order to censor political speech , retaliate against journalists, and ease

article thumbnail

Learnings from kCTF VRP's 42 Linux kernel exploits submissions

Google Security

Tamás Koczka, Security Engineer In 2020 , we integrated kCTF into Google's Vulnerability Rewards Program (VRP) to support researchers evaluating the security of Google Kubernetes Engine (GKE) and the underlying Linux kernel. As the Linux kernel is a key component not just for Google, but for the Internet, we started heavily investing in this area. We extended the VRP's scope and maximum reward in 2021 (to $50k), then again in February 2022 (to $91k), and finally in August 2022 (to $133k).

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Chinese hackers use DNS-over-HTTPS for Linux malware communication

Bleeping Computer

The Chinese threat group 'ChamelGang' infects Linux devices with a previously unknown implant named 'ChamelDoH,' allowing DNS-over-HTTPS communications with attackers' servers. [.

DNS 140
article thumbnail

Chinese Hackers Exploit VMware Zero-Day to Backdoor Windows and Linux Systems

The Hacker News

The Chinese state-sponsored group known as UNC3886 has been found to exploit a zero-day flaw in VMware ESXi hosts to backdoor Windows and Linux systems. The VMware Tools authentication bypass vulnerability, tracked as CVE-2023-20867 (CVSS score: 3.

article thumbnail

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

Speaker: Erroll Amacker

Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.

article thumbnail

Microsoft: Windows Kernel CVE-2023-32019 fix is disabled by default

Bleeping Computer

Microsoft has released an optional fix to address a Kernel information disclosure vulnerability affecting systems running multiple Windows versions, including the latest Windows 10, Windows Server, and Windows 11 releases. [.

124
124
article thumbnail

Cyber liability insurance vs. data breach insurance: What's the difference?

CSO Magazine

With an ever-increasing number of cybersecurity threats and attacks, companies are becoming motivated to protect their businesses and customer data both technically and financially. Finding the right insurance has become a key part of the security equation, which is no surprise given that the average cost of a data breach in the US has risen to $9.44 million — more than twice the global average of $4.35 million.

Insurance 121

LifeWorks

More Trending

article thumbnail

Artificial Intelligence Act gets passed in EU

CyberSecurity Insiders

European Parliament has created a history by adopting the draft that mitigates the risks gener-ated using Artificial Intelligence (AI) technology. Introduced in April 2021, the Artificial Intel-ligence Act was meant to strictly regulate the use of AI by companies, governments and indi-viduals and block them from exploiting extensive clinical info such as biometric data, mass surveillance systems and other policing algorithms.

article thumbnail

Cryptocurrency Attacks Quadrupled as Cybercriminals Cash In

Dark Reading

Attackers continue to attempt to steal Bitcoin and other virtual coins, with a 40% increase in phishing attacks and fourfold increase in incidents.

article thumbnail

Your Personal Data Sold to US Intelligence Agencies

Security Boulevard

What Price 4th Amendment? Warrant not needed if info bought from brokers. The post Your Personal Data Sold to US Intelligence Agencies appeared first on Security Boulevard.

article thumbnail

Fake Researcher Profiles Spread Malware through GitHub Repositories as PoC Exploits

The Hacker News

At least half of dozen GitHub accounts from fake researchers associated with a fraudulent cybersecurity company have been observed pushing malicious repositories on the code hosting service. All seven repositories, which are still available as of writing, claim to be a proof-of-concept (PoC) exploit for purported zero-day flaws in Discord, Google Chrome, and Microsoft Exchange.

Malware 102
article thumbnail

Why Giant Content Libraries Do Nothing for Your Employees’ Cyber Resilience

Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.

article thumbnail

Safe summer travel: Your essential cybersecurity checklist

Security Boulevard

Hello, fellow travelers! As we prepare for the summer travel season, it's crucial to remember that cybersecurity is just as important as packing your suitcase. As a cybersecurity expert with Avast, I've been asked to compile a comprehensive checklist to help you stay cyber-safe while you're out exploring the world. The post Safe summer travel: Your essential cybersecurity checklist appeared first on Security Boulevard.

article thumbnail

Crypto trading firm freezes accounts due to a Cyber Attack

CyberSecurity Insiders

Since June 11th, 2023, Floating Point Group (FPG) has been hit by a devastating cyber attack, leading to the suspension of all trading, deposits, and withdrawals. This incident has sparked panic among FPG’s user base, who are eagerly awaiting information on when normal trading practices will resume. While the company has not provided a specific timeline, it has reassured users that its IT staff are working tirelessly to mitigate the risks associated with the attack.

article thumbnail

Attacker Infrastructure: How Hackers Build It and How to Use It Against Them

Security Boulevard

Hackers often spend weeks or months lurking on a target network to prepare for an eventual cyberattack. They will attempt to establish communication with an external “command-and-control structure” — all from inside the target’s environment. This scenario provides a prime opportunity to watch (and learn) from hackers, in order to stop them in their tracks.

DNS 101
article thumbnail

News alert: Cybersixgill introduces generative AI for Dark Web threat intelligence gathering

The Last Watchdog

Tel Aviv, Israel – June 14, 2023 – Cybersixgill, the global cyber threat intelligence data provider, announced today Cybersixgill IQ , its new generative AI, representing a significant breakthrough in cyber threat intelligence (CTI). Drawing from the company’s unmatched, deep, dark web data and intelligence, as well as Open Source Intelligence (OSINT) and organizations’ unique attack surface context, the solution stands out from other generative AI cybersecurity offerings and builds

article thumbnail

Zero Trust Mandate: The Realities, Requirements and Roadmap

The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.

article thumbnail

Microsoft Office 365 AitM phishing reveals signs of much larger BEC campaign

CSO Magazine

Researchers investigating an Office 365 account compromise resulting from an adversary-in-the-middle (AitM) phishing attack found evidence of a much larger global attack campaign that spans the past year and is possibly tied to an infostealer malware called FormBook. "In the past few years, Sygnia’s IR teams have engaged in numerous incidents in which world-wide organizations were targeted by BEC attacks," researchers from cybersecurity firm Sygnia said in their report.

article thumbnail

Critical Security Vulnerability Discovered in WooCommerce Stripe Gateway Plugin

The Hacker News

A security flaw has been uncovered in the WooCommerce Stripe Gateway WordPress plugin that could lead to the unauthorized disclosure of sensitive information. The flaw, tracked as CVE-2023-34000, impacts versions 7.4.0 and below. It was addressed by the plugin maintainers in version 7.4.1, which shipped on May 30, 2023.

99
article thumbnail

Critical flaw found in WooCommerce Stripe Gateway Plugin used by +900K sites

Security Affairs

Hundreds of thousands of online stores are potentially exposed to hacking due to a critical vulnerability in the WooCommerce Stripe Payment Gateway plugin. The WooCommerce Stripe Payment Gateway plugin is affected by a critical vulnerability tracked as CVE-2023-34000. The Stripe plugin extends WooCommerce allowing administrators of the e-commerce sites to take payments directly on their store via Stripe’s API.

Hacking 98
article thumbnail

Microsoft Releases Updates to Patch Critical Flaws in Windows and Other Software

The Hacker News

Microsoft has rolled out fixes for its Windows operating system and other software components to remediate major security shortcomings as part of Patch Tuesday updates for June 2023. Of the 73 flaws, six are rated Critical, 63 are rated Important, two are rated Moderate, and one is rated Low in severity. This also includes three issues the tech giant addressed in its Chromium-based Edge browser.

article thumbnail

Next-Level Fraud Prevention: Strategies for Today’s Threat Landscape

Speaker: Sierre Lindgren

Fraud is a battle that every organization must face – it’s no longer a question of “if” but “when.” Every organization is a potential target for fraud, and the finance department is often the bullseye. From cleverly disguised emails to fraudulent payment requests, the tactics of cybercriminals are advancing rapidly. Drawing insights from real-world cases and industry expertise, we’ll explore the vulnerabilities in your processes and how to fortify them effectively.

article thumbnail

China-linked APT UNC3886 used VMware ESXi Zero-Day

Security Affairs

A China-linked APT group tracked as UNC3886 has been spotted exploiting a VMware ESXi zero-day vulnerability. Mandiant researchers observed a China-linked cyberespionage group, tracked as UNC3886 , exploiting a VMware ESXi zero-day vulnerability tracked as CVE-2023-20867. “VMware Tools contains an Authentication Bypass vulnerability in the vgauth module.” reads the advisory published by VMware. “A fully compromised ESXi host can force VMware Tools to fail to authenticate host-t

article thumbnail

Meet Your New AI Assistant: Introducing Trend Vision One™ – Companion

Trend Micro

Companion, a new generative AI security assistant from Trend Micro, draws on the decades of AI and ML innovation.

article thumbnail

Best Passkey Solutions for MFA, SSO & Passwordless Authentication

eSecurity Planet

Passkeys have been gaining traction as an alternative to cumbersome and insecure passwords, but not all passkey solutions are the same. Passkeys can use a range of passwordless authentication methods, from fingerprint, face and iris recognition to screen lock pins, smart cards, USB devices and more. They can be implemented as part of an account, application, cloud service, access management system, or password manager.

article thumbnail

Fake Security Researchers Deliver Malicious Zero-Day Exploits

Heimadal Security

Cybercriminals use fake accounts on Twitter and GitHub to spread fake proof-of-concept (PoC) exploits for zero-day vulnerabilities. They impersonate cybersecurity researchers to push Windows and Linux with malware. How the Scam Works These impersonators pretend to work at a fake cybersec company, named “High Sierra Cyber Security”, or even at well-known organizations.

Scams 98
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Clop Leaks: First Wave of Victims Named

Digital Shadows

On June 14, 2023, Clop named its first batch of victims. The ReliaQuest Threat Research Team continues to monitor the site for more updates.

98
article thumbnail

Microsoft links Cadet Blizzard APT to Russia’s military intelligence GRU

Security Affairs

Microsoft linked a series of wiping attacks to a Russia-linked APT group, tracked as Cadet Blizzard, that is under the control of the GRU. Microsoft attributes the operations carried out by the Russia-linked APT group tracked as Cadet Blizzard to the Russian General Staff Main Intelligence Directorate (GRU). The IT giant pointed out that Cadet Blizzard is distinct from other known APT groups operating under the control of the Russian military intelligence GRU, such as Forest Blizzard ( STRONTIUM

article thumbnail

Ransomware Attack Contributes to Illinois Hospital Closure

SecureWorld News

In a rare and alarming case, St. Margaret's Health, a hospital located in Spring Valley, Illinois, has announced its closure due to a cyberattack that occurred in 2021. The hospital was already facing mounting challenges prior to the attack, including the impact of the pandemic, staffing shortages, and rising costs of goods and services, according to NBC News.

article thumbnail

Severe Vulnerabilities Reported in Microsoft Azure Bastion and Container Registry

The Hacker News

Two "dangerous" security vulnerabilities have been disclosed in Microsoft Azure Bastion and Azure Container Registry that could have been exploited to carry out cross-site scripting (XSS) attacks.

98
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Focusing On Productivity Helps Reduce Insider Risk

Security Boulevard

Many companies are concerned by the uptick in insider risk that’s come with the work-from-home boom. By one estimate, 58% of office workers work from home at least one day a week. This trend creates blind spots for companies. Managers see their employees less often, people work off-network and on personal devices and they keep. The post Focusing On Productivity Helps Reduce Insider Risk appeared first on Security Boulevard.

Risk 98
article thumbnail

Patch Tuesday June 2023 – 78 Flaws and 38 RCE Bugs Fixed

Heimadal Security

As per usual, Microsoft rolled out its monthly updates on the second Tuesday of the month. 78 flaws, including 38 remote code execution vulnerabilities were fixed as part of this edition of Patch Tuesday. Microsoft only rated six problems as “Critical,” including denial of service attacks, remote code execution, and privilege elevation, even though 38 […] The post Patch Tuesday June 2023 – 78 Flaws and 38 RCE Bugs Fixed appeared first on Heimdal Security Blog.

97
article thumbnail

The Harmonization Effect: Transforming Your Cybersecurity Program to Transform Your Company

Security Boulevard

To establish a robust cyber program, companies must navigate the complexities of ever-changing cybersecurity frameworks and ensure scalability over time, but mapping frameworks is a notoriously difficult task – especially when more than one is in play. The problem is that compliance quickly becomes a lengthy process filled with Excel sheets, constant double-checking, work duplication, and large time and work commitments.

article thumbnail

Agencies Are Compelled to Secure All Internet-exposed Equipment by CISA Orders

Heimadal Security

The American Cybersecurity & Infrastructure Security Agency (CISA) issued on June 13, 2023, a binding operational directive (BOD) requiring federal civilian agencies to safeguard networking equipment that is faulty or exposed to the Internet. Federal civilian executive branch (FCEB) agencies have 14 days to solve such problems after they discover them.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!