Wed.Nov 06, 2024

article thumbnail

IoT Devices in Password-Spraying Botnet

Schneier on Security

Microsoft is warning Azure cloud users that a Chinese controlled botnet is engaging in “highly evasive” password spraying. Not sure about the “highly evasive” part; the techniques seem basically what you get in a distributed password-guessing attack: “Any threat actor using the CovertNetwork-1658 infrastructure could conduct password spraying campaigns at a larger scale and greatly increase the likelihood of successful credential compromise and initial access to mul

Passwords 259
article thumbnail

AI-Assisted Attacks Top Cyber Threat For Third Consecutive Quarter, Gartner Finds

Tech Republic Security

AI-enhanced malicious attacks are a top concern for 80% of executives, and for good reason, as there is a lot of evidence that bad actors are exploiting the technology.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Synology fixed critical flaw impacting millions of DiskStation and BeePhotos NAS devices

Security Affairs

Synology addressed a critical vulnerability in DiskStation and BeePhotos NAS devices that could lead to remote code execution. Taiwanese vendor Synology has addressed a critical security vulnerability, tracked as CVE-2024-10443, that impacts DiskStation and BeePhotos. An attacker can exploit the flaw without any user interaction and successful exploitation of this flaw could lead to remote code execution.

Firmware 123
article thumbnail

Increasing Awareness of DNS Hijacking: A Growing Cyber Threat

Tech Republic Security

DNS hijacking is a growing threat that can redirect users to malicious sites. However, using passive DNS monitoring can help to protect data.

DNS 156
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Video: 2.9 Billion Records Compromised in NPD Breach – Recap

eSecurity Planet

In this video, we explore the alarming details surrounding the largest data breach ever, which has exposed an astonishing 2.9 billion records linked to the National Public Data (NPD) breach. This event has compromised sensitive information for nearly half of the global population, including Social Security numbers and personal family details, raising significant concerns about data security and individual safety.

article thumbnail

Update your Android: Google patches two zero-day vulnerabilities

Malwarebytes

Google has announced patches for several high severity vulnerabilities. In total, 51 vulnerabilities have been patched in November’s updates, two of which are under limited, active exploitation by cybercriminals. If your Android phone shows patch level 2024-11-05 or later then the issues discussed below have been fixed. The updates have been made available for Android 12, 12L, 13, 14, and 15.

More Trending

article thumbnail

Anton’s Alert Fatigue: The Study

Anton on Security

Mention “alert fatigue” to a SOC analyst. They would immediately recognize what you are talking about. Now, take your time machine to 2002. Find a SOC analyst (much fewer of those around, to be sure, but there are some!) and ask him about alert fatigue — he would definitely understand what the concern is. Now, crank up your time machine all the way to 11 and fly to the 1970s where you can talk to some of the original NOC analysts.

article thumbnail

Filling up the DagBag: Privilege Escalation in Google Cloud Composer

NetSpi Technical

Cloud Composer is a managed service in Google Cloud Platform that allows users to manage workflows. Cloud Composer is built on Apache Airflow and is integrated closely with multiple GCP services. One key component of the managed aspect of Cloud Composer is the use of Cloud Storage to support the environment’s data. Per GCP documentation : “When you create an environment, Cloud Composer creates a Cloud Storage bucket and associates the bucket with your environment… Cloud Composer synchronizes spe

article thumbnail

Video: How Hackers Steal Your Cookies & How to Stop Them

eSecurity Planet

Cookies play a crucial role in enhancing your online experience, but they can also be exploited by cybercriminals to access sensitive information. In this video, our expert delves into what cookies are and their function in web browsing, explores the techniques hackers use to steal them — such as session hijacking and cross-site scripting (XSS) — and shares effective strategies and tools to protect your cookies and personal data in 2024.

article thumbnail

Schneider Electric Confirms Ransom Hack — Hellcat Demands French Bread as ‘Joke’

Security Boulevard

That’s a lot of pain: $125,000 ransom seems small—but why do the scrotes want it paid in baguettes? The post Schneider Electric Confirms Ransom Hack — Hellcat Demands French Bread as ‘Joke’ appeared first on Security Boulevard.

Hacking 125
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

New SteelFox Trojan mimics software activators, stealing sensitive data and mining cryptocurrency

SecureList

Introduction In August 2024, our team identified a new crimeware bundle, which we named “SteelFox” Delivered via sophisticated execution chains including shellcoding, this threat abuses Windows services and drivers. It spreads via forums posts, torrent trackers and blogs, imitating popular software like Foxit PDF Editor and AutoCAD. It also uses stealer malware to extract the victim’s credit card data as well as details about the infected device.

Software 106
article thumbnail

Memorial Hospital and Manor suffered a ransomware attack

Security Affairs

Georgia, a ransomware attack disrupted Memorial Hospital and Manor’s access to its Electronic Health Record system. A ransomware attack hit Memorial Hospital and Manor in Bainbridge, Georgia, and disrupted the access to its Electronic Health Record system. Memorial Hospital and Manor is a community hospital and healthcare facility that serves Decatur County and surrounding areas in southwest Georgia.

article thumbnail

INTERPOL Disrupts Over 22,000 Malicious Servers in Global Crackdown on Cybercrime

The Hacker News

INTERPOL on Tuesday said it took down more than 22,000 malicious servers linked to various cyber threats as part of a global operation. Dubbed Operation Synergia II, the coordinated effort ran from April 1 to August 31, 2024, targeting phishing, ransomware, and information stealer infrastructure.

article thumbnail

Canada ordered ByteDance to shut down TikTok operations in the country over security concerns

Security Affairs

Canada ordered ByteDance to shut down TikTok operations over security concerns but did not issue a full ban on the platform. The Canadian government ordered ByteDance to wind up TikTok Technology Canada, Inc. over security concerns following a national security review under the Investment Canada Act Canada’s decision to require ByteDance to dissolve the operations of the popular video-sharing platform was guided by security and intelligence advice.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Securing SMBs in a Cloud-Driven World: Best Practices for Cost-Effective Digital Hygiene Through Verified Authentication

Security Boulevard

Hackers are acutely aware that basic corporate account credentials present a significant vulnerability, increasing the stakes for SMBs in particular. The post Securing SMBs in a Cloud-Driven World: Best Practices for Cost-Effective Digital Hygiene Through Verified Authentication appeared first on Security Boulevard.

article thumbnail

Critical bug in Cisco UWRB access points allows attackers to run commands as root

Security Affairs

Cisco fixed a critical flaw in URWB access points, allowing attackers to run root commands, compromising industrial wireless automation security. Cisco has addressed a critical vulnerability, tracked as CVE-2024-20418 , that could be exploited by unauthenticated, remote attackers to run commands with root privileges on vulnerable Ultra-Reliable Wireless Backhaul (URWB) access points used for industrial wireless automation.

Wireless 114
article thumbnail

VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware

The Hacker News

An ongoing threat campaign dubbed VEILDrive has been observed taking advantage of legitimate services from Microsoft, including Teams, SharePoint, Quick Assist, and OneDrive, as part of its modus operandi.

Malware 114
article thumbnail

INTERPOL: Operation Synergia II disrupted +22,000 malicious IPs

Security Affairs

A global law enforcement operation called Operation Synergia II dismantled over 22,000 malicious IPs linked to phishing, infostealers, and ransomware, INTERPOL said. INTERPOL announced this week it took down more than 22,000 malicious servers linked to cybercriminal activities as part of a global operation code-named Operation Synergia II. Operation Synergia II is a collaborative effort by INTERPOL, private sector partners, and 95 countries, that targeted phishing, ransomware, and infostealers f

article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

New Winos 4.0 Malware Infects Gamers Through Malicious Game Optimization Apps

The Hacker News

Cybersecurity researchers are warning that a command-and-control (C&C) framework called Winos is being distributed within gaming-related applications like installation tools, speed boosters, and optimization utilities. "Winos 4.

article thumbnail

Large eBay malvertising campaign leads to scams

Malwarebytes

Tech support scammers are targeting eBay customers in the U.S. via fraudulent Google ads. In a few separate searches, we were able to identify multiple Sponsored results that were created from at least four different advertiser accounts. While most of those ads clearly looked fake, they appeared consistently and prominently enough to trick the inattentive user into a scam.

Scams 111
article thumbnail

Canada Orders TikTok to Shut Down Canadian Operations Over Security Concerns

The Hacker News

The Canadian government on Wednesday ordered ByteDance-owned TikTok to dissolve its operations in the country, citing national security risks, but stopped short of instituting a ban on the popular video-sharing platform.

article thumbnail

Google Cloud: MFA Will Be Mandatory for All Users in 2025

Security Boulevard

Google Cloud says it is taking a phased approach to making MFA mandatory for all users by the end of 2025 to help bolster the cyber-protections against increasingly sophisticated cyberattacks. The post Google Cloud: MFA Will Be Mandatory for All Users in 2025 appeared first on Security Boulevard.

Mobile 110
article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

article thumbnail

CVE-2024-20418 (CVSS 10): Cisco URWB Access Points Vulnerable to Remote Takeover

Penetration Testing

In a critical security advisory, Cisco has disclosed a command injection vulnerability in its Unified Industrial Wireless Software used for Cisco Ultra-Reliable Wireless Backhaul (URWB) Access Points. Identified as CVE-2024-20418,... The post CVE-2024-20418 (CVSS 10): Cisco URWB Access Points Vulnerable to Remote Takeover appeared first on Cybersecurity News.

Wireless 105
article thumbnail

Protecting privacy without hurting RAG performance

Security Boulevard

Understand the impact that de-identifying text embeddings has on your RAG system. Learn more about preserving data utility. The post Protecting privacy without hurting RAG performance appeared first on Security Boulevard.

107
107
article thumbnail

Cisco Releases Patch for Critical URWB Vulnerability in Industrial Wireless Systems

The Hacker News

Cisco has released security updates to address a maximum severity security flaw impacting Ultra-Reliable Wireless Backhaul (URWB) Access Points that could permit unauthenticated, remote attackers to run commands with elevated privileges. Tracked as CVE-2024-20418 (CVS score: 10.

Wireless 105
article thumbnail

The Thunderbird email client finally landed on Android, and it was worth the wait

Zero Day

It's been years in the making, but the Thunderbird developers have finally brought the open-source email client to Android.

104
104
article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

Top 10 PowerDMARC Alternatives and Competitors: Detailed Feature Comparison

Security Boulevard

Explore top PowerDMARC alternatives and compare their features, pricing, and benefits. Discover why PowerDMARC remains the industry leader in email security. The post Top 10 PowerDMARC Alternatives and Competitors: Detailed Feature Comparison appeared first on Security Boulevard.

article thumbnail

The best open-source AI models: All your free-to-use options explained

Zero Day

Here are the best open-source and free-to-use AI models for text, images, and audio, organized by type, application, and licensing considerations.

102
102
article thumbnail

Smashing Security podcast #392: Pasta spies and private eyes, and are you applying for a ghost job?

Graham Cluley

A Facebook friend request leads to arrest, Twitter scams ride again via promoted ads, and adult websites expose their members. Oh, and Graham finds out what Rule 34 is. All this and more is discussed in the latest edition of the award-winning "Smashing Security" podcast by computer security veterans Graham Cluley and Carole Theriault.

Scams 94
article thumbnail

INTERPOL: Operation Synergia II disrupted +22,000 malicious IPs

Security Affairs

A global law enforcement operation called Operation Synergia II dismantled over 22,000 malicious IPs linked to phishing, infostealers, and ransomware, INTERPOL said. INTERPOL announced this week it took down more than 22,000 malicious servers linked to cybercriminal activities as part of a global operation code-named Operation Synergia II. Operation Synergia II is a collaborative effort by INTERPOL, private sector partners, and 95 countries, that targeted phishing, ransomware, and infostealers f

article thumbnail

IT Leadership Agrees AI is Here, but Now What?

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.