Wed.Dec 14, 2022

article thumbnail

Six Charged in Mass Takedown of DDoS-for-Hire Sites

Krebs on Security

The U.S. Department of Justice (DOJ) today seized four-dozen domains that sold “booter” or “stresser” services — businesses that make it easy and cheap for even non-technical users to launch powerful Distributed Denial of Service (DDoS) attacks designed knock targets offline. The DOJ also charged six U.S. men with computer crimes related to their alleged ownership of the popular DDoS-for-hire services.

DDOS 356
article thumbnail

Hacking Boston’s CharlieCard

Schneier on Security

Interesting discussion of vulnerabilities and exploits against Boston’s CharlieCard.

Hacking 290
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

FBI’s Cyberthreat Information Sharing System Breached By Criminals – Entire User Database Believed Stolen

Joseph Steinberg

The FBI’s InfraGard program, which facilitates the sharing of information about cyberthreats and some physical threats between relevant, vetted parties throughout the public and private sector, has suffered a serious hacker breach. According to a report published by Krebs on Security , the criminals behind the attack not only gained access to the FBI’s InfraGard system in such a manner that they could impersonate the CEO of a major company while sending internal messages to other InfraGard membe

article thumbnail

Reimagining Democracy

Schneier on Security

Last week, I hosted a two-day workshop on reimagining democracy. The idea was to bring together people from a variety of disciplines who are all thinking about different aspects of democracy, less from a “what we need to do today” perspective and more from a blue-sky future perspective. My remit to the participants was this: The idea is to start from scratch, to pretend we’re forming a new country and don’t have any precedent to deal with.

article thumbnail

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

Speaker: Erroll Amacker

Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.

article thumbnail

Microsoft Patch Tuesday, December 2022 Edition

Krebs on Security

Microsoft has released its final monthly batch of security updates for 2022, fixing more than four dozen security holes in its various Windows operating systems and related software. The most pressing patches include a zero-day in a Windows feature that tries to flag malicious files from the Web, a critical bug in PowerShell , and a dangerous flaw in Windows 11 systems that was detailed publicly prior to this week’s Patch Tuesday.

article thumbnail

GUEST ESSAY: Why ‘continuous pentesting’ is high among the trends set to accelerate in 2023

The Last Watchdog

There is much that can be gleaned from helping companies identify and manage their critical vulnerabilities 24X7. Related: The case for proactive pentests. Based on insights from our team of elite security researchers here at Bugcrowd, these are three trends gaining steam as 2022 comes to a close – trends that I expect to command much attention in 2023.

LifeWorks

More Trending

article thumbnail

Introducing Secure Firewall version 7.3

Cisco Security

Introduction to Cisco Secure Firewall 7.3. Cisco’s latest release of Secure Firewall operating system, Secure Firewall Threat Defence Version 7.3, addresses key concerns for today’s firewall customers. The 7.3 release delivers more features to the three key outcomes: see and detect more threats faster in an increasingly encrypted environment, simplify operations, and lower the TCO of our security solution.

Firewall 145
article thumbnail

Open source code for commercial software applications is ubiquitous, but so is the risk

Tech Republic Security

As the SolarWinds and Log4j hacks show, vulnerabilities in open source software used in application development can open doors for attackers with vast consequences. A new study looks at the open source community’s efforts to “credit-rate” the risk. The post Open source code for commercial software applications is ubiquitous, but so is the risk appeared first on TechRepublic.

Software 170
article thumbnail

3.5m IP cameras exposed, with US in the lead

Security Affairs

The number of internet-facing cameras in the world is growing exponentially. Some of the most popular brands don’t enforce a strong password policy, meaning anyone can peer into their owners’ lives. Original post at [link]. When you spy on your neighborhood or your cafe customers, do you wonder if someone is watching Big Brother – you, in this case?

article thumbnail

Iranian state-aligned threat actor targets new victims in cyberespionage and kinetic campaigns

Tech Republic Security

New research from Proofpoint exposes a large shift in the TA453 threat actor’s modus operandi, which started conducting more hostile attacks. The post Iranian state-aligned threat actor targets new victims in cyberespionage and kinetic campaigns appeared first on TechRepublic.

Hacking 157
article thumbnail

Why Giant Content Libraries Do Nothing for Your Employees’ Cyber Resilience

Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.

article thumbnail

Unmasking MirrorFace: Operation LiberalFace targeting Japanese political entities

We Live Security

ESET researchers discovered a spearphishing campaign targeting Japanese political entities a few weeks before the House of Councillors elections, and in the process uncovered a previously undescribed MirrorFace credential stealer. The post Unmasking MirrorFace: Operation LiberalFace targeting Japanese political entities appeared first on WeLiveSecurity.

145
145
article thumbnail

GoTrim botnet actively brute forces WordPress and OpenCart sites

Security Affairs

Researchers discovered a new Go-based botnet, dubbed GoTrim, attempting to brute force WordPress websites. Fortinet FortiGuard Labs researchers spotted a new Go-based botnet, dubbed GoTrim, that has been spotted scanning and brute-forcing WordPress and OpenCart websites. The botnet was named GoTrim because it was written in Go and uses “:::trim::: ” to split data sent and received from the C2 server.

Malware 143
article thumbnail

GoTrim Botnet Goes After WordPress Admin Accounts

Heimadal Security

GoTrim, a new Go-based botnet malware, scans the internet for WordPress websites and attempts to brute force the administrator’s password and take control of the site. Compromise means potential security risks, including malware deployment and injection of scripts that steal credit card information, being capable of impacting millions, depending on the popularity of the breached sites.

article thumbnail

NSA Slices Up 5G Mobile Security Risks

Dark Reading

The feds' mobile service provider guidance details cybersecurity threat vectors associated with 5G network slicing.

Mobile 134
article thumbnail

Zero Trust Mandate: The Realities, Requirements and Roadmap

The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.

article thumbnail

Microsoft: Windows 10 21H1 has reached end of servicing

Bleeping Computer

Multiple editions of Windows 10 21H1 have reached their end of service (EOS) on this month's Patch Tuesday, as Microsoft reminded customers yesterday. [.].

133
133
article thumbnail

Ransomware Business Models: Future Pivots and Trends

Trend Micro

Ransomware groups and their business models are expected to change from what and how we know it to date. In this blog entry, we summarize from some of our insights the triggers that spark the small changes in the short term (“evolutions”) and the bigger deviations (“revolutions”) they can redirect their criminal enterprises to in the long run.

article thumbnail

Patch Tuesday Fixes Actively Exploited MOTW Vulnerability

eSecurity Planet

Microsoft’s December 2022 Patch Tuesday includes fixes for over four dozen vulnerabilities, six of them critical – including a zero-day flaw in the SmartScreen security tool, CVE-2022-44698 , that’s being actively exploited. Regarding that flaw, Microsoft observed, “An attacker can craft a malicious file that would evade Mark of the Web (MOTW) defenses, resulting in a limited loss of integrity and availability of security features such as Protected View in Microsoft Office, whi

Risk 130
article thumbnail

Apple fixed the tenth actively exploited zero-day this year

Security Affairs

Apple rolled out security updates to iOS, iPadOS, macOS, tvOS, and Safari to fix a new actively exploited zero-day (CVE-2022-42856). Apple released security updates to address a new zero-day vulnerability, tracked as CVE-2022-42856, that is actively exploited in attacks against iPhones. The flaw is the tenth actively exploited zero-day vulnerability since the start of the year.

article thumbnail

Next-Level Fraud Prevention: Strategies for Today’s Threat Landscape

Speaker: Sierre Lindgren

Fraud is a battle that every organization must face – it’s no longer a question of “if” but “when.” Every organization is a potential target for fraud, and the finance department is often the bullseye. From cleverly disguised emails to fraudulent payment requests, the tactics of cybercriminals are advancing rapidly. Drawing insights from real-world cases and industry expertise, we’ll explore the vulnerabilities in your processes and how to fortify them effectively.

article thumbnail

The 80 Best Cyber Security YouTube Channels

Security Boulevard

Introduction In the cyber security space, one of the accepted realities is that to stay relevant, you must be constantly learning. Whether this is learning a new field, tool, or even just staying abreast of the latest emerging threats, you must always be learning. However, sometimes finding quality content to learn from can be tricky, […]. The post The 80 Best Cyber Security YouTube Channels appeared first on Cyborg Security.

128
128
article thumbnail

December 2022 Patch Tuesday fixed 2 zero-day flaws

Security Affairs

Microsoft released December 2022 Patch Tuesday security updates that fix 52 vulnerabilities across its products. Microsoft December 2022 Patch Tuesday security updates addressed 52 vulnerabilities in Microsoft Windows and Windows Components; Azure; Office and Office Components; SysInternals; Microsoft Edge (Chromium-based); SharePoint Server; and the.NET framework. 12 of these vulnerabilities were submitted through the ZDI program.

Hacking 123
article thumbnail

Not Just Web Browsing Security: Isolation Strengthens all SSE Functions

Security Boulevard

Over a decade ago, the National Nuclear Security Administration began using “remote-managed hosted virtualization” to isolate risky web interactions from laboratory desktops used in nuclear research labs. This early version of remote browser isolation streamed website images from browsers located on remote servers to non-persistent virtual desktops located on users’ actual desktop devices.

article thumbnail

Open-source repositories flooded by 144,000 phishing packages

Bleeping Computer

Unknown threat actors have uploaded a total of 144,294 phishing-related packages on the open-source package repositories NuGet, PyPI, and NPM. [.].

Phishing 120
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Health Care Under Cyberattack: Unprotected Medical IoT Devices Threaten Patient Care

Security Boulevard

Connected devices bring organizations more information and convenience, but they also increase an organization’s attack surface—and medical devices are no different. According to a survey released by reviews platform provider Capterra, as health care organizations connect more medical devices to their network, they are also attacked more often. Capterra’s 2022 Medical IoT Survey was conducted.

IoT 122
article thumbnail

New Royal ransomware group evades detection with partial encryption

CSO Magazine

A new ransomware group dubbed Royal that formed earlier this year has significantly ramped up its operations over the past few months and developed its own custom ransomware program that allows attackers to perform flexible and fast file encryption. "The Royal ransomware group emerged in early 2022 and has gained momentum since the middle of the year," researchers from security firm Cybereason said in a new report.

article thumbnail

Attackers use SVG files to smuggle QBot malware onto Windows systems

Bleeping Computer

QBot malware phishing campaigns have adopted a new distribution method using SVG files to perform HTML smuggling that locally creates a malicious installer for Windows. [.].

Malware 114
article thumbnail

How acceptable is your acceptable use policy?

CSO Magazine

In a world before smartphones, social media, and hybrid workplaces, an acceptable use policy was a lot easier to write—and to enforce. These days, it’s a lot more complicated. Work can take place almost anywhere, on any number of devices. An employee can accept a job and then never physically set foot in the office, working from home (or the Caribbean) on their personal laptop.

Media 114
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Hackers target Japanese politicians with new MirrorStealer malware

Bleeping Computer

A hacking group tracked as MirrorFace has been targeting Japanese politicians for weeks before the House of Councilors election in July 2022, using a previously undocumented credentials stealer named 'MirrorStealer.' [.].

Malware 112
article thumbnail

Ahoy! More insecure code washes ashore with AlphaCode

Security Boulevard

Alphabet’s DeepMind brings us AlphaCode — another AI code-generating parlor trick. And, just like its large language model cousins, it can spit out buggy code. The post Ahoy! More insecure code washes ashore with AlphaCode appeared first on Security Boulevard.

article thumbnail

Royal Ransomware Puts Novel Spin on Encryption Tactics

Dark Reading

An emerging cybercriminal group linked with Conti has expanded its partial encryption strategy and demonstrates other evasive maneuvers, as it takes aim at healthcare and other sectors.

article thumbnail

Exploring The Benefits Of AI-Powered At The 2022 Qatar World Cup

SecureBlitz

In this post, we will explore the benefits of AI-Powered at the 2022 Qatar World Cup. The 2022 Qatar World Cup, the 22nd edition of the global football tournament, is set to be one of the most high-tech events in history with the use of artificial intelligence (AI) for security and Video Assistant Referee (VAR) […]. The post Exploring The Benefits Of AI-Powered At The 2022 Qatar World Cup appeared first on SecureBlitz Cybersecurity.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!