Schneier on Security

APRIL 24, 2023

In an open letter , seven secure messaging apps—including Signal and WhatsApp—point out that the UK’s Online Safety Bill could destroy end-to-end encryption: As currently drafted, the Bill could break end-to-end encryption,opening the door to routine, general and indiscriminate surveillance of personal messages of friends, family members, employees, executives, journalists, human rights activists and even politicians themselves, which would fundamentally undermine everyone’s ab

Encryption 302

Encryption Surveillance Government 302

Tech Republic Security

APRIL 24, 2023

PURPOSE This Mobile Device Security Policy from TechRepublic Premium provides guidelines for mobile device security needs in order to protect businesses and their employees. This policy can be customized as needed to fit the needs of your organization. From the policy: REQUIREMENT FOR USERS If using a company-owned device, ensure that all mobile device use.

Mobile 135

Mobile 135

Bleeping Computer

APRIL 24, 2023

A new side-channel attack impacting multiple generations of Intel CPUs has been discovered, allowing data to be leaked through the EFLAGS register. [.

141

141

CSO Magazine

APRIL 24, 2023

One of the greatest fears among government officials and security experts is a crippling cyberattack on industrial organizations that run essential services, including electricity, water, oil and gas production, and manufacturing systems. The proprietary and complex nature of the operational technology (OT) tools used in these systems, not to mention their rapid convergence with IT technology, makes securing OT systems a chronic, high-stakes challenge.

Manufacturing 126

Manufacturing Technology Government 126

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Security Boulevard

APRIL 24, 2023

Torq, today at the RSA 2023 conference, launched a hyperautomation platform for automating cybersecurity workflows and processes that includes an analytics capability enabled by a generative artificial intelligence (AI) capability. Torq co-founder and CTO Leonid Belkin said the Torq Hyperautomation Platform is distinguished from legacy security operations automation and response (SOAR) platforms in that it.

Artificial Intelligence 122

Artificial Intelligence Cybersecurity 122

CSO Magazine

APRIL 24, 2023

The hacking group responsible for the supply-chain attack targeting VoIP company 3CX also breached two critical infrastructure organizations in the energy sector and two financial trading organizations using the trojanized X_TRADER application, according to a report by Symantec. Among the two affected critical infrastructure organizations, one is located in the US while the other is in Europe, Symantec told Bleeping Computer.

Hacking 125

Hacking 125

Security Boulevard

APRIL 24, 2023

Organizations rely heavily on third-party vendors and contractors. Smart companies will have a service level agreement (SLA) with each vendor which includes information about the vendor’s approach to cybersecurity—in fact, it’s a best practice to add security to the software supply chain. If only it was that simple. In the real world, the vendor supply.

Risk 112

Risk Software Cybersecurity Security Awareness 112

Bleeping Computer

APRIL 24, 2023

APC's Easy UPS Online Monitoring Software is vulnerable to unauthenticated arbitrary remote code execution, allowing hackers to take over devices and, in a worst-case scenario, disabling its functionality altogether. [.

Software 116

Software 116

CyberSecurity Insiders

APRIL 24, 2023

Yellow Pages Canada reportedly fell victim to a Black Basta Ransomware attack at the end of March this year. News has emerged that the criminals siphoned sensitive details and data from the servers of the Canadian Directory services provider, including information such as tax documents, sales and purchase deals, spreadsheets related to the accounts department, and many scanned passport and driving license documents related to customers and employees.

Cyber Attacks 109

Cyber Attacks Ransomware Malware Software 109

Bleeping Computer

APRIL 24, 2023

Attackers are exploiting severe vulnerabilities in the widely-used PaperCut MF/NG print management software to install Atera remote management software to take over servers. [.

Software 114

Software 114

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Security Boulevard

APRIL 24, 2023

Salt Security has infused additional artificial intelligence (AI) capabilities into its software-as-a-service (SaaS) platform that should make it simpler to both discover APIs and triage levels of threat. Nick Rago, field CTO for Salt Security, said one of the major challenges organizations face today is that hundreds, possibly even thousands, of APIs may already be.

Artificial Intelligence 109

Artificial Intelligence Software Cybersecurity 109

Dark Reading

APRIL 24, 2023

Consider adding some security-through-obscurity tactics to your organization's protection arsenal to boost protection. Mask your attack surface behind additional zero-trust layers to remove AI's predictive advantage.

Cybersecurity 100

Cybersecurity 100

Security Boulevard

APRIL 24, 2023

Noname Security announced today it is working with Intel to offload application programming interface (API) security to network integration cards (NICs) based on 4th-gen Intel Xeon Scalable processors and the Intel NetSec Accelerator Reference Design. Filip Verloy, field CTO for Noname Security, said that approach will enable cybersecurity teams to take advantage of the Intel.

Cybersecurity 104

Cybersecurity Software 104

CSO Magazine

APRIL 24, 2023

The recent proliferation of tools that employ artificial intelligence (AI) or machine learning (ML) to perform human-like tasks has sparked a great deal of interest in the cybersecurity community. And they’ve prompted some very hard questions about the future, not the least of which is whether ChatGPT, BardAI, Bing AI, and the dozens of other “AI” applications and tools already in use represent a threat or boon to security operations.

Artificial Intelligence 100

Artificial Intelligence CSO Cybersecurity Cyber threats 100

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity

Security Boulevard

APRIL 24, 2023

As generative AI platforms like OpenAI’s ChatGPT and Google Bard continue to dominate the headlines—and pundits debate whether the technology has taken off too quickly without necessary guardrails—cybercriminals are showing equal interest and no hesitance in exploiting them. Not surprisingly, then, security researchers at Veriti uncovered “a new malware-as-a-service (MaaS) campaign that leverages the popularity.

Malware 103

Malware Technology Social Engineering Engineering 103

Dark Reading

APRIL 24, 2023

Is Elon Musk's "maximum truth-seeking AI" achievable? Overcoming bias in artificial technologies is crucial for cybersecurity, but doing it could be a challenge.

Technology 105

Technology Cybersecurity 105

The Hacker News

APRIL 24, 2023

Threat actors have been observed leveraging a legitimate but outdated WordPress plugin to surreptitiously backdoor websites as part of an ongoing campaign, Sucuri revealed in a report published last week. The plugin in question is Eval PHP, released by a developer named flashpixx.

99

99

Security Boulevard

APRIL 24, 2023

Cybersecurity leaders must detect and respond to successful attacks in ways that minimize overall damage to the organization itself. This often leads to delayed reporting that causes more damage than the attack itself. The post Cyberattack Stigma: How Delayed Reporting Causes More Damage appeared first on Security Boulevard.

Cybersecurity 98

Cybersecurity 98

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

The Hacker News

APRIL 24, 2023

Search giant Google on Monday unveiled a major update to its 12-year-old Authenticator app for Android and iOS with an account synchronization option that allows users to back up their time-based one-time passwords (TOTPs) codes to the cloud.

Authentication 98

Authentication Backups Passwords Accountability 98

eSecurity Planet

APRIL 24, 2023

Aqua Security’s cloud security research team recently found thousands of registries and artifact repositories exposed online, revealing more than 250 million artifacts and over 65,000 container images. The registries and repositories belonged to a wide range of companies, including 10 members of the Fortune 500 and two leading cybersecurity providers. “In some of these cases, anonymous user access allowed a potential attacker to gain sensitive information, such as secrets, keys, and

Software 98

Software Data Analyst Passwords Risk 98

Security Boulevard

APRIL 24, 2023

A global survey of more than 1,600 IT and security leaders conducted by Wakefield Research on behalf of Rubrik finds nearly three-quarters (72%) of organizations have complied with a ransomware demand despite nearly all of them (99%) having access to backup and recovery tools. In addition, only 16% said they were able to recover all. The post Rubrik: Ransomware Payment Activity on the Rise appeared first on Security Boulevard.

Ransomware 98

Ransomware Backups Risk Government 98

Security Affairs

APRIL 24, 2023

Ransomware operators use the AuKill tool to disable EDR software through Bring Your Own Vulnerable Driver (BYOVD) attack. Sophos researchers reported that threat actors are using a previously undocumented defense evasion tool, dubbed AuKill, to disable endpoint detection and response (EDR) software. The tool relies on the Bring Your Own Vulnerable Driver ( BYOVD ) technique to disable the EDR.

Software 96

Software Ransomware Education Media 96

Advertisement

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

Identity Theft

CSO Magazine

APRIL 24, 2023

Threat intelligence firm Flashpoint has announced the release of Ignite, a new intelligence platform built to accelerate cross-functional risk mitigation and prevention across vulnerability management and security teams, including those in law enforcement, state and local government, and federal civilian agencies. Designed for practitioners, Ignite delivers real-time pictures of pertinent risks while reducing silos that can result from disparate intelligence feeds from multiple partners, helping

Cyber threats 91

Cyber threats Risk Government 91

Security Affairs

APRIL 24, 2023

Threat actors are exploiting PaperCut MF/NG print management software flaws in attacks in the wild, while researchers released PoC exploit code. Hackers are actively exploiting PaperCut MF/NG print management software flaws (tracked as CVE-2023-27350 and CVE-2023-27351 ) in attacks in the wild. The threat actors were observed installing the Atera remote management software to take over vulnerable servers.

Authentication 96

Authentication Software Education Malware 96

The Hacker News

APRIL 24, 2023

The Russian-speaking threat actor behind a backdoor known as Tomiris is primarily focused on gathering intelligence in Central Asia, fresh findings from Kaspersky reveal. "Tomiris's endgame consistently appears to be the regular theft of internal documents," security researchers Pierre Delcher and Ivan Kwiatkowski said in an analysis published today.

Government 91

Government 91

Security Affairs

APRIL 24, 2023

ESET researchers explained that enterprise network equipment that was discarded, but not destroyed, could reveal corporate secrets. ESET researchers purchased a few used routers to set up a test environment and made a shocking discovery, in many cases, previously used configurations had not been wiped. The experts pointed out that the data they found on the devices could be used to identify the prior owners, this information can be used by threat actors to breach their networks. “Results r

Hacking 93

Hacking VPN Marketing Authentication 93

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

Cybersecurity

CSO Magazine

APRIL 24, 2023

Open source, cloud security firm Paladin Cloud has launched a new SaaS-based platform for enterprise cloud attack surface discovery and vulnerability management. Built on Paladin Cloud’s open source core, the platform has a set of security policies implemented in code to serve as an extended policy management tool that integrates into various enterprise systems, providing a comprehensive view of security across multicloud environments.

89

89

Security Affairs

APRIL 24, 2023

EvilExtractor is a new “all-in-one” info stealer for Windows that is being advertised for sale on dark web cybercrime forums. Fortinet FortiGuard Labs researchers discovered a new “all-in-one” info stealer for Windows, dubbed EvilExtractor (sometimes spelled Evil Extractor) that is available for sale on dark web cybercrime forums.

Cybercrime 90

Cybercrime Malware Education Phishing 90

eSecurity Planet

APRIL 24, 2023

Cybercrime has skyrocketed in the last few years, and the websites of small and medium-sized companies have been the most frequent target of web attacks. The statistics are sobering: Small businesses report substantial downtime and lost data and business from those cyberattacks, and fewer than 30% are able to recover from a cyberattack within eight hours.

Backups 96

Backups Cybercrime Authentication Accountability 96

Bleeping Computer

APRIL 24, 2023

Yellow Pages Group, a Canadian directory publisher has confirmed to BleepingComputer that it has been hit by a cyber attack. Black Basta ransomware and extortion gang claims responsibility for the attack and has posted sensitive documents and data over the weekend. [.

Cyber Attacks 89

Cyber Attacks Ransomware 89

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.