Wed.Nov 27, 2024

article thumbnail

NSO Group Spies on People on Behalf of Governments

Schneier on Security

The Israeli company NSO Group sells Pegasus spyware to countries around the world (including countries like Saudi Arabia, UAE, India, Mexico, Morocco and Rwanda). We assumed that those countries use the spyware themselves. Now we’ve learned that that’s not true: that NSO Group employees operate the spyware on behalf of their customers. Legal documents released in ongoing US litigation between NSO Group and WhatsApp have revealed for the first time that the Israeli cyberweapons maker

article thumbnail

RomCom exploits Firefox and Windows zero days in the wild

We Live Security

ESET Research details the analysis of a previously unknown vulnerability in Mozilla products exploited in the wild and another previously unknown Microsoft Windows vulnerability, combined in a zero-click exploit.

136
136
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Starbucks, Supermarkets Targeted in Ransomware Attack

Tech Republic Security

Blue Yonder, a prominent supply chain software provider, has been targeted in a ransomware attack, leading to disruption at major retail outlets.

article thumbnail

Researchers Discover "Bootkitty" – First UEFI Bootkit Targeting Linux Kernels

The Hacker News

Cybersecurity researchers have shed light on what has been described as the first Unified Extensible Firmware Interface (UEFI) bootkit designed for Linux systems. Dubbed Bootkitty by its creators who go by the name BlackCat, the bootkit is assessed to be a proof-of-concept (PoC) and there is no evidence that it has been put to use in real-world attacks.

Firmware 130
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

VMware fixed five vulnerabilities in Aria Operations product

Security Affairs

Virtualization giant VMware addressed multiple vulnerabilities in its Aria Operations product that can led to privilege escalation and XSS attacks. VMware released security updates to address five vulnerabilities in its Aria Operations product. Aria Operations (formerly known as VMware vRealize Operations) is a comprehensive cloud management and operations platform developed by VMware.

Hacking 115
article thumbnail

U.S. Telecom Giant T-Mobile Detects Network Intrusion Attempts from Wireline Provider

The Hacker News

U.S. telecom service provider T-Mobile said it recently detected attempts made by bad actors to infiltrate its systems in recent weeks but noted that no sensitive data was accessed. These intrusion attempts "originated from a wireline provider's network that was connected to ours," Jeff Simon, chief security officer at T-Mobile, said in a statement.

Mobile 128

More Trending

article thumbnail

Medical testing company LifeLabs failed to protect customer data, report finds

Malwarebytes

In 2019, a ransomware attack hit LifeLabs, a Canadian medical testing company. The ransomware encrypted the lab results of 15 million Canadians, and personally identifiable information (PII) of 8.6 million people was stolen. After noticing the attack, LifeLabs informed its customers and the Canadian privacy regulators, which immediately announced an investigation.

article thumbnail

APT-C-60 Exploits WPS Office Vulnerability to Deploy SpyGlace Backdoor

The Hacker News

The threat actor known as APT-C-60 has been linked to a cyber attack targeting an unnamed organization in Japan that used a job application-themed lure to deliver the SpyGlace backdoor. That's according to findings from JPCERT/CC, which said the intrusion leveraged legitimate services like Google Drive, Bitbucket, and StatCounter. The attack was carried out around August 2024.

article thumbnail

Interpol, African Nations Arrest 1,006 in Sweeping ‘Operation Serengeti’

Security Boulevard

Interpol led 19 African countries in a massive anti-cybercriminal effort dubbed "Operation Serengeti" that shut down a range of scams and attacks that bled $193 million from 35,000 victims. More than 1,000 people were arrested and more than 134,000 malicious infrastructures shut down. The post Interpol, African Nations Arrest 1,006 in Sweeping ‘Operation Serengeti’ appeared first on Security Boulevard.

Scams 99
article thumbnail

CVE-2024-42327 (CVSS 9.9): Critical SQL Injection Vulnerability Found in Zabbix

Penetration Testing

Zabbix, a popular open-source IT infrastructure monitoring tool used by organizations worldwide, has been found to contain a critical SQL injection vulnerability (CVE-2024-42327) with a CVSS score of 9.9. This... The post CVE-2024-42327 (CVSS 9.9): Critical SQL Injection Vulnerability Found in Zabbix appeared first on Cybersecurity News.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Latest Multi-Stage Attack Scenarios with Real-World Examples

The Hacker News

Multi-stage cyber attacks, characterized by their complex execution chains, are designed to avoid detection and trick victims into a false sense of security. Knowing how they operate is the first step to building a solid defense strategy against them. Let's examine real-world examples of some of the most common multi-stage attack scenarios that are active right now.

article thumbnail

35 Million Devices Vulnerable: Matrix DDoS Campaign Highlights Growing IoT Threat

Penetration Testing

Aqua Nautilus researchers have uncovered a major Distributed Denial-of-Service (DDoS) campaign led by a threat actor operating under the name Matrix. This operation, detected through honeypot activities, showcases a concerning... The post 35 Million Devices Vulnerable: Matrix DDoS Campaign Highlights Growing IoT Threat appeared first on Cybersecurity News.

DDOS 109
article thumbnail

Travel Safe: Cybersecurity Tips for Your Next Vacation

SecureWorld News

Even if you leave your desktop computer at home, you'll probably stay connected when you're vacationing—you can check your phone on the beach or on a mountaintop. Travelers often rely on technology to enhance vacations, like by sharing photos online or finding lodging on an app. As you embark upon your next adventure, remain cyber safe following some simple practices to keep your vacation plans free from cybercriminal meddling.

article thumbnail

Protecting Web-Based Work: Connecting People, Web Browsers and Security

Security Boulevard

With web browsers being the primary gateway to the internet, any security lapse can lead to broad opportunities for significant data breaches and operational disruptions. The post Protecting Web-Based Work: Connecting People, Web Browsers and Security appeared first on Security Boulevard.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Critical Flaw in ProjectSend Under Active Exploitation Against Public-Facing Servers

The Hacker News

A critical security flaw impacting the ProjectSend open-source file-sharing application has likely come under active exploitation in the wild, according to findings from VulnCheck. The vulnerability, originally patched over a year-and-a-half ago as part of a commit pushed in May 2023 , was not officially made available until August 2024 with the release of version r1720.

94
article thumbnail

SMOKEDHAM Backdoor: UNC2465’s Stealth Weapon for Extortion and Ransomware Campaigns

Penetration Testing

A comprehensive analysis by TRAC Labs has shed light on the SMOKEDHAM backdoor, a malicious tool leveraged by the financially motivated threat actor UNC2465. Active since 2019, SMOKEDHAM plays a... The post SMOKEDHAM Backdoor: UNC2465’s Stealth Weapon for Extortion and Ransomware Campaigns appeared first on Cybersecurity News.

article thumbnail

VMware fixed five vulnerabilities in Aria Operations product

Security Affairs

Virtualization giant VMware addressed multiple vulnerabilities in its Aria Operations product that can led to privilege escalation and XSS attacks. VMware released security updates to address five vulnerabilities in its Aria Operations product. Aria Operations (formerly known as VMware vRealize Operations) is a comprehensive cloud management and operations platform developed by VMware.

Hacking 94
article thumbnail

Exabeam Allies With Wiz to Integrate CNAPP With SIEM Platform

Security Boulevard

Exabeam has allied with Wiz to gain access to security data collected from a cloud-native application protection platform (CNAPP). The post Exabeam Allies With Wiz to Integrate CNAPP With SIEM Platform appeared first on Security Boulevard.

article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Get 1 year of Hulu for $1 a month with this Black Friday deal

Zero Day

Hulu's Black Friday deal drops the price of a monthly subscription to the streaming service from $7.99 to $0.99 a month for your first year. Don't miss out.

87
article thumbnail

Black Friday Fake Stores Surge 110%: How LLMs and Cheap Domains Empower Cybercrime

Penetration Testing

The 2024 holiday shopping season is witnessing an alarming rise in fraudulent e-commerce activity. According to Netcraft, fake online stores have surged by 110% between August and October, capitalizing on... The post Black Friday Fake Stores Surge 110%: How LLMs and Cheap Domains Empower Cybercrime appeared first on Cybersecurity News.

article thumbnail

This rugged Android smartphone with ultra-wideband is 51% off during Black Friday

Zero Day

Ultra-wideband (UWB) is a feature that has many potential benefits for Android owners. This phone has it, and it's on sale now.

87
article thumbnail

CVE-2024-11680 (CVSS 9.8): Critical ProjectSend Vulnerability Actively Exploited, PoC Published

Penetration Testing

A critical vulnerability in the open-source file-sharing web application ProjectSend, identified as CVE-2024-11680, is being actively exploited in the wild, according to a report by VulnCheck. Despite a patch being... The post CVE-2024-11680 (CVSS 9.8): Critical ProjectSend Vulnerability Actively Exploited, PoC Published appeared first on Cybersecurity News.

article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

article thumbnail

How I bought the Meta Ray-Bans for 20% off on Black Friday - and got an Amazon gift card too

Zero Day

Consistent feature updates, a rare discount, and a free $90 Amazon gift card make the Meta Ray-Ban smart glasses a no-brainer purchase for me this holiday season.

78
article thumbnail

XorBot Botnet Resurfaces with Advanced Evasion and Exploits, Threatens IoT Devices

Penetration Testing

NSFOCUS has identified a resurgence of the XorBot botnet, a potent threat to Internet of Things (IoT) devices worldwide. First observed in late 2023, XorBot has evolved significantly, introducing advanced... The post XorBot Botnet Resurfaces with Advanced Evasion and Exploits, Threatens IoT Devices appeared first on Cybersecurity News.

IoT 78
article thumbnail

How to control Windows with Super God Mode (and enjoy settings omniscience)

Zero Day

Super God Mode collects all the core Windows apps, features, and settings and serves them to you in one single series of folders. It's glorious.

78
article thumbnail

How DSPM Helps Businesses Meet Compliance Requirements

Security Affairs

Data Security Posture Management (DSPM) helps monitor, secure, and ensure compliance for sensitive data, reducing risks across diverse environments. Complying with cybersecurity regulations can be a source of great pain for organizations, especially those that handle and store particularly valuable and vulnerable information. Organizations in sectors like healthcare, finance, legal, and government often process vast amounts of highly sensitive data, and regulations exist to ensure and verify tha

article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

Spotify users can ask Gemini AI to find and play their favorite music now

Zero Day

Thanks to a new team-up between Spotify and Google, you can request songs by title, artist, album, genre, or playlist. Here's how to get started.

77
article thumbnail

Cybercrime as an Industry: A Deep Dive into the Organizational Structure of Chinese Cybercrime

Penetration Testing

In a recent study from the University of Oxford, sociologist Qiaoyu Luo explores the industrialisation of cybercrime in China, revealing a highly organised and profit-driven ecosystem. The report sheds light... The post Cybercrime as an Industry: A Deep Dive into the Organizational Structure of Chinese Cybercrime appeared first on Cybersecurity News.

article thumbnail

Windows 11 24H2 beset by another bug, and this one affects gamers

Zero Day

Various Ubisoft games could crash if you attempt to run them in the Windows 11 2024 update. Here's what to do if you're affected.

76
article thumbnail

Bootkitty is the first UEFI Bootkit designed for Linux systems

Security Affairs

ESET discovered the first Unified Extensible Firmware Interface (UEFI) bootkit specifically designed for Linux systems, named Bootkitty. Cybersecurity researchers from ESET discovered the first UEFI bootkit designed to target Linux systems, called by its authors Bootkitty. The bootkit allows attackers to disable the kernel’s signature verification feature and to preload two as yet unknown ELF binaries via the Linux init process.

article thumbnail

IT Leadership Agrees AI is Here, but Now What?

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.