Schneier on Security

JUNE 28, 2023

The stalkerware company LetMeSpy has been hacked : TechCrunch reviewed the leaked data, which included years of victims’ call logs and text messages dating back to 2013. The database we reviewed contained current records on at least 13,000 compromised devices, though some of the devices shared little to no data with LetMeSpy. (LetMeSpy claims to delete data after two months of account inactivity.) […] The database also contained over 13,400 location data points for several thousand v

Hacking 194

Hacking Spyware Accountability Data breaches 194

Bleeping Computer

JUNE 28, 2023

Microsoft has released Sysmon 15, converting it into a protected process and adding the new 'FileExecutableDetected' option to log when executable files are created. [.

145

145

Tech Republic Security

JUNE 28, 2023

Security measures and other IT controls only work if they are implemented consistently, predictably and with integrity. The IT audit director develops and schedules internal audits to measure and document whether those IT controls were followed as prescribed. This hiring kit from TechRepublic Premium can give your enterprise a head start on finding your ideal.

127

127

SecureList

JUNE 28, 2023

Introduction Andariel, a part of the notorious Lazarus group, is known for its use of the DTrack malware and Maui ransomware in mid-2022. During the same period, Andariel also actively exploited the Log4j vulnerability as reported by Talos and Ahnlab. Their campaign introduced several new malware families, such as YamaBot and MagicRat, but also updated versions of NukeSped and, of course, DTrack.

Malware 133

Malware Cybercrime Phishing Ransomware 133

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Bleeping Computer

JUNE 28, 2023

Data protection vendor Arcserve has addressed a high-severity security flaw in its Unified Data Protection (UDP) backup software that can let attackers bypass authentication and gain admin privileges. [.

Backups 131

Backups Authentication Software 131

eSecurity Planet

JUNE 28, 2023

Penetration tests are vital components of vulnerability management programs. In these tests, white hat hackers try to find and exploit vulnerabilities in your systems to help you stay one step ahead of cyberattackers. Because these tests can use illegal hacker techniques, pentest services will sign a contract detailing their roles, goals, and responsibilities.

Penetration Testing 125

Penetration Testing Social Engineering Wireless Engineering 125

Security Boulevard

JUNE 28, 2023

Content warning: Abuse, stalking, controlling behavior, Schadenfreude, irony, doxxing. The post Ironic: LetMeSpy Spyware Hackers Were Hacked (by Hackers) appeared first on Security Boulevard.

Spyware 109

Spyware Hacking Social Engineering Data breaches 109

Bleeping Computer

JUNE 28, 2023

The Brave team has announced that the privacy-centric browser will soon introduce new restriction controls allowing users to specify how long sites can access local network resources. [.

Software 124

Software 124

CyberSecurity Insiders

JUNE 28, 2023

When COVID-19 disrupted our work environments and triggered a massive shift to remote work, organizations faced the daunting task of securing corporate data and apps across thousands of disparate locations and devices. Companies, employees, and IT departments were forced to quickly adapt to this new reality of a remote-first world. The issue was further exacerbated by traditional remote desktop solutions that proved inadequate for this new landscape.

Mobile 110

Mobile Technology Encryption Software 110

Security Boulevard

JUNE 28, 2023

A seismic shift is happening in cybersecurity right now – one that has been long overdue. As professionals in this field, we’ve grown accustomed to reliance on black boxes and complex algorithms that promise us safety and security. But, aren’t we tired of the empty promises? The status quo of “trust but cannot verify” is […] The post Threat Hunting: Cybersecurity’s Long-Overdue Wake-Up Call appeared first on Cyborg Security.

Cybersecurity 101

Cybersecurity 101

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Naked Security

JUNE 28, 2023

Technically, it’s “up to $10 million”, but it’s potentially a LOT of money, nevertheless…

Ransomware 121

Ransomware 121

Digital Guardian

JUNE 28, 2023

We provide a high-level overview of India's Personal Data Protection Bill, how data privacy law in India has evolved over the years and outline the rights and responsibilities of the proposed bill.

Data privacy 98

Data privacy 98

We Live Security

JUNE 28, 2023

Cybercriminals can use USB charging stations in airports, hotels, malls or other public spaces as conduits for malware The post Avoid juice jacking and recharge your batteries safely this summer appeared first on WeLiveSecurity

Malware 97

Malware 97

Dark Reading

JUNE 28, 2023

The popular package manager for software developers has been vulnerable to this attack vector for a while, and negligent in fixing the problem, according to a former employee.

Malware 96

Malware Software 96

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity

Bleeping Computer

JUNE 28, 2023

Microsoft is investigating an ongoing outage blocking customers from accessing and using the Microsoft Teams communication platform via web and desktop clients. [.

100

100

Dark Reading

JUNE 28, 2023

Generative AI chatbots like ChatGPT are the buzziest of the buzzy right now, but the cyber community is starting to mature when it comes to assessing where it should fit into our lives.

Cybersecurity 95

Cybersecurity 95

Security Affairs

JUNE 28, 2023

SQL injection vulnerabilities in Gentoo Soko could lead to remote code execution (RCE) on impacted systems. SonarSource researchers discovered two SQL injection vulnerabilities in Gentoo Soko, collectively tracked as CVE-2023-28424 (CVSS score: 9.1) [ 1 ],[ 2 ], that can be exploited by a remote attacker to execute arbitrary code on vulnerable systems. “The two package search handlers, Search and SearchFeed, implemented in pkg/app/handler/packages/search.go, are affected by a SQL injection

Software 96

Software Hacking Information Security 96

Bleeping Computer

JUNE 28, 2023

Microsoft has addressed a known issue causing File Explorer on Windows 11 and Windows Server systems after viewing a file's effective access permissions. [.

98

98

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

Security Affairs

JUNE 28, 2023

Electromagnetic fault injection (EMFI) attacks on drones can potentially allow attackers to achieve arbitrary code execution and take over them. While the use of drones continues to grow, researchers from IOActive analyzed how to develop fault injection attacks against hardened Unmanned Aerial Vehicles (UAVs). The experts focused on achieving code execution on a commercially available drone, supporting significant security features (i.e. the use of signed and encrypted firmware, Trusted Executio

Firmware 96

Firmware Encryption Hacking Information Security 96

Dark Reading

JUNE 28, 2023

With at least 13,000 compromised devices in the data leak, it is still unknown who the threat actor is or whether or not victims will be personally notified.

Hacking 97

Hacking 97

The Hacker News

JUNE 28, 2023

Drones that don't have any known security weaknesses could be the target of electromagnetic fault injection (EMFI) attacks, potentially enabling a threat actor to achieve arbitrary code execution and compromise their functionality and safety.

88

88

Dark Reading

JUNE 28, 2023

Developers' enthusiasm for ChatGPT and other LLM tools leaves most organizations largely unprepared to defend against the vulnerabilities that the nascent technology creates.

Risk 89

Risk Cybersecurity Technology 89

Advertisement

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

Identity Theft

The Hacker News

JUNE 28, 2023

A previously undocumented Windows-based information stealer called ThirdEye has been discovered in the wild with capabilities to harvest sensitive data from infected hosts. Fortinet FortiGuard Labs, which made the discovery, said it found the malware in an executable that masqueraded as a PDF file with a Russian name "CMK Правила оформления больничных листов.pdf.

Malware 86

Malware 86

Security Affairs

JUNE 28, 2023

Researchers warn of a massive spike in May and June 2023 of the activity associated with the ransomware group named 8Base. VMware Carbon Black researchers observed an intensification of the activity associated with a stealthy ransomware group named 8Base. The experts observed a massive spike in activity associated with this threat actor between May and June 2023.

Ransomware 92

Ransomware Encryption Manufacturing Business Services 92

Bleeping Computer

JUNE 28, 2023

The NPM (Node Package Manager) registry suffers from a security lapse called "manifest confusion," which undermines the trustworthiness of packages and makes it possible for attackers to hide malware in dependencies or perform malicious script execution during installation. [.

Risk 86

Risk Malware 86

CyberSecurity Insiders

JUNE 28, 2023

After the military group named Wagner took over the supremacy realms from Putin for a brief period in the last weekend, a new ransomware is said to be threatening all Windows machines operating in the Russian federation. Wagner ransomware has started taking down computers operating on Microsoft software and is pleading the victim to join the paramilitary group that is getting ready to take down Shoigu, the military general leading Vladimir Putin army.

Ransomware 88

Ransomware Cyber Attacks Malware Media 88

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

Cybersecurity

Dark Reading

JUNE 28, 2023

Saudi Arabia is one of the world's leaders in cybersecurity development and preparedness, according to the latest rankings.

Cybersecurity 105

Cybersecurity 105

The Hacker News

JUNE 28, 2023

Multiple SQL injection vulnerabilities have been disclosed in Gentoo Soko that could lead to remote code execution (RCE) on vulnerable systems. "These SQL injections happened despite the use of an Object-Relational Mapping (ORM) library and prepared statements," SonarSource researcher Thomas Chauchefoin said, adding they could result in RCE on Soko because of a "misconfiguration of the database.

82

82

Dark Reading

JUNE 28, 2023

With the National Cybersecurity Strategy planning to add real teeth into enforcement actions, software vendors have extra incentive to reduce applications' security debt.

Software 85

Software Cybersecurity 85

The Hacker News

JUNE 28, 2023

For too long the cybersecurity world focused exclusively on information technology (IT), leaving operational technology (OT) to fend for itself. Traditionally, few industrial enterprises had dedicated cybersecurity leaders.

CISO 81

CISO Technology Cybersecurity 81

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.