Wed.Jun 12, 2024

article thumbnail

Using AI for Political Polling

Schneier on Security

Public polling is a critical function of modern political campaigns and movements, but it isn’t what it once was. Recent US election cycles have produced copious postmortems explaining both the successes and the flaws of public polling. There are two main reasons polling fails. First, nonresponse has skyrocketed. It’s radically harder to reach people than it used to be.

Media 254
article thumbnail

RSAC Fireside Chat: VISO TRUST replaces questionaires with AI analysis to advance ‘TPRM’

The Last Watchdog

Taking stock of exposures arising from the data-handling practices of third-party suppliers was never simple. Related: Europe requires corporate sustainability In a hyper-connected, widely-distributed operating environment the challenge has become daunting. At RSAC 2024 , I visited with Paul Valente , co-founder and CEO of VISO TRUST. We had a wide-ranging discussion about the limitations of traditional third-party risk management ( TPRM ), which uses extensive questionnaires—and the honor syste

CISO 130
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Mandiant Report: Snowflake Users Targeted for Data Theft and Extortion

Tech Republic Security

A threat actor exploited the Snowflake platform to target organizations for data theft and extortion using compromised credentials. Learn how to protect your business from this threat.

Big data 150
article thumbnail

Google warns of actively exploited Pixel firmware zero-day

Bleeping Computer

Google has released patches for 50 security vulnerabilities impacting its Pixel devices and warned that one of them had already been exploited in targeted attacks as a zero-day. [.

Firmware 126
article thumbnail

Human-Centered Cyber Security Training: Driving Real Impact on Security Culture

Speaker: Speakers:

In today's digital age, having an untrained workforce can be a significant risk to your business. Cyber threats are evolving; without proper training, your employees could be the weakest link in your defense. This webinar empowers leaders like you with the tools and strategies needed to transform your employees into a robust frontline defense against cyber attacks.

article thumbnail

UK Trails Behind Europe in Technical Skills Proficiency, Coursera Report Finds

Tech Republic Security

The U.K. is the 25th most technically proficient country in Europe, with Switzerland, Germany and the Netherlands taking the top three places.

article thumbnail

No AI training in newly distrusted Terms of Service, Adobe says

Malwarebytes

Following days of user pushback that included allegations of forcing a “spyware-like” Terms of Service (ToS) update into its products, design software giant Adobe explained itself with several clarifications. Apparently, the concerns raised by the community , especially among Photoshop and Substance 3D users, caused the company to reflect on the language it used in the ToS.

Spyware 127

More Trending

article thumbnail

Bouncing Back: How to Investigate and Recover After a Ransomware Attack

Thales Cloud Protection & Licensing

Bouncing Back: How to Investigate and Recover After a Ransomware Attack madhav Thu, 06/13/2024 - 05:49 You've likely seen the headlines about ransomware attacks and the monumental challenges they pose for organizations. But what should you do when an attack occurs, even if you have a ransomware protection solution in place? In this post, we will delve into the forensics of a ransomware attack, showing you how to classify the attack and recover from it if a ransomware protection solution is in pl

article thumbnail

Phishing emails abuse Windows search protocol to push malicious scripts

Bleeping Computer

A new phishing campaign uses HTML attachments that abuse the Windows search protocol (search-ms URI) to push batch files hosted on remote servers that deliver malware. [.

Phishing 123
article thumbnail

China-Backed Hackers Exploit Fortinet Flaw, Infecting 20,000 Systems Globally

The Hacker News

State-sponsored threat actors backed by China gained access to 20,000 Fortinet FortiGate systems worldwide by exploiting a known critical security flaw between 2022 and 2023, indicating that the operation had a broader impact than previously known.

117
117
article thumbnail

Microsoft deprecates Windows DirectAccess, recommends Always On VPN

Bleeping Computer

Microsoft has announced that the DirectAccess remote access solution is now deprecated and will be removed in a future release of Windows, recommending companies migrate to the 'Always On VPN' for enhanced security and continued support. [.

VPN 119
article thumbnail

The Importance of User Roles and Permissions in Cybersecurity Software

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

article thumbnail

Ransomware Group Jumps on PHP Vulnerability

Security Boulevard

A long-running ransomware campaign that has been targeting Windows and Linux systems since 2019 is the latest example of how closely threat groups track public disclosures of vulnerabilities and proofs-of-concept (PoCs) and how quickly they move in to exploit them. The PHP Group last week disclosed a high-severity flaw – tracked as CVE-2024-4577 and with.

article thumbnail

CVE-2024-35213: Critical Vulnerability Discovered in BlackBerry QNX SDP

Penetration Testing

BlackBerry has issued a critical security advisory for its QNX Software Development Platform (SDP), urging users to promptly patch a severe vulnerability in the SGI Image Codec. This flaw, identified as CVE-2024-35213 and assigned... The post CVE-2024-35213: Critical Vulnerability Discovered in BlackBerry QNX SDP appeared first on Cybersecurity News.

Software 116
article thumbnail

New phishing toolkit uses PWAs to steal login credentials

Bleeping Computer

A new phishing kit has been released that allows red teamers and cybercriminals to create progressive web Apps (PWAs) that display convincing corporate login forms to steal credentials. [.

Phishing 113
article thumbnail

Billions: The New Significance of Billion-Dollar Scale in Cybersecurity

Security Boulevard

Billion-dollar scale is the new normal for late-stage companies in cybersecurity. The post Billions: The New Significance of Billion-Dollar Scale in Cybersecurity appeared first on Security Boulevard.

article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

CISA warns of criminals impersonating its employees in phone calls

Bleeping Computer

Today, the Cybersecurity and Infrastructure Security Agency (CISA) warned that criminals are impersonating its employees in phone calls and attempting to deceive potential victims into transferring money. [.

article thumbnail

Time to challenge yourself in the 2024 Google CTF

Google Security

Hlynur Gudmundsson, Software Engineer It’s Google CTF time! Install your tools, commit your scripts, and clear your schedule. The competition kicks off on June 21 2024 6:00 PM UTC and runs through June 23 2024 6:00 PM UTC. Registration is now open at goo.gle/ctf. Join the Google CTF (at goo.gle/ctf ), a thrilling arena to showcase your technical prowess.

article thumbnail

Police arrest Conti and LockBit ransomware crypter specialist

Bleeping Computer

The Ukraine cyber police have arrested a 28-year-old Russian man in Kyiv for working with Conti and LockBit ransomware operations to make their malware undetectable by antivirus software and conducting at least one attack himself. [.

article thumbnail

Smishing Triad Targets Pakistan with Large-Scale Banking Scam

Penetration Testing

Cybersecurity firm Resecurity has disclosed a sophisticated smishing campaign targeting customers of major Pakistani mobile carriers. The threat actor group, dubbed “Smishing Triad,” is leveraging stolen personal data and impersonating Pakistan Post to conduct... The post Smishing Triad Targets Pakistan with Large-Scale Banking Scam appeared first on Cybersecurity News.

Scams 112
article thumbnail

Cybersecurity Predictions for 2024

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

article thumbnail

CISA adds Arm Mali GPU Kernel Driver, PHP bugs to its Known Exploited Vulnerabilities catalog

Security Affairs

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Mali GPU Kernel Driver, PHP bugs to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. CVE-2024-4610 ARM Mali GPU Kernel Driver Use-After-Free Vulnerability CVE-2024-4577 PHP-CGI OS Command Injection Vulnerability The vulnerability CVE-2024-4610 is a use-after-free issue issue that

Hacking 111
article thumbnail

Black Basta ransomware gang linked to Windows zero-day attacks

Bleeping Computer

The Cardinal cybercrime group (Storm-1811, UNC4394), who are the main operators of the Black Basta ransomware, is suspected of exploiting a Windows privilege escalation vulnerability, CVE-2024-26169, before a fix was made available. [.

article thumbnail

Black Basta Ransomware May Have Exploited MS Windows Zero-Day Flaw

The Hacker News

Threat actors linked to the Black Basta ransomware may have exploited a recently disclosed privilege escalation flaw in the Microsoft Windows Error Reporting Service as a zero-day, according to new findings from Symantec. The security flaw in question is CVE-2024-26169 (CVSS score: 7.

article thumbnail

Understanding the Nuances: DAST vs. Penetration Testing

Veracode Security

Cyberattacks are a growing threat, making it crucial for us to understand the tools and techniques available to secure applications. Today, we dive into the differences and similarities between Dynamic Application Security Testing (DAST) and Penetration Testing with insights from a Veracode industry expert and certified penetration tester, Florian Walter.

article thumbnail

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

article thumbnail

New Phishing Campaign Deploys WARMCOOKIE Backdoor Targeting Job Seekers

The Hacker News

Cybersecurity researchers have disclosed details of an ongoing phishing campaign that leverages recruiting- and job-themed lures to deliver a Windows-based backdoor named WARMCOOKIE. "WARMCOOKIE appears to be an initial backdoor tool used to scout out victim networks and deploy additional payloads," Elastic Security Labs researcher Daniel Stepanic said in a new analysis.

Phishing 107
article thumbnail

CVE-2024-37051: Critical JetBrains Flaw Exposes GitHub Tokens in IntelliJ IDEs, PoC Published

Penetration Testing

A security researcher has published details and proof-of-concept (PoC) exploit code for a critical vulnerability (CVE-2024-37051) that impacts users of its IntelliJ integrated development environment (IDE) apps and exposes GitHub access tokens. This vulnerability... The post CVE-2024-37051: Critical JetBrains Flaw Exposes GitHub Tokens in IntelliJ IDEs, PoC Published appeared first on Cybersecurity News.

article thumbnail

Lessons from the Ticketmaster-Snowflake Breach

The Hacker News

Last week, the notorious hacker gang, ShinyHunters, sent shockwaves across the globe by allegedly plundering 1.3 terabytes of data from 560 million Ticketmaster users. This colossal breach, with a price tag of $500,000, could expose the personal information of a massive swath of the live event company's clientele, igniting a firestorm of concern and outrage.

article thumbnail

Battered and bruised 23andMe faces probe after hack that stole seven million users’ data

Graham Cluley

23andMe, the California-based company which sells DNA testing kits to help people learn about their ancestry and potential health risks, is facing scrutiny from British and Canadian data protection authorities following a security breach that saw hackers compromise the personal data of nearly seven million users. Read more in my article on the Hot for Security blog.

Hacking 100
article thumbnail

5 Key Findings From the 2023 FBI Internet Crime Report

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

article thumbnail

Cryptojacking Campaign Targets Misconfigured Kubernetes Clusters

The Hacker News

Cybersecurity researchers have warned of an ongoing cryptojacking campaign targeting misconfigured Kubernetes clusters to mine Dero cryptocurrency. Cloud security firm Wiz, which shed light on the activity, said it's an updated variant of a financially motivated operation that was first documented by CrowdStrike in March 2023.

article thumbnail

Google patches exploited Android zero-day on Pixel devices

Bleeping Computer

Google has released patches for 50 security vulnerabilities impacting its Pixel devices and warned that one of them had already been exploited in targeted attacks as a zero-day. [.

91
article thumbnail

New Cross-Platform Malware 'Noodle RAT' Targets Windows and Linux Systems

The Hacker News

A previously undocumented cross-platform malware codenamed Noodle RAT has been put to use by Chinese-speaking threat actors either for espionage or cybercrime for years. While this backdoor was previously categorized as a variant of Gh0st RAT and Rekoobe, Trend Micro security researcher Hara Hiroaki said "this backdoor is not merely a variant of existing malware, but is a new type altogether.

Malware 102
article thumbnail

2024’s Best RMM Solutions for MSPs: Top 10 Remote IT Management Tools

Heimadal Security

In this article, we’ll answer your question: “What are the best RMM solutions for 2024?” We’ll explore the top 10 tools to help MSPs efficiently monitor and manage client systems. Here’s a quick glance for you: Heimdal XDR ConnectWise Automate Datto RMM NinjaOne N-able RMM Kaseya VSA ITarian GoToResolve Atera RMM Action1 RMM Let’s review […] The post 2024’s Best RMM Solutions for MSPs: Top 10 Remote IT Management Tools appeared first on Heimdal Security Blog.

90
article thumbnail

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?