Fri.Jun 02, 2023

article thumbnail

Weekly Update 350

Troy Hunt

And so ends a long period of back-to-back weeks of conferences and talks. It's funny how these things seem to cluster together at times and whilst the last 6 or 8 weeks (I honestly lose track!) have been chaotic, I've now got a few weeks of much less pressure which will give me time to finally push out some HIBP stuff that's been in the wings for ages.

IoT 198
article thumbnail

1Password enables passkeys — a new option from passwords

Tech Republic Security

Identity management company 1Password is spinning up a pair of new features that constitute a major shift away from passwords and toward their low-friction replacement: passkeys. The post 1Password enables passkeys — a new option from passwords appeared first on TechRepublic.

Passwords 185
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Windows 11 to require SMB signing to prevent NTLM relay attacks

Bleeping Computer

Microsoft says SMB signing (aka security signatures) will be required by default for all connections to defend against NTLM relay attacks, starting with today's Windows build (Enterprise edition) rolling out to Insiders in the Canary Channel. [.

145
145
article thumbnail

Develop valuable cyber security skills over a lifetime for only $70

Tech Republic Security

Not only do you get access to over 90 courses, but also career mentoring, skills evaluation, training on real cyber security projects, and much more. The post Develop valuable cyber security skills over a lifetime for only $70 appeared first on TechRepublic.

article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

Russia Says NSA Hacked iOS With Apple’s Help — we Triangulate Kaspersky’s Research

Security Boulevard

Tit-For-Tat Triangulation Trojan Talk: Backdoor inserted at U.S. behest, alleges FSB. The post Russia Says NSA Hacked iOS With Apple’s Help — we Triangulate Kaspersky’s Research appeared first on Security Boulevard.

Hacking 145
article thumbnail

Malicious Chrome extensions with 75M installs removed from Web Store

Bleeping Computer

Google has removed from the Chrome Web Store 32 malicious extensions that could alter search results and push spam or unwanted ads. Collectively, they come with a download count of 75 million. [.

145
145

More Trending

article thumbnail

Microsoft is killing Cortana on Windows starting late 2023

Bleeping Computer

After introducing a string of AI-powered assistants for its products, Microsoft has now announced that it will soon end support for the Windows standalone Cortana app. [.

145
145
article thumbnail

Two Years Since the Colonial Pipeline Hack, Here’s What We’ve Learned

CyberSecurity Insiders

By Matt Morris, Global Managing Director of 1898 & Co. Two years have passed since the notorious Colonial Pipeline hack, an incident that plunged the nation into a state of emergency, causing fuel disruptions in airlines and commercial sectors, and triggering panic-buying among consumers leading to a sharp rise in gas prices. In May 2021, the hack infiltrated critical systems of the pipeline, resulting in its shutdown for several days.

Hacking 138
article thumbnail

Using Cloud Securely?—?The Config Doom Question

Anton on Security

Using Cloud Securely — The Config Doom Question First, “Use Cloud Securely? What Does This Even Mean?!” and “How to Solve the Mystery of Cloud Defense in Depth?” (and “Where Does Shared Responsibility Model for Security Breaks in the Real World?” too) would make for good “recommended reading” here. Use Cloud Securely? What Does This Even Mean?! At this point, it is clear that most discussions on using cloud securely or secure use of cloud computing include the dreaded configuration question — or

article thumbnail

'Picture-in-Picture' Obfuscation Spoofs Delta, Kohl's for Credential Harvesting

Dark Reading

A recent campaign tricks victims into visiting credential harvesting sites by hiding malicious URLs behind photos advertising deals from trusted brands.

article thumbnail

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

article thumbnail

NSA and FBI: Kimsuky hackers pose as journalists to steal intel

Bleeping Computer

State-sponsored North Korean hacker group Kimsuky (a.ka. APT43) has been impersonating journalists and academics for spear-phishing campaigns to collect intelligence from think tanks, research centers, academic institutions, and various media organizations. [.

Media 132
article thumbnail

A New Ransomware Scam: Fraud by the Incident Responders

Security Boulevard

In February 2018, Oxford Biomedica, a large biological research company in Oxford, UK, was hit by a ransomware attack. The hackers were demanding more than £300,000 in ransom. Oxford invoked its incident response plan and called in its team. One member of Oxford’s internal incident response team, Ashley Liles, had a brilliant idea—he was going. The post A New Ransomware Scam: Fraud by the Incident Responders appeared first on Security Boulevard.

Scams 119
article thumbnail

Apple Zero-Days, iMessage Used in 4-Year, Ongoing Spying Effort

Dark Reading

Russia's FSB intelligence agency says the zero-click attacks range far beyond Kaspersky, and it has blamed them on the United States' NSA. Those allegations are thus far uncorroborated.

108
108
article thumbnail

5G and Cybersecurity Risks in 2023

Security Boulevard

The rollout of 5G networks has been surprisingly slow. As a concept, it was introduced in 2016, but it only became globally available in 2019. Four years later, the number of people with 5G-enabled devices is still small in most countries. It’s uncertain if the reason behind the sluggish adoption is affordability, the lack of. The post 5G and Cybersecurity Risks in 2023 appeared first on Security Boulevard.

Risk 118
article thumbnail

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

article thumbnail

Russia points finger at US for iPhone exploit campaign that also hit Kaspersky Lab

CSO Magazine

The Russian federal security agency, the FSB, has put out a security alert claiming that US intelligence services are behind an attack campaign that exploits vulnerabilities in iOS and compromised thousands of iPhones devices in Russia, including those of foreign diplomats. In a separate report, Russian antivirus vendor Kaspersky Lab said that several dozen of its senior employees and upper management were targeted as part of the operation, although unlike the FSB, the company did not attribute

Spyware 108
article thumbnail

Dark Web Threats Target Energy Industry as Cybercrime Tactics Shift

Security Boulevard

The energy industry is increasingly targeted by malicious actors and threat groups through activity on the dark web, according to a report from Searchlight Cyber, which detailed numerous instances of threat actors selling initial access to energy organizations around the world. These include targets in the U.S., Canada, United Kingdom, France, Italy and Indonesia on popular dark.

article thumbnail

In search of the Triangulation: triangle_check utility

SecureList

In our initial blogpost about “Operation Triangulation”, we published a comprehensive guide on how to manually check iOS device backups for possible indicators of compromise using MVT. This process takes time and requires manual search for several types of indicators. To automate this process, we developed a dedicated utility to scan the backups and run all the checks.

Backups 107
article thumbnail

How to Stay Ahead of Future Requirements for the NIST SSDF

Security Boulevard

In today’s world of software development, cybersecurity is more than a luxury; it's a necessity. Cyber threats aren’t only growing in frequency, complexity, and sophistication, they’re targeting developer environments and the software supply chain. The need for robust, secure software development frameworks is more critical than ever. However, not all organizations know how to secure their frameworks.

Software 110
article thumbnail

From Complexity to Clarity: Strategies for Effective Compliance and Security Measures

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.

article thumbnail

MOVEit Transfer vulnerability appears to be exploited widely

CSO Magazine

Progress Software has discovered a vulnerability in its file transfer software MOVEit Transfer that could lead to escalated privileges and potential unauthorized access to the environment, the company said in a security advisory. “A SQL injection vulnerability has been found in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain unauthorized access to MOVEit Transfer’s database,” the company said in the post, adding that depending on the database engine bei

article thumbnail

Why is Identity Security Awareness Becoming the Need of the Hour?

Security Boulevard

Discover why identity security awareness is crucial in today's digital landscape. Learn how to protect yourself and your business from cyber threats. Read more now. The post Why is Identity Security Awareness Becoming the Need of the Hour? appeared first on Security Boulevard.

article thumbnail

PyPI's 2FA Requirements Don't Go Far Enough, Researchers Say

Dark Reading

The Python Package Index will require developers to better secure their accounts as cyberattacks ramp up, but protecting the software supply chain will take more than that.

article thumbnail

Two Years After Colonial Pipeline, What Have We Learned?

Security Boulevard

The second anniversary of the Colonial Pipeline ransomware attack has come and gone, and while many lessons have been learned and assimilated, there’s still more we can do. Security Boulevard reached out to some experts in the industry to see how far we’ve come and where work still needs to be done. For those in. The post Two Years After Colonial Pipeline, What Have We Learned?

article thumbnail

Successful Change Management with Enterprise Risk Management

Speaker: William Hord, Vice President of ERM Services

A well-defined change management process is critical to minimizing the impact that change has on your organization. Leveraging the data that your ERM program already contains is an effective way to help create and manage the overall change management process within your organization. Your ERM program generally assesses and maintains detailed information related to strategy, operations, and the remediation plans needed to mitigate the impact on the organization.

article thumbnail

Camaro Dragon Strikes with New TinyNote Backdoor for Intelligence Gathering

The Hacker News

The Chinese nation-stage group known as Camaro Dragon has been linked to yet another backdoor that's designed to meet its intelligence-gathering goals. Israeli cybersecurity firm Check Point, which dubbed the Go-based malware TinyNote, said it functions as a first-stage payload capable of "basic machine enumeration and command execution via PowerShell or Goroutines.

Malware 100
article thumbnail

Cybersecurity Insights with Contrast CISO David Lindner | 6/2

Security Boulevard

Insight #1 "AI scams are on the rise. It’s time for extra diligence when interacting with anything claiming to be AI." Insight #2 "FEDRAMP released rev 5 this week. Those of you with a FEDRAMP ATO have 1 year to comply with the new version." Insight #3 " A recent report shows 92% of orgs experienced an API security incident last year. I would guess the other 8% did but never detected it.

CISO 101
article thumbnail

The Importance of Managing Your Data Security Posture

The Hacker News

Data security is reinventing itself. As new data security posture management solutions come to market, organizations are increasingly recognizing the opportunity to provide evidence-based security that proves how their data is being protected. But what exactly is data security posture, and how do you manage it?

article thumbnail

New QBot Malware Campaign Exploits WordPad for Infection

Heimadal Security

A recent QBot malware campaign has been observed leveraging a DLL hijacking vulnerability in the WordPad utility application to evade detection by security measures. Exploiting Windows programs for malicious purposes is an increasingly prevalent trend observed among threat actors. According to ProxyLife, a cybersecurity specialist and member of Cryptolaemus, the recently discovered QBot phishing campaign […] The post New QBot Malware Campaign Exploits WordPad for Infection appeared first o

Malware 86
article thumbnail

ERM Program Fundamentals for Success in the Banking Industry

Speaker: William Hord, Senior VP of Risk & Professional Services

Enterprise Risk Management (ERM) is critical for industry growth in today’s fast-paced and ever-changing risk landscape. When building your ERM program foundation, you need to answer questions like: Do we have robust board and management support? Do we understand and articulate our bank’s risk appetite and how that impacts our business units? How are we measuring and rating our risk impact, likelihood, and controls to mitigate our risk?

article thumbnail

Streamers Ditch Netflix for Dark Web After Password Sharing Ban

Dark Reading

Disgruntled users are pursuing offers for "full Netflix access" at steeply discounted rates.

Passwords 120
article thumbnail

Ransomware Attack on Harvard Pilgrim Health Care Exposes 2.5M Patients Data

Heimadal Security

HPHC has revealed that in April 2023, a ransomware attack impacted 2,550,922 people and stole their sensitive data. This information was shared by the Massachusetts-based non-profit health services provider with the US Department of Health and Human Services breach portal. The company announced last week that it discovered a breach on April 17, 2023, and […] The post Ransomware Attack on Harvard Pilgrim Health Care Exposes 2.5M Patients Data appeared first on Heimdal Security Blog.

article thumbnail

Attackers use Python compiled bytecode to evade detection

CSO Magazine

Attackers who are targeting open-source package repositories like PyPI (Python Package Index) have devised a new technique for hiding their malicious code from security scanners, manual reviews, and other forms of security analysis. In one incident, researchers have found malware code hidden inside a Python bytecode (PYC) file that can be directly executed as opposed to source code files that get interpreted by the Python runtime.

Malware 86
article thumbnail

The Week in Ransomware - June 2nd 2023 - Whodunit?

Bleeping Computer

It has been a fairly quiet week regarding ransomware, with only a few reports released and no new significant attacks. However, we may have a rebrand in the making, and a ransomware operation is likely behind a new zero-day data-theft campaign, so we have some news to talk about. [.

article thumbnail

Cover Your SaaS: How to Overcome Security Challenges and Risks For Your Organization

Speaker: Ronald Eddings, Cybersecurity Expert and Podcaster

So, you’ve accomplished an organization-wide SaaS adoption. It started slow, and now just a few team members might be responsible for running Salesforce, Slack, and a few others applications that boost productivity, but it’s all finished. Or is it? Through all the benefits offered by SaaS applications, it’s still a necessity to onboard providers as quickly as possible.