Fri.Jun 02, 2023

article thumbnail

Weekly Update 350

Troy Hunt

And so ends a long period of back-to-back weeks of conferences and talks. It's funny how these things seem to cluster together at times and whilst the last 6 or 8 weeks (I honestly lose track!) have been chaotic, I've now got a few weeks of much less pressure which will give me time to finally push out some HIBP stuff that's been in the wings for ages.

IoT 201
article thumbnail

1Password enables passkeys — a new option from passwords

Tech Republic Security

Identity management company 1Password is spinning up a pair of new features that constitute a major shift away from passwords and toward their low-friction replacement: passkeys. The post 1Password enables passkeys — a new option from passwords appeared first on TechRepublic.

Passwords 180
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Windows 11 to require SMB signing to prevent NTLM relay attacks

Bleeping Computer

Microsoft says SMB signing (aka security signatures) will be required by default for all connections to defend against NTLM relay attacks, starting with today's Windows build (Enterprise edition) rolling out to Insiders in the Canary Channel. [.

145
145
article thumbnail

Develop valuable cyber security skills over a lifetime for only $70

Tech Republic Security

Not only do you get access to over 90 courses, but also career mentoring, skills evaluation, training on real cyber security projects, and much more. The post Develop valuable cyber security skills over a lifetime for only $70 appeared first on TechRepublic.

article thumbnail

Human-Centered Cyber Security Training: Driving Real Impact on Security Culture

Speaker: Speakers:

In today's digital age, having an untrained workforce can be a significant risk to your business. Cyber threats are evolving; without proper training, your employees could be the weakest link in your defense. This webinar empowers leaders like you with the tools and strategies needed to transform your employees into a robust frontline defense against cyber attacks.

article thumbnail

Malicious Chrome extensions with 75M installs removed from Web Store

Bleeping Computer

Google has removed from the Chrome Web Store 32 malicious extensions that could alter search results and push spam or unwanted ads. Collectively, they come with a download count of 75 million. [.

145
145
article thumbnail

Russia Says NSA Hacked iOS With Apple’s Help — we Triangulate Kaspersky’s Research

Security Boulevard

Tit-For-Tat Triangulation Trojan Talk: Backdoor inserted at U.S. behest, alleges FSB. The post Russia Says NSA Hacked iOS With Apple’s Help — we Triangulate Kaspersky’s Research appeared first on Security Boulevard.

Hacking 145

More Trending

article thumbnail

Improve your app security on Azure

Tech Republic Security

Application instance lock, Azure Virtual Network Manager and Network Watcher troubleshooting: tools for making the applications you run on Azure more secure. The post Improve your app security on Azure appeared first on TechRepublic.

Software 125
article thumbnail

Two Years Since the Colonial Pipeline Hack, Here’s What We’ve Learned

CyberSecurity Insiders

By Matt Morris, Global Managing Director of 1898 & Co. Two years have passed since the notorious Colonial Pipeline hack, an incident that plunged the nation into a state of emergency, causing fuel disruptions in airlines and commercial sectors, and triggering panic-buying among consumers leading to a sharp rise in gas prices. In May 2021, the hack infiltrated critical systems of the pipeline, resulting in its shutdown for several days.

Hacking 138
article thumbnail

Using Cloud Securely?—?The Config Doom Question

Anton on Security

Using Cloud Securely — The Config Doom Question First, “Use Cloud Securely? What Does This Even Mean?!” and “How to Solve the Mystery of Cloud Defense in Depth?” (and “Where Does Shared Responsibility Model for Security Breaks in the Real World?” too) would make for good “recommended reading” here. Use Cloud Securely? What Does This Even Mean?! At this point, it is clear that most discussions on using cloud securely or secure use of cloud computing include the dreaded configuration question — or

article thumbnail

'Picture-in-Picture' Obfuscation Spoofs Delta, Kohl's for Credential Harvesting

Dark Reading

A recent campaign tricks victims into visiting credential harvesting sites by hiding malicious URLs behind photos advertising deals from trusted brands.

article thumbnail

The Importance of User Roles and Permissions in Cybersecurity Software

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

article thumbnail

NSA and FBI: Kimsuky hackers pose as journalists to steal intel

Bleeping Computer

State-sponsored North Korean hacker group Kimsuky (a.ka. APT43) has been impersonating journalists and academics for spear-phishing campaigns to collect intelligence from think tanks, research centers, academic institutions, and various media organizations. [.

Media 126
article thumbnail

A New Ransomware Scam: Fraud by the Incident Responders

Security Boulevard

In February 2018, Oxford Biomedica, a large biological research company in Oxford, UK, was hit by a ransomware attack. The hackers were demanding more than £300,000 in ransom. Oxford invoked its incident response plan and called in its team. One member of Oxford’s internal incident response team, Ashley Liles, had a brilliant idea—he was going. The post A New Ransomware Scam: Fraud by the Incident Responders appeared first on Security Boulevard.

Scams 119
article thumbnail

In search of the Triangulation: triangle_check utility

SecureList

In our initial blogpost about “Operation Triangulation”, we published a comprehensive guide on how to manually check iOS device backups for possible indicators of compromise using MVT. This process takes time and requires manual search for several types of indicators. To automate this process, we developed a dedicated utility to scan the backups and run all the checks.

Backups 112
article thumbnail

5G and Cybersecurity Risks in 2023

Security Boulevard

The rollout of 5G networks has been surprisingly slow. As a concept, it was introduced in 2016, but it only became globally available in 2019. Four years later, the number of people with 5G-enabled devices is still small in most countries. It’s uncertain if the reason behind the sluggish adoption is affordability, the lack of. The post 5G and Cybersecurity Risks in 2023 appeared first on Security Boulevard.

Risk 118
article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

Apple Zero-Days, iMessage Used in 4-Year, Ongoing Spying Effort

Dark Reading

Russia's FSB intelligence agency says the zero-click attacks range far beyond Kaspersky, and it has blamed them on the United States' NSA. Those allegations are thus far uncorroborated.

108
108
article thumbnail

Dark Web Threats Target Energy Industry as Cybercrime Tactics Shift

Security Boulevard

The energy industry is increasingly targeted by malicious actors and threat groups through activity on the dark web, according to a report from Searchlight Cyber, which detailed numerous instances of threat actors selling initial access to energy organizations around the world. These include targets in the U.S., Canada, United Kingdom, France, Italy and Indonesia on popular dark.

article thumbnail

Russia points finger at US for iPhone exploit campaign that also hit Kaspersky Lab

CSO Magazine

The Russian federal security agency, the FSB, has put out a security alert claiming that US intelligence services are behind an attack campaign that exploits vulnerabilities in iOS and compromised thousands of iPhones devices in Russia, including those of foreign diplomats. In a separate report, Russian antivirus vendor Kaspersky Lab said that several dozen of its senior employees and upper management were targeted as part of the operation, although unlike the FSB, the company did not attribute

Spyware 108
article thumbnail

How to Stay Ahead of Future Requirements for the NIST SSDF

Security Boulevard

In today’s world of software development, cybersecurity is more than a luxury; it's a necessity. Cyber threats aren’t only growing in frequency, complexity, and sophistication, they’re targeting developer environments and the software supply chain. The need for robust, secure software development frameworks is more critical than ever. However, not all organizations know how to secure their frameworks.

Software 110
article thumbnail

Cybersecurity Predictions for 2024

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

article thumbnail

MOVEit Transfer vulnerability appears to be exploited widely

CSO Magazine

Progress Software has discovered a vulnerability in its file transfer software MOVEit Transfer that could lead to escalated privileges and potential unauthorized access to the environment, the company said in a security advisory. “A SQL injection vulnerability has been found in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain unauthorized access to MOVEit Transfer’s database,” the company said in the post, adding that depending on the database engine bei

article thumbnail

Why is Identity Security Awareness Becoming the Need of the Hour?

Security Boulevard

Discover why identity security awareness is crucial in today's digital landscape. Learn how to protect yourself and your business from cyber threats. Read more now. The post Why is Identity Security Awareness Becoming the Need of the Hour? appeared first on Security Boulevard.

article thumbnail

PyPI's 2FA Requirements Don't Go Far Enough, Researchers Say

Dark Reading

The Python Package Index will require developers to better secure their accounts as cyberattacks ramp up, but protecting the software supply chain will take more than that.

article thumbnail

Two Years After Colonial Pipeline, What Have We Learned?

Security Boulevard

The second anniversary of the Colonial Pipeline ransomware attack has come and gone, and while many lessons have been learned and assimilated, there’s still more we can do. Security Boulevard reached out to some experts in the industry to see how far we’ve come and where work still needs to be done. For those in. The post Two Years After Colonial Pipeline, What Have We Learned?

article thumbnail

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

article thumbnail

Camaro Dragon Strikes with New TinyNote Backdoor for Intelligence Gathering

The Hacker News

The Chinese nation-stage group known as Camaro Dragon has been linked to yet another backdoor that's designed to meet its intelligence-gathering goals. Israeli cybersecurity firm Check Point, which dubbed the Go-based malware TinyNote, said it functions as a first-stage payload capable of "basic machine enumeration and command execution via PowerShell or Goroutines.

Malware 100
article thumbnail

Cybersecurity Insights with Contrast CISO David Lindner | 6/2

Security Boulevard

Insight #1 "AI scams are on the rise. It’s time for extra diligence when interacting with anything claiming to be AI." Insight #2 "FEDRAMP released rev 5 this week. Those of you with a FEDRAMP ATO have 1 year to comply with the new version." Insight #3 " A recent report shows 92% of orgs experienced an API security incident last year. I would guess the other 8% did but never detected it.

CISO 101
article thumbnail

The Importance of Managing Your Data Security Posture

The Hacker News

Data security is reinventing itself. As new data security posture management solutions come to market, organizations are increasingly recognizing the opportunity to provide evidence-based security that proves how their data is being protected. But what exactly is data security posture, and how do you manage it?

article thumbnail

The Week in Ransomware - June 2nd 2023 - Whodunit?

Bleeping Computer

It has been a fairly quiet week regarding ransomware, with only a few reports released and no new significant attacks. However, we may have a rebrand in the making, and a ransomware operation is likely behind a new zero-day data-theft campaign, so we have some news to talk about. [.

article thumbnail

5 Key Findings From the 2023 FBI Internet Crime Report

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

article thumbnail

Streamers Ditch Netflix for Dark Web After Password Sharing Ban

Dark Reading

Disgruntled users are pursuing offers for "full Netflix access" at steeply discounted rates.

Passwords 120
article thumbnail

Attackers use Python compiled bytecode to evade detection

CSO Magazine

Attackers who are targeting open-source package repositories like PyPI (Python Package Index) have devised a new technique for hiding their malicious code from security scanners, manual reviews, and other forms of security analysis. In one incident, researchers have found malware code hidden inside a Python bytecode (PYC) file that can be directly executed as opposed to source code files that get interpreted by the Python runtime.

Malware 86
article thumbnail

Point32Health ransomware attack exposed info of 2.5M people

Security Affairs

After the recent ransomware attack, Point32Health disclosed a data breach that impacted 2.5 million Harvard Pilgrim Health Care subscribers. In April, the non-profit health insurer Point32Health took systems offline in response to a ransomware attack that took place on April 17. The insurer immediately launched an investigation into the incident with the help of third-party cybersecurity experts to determine the extent of the incident.

article thumbnail

New QBot Malware Campaign Exploits WordPad for Infection

Heimadal Security

A recent QBot malware campaign has been observed leveraging a DLL hijacking vulnerability in the WordPad utility application to evade detection by security measures. Exploiting Windows programs for malicious purposes is an increasingly prevalent trend observed among threat actors. According to ProxyLife, a cybersecurity specialist and member of Cryptolaemus, the recently discovered QBot phishing campaign […] The post New QBot Malware Campaign Exploits WordPad for Infection appeared first o

Malware 84
article thumbnail

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?