Troy Hunt

AUGUST 30, 2023

Last week I was contacted by CERT Poland. They'd observed a phishing campaign that had collected 68k credentials from unsuspecting victims and asked if HIBP may be used to help alert these individuals to their exposure. The campaign began with a typical email requesting more information: In this case, the email contained a fake purchase order attachment which requested login credentials that were then posted back to infrastructure controlled by the attacker: All in all, CERT Poland identifi

Phishing 362

Phishing Password Management Passwords Banking 362

Schneier on Security

AUGUST 30, 2023

Interesting story of an Apple Macintosh app that went rogue. Basically, it was a good app until one particular update…when it went bad. With more official macOS features added in 2021 that enabled the “Night Shift” dark mode, the NightOwl app was left forlorn and forgotten on many older Macs. Few of those supposed tens of thousands of users likely noticed when the app they ran in the background of their older Macs was bought by another company, nor when earlier this year that c

331

331

Tech Republic Security

AUGUST 30, 2023

After more than 15 years in the wild, the Qakbot botnet, a zombie network of over 700,000 computers worldwide, is hanging on the FBI's trophy wall for now.

206

206

The Last Watchdog

AUGUST 30, 2023

For a couple of decades now, the web browser has endured in workplace settings as the primary employee-to-Internet interface. It’s really just assumed to be a given that a browser built for consumers is an acceptable application for employees to use to work. And despite advances, like sandboxing, browser isolation and secure gateways, the core architecture of web browsers has remained all-too vulnerable to malicious attacks.

Engineering 186

Engineering Architecture Internet Internet 186

Speaker: Erroll Amacker

Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.

Risk

Tech Republic Security

AUGUST 30, 2023

With passkeys, you no longer need to use a password to log into supported websites. Here's how to use them with password manager NordPass.

Password Management 192

Password Management Passwords Software Cybersecurity 192

The Hacker News

AUGUST 30, 2023

New findings show that malicious actors could leverage a sneaky malware detection evasion technique and bypass endpoint security solutions by manipulating the Windows Container Isolation Framework. The findings were presented by Deep Instinct security researcher Daniel Avinoam at the DEF CON security conference held earlier this month.

Architecture 145

Architecture Malware 145

The Hacker News

AUGUST 30, 2023

Cybersecurity researchers have discovered malicious Android apps for Signal and Telegram distributed via the Google Play Store and Samsung Galaxy Store that are engineered to deliver the BadBazaar spyware on infected devices. Slovakian company ESET attributed the campaign to a China-linked actor called GREF.

Spyware 143

Spyware Engineering Cybersecurity 143

Tech Republic Security

AUGUST 30, 2023

A request for proposal is a common method for soliciting vendor quotes and answers about potential product or service offerings. They specifically intend to gather details involving implementation, operations and maintenance. This facilitates the decision-making process, allowing organizations to choose the RFP responses which best suit their needs.

Software 169

Software 169

Security Affairs

AUGUST 30, 2023

Threat actors started using the exploit chain in attacks on Juniper EX switches and SRX firewalls shortly after the release of the PoC code. This week, watchTowr Labs security researchers published a proof-of-concept exploit (PoC) exploit code for vulnerabilities in Juniper SRX firewalls. An unauthenticated attacker can chain the vulnerabilities to gain remote code execution in Juniper JunOS on vulnerable devices.

Firewall 141

Firewall Authentication Hacking Information Security 141

WIRED Threat Level

AUGUST 30, 2023

A WIRED investigation into a cache of documents posted by an unknown figure lays bare the Trickbot ransomware gang’s secrets, including the identity of a central member.

Cybercrime 138

Cybercrime Ransomware Hacking 138

Advertisement

Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.

Cyber threats

Security Affairs

AUGUST 30, 2023

China-linked APT group GREF is behind a malware campaign distributing spyware via trojanized Signal and Telegram apps on Google Play ESET researchers uncovered a cyberespionage campaign carried out by the China-linked APT group known as GREF that is distributing spyware via trojanized Signal and Telegram apps on Google Play and Samsung Galaxy stores.

Spyware 140

Spyware Accountability Malware Hacking 140

The Hacker News

AUGUST 30, 2023

A previously undocumented Android banking trojan dubbed MMRat has been observed targeting mobile users in Southeast Asia since late June 2023 to remotely commandeer the devices and perform financial fraud. "The malware, named after its distinctive package name com.mm.

Banking 137

Banking Mobile Malware 137

Security Affairs

AUGUST 30, 2023

VMware fixed two security flaws in Aria Operations for Networks that could be exploited to bypass authentication and gain remote code execution. VMware has released security updates to address two vulnerabilities in Aria Operations for Networks, respectively tracked as CVE-2023-34039 (CVSS score: 9.8) and CVE-2023-20890 (CVSS score: 7.2). The vulnerability CVE-2023-34039 is an authentication bypass issue that is caused by the lack of unique cryptographic key generation. “Aria Operations fo

Authentication 136

Authentication Hacking Information Security 136

Malwarebytes

AUGUST 30, 2023

The UK's National Cyber Security Centre (NCSC) has issued a warning about the risks of integrating large language models (LLMs) like OpenAI’s ChatGPT into other services. One of the major risks is the possibility of prompt injection attacks. The NCSC points out several dangers associated with integrating a technology that is very much in early stages of development into other services and platforms.

Artificial Intelligence 134

Artificial Intelligence Technology Accountability Banking 134

Advertisement

The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.

Cybersecurity

Security Affairs

AUGUST 30, 2023

This is my interview for TRT Money Talks, speaking about the huge demand for AI and the multiple factors that are sustaining it. Q1 Why are we seeing such a huge demand for A-I at the moment? and how long can we expect the rally to continue? some analysts suggest this could be the peak. Q2 What other stock are investors watching? Does Nvidia currently have any competition in the market?

Marketing 135

Marketing Hacking Artificial Intelligence Information Security 135

Anton on Security

AUGUST 30, 2023

So, if you are too busy to read our amazing (duh!) new blog “Revisiting Traditional Security Advice for Modern Threats” , here are the key ideas from it. At some point, a “pre-owned” (compromised before you ever saw it) email security appliance , firewall, or a piece of software will show up in your environment (you no longer need to be this elite for it; it ain’t 2013).

Firewall 130

Firewall Software Threat Detection Cybersecurity 130

Graham Cluley

AUGUST 30, 2023

Seized cryptocurrency is stolen from the DEA, blue-ticks are being exploited, a bath full of dollar bills, the comfort offered by an ostrich’s head, and how Graham is refusing to call Twitter “X”. All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Cryptocurrency 129

Cryptocurrency Cybersecurity Scams 129

Malwarebytes

AUGUST 30, 2023

The Qakbot botnet has suffered a major setback after its infrastructure was heavily disrupted by US and European law enforcement agencies. Operation DuckHunt, as it was codenamed, is possibly the largest US-led financial and technical disruption of a botnet infrastructure. Not only did the agencies shut down the core of the Qakbot infrastructure, they also cleaned the malware from infected devices.

Ransomware 119

Ransomware Malware Backups Encryption 119

Speaker: Sierre Lindgren

Fraud is a battle that every organization must face – it’s no longer a question of “if” but “when.” Every organization is a potential target for fraud, and the finance department is often the bullseye. From cleverly disguised emails to fraudulent payment requests, the tactics of cybercriminals are advancing rapidly. Drawing insights from real-world cases and industry expertise, we’ll explore the vulnerabilities in your processes and how to fortify them effectively.

Scams

Dark Reading

AUGUST 30, 2023

Thousands of devices have become infected with "BadBazaar," malware previously used to spy on Uyghur and Turkic ethnic minorities in China.

Spyware 116

Spyware Malware 116

Heimadal Security

AUGUST 30, 2023

London`s Metropolitan Police announced bolstering cybersecurity measures after one of its suppliers detected a data breach. A contractor responsible for printing warrant cards and staff passes was the target of a cyberattack. Data belonging to 47,000 officers and police staff was, reportedly, exposed in the data breach. Counter-terrorism units, high-ranking officials, and officers involved in […] The post 47,000 London Metropolitan Police Personnel Impacted by Data Breach appeared first on

Data breaches 105

Data breaches Cybersecurity 105

Dark Reading

AUGUST 30, 2023

"Operation Doppelganger" has convincingly masqueraded as multiple news sites with elaborate fake stories containing real bylines of journalists, blasting them out on social media platforms.

Media 109

Media 109

SecureWorld News

AUGUST 30, 2023

U.S. Representative Nancy Mace (R-S.C.) has introduced the Federal Cybersecurity Vulnerability Reduction Act of 2023 (H.R. 7842), a bill that would require federal contractors to implement vulnerability disclosure policies (VDPs). VDPs are a way for security researchers to report vulnerabilities to organizations in a safe and confidential manner. The proposed bill would require the Office of Management and Budget (OMB) to update the Federal Acquisition Regulation (FAR) to require federal contrac

Cyber Risk 104

Cyber Risk Small Business Government Cybersecurity 104

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

Dark Reading

AUGUST 30, 2023

A sophisticated threat actor managed to fly under the radar for three years, despite flexing serious muscle.

Malware 106

Malware 106

eSecurity Planet

AUGUST 30, 2023

A new Cloudflare phishing report notes that most of the 1 billion brand impersonation emails the company detected “passed” SPF, DKIM, and DMARC email authentication protocols. That statistic is a bit misleading; the emails “passed” only because of a lack of enforcement controls by the brands themselves. The essential overlooked step of enforcement of email authentication protocols is a big reason why phishing emails remain the root cause of the overwhelming majority of cyber attacks

Authentication 100

Authentication Phishing Encryption Marketing 100

Dark Reading

AUGUST 30, 2023

Through strategic measures and a united front, the finance industry can overcome the looming threat of deepfakes.

103

103

ZoneAlarm

AUGUST 30, 2023

In an ambitious international operation, law enforcement agencies, spearheaded by the FBI, have neutralized the Qakbot malware infrastructure. This significant move not only marks a large-scale effort to actively combat malware but also underscores the intensified global threat posed by cyber-extortion campaigns, primarily ransomware. Emerging in 2007 as a banking Trojan, Qakbot (or Qbot) evolved … The post FBI Leads Global Onslaught Against Qakbot Malware appeared first on ZoneAlarm Secur

Malware 99

Malware Banking Ransomware Cybersecurity 99

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

Dark Reading

AUGUST 30, 2023

The stealthy Trojan targets users in Southeast Asia, allowing attackers to remotely control devices to commit bank fraud.

Banking 100

Banking 100

We Live Security

AUGUST 30, 2023

ESET researchers have discovered active campaigns linked to the China-aligned APT group known as GREF, distributing espionage code that has previously targeted Uyghurs

98

98

Security Affairs

AUGUST 30, 2023

FBI coordinated an international law enforcement operation, named Operation ‘Duck Hunt’, that dismantled the Qakbot botnet. The FBI announced that the Qakbot botnet has been dismantled as a result of an international law enforcement operation named Operation ‘Duck Hunt.’ Qakbot , also known as QBot, QuackBot and Pinkslipbot, is an info-stealing malware that has been active since 2008.

Malware 98

Malware Manufacturing Data breaches Cyber threats 98

Malwarebytes

AUGUST 30, 2023

Anonymous hackers have breached the servers of spyware app “WebDetetive ” , accessing the user database. However, this doesn’t appear to be a typical compromise along the lines of stealing the data, according to Tech Crunch. Instead, it’s part of a slow move toward “spying” apps being attacked and taken down by compromise-literate folks who don’t approve of the apps business practices.

Spyware 98

Spyware Mobile Antivirus Software 98

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!