Troy Hunt

AUGUST 30, 2023

Last week I was contacted by CERT Poland. They'd observed a phishing campaign that had collected 68k credentials from unsuspecting victims and asked if HIBP may be used to help alert these individuals to their exposure. The campaign began with a typical email requesting more information: In this case, the email contained a fake purchase order attachment which requested login credentials that were then posted back to infrastructure controlled by the attacker: All in all, CERT Poland identifi

Phishing 340

Phishing Password Management Passwords Banking 340

Schneier on Security

AUGUST 30, 2023

Interesting story of an Apple Macintosh app that went rogue. Basically, it was a good app until one particular update…when it went bad. With more official macOS features added in 2021 that enabled the “Night Shift” dark mode, the NightOwl app was left forlorn and forgotten on many older Macs. Few of those supposed tens of thousands of users likely noticed when the app they ran in the background of their older Macs was bought by another company, nor when earlier this year that c

275

275

The Last Watchdog

AUGUST 30, 2023

For a couple of decades now, the web browser has endured in workplace settings as the primary employee-to-Internet interface. It’s really just assumed to be a given that a browser built for consumers is an acceptable application for employees to use to work. And despite advances, like sandboxing, browser isolation and secure gateways, the core architecture of web browsers has remained all-too vulnerable to malicious attacks.

Engineering 186

Engineering Architecture Internet Internet 186

Tech Republic Security

AUGUST 30, 2023

After more than 15 years in the wild, the Qakbot botnet, a zombie network of over 700,000 computers worldwide, is hanging on the FBI's trophy wall for now.

189

189

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Anton on Security

AUGUST 30, 2023

So, if you are too busy to read our amazing (duh!) new blog “Revisiting Traditional Security Advice for Modern Threats” , here are the key ideas from it. At some point, a “pre-owned” (compromised before you ever saw it) email security appliance , firewall, or a piece of software will show up in your environment (you no longer need to be this elite for it; it ain’t 2013).

Firewall 130

Firewall Software Threat Detection Cybersecurity 130

Tech Republic Security

AUGUST 30, 2023

With passkeys, you no longer need to use a password to log into supported websites. Here's how to use them with password manager NordPass.

Password Management 156

Password Management Passwords Software Cybersecurity 156

Tech Republic Security

AUGUST 30, 2023

Banish spam calls and texts with a 3-Year Subscription to RoboKiller Spam Call & Text Blocker – it’s just $50 through 11:59 PM PST 9/4, saving you almost $70.

Artificial Intelligence 140

Artificial Intelligence Scams Mobile 140

The Hacker News

AUGUST 30, 2023

Cybersecurity researchers have discovered malicious Android apps for Signal and Telegram distributed via the Google Play Store and Samsung Galaxy Store that are engineered to deliver the BadBazaar spyware on infected devices. Slovakian company ESET attributed the campaign to a China-linked actor called GREF.

Spyware 121

Spyware Engineering Cybersecurity 121

Tech Republic Security

AUGUST 30, 2023

A request for proposal is a common method for soliciting vendor quotes and answers about potential product or service offerings. They specifically intend to gather details involving implementation, operations and maintenance. This facilitates the decision-making process, allowing organizations to choose the RFP responses which best suit their needs.

Software 116

Software 116

Security Affairs

AUGUST 30, 2023

China-linked APT group GREF is behind a malware campaign distributing spyware via trojanized Signal and Telegram apps on Google Play ESET researchers uncovered a cyberespionage campaign carried out by the China-linked APT group known as GREF that is distributing spyware via trojanized Signal and Telegram apps on Google Play and Samsung Galaxy stores.

Spyware 117

Spyware Accountability Malware Hacking 117

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Malwarebytes

AUGUST 30, 2023

The UK's National Cyber Security Centre (NCSC) has issued a warning about the risks of integrating large language models (LLMs) like OpenAI’s ChatGPT into other services. One of the major risks is the possibility of prompt injection attacks. The NCSC points out several dangers associated with integrating a technology that is very much in early stages of development into other services and platforms.

Artificial Intelligence 114

Artificial Intelligence Technology Accountability Banking 114

Security Affairs

AUGUST 30, 2023

VMware fixed two security flaws in Aria Operations for Networks that could be exploited to bypass authentication and gain remote code execution. VMware has released security updates to address two vulnerabilities in Aria Operations for Networks, respectively tracked as CVE-2023-34039 (CVSS score: 9.8) and CVE-2023-20890 (CVSS score: 7.2). The vulnerability CVE-2023-34039 is an authentication bypass issue that is caused by the lack of unique cryptographic key generation. “Aria Operations fo

Authentication 110

Authentication Hacking Information Security 110

WIRED Threat Level

AUGUST 30, 2023

A WIRED investigation into a cache of documents posted by an unknown figure lays bare the Trickbot ransomware gang’s secrets, including the identity of a central member.

Cybercrime 114

Cybercrime Ransomware Hacking 114

Security Affairs

AUGUST 30, 2023

Threat actors started using the exploit chain in attacks on Juniper EX switches and SRX firewalls shortly after the release of the PoC code. This week, watchTowr Labs security researchers published a proof-of-concept exploit (PoC) exploit code for vulnerabilities in Juniper SRX firewalls. An unauthenticated attacker can chain the vulnerabilities to gain remote code execution in Juniper JunOS on vulnerable devices.

Firewall 108

Firewall Authentication Hacking Information Security 108

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity

Dark Reading

AUGUST 30, 2023

"Operation Doppelganger" has convincingly masqueraded as multiple news sites with elaborate fake stories containing real bylines of journalists, blasting them out on social media platforms.

Media 109

Media 109

The Hacker News

AUGUST 30, 2023

A previously undocumented Android banking trojan dubbed MMRat has been observed targeting mobile users in Southeast Asia since late June 2023 to remotely commandeer the devices and perform financial fraud. "The malware, named after its distinctive package name com.mm.

Banking 103

Banking Mobile Malware 103

Dark Reading

AUGUST 30, 2023

Thousands of devices have become infected with "BadBazaar," malware previously used to spy on Uyghur and Turkic ethnic minorities in China.

Spyware 116

Spyware Malware 116

Security Affairs

AUGUST 30, 2023

This is my interview for TRT Money Talks, speaking about the huge demand for AI and the multiple factors that are sustaining it. Q1 Why are we seeing such a huge demand for A-I at the moment? and how long can we expect the rally to continue? some analysts suggest this could be the peak. Q2 What other stock are investors watching? Does Nvidia currently have any competition in the market?

Marketing 96

Marketing Hacking Artificial Intelligence Information Security 96

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

Malwarebytes

AUGUST 30, 2023

The Qakbot botnet has suffered a major setback after its infrastructure was heavily disrupted by US and European law enforcement agencies. Operation DuckHunt, as it was codenamed, is possibly the largest US-led financial and technical disruption of a botnet infrastructure. Not only did the agencies shut down the core of the Qakbot infrastructure, they also cleaned the malware from infected devices.

Ransomware 97

Ransomware Malware Backups Encryption 97

Mitnick Security

AUGUST 30, 2023

Is your company in the process of developing a new application? There are a lot of moving parts involved in developing and deploying cutting-edge applications, whether they are internal apps designed for employee use or external, public-facing apps.

Penetration Testing 98

Penetration Testing 98

ZoneAlarm

AUGUST 30, 2023

In an ambitious international operation, law enforcement agencies, spearheaded by the FBI, have neutralized the Qakbot malware infrastructure. This significant move not only marks a large-scale effort to actively combat malware but also underscores the intensified global threat posed by cyber-extortion campaigns, primarily ransomware. Emerging in 2007 as a banking Trojan, Qakbot (or Qbot) evolved … The post FBI Leads Global Onslaught Against Qakbot Malware appeared first on ZoneAlarm Secur

Malware 98

Malware Banking Ransomware Cybersecurity 98

Malwarebytes

AUGUST 30, 2023

Anonymous hackers have breached the servers of spyware app “WebDetetive ” , accessing the user database. However, this doesn’t appear to be a typical compromise along the lines of stealing the data, according to Tech Crunch. Instead, it’s part of a slow move toward “spying” apps being attacked and taken down by compromise-literate folks who don’t approve of the apps business practices.

Spyware 97

Spyware Mobile Antivirus Software 97

Advertisement

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

Identity Theft

We Live Security

AUGUST 30, 2023

ESET researchers have discovered active campaigns linked to the China-aligned APT group known as GREF, distributing espionage code that has previously targeted Uyghurs

98

98

Security Affairs

AUGUST 30, 2023

FBI coordinated an international law enforcement operation, named Operation ‘Duck Hunt’, that dismantled the Qakbot botnet. The FBI announced that the Qakbot botnet has been dismantled as a result of an international law enforcement operation named Operation ‘Duck Hunt.’ Qakbot , also known as QBot, QuackBot and Pinkslipbot, is an info-stealing malware that has been active since 2008.

Malware 91

Malware Manufacturing Data breaches Cyber threats 91

eSecurity Planet

AUGUST 30, 2023

A new Cloudflare phishing report notes that most of the 1 billion brand impersonation emails the company detected “passed” SPF, DKIM, and DMARC email authentication protocols. That statistic is a bit misleading; the emails “passed” only because of a lack of enforcement controls by the brands themselves. The essential overlooked step of enforcement of email authentication protocols is a big reason why phishing emails remain the root cause of the overwhelming majority of cyber attacks

Authentication 98

Authentication Phishing Encryption Marketing 98

Heimadal Security

AUGUST 30, 2023

London`s Metropolitan Police announced bolstering cybersecurity measures after one of its suppliers detected a data breach. A contractor responsible for printing warrant cards and staff passes was the target of a cyberattack. Data belonging to 47,000 officers and police staff was, reportedly, exposed in the data breach. Counter-terrorism units, high-ranking officials, and officers involved in […] The post 47,000 London Metropolitan Police Personnel Impacted by Data Breach appeared first on

Data breaches 86

Data breaches Cybersecurity 86

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

Cybersecurity

The Hacker News

AUGUST 30, 2023

An unknown threat actor is leveraging malicious npm packages to target developers with an aim to steal source code and configuration files from victim machines, a sign of how threats lurk consistently in open-source repositories.

Software 85

Software 85

Graham Cluley

AUGUST 30, 2023

Seized cryptocurrency is stolen from the DEA, blue-ticks are being exploited, a bath full of dollar bills, the comfort offered by an ostrich’s head, and how Graham is refusing to call Twitter “X”. All this and more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Cryptocurrency 84

Cryptocurrency Cybersecurity Scams 84

The Hacker News

AUGUST 30, 2023

ChatGPT and similar large language models (LLMs) have added further complexity to the ever-growing online threat landscape. Cybercriminals no longer need advanced coding skills to execute fraud and other damaging attacks against online businesses and customers, thanks to bots-as-a-service, residential proxies, CAPTCHA farms, and other easily accessible tools.

Technology 83

Technology 83

Heimadal Security

AUGUST 30, 2023

As modern threats surpass traditional security measures, XDR software steps in as a revolutionary solution. A software that empowers CISOs to proactively navigate the evolving threat landscape. Understanding the Challenge CISOs face a daunting task. Cybercriminals are becoming more sophisticated, exploiting vulnerabilities across endpoints, networks, and cloud environments.

CISO 82

CISO Software Cybersecurity 82

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.