Schneier on Security

JANUARY 24, 2024

New research into poisoning AI models : The researchers first trained the AI models using supervised learning and then used additional “safety training” methods, including more supervised learning, reinforcement learning, and adversarial training. After this, they checked if the AI still had hidden behaviors. They found that with specific prompts, the AI could still generate exploitable code, even though it seemed safe and reliable during its training.

Artificial Intelligence 269

Artificial Intelligence 269

Tech Republic Security

JANUARY 24, 2024

See the National Cyber Security Centre's predictions for generative AI for cyber attack and defense through 2025.

Cyber Attacks 190

Cyber Attacks Ransomware Artificial Intelligence Social Engineering 190

Bleeping Computer

JANUARY 24, 2024

Security researchers hacked a Tesla Modem and collected awards of $722,500 on the first day of Pwn2Own Automotive 2024 for three bug collisions and 24 unique zero-day exploits.

Hacking 143

Hacking 143

Tech Republic Security

JANUARY 24, 2024

The NCSC wants volunteers from the U.K.’s public and private sectors to join its new cybersecurity community.

Cyber threats 161

Cyber threats Cybersecurity 161

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Bleeping Computer

JANUARY 24, 2024

Google Pixel smartphone owners report problems after installing the January 2024 Google Play system update, being unable to access their devices internal storage, open the camera, take screenshots, or even open apps. [.

Mobile 138

Mobile 138

Security Affairs

JANUARY 24, 2024

Thousands of GitLab servers are vulnerable to zero-click account takeover attacks exploiting the flaw CVE-2023-7028. GitLab has recently released security updates to address two critical vulnerabilities impacting both the Community and Enterprise Edition. The most critical vulnerability, tracked as CVE-2023-7028 (CVSS score 10), is an account takeover via Password Reset.

Accountability 134

Accountability Passwords Internet Internet 134

Malwarebytes

JANUARY 24, 2024

Apple has released new security updates for several products, including a patch for a zero-day vulnerability that could impact iPhones, iPad, Macs, and Apple TVs. Apple says it’s aware of a report that the bug may have been exploited already. Further details about the nature of the vulnerability were not disclosed to give users enough time to install the updates.

Engineering 129

Engineering Cybersecurity Risk 129

Penetration Testing

JANUARY 24, 2024

A critical directory traversal vulnerability has been found in a popular WordPress plugin. The affected plugin, Photo Gallery by 10Web – Mobile-Friendly Image Gallery, has over 200,000 active installations. Photo Gallery is the leading... The post Over 200,000 Sites at Risk: Directory Traversal CVE-2024-0221 Vulnerability Hits Photo Gallery Plugin appeared first on Penetration Testing.

Penetration Testing 129

Penetration Testing Risk Mobile 129

Malwarebytes

JANUARY 24, 2024

Stalkers can use all kinds of apps, gadgets, devices, and phones to spy on their targets, which are often their ex-partners. Unfortunately, while they no doubt have many positive uses, smart home devices give stalkers an array of tools to keep an eye on their targets. If you are the partner that stays in the house you shared together, you need to make sure that you lock out your ex-partner.

Identity Theft 124

Identity Theft Accountability Passwords Media 124

Security Affairs

JANUARY 24, 2024

Splunk addressed multiple vulnerabilities in Splunk Enterprise, including a high-severity flaw impacting Windows installs. Splunk addressed multiple vulnerabilities in Splunk Enterprise, including a high-severity flaw, tracked as CVE-2024-23678 (CVSS score 7.5), impacting the Windows version. According to the advisory , Splunk Enterprise for Windows versions below 9.0.8 and 9.1.3 does not correctly sanitize path input data.

Hacking 123

Hacking Information Security 123

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Security Boulevard

JANUARY 24, 2024

A ransomware attack last week hit the North American operations of massive water and wastewater systems operator Veolia, illustrating the ongoing threat to the critical infrastructure sector by cybercrime groups. Veolia officials said in a note this week that the attack affected software and systems in their North America Municipal Water division. They also wrote.

Ransomware 123

Ransomware Cybercrime Software IoT 123

Bleeping Computer

JANUARY 24, 2024

Over 5,300 internet-exposed GitLab instances are vulnerable to CVE-2023-7028, a zero-click account takeover flaw GitLab warned about earlier this month. [.

Accountability 130

Accountability Internet Internet 130

Security Boulevard

JANUARY 24, 2024

Protect AI's Guardian gateway enforces security policies to prevent malicious code from executing within an artificial intelligence (AI) model. The post Protect AI Unveils Gateway to Secure AI Models appeared first on Security Boulevard.

Artificial Intelligence 123

Artificial Intelligence Malware Cybersecurity Network Security 123

Bleeping Computer

JANUARY 24, 2024

Microsoft says admins are seeing 0x80073cf2 errors when using the System Preparation (Sysprep) tool to validate Windows installations for deployment after installing recent Windows 10 updates. [.

121

121

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity

We Live Security

JANUARY 24, 2024

ESET researchers have discovered NSPX30, a sophisticated implant used by a new China-aligned APT group we have named Blackwood

142

142

Security Affairs

JANUARY 24, 2024

Researchers released PoC exploit code for a recently disclosed critical authentication bypass flaw in Fortra’s GoAnywhere MFT (Managed File Transfer). Researchers with cybersecurity firm Horizon3’s Attack Team published technical details of the recently disclosed vulnerability CVE-2024-0204 impacting Fortra GoAnywhere MFT. The security experts also published a proof-of-concept (PoC) exploit that allows the creation of new admin users on vulnerable instances exposed online. “

Authentication 119

Authentication Hacking Engineering Encryption 119

Bleeping Computer

JANUARY 24, 2024

The United Kingdom's National Cyber Security Centre (NCSC) warns that artificial intelligence (AI) tools will have an adverse near-term impact on cybersecurity, helping escalate the threat of ransomware. [.

Artificial Intelligence 118

Artificial Intelligence Ransomware Cybersecurity 118

Security Affairs

JANUARY 24, 2024

A ransomware attack against the Finnish IT services provider Tietoevry disrupted the services of some Swedish government agencies and shops. The online services of multiple Swedish government agencies, universities, and commercial activities were disrupted by an Akira ransomware attack that hit the Finnish IT services and enterprise cloud hosting Tietoevry.

Ransomware 115

Ransomware VPN Government Retail 115

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

Bleeping Computer

JANUARY 24, 2024

Microsoft released the January 2024 preview update for Windows 11 versions 22H2 and 23H2, which comes with Bluetooth audio bug fixes and addresses 24 known issues. [.

115

115

Security Affairs

JANUARY 24, 2024

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Atlassian Confluence Data Center and Server Template Injection bug to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added an Atlassian Confluence Data Center and Server Template Injection bug, tracked as CVE-2023-22527 , to its Known Exploited Vulnerabilities (KEV) catalog.

Cybersecurity 113

Cybersecurity Risk Information Security Hacking 113

Graham Cluley

JANUARY 24, 2024

The US Securities & Exchange Comission (SEC) has confirmed that hackers managed to seize control of a phone number associated with its Twitter account, and used it to post an unauthorised message. Read more in my article on the Hot for Security blog.

Hacking 107

Hacking Accountability 107

Security Boulevard

JANUARY 24, 2024

Vulnerability management encompasses hardware vulnerabilities, misconfigurations and other weaknesses a threat actor could potentially exploit. The post The Vulnerability Management Stack: 5 Essential Technologies appeared first on Security Boulevard.

Technology 107

Technology Mobile Malware Cybersecurity 107

Advertisement

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

Identity Theft

Penetration Testing

JANUARY 24, 2024

The maintainers of the Apache Superset open-source data visualization software have released fixes to fix a critical vulnerability that could lead to stored cross-site scripting attacks. Dubbed CVE-2023-49657, this stored cross-site scripting (XSS) vulnerability has... The post CVE-2023-49657: Apache Superset Hit by High-Risk Stored XSS Vulnerability appeared first on Penetration Testing.

Penetration Testing 110

Penetration Testing Risk Software 110

Security Boulevard

JANUARY 24, 2024

This article is part of a series where we look at a recent NSA/CISA Joint Cybersecurity Advisory on the top cybersecurity issues identified during red/blue team exercises operated by these organizations. In this article, you will find a more in-depth look at the specific issue, with real-world scenarios where it is applicable, as well as […] The post Improper Separation of User/Administrator Privilege in Cybersecurity appeared first on TuxCare.

Cybersecurity 102

Cybersecurity 102

Penetration Testing

JANUARY 24, 2024

Maldev Academy – RemoteTLSCallbackInjection This method utilizes TLS callbacks to execute a payload without spawning any threads in a remote process. This method is inspired by Threadless Injection as RemoteTLSCallbackInjection does not invoke any API calls... The post RemoteTLSCallbackInjection: execute a payload without spawning any threads in a remote process appeared first on Penetration Testing.

Penetration Testing 111

Penetration Testing 111

Malwarebytes

JANUARY 24, 2024

This article is based on research by Marcelo Rivero, Malwarebytes’ ransomware specialist, who monitors information published by ransomware gangs on their Dark Web sites. In this report, “known attacks” are those where the victim did not pay a ransom. This provides the best overall picture of ransomware activity, but the true number of attacks is far higher. 2023 was the worst ransomware year on record for Education: according to original ThreatDown research, the sector witnessed a staggering 70%

Education 99

Education Ransomware Mobile 99

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

Cybersecurity

Penetration Testing

JANUARY 24, 2024

Jenkins – a popular open-source automation server software – published an advisory on Wednesday concerning a critical vulnerability that could result in remote code execution. Tracked as CVE-2024-23897, a critical vulnerability within Jenkins’ built-in... The post CVE-2024-23897 (CVSS 9.8): Critical Jenkins Security Vulnerability, RCE Possible appeared first on Penetration Testing.

Penetration Testing 111

Penetration Testing Software 111

WIRED Threat Level

JANUARY 24, 2024

The Amazon-owned home surveillance company says it is shuttering a feature in its Neighbors app that allows police to request footage from users. But it’s not shutting out the cops entirely.

Surveillance 95

Surveillance 95

Penetration Testing

JANUARY 24, 2024

In the shadowy corners of the digital world, where the battle between cybersecurity defenders and attackers unfolds with relentless intensity, a new adversary has emerged, wielding the sophisticated tool of deception and evasion: LODEINFO... The post APT10’s Latest Weapon: Unveiling the LODEINFO Malware Menace appeared first on Penetration Testing.

Penetration Testing 117

Penetration Testing Malware Cybersecurity 117

Bleeping Computer

JANUARY 24, 2024

A previously unknown traffic distribution system (TDS) named 'VexTrio' has been active since at least 2017, aiding 60 affiliates in their cybercrime operations through a massive network of 70,000 sites. [.

Cybercrime 94

Cybercrime 94

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.