Tue.Feb 20, 2024

article thumbnail

Microsoft Is Spying on Users of Its AI Tools

Schneier on Security

Microsoft announced that it caught Chinese, Russian, and Iranian hackers using its AI tools—presumably coding tools—to improve their hacking abilities. From their report : In collaboration with OpenAI, we are sharing threat intelligence showing detected state affiliated adversaries—tracked as Forest Blizzard, Emerald Sleet, Crimson Sandstorm, Charcoal Typhoon, and Salmon Typhoon—using LLMs to augment cyberoperations.

Hacking 361
article thumbnail

GUEST ESSAY: Everything you should know about the cybersecurity vulnerabilities of AI chatbots

The Last Watchdog

AI chatbots are computer programs that talk like humans, gaining popularity for quick responses. They boost customer service, efficiency and user experience by offering constant help, handling routine tasks, and providing prompt and personalized interactions. Related: The security case for AR, VR AI chatbots use natural language processing, which enables them to understand and respond to human language and machine learning algorithms.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Top 4 Ivanti Competitors and Alternatives for 2024

Tech Republic Security

Explore our list of Ivanti's competitors and find out which VPN solutions can meet your business needs. Compare features, pricing, pros and cons.

VPN 145
article thumbnail

LockBit Ransomware Operation Shut Down; Criminals Arrested; Decryption Keys Released

The Hacker News

The U.K. National Crime Agency (NCA) on Tuesday confirmed that it obtained LockBit's source code as well as intelligence pertaining to its activities and their affiliates as part of a dedicated task force called Operation Cronos.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Operation Texonto: Information operation targeting Ukrainian speakers in the context of the war

We Live Security

ESET Research discovers Operation Texonto, a disinformation/psychological operations (PSYOPs) campaign that uses spam emails to demoralize Ukrainian citizens with disinformation messages about war-related topics.

140
140
article thumbnail

VMware Alert: Uninstall EAP Now - Critical Flaw Puts Active Directory at Risk

The Hacker News

VMware is urging users to uninstall the deprecated Enhanced Authentication Plugin (EAP) following the discovery of a critical security flaw. Tracked as CVE-2024-22245 (CVSS score: 9.6), the vulnerability has been described as an arbitrary authentication relay bug.

Risk 145

More Trending

article thumbnail

WordPress Bricks Theme Under Active Attack: Critical Flaw Impacts 25,000+ Sites

The Hacker News

A critical security flaw in the Bricks theme for WordPress is being actively exploited by threat actors to run arbitrary PHP code on susceptible installations. The flaw, tracked as CVE-2024-25600 (CVSS score: 9.8), enables unauthenticated attackers to achieve remote code execution. It impacts all versions of the Bricks up to and including 1.9.6.

144
144
article thumbnail

Trend Micro and INTERPOL Join Forces Again for Operation Synergia

Trend Micro

Trend and other private entities recently contributed to INTERPOL’s Operation Synergia, a global operation that successfully took down over 1,000 C&C servers and identified suspects related to phishing, banking malware, and ransomware activity.

Banking 137
article thumbnail

New Malicious PyPI Packages Caught Using Covert Side-Loading Tactics

The Hacker News

Cybersecurity researchers have discovered two malicious packages on the Python Package Index (PyPI) repository that were found leveraging a technique called DLL side-loading to circumvent detection by security software and run malicious code.

Software 142
article thumbnail

VoltSchemer attacks use wireless chargers to inject voice commands, fry phones

Bleeping Computer

A team of academic researchers show that a new set of attacks called 'VoltSchemer' can inject voice commands to manipulate a smartphone's voice assistant through the magnetic field emitted by an off-the-shelf wireless charger. [.

Wireless 133
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Signal Introduces Usernames, Allowing Users to Keep Their Phone Numbers Private

The Hacker News

End-to-end encrypted (E2EE) messaging app Signal said it’s piloting a new feature that allows users to create unique usernames (not to be confused with profile names) and keep the phone numbers away from prying eyes. “If you use Signal, your phone number will no longer be visible to everyone you chat with by default,” Signal’s Randall Sarafa said.

article thumbnail

More details about Operation Cronos that disrupted Lockbit operation

Security Affairs

Law enforcement provided additional details about the international Operation Cronos that led to the disruption of the Lockbit ransomware operation. Yesterday, a joint law enforcement action, code-named Operation Cronos , conducted by law enforcement agencies from 11 countries disrupted the LockBit ransomware operation. Below is the image of the Tor leak site of the Lockbit ransomware gang that was seized by the UK National Crime Agency (NCA).

article thumbnail

New Report Reveals North Korean Hackers Targeting Defense Firms Worldwide

The Hacker News

The North Korean state-sponsored threat actors have been attributed to a cyber espionage campaign targeting the defense sector across the world.

article thumbnail

ConnectWise fixed critical flaws in ScreenConnect remote access tool

Security Affairs

ConnectWise addressed two critical vulnerabilities in its ScreenConnect remote desktop access product and urges customers to install the patches asap. ConnectWise warns of the following two critical vulnerabilities in its ScreenConnect remote desktop access product: CWE-288 Authentication bypass using an alternate path or channel (CVSS score 10) CWE-22 Improper limitation of a pathname to a restricted directory (“path traversal”) (CVSS score 8.4) Both vulnerabilities were reported on February 1

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

New Migo Malware Targeting Redis Servers for Cryptocurrency Mining

The Hacker News

A novel malware campaign has been observed targeting Redis servers for initial access with the ultimate goal of mining cryptocurrency on compromised Linux hosts. "This particular campaign involves the use of a number of novel system weakening techniques against the data store itself," Cado security researcher Matt Muir said in a technical report.

article thumbnail

VMware urges admins to remove deprecated, vulnerable auth plug-in

Bleeping Computer

VMware urged admins today to remove a discontinued authentication plugin exposed to authentication relay and session hijack attacks in Windows domain environments via two security vulnerabilities left unpatched. [.

article thumbnail

Russian Hackers Target Ukraine with Disinformation and Credential-Harvesting Attacks

The Hacker News

Cybersecurity researchers have unearthed a new influence operation targeting Ukraine that leverages spam emails to propagate war-related disinformation.

Phishing 134
article thumbnail

Law enforcement trolls LockBit, reveals massive takedown

Malwarebytes

In an act of exquisite trolling, the UK’s National Crime Agency (NCA) has announced further details about its disruption of the LockBit ransomware group by using the group’s own dark web website. The LockBit dark web site has a new look Since the demise of Conti in 2022, LockBit has been unchallenged as the most prolific ransomware group in the world.

article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Critical Flaws Found in ConnectWise ScreenConnect Software - Patch Now

The Hacker News

ConnectWise has released software updates to address two security flaws in its ScreenConnect remote desktop and access software, including a critical bug that could enable remote code execution on affected systems. The vulnerabilities, which currently lack CVE identifiers, are listed below - Authentication bypass using an alternate path or channel (CVSS score: 10.

Software 133
article thumbnail

Watching out for the fakes: How to spot online disinformation

We Live Security

Bad actors have opted to poison the internet and the flow of information by spreading polarizing material to influence people, which can include fake news, altered media content, bots, and trolls spreading biased sources and polarizing comments online.

Media 129
article thumbnail

SaaS Compliance through the NIST Cybersecurity Framework

The Hacker News

The US National Institute of Standards and Technology (NIST) cybersecurity framework is one of the world's most important guidelines for securing networks. It can be applied to any number of applications, including SaaS. One of the challenges facing those tasked with securing SaaS applications is the different settings found in each application.

article thumbnail

Malvertising: This cyberthreat isn’t on the dark web, it’s on Google

Malwarebytes

On the internet, people need to worry about more than just opening suspicious email attachments or entering their sensitive information into harmful websites—they also need to worry about their Google searches. That’s because last year, as revealed in our 2024 ThreatDown State of Malware report , cybercriminals flocked to a malware delivery method that doesn’t require they know a victim’s email address, login credentials, personal information, or, anything, really.

Malware 127
article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

article thumbnail

LockBit Takedown by Brits — Time for ‘Operation Cronos’

Security Boulevard

RaaS nicked: 11-nation army led by UK eliminates ransomware-for-hire scrotes’ servers. The post LockBit Takedown by Brits — Time for ‘Operation Cronos’ appeared first on Security Boulevard.

article thumbnail

Police arrests LockBit ransomware members, release decryptor in global crackdown

Bleeping Computer

Law enforcement arrested two operators of the LockBit ransomware gang in Poland and Ukraine, created a decryption tool to recover encrypted files for free, and seized over 200 crypto-wallets after hacking the cybercrime gang's servers in an international crackdown operation. [.

article thumbnail

10 steps to effective board leadership on cyber security

Security Boulevard

Boards and non executive directors can lead from the front on cyber security and reduce risk for your organisation. Yet sometimes it is not easy to find a path forward to engage in a technical area. Here are 10 practice suggestions to take forward with your cyber security leader. The post 10 steps to effective board leadership on cyber security appeared first on Security Boulevard.

Risk 122
article thumbnail

Signal Finally Rolls Out Usernames, So You Can Keep Your Phone Number Private

WIRED Threat Level

We tested the end-to-end encrypted messenger’s new feature aimed at addressing critics’ most persistent complaint. Here’s how it works.

article thumbnail

Introducing CDEs to Your Enterprise

Explore how enterprises can enhance developer productivity and onboarding by adopting self-hosted Cloud Development Environments (CDEs). This whitepaper highlights the simplicity and flexibility of cloud-based development over traditional setups, demonstrating how large teams can leverage economies of scale to boost efficiency and developer satisfaction.

article thumbnail

Raccoon Infostealer operator extradited to the United States

Malwarebytes

A Ukrainian national, Mark Sokolovsky, has been indicted for crimes related to fraud, money laundering and aggravated identity theft and extradited to the United States from the Netherlands, the US Attorney’s Office of the Western District of Texas has announced. In March 2022, around the same time of Sokolovsky’s arrest by Dutch authorities, the FBI and law enforcement partners in Italy and the Netherlands dismantled the digital infrastructure supporting the Raccoon Infostealer, taking its then

article thumbnail

Impact of Badbox and Peachpit Malware on Android Devices

Security Boulevard

Explores the Badbox and Peachpit malware on Android devices and home networks which granted illegitimate users backdoor access. The post Impact of Badbox and Peachpit Malware on Android Devices appeared first on Security Boulevard.

Malware 118
article thumbnail

CVE-2024-21726: Patch Now to Stop Joomla Remote Code Execution

Penetration Testing

A recent discovery by Sonar’s Vulnerability Research Team has exposed a major security issue within the popular Joomla Content Management System (CMS). This vulnerability, designated CVE-2024-21726, opens the door to multiple Cross-Site Scripting (XSS)... The post CVE-2024-21726: Patch Now to Stop Joomla Remote Code Execution appeared first on Penetration Testing.

article thumbnail

Signal rolls out usernames that let you hide your phone number

Bleeping Computer

End-to-end encrypted messaging app Signal finally allows users to pick custom usernames to connect with others while protecting their phone number privacy. [.

article thumbnail

IT Leadership Agrees AI is Here, but Now What?

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.