Schneier on Security

FEBRUARY 20, 2024

Microsoft announced that it caught Chinese, Russian, and Iranian hackers using its AI tools—presumably coding tools—to improve their hacking abilities. From their report : In collaboration with OpenAI, we are sharing threat intelligence showing detected state affiliated adversaries—tracked as Forest Blizzard, Emerald Sleet, Crimson Sandstorm, Charcoal Typhoon, and Salmon Typhoon—using LLMs to augment cyberoperations.

Hacking 340

Hacking Artificial Intelligence 340

The Last Watchdog

FEBRUARY 20, 2024

AI chatbots are computer programs that talk like humans, gaining popularity for quick responses. They boost customer service, efficiency and user experience by offering constant help, handling routine tasks, and providing prompt and personalized interactions. Related: The security case for AR, VR AI chatbots use natural language processing, which enables them to understand and respond to human language and machine learning algorithms.

Cybersecurity 274

Cybersecurity Penetration Testing Authentication Social Engineering 274

Krebs on Security

FEBRUARY 20, 2024

U.S. and U.K. authorities have seized the darknet websites run by LockBit , a prolific and destructive ransomware group that has claimed more than 2,000 victims worldwide and extorted over $120 million in payments. Instead of listing data stolen from ransomware victims who didn’t pay, LockBit’s victim shaming website now offers free recovery tools, as well as news about arrests and criminal charges involving LockBit affiliates.

Ransomware 266

Ransomware Cybercrime Encryption Insurance 266

Tech Republic Security

FEBRUARY 20, 2024

The enforcement action is a major blow against the ransomware-as-a-service provider, which has been connected to 2,000 victims globally.

Ransomware 179

Ransomware Software 179

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Bleeping Computer

FEBRUARY 20, 2024

A team of academic researchers show that a new set of attacks called 'VoltSchemer' can inject voice commands to manipulate a smartphone's voice assistant through the magnetic field emitted by an off-the-shelf wireless charger. [.

Wireless 136

Wireless Technology Mobile 136

Pen Test Partners

FEBRUARY 20, 2024

TL;DR The VMware Enhanced Authentication plugin that is offered as part of VMware vSphere’s seamless login experience for the web console contains multiple vulnerabilities relating to Kerberos authentication relay. The first vulnerability, CVE-2024-22245, is a Kerberos relay vulnerability where a malicious public website can communicate with the Enhanced Authentication Plugin (EAP) and request arbitrary Kerberos service tickets on behalf of the user visiting the malicious site.

Authentication 135

Authentication Risk 135

We Live Security

FEBRUARY 20, 2024

ESET Research discovers Operation Texonto, a disinformation/psychological operations (PSYOPs) campaign that uses spam emails to demoralize Ukrainian citizens with disinformation messages about war-related topics.

131

131

Bleeping Computer

FEBRUARY 20, 2024

Law enforcement arrested two operators of the LockBit ransomware gang in Poland and Ukraine, created a decryption tool to recover encrypted files for free, and seized over 200 crypto-wallets after hacking the cybercrime gang's servers in an international crackdown operation. [.

Ransomware 131

Ransomware Cybercrime Encryption Hacking 131

Security Affairs

FEBRUARY 20, 2024

Researchers from Shadowserver Foundation identified roughly 28,000 internet-facing Microsoft Exchange servers vulnerable to CVE-2024-21410. The vulnerability CVE-2024-21410 is a bypass vulnerability that can be exploited by an attacker to bypass the SmartScreen user experience and inject code to potentially gain code execution, which could lead to some data exposure, lack of system availability, or both.

Authentication 127

Authentication Internet Internet Ransomware 127

Security Boulevard

FEBRUARY 20, 2024

RaaS nicked: 11-nation army led by UK eliminates ransomware-for-hire scrotes’ servers. The post LockBit Takedown by Brits — Time for ‘Operation Cronos’ appeared first on Security Boulevard.

Ransomware 125

Ransomware Social Engineering Data privacy Engineering 125

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

The Hacker News

FEBRUARY 20, 2024

End-to-end encrypted (E2EE) messaging app Signal said it’s piloting a new feature that allows users to create unique usernames (not to be confused with profile names) and keep the phone numbers away from prying eyes. “If you use Signal, your phone number will no longer be visible to everyone you chat with by default,” Signal’s Randall Sarafa said.

Encryption 124

Encryption 124

Security Boulevard

FEBRUARY 20, 2024

Boards and non executive directors can lead from the front on cyber security and reduce risk for your organisation. Yet sometimes it is not easy to find a path forward to engage in a technical area. Here are 10 practice suggestions to take forward with your cyber security leader. The post 10 steps to effective board leadership on cyber security appeared first on Security Boulevard.

Risk 120

Risk CISO Government 120

The Hacker News

FEBRUARY 20, 2024

The U.K. National Crime Agency (NCA) on Tuesday confirmed that it obtained LockBit's source code as well as intelligence pertaining to its activities and their affiliates as part of a dedicated task force called Operation Cronos.

Ransomware 124

Ransomware 124

We Live Security

FEBRUARY 20, 2024

Bad actors have opted to poison the internet and the flow of information by spreading polarizing material to influence people, which can include fake news, altered media content, bots, and trolls spreading biased sources and polarizing comments online.

Media 119

Media Internet Internet 119

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity

The Hacker News

FEBRUARY 20, 2024

VMware is urging users to uninstall the deprecated Enhanced Authentication Plugin (EAP) following the discovery of a critical security flaw. Tracked as CVE-2024-22245 (CVSS score: 9.6), the vulnerability has been described as an arbitrary authentication relay bug.

Risk 122

Risk Authentication 122

Bleeping Computer

FEBRUARY 20, 2024

End-to-end encrypted messaging app Signal finally allows users to pick custom usernames to connect with others while protecting their phone number privacy. [.

Encryption 125

Encryption Technology Software 125

The Hacker News

FEBRUARY 20, 2024

A critical security flaw in the Bricks theme for WordPress is being actively exploited by threat actors to run arbitrary PHP code on susceptible installations. The flaw, tracked as CVE-2024-25600 (CVSS score: 9.8), enables unauthenticated attackers to achieve remote code execution. It impacts all versions of the Bricks up to and including 1.9.6.

121

121

Security Boulevard

FEBRUARY 20, 2024

Explores the Badbox and Peachpit malware on Android devices and home networks which granted illegitimate users backdoor access. The post Impact of Badbox and Peachpit Malware on Android Devices appeared first on Security Boulevard.

Malware 115

Malware 115

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

The Hacker News

FEBRUARY 20, 2024

Cybersecurity researchers have discovered two malicious packages on the Python Package Index (PyPI) repository that were found leveraging a technique called DLL side-loading to circumvent detection by security software and run malicious code.

Software 114

Software Cybersecurity 114

Bleeping Computer

FEBRUARY 20, 2024

Law enforcement arrested two operators of the LockBit ransomware gang in Poland and Ukraine, created a decryption tool to recover encrypted files for free, and seized over 200 crypto-wallets after hacking the cybercrime gang's servers in an international crackdown operation. [.

Ransomware 114

Ransomware Cybercrime Encryption Hacking 114

Penetration Testing

FEBRUARY 20, 2024

A recent discovery by Sonar’s Vulnerability Research Team has exposed a major security issue within the popular Joomla Content Management System (CMS). This vulnerability, designated CVE-2024-21726, opens the door to multiple Cross-Site Scripting (XSS)... The post CVE-2024-21726: Patch Now to Stop Joomla Remote Code Execution appeared first on Penetration Testing.

Penetration Testing 114

Penetration Testing 114

Bleeping Computer

FEBRUARY 20, 2024

PSI Software SE, a German software developer for complex production and logistics processes, has confirmed that the cyber incident it disclosed last week is a ransomware attack that impacted its internal infrastructure. [.

Software 112

Software Ransomware 112

Advertisement

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

Identity Theft

Penetration Testing

FEBRUARY 20, 2024

VMware has released an urgent security advisory regarding two critical vulnerabilities within its now-deprecated Enhanced Authentication Plug-in (EAP). If left unaddressed, threat actors could exploit these flaws (CVE-2024-22245 and CVE-2024-22250) to hijack user sessions and... The post CVE-2024-22245 & 22250: VMware Vulnerabilities Demand Immediate Action appeared first on Penetration Testing.

Penetration Testing 112

Penetration Testing Authentication 112

Tech Republic Security

FEBRUARY 20, 2024

Explore our list of Ivanti's competitors and find out which VPN solutions can meet your business needs. Compare features, pricing, pros and cons.

VPN 107

VPN 107

Security Through Education

FEBRUARY 20, 2024

In the ever-evolving landscape of cybersecurity, social engineering has undergone significant transformations over the years, propelled by advancements in technology. From traditional methods to the integration of artificial intelligence (AI), malicious actors continually adapt and leverage emerging tools to exploit vulnerabilities. This article delves into the historical shifts in social engineering tactics and explores how adversaries embrace new technologies to achieve their objectives.

Social Engineering 109

Social Engineering Artificial Intelligence Engineering Phishing 109

Penetration Testing

FEBRUARY 20, 2024

The RansomHouse ransomware group exemplifies the sophisticated, profitable, and adaptable nature of modern cyber extortion campaigns. Emerging in late 2021, their operations blend technical efficiency with psychological pressure, maximizing their potential takings. RansomHouse’s double... The post Double Trouble: RansomHouse’s Extortion Tactics Revealed appeared first on Penetration Testing.

Penetration Testing 109

Penetration Testing Ransomware Malware 109

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

Cybersecurity

Bleeping Computer

FEBRUARY 20, 2024

ConnectWise warned customers to patch their ScreenConnect servers immediately against a maximum severity flaw that can be used in remote code execution (RCE) attacks. [.

110

110

Penetration Testing

FEBRUARY 20, 2024

Zyxel’s recent security advisory spotlights multiple vulnerabilities present in select firewall and access point models. Failure to take immediate action could leave these devices open to severe security risks. Vulnerability Breakdown CVE-2023-6397 (Firewalls): Potential denial-of-service... The post Zyxel Security Vulnerabilities: DoS, Command Injection & More appeared first on Penetration Testing.

Penetration Testing 108

Penetration Testing Firewall Risk 108

Trend Micro

FEBRUARY 20, 2024

Trend and other private entities recently contributed to INTERPOL’s Operation Synergia, a global operation that successfully took down over 1,000 C&C servers and identified suspects related to phishing, banking malware, and ransomware activity.

Banking 107

Banking Phishing Ransomware Malware 107

Security Boulevard

FEBRUARY 20, 2024

Users of Wyze’s home security cameras over the past several days have reported glitches with the internet-connected devices, from losing camera coverage for hours to being able to see images and video from other people’s cameras. It turns out the problem originated from cloud giant Amazon Web Services (AWS), a Wyze partner, which took down. The post About 13,000 Wyze Customers Affected by Camera Glitch appeared first on Security Boulevard.

Internet 107

Internet Internet Surveillance Data privacy 107

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.