Thu.May 23, 2024

article thumbnail

Stark Industries Solutions: An Iron Hammer in the Cloud

Krebs on Security

The homepage of Stark Industries Solutions. Two weeks before Russia invaded Ukraine in February 2022, a large, mysterious new Internet hosting firm called Stark Industries Solutions materialized and quickly became the epicenter of massive distributed denial-of-service (DDoS) attacks on government and commercial targets in Ukraine and Europe. An investigation into Stark Industries reveals it is being used as a global proxy network that conceals the true source of cyberattacks and disinformation c

DDOS 273
article thumbnail

Personal AI Assistants and Privacy

Schneier on Security

Microsoft is trying to create a personal digital assistant: At a Build conference event on Monday, Microsoft revealed a new AI-powered feature called “Recall” for Copilot+ PCs that will allow Windows 11 users to search and retrieve their past activities on their PC. To make it work, Recall records everything users do on their PC, including activities in apps, communications in live meetings, and websites visited for research.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Newsweek Op-Ed: Oversight of the Management of Cybersecurity Risks: The Skill Corporate Boards Need, But, So Often, Do Not Have

Joseph Steinberg

Despite both a decades-long barrage of media reports of cyberattacks wreaking havoc on the public sector and private sector alike, and despite clear indications from the United States Securities and Exchange Commission (SEC) that corporate boards must be able to oversee the management of cyber-risk by their respective organizations, when to comes to actually delivering on their fiduciary duty as related to cybersecurity, today’s corporate boards often fail to perform as needed and as intended.

Risk 209
article thumbnail

Exploring the Intersection of Cyber, AI, and Cinema: Insights from Megalopolis

Jane Frankland

Last week I got to participate in one of the most fun (and glamorous) events I’ve ever had in cyber – the 77th Cannes Film Festival. Curtesy of Mastercard and the Mastercard Cyber and Intelligence team, myself and 4 other leaders in cybersecurity were invited to Cannes to walk the red carpet, and watch a premier. It was Francis Ford Coppola’s $120m self-funded dystopian epic, Megalopolis!

article thumbnail

Human-Centered Cyber Security Training: Driving Real Impact on Security Culture

Speaker: Speakers:

In today's digital age, having an untrained workforce can be a significant risk to your business. Cyber threats are evolving; without proper training, your employees could be the weakest link in your defense. This webinar empowers leaders like you with the tools and strategies needed to transform your employees into a robust frontline defense against cyber attacks.

article thumbnail

DNSBomb: New DDoS Attack Explodes DNS Traffic, Threatening Critical Internet Infrastructure

Penetration Testing

Researchers from Tsinghua University have unveiled a potent new method for launching distributed denial-of-service (DDoS) attacks, dubbed DNSBomb (CVE-2024-33655). This innovative attack weaponizes DNS (Domain Name System) traffic to overwhelm and disrupt online services,... The post DNSBomb: New DDoS Attack Explodes DNS Traffic, Threatening Critical Internet Infrastructure appeared first on Penetration Testing.

DNS 145
article thumbnail

Apple API Allows Wi-Fi AP Location Tracking

Security Boulevard

Privacy FAIL: Apple location service returns far more data than it should, to people who have no business knowing it, without your permission. The post Apple API Allows Wi-Fi AP Location Tracking appeared first on Security Boulevard.

More Trending

article thumbnail

Apple wasn’t storing deleted iOS photos in iCloud after all

Bleeping Computer

Security researchers reverse-engineered Apple's recent iOS 17.5.1 update and found that a recent bug that restored images deleted months or even years ago was caused by an iOS bug and not an issue with iCloud. [.

article thumbnail

IBM X-Force Report: Grandoreiro Malware Targets More Than 1,500 Banks in 60 Countries

Tech Republic Security

Find out how Grandoreiro banking trojan campaigns work and the countries targeted, as well as how to mitigate this malware threat.

Banking 138
article thumbnail

Microsoft pushes emergency fix for Windows Server 2019 update errors

Bleeping Computer

Microsoft has released an emergency out-of-band (OOB) update for Windows Server 2019 that fixes a bug causing 0x800f0982 errors when attempting to install the May 2024 Patch Tuesday security updates. [.

131
131
article thumbnail

Anthropic’s Generative AI Research Reveals More About How LLMs Affect Security and Bias

Tech Republic Security

Anthropic opened a window into the ‘black box’ where ‘features’ steer a large language model’s output.

article thumbnail

The Importance of User Roles and Permissions in Cybersecurity Software

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

article thumbnail

Microsoft outage affects Bing, Copilot, DuckDuckGo and ChatGPT internet search

Bleeping Computer

A massive Microsoft outage in some regions affects Bing.com, Copilot for web and mobile, Copilot in Windows, ChatGPT internet search and DuckDuckGo. [.

Internet 141
article thumbnail

Leading LLMs Insecure, Highly Vulnerable to Basic Jailbreaks

Security Boulevard

“All tested LLMs remain highly vulnerable to basic jailbreaks, and some will provide harmful outputs even without dedicated attempts to circumvent their safeguards,” the report noted. The post Leading LLMs Insecure, Highly Vulnerable to Basic Jailbreaks appeared first on Security Boulevard.

122
122
article thumbnail

High-severity GitLab flaw lets attackers take over accounts

Bleeping Computer

GitLab patched a high-severity vulnerability that unauthenticated attackers could exploit to take over user accounts in cross-site scripting (XSS) attacks. [.

article thumbnail

Ivanti Patches Critical Remote Code Execution Flaws in Endpoint Manager

The Hacker News

Ivanti on Tuesday rolled out fixes to address multiple critical security flaws in Endpoint Manager (EPM) that could be exploited to achieve remote code execution under certain circumstances. Six of the 10 vulnerabilities – from CVE-2024-29822 through CVE-2024-29827 (CVSS scores: 9.

124
124
article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

JAVS courtroom recording software backdoored in supply chain attack

Bleeping Computer

Attackers have backdoored the installer of widely used Justice AV Solutions (JAVS) courtroom video recording software with malware that lets them take over compromised systems. [.

Software 119
article thumbnail

Chinese actor ‘Unfading Sea Haze’ remained undetected for five years

Security Affairs

A previously unknown China-linked threat actor dubbed ‘Unfading Sea Haze’ has been targeting military and government entities since 2018. Bitdefender researchers discovered a previously unknown China-linked threat actor dubbed ‘Unfading Sea Haze’ that has been targeting military and government entities since 2018. The threat group focuses on entities in countries in the South China Sea, experts noticed TTP overlap with operations attributed to APT41.

Malware 117
article thumbnail

Inside Operation Diplomatic Specter: Chinese APT Group's Stealthy Tactics Exposed

The Hacker News

Governmental entities in the Middle East, Africa, and Asia are the target of a Chinese advanced persistent threat (APT) group as part of an ongoing cyber espionage campaign dubbed Operation Diplomatic Specter since at least late 2022.

122
122
article thumbnail

10 years in prison for $4.5 million BEC scammer who bought Ferrari to launder money

Graham Cluley

A scammer has been sentenced to 10 years in prison for laundering over US $4.5 million obtained by targeting businesses and the elderly with Business Email Compromise (BEC) and romance fraud schemes. Read more in my article on the Tripwire State of Security blog.

Scams 116
article thumbnail

Cybersecurity Predictions for 2024

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

article thumbnail

APT41: The threat of KeyPlug against Italian industries

Security Affairs

Tinexta Cyber’s Zlab Malware Team uncovered a backdoor known as KeyPlug employed in attacks against several Italian industries During an extensive investigation, Tinexta Cyber’s Zlab Malware Team uncovered a backdoor known as KeyPlug , which hit for months a variety of Italian industries. This backdoor is attributed to the arsenal of APT41,a group whose origin is tied to China.

Malware 112
article thumbnail

Microsoft spots gift card thieves using cyber-espionage tactics

Bleeping Computer

Microsoft has published a "Cyber Signals" report sharing new information about the hacking group Storm-0539 and a sharp rise in gift card theft as we approach the Memorial Day holiday in the United States. [.

Hacking 112
article thumbnail

CISA Warns of Actively Exploited Apache Flink Security Vulnerability

The Hacker News

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a security flaw impacting Apache Flink, the open-source, unified stream-processing and batch-processing framework, to the Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.

article thumbnail

Heimdal to Showcase Widest Cybersecurity Tech Stack at Infosecurity Europe 2024

Heimadal Security

LONDON, May 23, 2024 – Heimdal® is excited to announce its participation in Infosecurity Europe 2024, taking place from 3-4 June 2024 at ExCel London. Attendees are invited to visit Heimdal’s booth for an exclusive opportunity to engage with industry-leading cybersecurity experts, experience live demonstrations, and enjoy engaging presentations.

article thumbnail

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

article thumbnail

Critical SQL Injection flaws impact Ivanti Endpoint Manager (EPM)

Security Affairs

Ivanti addressed multiple flaws in the Endpoint Manager (EPM), including remote code execution vulnerabilities. Ivanti this week rolled out security patches to address multiple critical vulnerabilities in the Endpoint Manager (EPM). A remote attacker can exploit the flaws to gain code execution under certain conditions. Below is the list of the addressed vulnerabilities: CVE Description CVSS Vector CVE-2024-29822 An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 an

article thumbnail

Introducing Nimfilt: A reverse-engineering tool for Nim-compiled binaries

We Live Security

Available as both an IDA plugin and a Python script, Nimfilt helps to reverse engineer binaries compiled with the Nim programming language compiler by demangling package and function names, and applying structs to strings

article thumbnail

A Leak of Biometric Police Data Is a Sign of Things to Come

WIRED Threat Level

Thousands of fingerprints and facial images linked to police in India have been exposed online. Researchers say it’s a warning of what will happen as the collection of biometric data increases.

107
107
article thumbnail

Ransomware Attacks Exploit VMware ESXi Vulnerabilities in Alarming Pattern

The Hacker News

Ransomware attacks targeting VMware ESXi infrastructure following an established pattern regardless of the file-encrypting malware deployed.

article thumbnail

5 Key Findings From the 2023 FBI Internet Crime Report

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

article thumbnail

He Trained Crypto Cops to Fight Crypto Crime—and Allegedly Ran a $100M Dark Web Drug Market

WIRED Threat Level

The strange journey of Lin Rui-siang, the 23-year-old accused of running the Incognito black market, extorting his own site's users—and then refashioning himself as a legit crypto crime expert.

Marketing 103
article thumbnail

Are Your SaaS Backups as Secure as Your Production Data?

The Hacker News

Conversations about data security tend to diverge into three main threads: How can we protect the data we store on our on-premises or cloud infrastructure? What strategies and tools or platforms can reliably backup and restore data? What would losing all this data cost us, and how quickly could we get it back?

Backups 110
article thumbnail

SEC Provides Clarity on Disclosing Material vs. Non-Material Cyber Incidents

SecureWorld News

The U.S. Securities and Exchange Commission (SEC) has issued new guidance aimed at clearing up confusion around how public companies should disclose cybersecurity incidents under the agency's recently adopted disclosure rules. In a May 21, 2024, announcement from Erik Gerding, Director of the SEC's Division of Corporation Finance, the agency clarified that only cybersecurity incidents determined by a company to be material should be disclosed via an 8-K filing under the new Item 1.05.

CISO 102
article thumbnail

Northern Ireland police faces £750k fine after exposing staff info

Bleeping Computer

UK's Information Commissioner Office (ICO) has announced the intention to impose a fine of £750,000 ($954,000) on the Police Service of Northern Ireland (PSNI) for exposing the entire workforce's personal details by inadvertently publishing a spreadsheet file online. [.

99
article thumbnail

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?