Fri.Mar 29, 2024

article thumbnail

Lessons from a Ransomware Attack against the British Library

Schneier on Security

You might think that libraries are kind of boring, but this self-analysis of a 2023 ransomware and extortion attack against the British Library is anything but.

article thumbnail

Weekly Update 393

Troy Hunt

A serious but not sombre intro this week: I mentioned at the start of the vid that I had the classic visor hat on as I'd had a mole removed from my forehead during the week, along with another on the back of my hand. Here in Australia, we have one of the highest rates of skin cancer in the world with apparently about two-thirds of us being diagnosed with it before turning 70.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Friday Squid Blogging: The Geopolitics of Eating Squid

Schneier on Security

New York Times op-ed on the Chinese dominance of the squid industry: China’s domination in seafood has raised deep concerns among American fishermen, policymakers and human rights activists. They warn that China is expanding its maritime reach in ways that are putting domestic fishermen around the world at a competitive disadvantage, eroding international law governing sea borders and undermining food security, especially in poorer countries that rely heavily on fish for protein.

article thumbnail

Urgent: Secret Backdoor Found in XZ Utils Library, Impacts Major Linux Distros

The Hacker News

RedHat on Friday released an "urgent security alert" warning that two versions of a popular data compression library called XZ Utils (previously LZMA Utils) have been backdoored with malicious code designed to allow unauthorized remote access. The software supply chain compromise, tracked as CVE-2024-3094, has a CVSS score of 10.0, indicating maximum severity.

Software 144
article thumbnail

The Importance of User Roles and Permissions in Cybersecurity Software

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

article thumbnail

PyPI Goes Quiet After Huge Malware Attack: 500+ Typosquat Fakes Found

Security Boulevard

Emergency stop button: The Python Package Index was drowning in malicious code again, so they had to shut down registration for cleanup. The post PyPI Goes Quiet After Huge Malware Attack: 500+ Typosquat Fakes Found appeared first on Security Boulevard.

Malware 130
article thumbnail

Google Podcasts service shuts down in the US next week

Bleeping Computer

U.S. users have just a few more days to make the transition from Google Podcasts as the company moves forward with the process of discontinuing the service globally. [.

Software 126

More Trending

article thumbnail

Activision: Enable 2FA to secure accounts recently stolen by malware

Bleeping Computer

An infostealer malware campaign has reportedly collected millions of logins from users of various gaming websites, including players that use cheats, pay-to-cheat services. [.

Malware 110
article thumbnail

A(nother) Ransomware Saga with a Twist

Security Boulevard

The healthcare sector has once again found itself at the center of a storm. On February 21, Change Healthcare, a titan in healthcare support services, suffered a devastating cyberattack by the notorious BlackCat/ALPHV group. This incident has sent shockwaves through the U.S. healthcare system, affecting hospitals, clinics, and pharmacies nationwide.

article thumbnail

MFA bombing taken to the next level

Malwarebytes

Simply put, MFA bombing (also known as “push bombing” or “MFA fatigue”) is a brute force attack on your patience. Cybercriminals use MFA bombing to break into accounts that are protected by multi-factor authentication (MFA). MFA normally requires a user to enter a six-digit code sent by SMS, or generated by an app, or to respond to a push notification, when they enter a username and password.

Passwords 121
article thumbnail

How did CVE-2024-27198 Lead to Critical Vulnerability in JetBrains?

Security Boulevard

CVE-2024-27198 Lead to Server Takeover Vulnerabilities The post How did CVE-2024-27198 Lead to Critical Vulnerability in JetBrains? appeared first on Kratikal Blogs. The post How did CVE-2024-27198 Lead to Critical Vulnerability in JetBrains? appeared first on Security Boulevard.

article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

New Linux Bug Could Lead to User Password Leaks and Clipboard Hijacking

The Hacker News

Details have emerged about a vulnerability impacting the "wall" command of the util-linux package that could be potentially exploited by a bad actor to leak a user's password or alter the clipboard on certain Linux distributions. The bug, tracked as CVE-2024-28085, has been codenamed WallEscape by security researcher Skyler Ferrante.

Passwords 120
article thumbnail

‘Darcula’ PhaaS Campaign Sinks Fangs into Victims

Security Boulevard

A sprawling phishing-as-a-service (PhaaS) campaign that has been running since at least last summer is using more than 20,000 fake domains to target a wide range of organizations in more than 100 countries, illustrating the capabilities of an increasingly popular tool among threat actors. The unknown hackers are using a platform called “Darcula” (sic) that.

Phishing 117
article thumbnail

Dormakaba Locks Used in Millions of Hotel Rooms Could Be Cracked in Seconds

The Hacker News

Security vulnerabilities discovered in Dormakaba's Saflok electronic RFID locks used in hotels could be weaponized by threat actors to forge keycards and stealthily slip into locked rooms. The shortcomings have been collectively named Unsaflok by researchers Lennert Wouters, Ian Carroll, rqu, BusesCanFly, Sam Curry, sshell, and Will Caruana.

116
116
article thumbnail

American fast-fashion firm Hot Topic hit by credential stuffing attacks

Security Affairs

Hot Topic suffered credential stuffing attacks that exposed customers’ personal information and partial payment data. Hot Topic, Inc. is an American fast-fashion company specializing in counterculture-related clothing and accessories, as well as licensed music. The company was the victim of credential stuffing attacks against its website and mobile application on November 18-19 and November 25, 2023.

article thumbnail

Cybersecurity Predictions for 2024

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

article thumbnail

The Golden Age of Automated Penetration Testing is Here

The Hacker News

Network penetration testing plays a vital role in detecting vulnerabilities that can be exploited. The current method of performing pen testing is pricey, leading many companies to undertake it only when necessary, usually once a year for their compliance requirements.

article thumbnail

Red Hat warns of backdoor in XZ tools used by most Linux distros

Bleeping Computer

Today, Red Hat warned users to immediately stop using systems running Fedora development and experimental versions because of a backdoor found in the latest XZ Utils data compression tools and libraries. [.

110
110
article thumbnail

TheMoon Botnet Resurfaces, Exploiting EoL Devices to Power Criminal Proxy

The Hacker News

A botnet previously considered to be rendered inert has been observed enslaving end-of-life (EoL) small home/small office (SOHO) routers and IoT devices to fuel a criminal proxy service called Faceless.

IoT 111
article thumbnail

How to back up your Windows 10/11 PC to OneDrive

Malwarebytes

They say the only backup you ever regret is the one you didn’t make. Starting in Windows 10, the operating system (OS) now comes with a built-in tool to back up your files, themes, some settings, many of your installed apps, and your Wi-Fi information. First, you’ll need to sign in with your Microsoft account Go to Start > Settings > Accounts > Your info.

Backups 104
article thumbnail

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

article thumbnail

10 Must-Have Elements for an Air-Tight IT Security Policy

Security Boulevard

In 2023, data security faced an uphill battle against cyberattacks, and the risks of becoming a victim grew stronger. There was a shocking 600% surge in cybercrime, with the average breach costing $4.37 million to recover from. The figures are up across the board, with cyberattacks occurring globally every 14 seconds. Despite these unnerving statistics, […] The post 10 Must-Have Elements for an Air-Tight IT Security Policy appeared first on Security Boulevard.

article thumbnail

C2 Tracker: Live Feed of C2 servers, tools, and botnets

Penetration Testing

C2 Tracker Free to use IOC feed for various tools/malware. It started for just C2 tools but has morphed into tracking infostealers and botnets as well. It uses Shodan searches to collect the IPs.... The post C2 Tracker: Live Feed of C2 servers, tools, and botnets appeared first on Penetration Testing.

article thumbnail

CRM Backup Trends to Watch on World Backup Day

Security Boulevard

With World Backup Day approaching, many organizations are increasing their attention to potential security threats and blindspots in their backup processes. The post CRM Backup Trends to Watch on World Backup Day appeared first on Security Boulevard.

Backups 97
article thumbnail

How to back up your iPhone to iCloud

Malwarebytes

They say the only backup you ever regret is the one you didn’t make. iPhone backups can be used to easily move your apps and data to a new phone, to recover things you’ve lost, or to fix things that have failed. The most convenient way to backup your iPhone is to have it backup to iCloud. Backups are made every day, automatically, provided your phone is connected to power and locked.

Backups 96
article thumbnail

5 Key Findings From the 2023 FBI Internet Crime Report

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

article thumbnail

MSP Marketing: What You Need to Know And Where to Start

Heimadal Security

As an MSP, you probably know just about everything there is to know about managing IT environments. But when it comes to MSP marketing, there’s a good chance it’s a very different story. For many MSPs, marketing is a whole new skill set – and there’s not much crossover with the skills that made you […] The post MSP Marketing: What You Need to Know And Where to Start appeared first on Heimdal Security Blog.

article thumbnail

How to back up your iPhone to a Windows computer

Malwarebytes

They say the only backup you ever regret is the one you didn’t make. iPhone backups can be used to easily move your apps and data to a new phone, to recover things you’ve lost, or to fix things that have failed. We’ve published posts on how to back up your iPhone to iCloud, and how to backup an iPhone to a Mac. Another method is to backup using the iTunes app on a Windows system.

Backups 96
article thumbnail

NHS Dumfries and Galloway Breached by INC Ransom

Heimadal Security

Following a cyberattack on its IT systems on March 15, NHS Dumfries and Galloway, operating in the south of Scotland, revealed on the 27th of March that the data of a small number of patients has been made public by a known ransomware organization. NHS Dumfries and Galloway is aware that clinical data relating to […] The post NHS Dumfries and Galloway Breached by INC Ransom appeared first on Heimdal Security Blog.

article thumbnail

How to back up your iPhone to a Mac

Malwarebytes

They say the only backup you ever regret is the one you didn’t make. iPhone backups can be used to easily move your apps and data to a new phone, to recover things you’ve lost, or to fix things that have failed. One of the most cost effective ways to backup your iPhone is to save backups to your Mac. Backups are made automatically whenever you connect your iPhone to your Mac with a lead.

Backups 82
article thumbnail

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

article thumbnail

Malvertising Is a Cybercrime Heavyweight, Not an Underdog

SecureWorld News

Judging a cyber threat by its name can be illusory. The concept of the term "malvertising" (a portmanteau of "malicious advertising") suggests an overlap with ads, albeit dodgy ones, and therefore fuels the fallacy that its impact hardly goes beyond frustration. As a result, those who are unfamiliar might get the impression that it's no big deal, but this is a far cry from being the case.

article thumbnail

CVE-2024-27281: Critical Vulnerability Patched in Popular Ruby Documentation Tool

Penetration Testing

The Ruby development team has released an urgent security patch for a critical vulnerability found in RDoc, a widely used Ruby documentation generator. The vulnerability tracked as CVE-2024-27281, could allow attackers to execute arbitrary... The post CVE-2024-27281: Critical Vulnerability Patched in Popular Ruby Documentation Tool appeared first on Penetration Testing.

article thumbnail

Industrial Enterprise Operational Technology Under Threat From Cyberattacks

Security Boulevard

One in four industrial enterprises had to temporarily cease operations due to cyberattacks within the past year, suggesting operational technology must improve. The post Industrial Enterprise Operational Technology Under Threat From Cyberattacks appeared first on Security Boulevard.

article thumbnail

U.S. Announces $10 Million Reward for Leads on Blackcat Ransomware Group

Heimadal Security

The U.S. State Department has issued a call for information, offering up to $10 million for leads on the Blackcat ransomware group. This group is responsible for a massive cyberattack on UnitedHealth Group’s technology sector, causing widespread disruptions in insurance payments across the country. U.S. Department of State offers up to $10 million for information The announcement […] The post U.S.

article thumbnail

From Complexity to Clarity: Strategies for Effective Compliance and Security Measures

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.