Thu.Mar 28, 2024

article thumbnail

Hardware Vulnerability in Apple’s M-Series Chips

Schneier on Security

It’s yet another hardware side-channel attack: The threat resides in the chips’ data memory-dependent prefetcher, a hardware optimization that predicts the memory addresses of data that running code is likely to access in the near future. By loading the contents into the CPU cache before it’s actually needed, the DMP, as the feature is abbreviated, reduces latency between the main memory and the CPU, a common bottleneck in modern computing.

article thumbnail

All about the xz-utils backdoor

Kali Linux

As of 5:00 pm ET on March 29, 2024 the following information is accurate. Should there be updates to this situation, they will be edited onto this blog post. The xz-utils package , starting from versions 5.6.0 to 5.6.1, was found to contain a backdoor (CVE-2024-3094). This backdoor could potentially allow a malicious actor to compromise sshd authentication, granting unauthorized access to the entire system remotely.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

DinodasRAT Linux Malware Targets Global Entities in Expanded Attack Campaign

Penetration Testing

Security researchers at Kaspersky Labs have uncovered a dangerous new variant of the DinodasRAT malware that targets Linux operating systems. This latest version represents a significant expansion in the threat actor’s capabilities as the... The post DinodasRAT Linux Malware Targets Global Entities in Expanded Attack Campaign appeared first on Penetration Testing.

article thumbnail

Cisco warns of password-spraying attacks targeting VPN services

Bleeping Computer

Cisco has shared a set of recommendations for customers to mitigate password-spraying attacks that have been targeting Remote Access VPN (RAVPN) services configured on Cisco Secure Firewall devices. [.

VPN 139
article thumbnail

The Importance of User Roles and Permissions in Cybersecurity Software

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

article thumbnail

CVE-2023-50969: Critical Flaw in Imperva SecureSphere WAF Could Lead to Devastating Breaches

Penetration Testing

A newly discovered vulnerability in Imperva SecureSphere, a widely used on-premise Web Application Firewall (WAF), has the potential to expose organizations to devastating security breaches. The flaw, designated CVE-2023-50969 with a critical CVSS score... The post CVE-2023-50969: Critical Flaw in Imperva SecureSphere WAF Could Lead to Devastating Breaches appeared first on Penetration Testing.

article thumbnail

Google: Zero-Day Attacks Rise, Spyware and China are Dangers

Security Boulevard

The number of zero-day vulnerabilities that are exploited jumped in 2023, with enterprises becoming a larger target and spyware vendors and China-backed cyberespionage groups playing an increasingly bigger role, according to Google cybersecurity experts. In a report this week, researchers with Google’s Threat Analysis Group (TAG) and its Mandiant business said they saw 97 zero-day.

Spyware 134

More Trending

article thumbnail

Apple OTP FAIL: ‘MFA Bomb’ Warning — Locks Accounts, Wipes iPhones

Security Boulevard

Rethink different: First, fatigue frightened users with multiple modal nighttime notifications. Next, call and pretend to be Apple support. The post Apple OTP FAIL: ‘MFA Bomb’ Warning — Locks Accounts, Wipes iPhones appeared first on Security Boulevard.

article thumbnail

GitLab Patches Vulnerabilities, Users Urged to Update Immediately

Penetration Testing

GitLab, the popular DevOps platform, has released critical security updates for versions 16.10.1, 16.9.3, and 16.8.5 of its popular Git management software. These patches address vulnerabilities that could expose users to attacks ranging from... The post GitLab Patches Vulnerabilities, Users Urged to Update Immediately appeared first on Penetration Testing.

article thumbnail

Cybersecurity Infrastructure Investment Crashes and Burns Without Governance

Security Boulevard

Just like pilot awareness is crucial during unexpected aviation events, cybersecurity's traditional focus on infrastructure needs to shift to more adept governance. The post Cybersecurity Infrastructure Investment Crashes and Burns Without Governance appeared first on Security Boulevard.

article thumbnail

CVE-2024-0980 Vulnerability in Okta Verify for Windows Demands Urgent Update

Penetration Testing

Security researchers have uncovered a serious vulnerability in Okta Verify for Windows, a popular multifactor authentication (MFA) app. This flaw rated 7.1 (High) on the CVSS scale, could allow attackers to remotely execute arbitrary... The post CVE-2024-0980 Vulnerability in Okta Verify for Windows Demands Urgent Update appeared first on Penetration Testing.

article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

Hundreds of Clusters Attacked Due to Unpatched Flaw in Ray AI Framework

Security Boulevard

Thousands of servers running AI workloads are under attack by threat actors exploiting an unpatched vulnerability in the open-source Ray AI framework – widely used by such companies as OpenAI, Uber, Amazon, Netflix, and Cohere – giving hackers entrée to huge amounts of data and compute power. The campaign has been ongoing for at least. The post Hundreds of Clusters Attacked Due to Unpatched Flaw in Ray AI Framework appeared first on Security Boulevard.

article thumbnail

Update Chrome now! Google patches possible drive-by vulnerability

Malwarebytes

Google has released an update to Chrome which includes seven security fixes. Version 123.0.6312.86/.87 of Chrome for Windows and Mac and 123.0.6312.86 for Linux will roll out over the coming days/weeks. The easiest way to update Chrome is to allow it to update automatically, which basically uses the same method as outlined below but does not require your attention.

Risk 119
article thumbnail

Cisco addressed high-severity flaws in IOS and IOS XE software

Security Affairs

Cisco addressed multiple vulnerabilities in IOS and IOS XE software that can be exploited to trigger a denial-of-service (DoS) condition. Cisco this week released patches to address multiple IOS and IOS XE software vulnerabilities. An unauthenticated attacker can exploit several issues fixed by the IT giant to cause a denial-of-service (DoS) condition.

Software 114
article thumbnail

Retail chain Hot Topic hit by new credential stuffing attacks

Bleeping Computer

American retailer Hot Topic disclosed that two waves of credential stuffing attacks in November exposed affected customers' personal information and partial payment data. [.

Retail 99
article thumbnail

Cybersecurity Predictions for 2024

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

article thumbnail

Google: China dominates government exploitation of zero-day vulnerabilities in 2023

Security Affairs

Google’s Threat Analysis Group (TAG) and Mandiant reported a surge in the number of actively exploited zero-day vulnerabilities in 2023. Google’s Threat Analysis Group (TAG) and its subsidiary Mandiant reported that in 2023 97 zero-day vulnerabilities were exploited in attacks, while in 2022 the actively exploited zero-day flaws were 62.

article thumbnail

PyPI suspends new user registration to block malware campaign

Bleeping Computer

The Python Package Index (PyPI) has temporarily suspended user registration and the creation of new projects to deal with an ongoing malware campaign. [.

Malware 111
article thumbnail

AI Apps: A New Game of Cybersecurity Whac-a-Mole | Grip

Security Boulevard

AI Apps are launching faster than cybersecurity teams can review. How can you stay ahead of the AI explosion that is quickly sprawling out of control? The post AI Apps: A New Game of Cybersecurity Whac-a-Mole | Grip appeared first on Security Boulevard.

article thumbnail

Synology Surveillance Station Vulnerabilities Expose Systems to Attack – Update Immediately

Penetration Testing

Security researchers at Synology have released a critical security advisory detailing multiple vulnerabilities in their Surveillance Station software. These weaknesses, if left unpatched, could provide malicious actors with alarming access to sensitive systems and... The post Synology Surveillance Station Vulnerabilities Expose Systems to Attack – Update Immediately appeared first on Penetration Testing.

article thumbnail

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

article thumbnail

Facebook spied on Snapchat users to get analytics about the competition

Malwarebytes

Social media giant Facebook snooped on Snapchat users’ network traffic, engaged in anticompetitive behavior and exploited user data through deceptive practices. That’s according to a court document filed March 23, 2024. The document mentions Facebook’s so-called In-App Action Panel (IAAP) program, which existed between June 2016 and approximately May 2019.

article thumbnail

DID YOU KNOW THAT YOUR IDENTITY CAN BE EASILY FAKED ONLINE? EXPOSING DEEPFAKES

Quick Heal Antivirus

Hey there! So, do you know what are deepfakes? They’re like those videos where it seems like someone. The post DID YOU KNOW THAT YOUR IDENTITY CAN BE EASILY FAKED ONLINE? EXPOSING DEEPFAKES appeared first on Quick Heal Blog.

article thumbnail

Telegram Offers Premium Subscription in Exchange for Using Your Number to Send OTPs

The Hacker News

In June 2017, a study of more than 3,000 Massachusetts Institute of Technology (MIT) students published by the National Bureau for Economic Research (NBER) found that 98% of them were willing to give away their friends' email addresses in exchange for free pizza.

article thumbnail

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

Security Boulevard

Singapore, Singapore, March 28th, 2024, Cyberwire GoPlus Labs, the leading Web3 security infrastructure provider, has unveiled a groundbreaking report that highlights the growing, widespread use and potential of Web3 user security data to aid in risk management. The findings of the report reveal a clear and growing demand for more advanced security tools that can.

Risk 104
article thumbnail

5 Key Findings From the 2023 FBI Internet Crime Report

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

article thumbnail

Linux Version of DinodasRAT Spotted in Cyber Attacks Across Several Countries

The Hacker News

A Linux version of a multi-platform backdoor called DinodasRAT has been detected in the wild targeting China, Taiwan, Turkey, and Uzbekistan, new findings from Kaspersky reveal. DinodasRAT, also known as XDealer, is a C++-based malware that offers the ability to harvest a wide range of sensitive data from compromised hosts.

article thumbnail

DinodasRAT Linux implant targeting entities worldwide

SecureList

DinodasRAT, also known as XDealer , is a multi-platform backdoor written in C++ that offers a range of capabilities. This RAT allows the malicious actor to surveil and harvest sensitive data from a target’s computer. A Windows version of this RAT was used in attacks against government entities in Guyana, and documented by ESET researchers as Operation Jacana.

article thumbnail

New ZenHammer Attack Bypasses Rowhammer Defenses on AMD CPUs

The Hacker News

Cybersecurity researchers from ETH Zurich have developed a new variant of the RowHammer DRAM (dynamic random-access memory) attack that, for the first time, successfully works against AMD Zen 2 and Zen 3 systems despite mitigations such as Target Row Refresh (TRR).

article thumbnail

Cybercriminals play dirty: A look back at 10 cyber hits on the sporting world

We Live Security

This rundown of 10 cyberattacks against the sports industry shows why every team needs to keep its eyes on the ball when it comes to their security posture.

108
108
article thumbnail

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

article thumbnail

Finland Blames Chinese Hacking Group APT31 for Parliament Cyber Attack

The Hacker News

The Police of Finland (aka Poliisi) has formally accused a Chinese nation-state actor tracked as APT31 for orchestrating a cyber attack targeting the country's Parliament in 2020. The intrusion, per the authorities, is said to have occurred between fall 2020 and early 2021.

article thumbnail

Elevating Privileges with Azure Site Recovery Services

NetSpi Technical

Cleartext credentials are commonly targeted in a penetration test and used to move laterally to other systems, obtain sensitive information, or even further elevate privileges. While this is a low effort finding to exploit, threat actors will utilize cleartext credentials to conduct attacks that could have a high impact for the target environment. NetSPI discovered a cleartext Azure Access Token for a privileged Managed Identity.

article thumbnail

Darcula Phishing Network Leveraging RCS and iMessage to Evade Detection

The Hacker News

A sophisticated phishing-as-a-service (PhaaS) platform called Darcula has set its sights on organizations in over 100 countries by leveraging a massive network of more than 20,000 counterfeit domains to help cyber criminals launch attacks at scale.

Phishing 105
article thumbnail

Sellafield nuclear waste dump faces prosecution over cybersecurity failures

Graham Cluley

The UK's Office for Nuclear Regulation (ONR) has started legal action against the controversial Sellafield nuclear waste facility due to years of alleged cybersecurity breaches. Read more in my article on the Hot for Security blog.

article thumbnail

From Complexity to Clarity: Strategies for Effective Compliance and Security Measures

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.