Thu.Apr 18, 2024

article thumbnail

Other Attempts to Take Over Open Source Projects

Schneier on Security

After the XZ Utils discovery, people have been examining other open-source projects. Surprising no one, the incident is not unique: The OpenJS Foundation Cross Project Council received a suspicious series of emails with similar messages, bearing different names and overlapping GitHub-associated emails. These emails implored OpenJS to take action to update one of its popular JavaScript projects to “address any critical vulnerabilities,” yet cited no specifics.

article thumbnail

Kaspersky Study: Devices Infected With Data-Stealing Malware Increased by 7 Times Since 2020

Tech Republic Security

Nearly 10 million devices were infected with data-stealing malware in 2023, with criminals stealing an average of 50.9 credentials per device.

Malware 194
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

ClamAV Issues Urgent Patch for High-Risk DoS Vulnerability CVE-2024-20380

Penetration Testing

The ClamAV development team has released urgent security patches for its popular open-source antivirus software. The patches address a high-severity vulnerability, designated CVE-2024-20380 (CVSS 7.5), that could allow unauthenticated, remote attackers to crash ClamAV... The post ClamAV Issues Urgent Patch for High-Risk DoS Vulnerability CVE-2024-20380 appeared first on Penetration Testing.

article thumbnail

Vulnerabilities for AI and ML Applications are Skyrocketing

Security Boulevard

In their haste to deploy LLM tools, organizations may overlook crucial security practices. The rise in threats like Remote Code Execution indicates an urgent need to improve security measures in AI development. The post Vulnerabilities for AI and ML Applications are Skyrocketing appeared first on Security Boulevard.

article thumbnail

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

Speaker: Speakers:

They say a defense can be measured by its weakest link. In your cybersecurity posture, what––or who––is the weakest link? And how can you make them stronger? This webinar will equip you with the resources to search for quality training, implement it, and improve the cyber-behaviors of your workforce. By the end of the hour, you will feel empowered to improve the aspects of your security posture you control the least – the situational awareness and decision-making of your workforce.

article thumbnail

TechRepublic’s Review Methodology for Password Managers

Tech Republic Security

Our review methodology for password managers provides you with a reliable assessment of the best solutions based on the analyzed key factors.

article thumbnail

House Passes Privacy-Preserving Bill, but Biden Blasts it

Security Boulevard

Are you a FANFSA fan? The White House isn’t. It says the bill “threatens national security.” The post House Passes Privacy-Preserving Bill, but Biden Blasts it appeared first on Security Boulevard.

More Trending

article thumbnail

Cisco Taps AI and eBPF to Automate Security Operations

Security Boulevard

Cisco today launched a framework that leverages artificial intelligence (AI) to test a software patch in a digital twin running on an endpoint to make sure an application doesn’t break before actually deploying it. Jeetu Patel, executive vice president and general manager for security and collaboration at Cisco, said Cisco Hypershield makes use of extended.

article thumbnail

Change Healthcare data for sale on dark web as fallout from ransomware attack spirals out of control

Graham Cluley

February's crippling ransomware attack against Change Healthcare, which saw prescription orders delayed across the United States, continues to have serious consequences. Read more in my article on the Hot for Security blog.

article thumbnail

The Dark Side of EDR: Repurpose EDR as an Offensive Tool

Security Boulevard

See how a SafeBreach Labs researcher bypassed the anti-tampering mechanism of a leading EDR to execute malicious code within one of the EDR's own processes and altered the mechanism to gain unique, persistent, and fully undetectable capabilities. The post The Dark Side of EDR: Repurpose EDR as an Offensive Tool appeared first on SafeBreach. The post The Dark Side of EDR: Repurpose EDR as an Offensive Tool appeared first on Security Boulevard.

116
116
article thumbnail

Global Police Operation Disrupts 'LabHost' Phishing Service, Over 30 Arrested Worldwide

The Hacker News

As many as 37 individuals have been arrested as part of an international crackdown on a cybercrime service called LabHost that has been used by criminal actors to steal personal credentials from victims around the world.

Phishing 112
article thumbnail

The Importance of User Roles and Permissions in Cybersecurity Software

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

article thumbnail

Lazarus Group Deploys New Hacking Arsenal in Targeted Cyberattacks

Penetration Testing

Security researchers at Avast have uncovered a sophisticated cyber espionage campaign linked to the infamous Lazarus Group. The attackers are targeting individuals in Asia, using fake job offers and a series of advanced hacking... The post Lazarus Group Deploys New Hacking Arsenal in Targeted Cyberattacks appeared first on Penetration Testing.

article thumbnail

The many faces of impersonation fraud: Spot an imposter before it’s too late

We Live Security

What are some of the most common giveaway signs that the person behind the screen or on the other end of the line isn’t who they claim to be?

126
126
article thumbnail

GhostLocker 2.0 Unveiled: Evolving Ransomware-as-a-Service Poses Growing Threat

Penetration Testing

A new technical analysis by Seqrite cybersecurity researchers has revealed alarming upgrades to the GhostLocker ransomware. This notorious Ransomware-as-a-Service (RaaS) framework, operated by the hacktivist group GhostSec, has undergone a significant evolution. Its new... The post GhostLocker 2.0 Unveiled: Evolving Ransomware-as-a-Service Poses Growing Threat appeared first on Penetration Testing.

article thumbnail

Cisco warns of a command injection escalation flaw in its IMC. PoC publicly available

Security Affairs

Cisco has addressed a high-severity vulnerability in its Integrated Management Controller (IMC) for which publicly available exploit code exists. Cisco has addressed a high-severity Integrated Management Controller (IMC) vulnerability and is aware of a public exploit code for this issue. The PoC exploit code allows a local attacker to escalate privileges to root.

article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

Keycloak Patches Vulnerabilities, Mitigates DDoS and Data Theft Risks

Penetration Testing

Keycloak, a widely used open-source solution for authentication and authorization, has released important security updates addressing multiple vulnerabilities. These flaws, which could open the door for denial of service attacks or expose sensitive data,... The post Keycloak Patches Vulnerabilities, Mitigates DDoS and Data Theft Risks appeared first on Penetration Testing.

DDOS 109
article thumbnail

Cybercriminals pose as LastPass staff to hack password vaults

Bleeping Computer

LastPass is warning of a malicious campaign targeting its users with the CryptoChameleon phishing kit that is associated with cryptocurrency theft. [.

Passwords 118
article thumbnail

“DuneQuixote” Campaign Targets Middle East with Evasive “CR4T” Malware

Penetration Testing

Kaspersky Labs researchers have revealed a new, targeted malware campaign dubbed “DuneQuixote” with a focus on government entities within the Middle East. The campaign, active since at least February 2023, utilizes a custom malware... The post “DuneQuixote” Campaign Targets Middle East with Evasive “CR4T” Malware appeared first on Penetration Testing.

Malware 109
article thumbnail

Police smash LabHost international fraud network, 37 arrested

Graham Cluley

Police have successfully infiltrated and disrupted the fraud platform "LabHost", used by more than 2,000 criminals to defraud victims worldwide. Read more in my article on the Tripwire State of Security blog.

Phishing 107
article thumbnail

Cybersecurity Predictions for 2024

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

article thumbnail

Flatpak Users Beware: CVE-2024-32462 Vulnerability Allows Apps to Escape Sandbox

Penetration Testing

A recent security advisory has shed light on a vulnerability (CVE-2024-32462) within Flatpak, a popular framework for packaging and distributing Linux applications. This vulnerability could allow a malicious or compromised Flatpak app to exploit... The post Flatpak Users Beware: CVE-2024-32462 Vulnerability Allows Apps to Escape Sandbox appeared first on Penetration Testing.

article thumbnail

LabHost phishing service with 40,000 domains disrupted, 37 arrested

Bleeping Computer

The LabHost phishing-as-a-service (PhaaS) platform has been disrupted in a year-long global law enforcement operation that compromised the infrastructure and arrested 37 suspects, among them the original developer. [.

Phishing 105
article thumbnail

Mental health company Cerebral failed to protect sensitive personal data, must pay $7 million

Malwarebytes

The Federal Trade Commission (FTC) has reached a settlement with online mental health services company Cerebral after the company was charged with failing to secure and protect sensitive health data. Cerebral has agreed to an order that will restrict how the company can use or disclose sensitive consumer data, as well as require it to provide consumers with a simple way to cancel services.

article thumbnail

Stealthy Malware Campaign Switches Tactics, Targets WordPress Sites

Penetration Testing

A detailed analysis by Sucuri, a leading website security firm, has uncovered a sophisticated malware campaign that has shifted strategies to become more elusive and harder to detect. The hackers behind this campaign are... The post Stealthy Malware Campaign Switches Tactics, Targets WordPress Sites appeared first on Penetration Testing.

Malware 105
article thumbnail

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

article thumbnail

FIN7 targeted a large U.S. carmaker phishing attacks

Security Affairs

BlackBerry reported that the financially motivated group FIN7 targeted the IT department of a large U.S. carmaker with spear-phishing attacks. In late 2023, BlackBerry researchers spotted the threat actor FIN7 targeting a large US automotive manufacturer with a spear-phishing campaign. FIN7 targeted employees who worked in the company’s IT department and had higher levels of administrative rights.

Phishing 105
article thumbnail

New Android Trojan 'SoumniBot' Evades Detection with Clever Tricks

The Hacker News

A new Android trojan called SoumniBot has been detected in the wild targeting users in South Korea by leveraging weaknesses in the manifest extraction and parsing procedure. The malware is "notable for an unconventional approach to evading analysis and detection, namely obfuscation of the Android manifest," Kaspersky researcher Dmitry Kalinin said in a technical analysis.

Malware 103
article thumbnail

The Real-Time Deepfake Romance Scams Have Arrived

WIRED Threat Level

Watch how smooth-talking scammers known as “Yahoo Boys” use widely available face-swapping tech to carry out elaborate romance scams.

Scams 119
article thumbnail

Hackers Target Middle East Governments with Evasive "CR4T" Backdoor

The Hacker News

Government entities in the Middle East have been targeted as part of a previously undocumented campaign to deliver a new backdoor dubbed CR4T. Russian cybersecurity company Kaspersky said it discovered the activity in February 2024, with evidence suggesting that it may have been active since at least a year prior.

article thumbnail

5 Key Findings From the 2023 FBI Internet Crime Report

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

article thumbnail

United Nations Development Programme (UNDP) investigates data breach

Security Affairs

The United Nations Development Programme (UNDP) has initiated an investigation into an alleged ransomware attack and the subsequent theft of data. The United Nations Development Programme (UNDP) is investigating an alleged ransomware attack that resulted in data theft. The United Nations Development Programme (UNDP) is a United Nations agency tasked with helping countries eliminate poverty and achieve sustainable economic growth and human development.

article thumbnail

3.5 million Omni Hotel guest details held to ransom by Daixin Team

Graham Cluley

The international hotel chain Omni Hotels & Resorts has confirmed that a cyber attack last month saw it shut down its systems, with hackers stealing personal information about its customers. Read more in my article on the Exponential-E blog.

article thumbnail

Law enforcement operation dismantled phishing-as-a-service platform LabHost

Security Affairs

An international law enforcement operation led to the disruption of the prominent phishing-as-a-service platform LabHost. An international law enforcement operation, codenamed Nebulae and coordinated by Europol, led to the disruption of LabHost, which is one of the world’s largest phishing-as-a-service platforms. Law enforcement from 19 countries participated in the operation which resulted in the arrest of 37 individuals.

article thumbnail

Recover from Ransomware in 5 Minutes—We will Teach You How!

The Hacker News

Super Low RPO with Continuous Data Protection:Dial Back to Just Seconds Before an Attack Zerto, a Hewlett Packard Enterprise company, can help you detect and recover from ransomware in near real-time. This solution leverages continuous data protection (CDP) to ensure all workloads have the lowest recovery point objective (RPO) possible.

article thumbnail

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?