Schneier on Security

APRIL 12, 2024

Someone got caught trying to smuggle 322 pounds of gold (that’s about 1/4 of a cubic foot) out of Hong Kong. It was disguised as machine parts: On March 27, customs officials x-rayed two air compressors and discovered that they contained gold that had been “concealed in the integral parts” of the compressors. Those gold parts had also been painted silver to match the other components in an attempt to throw customs off the trail.

235

235

Tech Republic Security

APRIL 12, 2024

Research has found that criminals can demand higher ransom when they compromise an organisation’s backup data in a ransomware attack. Discover advice from security experts on how to properly protect your backup.

Backups 186

Backups Ransomware Cybersecurity 186

The Hacker News

APRIL 12, 2024

Palo Alto Networks is warning that a critical flaw impacting its PAN-OS software used in its GlobalProtect gateways is being exploited in the wild. Tracked as CVE-2024-3400, the issue has a CVSS score of 10.0, indicating maximum severity.

Software 143

Software 143

Tech Republic Security

APRIL 12, 2024

Apple recommends that iPhone users install software updates, use strong passwords and 2FA, and don’t open links or attachments from suspicious emails to keep their device safe from spyware.

Spyware 165

Spyware Passwords Software Mobile 165

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Security Boulevard

APRIL 12, 2024

A hard-coded credential catastrophe: The analytics firm kept big companies’ secrets in an insecure AWS bucket. Government says victims include the “critical infrastructure sector.” The post Sisense Hacked: CISA Warns Customers at Risk appeared first on Security Boulevard.

Risk 139

Risk Hacking Government Digital transformation 139

Bleeping Computer

APRIL 12, 2024

Roku warns that 576,000 accounts were hacked in new credential stuffing attacks after disclosing another incident that compromised 15,000 accounts in early March. [.

Accountability 129

Accountability Hacking 129

Bleeping Computer

APRIL 12, 2024

On Friday, the Federal Bureau of Investigation warned of a massive ongoing wave of SMS phishing attacks targeting Americans with lures regarding unpaid road toll fees. [.

Phishing 126

Phishing 126

The Hacker News

APRIL 12, 2024

"Test files" associated with the XZ Utils backdoor have made their way to a Rust crate known as liblzma-sys, new findings from Phylum reveal. liblzma-sys, which has been downloaded over 21,000 times to date, provides Rust developers with bindings to the liblzma implementation, an underlying library that is part of the XZ Utils data compression software.

Software 123

Software 123

eSecurity Planet

APRIL 12, 2024

Data loss prevention (DLP) best practices are principles that help prevent intentional or unintentional data erasure. By following these guidelines, organizations can reduce the detrimental impact of data loss and quickly resume operations after an incident. This also protects sensitive data and minimizes legal and reputational issues. Explore some real-world instances below and discover when and how to use DLP procedures for optimal data security.

Backups 118

Backups Encryption Data breaches Risk 118

Bleeping Computer

APRIL 12, 2024

Today, Palo Alto Networks warns that an unpatched critical command injection vulnerability in its PAN-OS firewall is being actively exploited in attacks. [.

Firewall 127

Firewall 127

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Penetration Testing

APRIL 12, 2024

Akamai researcher Ben Barnea has released the technical details and proof-of-concept (PoC) for a severe CVE-2023-35628 vulnerability in Microsoft Windows, specifically affecting Outlook clients and potentially exploitable through Windows Explorer. With a CVSS score... The post PoC Released for Zero-Click CVE-2023-35628 Vulnerability in Microsoft Windows appeared first on Penetration Testing.

Penetration Testing 116

Penetration Testing 116

Quick Heal Antivirus

APRIL 12, 2024

Delivery Boys moonlighting as Cybercriminals in Pune: Operated 120 bank accounts for international masterminds (Image Source: Indian Express). The post Quick Bytes: Top Cyber News Of The Week appeared first on Quick Heal Blog.

Banking 110

Banking Accountability Cybersecurity 110

Bleeping Computer

APRIL 12, 2024

Telegram fixed a zero-day vulnerability in its Windows desktop application that could be used to bypass security warnings and automatically launch Python scripts. [.

118

118

Security Affairs

APRIL 12, 2024

Roku announced that 576,000 accounts were compromised in a new wave of credential stuffing attacks. Roku announced that 576,000 accounts were hacked in new credential stuffing attacks, threat actors used credentials stolen from third-party platforms. “ Credential stuffing is a type of attack in which hackers use automation and lists of compromised usernames and passwords to defeat authentication and authorization mechanisms, with the end goal of account takeover (ATO) and/or data exfiltration.

Accountability 111

Accountability Passwords Data breaches Authentication 111

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity

Bleeping Computer

APRIL 12, 2024

Microsoft has started testing ads in the Windows 11 Start menu, a new experiment the company says will help users find new "great" apps in the Microsoft Store. [.

114

114

Security Affairs

APRIL 12, 2024

Crooks targeted a LastPass employee using deepfake technology to impersonate the company’s CEO in a fraudulent scheme. In a fraudulent scheme, criminals used deepfake technology to impersonate LastPass ‘s CEO, targeting an employee of the company. The attack occurred this week, but the employed recognized the attack and the attempt failed.

Social Engineering 110

Social Engineering Scams Password Management Technology 110

WIRED Threat Level

APRIL 12, 2024

US House of Representatives voted on Friday to extend the Section 702 spy program. It passed without an amendment that would have required the FBI to obtain a warrant to access Americans' information.

106

106

Malwarebytes

APRIL 12, 2024

After seeing their Social Security Number (SSN) leaked in the AT&T breach , some US citizens are wondering if and how they can change their SSN. The good news is that even though it’s a challenging process, it is possible. But if you’ve ever had to abandon an email address that you used for years, imagine all of the hassle that came with that, and then imagine it being about 10 times worse.

Insurance 105

Insurance Identity Theft Government Banking 105

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

Penetration Testing

APRIL 12, 2024

Palo Alto Networks has disclosed a severe zero-day vulnerability (CVE-2024-3400) affecting its market-leading firewall software, PAN-OS. This vulnerability carries a CVSS score of 10.0, indicating its critical severity. Successful exploitation could allow unauthenticated attackers... The post CVE-2024-3400 (CVSS 10): Critical 0-Day Flaw in Palo Alto Networks Firewall Software Exploited in the Wild appeared first on Penetration Testing.

Firewall 111

Firewall Penetration Testing Software Marketing 111

The Hacker News

APRIL 12, 2024

The Iranian threat actor known as MuddyWater has been attributed to a new command-and-control (C2) infrastructure called DarkBeatC2, becoming the latest such tool in its arsenal after SimpleHarm, MuddyC3, PhonyC2, and MuddyC2Go.

107

107

Security Affairs

APRIL 12, 2024

TA547 group is targeting dozens of German organizations with an information stealer called Rhadamanthys, Proofpoint warns. Proofpoint researchers observed a threat actor, tracked as TA547, targeting German organizations with an email campaign delivering the Rhadamanthys malware. TA547 is a financially motivated threat actor that has been active since at least November 2017, it was observed conducting multiple campaigns to deliver a variety of Android and Windows malware, including DanaBot , Goot

Malware 105

Malware Social Engineering Retail Engineering 105

Bleeping Computer

APRIL 12, 2024

Telegram fixed a zero-day vulnerability in its Windows desktop application that could be used to bypass security warnings and automatically launch Python scripts. [.

111

111

Advertisement

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

Identity Theft

WIRED Threat Level

APRIL 12, 2024

Change Healthcare ransomware hackers already received a $22 million payment. Now a second group is demanding money, and it has sent WIRED samples of what they claim is the company's stolen data.

Healthcare 98

Healthcare Ransomware Hacking 98

Bleeping Computer

APRIL 12, 2024

Former Amazon security engineer Shakeeb Ahmed was sentenced to three years in prison for hacking two cryptocurrency exchanges in July 2022 and stealing over $12 million. [.

Engineering 103

Engineering Hacking Cryptocurrency 103

Penetration Testing

APRIL 12, 2024

A newly discovered high-severity security flaw (CVE-2024-22262) in the widely-used Spring Framework software could leave countless applications vulnerable to redirect and server-side request forgery (SSRF) attacks, researchers warn. The vulnerability lies in the way... The post CVE-2024-22262: Spring Framework Hit by New Vulnerability, Urgent Update Needed appeared first on Penetration Testing.

Penetration Testing 94

Penetration Testing Software 94

The Hacker News

APRIL 12, 2024

Identities now transcend human boundaries. Within each line of code and every API call lies a non-human identity. These entities act as programmatic access keys, enabling authentication and facilitating interactions among systems and services, which are essential for every API call, database query, or storage account access.

Authentication 90

Authentication Passwords Accountability 90

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

Cybersecurity

Penetration Testing

APRIL 12, 2024

Greenmask – dump obfuscation tool Greenmask is a powerful open-source utility that is designed for logical database backup dumping, obfuscation, and restoration. It offers extensive functionality for backup, anonymization, and data masking. Greenmask is written... The post greenmask: PostgreSQL dump and obfuscation tool appeared first on Penetration Testing.

Penetration Testing 91

Penetration Testing Backups 91

Bleeping Computer

APRIL 12, 2024

The Federal Trade Commission (FTC) is sending out $6,300,000 in partial refunds to 267,000 former AT&T Wireless customers as part of a data throttling settlement in 2019. [.

Wireless 84

Wireless Mobile 84

Penetration Testing

APRIL 12, 2024

GraphStrike GraphStrike is a suite of tools that enables Cobalt Strike’s HTTPS Beacon to use Microsoft Graph API for C2 communications. All Beacon traffic will be transmitted via two files created in the attacker’s SharePoint site,... The post GraphStrike: Cobalt Strike HTTPS beaconing over Microsoft Graph API appeared first on Penetration Testing.

Penetration Testing 95

Penetration Testing 95

Heimadal Security

APRIL 12, 2024

A new emergency directive from CISA requires U.S. federal agencies to address the risks associated with the Russian hacking group APT29’s compromise of several Microsoft business email accounts. On April 2, Federal Civilian Executive Branch (FCEB) agencies received Emergency Directive 24-02. They must look into potentially impacted emails, reset any compromised passwords, and take precautions […] The post CISA Issues Emergency Directive and Orders Agencies to Mitigate the Risks of th

Risk 77

Risk Hacking Passwords Accountability 77

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.