Schneier on Security

DECEMBER 27, 2023

Apple is rolling out a new “Stolen Device Protection” feature that seems well thought out: When Stolen Device Protection is turned on, Face ID or Touch ID authentication is required for additional actions, including viewing passwords or passkeys stored in iCloud Keychain, applying for a new Apple Card, turning off Lost Mode, erasing all content and settings, using payment methods saved in Safari, and more.

Authentication 271

Authentication Passwords Accountability 271

SecureList

DECEMBER 27, 2023

Today, on December 27, 2023, we ( Boris Larin , Leonid Bezvershenko , and Georgy Kucherin ) delivered a presentation, titled, “Operation Triangulation: What You Get When Attack iPhones of Researchers”, at the 37th Chaos Communication Congress (37C3), held at Congress Center Hamburg. The presentation summarized the results of our long-term research into Operation Triangulation, conducted with our colleagues, Igor Kuznetsov , Valentin Pashkov , and Mikhail Vinogradov.

Firmware 145

Firmware Engineering Spyware Retail 145

Bleeping Computer

DECEMBER 27, 2023

The Operation Triangulation spyware attacks targeting iPhone devices since 2019 leveraged undocumented features in Apple chips to bypass hardware-based security protections. [.

Spyware 138

Spyware Mobile 138

Security Affairs

DECEMBER 27, 2023

Governments should recognize electoral processes as critical infrastructure and enact laws to regulate the use of generative Artificial Intelligence. Elections are scheduled in several countries worldwide in 2024, with potential geopolitical implications. Key events include the European Parliament elections in June, the U.S. presidential elections in November, and the French and German presidential elections in April and September, respectively.

Artificial Intelligence 123

Artificial Intelligence Media Government Technology 123

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Bleeping Computer

DECEMBER 27, 2023

Yakult Australia, manufacturer of a probiotic milk drink, has confirmed experiencing a "cyber incident" in a statement to BleepingComputer. Both the company's Australian and New Zealand IT systems have been affected. Cybercrime actor DragonForce which claimed responsibility for the attack has also leaked 95 GB of data. [.

Manufacturing 132

Manufacturing Cybercrime 132

Security Affairs

DECEMBER 27, 2023

Researchers warn of attacks against poorly managed Linux SSH servers that mainly aim at installing DDoS bot and CoinMiner. Researchers at AhnLab Security Emergency Response Center (ASEC) are warning about attacks targeting poorly managed Linux SSH servers, primarily focused on installing DDoS bots and CoinMiners. In the reconnaissance phase, the threat actors perform IP scanning to look for servers with the SSH service, or port 22 activated, then launch a brute force or dictionary attack to obta

DDOS 120

DDOS Passwords Firewall Accountability 120

Security Affairs

DECEMBER 27, 2023

Security firm Barracuda addressed a new zero-day, affecting its Email Security Gateway (ESG) appliances, that is actively exploited by the China-linked UNC4841 group. On December 21, network and email cybersecurity firm Barracuda started releasing security updates to address a zero-day, tracked as CVE-2023-7102 , in Email Security Gateway (ESG) appliances.

Malware 119

Malware Phishing Hacking Cybersecurity 119

Bleeping Computer

DECEMBER 27, 2023

German hospital network Katholische Hospitalvereinigung Ostwestfalen (KHO) has confirmed that recent service disruptions were caused by a Lockbit ransomware attack where the threat actors gained access to IT systems and encrypted devices on the network. [.

Ransomware 125

Ransomware Encryption Healthcare 125

WIRED Threat Level

DECEMBER 27, 2023

Apple updated its location-tracking system in an attempt to cut down on AirTag abuse while still preserving privacy. Researchers think they’ve found a better balance.

117

117

Bleeping Computer

DECEMBER 27, 2023

Panasonic Avionics Corporation, a leading supplier of in-flight communications and entertainment systems, disclosed a data breach affecting an undisclosed number of individuals after its corporate network was breached more than one year ago, in December 2022. [.

Data breaches 120

Data breaches 120

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Security Affairs

DECEMBER 27, 2023

Researchers discovered a new Android malware dubbed Xamalicious that can take full control of the device and perform fraudulent actions. McAfee Mobile Research Team discovered a new Android backdoor dubbed Xamalicious that can take full control of the device and perform fraudulent actions. The malware has been implemented with Xamarin, an open-source framework that allows building Android and iOS apps with.NET and C#.

Malware 111

Malware Encryption Social Engineering Marketing 111

Bleeping Computer

DECEMBER 27, 2023

A previously unknown Android backdoor named 'Xamalicious' has infected approximately 338,300 devices via malicious apps on Google Play, Android's official app store. [.

Malware 121

Malware Mobile 121

Digital Guardian

DECEMBER 27, 2023

Being able to scan your data can give you the full scope of where files exist and what needs to be properly secured. In this blog, we break down why it's a key part of data loss prevention, who uses data scanning, and why it's important.

102

102

Bleeping Computer

DECEMBER 27, 2023

The Ohio Lottery was forced to shut down some key systems after a cyberattack affected an undisclosed number of internal applications on Christmas Eve. [.

Ransomware 117

Ransomware 117

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity

We Live Security

DECEMBER 27, 2023

Before getting rid of your no-longer-needed device, make sure it doesn’t contain any of your personal documents or information

118

118

Bleeping Computer

DECEMBER 27, 2023

Mortgage servicing company LoanCare is warning 1,316,938 borrowers across the U.S. that their sensitive information was exposed in a data breach at its parent company, Fidelity National Financial. [.

Data breaches 100

Data breaches 100

Penetration Testing

DECEMBER 27, 2023

In the digital era, small and medium-sized businesses have become increasingly reliant on the Internet for their daily operations. However, with this reliance comes a heightened vulnerability to cyber threats. The recent discovery of... The post The Urgent Need to Patch Buffalo’s VR-S1000 VPN Router appeared first on Penetration Testing.

VPN 102

VPN Penetration Testing Cyber threats Internet 102

The Hacker News

DECEMBER 27, 2023

Barracuda has revealed that Chinese threat actors exploited a new zero-day in its Email Security Gateway (ESG) appliances to deploy backdoor on a "limited number" of devices.

91

91

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

Penetration Testing

DECEMBER 27, 2023

Above Invisible protocol sniffer for finding vulnerabilities in the network. Designed for pentesters and security professionals. Mechanics Above is an invisible network sniffer for finding vulnerabilities in network equipment. It is based entirely on... The post Above: Invisible protocol sniffer for finding vulnerabilities in the network appeared first on Penetration Testing.

Penetration Testing 105

Penetration Testing 105

The Hacker News

DECEMBER 27, 2023

A new Android backdoor has been discovered with potent capabilities to carry out a range of malicious actions on infected devices. Dubbed Xamalicious by the McAfee Mobile Research Team, the malware is so named for the fact that it's developed using an open-source mobile app framework called Xamarin and abuses the operating system's accessibility permissions to fulfill its objectives.

Malware 87

Malware Mobile 87

Penetration Testing

DECEMBER 27, 2023

In a digital landscape increasingly dotted with sophisticated surveillance solutions, the discovery of a critical vulnerability in QNAP’s VioStor Network Video Recorder (NVR) devices serves as a stark reminder of the ever-present cybersecurity risks.... The post CVE-2023-47565 Flaw in QNAP NVR Devices Exploited in the Wild appeared first on Penetration Testing.

Penetration Testing 96

Penetration Testing Surveillance Risk Cybersecurity 96

The Hacker News

DECEMBER 27, 2023

A new malware loader is being used by threat actors to deliver a wide range of information stealers such as Lumma Stealer (aka LummaC2), Vidar, RecordBreaker (aka Raccoon Stealer V2), and Rescoms. Cybersecurity firm ESET is tracking the trojan under the name Win/TrojanDownloader.Rugmi.

Malware 86

Malware Cybersecurity 86

Advertisement

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

Identity Theft

Penetration Testing

DECEMBER 27, 2023

Experts Boris Larin, Leonid Bezvershenko, and Georgy Kucherin from Kaspersky Lab presented a report titled “Operation Triangulation: What You Get When Attack iPhones of Researchers” at the 37th Chaos Communication Congress (37C3 hacker conference. They summarized... The post Beyond Zero-Day: Operation Triangulation Redefines iPhone Hacking appeared first on Penetration Testing.

Penetration Testing 93

Penetration Testing Hacking 93

Security Affairs

DECEMBER 27, 2023

St Vincent’s Health Australia, the largest Australian healthcare provider, suffered a data breach after a cyber attack. St Vincent’s Health Australia is the largest non-profit healthcare provider in the country, The healthcare system was hit by a cyberattack that resulted in a data breach. St Vincent’s Health Australia reported the incident to local authorities and is working with the Australian government to mitigate the security incident.

Healthcare 109

Healthcare Data breaches Government Cyber Attacks 109

The Hacker News

DECEMBER 27, 2023

A new zero-day security flaw has been discovered in the Apache OfBiz, an open-source Enterprise Resource Planning (ERP) system that could be exploited to bypass authentication protections. The vulnerability, tracked as CVE-2023-51467, resides in the login functionality and is the result of an incomplete patch for another critical vulnerability (CVE-2023-49070, CVSS score: 9.

Authentication 85

Authentication 85

Penetration Testing

DECEMBER 27, 2023

In the ever-evolving landscape of container orchestration, Google Kubernetes Engine (GKE) stands as a colossus, offering scalable and efficient solutions. However, recent revelations from Palo Alto Networks have cast a spotlight on two specific... The post Google Kubernetes Engine Double Flaws: Exploiting FluentBit & ASM for Cluster Takeover appeared first on Penetration Testing.

Engineering 87

Engineering Penetration Testing 87

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

Cybersecurity

Security Boulevard

DECEMBER 27, 2023

Among all IT components, endpoints are the easiest to exploit, making them the most vulnerable to cyberattacks. This makes endpoint Read More The post What Is Endpoint Security Management and Why Is It Important? appeared first on Kaseya. The post What Is Endpoint Security Management and Why Is It Important? appeared first on Security Boulevard.

Cybersecurity 70

Cybersecurity 70

Penetration Testing

DECEMBER 27, 2023

Researchers have disclosed the discovery of a novel cross-platform Go malware, JaskaGO, designed for information theft and targeting systems running Windows and macOS. The first traces of the macOS version of JaskaGO were observed... The post JaskaGO: New Malware Threat Stalks Windows & macOS appeared first on Penetration Testing.

Malware 82

Malware Penetration Testing 82

Security Boulevard

DECEMBER 27, 2023

The U.S. Defense Industrial Base (DIB) Sector is the worldwide industrial complex that enables research and development, as well as design, production, delivery, and maintenance of military weapons systems, subsystems, and components or parts, to meet U.S. military requirements. With over 250,000+ DIB companies and their subcontractors involved in the sector, including domestic and foreign […] The post CMMC v2.0 vs NIST 800-171: Understanding the Differences appeared first on Centraleyes.

67

67

Penetration Testing

DECEMBER 27, 2023

According to the monthly threat analysis by NCC Group, the banking malware Carbanak, known since 2014, has updated its methods and is now actively used in ransomware attacks. Experts report that in November 2023,... The post Malware Masquerade: HubSpot, Veeam, Xero – Carbanak Lures Victims with Trust appeared first on Penetration Testing.

Penetration Testing 84

Penetration Testing Malware Banking Ransomware 84

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.