Wed.Apr 10, 2024

article thumbnail

Twitter’s Clumsy Pivot to X.com Is a Gift to Phishers

Krebs on Security

On April 9, Twitter/X began automatically modifying links that mention “twitter.com” to read “x.com” instead. But over the past 48 hours, dozens of new domain names have been registered that demonstrate how this change could be used to craft convincing phishing links — such as fedetwitter[.]com , which until very recently rendered as fedex.com in tweets.

Phishing 321
article thumbnail

In Memoriam: Ross Anderson, 1956-2024

Schneier on Security

Last week I posted a short memorial of Ross Anderson. The Communications of the ACM asked me to expand it. Here’s the longer version.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Best Practices for Enrolling Users in MFA

Duo's Security Blog

Enrolling users to use multi-factor authentication (MFA) is an essential security step for any organization. But user enrollment can be a logistical challenge and comes with security risks. In this blog we’ll discuss enrollment options and best security practices for Duo admins, whether they are rolling out MFA for the first time or maintaining enrollment for their users.

article thumbnail

Watch This? Patch This! LG Fixes Smart TV Vulns

Security Boulevard

4×CVE=RCE or Merely CE? Update your LG TV now, or let hackers root it. But is Bitdefender overhyping the issue? The post Watch This? Patch This! LG Fixes Smart TV Vulns appeared first on Security Boulevard.

article thumbnail

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

Speaker: Speakers:

They say a defense can be measured by its weakest link. In your cybersecurity posture, what––or who––is the weakest link? And how can you make them stronger? This webinar will equip you with the resources to search for quality training, implement it, and improve the cyber-behaviors of your workforce. By the end of the hour, you will feel empowered to improve the aspects of your security posture you control the least – the situational awareness and decision-making of your workforce.

article thumbnail

Malicious PowerShell script pushing malware looks AI-written

Bleeping Computer

A threat actor is using a PowerShell script that was likely created with the help of an artificial intelligence system such as OpenAI's ChatGPT, Google's Gemini, or Microsoft's CoPilot. [.

article thumbnail

6 Best Open Source Password Managers for Mac in 2024

Tech Republic Security

Explore the top open-source password managers available for Mac users. Find the best one that suits your needs and secure your online accounts effectively.

More Trending

article thumbnail

How to Stop Your Data From Being Used to Train AI

WIRED Threat Level

Some companies let you opt out of allowing your content to be used for generative AI. Here’s how to take back (at least a little) control from ChatGPT, Google’s Gemini, and more.

article thumbnail

CVE-2024-31861: Apache Zeppelin Vulnerability Opens Door to Code Injection Attacks

Penetration Testing

A security vulnerability labeled as “important” has surfaced in Apache Zeppelin, the popular data analytics notebook tool. Identified as CVE-2024-31861, this flaw gives attackers a way to inject malicious code through Zeppelin’s Shell interpreter,... The post CVE-2024-31861: Apache Zeppelin Vulnerability Opens Door to Code Injection Attacks appeared first on Penetration Testing.

article thumbnail

Researchers Uncover First Native Spectre v2 Exploit Against Linux Kernel

The Hacker News

Cybersecurity researchers have disclosed what they say is the "first native Spectre v2 exploit" against the Linux kernel on Intel systems that could be exploited to read sensitive data from the memory. The exploit, called Native Branch History Injection (BHI), can be used to leak arbitrary kernel memory at 3.

article thumbnail

Raspberry Robin Malware Now Using Windows Script Files to Spread

Security Boulevard

Raspberry Robin, the highly adaptable and evasive worm and malware loader that first appeared on the cyberthreat scene in 2021, is now using a new method for spreading its malicious code. According to a report this week by threat researchers with HP Wolf Security, a new campaign detected last month indicated that the operators behind. The post Raspberry Robin Malware Now Using Windows Script Files to Spread appeared first on Security Boulevard.

Malware 124
article thumbnail

The Importance of User Roles and Permissions in Cybersecurity Software

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

article thumbnail

Fortinet fixed a critical remote code execution bug in FortiClientLinux

Security Affairs

Fortinet addressed multiple issues in FortiOS and other products, including a critical remote code execution flaw in FortiClientLinux. Fortinet fixed a dozen vulnerabilities in multiple products, including a critical-severity remote code execution (RCE) issue, tracked as CVE-2023-45590 (CVSS score of 9.4), in FortiClientLinux. The vulnerability is an Improper Control of Generation of Code (‘Code Injection’) issue that resides in FortiClientLinux.

article thumbnail

GitLab Races to Fix Critical XSS Flaws – Don’t Delay Your Upgrade

Penetration Testing

GitLab, the widely used DevOps platform for code collaboration and project management, has released a significant security update. This release addresses multiple serious flaws, with the most critical being stored cross-site scripting (XSS) vulnerabilities.... The post GitLab Races to Fix Critical XSS Flaws – Don’t Delay Your Upgrade appeared first on Penetration Testing.

article thumbnail

Group Health Cooperative data breach impacted 530,000 individuals

Security Affairs

Group Health Cooperative of South Central Wisconsin disclosed a data breach that impacted over 500,000 individuals. The Group Health Cooperative of South Central Wisconsin (GHC-SCW) is a non-profit organization that provides health insurance and medical care services to its members in the Madison metropolitan area of Wisconsin. The organization disclosed a data breach after a ransomware attack, the incident impacted 533,809 individuals.

article thumbnail

CVE-2024-27980: Critical Node.js Update Patches Windows Command Injection Flaw

Penetration Testing

The Node.js project has released an urgent security update addressing a critical command injection vulnerability (CVE-2024-27980) on Windows systems. Even with ‘shell’ options disabled, this flaw could allow attackers to execute malicious code on... The post CVE-2024-27980: Critical Node.js Update Patches Windows Command Injection Flaw appeared first on Penetration Testing.

article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

Fortinet Rolls Out Critical Security Patches for FortiClientLinux Vulnerability

The Hacker News

Fortinet has released patches to address a critical security flaw impacting FortiClientLinux that could be exploited to achieve arbitrary code execution. Tracked as CVE-2023-45590, the vulnerability carries a CVSS score of 9.4 out of a maximum of 10.

112
112
article thumbnail

Chrome Enterprise gets Premium security but you have to pay for it

Bleeping Computer

Google has announced a new version of its browser for organizations, Chrome Enterprise Premium, which comes with extended security controls for a monthly fee per user. [.

117
117
article thumbnail

Apple Expands Spyware Alert System to Warn Users of Mercenary Attacks

The Hacker News

Apple on Wednesday revised its documentation pertaining to its mercenary spyware threat notification system to mention that it alerts users when they may have been individually targeted by such attacks.

Spyware 111
article thumbnail

Microsoft’s April 2024 Patch Tuesday: Updates for 150 Vulnerabilities and Two Zero-Days

Security Boulevard

In a significant security update, Microsoft has released its April 2024 Patch Tuesday updates, which address a hefty 150 vulnerabilities across its suite of products. This update is particularly noteworthy not only for the sheer volume of vulnerabilities it covers but also because it includes fixes for two zero-day vulnerabilities that are currently being exploited by cybercriminals.

109
109
article thumbnail

Cybersecurity Predictions for 2024

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

article thumbnail

Beware: GitHub's Fake Popularity Scam Tricking Developers into Downloading Malware

The Hacker News

Threat actors are now taking advantage of GitHub's search functionality to trick unsuspecting users looking for popular repositories into downloading spurious counterparts that serve malware.

Malware 110
article thumbnail

Home Depot Employee Data Exposed in Third-Party Vendor Misstep

SecureWorld News

Home improvement giant Home Depot has disclosed a data breach after one of its software-as-a-service (SaaS) vendors mistakenly exposed a limited sample of employee data during system testing. The exposed information includes names, work email addresses, and user IDs for around 10,000 Home Depot employees. While not highly sensitive, the leaked data could enable targeted phishing attacks against employees in an attempt to compromise corporate credentials and potentially breach Home Depot's networ

article thumbnail

North African Human Rights Activists Targeted by New “Starry Addax” Malware Campaign

Penetration Testing

Security researchers at Cisco Talos have uncovered a sophisticated new malware campaign orchestrated by a threat actor they’ve named “Starry Addax.” This group is aggressively targeting human rights activists with ties to the Sahrawi... The post North African Human Rights Activists Targeted by New “Starry Addax” Malware Campaign appeared first on Penetration Testing.

article thumbnail

AT&T now says data breach impacted 51 million customers

Bleeping Computer

AT&T is notifying 51 million former and current customers, warning them of a data breach that exposed their personal information on a hacking forum. However, the company has still not disclosed how the data was obtained. [.

article thumbnail

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

article thumbnail

Redis Servers Exploited to Deploy Metasploit Meterpreter Backdoor

Penetration Testing

Security experts at AhnLab Security Intelligence Center (ASEC) have sounded the alarm on a new wave of attacks targeting Redis servers. Threat actors are compromising these popular data stores to install the potent Metasploit... The post Redis Servers Exploited to Deploy Metasploit Meterpreter Backdoor appeared first on Penetration Testing.

article thumbnail

Targus business operations disrupted following cyber attack

Graham Cluley

Targus, the well-known laptop bag and case manufacturer, has been hit by a cyber attack that has interrupted its normal business operations. Read more in my article on the Hot for Security blog.

article thumbnail

'eXotic Visit' Spyware Campaign Targets Android Users in India and Pakistan

The Hacker News

An active Android malware campaign dubbed eXotic Visit has been primarily targeting users in South Asia, particularly those in India and Pakistan, with malware distributed via dedicated websites and Google Play Store. Slovak cybersecurity firm said the activity, ongoing since November 2021, is not linked to any known threat actor or group.

Spyware 103
article thumbnail

Microsoft Patches Tuesday security updates for April 2024 fixed hundreds of issues

Security Affairs

Microsoft Patches Tuesday security updates for April 2024 addressed three Critical vulnerabilities, none actively exploited in the wild. Microsoft Patches Tuesday security updates for April 2024 addressed 147 vulnerabilities in multiple products. This is the highest number of fixed issues from Microsoft this year and the largest since at least 2017.

DNS 102
article thumbnail

5 Key Findings From the 2023 FBI Internet Crime Report

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

article thumbnail

Raspberry Robin Returns: New Malware Campaign Spreading Through WSF Files

The Hacker News

Cybersecurity researchers have discovered a new Raspberry Robin campaign wave that propagates the malware through malicious Windows Script Files (WSFs) since March 2024.

Malware 104
article thumbnail

AT&T states that the data breach impacted 51 million former and current customers

Security Affairs

AT&T confirmed that the data breach impacted 51 million former and current customers and is notifying them. AT&T revealed that the recently disclosed data breach impacts more than 51 million former and current customers and is notifying them. In March 2024, more than 70,000,000 records from an unspecified division of AT&T were leaked onto Breached forum, vx-underground researchers reported.

article thumbnail

Smashing Security podcast #367: WhatsApp at Westminster, unhealthy AI, and Drew Barrymore

Graham Cluley

MPs aren't just getting excited about an upcoming election, but also the fruity WhatsApp messages they're receiving, can we trust AI with our health, and who on earth is pretending to be a producer for the Drew Barrymore TV show? All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by John Hawes.

article thumbnail

Cybersecurity: Benefits and Best Practices

Tech Republic Security

Cybercriminal activity is increasing. It is no longer a matter of if an attack will happen, but of when. From small companies to large corporations, public sectors, government and defense sectors, cybersecurity is the only barrier to protecting valuable digital resources and assets. Furthermore, with an ever-evolving regulatory landscape, cybersecurity has also become essential for.

article thumbnail

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?