Tue.May 21, 2024

article thumbnail

RSAC Fireside Chat: IRONSCALES utilizes LLM, superior intel to stay a step ahead of Deep Fakes

The Last Watchdog

There was a lot of buzz at RSAC 2024 about how GenAI and Large Language Models (LLM) are getting leveraged — by both attackers and defenders. Related: Is your company moving too slow or too fast on GenAI? One promising example of the latter comes from messaging security vendor IRONSCALES. I had the chance to sit down with Eyal Benishti , IRONSCALES founder and CEO, to get a breakdown of how their new Generative Adversarial Network (GAN) technology utilizes a specialized LLM to reinforce an

Phishing 303
article thumbnail

Detecting Malicious Trackers

Schneier on Security

From Slashdot : Apple and Google have launched a new industry standard called “ Detecting Unwanted Location Trackers ” to combat the misuse of Bluetooth trackers for stalking. Starting Monday, iPhone and Android users will receive alerts when an unknown Bluetooth device is detected moving with them. The move comes after numerous cases of trackers like Apple’s AirTags being used for malicious purposes.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Back to Cooking: Detection Engineer vs Detection Consumer, Again?

Anton on Security

This is not a blog about the recent upheaval in the magical realm of SIEM. We have a perfectly good podcast / video about it (complete with hi-la-ri-ous XDR jokes, both human and AI created). This is about something that bothered me for a long time (since my Gartner days ) and I finally figured out how to solve this complicated problem. Of course, the answer is … A TWITTER POLL!

article thumbnail

CVE-2024-29849 (CVSS 9.8): Veeam’s Backup Nightmare, Full System Access Exposed

Penetration Testing

Veeam Software, a leading provider of backup and recovery solutions, has issued urgent security advisories regarding multiple critical vulnerabilities in its Veeam Backup Enterprise Manager (Enterprise Manager) component. These vulnerabilities could allow unauthorized access,... The post CVE-2024-29849 (CVSS 9.8): Veeam’s Backup Nightmare, Full System Access Exposed appeared first on Penetration Testing.

Backups 145
article thumbnail

Human-Centered Cyber Security Training: Driving Real Impact on Security Culture

Speaker: Speakers:

In today's digital age, having an untrained workforce can be a significant risk to your business. Cyber threats are evolving; without proper training, your employees could be the weakest link in your defense. This webinar empowers leaders like you with the tools and strategies needed to transform your employees into a robust frontline defense against cyber attacks.

article thumbnail

Rockwell Automation warns admins to take ICS devices offline

Bleeping Computer

Rockwell Automation warned customers to disconnect all industrial control systems (ICSs) not designed for online exposure from the Internet due to increasing malicious activity worldwide. [.

Internet 135
article thumbnail

CVE-2024-21683: Atlassian Patches RCE Flaw in Confluence Data Center and Server

Penetration Testing

Atlassian, a leading provider of collaboration and productivity software, has urgently addressed a remote code execution (RCE) vulnerability in its Confluence Data Center and Server products. Tracked as CVE-2024-21683, this flaw could allow authenticated... The post CVE-2024-21683: Atlassian Patches RCE Flaw in Confluence Data Center and Server appeared first on Penetration Testing.

More Trending

article thumbnail

Arrests made after North Koreans hired for remote tech jobs at US companies

Graham Cluley

US businesses are believed to have recruited thousands of North Korean IT workers, sending earnings (and potentially data) to North Korea. Read more in my article on the Hot for Security blog.

article thumbnail

LockBit says they stole data in London Drugs ransomware attack

Bleeping Computer

Today, the LockBit ransomware gang claimed they were behind the April cyberattack on Canadian pharmacy chain London Drugs and is now threatening to publish stolen data online after allegedly failed negotiations. [.

article thumbnail

Windows 11 to Deprecate NTLM, Add AI-Powered App Controls and Security Defenses

The Hacker News

Microsoft on Monday confirmed its plans to deprecate NT LAN Manager (NTLM) in Windows 11 in the second half of the year, as it announced a slew of new security measures to harden the widely-used desktop operating system.

article thumbnail

GhostEngine mining attacks kill EDR security using vulnerable drivers

Bleeping Computer

A malicious crypto mining campaign codenamed 'REF4578,' has been discovered deploying a malicious payload named GhostEngine that uses vulnerable drivers to turn off security products and deploy an XMRig miner. [.

122
122
article thumbnail

The Importance of User Roles and Permissions in Cybersecurity Software

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

article thumbnail

Hackers Leverage AI as Application Security Threats Mount

Security Boulevard

Reverse-engineering tools, rising jailbreaking activities, and the surging use of AI and ML to enhance malware development were among the worrying trends in a recent report. AI and ML are making life easier for developers. They’re also making life easier for threat actors. The post Hackers Leverage AI as Application Security Threats Mount appeared first on Security Boulevard.

article thumbnail

Western Sydney University data breach exposed student data

Bleeping Computer

Western Sydney University (WSU) has notified students and academic staff about a data breach after threat actors breached its Microsoft 365 and Sharepoint environment. [.

article thumbnail

RSAC Fireside Chat: IRONSCALES utilizes LLM, superior intel to stay a step ahead of Deep Fakes

Security Boulevard

There was a lot of buzz at RSAC 2024 about how GenAI and Large Language Models (LLM) are getting leveraged — by both attackers and defenders. Related: Is your company moving too slow or too fast on GenAI? One promising … (more…) The post RSAC Fireside Chat: IRONSCALES utilizes LLM, superior intel to stay a step ahead of Deep Fakes first appeared on The Last Watchdog.

119
119
article thumbnail

Zoom Adopts NIST-Approved Post-Quantum End-to-End Encryption for Meetings

The Hacker News

Popular enterprise services provider Zoom has announced the rollout of post-quantum end-to-end encryption (E2EE) for Zoom Meetings, with support for Zoom Phone and Zoom Rooms coming in the future. "As adversarial threats become more sophisticated, so does the need to safeguard user data," the company said in a statement.

article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

Digital Impersonation Fraud: a Growing Challenge for Brands

Security Boulevard

Malicious actors are using AI to perpetrate phishing scams centered around website impersonation, a threat few businesses are prepared to combat. The post Digital Impersonation Fraud: a Growing Challenge for Brands appeared first on Security Boulevard.

Scams 116
article thumbnail

Malware Delivery via Cloud Services Exploits Unicode Trick to Deceive Users

The Hacker News

A new attack campaign dubbed CLOUD#REVERSER has been observed leveraging legitimate cloud storage services like Google Drive and Dropbox to stage malicious payloads.

Malware 115
article thumbnail

Experts released PoC exploit code for RCE in QNAP QTS

Security Affairs

Experts warn of fifteen vulnerabilities in the QNAP QTS, the operating system for the Taiwanese vendor’s NAS products. An audit of QNAP QTS conducted by WatchTowr Labs revealed fifteen vulnerabilities, most of which have yet to be addressed. The most severe vulnerability is a flaw tracked as CVE-2024-27130. The issue is an unpatched stack buffer overflow vulnerability in the ‘No_Support_ACL’ function of ‘share.cgi,’ an unauthenticated attacker can exploit this issue

article thumbnail

QNAP Patches New Flaws in QTS and QuTS hero Impacting NAS Appliances

The Hacker News

Taiwanese company QNAP has rolled out fixes for a set of medium-severity flaws impacting QTS and QuTS hero, some of which could be exploited to achieve code execution on its network-attached storage (NAS) appliances. The issues, which impact QTS 5.1.x and QuTS hero h5.1.

110
110
article thumbnail

Cybersecurity Predictions for 2024

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

article thumbnail

How to Install a VPN on Your Router

Tech Republic Security

Trying to figure out how to install a VPN on your router? Read our step-by-step guide to help you get started.

VPN 128
article thumbnail

Zoom adds post-quantum end-to-end encryption to video meetings

Bleeping Computer

Zoom has announced the global availability of post-quantum end-to-end encryption (E2EE) for Zoom Meetings, with Zoom Phone and Zoom Rooms to follow soon. [.

article thumbnail

Critical Veeam Backup Enterprise Manager Flaw Allows Authentication Bypass

The Hacker News

Users of Veeam Backup Enterprise Manager are being urged to update to the latest version following the discovery of a critical security flaw that could permit an adversary to bypass authentication protections. Tracked as CVE-2024-29849 (CVSS score: 9.

Backups 109
article thumbnail

Google rolls out Chrome fix for empty pages when switching tabs

Bleeping Computer

Google is rolling out a server-side fix for a known issue affecting the Chrome browser that causes webpage content to temporarily disappear when users change between open tabs. [.

108
108
article thumbnail

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

article thumbnail

Many Stumble Into Cybersecurity, But Leadership is By Design

Security Boulevard

During RSAC 2024, Synack and Nasdaq hosted a lineup of cyber leaders who shared their varied paths to the industry, building teams, and managing bad days. The post Many Stumble Into Cybersecurity, But Leadership is By Design appeared first on Security Boulevard.

article thumbnail

NextGen Healthcare Mirth Connect Under Attack - CISA Issues Urgent Warning

The Hacker News

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added a security flaw impacting NextGen Healthcare Mirth Connect to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.

article thumbnail

Eventbrite Promoted Illegal Opioid Sales to People Searching for Addiction Recovery Help

WIRED Threat Level

A WIRED investigation found thousands of Eventbrite posts selling escort services and drugs like Xanax and oxycodone—some of which the company’s algorithm recommended alongside addiction recovery events.

105
105
article thumbnail

CISA adds NextGen Healthcare Mirth Connect flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

CISA adds NextGen Healthcare Mirth Connect deserialization of untrusted data vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a NextGen Healthcare Mirth Connect vulnerability to its Known Exploited Vulnerabilities (KEV) catalog. The issue, tracked as CVE-2023-43208 , is a Deserialization of Untrusted Data Vulnerability.

article thumbnail

5 Key Findings From the 2023 FBI Internet Crime Report

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

article thumbnail

Researchers Uncover Flaws in Python Package for AI Models and PDF.js Used by Firefox

The Hacker News

A critical security flaw has been disclosed in the llama_cpp_python Python package that could be exploited by threat actors to achieve arbitrary code execution. Tracked as CVE-2024-34359 (CVSS score: 9.7), the flaw has been codenamed Llama Drama by software supply chain security firm Checkmarx.

Software 103
article thumbnail

Living off the Land and Fileless Malware

Digital Shadows

Explore how fileless malware and LotL techniques dominated 2023's cyber threats, and discover ReliaQuest's mitigation strategies for 2024.

Malware 113
article thumbnail

SolarMarker Malware Evolves to Resist Takedown Attempts with Multi-Tiered Infrastructure

The Hacker News

The persistent threat actors behind the SolarMarker information-stealing malware have established a multi-tiered infrastructure to complicate law enforcement takedown efforts, new findings from Recorded Future show.

Malware 101
article thumbnail

Minnesota Passes Data Privacy Law, Joining Growing State Movement

SecureWorld News

On May 19, 2024, Minnesota officially joined the ranks of states enacting robust data privacy protections for consumers. The Minnesota Consumer Data Privacy Act (HF 4757 / SF 4782) was approved by the state legislature and is headed to the governor's desk for expected signature into law. The landmark legislation grants Minnesota residents a sweeping set of rights regarding how companies collect and use their personal data.

article thumbnail

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?