Fri.Feb 09, 2024

article thumbnail

Juniper Support Portal Exposed Customer Device Info

Krebs on Security

Until earlier this week, the support website for networking equipment vendor Juniper Networks was exposing potentially sensitive information tied to customer products, including which devices customers bought, as well as each product’s warranty status, service contracts and serial numbers. Juniper said it has since fixed the problem, and that the inadvertent data exposure stemmed from a recent upgrade to its support portal.

article thumbnail

No, Toothbrushes Were Not Used in a Massive DDoS Attack

Schneier on Security

The widely reported story last week that 1.5 million smart toothbrushes were hacked and used in a DDoS attack is false. Near as I can tell, a German reporter talking to someone at Fortinet got it wrong , and then everyone else ran with it without reading the German text. It was a hypothetical, which Fortinet eventually confirmed. Or maybe it was a stock-price hack.

DDOS 235
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Bitwarden Free vs. Premium: Which Plan Is Best For You?

Tech Republic Security

Learn about the differences between Bitwarden's Free and Premium versions and decide which one is the right fit for your password management needs.

article thumbnail

FBI and CISA publish guide to Living off the Land techniques

Malwarebytes

The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), and other authoring agencies have released a joint guidance about common living off the land (LOTL) techniques and common gaps in cyber defense capabilities. Living Off The Land (LOTL) is a covert cyberattack technique in which criminals carry out malicious activities using legitimate IT administration tools.

Software 145
article thumbnail

Guide to Business Writing

Everything you need to know about better business writing in one place. This is a complete guide to business writing — from a clear business writing definition to tips on how to hone your business writing skills.

article thumbnail

CVE-2024-24806: Critical SSRF Flaw Found in libuv – a Multi-Platform C Library

Penetration Testing

libuv is one such thread, a versatile C library that underpins the asynchronous heartbeat of applications far and wide, from the bustling event loops of Node.js to the quiet efficiency of various software projects.... The post CVE-2024-24806: Critical SSRF Flaw Found in libuv – a Multi-Platform C Library appeared first on Penetration Testing.

article thumbnail

Alert: New Stealthy "RustDoor" Backdoor Targeting Apple macOS Devices

The Hacker News

Apple macOS users are the target of a new Rust-based backdoor that has been operating under the radar since November 2023. The backdoor, codenamed RustDoor by Bitdefender, has been found to impersonate an update for Microsoft Visual Studio and target both Intel and Arm architectures.

More Trending

article thumbnail

MoqHao Android Malware Evolves with Auto-Execution Capability

The Hacker News

Threat hunters have identified a new variant of Android malware called MoqHao that automatically executes on infected devices without requiring any user interaction. "Typical MoqHao requires users to install and launch the app to get their desired purpose, but this new variant requires no execution," McAfee Labs said in a report published this week.

Malware 131
article thumbnail

Black Basta ransomware gang hacked Hyundai Motor Europe

Security Affairs

Black Basta ransomware gang claims the hack of the car maker Hyundai Motor Europe and the theft of three terabytes of their data. BleepingComputer reported that the Car maker Hyundai Motor Europe was breached by the Black Basta ransomware gang. The threat actors claim to have stolen three terabytes of data from the company. In January the company experienced IT issues, the outage was likely caused by the ransomware attack, but the company did not disclose it.

Hacking 127
article thumbnail

Raspberry Robin Malware Upgrades with Discord Spread and New Exploits

The Hacker News

The operators of Raspberry Robin are now using two new one-day exploits to achieve local privilege escalation, even as the malware continues to be refined and improved to make it stealthier than before.

Malware 126
article thumbnail

QR Code Phishing Attacks Target High-Level Executives: Report

Security Boulevard

C-level executives and others in managerial positions are by far the top targets of increasingly popular phishing attacks that involve malicious QR codes. According to researchers with Abnormal Security, members of the C-suite in the fourth quarter of 2023 were 42 times more likely to receive a QR code phishing – or “quishing” – attack. The post QR Code Phishing Attacks Target High-Level Executives: Report appeared first on Security Boulevard.

Phishing 125
article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

Canada to ban the Flipper Zero to stop surge in car thefts

Bleeping Computer

The Canadian government plans to ban the Flipper Zero and similar devices after tagging them as tools thieves can use to steal cars. [.

article thumbnail

New Coyote Trojan Targets 61 Brazilian Banks with Nim-Powered Attack

The Hacker News

Sixty-one banking institutions, all of them originating from Brazil, are the target of a new banking trojan called Coyote. "This malware utilizes the Squirrel installer for distribution, leveraging Node.js and a relatively new multi-platform programming language called Nim as a loader to complete its infection," Russian cybersecurity firm Kaspersky said in a Thursday report.

Banking 119
article thumbnail

New RustDoor macOS malware impersonates Visual Studio update

Bleeping Computer

A new Rust-based macOS malware spreading as a Visual Studio update to provide backdoor access to compromised systems uses infrastructure linked to the infamous ALPHV/BlackCat ransomware gang. [.

Malware 117
article thumbnail

Ivanti urges customers to patch yet another critical vulnerability

Malwarebytes

In a new blog post, Ivanti says that it has found another vulnerability and urges customers to “immediately take action to ensure you are fully protected”. This vulnerability only affects a limited number of supported versions–Ivanti Connect Secure (version 9.1R14.4, 9.1R17.2, 9.1R18.3, 22.4R2.2 and 22.5R1.1), Ivanti Policy Secure version 22.5R1.1 and ZTA version 22.6R1.3.

article thumbnail

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

article thumbnail

New Fortinet RCE bug is actively exploited, CISA confirms

Bleeping Computer

CISA confirmed today that attackers are actively exploiting a critical remote code execution (RCE) bug patched by Fortinet on Thursday. [.

132
132
article thumbnail

Hands-on Review: Myrror Security Code-Aware and Attack-Aware SCA

The Hacker News

Introduction The modern software supply chain represents an ever-evolving threat landscape, with each package added to the manifest introducing new attack vectors. To meet industry requirements, organizations must maintain a fast-paced development process while staying up-to-date with the latest security patches.

Software 113
article thumbnail

Americans lost record $10 billion to fraud in 2023, FTC warns

Bleeping Computer

The U.S. Federal Trade Commission (FTC) says Americans over $10 billion to scammers in 2023, marking a 14% increase in reported losses compared to the previous year. [.

116
116
article thumbnail

Exploiting a vulnerable Minifilter Driver to create a process killer

Security Affairs

Researcher demonstrated how to exploit a signed Minifilter Driver in a BYOVD attack to terminate a specific process from the kernel. Exploiting a signed Minifilter Driver that can be used to used the BYOVD attack technique to a program able to terminate a specific process from the kernel. Exploiting a vulnerable Minifilter Driver to create a process killer Bring Your Own Vulnerable Driver (BYOVD) is a technique that uses a vulnerable driver in order to achieve a specific goal.

Malware 112
article thumbnail

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

article thumbnail

Microsoft: Outlook clients not syncing over Exchange ActiveSync

Bleeping Computer

Microsoft warned Outlook for Microsoft 365 users that clients might have issues connecting to email servers via Exchange ActiveSync after a January update. [.

121
121
article thumbnail

Fortinet warns of a new actively exploited RCE flaw in FortiOS SSL VPN

Security Affairs

Fortinet warns that the recently discovered critical remote code execution flaw in FortiOS SSL VPN, tracked CVE-2024-21762, is being actively exploited. Fortinet is warning that the recently discovered critical remote code execution vulnerability in FortiOS SSL VPN, tracked as CVE-2024-21762 (CVSS score 9.6), is actively exploited in attacks in the wild.

VPN 106
article thumbnail

No Click Required: PoC Available for ClamAV Command Injection Bug (CVE-2024-20328)

Penetration Testing

A proof-of-concept (PoC) for CVE-2024-20328, a critical vulnerability in ClamAV, a popular open-source antivirus engine, that allows arbitrary code execution, was published. The vulnerability exploits the unsuspecting nature of ClamAV’s VirusEvent feature. It is here,... The post No Click Required: PoC Available for ClamAV Command Injection Bug (CVE-2024-20328) appeared first on Penetration Testing.

article thumbnail

Ivanti warns of a new auth bypass flaw in its Connect Secure, Policy Secure, and ZTA gateway devices

Security Affairs

Ivanti warns customers of a new authentication bypass vulnerability in its Connect Secure, Policy Secure, and ZTA gateway devices. Ivanti has warned customers of a new high-severity security vulnerability, tracked as CVE-2024-22024 (CVSS score 8.3), in its Connect Secure, Policy Secure, and ZTA gateway devices that could allow attackers to bypass authentication.

article thumbnail

From Complexity to Clarity: Strategies for Effective Compliance and Security Measures

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.

article thumbnail

Insider Data Breach at Verizon Affects Over 63,000 Employees

Heimadal Security

An insider data breach at Verizon has compromised the personal information of more than 63,000 employees, nearly half of the company’s global workforce. The telecommunications giant disclosed the incident in a Data Breach Notification with the Office of the Maine Attorney General, revealing that the breach occurred around September 21, 2023, due to unauthorized access […] The post Insider Data Breach at Verizon Affects Over 63,000 Employees appeared first on Heimdal Security Blog.

article thumbnail

CVE-2024-22394 Exposed: SonicWall SSL-VPN’s Authentication Flaw

Penetration Testing

Recently, a critical flaw, nestled within the SSL-VPN feature of SonicWall’s SonicOS, has been brought to light, exposing a gap wide enough for remote attackers to slip through unnoticed. Dubbed CVE-2024-22394, this vulnerability exposes... The post CVE-2024-22394 Exposed: SonicWall SSL-VPN’s Authentication Flaw appeared first on Penetration Testing.

article thumbnail

Tax Season Alert: Common scams and cracked software

Webroot

OpenText is committed to providing you with the latest intelligence and tips to safeguard your digital life, especially during high-risk periods like tax season. Our threat analysts are constantly monitor the ebb and flow of various threats. One trend that has recently caught our attention is the notable spike in malware-infected cracked software, particularly as we enter tax season.

Scams 87
article thumbnail

The 11 Best Identity and Access Management Tools (2024)

Heimadal Security

Demand for Identity and Access Management tools is booming. According to data website Statista, the market for this technology is set to reach over USD $43 billion by 2029 – almost triple the 2022 level. Today, there are dozens of Identity and Access Management tools on the market. This can make choosing between providers very […] The post The 11 Best Identity and Access Management Tools (2024) appeared first on Heimdal Security Blog.

article thumbnail

Successful Change Management with Enterprise Risk Management

Speaker: William Hord, Vice President of ERM Services

A well-defined change management process is critical to minimizing the impact that change has on your organization. Leveraging the data that your ERM program already contains is an effective way to help create and manage the overall change management process within your organization. Your ERM program generally assesses and maintains detailed information related to strategy, operations, and the remediation plans needed to mitigate the impact on the organization.

article thumbnail

Old Vulnerabilities, New Attacks: Encrypted MalDocs Evade Detection

Penetration Testing

In the fast-paced world of cybersecurity, where new threats emerge daily, it’s all too easy to forget about the dangers lurking in the shadows of the past. However, a recent investigation by Check Point... The post Old Vulnerabilities, New Attacks: Encrypted MalDocs Evade Detection appeared first on Penetration Testing.

article thumbnail

Chinese Threat Actors Concealed in US Infrastructure Networks

Heimadal Security

According to a joint alert from CISA, the NSA, the FBI, and partner Five Eyes organizations, the Chinese cyberespionage group Volt Typhoon entered a critical infrastructure network in the United States and remained undiscovered for at least five years before being identified. What We Know So Far The Chinese threat group is known for extensively […] The post Chinese Threat Actors Concealed in US Infrastructure Networks appeared first on Heimdal Security Blog.

article thumbnail

How URL Spoofing Makes Benign Applications Deadly

SecureBlitz

Learn how URL spoofing makes benign applications deadly. In the digital age, trust is a currency more valuable than gold. We trust websites with our personal information, apps with our data, and links with our clicks. But what happens when that trust is weaponized? That's the insidious nature of URL spoofing, a cyber threat that […] The post How URL Spoofing Makes Benign Applications Deadly appeared first on SecureBlitz Cybersecurity.

article thumbnail

Mac Under Attack: New Rust Backdoor Discovered!

Penetration Testing

Bitdefender has uncovered a never-before-seen backdoor targeting Mac users, christened Trojan.MAC.RustDoor. This malware, coded in Rust, boasts unique features. The deception begins with an imitation of a Visual Studio update, a guise cleverly chosen... The post Mac Under Attack: New Rust Backdoor Discovered! appeared first on Penetration Testing.

article thumbnail

ERM Program Fundamentals for Success in the Banking Industry

Speaker: William Hord, Senior VP of Risk & Professional Services

Enterprise Risk Management (ERM) is critical for industry growth in today’s fast-paced and ever-changing risk landscape. When building your ERM program foundation, you need to answer questions like: Do we have robust board and management support? Do we understand and articulate our bank’s risk appetite and how that impacts our business units? How are we measuring and rating our risk impact, likelihood, and controls to mitigate our risk?