Krebs on Security

FEBRUARY 9, 2024

Until earlier this week, the support website for networking equipment vendor Juniper Networks was exposing potentially sensitive information tied to customer products, including which devices customers bought, as well as each product’s warranty status, service contracts and serial numbers. Juniper said it has since fixed the problem, and that the inadvertent data exposure stemmed from a recent upgrade to its support portal.

Artificial Intelligence 264

Artificial Intelligence Healthcare Accountability Banking 264

Schneier on Security

FEBRUARY 9, 2024

The widely reported story last week that 1.5 million smart toothbrushes were hacked and used in a DDoS attack is false. Near as I can tell, a German reporter talking to someone at Fortinet got it wrong , and then everyone else ran with it without reading the German text. It was a hypothetical, which Fortinet eventually confirmed. Or maybe it was a stock-price hack.

DDOS 249

DDOS Hacking Internet Internet 249

Malwarebytes

FEBRUARY 9, 2024

The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), and other authoring agencies have released a joint guidance about common living off the land (LOTL) techniques and common gaps in cyber defense capabilities. Living Off The Land (LOTL) is a covert cyberattack technique in which criminals carry out malicious activities using legitimate IT administration tools.

Software 144

Software Ransomware Backups Manufacturing 144

Tech Republic Security

FEBRUARY 9, 2024

Learn about the differences between Bitwarden's Free and Premium versions and decide which one is the right fit for your password management needs.

Password Management 138

Password Management Passwords 138

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

The Hacker News

FEBRUARY 9, 2024

Apple macOS users are the target of a new Rust-based backdoor that has been operating under the radar since November 2023. The backdoor, codenamed RustDoor by Bitdefender, has been found to impersonate an update for Microsoft Visual Studio and target both Intel and Arm architectures.

Architecture 136

Architecture 136

Security Boulevard

FEBRUARY 9, 2024

Cybercriminals are shifting their focus toward targeted identity fraud and scams resulting in fewer overall victims. The post 2023 Sees Record Data Compromises Amidst Changing Tactics appeared first on Security Boulevard.

Scams 134

Scams Social Engineering Data breaches Data privacy 134

Security Affairs

FEBRUARY 9, 2024

Black Basta ransomware gang claims the hack of the car maker Hyundai Motor Europe and the theft of three terabytes of their data. BleepingComputer reported that the Car maker Hyundai Motor Europe was breached by the Black Basta ransomware gang. The threat actors claim to have stolen three terabytes of data from the company. In January the company experienced IT issues, the outage was likely caused by the ransomware attack, but the company did not disclose it.

Hacking 133

Hacking Ransomware Data breaches Manufacturing 133

The Hacker News

FEBRUARY 9, 2024

Threat hunters have identified a new variant of Android malware called MoqHao that automatically executes on infected devices without requiring any user interaction. "Typical MoqHao requires users to install and launch the app to get their desired purpose, but this new variant requires no execution," McAfee Labs said in a report published this week.

Malware 128

Malware 128

Bleeping Computer

FEBRUARY 9, 2024

Microsoft warned Outlook for Microsoft 365 users that clients might have issues connecting to email servers via Exchange ActiveSync after a January update. [.

132

132

Security Boulevard

FEBRUARY 9, 2024

C-level executives and others in managerial positions are by far the top targets of increasingly popular phishing attacks that involve malicious QR codes. According to researchers with Abnormal Security, members of the C-suite in the fourth quarter of 2023 were 42 times more likely to receive a QR code phishing – or “quishing” – attack. The post QR Code Phishing Attacks Target High-Level Executives: Report appeared first on Security Boulevard.

Phishing 124

Phishing Mobile Malware Cybersecurity 124

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Bleeping Computer

FEBRUARY 9, 2024

The Canadian government plans to ban the Flipper Zero and similar devices after tagging them as tools thieves can use to steal cars. [.

Government 141

Government 141

Security Boulevard

FEBRUARY 9, 2024

The U.S. government appears eager to finish off what’s left of the notorious Hive ransomware group, offering a $10 million reward for information that leads to the identification and location of any of the leaders of the gang. The State Department on top of that is offering another $5 million for information that results in. The post US Offers $10 Million Reward for Info About Hive Ransomware Leaders appeared first on Security Boulevard.

Ransomware 123

Ransomware Government Malware Cybersecurity 123

Bleeping Computer

FEBRUARY 9, 2024

A new Rust-based macOS malware spreading as a Visual Studio update to provide backdoor access to compromised systems uses infrastructure linked to the infamous ALPHV/BlackCat ransomware gang. [.

Malware 120

Malware Ransomware 120

Security Affairs

FEBRUARY 9, 2024

Researcher demonstrated how to exploit a signed Minifilter Driver in a BYOVD attack to terminate a specific process from the kernel. Exploiting a signed Minifilter Driver that can be used to used the BYOVD attack technique to a program able to terminate a specific process from the kernel. Exploiting a vulnerable Minifilter Driver to create a process killer Bring Your Own Vulnerable Driver (BYOVD) is a technique that uses a vulnerable driver in order to achieve a specific goal.

Malware 117

Malware Hacking Accountability Software 117

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity

Bleeping Computer

FEBRUARY 9, 2024

CISA confirmed today that attackers are actively exploiting a critical remote code execution (RCE) bug patched by Fortinet on Thursday. [.

136

136

Malwarebytes

FEBRUARY 9, 2024

In a new blog post, Ivanti says that it has found another vulnerability and urges customers to “immediately take action to ensure you are fully protected”. This vulnerability only affects a limited number of supported versions–Ivanti Connect Secure (version 9.1R14.4, 9.1R17.2, 9.1R18.3, 22.4R2.2 and 22.5R1.1), Ivanti Policy Secure version 22.5R1.1 and ZTA version 22.6R1.3.

Authentication 111

Authentication Risk Cybersecurity 111

Bleeping Computer

FEBRUARY 9, 2024

The U.S. Federal Trade Commission (FTC) says Americans over $10 billion to scammers in 2023, marking a 14% increase in reported losses compared to the previous year. [.

118

118

Security Affairs

FEBRUARY 9, 2024

Fortinet warns that the recently discovered critical remote code execution flaw in FortiOS SSL VPN, tracked CVE-2024-21762, is being actively exploited. Fortinet is warning that the recently discovered critical remote code execution vulnerability in FortiOS SSL VPN, tracked as CVE-2024-21762 (CVSS score 9.6), is actively exploited in attacks in the wild.

VPN 109

VPN Firmware Malware Government 109

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

The Hacker News

FEBRUARY 9, 2024

The operators of Raspberry Robin are now using two new one-day exploits to achieve local privilege escalation, even as the malware continues to be refined and improved to make it stealthier than before.

Malware 107

Malware 107

Security Affairs

FEBRUARY 9, 2024

Ivanti warns customers of a new authentication bypass vulnerability in its Connect Secure, Policy Secure, and ZTA gateway devices. Ivanti has warned customers of a new high-severity security vulnerability, tracked as CVE-2024-22024 (CVSS score 8.3), in its Connect Secure, Policy Secure, and ZTA gateway devices that could allow attackers to bypass authentication.

Authentication 107

Authentication Software Internet Internet 107

Penetration Testing

FEBRUARY 9, 2024

A proof-of-concept (PoC) for CVE-2024-20328, a critical vulnerability in ClamAV, a popular open-source antivirus engine, that allows arbitrary code execution, was published. The vulnerability exploits the unsuspecting nature of ClamAV’s VirusEvent feature. It is here,... The post No Click Required: PoC Available for ClamAV Command Injection Bug (CVE-2024-20328) appeared first on Penetration Testing.

Penetration Testing 111

Penetration Testing Antivirus Engineering 111

Heimadal Security

FEBRUARY 9, 2024

An insider data breach at Verizon has compromised the personal information of more than 63,000 employees, nearly half of the company’s global workforce. The telecommunications giant disclosed the incident in a Data Breach Notification with the Office of the Maine Attorney General, revealing that the breach occurred around September 21, 2023, due to unauthorized access […] The post Insider Data Breach at Verizon Affects Over 63,000 Employees appeared first on Heimdal Security Blog.

Data breaches 97

Data breaches Telecommunications Cybersecurity 97

Advertisement

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

Identity Theft

The Hacker News

FEBRUARY 9, 2024

Sixty-one banking institutions, all of them originating from Brazil, are the target of a new banking trojan called Coyote. "This malware utilizes the Squirrel installer for distribution, leveraging Node.js and a relatively new multi-platform programming language called Nim as a loader to complete its infection," Russian cybersecurity firm Kaspersky said in a Thursday report.

Banking 91

Banking Malware Cybersecurity 91

Webroot

FEBRUARY 9, 2024

OpenText is committed to providing you with the latest intelligence and tips to safeguard your digital life, especially during high-risk periods like tax season. Our threat analysts are constantly monitor the ebb and flow of various threats. One trend that has recently caught our attention is the notable spike in malware-infected cracked software, particularly as we enter tax season.

Scams 90

Scams Software Identity Theft Malware 90

The Hacker News

FEBRUARY 9, 2024

Introduction The modern software supply chain represents an ever-evolving threat landscape, with each package added to the manifest introducing new attack vectors. To meet industry requirements, organizations must maintain a fast-paced development process while staying up-to-date with the latest security patches.

Software 90

Software 90

Heimadal Security

FEBRUARY 9, 2024

Demand for Identity and Access Management tools is booming. According to data website Statista, the market for this technology is set to reach over USD $43 billion by 2029 – almost triple the 2022 level. Today, there are dozens of Identity and Access Management tools on the market. This can make choosing between providers very […] The post The 11 Best Identity and Access Management Tools (2024) appeared first on Heimdal Security Blog.

Marketing 87

Marketing Technology 87

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

Cybersecurity

SecureBlitz

FEBRUARY 9, 2024

Learn how URL spoofing makes benign applications deadly. In the digital age, trust is a currency more valuable than gold. We trust websites with our personal information, apps with our data, and links with our clicks. But what happens when that trust is weaponized? That's the insidious nature of URL spoofing, a cyber threat that […] The post How URL Spoofing Makes Benign Applications Deadly appeared first on SecureBlitz Cybersecurity.

Cyber threats 84

Cyber threats Cybersecurity 84

Heimadal Security

FEBRUARY 9, 2024

According to a joint alert from CISA, the NSA, the FBI, and partner Five Eyes organizations, the Chinese cyberespionage group Volt Typhoon entered a critical infrastructure network in the United States and remained undiscovered for at least five years before being identified. What We Know So Far The Chinese threat group is known for extensively […] The post Chinese Threat Actors Concealed in US Infrastructure Networks appeared first on Heimdal Security Blog.

Cybersecurity 85

Cybersecurity 85

SecureBlitz

FEBRUARY 9, 2024

Here, I will talk about understanding the basics of casino game odds All online casino games are based on odds, and you need to understand the fundamental principles behind them if you hope to become a great casino player. Whether you’re interested in blackjack or roulette, our guide gives you a look at the basics […] The post Understanding the Basics of Casino Game Odds appeared first on SecureBlitz Cybersecurity.

Cybersecurity 81

Cybersecurity 81

Penetration Testing

FEBRUARY 9, 2024

In the fast-paced world of cybersecurity, where new threats emerge daily, it’s all too easy to forget about the dangers lurking in the shadows of the past. However, a recent investigation by Check Point... The post Old Vulnerabilities, New Attacks: Encrypted MalDocs Evade Detection appeared first on Penetration Testing.

Encryption 91

Encryption Penetration Testing Cybersecurity Malware 91

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.