Wed.Feb 21, 2024

article thumbnail

Details of a Phone Scam

Schneier on Security

First-person account of someone who fell for a scam, that started as a fake Amazon service rep and ended with a fake CIA agent, and lost $50,000 cash. And this is not a naive or stupid person. The details are fascinating. And if you think it couldn’t happen to you, think again. Given the right set of circumstances, it can. It happened to Cory Doctorow.

Scams 319
article thumbnail

SHARED INTEL: Poll shows companies pursuing ‘Digital Trust’ reap benefits as laggards fall behind

The Last Watchdog

Achieving “ digital trust ” is not going terribly well globally. Related: How decentralized IoT boosts decarbonization Yet, more so than ever, infusing trustworthiness into modern-day digital services has become mission critical for most businesses. Now comes survey findings that could perhaps help to move things in the right direction. According to DigiCert’s 2024 State of Digital Trust Survey results, released today , companies proactively pursuing digital trust are seeing boosts in revenue, i

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Should IT and Security Teams Play a Role in Crisis Communications?

Tech Republic Security

Australian IT and security teams should play key roles in communications during outages and cyber attacks; they also need to be prepared to act when such a tech-related crisis occurs.

article thumbnail

How Thales and Red Hat Protect Telcos from API Attacks

Thales Cloud Protection & Licensing

How Thales and Red Hat Protect Telcos from API Attacks madhav Thu, 02/22/2024 - 04:55 Application programming interfaces (APIs) power nearly every aspect of modern applications and have become the backbone of today’s economy. Every time you send a mobile payment, search for airline flight prices, or book a restaurant reservation - you are using an API.

article thumbnail

Enhance Innovation and Governance Through the Cloud Development Maturity Model

Leverage the Cloud Development Environment Maturity Model to elevate your software development practices with scalable, secure cloud-based workspaces. This model offers a structured approach to modernizing development, aligning technology, developer experience, security, and workflows. By implementing Cloud Development Environments (CDEs), teams can boost efficiency, improve security, and streamline operations through centralized governance.

article thumbnail

Vibrator virus steals your personal information

Malwarebytes

I know that some of you are expecting a post similar to that about a toothbrush botnet , but this is not a hypothetical case. It actually happened. A Malwarebytes Premium customer started a thread on Reddit saying we had blocked malware from trying to infect their computer after they connected a vibrator to a USB port in order to charge the device. The vibrator, Spencer’s Sexology Pussy Power 8-Function Rechargeable Bullet Vibrator, was infected with an information stealer known as Lumma.

Software 144
article thumbnail

New Wi-Fi Vulnerabilities Expose Android and Linux Devices to Hackers

The Hacker News

Cybersecurity researchers have identified two authentication bypass flaws in open-source Wi-Fi software found in Android, Linux, and ChromeOS devices that could trick users into joining a malicious clone of a legitimate network or allow an attacker to join a trusted network without a password.

More Trending

article thumbnail

IT Email Templates: Security Alerts

Tech Republic Security

All company communication needs may vary but certain standard template messages can come in handy for IT staff to keep employees up to date on “need to know” informational bulletins. These bulletins may be one-off or regularly scheduled communications to help raise awareness about your technology processes, accepted procedures and best practices or to explain.

article thumbnail

CVE-2024-22243: Spring Framework Flaw Opens Doors to Redirects and SSRF Attacks

Penetration Testing

The Spring Framework, a cornerstone of countless enterprise Java applications, recently revealed a significant vulnerability (CVE-2024-22243). This high-severity flaw could enable attackers to exploit applications that process external URLs, potentially leading to open redirect... The post CVE-2024-22243: Spring Framework Flaw Opens Doors to Redirects and SSRF Attacks appeared first on Penetration Testing.

article thumbnail

A first analysis of the i-Soon data leak

Malwarebytes

Data from a Chinese cybersecurity vendor that works for the Chinese government has exposed a range of hacking tools and services. Although the source is not entirely clear, it seems that a disgruntled staff member of the group leaked the information on purpose. The vendor, i-Soon (aka Anxun) is believed to be a private contractor that operates as an Advanced Persistent Threat (APT) -for-hire, servicing China’s Ministry of Public Security (MPS).

article thumbnail

U.S. Offers $15 Million Bounty to Hunt Down LockBit Ransomware Leaders

The Hacker News

The U.S. State Department has announced monetary rewards of up to $15 million for information that could lead to the identification of key leaders within the LockBit ransomware group and the arrest of any individual participating in the operation.

article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!

article thumbnail

CVE-2024-21678: High-Severity Atlassian Confluence XSS – Act Now

Penetration Testing

Atlassian has released a security update addressing CVE-2024-21678 (CVSS 8.5), a high-severity stored cross-site scripting (XSS) vulnerability impacting multiple Confluence Server and Data Center versions. Organizations using the affected software must prioritize immediate patching... The post CVE-2024-21678: High-Severity Atlassian Confluence XSS – Act Now appeared first on Penetration Testing.

article thumbnail

Critical flaw found in deprecated VMware EAP. Uninstall it immediately

Security Affairs

VMware urges customers to uninstall the deprecated Enhanced Authentication Plugin (EAP) after the disclosure of a critical flaw CVE-2024-22245. VMware is urging users to uninstall the deprecated Enhanced Authentication Plugin (EAP) after the discovery of an arbitrary authentication relay flaw CVE-2024-22245 (CVSS score: 9.6). A threat actor could trick a domain user with EAP installed in its web browser into requesting and relaying service tickets for arbitrary Active Directory Service Principal

article thumbnail

CVE-2023-7235: OpenVPN Vulnerability Puts Windows Users at Risk

Penetration Testing

OpenVPN has released version 2.6.9 for Windows, Mac, and Linux, addressing a severe privilege escalation vulnerability (CVE-2023-7235). This flaw, discovered by Will Dormann, affects Windows GUI installations of OpenVPN. During non-standard OpenVPN GUI installations... The post CVE-2023-7235: OpenVPN Vulnerability Puts Windows Users at Risk appeared first on Penetration Testing.

article thumbnail

5 Trends Shaping Cybersecurity Strategy: AI Threats, SASE, ZTNA & XDR

Security Boulevard

The cybersecurity landscape is challenging, and organizations must evolve defense measures in response to escalating threats. The post 5 Trends Shaping Cybersecurity Strategy: AI Threats, SASE, ZTNA & XDR appeared first on Security Boulevard.

article thumbnail

The Importance of User Roles and Permissions in Cybersecurity Software

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

article thumbnail

Astaroth malware uses YouTube channel descriptions for hacks

SecureBlitz

In 2020, the digital landscape witnessed a cunning maneuver by the infamous Astaroth malware. This infostealing Trojan, notorious for targeting Brazilian users, adopted a novel tactic to evade detection and compromise unsuspecting victims: hiding its malicious code within YouTube channel descriptions. Cisco Talos researchers first uncovered this devious strategy, revealing that Astaroth embedded encrypted and […] The post Astaroth malware uses YouTube channel descriptions for hacks appeare

Malware 114
article thumbnail

New Mustang Panda campaign targets Asia with a backdoor dubbed DOPLUGS

Security Affairs

China-linked APT group Mustang Panda targeted various Asian countries with a variant of the PlugX (aka Korplug) backdoor dubbed DOPLUGS. Trend Micro researchers uncovered a cyberespionage campaign, carried out by China-linked APT group Mustang Panda , targeting Asian countries, including Taiwan, Vietnam, and Malaysia. Mustang Panda has been active since at least 2012, it targeted American and European entities such as government organizations, think tanks, NGOs , and even Catholic organiza

Malware 115
article thumbnail

How to Perform a Firewall Audit in 11 Steps (+Free Checklist)

eSecurity Planet

A firewall audit is a procedure for reviewing and reconfiguring firewalls as needed so they still suit your organization’s security goals. Over time, business network needs, traffic patterns, and application access change. Auditing your firewall is one of the most important steps to ensuring it’s still equipped to protect the perimeter of your business’ network.

Firewall 113
article thumbnail

Ask These 5 AI Cybersecurity Questions for a More Secure Approach to Adversarial Machine Learning

NetSpi Executives

Artificial Intelligence (AI) and Machine Learning (ML) present limitless possibilities for enhancing business processes, but they also expand the potential for malicious actors to exploit security risks. Like many technologies that came before it, AI is advancing faster than security standards can keep up with. That’s why we guide security leaders to go a step further by taking an adversarial lens to their company’s AI and ML implementations.

article thumbnail

IT Leadership Agrees AI is Here, but Now What?

IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty. As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success.

article thumbnail

ScreenConnect critical bug now under attack as exploit code emerges

Bleeping Computer

Both technical details and proof-of-concept exploits are available for the two vulnerabilities ConnectWise disclosed earlier this week for ScreenConnect, its remote desktop and access software. [.

Software 108
article thumbnail

APT29’s Espionage Campaign Exploits WinRAR Flaw, Targets Embassies

Penetration Testing

In September 2023, the infamous Russian-linked cyber-espionage group APT29 flexed its muscle again, this time targeting embassies of several nations with a well-crafted attack. The group exploited a critical vulnerability in WinRAR (CVE-2023-38831) to... The post APT29’s Espionage Campaign Exploits WinRAR Flaw, Targets Embassies appeared first on Penetration Testing.

article thumbnail

New Redis miner Migo uses novel system weakening techniques

Security Affairs

A new malware campaign targets Redis servers to deploy the mining crypto miner Migo on compromised Linux hosts. Caro Security researchers have observed a new malware campaign targeting Redis servers with a crypto miner dubbed Migo. The campaign stands out for the use of several novel system weakening techniques against the data store itself. Migo is a Golang ELF binary with compile-time obfuscation, it is also able to maintain persistence on Linux hosts.

Malware 107
article thumbnail

What Is a Circuit-Level Gateway? Definitive Guide

eSecurity Planet

A circuit-level gateway (CLG) is a firewall feature that acts as a proxy and filters packets based on session information. CLGs are important because they provide specialized security filtering and prevent the discovery of IP addresses and open ports on CLG-protected devices. The best use cases stem from how CLGs work, their pros, cons, and how they function differently than other potential solutions.

Firewall 105
article thumbnail

Cybersecurity Predictions for 2024

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

article thumbnail

CVE-2024-1709 & 1708: ScreenConnect Vulnerabilities Under Active Attack

Penetration Testing

In alarming news from February 2024, ConnectWise, a prevalent provider of remote desktop software, disclosed severe security flaws within their ScreenConnect product. These flaws pose an immediate danger, with active exploitation already observed. The... The post CVE-2024-1709 & 1708: ScreenConnect Vulnerabilities Under Active Attack appeared first on Penetration Testing.

article thumbnail

Hackers abuse Google Cloud Run in massive banking trojan campaign

Bleeping Computer

Security researchers are warning of hackers abusing the Google Cloud Run service to distribute massive volumes of banking trojans like Astaroth, Mekotio, and Ousaban. [.

Banking 106
article thumbnail

Reopening the Bat Cave: Duo Labs Is Back

Duo's Security Blog

Duo Labs is back! Well, not exactly in the same form — but the sentiment, heart, and function of Duo Labs is back. For the curious, the original Duo Labs was a team of amazing security researchers, tinkerers, and thinkers that published their findings, experiments, and explorations on the Duo Labs site. Perhaps most famously, the team sent a phone equipped with Duo mobile into space — attempting to complete a Duo push from 90,000 feet.

article thumbnail

US offers $15 million bounty for info on LockBit ransomware gang

Bleeping Computer

The U.S. State Department is now also offering rewards of up to $15 million to anyone who can provide information about LockBit ransomware gang members and their associates. [.

article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

Smashing Security podcast #360: Lockbit locked out, and funeral Facebook scams

Graham Cluley

Heaven's above! Scammers are exploiting online funerals, and Lockbit - the "Walmart of Ransomware" - is dismantled in style by cyber cops. All this and more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault.

Scams 100
article thumbnail

6 Ways to Simplify SaaS Identity Governance

The Hacker News

With SaaS applications now making up the vast majority of technology used by employees in most organizations, tasks related to identity governance need to happen across a myriad of individual SaaS apps.

article thumbnail

Episode 256: Recursive Pollution? Data Feudalism? Gary McGraw On LLM Insecurity

The Security Ledger

Paul speaks with Gary McGraw of the Berryville Institute of Machine Learning (BIML), about the risks facing large language model machine learning and artificial intelligence, and how organizations looking to leverage artificial intelligence and LLMs can insulate themselves from those risks. The post Episode 256: Recursive Pollution? Data. Read the whole entry. » Click the icon below to listen.

article thumbnail

Cybersecurity for Healthcare—Diagnosing the Threat Landscape and Prescribing Solutions for Recovery

The Hacker News

On Thanksgiving Day 2023, while many Americans were celebrating, hospitals across the U.S. were doing quite the opposite. Systems were failing. Ambulances were diverted. Care was impaired.

article thumbnail

5 Key Findings From the 2023 FBI Internet Crime Report

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.