Sun.Mar 31, 2024

article thumbnail

Cybersecurity Tabletop Exercises: How Far Should You Go?

Lohrman on Security

With global cyber threats and other international tensions growing, what scenarios should state and local governments consider when conducting exercises to test their people, processes and technology?

article thumbnail

xz-utils backdoor: how to get started

Kali Linux

Following the recent disclosure of a backdoor in upstream xz/liblzma , we are writing this “get started” kind of blog post. We will explain how to setup an environment with the backdoored version of liblzma, and then the first commands to run to validate that the backdoor is installed. All in all, it should just take a few minutes, and there’s no learning curve, it’s all very simple.

Internet 145
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

CVE-2024-0582: Serious Linux Kernel Bug Opens Door to System Takeovers, PoC Published

Penetration Testing

The technical details and proof-of-concept (PoC) exploit code has been released for a significant vulnerability, designated CVE-2024-0582 (CVSS 7.8) in the Linux kernel. The flaw, affecting versions 6.4 through 6.6, could allow attackers with local... The post CVE-2024-0582: Serious Linux Kernel Bug Opens Door to System Takeovers, PoC Published appeared first on Penetration Testing.

article thumbnail

DinodasRAT Linux variant targets users worldwide

Security Affairs

A Linux variant of the DinodasRAT backdoor used in attacks against users in China, Taiwan, Turkey, and Uzbekistan, researchers from Kaspersky warn. Researchers from Kaspersky uncovered a Linux version of a multi-platform backdoor DinodasRAT that was employed in attacks targeting China, Taiwan, Turkey, and Uzbekistan. DinodasRAT (aka XDealer ) is written in C++ and supports a broad range of capabilities to spy on users and steal sensitive data from a target’s system.

article thumbnail

The Importance of User Roles and Permissions in Cybersecurity Software

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

article thumbnail

DinodasRAT malware targets Linux servers in espionage campaign

Bleeping Computer

Security researchers have observed Red Hat and Ubuntu systems being attacked by a Linux version of the DinodasRAT (also known as XDealer) that may have been operating since 2022. [.

Malware 129
article thumbnail

Vultur Android Banking Trojan Returns with Upgraded Remote Control Capabilities

The Hacker News

The Android banking trojan known as Vultur has resurfaced with a suite of new features and improved anti-analysis and detection evasion techniques, enabling its operators to remotely interact with a mobile device and harvest sensitive data.

Banking 123

More Trending

article thumbnail

Critical Backdoor Found in XZ Utils (CVE-2024-3094) Enables SSH Compromise

Security Boulevard

The Mend.io research team detected more than 100 malicious packages targeting the most popular machine learning (ML) libraries from the PyPi registry. The post Critical Backdoor Found in XZ Utils (CVE-2024-3094) Enables SSH Compromise appeared first on Mend. The post Critical Backdoor Found in XZ Utils (CVE-2024-3094) Enables SSH Compromise appeared first on Security Boulevard.

108
108
article thumbnail

Hackers Exploit Google Ads to Spread Malware Disguised as Popular Software

Penetration Testing

A new report released by AhnLab Security Intelligence Center (ASEC) uncovers a disturbing tactic hackers are using to spread malware: they’re leveraging Google Ads tracking features to redirect unsuspecting users to malicious websites. Key... The post Hackers Exploit Google Ads to Spread Malware Disguised as Popular Software appeared first on Penetration Testing.

article thumbnail

A Ghost Ship’s Doomed Journey Through the Gate of Tears

WIRED Threat Level

Millions lost internet service after three cables in the Red Sea were damaged. Houthi rebels deny targeting the cables, but their missile attack on a cargo ship, left adrift for months, is likely to blame.

article thumbnail

Apache Fineract Patches Multiple Flaws, Including Critical Privilege Escalation (CVE-2024-23539)

Penetration Testing

Apache Fineract, a widely used open-source core banking solution for financial institutions, has released security patches to address three vulnerabilities, one of which has been classified as ‘critical‘ The vulnerabilities could potentially allow attackers... The post Apache Fineract Patches Multiple Flaws, Including Critical Privilege Escalation (CVE-2024-23539) appeared first on Penetration Testing.

article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

You Should Update Apple iOS and Google Chrome ASAP

WIRED Threat Level

Plus: Microsoft patches over 60 vulnerabilities, Mozilla fixes two Firefox zero-day bugs, Google patches 40 issues in Android, and more.

Hacking 100
article thumbnail

It's surprisingly difficult for AI to create just a plain white image

Bleeping Computer

Generative AI services like Midjourney and OpenAI's DALL-E can deliver the unimaginable when it comes to stunning artifacts produced from simple text prompts. Sketching complex art imagery may be AI's specialty, yet some of the simplest tasks are evidently what AI struggles with the most. [.

article thumbnail

Global “Password Spraying” Campaign Targets VPN Systems, Causing Lockouts

Penetration Testing

Cisco has issued a critical warning about a widespread password spraying campaign targeting Remote Access VPN (RAVPN) systems used by businesses worldwide. This surge in attacks aims to overwhelm VPN logins with common passwords,... The post Global “Password Spraying” Campaign Targets VPN Systems, Causing Lockouts appeared first on Penetration Testing.

VPN 100
article thumbnail

Cybersecurity Tabletop Exercises: How Far Should You Go?

Security Boulevard

With global cyber threats and other international tensions growing, what scenarios should state and local governments consider when conducting exercises to test their people, processes and technology? The post Cybersecurity Tabletop Exercises: How Far Should You Go? appeared first on Security Boulevard.

article thumbnail

Cybersecurity Predictions for 2024

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

article thumbnail

Cookie Theft: The Cybersecurity Threat You Didn’t See Coming

Penetration Testing

Even with strengthened password security and multi-factor authentication (MFA), hackers are finding new ways to break in. A report by CyberArk reveals a sinister trend: the rise of ‘infostealer’ malware specifically designed to steal... The post Cookie Theft: The Cybersecurity Threat You Didn’t See Coming appeared first on Penetration Testing.

article thumbnail

New Hotel Lock Vulnerabilities, Glassdoor Anonymity Issues

Security Boulevard

In episode 323, the hosts discuss two prominent topics. The first segment discusses a significant vulnerability discovered in hotel locks, branded as ‘Unsaflok,’ affecting 3 million doors across 131 countries. The vulnerability allows attackers to create master keys from a regular key, granted access to all doors in a hotel. The co-hosts also discuss the […] The post New Hotel Lock Vulnerabilities, Glassdoor Anonymity Issues appeared first on Shared Security Podcast.

article thumbnail

Ross Anderson

Schneier on Security

Ross Anderson unexpectedly passed away Thursday night in, I believe, his home in Cambridge. I can’t remember when I first met Ross. Of course it was before 2008, when we created the Security and Human Behavior workshop. It was well before 2001, when we created the Workshop on Economics and Information Security. (Okay, he created both—I helped.

article thumbnail

XZ Utils Backdoor Vulnerability (CVE-2024-3094) Advisory

Security Boulevard

Overview NSFOCUS CERT recently detected that a backdoor vulnerability in XZ Utils (CVE-2024-3094) was disclosed from the security community, with a CVSS score of 10. Because the SSH underlying layer relies on liblzma, an attacker could exploit this vulnerability to bypass SSH authentication and gain unauthorized access to affected systems, allowing arbitrary code execution.

article thumbnail

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

article thumbnail

Security Affairs newsletter Round 465 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Expert found a backdoor in XZ tools used many Linux distributions German BSI warns of 17,000 unpatched Microsoft Exchange servers Cisco warns of password-spraying attacks targeting Secure Firewall devices American fast-fashion firm Hot Topic hit b

article thumbnail

Bombshell in SSH servers! What CVE-2024-3094 means for Kubernetes users

Security Boulevard

On March 29, 2024, Red Hat disclosed CVE-2024-3094, scoring a critical CVSS rating of 10. Stemming from a The post Bombshell in SSH servers! What CVE-2024-3094 means for Kubernetes users appeared first on ARMO. The post Bombshell in SSH servers! What CVE-2024-3094 means for Kubernetes users appeared first on Security Boulevard.

62