Fri.Feb 23, 2024

article thumbnail

AIs Hacking Websites

Schneier on Security

New research : LLM Agents can Autonomously Hack Websites Abstract: In recent years, large language models (LLMs) have become increasingly capable and can now interact with tools (i.e., call functions), read documents, and recursively call themselves. As a result, these LLMs can now function autonomously as agents. With the rise in capabilities of these agents, recent work has speculated on how LLM agents would affect cybersecurity.

Hacking 255
article thumbnail

Weekly Update 388

Troy Hunt

It's just been a joy to watch the material produced by the NCA and friends following the LockBit takedown this week. So much good stuff from the agencies themselves, not just content but high quality trolling too. Then there's the whole ecosystem of memes that have since emerged and provided endless hours of entertainment 😊 I'm sure we'll see a lot more come out of this yet and inevitably there's seized material that will still be providing value to further inves

Phishing 253
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Friday Squid Blogging: Illex Squid and Climate Change

Schneier on Security

There are correlations between the populations of the Illex Argentines squid and water temperatures. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here.

203
203
article thumbnail

CVE-2024-26582 (CVSS 8.4): Linux Kernel Code Execution Vulnerability

Penetration Testing

A high-severity vulnerability, designated CVE-2024-26582, has been discovered within the Transport Layer Security (TLS) subsystem of the Linux kernel. This flaw stems from a use-after-free error in the way kTLS (the kernel’s TLS implementation)... The post CVE-2024-26582 (CVSS 8.4): Linux Kernel Code Execution Vulnerability appeared first on Penetration Testing.

article thumbnail

The Importance of User Roles and Permissions in Cybersecurity Software

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

article thumbnail

UnitedHealth confirms Optum hack behind US healthcare billing outage

Bleeping Computer

Healthcare giant UnitedHealth Group confirmed that its subsidiary Optum was forced to shut down IT systems and various services after a cyberattack by "nation-state" hackers on the Change Healthcare platform. [.

article thumbnail

What Is Identity and Access Management (IAM)?

Tech Republic Security

Learn more about IAM and its importance in securing digital identities and managing access privileges in this comprehensive guide.

141
141

More Trending

article thumbnail

4 Best Free VPNs for 2024

Tech Republic Security

Looking for the best free VPNs? Check out our guide to find the most reliable and secure options for protecting your online privacy that won’t break the bank.

Banking 124
article thumbnail

U-Haul says hacker accessed customer records using stolen creds

Bleeping Computer

U-Haul has started informing customers that a hacker used stolen account credentials to access an internal system for dealers and team members to track customer reservations. [.

article thumbnail

Organizations Unprepared to Face Cloud Security Threats

Security Boulevard

The Cloud Security Alliance (CSA) State of Security Remediation report underscored the difficult balancing act cloud security experts face. The post Organizations Unprepared to Face Cloud Security Threats appeared first on Security Boulevard.

article thumbnail

Prescription orders delayed as US pharmacies grapple with “nation-state” cyber attack

Graham Cluley

Prescription orders across the United States are reportedly being delayed after a cyber attack impacted a healthcare technology firm that supplies services to pharmacies, including CVS Health. Read more in my article on the Hot for Security blog.

article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

Hackers Exploit ConnectWise Bugs to Deploy LockBit Ransomware

Security Boulevard

Cyberattacks exploiting critical vulnerabilities in ConnectWise’s remote monitoring and management (RMM) tool revealed this week have snowballed and some bad actors are using it to deploy LockBit ransomware, which was the target of a recent international law enforcement operation. The information shows the merging of two of the more significant news stories in the cybersecurity.

article thumbnail

Insomniac Games alerts employees hit by ransomware data breach

Bleeping Computer

Sony subsidiary Insomniac Games is sending data breach notification letters to employees whose personal information was stolen and leaked online following a Rhysida ransomware attack in November. [.

article thumbnail

Avast Hit With $16.5 Million Fine for Selling Customer Data

Security Boulevard

Avast Software will pay a $16.5 million fine to settle a federal complaint accusing the antivirus vendor of collecting users’ browsing data over six years and selling it to advertising companies without their consent. In fact, Avast did all this while promising users that its products would protect consumers from being tracked online, according to. The post Avast Hit With $16.5 Million Fine for Selling Customer Data appeared first on Security Boulevard.

Antivirus 110
article thumbnail

Joomla! patches XSS flaws that could lead to remote code execution

Malwarebytes

On February 20, Joomla! posted details about four vulnerabilities it had fixed in its Content Management System (CMS), and one in the Joomla! Framework that affects the CMS. Joomla! is an open-source CMS that’s been around since 2005, and has been one of the most popular CMS platforms by market share for much of that time. Many companies, from small outfits to large enterprises, use a CMS in some form to manage their websites.

article thumbnail

Cybersecurity Predictions for 2024

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

article thumbnail

Microsoft Releases PyRIT - A Red Teaming Tool for Generative AI

The Hacker News

Microsoft has released an open access automation framework called PyRIT (short for Python Risk Identification Tool) to proactively identify risks in generative artificial intelligence (AI) systems.

article thumbnail

Google Pay app shutting down in US, users have till June to move fund

Bleeping Computer

Google is retiring the standalone Pay app in the United States. Users have until June 4 to transfer the balance to bank accounts. [.

Banking 123
article thumbnail

Navigating the Dual Impact of AI in Cybersecurity

Approachable Cyber Threats

Category Awareness, Artificial Intelligence Risk Level Artificial Intelligence (AI) is set to be the newest ally for many companies, but it’s also set to be the newest threat. The realm of cybersecurity is undergoing a transformation, guided by the omnipresent force of Artificial Intelligence (AI). As we navigate this dynamic landscape, AI emerges as both the guardian of digital fortresses and the stealthy architect of cyber threats.

article thumbnail

FTC sues H&R Block over deceptive 'free' online filing ads

Bleeping Computer

The U.S. Federal Trade Commission (FTC) sued tax preparation giant H&R Block over the company's deceptive "free" online filing advertising and for pressuring people into overpaying for its services. [.

article thumbnail

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

article thumbnail

Dormant PyPI Package Compromised to Spread Nova Sentinel Malware

The Hacker News

A dormant package available on the Python Package Index (PyPI) repository was updated nearly after two years to propagate an information stealer malware called Nova Sentinel.

Malware 107
article thumbnail

Google Pay app shutting down in US, users have till June to move funds

Bleeping Computer

Google is retiring the standalone Pay app in the United States. Users have until June 4 to transfer the balance to bank accounts. [.

Banking 117
article thumbnail

brutespray: Automatically attempts default creds on found services

Penetration Testing

brutespray Brutespray has been updated to golang. Without needing to rely on other tools this version will be extensible to bruteforce many different services and is way faster than its Python counterpart. Currently, Brutespray... The post brutespray: Automatically attempts default creds on found services appeared first on Penetration Testing.

article thumbnail

Windows Photos gets AI magic eraser on Windows 10 and later

Bleeping Computer

Microsoft's Windows Photos app now has its own generative erase tool that enables users to replace unwanted objects with AI-generated content.

98
article thumbnail

5 Key Findings From the 2023 FBI Internet Crime Report

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

article thumbnail

230K individuals impacted by a data breach suffered by Telco provider Tangerine

Security Affairs

Australian telecommunications provider Tangerine disclosed a data breach that impacted roughly 230,000 individuals. Tangerine suffered a data breach that exposed the personal information of roughly 230,000 individuals. The security breach occurred on Sunday 18 February 2024, but Tangerine management became aware of the incident on Tuesday 20 February 2024.

article thumbnail

Google Cloud Run Abused in Massive Banking Trojan Operation

Heimadal Security

Researchers in security are issuing warnings about threat actors misusing Google Cloud Run to spread large amounts of banking trojans, such as Astaroth, Mekotio, and Ousaban. With Google Cloud Run, customers can manage workloads and launch front-end and back-end services, websites, and apps without having to worry about scaling or maintaining an infrastructure.

Banking 96
article thumbnail

Update now! ConnectWise ScreenConnect vulnerability needs your attention

Malwarebytes

ConnectWise is warning self-hosted and on-premise customers that they need to take immediate action to remediate a critical vulnerability in its ScreenConnect remote desktop software. This software is typically used in data-centers and for remote assistance. Together ConnectWise’s partners manage millions of endpoints (clients). A Shadowserver scan revealed approximately 3,800 vulnerable ConnectWise ScreenConnect instances on Wednesday, most of them in the US. ~3800 vulnerable ConnectWise Screen

article thumbnail

How to Use Tines's SOC Automation Capability Matrix

The Hacker News

Created by John Tuckner and the team at workflow and automation platform Tines, the SOC Automation Capability Matrix (SOC ACM) is a set of techniques designed to help security operations teams understand their automation capabilities and respond more effectively to incidents.

95
article thumbnail

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

article thumbnail

Biden Signs Executive Order to Boost Maritime Cybersecurity Amid China Concerns

Heimadal Security

President Joe Biden has signed an executive order to enhance cybersecurity at U.S. ports. $20 billion will be invested in port upgrades, including a shift to trusted crane suppliers. This measure counteracts risks posed by the use of cranes made by China, and aims to expand the Coast Guard’s authority. Strengthening U.S. Port Cybersecurity The […] The post Biden Signs Executive Order to Boost Maritime Cybersecurity Amid China Concerns appeared first on Heimdal Security Blog.

article thumbnail

minder: Software Supply Chain Security Platform

Penetration Testing

What is Minder? Minder by Stacklok is an open-source platform that helps development teams and open-source communities build more secure software, and prove to others that what they’ve built is secure. Minder helps project owners... The post minder: Software Supply Chain Security Platform appeared first on Penetration Testing.

article thumbnail

Why Do We Need Endpoint Security in 2024?

Security Boulevard

Before understanding the need for endpoint security, let’s make you see through a recent study on the same. Around 68% of businesses experienced a targeted endpoint attack that compromised their IT infrastructure. Devices also experienced the same percentage rise in cyber attacks compared to previous years. What is Endpoint Security? Endpoint security can be defined […] The post Why Do We Need Endpoint Security in 2024?

article thumbnail

The 9 Best Datto Alternatives in 2024 (for MSPs)

Heimadal Security

While Datto is undoubtedly a powerful solution, it has certain limitations which can be frustrating for MSPs. Let’s learn more about some of these limitations, and explore alternative solutions you should consider. Reasons MSPs Are Looking for Datto Alternatives Datto is a data backup and recovery provider. They build hardware which sits in client offices […] The post The 9 Best Datto Alternatives in 2024 (for MSPs) appeared first on Heimdal Security Blog.

Backups 78
article thumbnail

From Complexity to Clarity: Strategies for Effective Compliance and Security Measures

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.