Schneier on Security

MAY 19, 2023

Researchers are worried about Google’s.zip and.mov domains, because they are confusing. Mistaking a URL for a filename could be a security vulnerability.

Risk 192

Risk Phishing Cybersecurity 192

Tech Republic Security

MAY 19, 2023

New BEC cyberattacks use phishing with a legitimate Dropbox link as a lure for malware and credentials theft. The post How business email compromise attacks emulate legitimate web services to lure clicks appeared first on TechRepublic.

Phishing 151

Phishing Malware Cybersecurity 151

The Last Watchdog

MAY 19, 2023

The ransomware plague endures — and has arisen as a potent weapon in geopolitical conflicts. Related: The Golden Age of cyber espionage Cyber extortion remains a material threat to organizations of all sizes across all industries. Ransomware purveyors have demonstrated their capability to endlessly take advantage of a vastly expanded network attack surface – one that will only continue to expand as the shift to massively interconnected digital services accelerates.

Ransomware 124

Ransomware Internet Internet 124

Security Boulevard

MAY 19, 2023

Om Nom Nom Nom Nom: Privacy Sandbox inching towards reality. But concerns remain. The post Google Chrome 3rd Party Cookies Crumbling — Finally! appeared first on Security Boulevard.

Security Awareness 144

Security Awareness Risk Mobile Government 144

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Bleeping Computer

MAY 19, 2023

ASUS has apologized to its customers for a server-side security maintenance error that has caused a wide range of impacted router models to lose network connectivity. [.

Technology 145

Technology 145

Security Boulevard

MAY 19, 2023

This blog post explores the DevSecOps best practices that development teams can use to ensure that security is ingrained in the development process. The post 7 Essential DevSecOps Best Practices Every Development Team Should Implement appeared first on Security Boulevard.

125

125

CSO Magazine

MAY 19, 2023

The UK National Cyber Security Centre (NCSC) has urged businesses and security leaders to make accessibility a cybersecurity priority to help make systems more secure and human errors/workarounds less likely. It can also aid in meeting legal requirements, delivering better operational outcomes, and attracting and retaining more diverse talent, according to the NCSC.

Cybersecurity 122

Cybersecurity Security Awareness 122

Bleeping Computer

MAY 19, 2023

CISA warned today of a security vulnerability affecting Samsung devices used in attacks to bypass Android address space layout randomization (ASLR) protection. [.

139

139

CSO Magazine

MAY 19, 2023

Cybercrime gang Lemon Group has managed to get malware known as Guerrilla preinstalled on about 8.9 million Android-based smartphones, watches, TVs, and TV boxes globally, according to Trend Micro. The Guerilla malware can load additional payloads, intercept one-time passwords (OTPs) from SMS texts, set up a reverse proxy from the infected device, and infiltrate WhatsApp sessions.

Malware 119

Malware Cybercrime Mobile Advertising 119

Bleeping Computer

MAY 19, 2023

Dish Network, an American television provider, most likely paid a ransom after being hit by a ransomware attack in February based on the wording used in data breach notification letters sent to impacted employees. [.

Ransomware 112

Ransomware Data breaches 112

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Security Boulevard

MAY 19, 2023

It’s no secret that sensitive data management is a top priority for security teams, particularly during periods of widespread workforce changes like layoffs and pay reductions. But workforce volatility has made it increasingly difficult for organizations to prevent and resolve issues of insider threat and data loss. Without the proper workflows (backed by powerful tools […] The post How Companies Should Protect Sensitive Data: 6 Practical Tips appeared first on Code42.

109

109

CyberSecurity Insiders

MAY 19, 2023

Over the past couple of years, a peculiar social media trend known as the Kia Challenge has gained traction on various platforms such as Facebook, Twitter, Telegram, and WhatsApp. This challenge involves a group of thieves called the Kia Boyz, who promote an instructional video link guiding viewers to YouTube and TikTok. The video provides instructions on how to bypass the security systems of Hyundai and Kia cars using a basic USB cable that can be easily obtained from online platforms like Amaz

Media 108

Media Manufacturing Cybersecurity 108

Security Boulevard

MAY 19, 2023

Insight #1 " Be extremely careful of ChatGPT lookalikes and fakes as scammers are taking advantage of the buzz and tricking victims into biting." Insight #2 " There is no need for.zip or.mov top-level domains (TLD) unless you are a malicious actor. These should be removed immediately." Insight #3 " Burnout is a real problem in security. As security leaders, we need to figure out how to put out the fire before more great people leave the industry.

CISO 108

CISO Cybersecurity 108

The Hacker News

MAY 19, 2023

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned of active exploitation of a medium-severity flaw affecting Samsung devices. The issue, tracked as CVE-2023-21492 (CVSS score: 4.4), impacts select Samsung devices running Android versions 11, 12, and 13.

Cybersecurity 107

Cybersecurity 107

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity

Security Boulevard

MAY 19, 2023

It’s popular because it’s profitable and it’s been a big moment for ransomware around the planet over the past few weeks. At Banyan, we decided to assemble the latest ransomware news for a mid-May Ransomware Threat Update (because there’s been enough of it to warrant its own blog). Ransomware has become ever more targeted, with […] The post Banyan Ransomware Threat Update – May 2023 first appeared on Banyan Security.

Ransomware 108

Ransomware 108

CSO Magazine

MAY 19, 2023

Despite efforts taken in recent years to proactively monitor public software repositories for malicious code, packages that bundle malware continue to routinely pop up in such places. Researchers recently identified two legitimate looking packages that remained undetected for over two months and deployed an open-source information stealing trojan called TurkoRat.

Malware 105

Malware Software 105

eSecurity Planet

MAY 19, 2023

Application security tools and software solutions are designed to identify and mitigate vulnerabilities and threats in software applications. Their main purpose is to protect applications from unauthorized access, data breaches, and malicious attacks. These tools play a vital role in ensuring the security, integrity, and confidentiality of sensitive information, such as personal data and financial records.

Software 104

Software Risk Encryption Marketing 104

Dark Reading

MAY 19, 2023

As we share an increasing amount of personal information online, we create more opportunities for threat actors to steal our identities.

119

119

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

Bleeping Computer

MAY 19, 2023

A financially motivated cybercriminal group known as FIN7 resurfaced last month, with Microsoft threat analysts linking it to attacks where the end goal was the deployment of Clop ransomware payloads on victims' networks. [.

Ransomware 101

Ransomware 101

The Hacker News

MAY 19, 2023

Two malicious packages discovered in the npm package repository have been found to conceal an open source information stealer malware called TurkoRat. The packages – named nodejs-encrypt-agent and nodejs-cookie-proxy-agent – were collectively downloaded approximately 1,200 times and were available for more than two months before they were identified and taken down.

Malware 102

Malware Encryption 102

Graham Cluley

MAY 19, 2023

A joint alert has been issued by US government agencies, advising organisations of the steps they should take to mitigate the threat posed by BianLian ransomware attacks.

Government 102

Government Ransomware Data breaches Malware 102

Security Boulevard

MAY 19, 2023

Elastic Security, which includes Elastic security information and event management (SIEM), is a comprehensive security solution developed by Elastic. It combines various security tools and features to help organizations detect, prevent, and respond to cyber threats in real-time. Elastic Security leverages the capabilities of the Elastic Stack, a suite of open source tools, including Elasticsearch, The post Complete Guide to Elastic SIEM appeared first on Security Boulevard.

Cyber threats 98

Cyber threats Cybersecurity Network Security 98

Advertisement

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

Identity Theft

We Live Security

MAY 19, 2023

Don't download software from non-reputable websites and sketchy links – you might be in for more than you bargained for The post The real cost of a free lunch – Week in security with Tony Anscombe appeared first on WeLiveSecurity

Software 95

Software 95

Security Boulevard

MAY 19, 2023

Geolocation data is among the most sensitive personal data. Marketers can use this data to determine what you are likely to buy, how much you are likely to spend and where you are likely to shop. The Federal Trade Commission (FTC) sued an online geolocation data broker for unfairly selling data about the physical location. The post Federal Court Dismisses FTC Location Privacy Lawsuit appeared first on Security Boulevard.

Marketing 96

Marketing Data privacy Risk Government 96

Security Affairs

MAY 19, 2023

Vesuvius, a leader in molten metal flow engineering and technology, revealed that the February cyber incident will cost it £3.5 million Vesuvius is a global leader in molten metal flow engineering and technology, it employs more than 10,000 people and is listed on the London Stock Exchange. In February the company disclosed a security breach and revealed that it discovered unauthorized access to its systems.

Engineering 93

Engineering Technology Hacking Information Security 93

Dark Reading

MAY 19, 2023

In an advisory released by the company, Apple revealed patches for three previously unknown bugs it says may already have been used by attackers.

101

101

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

Cybersecurity

Security Affairs

MAY 19, 2023

The Lemon Group cybercrime ring has reportedly pre-installed malware known as Guerilla on almost 9 million Android devices. A cybercrime group tracked has Lemon Group has reportedly pre-installed malware known as Guerilla on almost 9 million Android devices. Infected devices were used for multiple malicious activities, including traffic redirections through mobile proxies, info-stealing, click fraud, and social media and online messaging accounts and monetization via advertisements.

Mobile 92

Mobile Advertising Malware Cybercrime 92

SecureList

MAY 19, 2023

In March 2023, we uncovered a previously unknown APT campaign in the region of the Russo-Ukrainian conflict that involved the use of PowerMagic and CommonMagic implants. However, at the time it was not clear which threat actor was behind the attack. Since the release of our report about CommonMagic, we have been looking for additional clues that would allow us to learn more about this actor.

Encryption 90

Encryption Malware Internet Internet 90

The Hacker News

MAY 19, 2023

The notorious cybercrime group known as FIN7 has been observed deploying Cl0p (aka Clop) ransomware, marking the threat actor's first ransomware campaign since late 2021. Microsoft, which detected the activity in April 2023, is tracking the financially motivated actor under its new taxonomy Sangria Tempest.

Ransomware 90

Ransomware Cybercrime 90

Security Affairs

MAY 19, 2023

Experts discovered two malicious packages in the npm package repository, both were laced with an open-source info-stealer called TurkoRat. ReversingLabs discovered two malicious packages, respectively named nodejs-encrypt-agent and nodejs-cookie-proxy-agent, in the npm package repository containing an open-source info-stealer called TurkoRat. TurkoRat is an information-stealing malware that can obtain a broad range of data from the infected machine, including account login credentials, cryptocu

Encryption 85

Encryption Social Engineering Malware Cryptocurrency 85

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.