Thu.May 30, 2024

article thumbnail

'Operation Endgame' Hits Malware Delivery Platforms

Krebs on Security

Law enforcement agencies in the United States and Europe today announced Operation Endgame, a coordinated action against some of the most popular cybercrime platforms for delivering ransomware and data-stealing malware.

Malware 332
article thumbnail

Supply Chain Attack against Courtroom Software

Schneier on Security

No word on how this backdoor was installed: A software maker serving more than 10,000 courtrooms throughout the world hosted an application update containing a hidden backdoor that maintained persistent communication with a malicious website, researchers reported Thursday, in the latest episode of a supply-chain attack. The software, known as the JAVS Viewer 8, is a component of the JAVS Suite 8 , an application package courtrooms use to record, play back, and manage audio and video from proceed

Software 324
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

What Is ShrinkLocker? New Ransomware Targets Microsoft BitLocker Encryption Feature

Tech Republic Security

The ShrinkLocker ransomware exploits the BitLocker feature on enterprise PCs to encrypt the entire local drive and remove recovery options.

article thumbnail

U.S. Dismantles World's Largest 911 S5 Botnet, with 19 Million Infected Devices

The Hacker News

The U.S. Department of Justice (DoJ) on Wednesday said it dismantled what it described as "likely the world's largest botnet ever," which consisted of an army of 19 million infected devices that was leased to other threat actors to commit a wide array of offenses. The botnet, which has a global footprint spanning more than 190 countries, functioned as a residential proxy service known as 911 S5.

139
139
article thumbnail

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

Speaker: Erroll Amacker

Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.

article thumbnail

Do VPNs Change or Hide Your IP Address?

Tech Republic Security

Will a virtual private network change your IP address? Find out in this article and discover what a VPN doesn’t hide.

VPN 192
article thumbnail

“Largest botnet ever” disrupted. 911 S5’s alleged mastermind arrested

Graham Cluley

A vast network of millions of compromised computers, being used to facilitate a wide range of cybercrime, has been disrupted by a multinational law enforcement operation. Read more in my article on the Tripwire State of Security blog.

LifeWorks

More Trending

article thumbnail

Experts found a macOS version of the sophisticated LightSpy spyware

Security Affairs

Researchers spotted a macOS version of the LightSpy surveillance framework that has been active in the wild since at least January 2024. Researchers from ThreatFabric discovered a macOS version of the LightSpy spyware that has been active in the wild since at least January 2024. ThreatFabric observed threat actors using two publicly available exploits (CVE-2018-4233, CVE-2018-4404) to deliver macOS implants.

Spyware 136
article thumbnail

CISA Alerts Federal Agencies to Patch Actively Exploited Linux Kernel Flaw

The Hacker News

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a security flaw impacting the Linux kernel to the Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. Tracked as CVE-2024-1086 (CVSS score: 7.

article thumbnail

The Unusual Espionage Act Case Against a Drone Photographer

WIRED Threat Level

In seemingly the first case of its kind, the US Justice Department has charged a Chinese national with using a drone to photograph a Virginia shipyard where the US Navy was assembling nuclear submarines.

134
134
article thumbnail

AI in HR: Is artificial intelligence changing how we hire employees forever?

We Live Security

Much digital ink has been spilled on artificial intelligence taking over jobs, but what about AI shaking up the hiring process in the meantime?

article thumbnail

Why Giant Content Libraries Do Nothing for Your Employees’ Cyber Resilience

Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.

article thumbnail

Ticketmaster Hack Ticks Off 560M Customers in 1.3TB Breach

Security Boulevard

What we know so far: A Ticketmaster AWS instance was penetrated by unknown perpetrators; “ShinyHunters” is selling stolen data on their behalf. Don’t forget to add the hidden 5% fee to the ransom. The post Ticketmaster Hack Ticks Off 560M Customers in 1.3TB Breach appeared first on Security Boulevard.

Hacking 130
article thumbnail

RSAC Fireside Chat: Start-up Anetac rolls out a solution to rising ‘service accounts’ exposures

The Last Watchdog

From MFA to biometrics, a lot has been done to reinforce user ID and password authentication — for human users. Related: How weak service accounts factored into SolarWinds hack By comparison, almost nothing has been done to strengthen service accounts – the user IDs and passwords set up to authenticate all the backend, machine-to-machine connections of our digital world.

article thumbnail

Beware of scammers impersonating Malwarebytes

Malwarebytes

Scammers love to bank on the good name of legitimate companies to gain the trust of their intended targets. Recently, it came to our attention that a cybercriminal is using fake websites for security products to spread malware. One of those websites was impersonating the Malwarebytes brand. Image courtesy of Trellix The download from the fake website was an information stealer with a filename that resembled that of the actual Malwarebytes installer.

Scams 129
article thumbnail

CISA adds Check Point Quantum Security Gateways and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog

Security Affairs

CISA adds Check Point Quantum Security Gateways and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog : CVE-2024-24919 Check Point Quantum Security Gateways Information Disclosure Vulnerability CVE-2024-1086 Linux Kernel Use-After-Free Vulnerability The vulnerability CVE-2024-24919 is a Quantum Gateway information disclosure

Firewall 128
article thumbnail

Zero Trust Mandate: The Realities, Requirements and Roadmap

The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.

article thumbnail

Pirated Microsoft Office delivers malware cocktail on systems

Bleeping Computer

Cybercriminals are distributing a malware cocktail through cracked versions of Microsoft Office promoted on torrent sites. [.

Malware 125
article thumbnail

Cybersecurity Management Lessons from Healthcare Woes

eSecurity Planet

Ransomware attacks and data breaches make headlines when they shut down huge connected healthcare providers such as Ascension Healthcare or Change Healthcare. Examining the available details of these breaches will help you learn key lessons from their pain to avoid suffering the same humiliating and expensive situations. Table of Contents Toggle Recent Healthcare Attacks & Breaches 5 Key Cybersecurity Management Lessons to Learn Bottom Line: Learn Healthcare’s Lessons Before Suffering Pain R

article thumbnail

RedTail Crypto-Mining Malware Exploiting Palo Alto Networks Firewall Vulnerability

The Hacker News

The threat actors behind the RedTail cryptocurrency mining malware have added a recently disclosed security flaw impacting Palo Alto Networks firewalls to its exploit arsenal.

Firewall 121
article thumbnail

Malware botnet bricked 600,000 routers in mysterious 2023 event

Bleeping Computer

A malware botnet named 'Pumpkin Eclipse' performed a mysterious destructive event in 2023 that took 600,000 office/home office (SOHO) internet routers offline, according to a new report by researchers at Lumen's Black Lotus Labs. [.

Malware 121
article thumbnail

Next-Level Fraud Prevention: Strategies for Today’s Threat Landscape

Speaker: Sierre Lindgren

Fraud is a battle that every organization must face – it’s no longer a question of “if” but “when.” Every organization is a potential target for fraud, and the finance department is often the bullseye. From cleverly disguised emails to fraudulent payment requests, the tactics of cybercriminals are advancing rapidly. Drawing insights from real-world cases and industry expertise, we’ll explore the vulnerabilities in your processes and how to fortify them effectively.

article thumbnail

Europol Shuts Down 100+ Servers Linked to IcedID, TrickBot, and Other Malware

The Hacker News

Europol on Thursday said it shut down the infrastructure associated with several malware loader operations such as IcedID, SystemBC, PikaBot, SmokeLoader, Bumblebee, and TrickBot as part of a coordinated law enforcement effort codenamed Operation Endgame.

Malware 120
article thumbnail

Duo’s Data-Driven Defense: Combatting Cyber Threats in Higher Education

Duo's Security Blog

Duo has a long history of protecting students across universities and higher education institutions. From personally identifiable information to federal grants and loans, students and schools are a regular target for attackers. Because Duo has such a large presence in the world of education, we can also spot trends in attack tactics and learn how to better secure your organization.

Education 119
article thumbnail

Cyber Espionage Alert: LilacSquid Targets IT, Energy, and Pharma Sectors

The Hacker News

A previously undocumented cyber espionage-focused threat actor named LilacSquid has been linked to targeted attacks spanning various sectors in the United States (U.S.), Europe, and Asia as part of a data theft campaign since at least 2021.

120
120
article thumbnail

Law enforcement operation dismantled 911 S5 botnet

Security Affairs

An international law enforcement operation led by the U.S. DoJ disrupted the 911 S5 botnet and led to the arrest of its administrator. The U.S. Justice Department led an international law enforcement operation that dismantled the 911 S5 proxy botnet. The law enforcement also arrested its administrator, the 35-year-old Chinese national YunHe Wang, in Singapore.

VPN 118
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Researchers Uncover Active Exploitation of WordPress Plugin Vulnerabilities

The Hacker News

Cybersecurity researchers have warned that multiple high-severity security vulnerabilities in WordPress plugins are being actively exploited by threat actors to create rogue administrator accounts for follow-on exploitation.

article thumbnail

ShinyHunters Hits Ticketmaster with Breach Impacting 560 Million Users

SecureWorld News

The infamous cybercrime syndicate ShinyHunters has struck again, this time claiming responsibility for an absolutely staggering data breach impacting live entertainment giants Ticketmaster and Live Nation. In a brazen announcement, the hacking group says it has compromised personal records belonging to a jaw-dropping 560 million users across the two platforms.

article thumbnail

Smashing Security podcast #374: Microsoft’s Recall controversy, and the North Korean insider threat

Graham Cluley

Microsoft gets itself into a pickle with a privacy-popping new feature on its CoPilot+ PCs, the FTC warns of impersonated companies, and is your company hiring North Korean IT workers? All this and much much more is discussed in the latest edition of the “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by author, journalist, and podcaster Geoff White.

article thumbnail

RansomHub Responsible for Christie's Hack, Threatens Data Leak

SecureWorld News

The world-renowned auction house Christie's has become the latest major corporation to fall victim to a ransomware attack. The cybercrime gang RansomHub has claimed responsibility and is threatening to release "a massive trove of sensitive personal information" belonging wealthy clients of Christie's unless their ransom demand is met. In a Dark Web post earlier today, RansomHub said it had breached the Christie's corporate networks and encrypted servers containing terabytes of confidential data.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Microsoft: Windows 11 preview update causes taskbar crashes

Bleeping Computer

Microsoft warned customers on Thursday that the May 2024 non-security preview update for Windows 11 is causing taskbar crashes and glitches. [.

112
112
article thumbnail

How to Build Your Autonomous SOC Strategy

The Hacker News

Security leaders are in a tricky position trying to discern how much new AI-driven cybersecurity tools could actually benefit a security operations center (SOC). The hype about generative AI is still everywhere, but security teams have to live in reality. They face constantly incoming alerts from endpoint security platforms, SIEM tools, and phishing emails reported by internal users.

Phishing 110
article thumbnail

Cisco Secure Firewall integrates with Azure Virtual WAN (vWAN) to simplify firewall insertion in Azure environments

Cisco Security

Azure Virtual WAN Azure Virtual WAN

Firewall 109
article thumbnail

RedTail Malware Abuses Palo Alto Flaw in Latest Cryptomining Campaign

Security Boulevard

Hackers with possible ties to the notorious North Korea-linked Lazarus Group are exploiting a recent critical vulnerability in Palo Alto Network’s PAN-OS software to run a sophisticated cryptomining operation that likely has nation-state backing. In a report Thursday, threat researchers with Akamai said the bad actors behind this variant of the RedTail cryptomining malware are.

Malware 109
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!