Wed.Jun 29, 2022

article thumbnail

Ecuador’s Attempt to Resettle Edward Snowden

Schneier on Security

Someone hacked the Ecuadorian embassy in Moscow and found a document related to Ecuador’s 2013 efforts to bring Edward Snowden there. If you remember, Snowden was traveling from Hong Kong to somewhere when the US revoked his passport, stranding him in Russia. In the document, Ecuador asks Russia to provide Snowden with safe passage to come to Ecuador.

Hacking 227
article thumbnail

How to de-anonymize fraudulent Tor web servers

Tech Republic Security

While it is common belief that there is not much that can be done to locate remote servers hosted using the Tor network, a new research reveals it is possible to de-anonymize some and uses ransomware domains hosted on the Dark Web as examples. The post How to de-anonymize fraudulent Tor web servers appeared first on TechRepublic.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Deepfaking crooks seek remote-working jobs to gain access to sensitive data

Graham Cluley

The FBI has warned that, in an attempt to gain access to sensitive data at organisations, crooks are using deepfake video when applying for remote working-at-home jobs.

article thumbnail

Nearly a Million Kubernetes Instances Exposed on Internet

eSecurity Planet

Cybersecurity researchers have found more than 900,000 instances of Kubernetes consoles exposed on the internet. Cyble researchers detected misconfigured Kubernetes instances that could expose hundreds of thousands of organizations. The researchers found a number of indicators of exposure in the open source container orchestration platform: KubernetesDashboard Kubernetes-master Kubernetes Kube K8 Favicon:2130463260, -1203021870.

Internet 143
article thumbnail

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

Speaker: Erroll Amacker

Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.

article thumbnail

What do customers really want (and need) from security?

Cisco Security

Insights from the RSA Conference and Cisco Live. What is it that customers truly want from their security? Is it simplicity? Robust protection? Agility and flexibility? Yes! In today’s uncertain world where new challenges are being thrown at IT teams each day, security must meet many diverse needs. At the end of the day, it’s about keeping the entire business resilient despite the chaos of the cyber world. .

article thumbnail

Hermit spyware is deployed with the help of a victim’s ISP

Malwarebytes

Google’s Threat Analysis Group (TAG) has revealed a sophisticated spyware activity involving ISPs (internet service providers) aiding in downloading powerful commercial spyware onto users’ mobile devices. The spyware, dubbed Hermit, is reported to have government clients much like Pegasus. Italian vendor RCS Labs developed Hermit. The spyware was spotted in Kazakhstan (to suppress protests against government policies), Italy (to investigate those involved in an anti-corruption case),

Spyware 124

LifeWorks

More Trending

article thumbnail

How Do I Help Protect My Identity After Losing My Wallet?

Identity IQ

How Do I Help Protect My Identity After Losing My Wallet? IdentityIQ. Everyone has a lot on their plates these days, so it’s understandably easier now more than ever to misplace things – and to have a moment of panic when you think you’ve misplaced something important. Many people might experience that clutch of anxiety over the feeling that they’ve lost their wallets.

article thumbnail

Evilnum Hackers Return

Heimadal Security

Evilnum is a sophisticated persistent threat that has been active since at least 2018, although its campaign and tools were just recently discovered in the year 2020. This means that Evilnum has been operating for at least two years. Emails containing links to ZIP files stored on Google Drive are sent to potential victims as […]. The post Evilnum Hackers Return appeared first on Heimdal Security Blog.

article thumbnail

Forced Chrome extensions get removed, keep reappearing

Malwarebytes

In the continued saga of annoying search extensions we have a new end-of-level boss. Victims have been reporting browser extensions that were removed by Malwarebytes, but “magically” came back later. Since the victims also complained about the message saying their browser was “managed”, we had a pretty good idea where to look. custom search bar is one of the forced extensions.

article thumbnail

Black Basta Ransomware Operators Expand Their Attack Arsenal With QakBot Trojan and PrintNightmare Exploit

Trend Micro

We look into a recent attack orchestrated by the Black Basta ransomware ransomware group that used the banking trojan QakBot as a means of entry and movement and took advantage of the PrintNightmare vulnerability to perform privileged file operations.

article thumbnail

Why Giant Content Libraries Do Nothing for Your Employees’ Cyber Resilience

Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.

article thumbnail

Why more zero-day vulnerabilities are being found in the wild

CSO Magazine

The number of zero-days exploited in the wild has been high over the past year and a half, with different kinds of actors using them. These vulnerabilities, which are unknown to the software maker, are leveraged by both state-sponsored groups and ransomware gangs. During the first half of this year, Google Project Zero counted almost 20 zero-days, most of which target products built by Microsoft, Apple and Google, with browsers and operating systems taking up large chunks.

article thumbnail

Patch Now: Linux Container-Escape Flaw in Azure Service Fabric

Dark Reading

Microsoft is urging organizations that don't have automatic updates enabled to update to the latest version of Linux Server Fabric to thwart the "FabricScape" cloud bug.

106
106
article thumbnail

Hacking the Crypto-monetized Web

Trend Micro

What danger lies around the corner?

Hacking 105
article thumbnail

Heimdal™ Security Featured in G2 Summer Reports Niche Quadrant 2022

Heimadal Security

COPENHAGEN, June 29th, 2022 – Heimdal™ Security announced it has been included in the 2022 G2 Summer Reports Niche Quadrant in the Patch Management and Antivirus categories. Determined by customer satisfaction and scale (based on market share, vendor size, and social impact), the 2022 G2 Summer Reports ranks vendors into – Leaders, High Performers, Contenders, and […].

Antivirus 105
article thumbnail

Zero Trust Mandate: The Realities, Requirements and Roadmap

The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.

article thumbnail

Toxic masculinity holds us ALL back (in cyber) & what you can do about it

Jane Frankland

In last week’s newsletter (edition 3), I wrote about being you in the workplace and some of the difficulties that women in cyber face. I told you we have a saying at The Source , my new initiative for women in cyber and businesses who value them, but today I want to let you know about another saying we have. It’s, “No blame. No shame.

Education 100
article thumbnail

Cyberattacks via Unpatched Systems Cost Orgs More Than Phishing

Dark Reading

External attacks focused on vulnerabilities are still the most common ways that companies are successfully attacked, according to incident data.

article thumbnail

YTStealer info-stealing malware targets YouTube content creators

Security Affairs

Researchers detailed a new information-stealing malware, dubbed YTStealer, that targets YouTube content creators. Intezer cybersecurity researchers have detailed a new information-stealing malware, dubbed YTStealer, that was developed to steal authentication cookies from YouTube content creators. The malware is highly likely available as a service on the Dark Web.

Malware 98
article thumbnail

ZuoRAT Hijacks SOHO Routers From Cisco, Netgear

Dark Reading

The malware has been in circulation since 2020, with sophisticated, advanced malicious actors taking advantage of the vulnerabilities in SOHO routers as the work-from-home population expands rapidly.

Malware 98
article thumbnail

Next-Level Fraud Prevention: Strategies for Today’s Threat Landscape

Speaker: Sierre Lindgren

Fraud is a battle that every organization must face – it’s no longer a question of “if” but “when.” Every organization is a potential target for fraud, and the finance department is often the bullseye. From cleverly disguised emails to fraudulent payment requests, the tactics of cybercriminals are advancing rapidly. Drawing insights from real-world cases and industry expertise, we’ll explore the vulnerabilities in your processes and how to fortify them effectively.

article thumbnail

Path Traversal flaw in UnRAR utility can allow hacking Zimbra Mail servers

Security Affairs

Researchers discovered a new flaw in RARlab’s UnRAR utility, tracked CVE-2022-30333, that can allow to remotely hack Zimbra Webmail servers. SonarSource researchers have discovered a new vulnerability in RARlab’s UnRAR utility, tracked as CVE-2022-30333, that can be exploited by remote attackers to execute arbitrary code on a system that relies on the binary, like Zimbra webmail servers.

Hacking 98
article thumbnail

How Vulnerability Management Has Evolved And Where It’s Headed Next

The Security Ledger

The blocking and tackling work of scan management is becoming a commodity, writes Lisa Xu, the CEO of NopSec in this Expert Insight. What organizations need now is complete visibility of their IT infrastructure and business applications. The post How Vulnerability Management Has Evolved And Where It’s Headed Next appeared first on The Security. Read the whole entry. » Related Stories Identity Fraud: The New Corporate Battleground State of Modern Application Security: 6 Key Takeaways For 202

article thumbnail

Mitre shared 2022 CWE Top 25 most dangerous software weaknesses

Security Affairs

The MITRE organization published the 2022 CWE Top 25 most dangerous software weaknesses. The MITRE shared the list of the 2022 top 25 most common and dangerous weaknesses, it could help organizations to assess internal infrastructure and determine their surface of attack. The presence of these vulnerabilities within the infrastructure of an organization could potentially expose it to a broad range of attacks. “Welcome to the 2022 Common Weakness Enumeration (CWE ) Top 25 Most Dangerous Sof

article thumbnail

Do back offices mean backdoors?

We Live Security

War in Europe, a reminder for shared service centers and shoring operations to re-examine IT security posture. The post Do back offices mean backdoors? appeared first on WeLiveSecurity.

98
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

RansomHouse gang claims to have stolen 450GB of data from chip maker giant AMD

Security Affairs

The RansomHouse gang claims to have breached the Chipmaker giant AMD and stole 450 GB of data from the company in 2021. The RansomHouse extortion gang claims to have stolen 450 GB of data from the chipmaker giant AMD in 2021 and threatens to leak it or sell it if the company will not pay the ransom. The company has been added this week to the gang’s dark web leak site: According to BleepingComputer , a RansomHouse partners has breached the network of AMD a year ago, but the leak site repor

article thumbnail

Cyberattack on Iranian Steel Industry Disrupts Operations

SecureWorld News

The sequel to Stuxnet? A cyberattack this week has put Iranian steel manufacturing in the crosshairs. A hacking group by the name of Gonjeshke Darande (Farsi for Predatory Sparrow) hit the networks of three of Iran's largest steel companies: Khouzestan Steel, Hormozgan Steel, and Mobarakeh Steel. The group announced its attack on June 26th in a tweet, with video footage from inside a steel manufacturing plant showing the explosive kinetic consequences.

article thumbnail

New 'FabricScape' Bug in Microsoft Azure Service Fabric Impacts Linux Workloads

The Hacker News

Cybersecurity researchers from Palo Alto Networks Unit 42 disclosed details of a new security flaw affecting Microsoft's Service Fabric that could be exploited to obtain elevated permissions and seize control of all nodes in a cluster. The issue, which has been dubbed FabricScape (CVE-2022-30137), could be exploited on containers that are configured to have runtime access.

article thumbnail

How BYOD Creates Both Solutions and Challenges for Businesses

SecureWorld News

Businesses have had to adapt significantly in the past few years, with the COVID-19 pandemic not only playing havoc with supply chains but also modifying the way that employees do their jobs. Perhaps the most obvious and universal change that we have seen is the move to working from home and other types of flexible working. Indeed, this change has had a knock-on effect where it is now far more common for individuals to use their own devices to carry out company work.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

New UnRAR Vulnerability Could Let Attackers Hack Zimbra Webmail Servers

The Hacker News

A new security vulnerability has been disclosed in RARlab's UnRAR utility that, if successfully exploited, could permit a remote attacker to execute arbitrary code on a system that relies on the binary. The flaw, assigned the identifier CVE-2022-30333, relates to a path traversal vulnerability in the Unix versions of UnRAR that can be triggered upon extracting a maliciously crafted RAR archive.

Hacking 98
article thumbnail

Building Visibility into Hybrid Workplaces: Tips for Minimizing Employee Burnout

Security Boulevard

It’s become a bit of a cliché, saying that the pandemic created a “new normal” for all of us. But the reality is, the pandemic did introduce new ways of living and working. Employees are demanding more flexible workplaces with a stronger focus on work-life balance than before the pandemic, and organizations are trying their … Continued. The post Building Visibility into Hybrid Workplaces: Tips for Minimizing Employee Burnout appeared first on DTEX Systems Inc.

98
article thumbnail

New YTStealer Malware Aims to Hijack Accounts of YouTube Content Creators

The Hacker News

Cybersecurity researchers have documented a new information-stealing malware that targets YouTube content creators by plundering their authentication cookies. Dubbed "YTStealer" by Intezer, the malicious tool is likely believed to be sold as a service on the dark web, with it distributed using fake installers that also drop RedLine Stealer and Vidar.

Malware 98
article thumbnail

Black Basta ransomware is mutating, and this has several implications

Security Boulevard

New variants of the Black Basta ransomware are now emerging in the wild and routinely turning up in our global honeypots. According to online reports, Black Basta has managed to make many victims pay a ransom across US, Singapore, UAE, UK, India, and Australia since it was first discovered in the wild in February 2022. […]. The post Black Basta ransomware is mutating, and this has several implications appeared first on Security Boulevard.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!