Wed.Jun 29, 2022

article thumbnail

Ecuador’s Attempt to Resettle Edward Snowden

Schneier on Security

Someone hacked the Ecuadorian embassy in Moscow and found a document related to Ecuador’s 2013 efforts to bring Edward Snowden there. If you remember, Snowden was traveling from Hong Kong to somewhere when the US revoked his passport, stranding him in Russia. In the document, Ecuador asks Russia to provide Snowden with safe passage to come to Ecuador.

Hacking 178
article thumbnail

How to de-anonymize fraudulent Tor web servers

Tech Republic Security

While it is common belief that there is not much that can be done to locate remote servers hosted using the Tor network, a new research reveals it is possible to de-anonymize some and uses ransomware domains hosted on the Dark Web as examples. The post How to de-anonymize fraudulent Tor web servers appeared first on TechRepublic.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Deepfaking crooks seek remote-working jobs to gain access to sensitive data

Graham Cluley

The FBI has warned that, in an attempt to gain access to sensitive data at organisations, crooks are using deepfake video when applying for remote working-at-home jobs.

article thumbnail

Toxic masculinity holds us ALL back (in cyber) & what you can do about it

Jane Frankland

In last week’s newsletter (edition 3), I wrote about being you in the workplace and some of the difficulties that women in cyber face. I told you we have a saying at The Source , my new initiative for women in cyber and businesses who value them, but today I want to let you know about another saying we have. It’s, “No blame. No shame.

Education 100
article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

Nearly a Million Kubernetes Instances Exposed on Internet

eSecurity Planet

Cybersecurity researchers have found more than 900,000 instances of Kubernetes consoles exposed on the internet. Cyble researchers detected misconfigured Kubernetes instances that could expose hundreds of thousands of organizations. The researchers found a number of indicators of exposure in the open source container orchestration platform: KubernetesDashboard Kubernetes-master Kubernetes Kube K8 Favicon:2130463260, -1203021870.

Internet 123
article thumbnail

How Do I Help Protect My Identity After Losing My Wallet?

Identity IQ

How Do I Help Protect My Identity After Losing My Wallet? IdentityIQ. Everyone has a lot on their plates these days, so it’s understandably easier now more than ever to misplace things – and to have a moment of panic when you think you’ve misplaced something important. Many people might experience that clutch of anxiety over the feeling that they’ve lost their wallets.

More Trending

article thumbnail

Why more zero-day vulnerabilities are being found in the wild

CSO Magazine

The number of zero-days exploited in the wild has been high over the past year and a half, with different kinds of actors using them. These vulnerabilities, which are unknown to the software maker, are leveraged by both state-sponsored groups and ransomware gangs. During the first half of this year, Google Project Zero counted almost 20 zero-days, most of which target products built by Microsoft, Apple and Google, with browsers and operating systems taking up large chunks.

article thumbnail

Hermit spyware is deployed with the help of a victim’s ISP

Malwarebytes

Google’s Threat Analysis Group (TAG) has revealed a sophisticated spyware activity involving ISPs (internet service providers) aiding in downloading powerful commercial spyware onto users’ mobile devices. The spyware, dubbed Hermit, is reported to have government clients much like Pegasus. Italian vendor RCS Labs developed Hermit. The spyware was spotted in Kazakhstan (to suppress protests against government policies), Italy (to investigate those involved in an anti-corruption case),

Spyware 107
article thumbnail

What do customers really want (and need) from security?

Cisco Security

Insights from the RSA Conference and Cisco Live. What is it that customers truly want from their security? Is it simplicity? Robust protection? Agility and flexibility? Yes! In today’s uncertain world where new challenges are being thrown at IT teams each day, security must meet many diverse needs. At the end of the day, it’s about keeping the entire business resilient despite the chaos of the cyber world. .

article thumbnail

Patch Now: Linux Container-Escape Flaw in Azure Service Fabric

Dark Reading

Microsoft is urging organizations that don't have automatic updates enabled to update to the latest version of Linux Server Fabric to thwart the "FabricScape" cloud bug.

106
106
article thumbnail

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

article thumbnail

Black Basta Ransomware Operators Expand Their Attack Arsenal With QakBot Trojan and PrintNightmare Exploit

Trend Micro

We look into a recent attack orchestrated by the Black Basta ransomware ransomware group that used the banking trojan QakBot as a means of entry and movement and took advantage of the PrintNightmare vulnerability to perform privileged file operations.

article thumbnail

Heimdal™ Security Featured in G2 Summer Reports Niche Quadrant 2022

Heimadal Security

COPENHAGEN, June 29th, 2022 – Heimdal™ Security announced it has been included in the 2022 G2 Summer Reports Niche Quadrant in the Patch Management and Antivirus categories. Determined by customer satisfaction and scale (based on market share, vendor size, and social impact), the 2022 G2 Summer Reports ranks vendors into – Leaders, High Performers, Contenders, and […].

article thumbnail

ZuoRAT Hijacks SOHO Routers From Cisco, Netgear

Dark Reading

The malware has been in circulation since 2020, with sophisticated, advanced malicious actors taking advantage of the vulnerabilities in SOHO routers as the work-from-home population expands rapidly.

Malware 98
article thumbnail

How Vulnerability Management Has Evolved And Where It’s Headed Next

The Security Ledger

The blocking and tackling work of scan management is becoming a commodity, writes Lisa Xu, the CEO of NopSec in this Expert Insight. What organizations need now is complete visibility of their IT infrastructure and business applications. The post How Vulnerability Management Has Evolved And Where It’s Headed Next appeared first on The Security. Read the whole entry. » Related Stories Identity Fraud: The New Corporate Battleground State of Modern Application Security: 6 Key Takeaways For 202

article thumbnail

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

article thumbnail

Adopting a Multifaceted Security Approach

Security Boulevard

Over the past decade, terms like malware and ransomware have increasingly entered into the public vernacular, especially as they relate to highly publicized, high-profile cybersecurity attacks. Most recently, the Biden administration issued a dire warning to American businesses about the potential for Russian cyberattacks, encouraging even private organizations to strengthen their defenses.

article thumbnail

Cloud Security Resources and Guidance

Cisco Security

This article was coauthored by Dan Maunz and Ryan Morrow, both Security Program Managers in the Security & Trust Organization at Cisco. The purpose of this document is to provide the reader with a high-level overview of cloud delivery models, introduce the different deployment scenarios in which cloud services can be operated in, and highlight the risks to an organization when deploying and operating a cloud environment.

Risk 97
article thumbnail

Building Visibility into Hybrid Workplaces: Tips for Minimizing Employee Burnout

Security Boulevard

It’s become a bit of a cliché, saying that the pandemic created a “new normal” for all of us. But the reality is, the pandemic did introduce new ways of living and working. Employees are demanding more flexible workplaces with a stronger focus on work-life balance than before the pandemic, and organizations are trying their … Continued. The post Building Visibility into Hybrid Workplaces: Tips for Minimizing Employee Burnout appeared first on DTEX Systems Inc.

98
article thumbnail

Mitre shared 2022 CWE Top 25 most dangerous software weaknesses

Security Affairs

The MITRE organization published the 2022 CWE Top 25 most dangerous software weaknesses. The MITRE shared the list of the 2022 top 25 most common and dangerous weaknesses, it could help organizations to assess internal infrastructure and determine their surface of attack. The presence of these vulnerabilities within the infrastructure of an organization could potentially expose it to a broad range of attacks. “Welcome to the 2022 Common Weakness Enumeration (CWE ) Top 25 Most Dangerous Sof

article thumbnail

From Complexity to Clarity: Strategies for Effective Compliance and Security Measures

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.

article thumbnail

Black Basta ransomware is mutating, and this has several implications

Security Boulevard

New variants of the Black Basta ransomware are now emerging in the wild and routinely turning up in our global honeypots. According to online reports, Black Basta has managed to make many victims pay a ransom across US, Singapore, UAE, UK, India, and Australia since it was first discovered in the wild in February 2022. […]. The post Black Basta ransomware is mutating, and this has several implications appeared first on Security Boulevard.

article thumbnail

YTStealer info-stealing malware targets YouTube content creators

Security Affairs

Researchers detailed a new information-stealing malware, dubbed YTStealer, that targets YouTube content creators. Intezer cybersecurity researchers have detailed a new information-stealing malware, dubbed YTStealer, that was developed to steal authentication cookies from YouTube content creators. The malware is highly likely available as a service on the Dark Web.

Malware 97
article thumbnail

The Four Pillars of a Cybersecurity Strategy That Works

Security Boulevard

Understanding the threat landscape is one thing; extracting and leveraging actionable threat intelligence to reinforce an organization’s defensive posture is another. Threat intelligence empowers organizations by providing them with the knowledge and visibility needed to make well-informed decisions about their security defenses and respond faster to current and evolving threats.

article thumbnail

Do back offices mean backdoors?

We Live Security

War in Europe, a reminder for shared service centers and shoring operations to re-examine IT security posture. The post Do back offices mean backdoors? appeared first on WeLiveSecurity.

96
article thumbnail

Successful Change Management with Enterprise Risk Management

Speaker: William Hord, Vice President of ERM Services

A well-defined change management process is critical to minimizing the impact that change has on your organization. Leveraging the data that your ERM program already contains is an effective way to help create and manage the overall change management process within your organization. Your ERM program generally assesses and maintains detailed information related to strategy, operations, and the remediation plans needed to mitigate the impact on the organization.

article thumbnail

New 'FabricScape' Bug in Microsoft Azure Service Fabric Impacts Linux Workloads

The Hacker News

Cybersecurity researchers from Palo Alto Networks Unit 42 disclosed details of a new security flaw affecting Microsoft's Service Fabric that could be exploited to obtain elevated permissions and seize control of all nodes in a cluster. The issue, which has been dubbed FabricScape (CVE-2022-30137), could be exploited on containers that are configured to have runtime access.

article thumbnail

BrandPost: Four Key Ways CISOs can Strengthen OT Security

CSO Magazine

The past decade has seen an increase in the number of operational technology (OT) attacks and their impact on organizations. Fortinet recently released its 2022 State of Operational Technology and Cybersecurity Report revealing that 93% of OT organizations experienced one intrusion in the past year and 78% of them experienced more than three intrusions.

CISO 95
article thumbnail

New UnRAR Vulnerability Could Let Attackers Hack Zimbra Webmail Servers

The Hacker News

A new security vulnerability has been disclosed in RARlab's UnRAR utility that, if successfully exploited, could permit a remote attacker to execute arbitrary code on a system that relies on the binary. The flaw, assigned the identifier CVE-2022-30333, relates to a path traversal vulnerability in the Unix versions of UnRAR that can be triggered upon extracting a maliciously crafted RAR archive.

Hacking 95
article thumbnail

Forced Chrome extensions get removed, keep reappearing

Malwarebytes

In the continued saga of annoying search extensions we have a new end-of-level boss. Victims have been reporting browser extensions that were removed by Malwarebytes, but “magically” came back later. Since the victims also complained about the message saying their browser was “managed”, we had a pretty good idea where to look. custom search bar is one of the forced extensions.

article thumbnail

ERM Program Fundamentals for Success in the Banking Industry

Speaker: William Hord, Senior VP of Risk & Professional Services

Enterprise Risk Management (ERM) is critical for industry growth in today’s fast-paced and ever-changing risk landscape. When building your ERM program foundation, you need to answer questions like: Do we have robust board and management support? Do we understand and articulate our bank’s risk appetite and how that impacts our business units? How are we measuring and rating our risk impact, likelihood, and controls to mitigate our risk?

article thumbnail

New YTStealer Malware Aims to Hijack Accounts of YouTube Content Creators

The Hacker News

Cybersecurity researchers have documented a new information-stealing malware that targets YouTube content creators by plundering their authentication cookies. Dubbed "YTStealer" by Intezer, the malicious tool is likely believed to be sold as a service on the dark web, with it distributed using fake installers that also drop RedLine Stealer and Vidar.

Malware 94
article thumbnail

How the new Spirion-Thales partnership enables sensitive-data-centric encryption

Thales Cloud Protection & Licensing

How the new Spirion-Thales partnership enables sensitive-data-centric encryption. divya. Thu, 06/30/2022 - 05:43. Like many, I am planning a “COVID revenge” break this summer. Getting everything booked was surprisingly uneventful; that is, until I tried to reserve a kennel for my two dogs. Everything is booked solid or outrageously expensive. I could stay at the Ritz for less than I can get them boarded!

article thumbnail

Path Traversal flaw in UnRAR utility can allow hacking Zimbra Mail servers

Security Affairs

Researchers discovered a new flaw in RARlab’s UnRAR utility, tracked CVE-2022-30333, that can allow to remotely hack Zimbra Webmail servers. SonarSource researchers have discovered a new vulnerability in RARlab’s UnRAR utility, tracked as CVE-2022-30333, that can be exploited by remote attackers to execute arbitrary code on a system that relies on the binary, like Zimbra webmail servers.

Hacking 93
article thumbnail

CISA warns of hackers exploiting PwnKit Linux vulnerability

Bleeping Computer

The Cybersecurity and Infrastructure Security Agency (CISA) has added a high-severity Linux vulnerability known as PwnKit to its list of bugs exploited in the wild. [.].

article thumbnail

Cover Your SaaS: How to Overcome Security Challenges and Risks For Your Organization

Speaker: Ronald Eddings, Cybersecurity Expert and Podcaster

So, you’ve accomplished an organization-wide SaaS adoption. It started slow, and now just a few team members might be responsible for running Salesforce, Slack, and a few others applications that boost productivity, but it’s all finished. Or is it? Through all the benefits offered by SaaS applications, it’s still a necessity to onboard providers as quickly as possible.