Schneier on Security

AUGUST 28, 2023

Turns out that it’s easy to broadcast radio commands that force Polish trains to stop: …the saboteurs appear to have sent simple so-called “radio-stop” commands via radio frequency to the trains they targeted. Because the trains use a radio system that lacks encryption or authentication for those commands, Olejnik says, anyone with as little as $30 of off-the-shelf radio equipment can broadcast the command to a Polish train­—sending a series of three acoustic tones

Encryption 201

Encryption Authentication Cybersecurity 201

The Last Watchdog

AUGUST 28, 2023

API security has arisen as a cornerstone of securing massively interconnected cloud applications. At Black Hat USA 2023 , I had a great discussion about API security with Data Theorem COO Doug Dooley and Applovin CISO Jeremiah Kung. For a full drill down, please give the accompanying podcast a listen. As a fast-rising mobile ad network going toe-to-toe with Google and Facebook, Applovin has been acquiring advanced security tools and shaping new practices to manage its API exposures.

CISO 187

CISO Mobile Internet Internet 187

Tech Republic Security

AUGUST 28, 2023

Data from ChatGPT Enterprise will not be used to train the popular chatbot. Plus, admins can manage access.

Big data 194

Big data Artificial Intelligence Software 194

Security Affairs

AUGUST 28, 2023

Japan’s JPCERT warns of a new recently detected ‘MalDoc in PDF’ attack that embeds malicious Word files into PDFs. Japan’s computer emergency response team (JPCERT) has recently observed a new attack technique, called ‘MalDoc in PDF’, that bypasses detection by embedding a malicious Word file into a PDF file. The researchers explained that a file created with MalDoc in PDF has magic numbers and file structure of PDF, but can be opened in Word.

Malware 126

Malware Hacking Information Security 126

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Malwarebytes

AUGUST 28, 2023

An unknown party has released the scraped data of 2.6 million DuoLingo users on a hacking forum. While they offered the data set for sale in January for $1,500, it's now been released on a new version of the Breached hacking forum for 8 site credits, worth only $2.13. DuoLingo is an educational platform most famous for its language learning programs.

Data breaches 98

Data breaches Accountability Passwords Phishing 98

Security Affairs

AUGUST 28, 2023

A security researcher demonstrated how to discover a target’s IP address by sending a link over the Skype mobile app. The security researcher Yossi discovered that is possible to discover a target’s IP address by sending a link over the Skype mobile app. The researcher pointed out that the attack only requires the target to open the message. The problem only impacts the Skype mobile app.

Mobile 123

Mobile Media VPN Risk 123

eSecurity Planet

AUGUST 28, 2023

Older unpatched vulnerabilities make hackers’ work easier: They can keep running tried-and-true exploits and just look for new victims. Unfortunately, the theme for this week is returning vulnerabilities, or ones that haven’t been excised quite yet. Some exploits and weaknesses have had fixes for months or longer, yet they keep showing up in the news, indicating that either they haven’t been patched properly or the patches haven’t worked.

VPN 98

VPN Authentication Mobile Firewall 98

Security Affairs

AUGUST 28, 2023

Researchers spotted an updated version of the KmsdBot botnet that is now targeting Internet of Things (IoT) devices. The Akamai Security Intelligence Response Team (SIRT) discovered a new version of the KmsdBot botnet that employed an updated Kmsdx binary targeting Internet of Things (IoT) devices. KmsdBot is an evasive Golang-based malware that was first detected by Akamai in November 2022, it infects systems via an SSH connection that uses weak login credentials.

IoT 94

IoT DDOS Architecture Internet 94

The Hacker News

AUGUST 28, 2023

Microsoft is warning of an increase in adversary-in-the-middle (AiTM) phishing techniques, which are being propagated as part of the phishing-as-a-service (PhaaS) cybercrime model. In addition to an uptick in AiTM-capable PhaaS platforms, the tech giant noted that existing phishing services like PerSwaysion are incorporating AiTM capabilities.

Phishing 92

Phishing Cybercrime 92

Security Affairs

AUGUST 28, 2023

Researchers published a PoC exploit code for Juniper SRX firewall flaws that can be chained to gain RCE in Juniper’s JunOS. watchTowr Labs security researchers published a proof-of-concept exploit (PoC) exploit code for vulnerabilities in Juniper SRX firewalls. An unauthenticated attacker can chain the vulnerabilities to gain remote code execution in Juniper JunOS on vulnerable devices.

Firewall 93

Firewall Authentication Hacking Information Security 93

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Trend Micro

AUGUST 28, 2023

The Trend Micro Mobile Application Reputation Service (MARS) team discovered a new, fully undetected Android banking trojan, dubbed MMRat, that has been targeting mobile users in Southeast Asia since late June 2023.

Banking 91

Banking Mobile Malware 91

Security Affairs

AUGUST 28, 2023

The Rhysida ransomware group claimed to have hacked Prospect Medical Holdings and sensitive information from the company. In early August, a cyberattack disrupted the computer systems of multiple hospitals operated by Prospect Medical Holdings , which are located in multiple states, including California, Texas, Connecticut, Rhode Island, and Pennsylvania.

Hacking 92

Hacking Ransomware Cybersecurity Information Security 92

The Hacker News

AUGUST 28, 2023

Cyber attacks on e-commerce applications are a common trend in 2023 as e-commerce businesses become more omnichannel, they build and deploy increasingly more API interfaces, with threat actors constantly exploring more ways to exploit vulnerabilities.

Cyber Attacks 90

Cyber Attacks 90

Security Affairs

AUGUST 28, 2023

The recent wave of MOVEit attacks conducted by the Cl0p ransomware gang impacted 1,000 organizations, experts say. Cybersecurity firm Emsisoft shared disconcerting details about the recent, massive hacking campaign conducted by the Cl0p ransomware group that targeted the MOVEit Transfer file transfer platform designed by Progress Software Corporation.

Insurance 90

Insurance Data breaches Education Ransomware 90

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity

Malwarebytes

AUGUST 28, 2023

The Cisco Product Security Incident Response Team (PSIRT) has posted a blog about Akira ransomware targeting VPNs without Multi-Factor Authentication (MFA). The Cisco team states that it is aware of reports of the Akira ransomware group going specifically after Cisco VPNs that are not configured for MFA. And they have observed instances where cybercriminals appear to be targeting organizations that do not configure MFA for their VPN users.

Ransomware 87

Ransomware VPN Passwords Backups 87

The Hacker News

AUGUST 28, 2023

In yet another sign that developers continue to be targets of software supply chain attacks, a number of malicious packages have been discovered on the Rust programming language's crate registry. The libraries, uploaded between August 14 and 16, 2023, were published by a user named "amaperf," Phylum said in a report published last week.

Software 87

Software 87

Malwarebytes

AUGUST 28, 2023

Google has announced the strengthening of safeguard measures for its Workspace customers. You may well be using Workspace without realising it. If you’re using a Google product such as Gmail, Calendar, Drive, or Google Docs Editors Suite (among other apps), then congratulations: you are fully inside the Workspace ecosystem. Late last year, changes were made to try and catch out an attacker rifling through Google accounts and attempting to access certain critical settings or functionality.

Accountability 85

Accountability Passwords Backups Authentication 85

eSecurity Planet

AUGUST 28, 2023

Older unpatched vulnerabilities make hackers’ work easier: They can keep running tried-and-true exploits and just look for new victims. Unfortunately, the theme for this week is returning vulnerabilities, or ones that haven’t been excised quite yet. Some exploits and weaknesses have had fixes for months or longer, yet they keep showing up in the news, indicating that either they haven’t been patched properly or the patches haven’t worked.

VPN 93

VPN Authentication Mobile Firewall 93

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

The Hacker News

AUGUST 28, 2023

Cybersecurity researchers have discovered a case of privilege escalation associated with a Microsoft Entra ID (formerly Azure Active Directory) application by taking advantage of an abandoned reply URL.

Cybersecurity 84

Cybersecurity 84

SecureBlitz

AUGUST 28, 2023

Nearshore software development has become a well-liked outsourcing option in recent years for companies looking to improve their software development capabilities while remaining close to their home nation. Due to its thriving tech sector and skilled labor pool, Mexico has become a favored choice for nearshore software development. This book attempts to offer useful insights […] The post The Essential Guide to Nearshore Software Development in Mexico appeared first on SecureBlitz Cybersecu

Software 80

Software Cybersecurity 80

SecureWorld News

AUGUST 28, 2023

Two individuals associated with the notorious Lapsus$ cybercriminal gang have been convicted for their involvement in a string of high-profile hacking incidents, according to the BBC. These arrests have finally shed some much-needed light on the nefarious activities of this group that had sent shockwaves through the technology industry, leaving even the most well-defended organizations vulnerable and concerned.

Cybercrime 80

Cybercrime Social Engineering Telecommunications Hacking 80

Dark Reading

AUGUST 28, 2023

With bad guys frequently upping their game, security can't leave these protections to a once-a-year upgrade.

95

95

Advertisement

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

Identity Theft

SecureWorld News

AUGUST 28, 2023

In May 2023, a phishing campaign was launched that targeted a major U.S. energy company, as well as organizations in other industries, such as finance, insurance, manufacturing, and technology. The campaign used malicious QR codes embedded in PNG image attachments or redirect links associated with Microsoft Bing and well-known business applications, such as Salesforce and CloudFlare's Web3 services.

Phishing 72

Phishing Scams Mobile Media 72

Dark Reading

AUGUST 28, 2023

TD Ameritrade, Charles Schwab named in new class action data breach lawsuit, following last week's filing against Prudential.

Data breaches 84

Data breaches 84

Malwarebytes

AUGUST 28, 2023

An organisation that provides home delivery meals has revealed that around 1.2 million people's personal data may be at risk, after the company suffered a ransomware attack earlier in the year. PurFoods, which offers up a service called Mom’s Meals, helps to provide meals for folks in a variety of different personal situations. From its site: We work with over 500 health plans, managed care organisations, governments, and agencies to provide access to meals for people covered under Medicar

Data breaches 69

Data breaches Ransomware Identity Theft Backups 69

Dark Reading

AUGUST 28, 2023

Imposing government-regulated security requirements on software companies may go too far and create unintended consequences.

Software 82

Software Government 82

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

Cybersecurity

SecureBlitz

AUGUST 28, 2023

Here, I will talk about the rise of smishing and how businesses can protect themselves from SMS phishing attacks The prevalent use of mobile devices for business purposes has opened a host of opportunities for cybercriminals to exploit. It is a problem that has expanded hugely in recent times, with the shift to remote working […] The post The Rise of Smishing: How Businesses Can Protect Themselves from SMS Phishing Attacks appeared first on SecureBlitz Cybersecurity.

Phishing 60

Phishing Mobile Cybersecurity 60

Dark Reading

AUGUST 28, 2023

Hackers hit a third-party contractor's IT systems, but they didn't steal any addresses or financial details, officials say.

Data breaches 78

Data breaches 78

We Live Security

AUGUST 28, 2023

The compromise of the 3CX communication software made history as the first-ever publicly documented incident of one supply-chain attack leading to another. Data from ESET telemetry suggest that there were hundreds of malicious 3CX applications used by clients.

Hacking 52

Hacking Software 52

Dark Reading

AUGUST 28, 2023

MSI and Microsoft warn about new Windows Preview blue screens on some motherboards, the latest mishap to raise questions over the reliability of hardware and firmware.

Firmware 93

Firmware 93

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.