Thu.Apr 13, 2023

article thumbnail

Bypassing a Theft Threat Model

Schneier on Security

Thieves cut through the wall of a coffee shop to get to an Apple store, bypassing the alarms in the process. I wrote about this kind of thing in 2000, in Secrets and Lies (page 318): My favorite example is a band of California art thieves that would break into people’s houses by cutting a hole in their walls with a chainsaw. The attacker completely bypassed the threat model of the defender.

275
275
article thumbnail

Google Cybersecurity Action Team Threat Horizons Report #6 Is Out!

Anton on Security

This is my completely informal, uncertified, unreviewed and otherwise completely unofficial blog inspired by my reading of our sixth Threat Horizons Report ( full version ) that we just released ( the official blog for #1 report , my unofficial blogs for #2 , #3 , #4 and #5 ). My favorite quotes from the report follow below: “Our research has shown that the most common vector used to compromise any network, including cloud instances is to take over an account’s credentials directly : either bec

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Google Play threats on the dark web are big business

Tech Republic Security

Android infections are also prevalent on the dark web, according to Kaspersky. Learn how to keep your workforce safe from these mobile and BYOD security threats. The post Google Play threats on the dark web are big business appeared first on TechRepublic.

Mobile 200
article thumbnail

How to Define Tier-Zero Assets in Active Directory Security

Dark Reading

There are plenty of AD objects and groups that should be considered tier zero in every environment, but some will vary among organizations.

143
143
article thumbnail

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

Speaker: Erroll Amacker

Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.

article thumbnail

The Hacking of ChatGPT Is Just Getting Started

WIRED Threat Level

Security researchers are jailbreaking large language models to get around safety rules. Things could get much worse.

Hacking 140
article thumbnail

Pentagon leak suspect Jack Teixeira arrested at gunpoint

Graham Cluley

The US Department of Justice has arrested a member of the US Air Force National Guard in connection with a high profile leak of classified Pentagon documents. Here are my thoughts.

LifeWorks

More Trending

article thumbnail

Why the US Needs Quantum-Safe Cryptography Deployed Now

Dark Reading

Quantum computers might be a decade away, but guess how long it will take to switch systems over to post-quantum cryptography?

131
131
article thumbnail

Uncommon infection methods—part 2

SecureList

Introduction Although ransomware is still a hot topic on which we will keep on publishing, we also investigate and publish about other threats. Recently we explored the topic of infection methods, including malvertising and malicious downloads. In this blog post, we provide excerpts from the recent reports that focus on uncommon infection methods and describe the associated malware.

Malware 130
article thumbnail

Post-Quantum Cryptography (PQC): Three Easy Ways to Prepare

Thales Cloud Protection & Licensing

Post-Quantum Cryptography (PQC): Three Easy Ways to Prepare madhav Fri, 04/14/2023 - 06:05 The infamous Y2K “disaster” was successfully averted because people paid heed and prepared well in advance. Likewise, many Post-Quantum Computing (PCQ) security concerns can be addressed ahead of time with proper planning. Organizations that rely on data security and protection need to start preparing and refining strategies immediately.

IoT 127
article thumbnail

Russian cyberspies hit NATO and EU organizations with new malware toolset

CSO Magazine

The Polish government warns that a cyberespionage group linked to Russia's intelligence services is targeting diplomatic and foreign ministries from NATO and EU member states in an ongoing campaign that uses previously undocumented malware payloads. The group, known in the security industry as APT29, Cozy Bear, and NOBELIUM, is believed to be part of Russia's Foreign Intelligence Service (SVR) and is the group behind the 2020 supply chain attack against software company SolarWinds that led to th

Malware 126
article thumbnail

Why Giant Content Libraries Do Nothing for Your Employees’ Cyber Resilience

Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.

article thumbnail

How UPX Compression Is Used to Evade Detection Tools

eSecurity Planet

Ultimate Packer for Executables (UPX) is an open-source packer that can reduce the file size of an executable drastically (better than Zip files), and it is compatible with a large range of executable formats, like Windows DLLs, macOS apps, or Linux ELF. Vendors sometimes use packing to prevent basic reverse engineering or illegal redistribution. Packers basically take the original executable and add a small piece of code called a “stub” to the newly created executable.

Antivirus 120
article thumbnail

Oracle Adds Free Confidential Computing Option to Cloud Service

Security Boulevard

Oracle today added a confidential computing capability to its Oracle Cloud Infrastructure service at no extra cost. The service is based on AMD Secure Encrypted Virtualization (SEV) or AMD Secure Memory Encryption (SME) processors. Confidential computing promises to take encryption to the next level by securing data while it is loaded in memory, not just.

article thumbnail

What Are the Security Implications of AI Coding?

Veracode Security

AI coding is here, and it’s transforming the way we create software. The use of AI in coding is actively revolutionizing the industry and increasing developer productivity by 55%. However, just because we can use AI in coding doesn't mean we should adopt it blindly without considering the potential risks and unintended consequences. It’s worth taking a moment to consider: what are the security implications of AI-assisted coding, and what role should AI play in how we both create and secure our s

Software 115
article thumbnail

Money Ransomware Group Enters Double-Extortion Fray

Dark Reading

Ransomware group uses API calls to spread throughout shared network resources, researchers say.

article thumbnail

Zero Trust Mandate: The Realities, Requirements and Roadmap

The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.

article thumbnail

Microsoft: Windows LAPS is incompatible with legacy policies

Bleeping Computer

Microsoft is investigating an interoperability bug between the recently added Windows Local Administrator Password Solution (LAPS) feature and legacy LAPS policies. [.

Passwords 113
article thumbnail

New Mirai Variant Employs Uncommon Tactics to Distribute Malware

Dark Reading

RapperBot's initial infection tactic is one example of the different methods attackers are using to distribute malware.

Malware 112
article thumbnail

AppSec Decoded: Creating a system model in threat modeling

Security Boulevard

Learn how a system model helps guide the discussion and present results in threat modeling. The post AppSec Decoded: Creating a system model in threat modeling appeared first on Security Boulevard.

Risk 111
article thumbnail

Over 12k Indian Govt websites disrupted due to cyber-attack from Indonesia

CyberSecurity Insiders

Cyber attacks on public websites have become an increasing concern for governments across the world, and this article is related to one such news. An Indonesian hackers’ group claimed on the dark web that they are responsible for cyber attacks launched on over 12,000 Indian websites, and more will follow in the coming days. After suspicion pointed towards Anonymous Sudan, the Indian Cyber Crime Coordination Centre, in coordination with the Ministry of Home Affairs, disclosed that the culpr

article thumbnail

Next-Level Fraud Prevention: Strategies for Today’s Threat Landscape

Speaker: Sierre Lindgren

Fraud is a battle that every organization must face – it’s no longer a question of “if” but “when.” Every organization is a potential target for fraud, and the finance department is often the bullseye. From cleverly disguised emails to fraudulent payment requests, the tactics of cybercriminals are advancing rapidly. Drawing insights from real-world cases and industry expertise, we’ll explore the vulnerabilities in your processes and how to fortify them effectively.

article thumbnail

Why Data Protection is Critical to the New U.S. Cybersecurity Strategy

Security Boulevard

While the threat landscape moves at a sometimes dizzying speed, there are some parts of the cyber-sphere which have been ossified for decades. One is the relative agility of threat actors versus those tasked with defending networks and tackling cybercrime. Another is the apparent inefficacy of market forces at improving baseline security. These have been persistent challenges for many years.

article thumbnail

Windows Admins Warned About a Critical MSMQ QueueJumper Vulnerability

Heimadal Security

Security researchers and experts warn Windows admins about a critical vulnerability discovered in the Windows Message Queuing (MSMQ) middleware service, that can expose hundreds of thousands of systems to attacks. The vulnerability has been patched by Microsoft in this month’s Patch Tuesday release and admins are encouraged to patch it immediately. MSMQ is an optional […] The post Windows Admins Warned About a Critical MSMQ QueueJumper Vulnerability appeared first on Heimdal Security Blog.

article thumbnail

Google Cybersecurity Action Team Threat Horizons Report #6 Is Out!

Security Boulevard

This is my completely informal, uncertified, unreviewed and otherwise completely unofficial blog inspired by my reading of our sixth Threat Horizons Report ( full version ) that we just released ( the official blog for #1 report , my unofficial blogs for #2 , #3 , #4 and #5 ). My favorite quotes from the report follow below: “Our research has shown that the most common vector used to compromise any network, including cloud instances is to take over an account’s credentials directly : either bec

article thumbnail

Legion: New hacktool steals credentials from misconfigured sites

Bleeping Computer

A new Python-based credential harvester and SMTP hijacking tool named 'Legion' is being sold on Telegram, allowing cybercriminals to automate attacks against online email services. [.

104
104
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

What pen testing can tell you about the health of your SDLC

Security Boulevard

Tailored use of pen testing can provide critical support and insights for gauging the health of your SDLC. The post What pen testing can tell you about the health of your SDLC appeared first on Security Boulevard.

article thumbnail

S3 Ep130: Open the garage bay doors, HAL [Audio + Text]

Naked Security

I'm sorry, Dave. I'm afraid I can't. errr, no, hang on a minute, I can do that easily! Worldwide! Right now!

IoT 104
article thumbnail

Microsoft: Phishing attack targets accountants as Tax Day approaches

Bleeping Computer

Microsoft is warning of a phishing campaign targeting accounting firms and tax preparers with remote access malware allowing initial access to corporate networks. [.

Phishing 104
article thumbnail

RTM Locker: Emerging Cybercrime Group Targeting Businesses with Ransomware

The Hacker News

Cybersecurity researchers have detailed the tactics of a "rising" cybercriminal gang called "Read The Manual" (RTM) Locker that functions as a private ransomware-as-a-service (RaaS) provider and carries out opportunistic attacks to generate illicit profit.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Dutch Police mails RaidForums members to warn they’re being watched

Bleeping Computer

Dutch Police is sending emails to former RaidForums members, asking them to delete stolen data and stop illegal cyber activities and warning that they are not anonymous. [.

102
102
article thumbnail

WhatsApp Introduces New Device Verification Feature to Prevent Account Takeover Attacks

The Hacker News

Popular instant messaging app WhatsApp on Thursday announced a new account verification feature that ensures that malware running on a user's mobile device doesn't impact their account.

article thumbnail

Microsoft patches vulnerability used in Nokoyawa ransomware attacks

CSO Magazine

Microsoft has released a patch for a Windows zero day vulnerability that has been exploited by cybercriminals in ransomware attacks. The vulnerability identified as CVE-2023-28252 is a privilege escalation flaw affecting the Windows Common Log File System (CLFS) driver. CLFS is a general purpose logging service that can be used by dedicated client applications and that multiple clients can share to optimize log access.

article thumbnail

Google Launches New Cybersecurity Initiatives to Strengthen Vulnerability Management

The Hacker News

Google on Thursday outlined a set of initiatives aimed at improving the vulnerability management ecosystem and establishing greater transparency measures around exploitation. "While the notoriety of zero-day vulnerabilities typically makes headlines, risks remain even after they're known and fixed, which is the real story," the company said in an announcement.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!