Anton on Security

SEPTEMBER 28, 2023

This blog series was written jointly with Amine Besson, Principal Cyber Engineer, Behemoth CyberDefence and one more anonymous collaborator. In this blog (#3 in the series), we will start to define and refine our detection engineering machinery to avoid the problems covered in Parts 1 and 2. Detection Engineering is Painful — and It Shouldn’t Be (Part 1) Detection Engineering and SOC Scalability Challenges (Part 2) Adopting detection engineering practices should have a roadmap and eventually bec

Engineering 246

Engineering Education Government Threat Detection 246

Tech Republic Security

SEPTEMBER 28, 2023

Learn how to implement a Zero Trust security model with our comprehensive guide. Discover the best practices and steps to secure your organization.

Software 193

Software 193

Trend Micro

SEPTEMBER 28, 2023

We observed and tracked the advanced persistent threat (APT) APT34 group with a new malware variant accompanying a phishing attack comparatively similar to the SideTwist backdoor malware. Following the campaign, the group abused a fake license registration form of an African government agency to target a victim in Saudi Arabia.

Phishing 145

Phishing Malware Government Cyber threats 145

Tech Republic Security

SEPTEMBER 28, 2023

Is NordVPN worth it? How much does it cost and is it safe to use? Read our NordVPN review to learn about pricing, features, security, and more.

Security Performance 174

Security Performance VPN 174

Speaker: Erroll Amacker

Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.

Risk

The Hacker News

SEPTEMBER 28, 2023

Cisco is warning of attempted exploitation of a security flaw in its IOS Software and IOS XE Software that could permit an authenticated remote attacker to achieve remote code execution on affected systems. The medium-severity vulnerability is tracked as CVE-2023-20109, and has a CVSS score of 6.6. It impacts all versions of the software that have the GDOI or G-IKEv2 protocol enabled.

Software 143

Software Authentication 143

Graham Cluley

SEPTEMBER 28, 2023

Johnson Controls, a multinational conglomerate that secures industrial control systems, security equipment, fire safety and air conditioning systems, has been hit by a massive cyber attack. Read more in my article on the Hot for Security blog.

Cyber Attacks 140

Cyber Attacks Ransomware Malware 140

Security Affairs

SEPTEMBER 28, 2023

Johnson Controls International suffered a ransomware attack that impacted the operations of the company and its subsidiaries. Johnson Controls International plc is a multinational conglomerate with a diversified portfolio of products and services primarily focused on building technologies and solutions. The company provides HVAC (heating, ventilation, and air conditioning), solutions for building automation, fire and security systems, and components for energy management.

Ransomware 139

Ransomware Insurance Technology Malware 139

The Hacker News

SEPTEMBER 28, 2023

A new deceptive campaign has been observed hijacking GitHub accounts and committing malicious code disguised as Dependabot contributions with an aim to steal passwords from developers.

Passwords 141

Passwords Accountability Malware 141

Bleeping Computer

SEPTEMBER 28, 2023

Cisco warned customers on Wednesday to patch a zero-day IOS and IOS XE software vulnerability targeted by attackers in the wild. [.

Software 137

Software 137

The Hacker News

SEPTEMBER 28, 2023

Progress Software has released hotfixes for a critical security vulnerability, alongside seven other flaws, in the WS_FTP Server Ad hoc Transfer Module and in the WS_FTP Server manager interface. Tracked as CVE-2023-40044, the flaw has a CVSS score of 10.0, indicating maximum severity. All versions of the software are impacted by the flaw. "In WS_FTP Server versions prior to 8.7.4 and 8.8.

Software 141

Software 141

Advertisement

Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.

Cyber threats

Security Affairs

SEPTEMBER 28, 2023

US CISA added the flaw CVE-2018-14667 in Red Hat JBoss RichFaces Framework to its Known Exploited Vulnerabilities catalog. US Cybersecurity and Infrastructure Security Agency (CISA) added the critical flaw CVE-2018-14667 (CVSS score 9.8) affecting Red Hat JBoss RichFaces Framework to its Known Exploited Vulnerabilities Catalog. The issue is an Expression Language (EL) injection via the UserResource resource, it affects RichFaces Framework 3.X through 3.3.4.

Hacking 137

Hacking Risk Cybersecurity Information Security 137

SecureList

SEPTEMBER 28, 2023

Introduction As long as cybercriminals want to make money, they’ll keep making malware, and as long as they keep making malware, we’ll keep analyzing it, publishing reports and providing protection. Last month we covered a wide range of cybercrime topics. For example, we published a private report on a new malware found on underground forums that we call ASMCrypt (related to the DoubleFinger loader ).

Banking 135

Banking Malware Cybercrime Encryption 135

Security Affairs

SEPTEMBER 28, 2023

Cisco released security updates for an actively exploited zero-day flaw (CVE-2023-20109) that resides in the GET VPN feature of IOS and IOS XE software. Cisco warned customers to install security updates to address an actively exploited zero-day vulnerability, tracked as CVE-2023-20109 (CVS 6.6), that resides in IOS and IOS XE software. The vulnerability resides in the Group Encrypted Transport VPN (GET VPN) feature of IOS and IOS XE.

VPN 137

VPN Software Encryption Authentication 137

IT Security Guru

SEPTEMBER 28, 2023

The landscape of ransomware has undergone rapid evolution, shifting from a relatively straightforward form of malicious software primarily affecting individual computer users, to a menacing enterprise-level threat that has inflicted substantial harm on various industries and government institutions. Ransomware attacks are strategically designed to either encrypt or delete critical data and system files, compelling organisations to meet the attackers’ financial demands.

Ransomware 134

Ransomware Encryption Backups Social Engineering 134

Advertisement

The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.

Cybersecurity

Security Affairs

SEPTEMBER 28, 2023

Google released security updates to address a new actively exploited zero-day vulnerability, tracked as CVE-2023-5217, in the Chrome browser. Google on Wednesday released security updates to address a new actively exploited zero-day flaw in the Chrome browser which is tracked as CVE-2023-5217. The CVE-2023-5217 is a high-severity heap buffer overflow that affects vp8 encoding in libvpx.

Surveillance 135

Surveillance Spyware Passwords Hacking 135

Bleeping Computer

SEPTEMBER 28, 2023

Malicious advertisements are now being injected into Microsoft's AI-powered Bing Chat responses, promoting fake download sites that distribute malware.

Malware 133

Malware Advertising 133

The Hacker News

SEPTEMBER 28, 2023

The landscape of browser security has undergone significant changes over the past decade. While Browser Isolation was once considered the gold standard for protecting against browser exploits and malware downloads, it has become increasingly inadequate and insecure in today's SaaS-centric world.

Technology 132

Technology Malware 132

Dark Reading

SEPTEMBER 28, 2023

CISA announces it will furlough more than 80% of staff indefinitely if Congress can't reach an agreement to fund the federal government.

Government 127

Government Cybersecurity 127

Speaker: Sierre Lindgren

Fraud is a battle that every organization must face – it’s no longer a question of “if” but “when.” Every organization is a potential target for fraud, and the finance department is often the bullseye. From cleverly disguised emails to fraudulent payment requests, the tactics of cybercriminals are advancing rapidly. Drawing insights from real-world cases and industry expertise, we’ll explore the vulnerabilities in your processes and how to fortify them effectively.

Scams

The Hacker News

SEPTEMBER 28, 2023

Government and telecom entities have been subjected to a new wave of attacks by a China-linked threat actor tracked as Budworm using an updated malware toolset.

Government 126

Government Telecommunications Malware 126

Bleeping Computer

SEPTEMBER 28, 2023

Progress, the maker of the MOVEit Transfer file-sharing platform recently exploited in widespread data theft attacks, warned customers to patch a maximum severity vulnerability in its WS_FTP Server software. [.

Software 121

Software 121

Dark Reading

SEPTEMBER 28, 2023

So far this year, Google has disclosed six vulnerabilities that attackers were actively exploiting before the company had a patch for them.

119

119

WIRED Threat Level

SEPTEMBER 28, 2023

A civil liberties group has asked the DOJ to investigate deployment of the ShotSpotter gunfire-detection system, which research shows is often installed in predominantly Black neighborhoods.

117

117

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

Dark Reading

SEPTEMBER 28, 2023

The networking giant discloses new vulnerabilities the same day as warnings get issued that Cisco gear has been targeted in a Chinese APT attack.

116

116

Bleeping Computer

SEPTEMBER 28, 2023

The FBI has warned about a new trend in ransomware attacks where multiple strains are deployed on victims' networks to encrypt systems in under two days. [.

Ransomware 115

Ransomware Encryption 115

Security Boulevard

SEPTEMBER 28, 2023

Meta, Google, and giant tax preparer H&R Block are being accused of conspiring to illegally use spyware from the tech giants to collect and share tax return information from hundreds of taxpayers that could be used to generate targeted online ads. The three companies – along with Google parent Alphabet – are the targets of. The post Lawsuit Filed Against Google, Meta, H&R Block for Sharing Taxpayer Data appeared first on Security Boulevard.

Spyware 115

Spyware Data privacy Cybersecurity 115

Dark Reading

SEPTEMBER 28, 2023

The company filed with the SEC and is assessing its operations and financial damages.

115

115

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

Security Boulevard

SEPTEMBER 28, 2023

libwebp exploit timeline CVE-2023-41064; CVE-2023-4863; CVE-2023-5129 On September 7th 2023, researchers at Citizen Lab reported a zero-click exploit that was actively used by NSOs to infect iOS devices with the Pegasus malware – this was disclosed as CVE-2023-41064. A zero-click exploit means that a user is not required to click anything or take any […] The post What You Need to Know About the libwebp Exploit appeared first on OX Security.

Malware 115

Malware 115

Dark Reading

SEPTEMBER 28, 2023

Many organizations are not prepared to respond to all the constituencies that come knocking after a breach or ransomware incident.

Cybersecurity 114

Cybersecurity Ransomware 114

Bleeping Computer

SEPTEMBER 28, 2023

Cisco is warning of five new Catalyst SD-WAN Manager products vulnerabilities with the most critical allowing unauthenticated remote access to the server. [.

113

113

SecureWorld News

SEPTEMBER 28, 2023

Twenty years ago, in the shadow of 9/11, the newly-formed Department of Homeland Security, the White House, the FTC, and some committed individuals from companies like Microsoft, Cisco, AOL, Amazon, and others realized that consumer education was necessary to teach the public how to use technology safely. With that public-private partnership at its core, the new nonprofit National Cybersecurity Alliance (NCA) started the first Cybersecurity Awareness Month.

Cybersecurity 112

Cybersecurity Passwords Password Management Security Awareness 112

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!