Anton on Security

SEPTEMBER 28, 2023

This blog series was written jointly with Amine Besson, Principal Cyber Engineer, Behemoth CyberDefence and one more anonymous collaborator. In this blog (#3 in the series), we will start to define and refine our detection engineering machinery to avoid the problems covered in Parts 1 and 2. Detection Engineering is Painful — and It Shouldn’t Be (Part 1) Detection Engineering and SOC Scalability Challenges (Part 2) Adopting detection engineering practices should have a roadmap and eventually bec

Engineering 246

Engineering Education Government Threat Detection 246

Tech Republic Security

SEPTEMBER 28, 2023

Learn how to implement a Zero Trust security model with our comprehensive guide. Discover the best practices and steps to secure your organization.

Software 152

Software 152

Trend Micro

SEPTEMBER 28, 2023

We observed and tracked the advanced persistent threat (APT) APT34 group with a new malware variant accompanying a phishing attack comparatively similar to the SideTwist backdoor malware. Following the campaign, the group abused a fake license registration form of an African government agency to target a victim in Saudi Arabia.

Phishing 144

Phishing Malware Government Cyber threats 144

Tech Republic Security

SEPTEMBER 28, 2023

Is NordVPN worth it? How much does it cost and is it safe to use? Read our NordVPN review to learn about pricing, features, security, and more.

Security Performance 148

Security Performance VPN 148

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Graham Cluley

SEPTEMBER 28, 2023

Johnson Controls, a multinational conglomerate that secures industrial control systems, security equipment, fire safety and air conditioning systems, has been hit by a massive cyber attack. Read more in my article on the Hot for Security blog.

Cyber Attacks 136

Cyber Attacks Ransomware Malware 136

Bleeping Computer

SEPTEMBER 28, 2023

Malicious advertisements are now being injected into Microsoft's AI-powered Bing Chat responses, promoting fake download sites that distribute malware.

Malware 139

Malware Advertising 139

Bleeping Computer

SEPTEMBER 28, 2023

Progress, the maker of the MOVEit Transfer file-sharing platform recently exploited in widespread data theft attacks, warned customers to patch a maximum severity vulnerability in its WS_FTP Server software. [.

Software 126

Software 126

Security Affairs

SEPTEMBER 28, 2023

Johnson Controls International suffered a ransomware attack that impacted the operations of the company and its subsidiaries. Johnson Controls International plc is a multinational conglomerate with a diversified portfolio of products and services primarily focused on building technologies and solutions. The company provides HVAC (heating, ventilation, and air conditioning), solutions for building automation, fire and security systems, and components for energy management.

Ransomware 119

Ransomware Insurance Technology Encryption 119

Bleeping Computer

SEPTEMBER 28, 2023

Cisco warned customers on Wednesday to patch a zero-day IOS and IOS XE software vulnerability targeted by attackers in the wild. [.

Software 140

Software 140

The Hacker News

SEPTEMBER 28, 2023

Cybersecurity agencies from Japan and the U.S. have warned of attacks mounted by a state-backed hacking group from China to stealthily tamper with branch routers and use them as jumping-off points to access the networks of various companies in the two countries. The attacks have been tied to a malicious cyber actor dubbed BlackTech by the U.S.

Hacking 115

Hacking Cybersecurity 115

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Bleeping Computer

SEPTEMBER 28, 2023

The FBI has warned about a new trend in ransomware attacks where multiple strains are deployed on victims' networks to encrypt systems in under two days. [.

Ransomware 126

Ransomware Encryption 126

Security Affairs

SEPTEMBER 28, 2023

Google released security updates to address a new actively exploited zero-day vulnerability, tracked as CVE-2023-5217, in the Chrome browser. Google on Wednesday released security updates to address a new actively exploited zero-day flaw in the Chrome browser which is tracked as CVE-2023-5217. The CVE-2023-5217 is a high-severity heap buffer overflow that affects vp8 encoding in libvpx.

Surveillance 115

Surveillance Spyware Passwords Hacking 115

Bleeping Computer

SEPTEMBER 28, 2023

Cisco is warning of five new Catalyst SD-WAN Manager products vulnerabilities with the most critical allowing unauthenticated remote access to the server. [.

122

122

The Hacker News

SEPTEMBER 28, 2023

A new deceptive campaign has been observed hijacking GitHub accounts and committing malicious code disguised as Dependabot contributions with an aim to steal passwords from developers.

Passwords 114

Passwords Accountability Malware 114

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity

Security Boulevard

SEPTEMBER 28, 2023

Meta, Google, and giant tax preparer H&R Block are being accused of conspiring to illegally use spyware from the tech giants to collect and share tax return information from hundreds of taxpayers that could be used to generate targeted online ads. The three companies – along with Google parent Alphabet – are the targets of. The post Lawsuit Filed Against Google, Meta, H&R Block for Sharing Taxpayer Data appeared first on Security Boulevard.

Spyware 113

Spyware Data privacy Cybersecurity 113

The Hacker News

SEPTEMBER 28, 2023

Progress Software has released hotfixes for a critical security vulnerability, alongside seven other flaws, in the WS_FTP Server Ad hoc Transfer Module and in the WS_FTP Server manager interface. Tracked as CVE-2023-40044, the flaw has a CVSS score of 10.0, indicating maximum severity. All versions of the software are impacted by the flaw. "In WS_FTP Server versions prior to 8.7.4 and 8.8.

Software 113

Software 113

Security Boulevard

SEPTEMBER 28, 2023

libwebp exploit timeline CVE-2023-41064; CVE-2023-4863; CVE-2023-5129 On September 7th 2023, researchers at Citizen Lab reported a zero-click exploit that was actively used by NSOs to infect iOS devices with the Pegasus malware – this was disclosed as CVE-2023-41064. A zero-click exploit means that a user is not required to click anything or take any […] The post What You Need to Know About the libwebp Exploit appeared first on OX Security.

Malware 113

Malware 113

Security Affairs

SEPTEMBER 28, 2023

US CISA added the flaw CVE-2018-14667 in Red Hat JBoss RichFaces Framework to its Known Exploited Vulnerabilities catalog. US Cybersecurity and Infrastructure Security Agency (CISA) added the critical flaw CVE-2018-14667 (CVSS score 9.8) affecting Red Hat JBoss RichFaces Framework to its Known Exploited Vulnerabilities Catalog. The issue is an Expression Language (EL) injection via the UserResource resource, it affects RichFaces Framework 3.X through 3.3.4.

Hacking 113

Hacking Risk Cybersecurity Information Security 113

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

Dark Reading

SEPTEMBER 28, 2023

CISA announces it will furlough more than 80% of staff indefinitely if Congress can't reach an agreement to fund the federal government.

Government 127

Government Cybersecurity 127

Security Affairs

SEPTEMBER 28, 2023

Cisco released security updates for an actively exploited zero-day flaw (CVE-2023-20109) that resides in the GET VPN feature of IOS and IOS XE software. Cisco warned customers to install security updates to address an actively exploited zero-day vulnerability, tracked as CVE-2023-20109 (CVS 6.6), that resides in IOS and IOS XE software. The vulnerability resides in the Group Encrypted Transport VPN (GET VPN) feature of IOS and IOS XE.

VPN 112

VPN Software Encryption Authentication 112

Bleeping Computer

SEPTEMBER 28, 2023

Chinese hackers stole tens of thousands of emails from U.S. State Department accounts after breaching Microsoft's cloud-based Exchange email platform in May. [.

Accountability 116

Accountability Government 116

WIRED Threat Level

SEPTEMBER 28, 2023

A civil liberties group has asked the DOJ to investigate deployment of the ShotSpotter gunfire-detection system, which research shows is often installed in predominantly Black neighborhoods.

106

106

Advertisement

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

Identity Theft

Dark Reading

SEPTEMBER 28, 2023

So far this year, Google has disclosed six vulnerabilities that attackers were actively exploiting before the company had a patch for them.

119

119

Bleeping Computer

SEPTEMBER 28, 2023

Security researcher Sam Curry describes a stressful situation he encountered upon his return to the U.S. when border officials and federal agents seized and searched his electronic devices. Curry was further served with a 'Grand Jury' subpoena that demanded him to appear in court for testimony. [.

Scams 102

Scams 102

Dark Reading

SEPTEMBER 28, 2023

The networking giant discloses new vulnerabilities the same day as warnings get issued that Cisco gear has been targeted in a Chinese APT attack.

116

116

Bleeping Computer

SEPTEMBER 28, 2023

A Chinese cyber-espionage hacking group tracked as Budworm has been observed targeting a telecommunication firm in the Middle East and a government entity in Asia using a new variant of its custom 'SysUpdate' backdoor. [.

Telecommunications 102

Telecommunications Malware Government Hacking 102

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

Cybersecurity

The Hacker News

SEPTEMBER 28, 2023

The landscape of browser security has undergone significant changes over the past decade. While Browser Isolation was once considered the gold standard for protecting against browser exploits and malware downloads, it has become increasingly inadequate and insecure in today's SaaS-centric world.

Technology 99

Technology Malware 99

Dark Reading

SEPTEMBER 28, 2023

Many organizations are not prepared to respond to all the constituencies that come knocking after a breach or ransomware incident.

Cybersecurity 114

Cybersecurity Ransomware 114

SecureList

SEPTEMBER 28, 2023

Introduction As long as cybercriminals want to make money, they’ll keep making malware, and as long as they keep making malware, we’ll keep analyzing it, publishing reports and providing protection. Last month we covered a wide range of cybercrime topics. For example, we published a private report on a new malware found on underground forums that we call ASMCrypt (related to the DoubleFinger loader ).

Banking 92

Banking Malware Cybercrime Encryption 92

Dark Reading

SEPTEMBER 28, 2023

Artificial intelligence and machine learning aren't yet delivering on their cybersecurity promises. How can we close the gaps?

Artificial Intelligence 105

Artificial Intelligence Cybersecurity 105

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.