Anton on Security

SEPTEMBER 28, 2023

This blog series was written jointly with Amine Besson, Principal Cyber Engineer, Behemoth CyberDefence and one more anonymous collaborator. In this blog (#3 in the series), we will start to define and refine our detection engineering machinery to avoid the problems covered in Parts 1 and 2. Detection Engineering is Painful — and It Shouldn’t Be (Part 1) Detection Engineering and SOC Scalability Challenges (Part 2) Adopting detection engineering practices should have a roadmap and eventually bec

Engineering 246

Engineering Threat Detection Government Risk 246

The Last Watchdog

SEPTEMBER 28, 2023

APIs. The glue of hyper connectivity; yet also the wellspring of risk. Related: The true scale of API breaches I had an enlightening discussion at Black Hat USA 2023 with Traceable.ai Chief Security Officer Richard Bird about how these snippets of code have dramatically expanded the attack surface in ways that have largely been overlooked. Please give the accompanying podcast a listen.

CSO 204

CSO Internet Internet Risk 204

Tech Republic Security

SEPTEMBER 28, 2023

Learn how to implement a Zero Trust security model with our comprehensive guide. Discover the best practices and steps to secure your organization.

Software 150

Software 150

Trend Micro

SEPTEMBER 28, 2023

We observed and tracked the advanced persistent threat (APT) APT34 group with a new malware variant accompanying a phishing attack comparatively similar to the SideTwist backdoor malware. Following the campaign, the group abused a fake license registration form of an African government agency to target a victim in Saudi Arabia.

Phishing 145

Phishing Malware Government Cyber threats 145

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

Tech Republic Security

SEPTEMBER 28, 2023

Is NordVPN worth it? How much does it cost and is it safe to use? Read our NordVPN review to learn about pricing, features, security, and more.

Security Performance 146

Security Performance VPN 146

Graham Cluley

SEPTEMBER 28, 2023

Johnson Controls, a multinational conglomerate that secures industrial control systems, security equipment, fire safety and air conditioning systems, has been hit by a massive cyber attack. Read more in my article on the Hot for Security blog.

Cyber Attacks 136

Cyber Attacks Ransomware Malware 136

The Hacker News

SEPTEMBER 28, 2023

Cisco is warning of attempted exploitation of a security flaw in its IOS Software and IOS XE Software that could permit an authenticated remote attacker to achieve remote code execution on affected systems. The medium-severity vulnerability is tracked as CVE-2023-20109, and has a CVSS score of 6.6. It impacts all versions of the software that have the GDOI or G-IKEv2 protocol enabled.

Software 125

Software Authentication 125

Bleeping Computer

SEPTEMBER 28, 2023

Progress, the maker of the MOVEit Transfer file-sharing platform recently exploited in widespread data theft attacks, warned customers to patch a maximum severity vulnerability in its WS_FTP Server software. [.

Software 129

Software 129

The Hacker News

SEPTEMBER 28, 2023

Cybersecurity agencies from Japan and the U.S. have warned of attacks mounted by a state-backed hacking group from China to stealthily tamper with branch routers and use them as jumping-off points to access the networks of various companies in the two countries. The attacks have been tied to a malicious cyber actor dubbed BlackTech by the U.S.

Hacking 119

Hacking Cybersecurity 119

Bleeping Computer

SEPTEMBER 28, 2023

Cisco warned customers on Wednesday to patch a zero-day IOS and IOS XE software vulnerability targeted by attackers in the wild. [.

Software 142

Software 142

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

Cybersecurity

The Hacker News

SEPTEMBER 28, 2023

A new deceptive campaign has been observed hijacking GitHub accounts and committing malicious code disguised as Dependabot contributions with an aim to steal passwords from developers.

Passwords 117

Passwords Malware Accountability 117

Bleeping Computer

SEPTEMBER 28, 2023

The FBI has warned about a new trend in ransomware attacks where multiple strains are deployed on victims' networks to encrypt systems in under two days. [.

Ransomware 128

Ransomware Encryption 128

The Hacker News

SEPTEMBER 28, 2023

Progress Software has released hotfixes for a critical security vulnerability, alongside seven other flaws, in the WS_FTP Server Ad hoc Transfer Module and in the WS_FTP Server manager interface. Tracked as CVE-2023-40044, the flaw has a CVSS score of 10.0, indicating maximum severity. All versions of the software are impacted by the flaw. "In WS_FTP Server versions prior to 8.7.4 and 8.8.

Software 116

Software 116

Bleeping Computer

SEPTEMBER 28, 2023

Cisco is warning of five new Catalyst SD-WAN Manager products vulnerabilities with the most critical allowing unauthenticated remote access to the server. [.

126

126

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.

Security Affairs

SEPTEMBER 28, 2023

Johnson Controls International suffered a ransomware attack that impacted the operations of the company and its subsidiaries. Johnson Controls International plc is a multinational conglomerate with a diversified portfolio of products and services primarily focused on building technologies and solutions. The company provides HVAC (heating, ventilation, and air conditioning), solutions for building automation, fire and security systems, and components for energy management.

Ransomware 116

Ransomware Malware Cybersecurity Hacking 116

Security Boulevard

SEPTEMBER 28, 2023

Meta, Google, and giant tax preparer H&R Block are being accused of conspiring to illegally use spyware from the tech giants to collect and share tax return information from hundreds of taxpayers that could be used to generate targeted online ads. The three companies – along with Google parent Alphabet – are the targets of. The post Lawsuit Filed Against Google, Meta, H&R Block for Sharing Taxpayer Data appeared first on Security Boulevard.

Spyware 113

Spyware Data privacy Cybersecurity 113

Bleeping Computer

SEPTEMBER 28, 2023

Chinese hackers stole tens of thousands of emails from U.S. State Department accounts after breaching Microsoft's cloud-based Exchange email platform in May. [.

Accountability 119

Accountability Government 119

Security Boulevard

SEPTEMBER 28, 2023

libwebp exploit timeline CVE-2023-41064; CVE-2023-4863; CVE-2023-5129 On September 7th 2023, researchers at Citizen Lab reported a zero-click exploit that was actively used by NSOs to infect iOS devices with the Pegasus malware – this was disclosed as CVE-2023-41064. A zero-click exploit means that a user is not required to click anything or take any […] The post What You Need to Know About the libwebp Exploit appeared first on OX Security.

Malware 113

Malware 113

Speaker: William Hord, Vice President of ERM Services

A well-defined change management process is critical to minimizing the impact that change has on your organization. Leveraging the data that your ERM program already contains is an effective way to help create and manage the overall change management process within your organization. Your ERM program generally assesses and maintains detailed information related to strategy, operations, and the remediation plans needed to mitigate the impact on the organization.

Risk

Dark Reading

SEPTEMBER 28, 2023

CISA announces it will furlough more than 80% of staff indefinitely if Congress can't reach an agreement to fund the federal government.

Government 127

Government Cybersecurity 127

Security Affairs

SEPTEMBER 28, 2023

Google released security updates to address a new actively exploited zero-day vulnerability, tracked as CVE-2023-5217, in the Chrome browser. Google on Wednesday released security updates to address a new actively exploited zero-day flaw in the Chrome browser which is tracked as CVE-2023-5217. The CVE-2023-5217 is a high-severity heap buffer overflow that affects vp8 encoding in libvpx.

Surveillance 112

Surveillance Spyware Hacking Passwords 112

Bleeping Computer

SEPTEMBER 28, 2023

Security researcher Sam Curry describes a stressful situation he encountered upon his return to the U.S. when border officials and federal agents seized and searched his electronic devices. Curry was further served with a 'Grand Jury' subpoena that demanded him to appear in court for testimony. [.

Scams 106

Scams 106

Security Affairs

SEPTEMBER 28, 2023

US CISA added the flaw CVE-2018-14667 in Red Hat JBoss RichFaces Framework to its Known Exploited Vulnerabilities catalog. US Cybersecurity and Infrastructure Security Agency (CISA) added the critical flaw CVE-2018-14667 (CVSS score 9.8) affecting Red Hat JBoss RichFaces Framework to its Known Exploited Vulnerabilities Catalog. The issue is an Expression Language (EL) injection via the UserResource resource, it affects RichFaces Framework 3.X through 3.3.4.

Hacking 110

Hacking Cybersecurity Risk Information Security 110

Speaker: William Hord, Senior VP of Risk & Professional Services

Enterprise Risk Management (ERM) is critical for industry growth in today’s fast-paced and ever-changing risk landscape. When building your ERM program foundation, you need to answer questions like: Do we have robust board and management support? Do we understand and articulate our bank’s risk appetite and how that impacts our business units? How are we measuring and rating our risk impact, likelihood, and controls to mitigate our risk?

Banking

Bleeping Computer

SEPTEMBER 28, 2023

A Chinese cyber-espionage hacking group tracked as Budworm has been observed targeting a telecommunication firm in the Middle East and a government entity in Asia using a new variant of its custom 'SysUpdate' backdoor. [.

Malware 105

Malware Telecommunications Hacking Government 105

Security Affairs

SEPTEMBER 28, 2023

Cisco released security updates for an actively exploited zero-day flaw (CVE-2023-20109) that resides in the GET VPN feature of IOS and IOS XE software. Cisco warned customers to install security updates to address an actively exploited zero-day vulnerability, tracked as CVE-2023-20109 (CVS 6.6), that resides in IOS and IOS XE software. The vulnerability resides in the Group Encrypted Transport VPN (GET VPN) feature of IOS and IOS XE.

VPN 109

VPN Encryption Hacking Software 109

WIRED Threat Level

SEPTEMBER 28, 2023

A civil liberties group has asked the DOJ to investigate deployment of the ShotSpotter gunfire-detection system, which research shows is often installed in predominantly Black neighborhoods.

104

104

Dark Reading

SEPTEMBER 28, 2023

So far this year, Google has disclosed six vulnerabilities that attackers were actively exploiting before the company had a patch for them.

119

119

Speaker: Ronald Eddings, Cybersecurity Expert and Podcaster

So, you’ve accomplished an organization-wide SaaS adoption. It started slow, and now just a few team members might be responsible for running Salesforce, Slack, and a few others applications that boost productivity, but it’s all finished. Or is it? Through all the benefits offered by SaaS applications, it’s still a necessity to onboard providers as quickly as possible.

Risk

The Hacker News

SEPTEMBER 28, 2023

The landscape of browser security has undergone significant changes over the past decade. While Browser Isolation was once considered the gold standard for protecting against browser exploits and malware downloads, it has become increasingly inadequate and insecure in today's SaaS-centric world.

Malware 102

Malware Technology 102

Dark Reading

SEPTEMBER 28, 2023

The networking giant discloses new vulnerabilities the same day as warnings get issued that Cisco gear has been targeted in a Chinese APT attack.

116

116

SecureList

SEPTEMBER 28, 2023

Introduction As long as cybercriminals want to make money, they’ll keep making malware, and as long as they keep making malware, we’ll keep analyzing it, publishing reports and providing protection. Last month we covered a wide range of cybercrime topics. For example, we published a private report on a new malware found on underground forums that we call ASMCrypt (related to the DoubleFinger loader ).

Banking 93

Banking Malware Cybercrime Encryption 93

Dark Reading

SEPTEMBER 28, 2023

Many organizations are not prepared to respond to all the constituencies that come knocking after a breach or ransomware incident.

Ransomware 114

Ransomware Cybersecurity 114

Speaker: Dr. Karen Hardy, CEO and Chief Risk Officer of Strategic Leadership Advisors LLC

Communication is a core component of a resilient organization's risk management framework. However, risk communication involves more than just reporting information and populating dashboards, and we may be limiting our skillset. Storytelling is the ability to express ideas and convey messages to others, including stakeholders. When done effectively, it can help interpret complex risk environments for leaders and inform their decision-making.

Risk