Schneier on Security

JANUARY 19, 2023

A group of Swiss researchers have published an impressive security analysis of Threema. We provide an extensive cryptographic analysis of Threema, a Swiss-based encrypted messaging application with more than 10 million users and 7000 corporate customers. We present seven different attacks against the protocol in three different threat models. As one example, we present a cross-protocol attack which breaks authentication in Threema and which exploits the lack of proper key separation between diff

Encryption 292

Encryption Authentication Advertising Government 292

Krebs on Security

JANUARY 19, 2023

T-Mobile today disclosed a data breach affecting tens of millions of customer accounts, its second major data exposure in as many years. In a filing with federal regulators, T-Mobile said an investigation determined that someone abused its systems to harvest subscriber data tied to approximately 37 million current customer accounts. Image: customink.com In a filing today with the U.S.

Mobile 288

Mobile Accountability Data breaches Identity Theft 288

Tech Republic Security

JANUARY 19, 2023

The cybersecurity implications of ChatGPT are vast, especially for email exploits, but putting up guardrails, flagging elements of phishing emails that it doesn’t touch and using it to train itself could help boost defense. The post As a cybersecurity blade, ChatGPT can cut both ways appeared first on TechRepublic.

Cybersecurity 207

Cybersecurity Phishing 207

Bleeping Computer

JANUARY 19, 2023

T-Mobile disclosed a new data breach after a threat actor stole the personal information of 37 million current postpaid and prepaid customer accounts through one of its Application Programming Interfaces (APIs). [.

Data breaches 144

Data breaches Mobile Accountability Hacking 144

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Dark Reading

JANUARY 19, 2023

The credential-stuffing attack, likely fueled by password reuse, yielded personal identifiable information that can be used to verify the authenticity of previously stolen data.

Accountability 135

Accountability Authentication Passwords 135

Bleeping Computer

JANUARY 19, 2023

A new Android malware named 'Hook' is being sold by cybercriminals, boasting it can remotely take over mobile devices in real-time using VNC (virtual network computing). [.

Malware 140

Malware Mobile 140

Bleeping Computer

JANUARY 19, 2023

PayPal is sending out notices of a data breach to thousands of users who had their accounts accessed by credential stuffing actors, resulting in the compromise of some personal data. [.

Accountability 137

Accountability Data breaches 137

Security Boulevard

JANUARY 19, 2023

T-Mobile today disclosed a data breach affecting tens of millions of customer accounts, its second major data exposure in as many years. In a filing with federal regulators, T-Mobile said an investigation determined that someone abused its systems to harvest subscriber data tied to approximately 37 million current customer accounts. The post New T-Mobile Breach Affects 37 Million Accounts appeared first on Security Boulevard.

Mobile 131

Mobile Accountability Data breaches 131

Dark Reading

JANUARY 19, 2023

The "BoldMove" backdoor demonstrates a high level of knowledge of FortiOS, according to Mandiant researchers, who said the attacker appears to be based out of China.

Malware 131

Malware 131

Graham Cluley

JANUARY 19, 2023

For the second time in less than a year, email newsletter service Mailchimp has found itself in the embarrassing position of admitting it has suffered a data breach, putting its customers' subscribers at risk.

Social Engineering 121

Social Engineering Engineering Data breaches Risk 121

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

We Live Security

JANUARY 19, 2023

Hello, is it me you’re looking for? Fraudsters still want to help you fix a computer problem you never had in the first place.

Scams 141

Scams 141

Security Boulevard

JANUARY 19, 2023

On January 11, 2023, presiding United States District Judge William Orrick in San Francisco denied the motion of Joe Sullivan, the former CISO of Uber, for a judgment of acquittal. The conviction arose from Sullivan’s agreement to pay attackers who breached the security of the online ride-sharing service and obtained personal information about thousands of.

CISO 112

CISO Data breaches Risk Government 112

Bleeping Computer

JANUARY 19, 2023

Ransomware gangs extorted from victims about $456.8 million throughout 2022, a drop of roughly 40% from the record-breaking $765 million recorded in the previous two years. [.

Ransomware 113

Ransomware 113

CyberSecurity Insiders

JANUARY 19, 2023

Yum Brands Inc, officially the owner of top food chain restaurants KFC, Taco Bell and Pizza Hut, was reportedly hit by a ransomware attack, forcing the IT staff to close about 300 eatery outlets across the United Kingdom. As the malware targeted, the core servers, orders and billing were deeply affected, resulting in temporary shut of the outlets from afternoon hours of January 18th, 2023, i.e.

Ransomware 111

Ransomware Cryptocurrency Cyber Attacks Malware 111

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity

The Hacker News

JANUARY 19, 2023

A suspected China-nexus threat actor exploited a recently patched vulnerability in Fortinet FortiOS SSL-VPN as a zero-day in attacks targeting a European government entity and a managed service provider (MSP) located in Africa.

VPN 106

VPN Malware Government 106

SecureList

JANUARY 19, 2023

Roaming Mantis (a.k.a Shaoye) is well-known as a long-term cyberattack campaign that uses malicious Android package (APK) files to control infected Android devices and steal device information; it also uses phishing pages to steal user credentials, with a strong financial motivation. Kaspersky has been investigating the actor’s activity throughout 2022, and we observed a DNS changer function used for getting into Wi-Fi routers and undertaking DNS hijacking.

DNS 110

DNS Mobile Malware Accountability 110

CyberSecurity Insiders

JANUARY 19, 2023

The first news that is trending is associated with financial service provider PayPal. News is out that social security numbers of nearly 35,000 users were leaked in a cyber attack that could have emerged from a credential stuffing campaign launched by a state funded actor. According to the update provided by a source from PayPal, the attack took place on December 6 and was identified at the end of last month.

Cyber Attacks 106

Cyber Attacks Social Engineering Financial Services Encryption 106

Heimadal Security

JANUARY 19, 2023

MailChimp announced it has been victim to a social engineering attack that threat actors successfully performed on the company`s employees and contractors. Hackers managed to obtain employee credentials and gain access to an internal customer support and account administration tool. The attack affected the data of 133 customers. MailChimp detected the attack on January 11th, […] The post MailChimp Suffers Data Breach Due to Social Engineering Attack appeared first on Heimdal Security Blog.

Social Engineering 108

Social Engineering Data breaches Engineering Accountability 108

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

Bleeping Computer

JANUARY 19, 2023

Microsoft has released the optional KB5019275 Preview cumulative update for Windows 10 20H2, Windows 10 21H1, and Windows 10 21H2, with fourteen fixes and improvements. [.

103

103

CyberSecurity Insiders

JANUARY 19, 2023

In the first two blogs in this series, we discussed properly setting up IAM and avoiding direct internet access to AWS resources. In this blog, we’ll tackle encrypting AWS in transit and at rest. Sometimes, despite all efforts to the contrary, data can be compromised. This can occur due to data leakage through faulty apps or systems, by laptops or portable storage devices being lost, by malicious actors breaking through security defenses, by social engineering attacks, or by data being int

Encryption 102

Encryption Internet Internet Social Engineering 102

Bleeping Computer

JANUARY 19, 2023

Microsoft is pushing the KB5021751 update to find out how many of its customers are using an Office version that has reached its end of support or will soon be out of support. [.

98

98

Security Affairs

JANUARY 19, 2023

Researchers found a new critical remote code execution (RCE) flaw impacting multiple services related to Microsoft Azure. Researchers from Ermetic found a remote code execution flaw, dubbed EmojiDeploy, that impacts Microsoft Azure services and other cloud services including Function Apps, App Service and Logic Apps. The issue is achieved through CSRF (Cross-site request forgery) on the ubiquitous SCM service Kudu.

Engineering 98

Engineering Phishing Hacking Information Security 98

Advertisement

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

Identity Theft

Security Boulevard

JANUARY 19, 2023

The need to secure digital identities remains one of the most urgent tasks facing modern enterprises. Stolen or compromised credentials continue to be not only the most common cause of a data breach but also the most difficult to identify and most expensive. According to research published this year by the Identity Defined Security Alliance, The post Securing Digital Identities in 2023 and Beyond appeared first on Security Boulevard.

Data breaches 98

Data breaches Data privacy Security Awareness Risk 98

Digital Guardian

JANUARY 19, 2023

Getting personally identifiable information (PII) classification right is one of the first steps to having an effective data protection strategy. We break down four best practices in this blog.

98

98

Security Boulevard

JANUARY 19, 2023

Introduction On January 10, 2023, ManageEngine released a security advisory for CVE-2022-47966 (discovered by Khoadha of Viettel Cyber Security) affecting a wide range of products. The vulnerability allows an attacker to gain remote code execution by issuing a HTTP POST request containing a malicious SAML response. This vulnerability is a result of using an outdated […] The post ManageEngine CVE-2022-47966 Technical Deep Dive appeared first on Horizon3.ai.

Social Engineering 97

Social Engineering Engineering 97

Bleeping Computer

JANUARY 19, 2023

Starting in September 2022, the 'Roaming Mantis' credential theft and malware distribution campaign was observed using a new version of the Wroba.o/XLoader Android malware that incorporates a function for detecting specific WiFi routers and changing their DNS. [.

DNS 96

DNS Malware Hacking Mobile 96

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

Cybersecurity

Graham Cluley

JANUARY 19, 2023

The Bitzlato cryptocurrency exchange has had its website seized by the authorities, after its Russian founder was charged with processing more than US $700m worth of "dirty money" on behalf of criminals.

Cryptocurrency 98

Cryptocurrency 98

Security Affairs

JANUARY 19, 2023

A high-severity flaw (CVE-2023-20010) was found in Cisco Unified Communications Manager and Unified Communications Manager Session Management Edition. Cisco fixed a high-severity SQL injection flaw, tracked as CVE-2023-20010 (CVSS score of 8.1), in Unified Communications Manager and Unified Communications Manager Session Management Edition. Unified Communications Manager solutions provide reliable, secure, scalable, and manageable call control and session management.

Authentication 96

Authentication Hacking Software Information Security 96

The Hacker News

JANUARY 19, 2023

A new critical remote code execution (RCE) flaw discovered impacting multiple services related to Microsoft Azure could be exploited by a malicious actor to completely take control of a targeted application. "The vulnerability is achieved through CSRF (cross-site request forgery) on the ubiquitous SCM service Kudu," Ermetic researcher Liv Matan said in a report shared with The Hacker News.

93

93

Bleeping Computer

JANUARY 19, 2023

Yum! Brands, the fast food brand operator of KFC, Pizza Hut, Taco Bell, and The Habit Burger Grill fast-food restaurant chains, has been targeted by a ransomware attack that forced the closure of 300 locations in the United Kingdom. [.

Ransomware 94

Ransomware 94

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.