Schneier on Security

OCTOBER 11, 2023

There’s a new Cisco vulnerability in its Emergency Responder product: This vulnerability is due to the presence of static user credentials for the root account that are typically reserved for use during development. An attacker could exploit this vulnerability by using the account to log in to an affected system. A successful exploit could allow the attacker to log in to the affected system and execute arbitrary commands as the root user.

Passwords 336

Passwords Accountability 336

Tech Republic Security

OCTOBER 11, 2023

A vulnerability in the HTTP/2 network protocol is currently being exploited, resulting in the largest DDoS attack in history. Find out what security teams should do now, and hear what Cloudflare's CEO has to say about this DDoS.

DDOS 212

DDOS Cybersecurity Network Security 212

Bleeping Computer

OCTOBER 11, 2023

Microsoft Defender for Endpoint now uses automatic attack disruption to isolate compromised user accounts and block lateral movement in hands-on-keyboard attacks with the help of a new 'contain user' capability in public preview. [.

Accountability 143

Accountability 143

Tech Republic Security

OCTOBER 11, 2023

F5 says an artificial intelligence war could start between generative AI-toting bad actors and enterprises guarding data with AI. Australian IT teams will be caught in the crossfire.

Social Engineering 163

Social Engineering Artificial Intelligence Engineering Risk 163

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Bleeping Computer

OCTOBER 11, 2023

A new malware has been posing as a legitimate caching plugin to target WordPress sites, allowing threat actors to create an administrator account and control the site's activity. [.

Accountability 139

Accountability Malware 139

Tech Republic Security

OCTOBER 11, 2023

Learn how to easily mount remote directories with the help of a more secure SSH tool. Follow along with Jack Wallen in our step-by-step tutorial.

152

152

Security Affairs

OCTOBER 11, 2023

US CISA added the flaw CVE-2023-21608 in Adobe Acrobat Reader to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added five new flaws to its Known Exploited Vulnerabilities Catalog , including a high-severity flaw ( CVE-2023-21608 ) (CVSS score: 7.8) in Adobe Acrobat Reader. The flaw is a use-after-free issue, an attacker can trigger the flaw to achieve remote code execution (RCE) with the privileges of the current user. “Ado

VPN 119

VPN Encryption Hacking Risk 119

The Hacker News

OCTOBER 11, 2023

Microsoft has released its Patch Tuesday updates for October 2023, addressing a total of 103 flaws in its software, two of which have come under active exploitation in the wild. Of the 103 flaws, 13 are rated Critical and 90 are rated Important in severity. This is apart from 18 security vulnerabilities addressed in its Chromium-based Edge browser since the second Tuesday of September.

Software 122

Software 122

Security Affairs

OCTOBER 11, 2023

A Mirai-based DDoS botnet tracked as IZ1H9 has added thirteen new exploits to target routers from different vendors, including D-Link, Zyxel, and TP-Link. Fortinet researchers observed a new Mirai -based DDoS botnet, tracked as IZ1H9, that added thirteen new payloads to target routers from multiple vendors, including D-Link, Zyxel, TP-Link, and TOTOLINK.

DDOS 120

DDOS Wireless Architecture IoT 120

Malwarebytes

OCTOBER 11, 2023

This article is based on research by Marcelo Rivero, Malwarebytes' ransomware specialist, who monitors information published by ransomware gangs on their Dark Web sites. In this report, "known attacks" are those where the victim did not pay a ransom. This provides the best overall picture of ransomware activity, but the true number of attacks is far higher.

Ransomware 120

Ransomware Social Engineering Backups Engineering 120

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Tech Republic Security

OCTOBER 11, 2023

Learn how to easily mount remote directories with the help of a more secure SSH tool. Follow along with Jack Wallen in our step-by-step tutorial.

121

121

Security Boulevard

OCTOBER 11, 2023

Introduction Welcome to 2023, a year that promises to be pivotal in the realm of cybersecurity. As we navigate an increasingly digital world, the need for robust cybersecurity frameworks has never been more urgent. One such framework that stands out is the NIST Cybersecurity Framework, a comprehensive guide designed to help organizations manage and mitigate … Unlock 2023’s Best Practices: How to Implement the NIST Cybersecurity Framework Read More » The post Unlock 2023’s Best Practices: How to

Cybersecurity 120

Cybersecurity 120

The Hacker News

OCTOBER 11, 2023

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a high-severity flaw in Adobe Acrobat Reader to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation. Tracked as CVE-2023-21608 (CVSS score: 7.

Cybersecurity 120

Cybersecurity 120

Trend Micro

OCTOBER 11, 2023

We detail an ongoing campaign abusing messaging platforms Skype and Teams to distribute the DarkGate malware to targeted organizations. We also discovered that once DarkGate is installed on the victim’s system, additional payloads were introduced to the environment.

Malware 119

Malware Cyber threats Risk Ransomware 119

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity

Bleeping Computer

OCTOBER 11, 2023

Microsoft is investigating Exchange Online mail delivery issues causing "Server busy" errors and delays when receiving emails from outside organizations. [.

125

125

Security Affairs

OCTOBER 11, 2023

Microsoft Patch Tuesday security updates for October 2023 fixed three actively exploited zero-day vulnerabilities. Microsoft Patch Tuesday security updates for October 2023 addressed a total of 103 vulnerabilities in Microsoft Windows and Windows Components; Exchange Server; Office and Office Components; ASP.NET Core and Visual Studio; Azure; Microsoft Dynamics; and Skype for Business.

Hacking 112

Hacking Information Security 112

Dark Reading

OCTOBER 11, 2023

Organizations should brace for mass exploitation of CVE-2023-22515, an uber-critical security bug that opens the door to crippling supply chain attacks on downstream victims.

116

116

Bleeping Computer

OCTOBER 11, 2023

Windows Server 2012 and multiple editions of Windows 11, version 21H2, have reached the end of support with this month's Patch Tuesday.

128

128

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

The Hacker News

OCTOBER 11, 2023

More than 17,000 WordPress websites have been compromised in the month of September 2023 with malware known as Balada Injector, nearly twice the number of detections in August. Of these, 9,000 of the websites are said to have been infiltrated using a recently disclosed security flaw in the tagDiv Composer plugin (CVE-2023-3169, CVSS score: 6.

Malware 113

Malware 113

Security Affairs

OCTOBER 11, 2023

Airline Air Europa disclosed a data breach and warned customers to cancel their credit cards after threat actors accessed their card information. Air Europa is a Spanish airline and a subsidiary of the Globalia Corporation. It operates as a full-service carrier, providing passenger and cargo services to various destinations, both domestic and international.

Data breaches 108

Data breaches Banking Phishing Hacking 108

Security Boulevard

OCTOBER 11, 2023

MGM Resorts recently found itself in the midst of a major cybersecurity incident that not only crippled its operations but also exposed sensitive customer data. The sophisticated attack orchestrated by a group known as Scattered Spider employed social engineering to the IT department to reset credentials. The attackers then gained access to the SSO, raised their identity credentials to super user level and then systematically got into other systems.

Social Engineering 109

Social Engineering Engineering Cybersecurity Authentication 109

eSecurity Planet

OCTOBER 11, 2023

Microsoft’s Patch Tuesday for October 2023 covers a total of 103 CVEs, including three zero-day vulnerabilities affecting WordPad, Skype and the HTTP/2 “ Rapid Reset ” DDoS vulnerability. The highest-rated of the vulnerabilities is CVE-2023-35349 , a critical remote code execution vulnerability in the Microsoft Message Queuing (MSMQ) service with a CVSS score of 9.8.

DDOS 109

DDOS Engineering Authentication Social Engineering 109

Advertisement

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

Identity Theft

Malwarebytes

OCTOBER 11, 2023

The Philippine Health Insurance Corporation (PhilHealth), has confirmed that it was unprotected by antivirus software when it was attacked by the Medusa ransomware group in September. Antivirus software—or more correctly, its modern descendents endpoint security and Endpoint Detection and Response (EDR)—are essential tools in the battle against cybercrime.

Antivirus 106

Antivirus Insurance Ransomware Healthcare 106

The Hacker News

OCTOBER 11, 2023

Passwords are at the core of securing access to an organization's data. However, they also come with security vulnerabilities that stem from their inconvenience. With a growing list of credentials to keep track of, the average end-user can default to shortcuts.

Passwords 107

Passwords Accountability 107

Bleeping Computer

OCTOBER 11, 2023

Hackers are once again abusing LinkedIn Smart Links in phishing attacks to bypass protection measures and evade detection in attempts to steal Microsoft account credentials. [.

Accountability 103

Accountability Phishing 103

Dark Reading

OCTOBER 11, 2023

The latest NIST Cybersecurity Framework draft highlights four major themes that organizations should pay attention to for managing risk.

Risk 119

Risk Cybersecurity 119

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

Cybersecurity

We Live Security

OCTOBER 11, 2023

How CISOs and their peers can better engage with boards to get long-term buy-in for strategic initiatives

CISO 133

CISO Cybersecurity 133

Bleeping Computer

OCTOBER 11, 2023

Microsoft says a Chinese-backed threat group tracked as 'Storm-0062' (aka DarkShadow or Oro0lxy) has been exploiting a critical privilege escalation zero-day in the Atlassian Confluence Data Center and Server since September 14, 2023. [.

100

100

Tech Republic Security

OCTOBER 11, 2023

Learn how to use the scp command to transfer files securely with this step-by-step video tutorial by Jack Wallen.

Network Security 112

Network Security 112

Bleeping Computer

OCTOBER 11, 2023

The BianLian extortion group claims to have stolen 210GB of data after breaching the network of Air Canada, the country's largest airline and a founding member of Star Alliance. [.

97

97

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.