Schneier on Security

SEPTEMBER 14, 2023

Google removed fake Signal and Telegram apps from its Play store. An app with the name Signal Plus Messenger was available on Play for nine months and had been downloaded from Play roughly 100 times before Google took it down last April after being tipped off by security firm ESET. It was also available in the Samsung app store and on signalplus[.]org, a dedicated website mimicking the official Signal.org.

Malware 292

Malware Accountability Hacking Spyware 292

The Last Watchdog

SEPTEMBER 14, 2023

In today’s digital age, trust has become a cornerstone of building a better Internet. Preserving privacy for a greater good The Internet was designed as a platform for peer research, not for the vast scale and diverse uses we see today. Over the decades, it’s grown in a way that has left it with many inherent vulnerabilities. These vulnerabilities, not borne out of malice, were the result of choices made with limited information available at the time.

Internet 290

Internet Internet Technology Risk 290

Schneier on Security

SEPTEMBER 14, 2023

This is a current list of where and when I am scheduled to speak: I’m speaking at swampUP 2023 in San Jose, California, on September 13, 2023 at 11:35 AM PT. The list is maintained on this page.

217

217

Tech Republic Security

SEPTEMBER 14, 2023

Get technical details about how this new attack campaign is delivered via Microsoft Teams and how to protect your company from this loader malware.

Malware 180

Malware Phishing Software Cybersecurity 180

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Bleeping Computer

SEPTEMBER 14, 2023

An affiliate of the BlackCat ransomware group, also known as APLHV, is behind the attack that disrupted MGM Resorts' operations, forcing the company to shut down IT systems. [.

Ransomware 135

Ransomware Encryption 135

Tech Republic Security

SEPTEMBER 14, 2023

Updates are now available to patch a Chrome vulnerability that would allow attackers to run malicious code.

Cybersecurity 205

Cybersecurity 205

Tech Republic Security

SEPTEMBER 14, 2023

Red Box provides the open architecture for data capture. Uniphore then feeds that data into U-Capture, its conversational AI automation tool.

Data collection 169

Data collection Architecture Artificial Intelligence Big data 169

Dark Reading

SEPTEMBER 14, 2023

The ransomware group is a collection of young adults who also recently breached Caesars Entertainment and made a ransom score in the tens of millions.

Ransomware 136

Ransomware 136

Bleeping Computer

SEPTEMBER 14, 2023

Security researcher Gabe Kirkpatrick has made a proof-of-concept (PoC) exploit available for CVE-2023-38146, aka "ThemeBleed," which enables attackers to trigger arbitrary remote code execution if the target opens a specially crafted '.theme' file. [.

124

124

Security Affairs

SEPTEMBER 14, 2023

Researchers discovered a free download manager site that has been compromised to serve Linux malware to users for more than three years. Researchers from Kaspersky discovered a free download manager site that has been compromised to serve Linux malware. While investigating a set of suspicious domains, the experts identified that the domain in question has a deb.fdmpkg[.]org subdomain.

Malware 121

Malware Software Cryptocurrency Passwords 121

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Bleeping Computer

SEPTEMBER 14, 2023

Microsoft says an Iranian-backed threat group has targeted thousands of organizations in the U.S. and worldwide in password spray attacks since February 2023. [.

Passwords 123

Passwords 123

Security Affairs

SEPTEMBER 14, 2023

Researchers discovered three security flaws in Kubernetes that can lead to remote code execution on Windows endpoints. Akamai researchers recently discovered a high-severity vulnerability in Kubernetes tracked as CVE-2023-3676 (CVSS 8.8). This identification of this issue led to the discovery of two more vulnerabilities tracked as CVE-2023-3893, and CVE-2023-3955 (CVSS 8.8).

Hacking 119

Hacking Information Security 119

Bleeping Computer

SEPTEMBER 14, 2023

Threat actors use Google Ads tracking templates as a loophole to create convincing Webex software search ads that redirect users to websites that distribute the BatLoader malware. [.

Malware 116

Malware Software 116

eSecurity Planet

SEPTEMBER 14, 2023

Active Directory is one of the most critically important IT assets and a frequent target of hackers, so securing it is a top priority for IT and security teams. And part of that job is checking to make sure that Active Directory hasn’t been compromised. Between Active Directory for Windows and Azure, Microsoft dominates the market for identity and access management (IAM) tools with a greater than 50% market share, including about 95% of the Fortune 1000, so there are few targets for hacker

Accountability 116

Accountability Marketing Cybersecurity Security Defenses 116

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity

Security Affairs

SEPTEMBER 14, 2023

UK Greater Manchester Police (GMP) disclosed a data breach, threat actors had access to some of its employees’ personal information. UK Greater Manchester Police (GMP) announced that threat actors had access to the personal information of some of its employees after an unnamed third-party supplier was hit with a ransomware attack. The GMP reported that the impacted company provides its services to various UK organizations, including Greater Manchester Police.

Data breaches 115

Data breaches Ransomware Hacking Cybercrime 115

The Hacker News

SEPTEMBER 14, 2023

A set of memory corruption flaws have been discovered in the ncurses (short for new curses) programming library that could be exploited by threat actors to run malicious code on vulnerable Linux and macOS systems.

108

108

Security Affairs

SEPTEMBER 14, 2023

LockBit ransomware group breached two hospitals, the Carthage Area Hospital and the Clayton-Hepburn Medical Center in New York. The Lockbit ransomware group claims to have hacked two major hospitals, the Carthage Area Hospital and Claxton-Hepburn Medical Center. The two hospitals serve hundreds of thousands of people in upstate New York. The cyberattack took place at the end of August and had a severe impact on the two hospitals in the last couple of weeks.

Ransomware 114

Ransomware Healthcare Cyber Attacks Hacking 114

The Hacker News

SEPTEMBER 14, 2023

The iPhone belonging to Galina Timchenko, a prominent Russian journalist and critic of the government, was compromised with NSO Group's Pegasus spyware, a new collaborative investigation from Access Now and the Citizen Lab has revealed. The infiltration is said to have happened on or around February 10, 2023.

Spyware 108

Spyware Government 108

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

Bleeping Computer

SEPTEMBER 14, 2023

Microsoft has added text recognition support to the latest Snipping Tool build, allowing users to select and copy text from screenshots. [.

124

124

Dark Reading

SEPTEMBER 14, 2023

Collaboration apps are a boost to business productivity, but also a uniquely attractive target for cyberattackers.

Hacking 134

Hacking 134

Bleeping Computer

SEPTEMBER 14, 2023

The Auckland Transport (AT) transportation authority in New Zealand is dealing with a widespread outage caused by a cyber incident, impacting a wide range of customer services. [.

Ransomware 103

Ransomware 103

Graham Cluley

SEPTEMBER 14, 2023

CISA, the United States's Cybersecurity and Infrastructure Security Agency, has ordered federal agencies to patch their iPhones against vulnerabilities that can be used as part of a zero-click attack to install spyware from the notorious NSO Group. Read more in my article on the Tripwire State of Security blog.

Spyware 105

Spyware Government Cybersecurity Malware 105

Advertisement

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

Identity Theft

The Hacker News

SEPTEMBER 14, 2023

A download manager site served Linux users malware that stealthily stole passwords and other sensitive information for more than three years as part of a supply chain attack. The modus operandi entailed establishing a reverse shell to an actor-controlled server and installing a Bash stealer on the compromised system. The campaign, which took place between 2020 and 2022, is no longer active.

Malware 101

Malware Passwords 101

Dark Reading

SEPTEMBER 14, 2023

The Russian-speaking ransomware gang continues to update its tactics while managing to steal highly sensitive information from its victims.

Ransomware 119

Ransomware 119

The Hacker News

SEPTEMBER 14, 2023

A high-severity security flaw has been disclosed in N-Able's Take Control Agent that could be exploited by a local unprivileged attacker to gain SYSTEM privileges. Tracked as CVE-2023-27470 (CVSS score: 8.

99

99

Dark Reading

SEPTEMBER 14, 2023

Sports teams, major leagues, global sporting associations, and entertainment venues are all home to valuable personal and business data. Here's how to keep them safe.

Cybersecurity 106

Cybersecurity 106

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

Cybersecurity

Bleeping Computer

SEPTEMBER 14, 2023

United Kingdom's Greater Manchester Police (GMP) said earlier today that some of its employees' personal information was impacted by a ransomware attack that hit a third-party supplier. [.

Ransomware 98

Ransomware 98

Dark Reading

SEPTEMBER 14, 2023

In a notable shift in strategy, the threat actors are abusing code-signing certificates to spread a double whammy of infostealers and ransomware payloads.

Ransomware 108

Ransomware 108

The Hacker News

SEPTEMBER 14, 2023

Iranian nation-state actors have been conducting password spray attacks against thousands of organizations globally between February and July 2023, new findings from Microsoft reveal.

Passwords 95

Passwords 95

Dark Reading

SEPTEMBER 14, 2023

It takes a diverse village of experts to enact effective cybersecurity guidelines, practices, and processes.

Cybersecurity 128

Cybersecurity 128

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.