Wed.Sep 13, 2023

article thumbnail

Zero-Click Exploit in iPhones

Schneier on Security

Make sure you update your iPhones : Citizen Lab says two zero-days fixed by Apple today in emergency security updates were actively abused as part of a zero-click exploit chain (dubbed BLASTPASS) to deploy NSO Group’s Pegasus commercial spyware onto fully patched iPhones. The two bugs, tracked as CVE-2023-41064 and CVE-2023-41061 , allowed the attackers to infect a fully-patched iPhone running iOS 16.6 and belonging to a Washington DC-based civil society organization via PassKit attachment

Spyware 346
article thumbnail

FBI Hacker Dropped Stolen Airbus Data on 9/11

Krebs on Security

In December 2022, KrebsOnSecurity broke the news that a cybercriminal using the handle “ USDoD ” had infiltrated the FBI ‘s vetted information sharing network InfraGard , and was selling the contact information for all 80,000 members. The FBI responded by reverifying InfraGard members and by seizing the cybercrime forum where the data was being sold.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Black Hat Fireside Chat: The impactful role crowdsourced security intelligence must play

The Last Watchdog

From Kickstarter to Wikipedia, crowdsourcing has become a part of everyday life. Sharing intel for a greater good Now one distinctive type of crowdsourcing — ethical hacking – is positioned to become a much more impactful component of securing modern networks. I had a terrific discussion about this at Black Hat USA 2023 with Casey Ellis, founder and CTO of Bugcrowd , a pioneer in the crowdsourced security market.

article thumbnail

P2P File Sharing Policy

Tech Republic Security

The purpose of this policy from TechRepublic Premium is to provide guidelines for the proper use of peer-to-peer file sharing. It includes an authorization form for approval of P2P file transmission, which sets the conditions and parameters in which this data exchange must occur. From the policy: P2P applications should only be used to send.

article thumbnail

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

Speaker: Erroll Amacker

Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.

article thumbnail

Rust-Written 3AM Ransomware: A Sneak Peek into a New Malware Family

The Hacker News

A new ransomware family called 3AM has emerged in the wild after it was detected in a single incident in which an unidentified affiliate deployed the strain following an unsuccessful attempt to deliver LockBit (attributed to Bitwise Spider or Syrphid) in the target network.

Malware 145
article thumbnail

Watch out, this LastPass email with "Important information about your account" is a phish

Malwarebytes

The consequences of last year's LastPass breach continue to be felt, with the latest insult to users coming in the form of a highly convincing phishing email. Although the " unauthorized party" that compromised LastPass users' data was able to steal password vaults, it's likely that they are having a hard time cracking them open. LastPass's own assessment was that "it would be extremely difficult to attempt to brute force guess master passwords for those customers who follow our password best pr

Phishing 145

LifeWorks

More Trending

article thumbnail

Threat actor leaks sensitive data belonging to Airbus

Security Affairs

The multinational aerospace corporation Airbus has launched an investigation into the recent leak of information allegedly stolen from the company. The multinational aerospace corporation Airbus announced that it is investigating a data leak after cybersecurity firm Hudson Rock reported that a hacker posted information on thousands of the company’s vendors to the dark web.

article thumbnail

Alert: New Kubernetes Vulnerabilities Enable Remote Attacks on Windows Endpoints

The Hacker News

Three interrelated high-severity security flaws discovered in Kubernetes could be exploited to achieve remote code execution with elevated privileges on Windows endpoints within a cluster. The issues, tracked as CVE-2023-3676, CVE-2023-3893, and CVE-2023-3955, carry CVSS scores of 8.8 and impact all Kubernetes environments with Windows nodes.

142
142
article thumbnail

The Twisted Eye in the Sky Over Buenos Aires

WIRED Threat Level

A scandal unfolding in Argentina shows the dangers of implementing facial recognition—even with laws and limits in place.

141
141
article thumbnail

Upgrading your iPhone? Read this first

Malwarebytes

Apple's Wonderlust event on Tuesday saw the launch of the company's top-of-the-line iPhone 15 Pro Max with a titanium chassis and an improved telephoto camera, as well as other iPhone 15 models and new Apple Watches. Also this week , Apple was reportedly banned from selling the iPhone 12 in France because the device's Specific Absorption Rate (SAR) is above the legal limit.

Backups 140
article thumbnail

Why Giant Content Libraries Do Nothing for Your Employees’ Cyber Resilience

Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.

article thumbnail

Mozilla fixed a critical zero-day in Firefox and Thunderbird

Security Affairs

Mozilla addressed a critical zero-day vulnerability in Firefox and Thunderbird that has been actively exploited in attacks in the wild. Mozilla rolled out security updates to address a critical zero-day vulnerability, tracked as CVE-2023-4863 , in Firefox and Thunderbird that has been actively exploited in the wild. The vulnerability is a heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187, The vulnerability allowed a remote attacker to perform an out-of-bounds memory write via

Spyware 139
article thumbnail

Machine Learning is a Must for API Security

IT Security Guru

Modern digital transformations have been fuelled by APIs, altering how many businesses and organizations run. However, the recent innovation and digital transformation wave have also opened up new attack surfaces for cybercriminals. Companies are forced to respond to an increase in API threats, but they quickly learn that traditional, static methods of API security are ineffective.

article thumbnail

A new ransomware family called 3AM appears in the threat landscape

Security Affairs

3AM is a new strain of ransomware that was spotted in a single incident in which the threat actors failed to deploy the LockBit ransomware in the target infrastructure. Symantec’s Threat Hunter Team discovered a new ransomware family, which calls itself 3AM, that to date has only been deployed in a single incident in which the threat actors failed to deploy the LockBit ransomware.

article thumbnail

New Windows 11 feature blocks NTLM-based attacks over SMB

Bleeping Computer

Microsoft added a new security feature to Windows 11 that lets admins block NTLM over SMB to prevent pass-the-hash, NTLM relay, or password-cracking attacks. [.

Passwords 138
article thumbnail

Zero Trust Mandate: The Realities, Requirements and Roadmap

The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.

article thumbnail

Redfly group infiltrated an Asian national grid as long as six months?

Security Affairs

A threat actor tracked as Redfly had infected the systems at a national grid located in an unnamed Asian country for six months starting in January. Symantec’s Threat Hunter Team discovered that a threat actor called Redfly used the ShadowPad backdoor to compromise a national grid in an Asian country for as long as six months earlier this year. While ShadowPad is known to be part of the arsenal of multiple China-linked APT groups, the TTPs observed in the attack on the national power grid overla

article thumbnail

Threat landscape for industrial automation systems. Statistics for H1 2023

SecureList

Global threat statistics In the first half of 2023, the percentage of ICS computers on which malicious objects were blocked decreased from H2 2022 by just 0.3 pp to 34%. Percentage of ICS computers on which malicious objects were blocked, by half year That said, he percentage of attacked ICS computers dropped in Q1 2023, but then rose again in Q2 2023, reaching highest quarterly figure since 2022 – 26.8%.

Spyware 137
article thumbnail

Researchers Detail 8 Vulnerabilities in Azure HDInsight Analytics Service

The Hacker News

More details have emerged about a set of now-patched cross-site scripting (XSS) flaws in the Microsoft Azure HDInsight open-source analytics service that could be weaponized by a threat actor to carry out malicious activities.

136
136
article thumbnail

iPhone 15 launch: Wonderlust scammers rear their heads

Malwarebytes

Yesterday, Apple launched its latest iPhone and Watch models at its massive Wonderlust event. As with many high profile launches like this, it attracted not just a mountain of press, but a whole load of scammers too. One site uses the Apple brand to host a cryptocurrency scam. The hook is a supposed giveaway of “50,000 ETH and 5,000 BTC”, which is $79,885,500 and $130,325,000 respectively.

article thumbnail

Next-Level Fraud Prevention: Strategies for Today’s Threat Landscape

Speaker: Sierre Lindgren

Fraud is a battle that every organization must face – it’s no longer a question of “if” but “when.” Every organization is a potential target for fraud, and the finance department is often the bullseye. From cleverly disguised emails to fraudulent payment requests, the tactics of cybercriminals are advancing rapidly. Drawing insights from real-world cases and industry expertise, we’ll explore the vulnerabilities in your processes and how to fortify them effectively.

article thumbnail

How Cyberattacks Are Transforming Warfare

The Hacker News

There is a new battlefield. It is global and challenging to defend. What began with a high-profile incident back in 2007, when Estonia was hit by hackers targeting its government and commercial sector, has evolved into cyber warfare that is being waged constantly worldwide. Today, cyberattacks have become the norm, transforming how we think about war and international conflict as a whole.

article thumbnail

Read it right! How to spot scams on Reddit

We Live Security

Do you know what types of scams and other fakery you should look out for when using a platform that once billed itself as “the front page of the Internet”?

Scams 132
article thumbnail

New Paper: “Securing AI: Similar or Different?“

Anton on Security

As you may have noticed, we have released a new paper on securing AI. I want to share a few additional things here on top our official launch blog. src: [link] For a few years (so, yes, I did start before the ChatGPT launch, if you have to ask…), I’ve been a little obsessed about the differences between securing AI systems and securing any other complex enterprise data-intensive systems (please see this blog and podcasts that are mentioned there).

article thumbnail

Smashing Security podcast #339: Bitcoin boo-boo, deepfakes for good, and time to say goodbye to usernames?

Graham Cluley

Deepfakes are being used for good (perhaps), common usernames could pose a security threat, and someone has paid a $500,000 fee. just to send $1,865. Oh, and our guest mentions Mr Blobby (to the horror of the show's hosts.) All this and much much more is discussed in the latest edition of the "Smashing Security" podcast by cybersecurity veterans Graham Cluley and Carole Theriault, joined this week by The Cyberwire's Dave Bittner.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

The US Congress Has Trust Issues. Generative AI Is Making It Worse

WIRED Threat Level

Senators are meeting with Silicon Valley's elite to learn how to deal with AI. But can Congress tackle the rapidly emerging tech before working on itself?

article thumbnail

France demands Apple pull iPhone 12 due to high RF radiation levels

Bleeping Computer

The Agence Nationale des Fréquences (ANFR) has asked Apple to withdraw iPhone 12 smartphones from the French market because the device emits radiofrequency energy that is beyond the limit permitted to be absorbed by the human body. [.

Marketing 124
article thumbnail

Microsoft Teams Phishing Attacks: Ransomware Group Shifts Tactics

Heimadal Security

Microsoft revealed a shift in tactics by an initial access broker known for its ties to ransomware groups. The threat actor is known as Storm-0324 and had formerly spread Sage and GandCrab ransomware. Storm-0324 recently moved from deploying ransomware to breaching corporate networks through Microsoft Teams phishing attacks. More about the Teams Phishing Attacks Microsoft stated […] The post Microsoft Teams Phishing Attacks: Ransomware Group Shifts Tactics appeared first on Heimdal Securit

Phishing 122
article thumbnail

CISA Issues Alert to Secure iPhones Against Pegasus Spyware Zero-Days

SecureWorld News

Alarming details have emerged about the exploitation of two Zero-Day vulnerabilities to deploy NSO Group's Pegasus commercial spyware on iPhones. These vulnerabilities, tracked as CVE-2023-41064 and CVE-2023-41061 , were actively abused as part of a zero-click exploit chain, according to security researchers at The Citizen Lab. In response to this threat, the U.S.

Spyware 120
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Ransomware Trends and Predictions for 2023 and Beyond

Heimadal Security

New ransomware trends are on the rise as ransomware has emerged as one of the most formidable cyber threats in recent years, causing significant disruptions to businesses, governments, and individuals worldwide. As we step into 2023 and beyond, it’s crucial to examine the evolving landscape of ransomware trends and predict the future of ransomware attacks. […] The post Ransomware Trends and Predictions for 2023 and Beyond appeared first on Heimdal Security Blog.

article thumbnail

How to Detect Fake Social Media Profiles

SecureBlitz

In this post, we will show you how to detect fake social media profiles. With the increasing prevalence of social media platforms in our daily lives, fake social media profiles have become a significant concern. These profiles are often created for various malicious purposes, such as identity theft, online scams, cyberbullying, and misinformation spreading.

Media 111
article thumbnail

Patch Now! Mozilla Releases Security Updates For Firefox Zero Day Vulnerability

Heimadal Security

On September 12th, 2023, Mozilla released crucial security updates to address a critical Firefox zero day vulnerability. Security researchers also detected the flaw in the Thunderbird application. The zero-day was dubbed CVE-2023-4863 and has been actively exploited in the wild. Interestingly enough, the Common Vulnerabilities and Exposures (CVE) system website mentions Chrome as the assigner […] The post Patch Now!

article thumbnail

Ensuring Container Security: Safeguarding Software Supply Chains with SSL/TLS Certificates

GlobalSign

Containers may provision the DevOps pipeline but how can you safeguard them with SSL/TLS certificates?

Software 111
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!