Schneier on Security

NOVEMBER 6, 2023

The Flipper Zero is an incredibly versatile hacking device. Now it can be used to crash iPhones in its vicinity by sending them a never-ending stream of pop-ups. These types of hacks have been possible for decades, but they require special equipment and a fair amount of expertise. The capabilities generally required expensive SDRs­—short for software-defined radios­—that, unlike traditional hardware-defined radios, use firmware and processors to digitally re-create radio signal tran

Firmware 261

Firmware Hacking Software 261

Krebs on Security

NOVEMBER 6, 2023

Last week, KrebsOnSecurity broke the news that one of the largest cybercrime services for laundering stolen merchandise was hacked recently, exposing its internal operations, finances and organizational structure. In today’s Part II, we’ll examine clues about the real-life identity of “ Fearlless ,” the nickname chosen by the proprietor of the SWAT USA Drops service.

Passwords 228

Passwords Cybercrime Accountability Hacking 228

The Last Watchdog

NOVEMBER 6, 2023

QR code phishing attacks started landing in inboxes around the world about six months ago. Related: ‘BEC’ bilking on the rise These attacks prompt the target to scan a QR code and trick them into downloading malware or sharing sensitive information. In June, we started seeing these types of attacks amongst our customer base. Since June, there has been a fourfold increase in the search volume around keywords associated with these types of attacks.

Phishing 202

Phishing Scams Education Malware 202

Bleeping Computer

NOVEMBER 6, 2023

Microsoft will roll out Conditional Access policies requiring multifactor authentication from administrators when signing into Microsoft admin portals such as Microsoft Entra, Microsoft 365, Exchange, and Azure. [.

Authentication 136

Authentication 136

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Security Affairs

NOVEMBER 6, 2023

Google warns of multiple threat actors that are leveraging its Calendar service as a command-and-control (C2) infrastructure. Google warns of multiple threat actors sharing a public proof-of-concept (PoC) exploit, named Google Calendar RAT, that relies on Calendar service to host command-and-control (C2) infrastructure. Google Calendar RAT is a PoC of Command&Control (C2) over Google Calendar Events, it was developed red teaming activities. “To use GRC, only a Gmail account is require

Accountability 136

Accountability Hacking Information Security Malware 136

The Hacker News

NOVEMBER 6, 2023

Google is warning of multiple threat actors sharing a public proof-of-concept (PoC) exploit that leverages its Calendar service to host command-and-control (C2) infrastructure. The tool, called Google Calendar RAT (GCR), employs Google Calendar Events for C2 using a Gmail account. It was first published to GitHub in June 2023.

Accountability 133

Accountability 133

Security Affairs

NOVEMBER 6, 2023

Taiwanese vendor QNAP warns of two critical command injection flaws in the QTS operating system and applications on its NAS devices. Taiwanese vendor QNAP Systems addressed two critical command injection vulnerabilities, tracked as CVE-2023-23368 and CVE-2023-23369 , that impact the QTS operating system and applications on its network-attached storage (NAS) devices.

Media 122

Media Hacking Software Internet 122

We Live Security

NOVEMBER 6, 2023

Organizations that intend to tap the potential of LLMs must also be able to manage the risks that could otherwise erode the technology’s business value

Risk 131

Risk 131

The Hacker News

NOVEMBER 6, 2023

Cybersecurity researchers have shed light on a new dropper-as-a-service (DaaS) for Android called SecuriDropper that bypasses new security restrictions imposed by Google and delivers the malware.

Advertising 120

Advertising Malware Cybersecurity 120

Dark Reading

NOVEMBER 6, 2023

As cyber insurance gets more expensive and competitive, security decision-makers have actionable opportunities to strengthen their cyber defenses.

Insurance 126

Insurance Cyber Insurance Cybersecurity 126

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

The Hacker News

NOVEMBER 6, 2023

QNAP has released security updates to address two critical security flaws impacting its operating system that could result in arbitrary code execution. Tracked as CVE-2023-23368 (CVSS score: 9.8), the vulnerability is described as a command injection bug affecting QTS, QuTS hero, and QuTScloud.

116

116

Bleeping Computer

NOVEMBER 6, 2023

The operators of the Kinsing malware are targeting cloud environments with systems vulnerable to "Looney Tunables," a Linux security issue identified as CVE-2023-4911 that allows a local attacker to gain root privileges on the system. [.

Malware 112

Malware 112

Malwarebytes

NOVEMBER 6, 2023

Clinical research company Advarra has reportedly been compromised after a SIM swap on one of their executives. SIM swapping, also known as SIM jacking, is the act of illegally taking over a target’s cell phone number. This can be done in a number of ways, but one of the most common methods involves tricking the target’s phone carrier into porting the phone number to a new SIM which is under the control of the attacker.

Ransomware 109

Ransomware Backups Accountability Social Engineering 109

Identity IQ

NOVEMBER 6, 2023

Holiday Online Shopping Safety Tips IdentityIQ The holiday shopping season is quickly approaching and will be gone before you know it. So, it’s time to start checking off that gift list! Online holiday shopping brings game-changing convenience to busy shoppers, but without the proper safety best practices, online shoppers can be vulnerable to hackers, identity theft , and all other kinds of scams.

Identity Theft 107

Identity Theft Scams VPN Phishing 107

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity

eSecurity Planet

NOVEMBER 6, 2023

The past week has been a busy one for cybersecurity vulnerabilities, with 34 vulnerable Windows drivers and four Microsoft Exchange flaws heading a long list of security concerns. Other major flaws appeared in the NGINX Ingress Controller for Kubernetes, Atlassian Confluence Data Center and Server, and Apache ActiveMQ — and the latter two have already been targeted in ransomware attacks.

Software 112

Software Education Firmware Ransomware 112

Bleeping Computer

NOVEMBER 6, 2023

Internet-exposed Apache ActiveMQ servers are also targeted in TellYouThePass ransomware attacks targeting a critical remote code execution (RCE) vulnerability previously exploited as a zero-day. [.

Ransomware 102

Ransomware Internet Internet 102

The Hacker News

NOVEMBER 6, 2023

Veeam has released security updates to address four flaws in its ONE IT monitoring and analytics platform, two of which are rated critical in severity. The list of vulnerabilities is as follows - CVE-2023-38547 (CVSS score: 9.

Software 104

Software 104

Bleeping Computer

NOVEMBER 6, 2023

Attackers are exploiting a recently patched and critical severity Atlassian Confluence authentication bypass flaw to encrypt victims' files using Cerber ransomware. [.

Ransomware 103

Ransomware Encryption Authentication 103

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

The Hacker News

NOVEMBER 6, 2023

An updated version of an information stealer malware known as Jupyter has resurfaced with "simple yet impactful changes" that aim to stealthily establish a persistent foothold on compromised systems.

Malware 103

Malware 103

Dark Reading

NOVEMBER 6, 2023

Cybercriminals are abusing legitimate functions within cloud services, and providers can't totally stop them, especially when it comes to innovative approaches like this.

102

102

InfoWorld on Security

NOVEMBER 6, 2023

Developers have long used sites like Stack Overflow as forums where they could get code examples and assistance. That community is rapidly being replaced by generative AI tools such as ChatGPT. Today, developers ask AI chatbots to help create sample code, translate from one programming language to another, and even write test cases. These chatbots have become full-fledged members of your development teams.

Malware 98

Malware 98

Dark Reading

NOVEMBER 6, 2023

With AI and publicly available data, cybercriminals have the resources they need to fake a real-life kidnapping and make you believe it.

Scams 114

Scams 114

Advertisement

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

Identity Theft

The Hacker News

NOVEMBER 6, 2023

Israeli higher education and tech sectors have been targeted as part of a series of destructive cyber attacks that commenced in January 2023 with an aim to deploy previously undocumented wiper malware.

Education 100

Education Cyber Attacks Malware Hacking 100

Dark Reading

NOVEMBER 6, 2023

Previously limited to initial access brokering, the Gootloader group has pivoted to a nasty post-compromise "GootBot" attack, each implant with its own C2.

100

100

The Hacker News

NOVEMBER 6, 2023

Multiple ransomware groups have begun to actively exploit recently disclosed flaws in Atlassian Confluence and Apache ActiveMQ. Cybersecurity firm Rapid7 said it observed the exploitation of CVE-2023-22518 and CVE-2023-22515 in multiple customer environments, some of which have been leveraged for the deployment of Cerber (aka C3RB3R) ransomware.

Ransomware 99

Ransomware Cybersecurity 99

Bleeping Computer

NOVEMBER 6, 2023

The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) has sanctioned Russian national Ekaterina Zhdanova for laundering millions in cryptocurrency for various individuals, including ransomware actors. [.

Ransomware 91

Ransomware Cryptocurrency 91

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

Cybersecurity

SecureList

NOVEMBER 6, 2023

Introduction and trends The gaming industry continues growing. The Newzoo report for 2023 reveals that two in five — more than three billion — across the globe are gamers, which is 6.3 percent more than last year. Globally, gaming revenue amounts to an estimated US$242.39 billion , with almost half of that generated by the Asia Pacific. By the year 2030, this worldwide total is expected to more than double to US$583.69 billion.

Mobile 92

Mobile Phishing Accountability Scams 92

Dark Reading

NOVEMBER 6, 2023

Telcos across the Middle East are rapidly rolling out 5G networks. Will this accelerated adoption lead to higher security vulnerabilities?

103

103

Heimadal Security

NOVEMBER 6, 2023

If you switched from using HTTP/1 to HTTP/2 you`re a possible target of massive DDoS attacks. Hackers started recently to exploit a key feature of the HTTP/2 protocol. The vulnerability was called CVE-2023-44487. The HTTP/2 Rapid Reset DDoS attacks that targeted Google services this August went over 398 million requests per second. The attacks were 76% […] The post New DDoS Attacks Waves.

DDOS 85

DDOS Cybersecurity 85

Dark Reading

NOVEMBER 6, 2023

Admins need to patch immediately, as the prolific cybercrime group pivots from cryptomining to going after cloud secrets and credentials.

Cybercrime 102

Cybercrime 102

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.