Mon.Jun 13, 2022

article thumbnail

SHARED INTEL: VCs pumped $21.8 billion into cybersecurity in 2021 — why there’s more to come

The Last Watchdog

At the start of this year, analysts identified a number of trends driving the growth of cybersecurity. Among them: an expanding digital footprint, growing attack surfaces, and increasing government regulation. Related: Taking API proliferation seriously. Last year saw an unprecedented $21.8 billion in venture capital poured into cybersecurity companies globally.

article thumbnail

Cryptanalysis of ENCSecurity’s Encryption Implementation

Schneier on Security

ENCSecurity markets a file encryption system, and it’s used by SanDisk, Sony, Lexar, and probably others. Despite it using AES as its algorithm, it’s implementation is flawed in multiple ways—and breakable. The moral is, as it always is, that implementing cryptography securely is hard. Don’t roll your own anything if you can help it.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

State-sponsored Chinese threat actors compromise telecommunications and network services providers

Tech Republic Security

Threat actors originating from the People's Republic of China are exploiting known vulnerabilities to build a broad network infrastructure of compromised machines worldwide. Learn more about how to protect yourself from this threat. The post State-sponsored Chinese threat actors compromise telecommunications and network services providers appeared first on TechRepublic.

article thumbnail

A compelling story

Cisco Security

This article is part of a series in which we will explore several features, principles, and the building blocks of a security detection engine within an extended detection and response (XDR) solution. In this second installment, we will look at ways of structuring the presentation of machine-generated alerts, so that each alert offers a cohesive and compelling narrative, as if written by a human analyst, at scale and in realtime.

DNS 145
article thumbnail

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

Speaker: Erroll Amacker

Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.

article thumbnail

Serious vulnerabilities found in ITarian software, patches available for SaaS products

Malwarebytes

Dutch research group DIVD has identified multiple vulnerabilities in ITarian products. In cooperation with DIVD, ITarian has made patches available to deal with these vulnerabilities for its SaaS platform. Software as a service (SaaS) is a software distribution model in which a cloud provider hosts applications and makes them available to end users over the internet.

Software 138
article thumbnail

Girl Scouts and OpenText empower future leaders of tomorrow with cyber resilience

Webroot

The transition to a digital-first world enables us to connect, work and live in a realm where information is available at our fingertips. The children of today will be working in an environment of tomorrow that is shaped by hyperconnectivity. Operating in this environment means our present and future generations need to understand the importance of being aware of the benefits and risks of an interconnected world.

Education 135

LifeWorks

More Trending

article thumbnail

A week in security (June 6 – June 12)

Malwarebytes

Last week on Malwarebytes Labs: FBI warns of scammers soliciting donations for Ukraine Microsoft autopatch is here…but can you use it? Prometheus ransomware’s flaws inspired researchers to try to build a near-universal decryption tool Rotten apples banned from App store Hackers can take over accounts you haven’t even created yet Ransomware Task Force priorities see progress in first year Coffee app in hot water for constant tracking of user location SSNDOB stolen data marketpla

article thumbnail

9 ways hackers will use machine learning to launch attacks

CSO Magazine

Machine learning and artificial intelligence (AI) are becoming a core technology for some threat detection and response tools. The ability to learn on the fly and automatically adapt to changing cyberthreats give security teams an advantage. However, some threat actors are also using machine learning and AI a to scale up their cyberattacks, evade security controls, and find new vulnerabilities all at an unprecedented pace and to devastating results.

article thumbnail

Using WiFi connection probe requests to track users

Security Affairs

Researchers at the University of Hamburg demonstrated that WiFi connection probe requests expose users to track. A group of academics at the University of Hamburg (Germany) demonstrated that it is possible to use WiFi connection probe requests to identify and track devices and thereby their users. Mobile devices transmit probe requests to receive information about nearby Wi-Fi networks and establish a Wi-Fi connection.

Mobile 126
article thumbnail

Hacking Ham Radio: Why It’s Still Relevant and How to Get Started

Security Boulevard

This week we discuss hacking ham radio with special guests Caitlin Johanson, Rick Osgood, and Larry Pesce. In this episode you’ll learn what ham radio is, why its still relevant, why would attackers want to hack ham radio, all about packet radio and APRS (Automatic Packet Reporting System), and what equipment and licensing you need […]. The post Hacking Ham Radio: Why It’s Still Relevant and How to Get Started appeared first on The Shared Security Show.

Hacking 124
article thumbnail

Why Giant Content Libraries Do Nothing for Your Employees’ Cyber Resilience

Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.

article thumbnail

Robin Hood Ransomware ‘GOODWILL’ Forces Victim for Charity

Quick Heal Antivirus

Goodwill Ransomware, identified by CloudSEK researchers in March 2022, is known to promote social justice on the internet. The post Robin Hood Ransomware ‘GOODWILL’ Forces Victim for Charity appeared first on Quick Heal Blog | Latest computer security news, tips, and advice.

article thumbnail

Threat actors becoming more creative exploiting the human factor

CSO Magazine

Threat actors exhibited "ceaseless creativity" last year when attacking the Achilles heel of every organization—its human capital—according to Proofpoint's annual The Human Factor 2022 report. The report, released June 2, draws on a multi-trillion datapoint graph created from the company's deployments to identify the latest attack trends by malicious players.

article thumbnail

Iranian Hackers Spotted Using a new DNS Hijacking Malware in Recent Attacks

The Hacker News

The Iranian state-sponsored threat actor tracked under the moniker Lyceum has turned to using a new custom.NET-based backdoor in recent campaigns directed against the Middle East. "The new malware is a.NET based DNS Backdoor which is a customized version of the open source tool 'DIG.net,'" Zscaler ThreatLabz researchers Niraj Shivtarkar and Avinash Kumar said in a report published last week.

DNS 117
article thumbnail

Web3 and IAM: Marching toward disruption

CSO Magazine

Identity and access management (IAM) embraces a broad swath of IT practice. This practice is subject to two forces pushing it towards greater prominence: increasing threat actor activity and increasing infrastructure complexity. In response, we see increasing sophistication of the tools used to deal with both. Web3 technology has unique characteristics that lend it to dealing with IAM.

article thumbnail

Zero Trust Mandate: The Realities, Requirements and Roadmap

The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.

article thumbnail

19 Ways to Vet Your MSP for Cybersecurity Best Practices

Security Boulevard

When you choose a managed service provider (MSP), you are putting a lot of trust in their ability to keep your systems up and running and to keep your data safe. That’s why it’s so important to vet your potential managed service provider to make sure they are aware of and adhere to cybersecurity best. The post 19 Ways to Vet Your MSP for Cybersecurity Best Practices appeared first on Security Boulevard.

article thumbnail

Threat modeling for web application security

Acunetix

Threat modeling is an activity that helps you identify and mitigate threats. It’s very important because it makes you look at security risks top-down, focus on decision-making and prioritize cybersecurity decisions, and consider how you can use your resources in the best possible way. There. Read more. The post Threat modeling for web application security appeared first on Acunetix.

Risk 111
article thumbnail

Industroyer: A cyber?weapon that brought down a power grid

We Live Security

Five years ago, ESET researchers released their analysis of the first ever malware that was designed specifically to attack power grids. The post Industroyer: A cyber‑weapon that brought down a power grid appeared first on WeLiveSecurity.

Malware 111
article thumbnail

Chinese Hackers Distribute Backdoored Web3 Wallets for iOS and Android Users

The Hacker News

A technically sophisticated threat actor known as SeaFlower has been targeting Android and iOS users as part of an extensive campaign that mimics official cryptocurrency wallet websites intending to distribute backdoored apps that drain victims' funds.

article thumbnail

Next-Level Fraud Prevention: Strategies for Today’s Threat Landscape

Speaker: Sierre Lindgren

Fraud is a battle that every organization must face – it’s no longer a question of “if” but “when.” Every organization is a potential target for fraud, and the finance department is often the bullseye. From cleverly disguised emails to fraudulent payment requests, the tactics of cybercriminals are advancing rapidly. Drawing insights from real-world cases and industry expertise, we’ll explore the vulnerabilities in your processes and how to fortify them effectively.

article thumbnail

Cyber attacks on Indian Government websites due to comments on Prophet Muhammad

CyberSecurity Insiders

Indian Government websites are seeing a rise in cyber attacks after one of the former BJP leaders, Nupur Sharma, made some nasty comments on Prophet Muhammad. Terrorist organizations like Al-Qaida and others from Iran outfits have pledged to take control of India’s Aadhaar and electoral database if the suspended BJP leader Nupur Sharma doesn’t issue a public apology and is not punished by the court of law.

article thumbnail

Chinese 'Gallium' Hackers Using New PingPull Malware in Cyberespionage Attacks

The Hacker News

A Chinese advanced persistent threat (APT) known as Gallium has been observed using a previously undocumented remote access trojan in its espionage attacks targeting companies operating in Southeast Asia, Europe, and Africa.

Malware 107
article thumbnail

4 Ways Ransomware Can Infect A System

SecureBlitz

Ransomware is a type of malware that uses encryption to hold your data hostage until a ransom, usually in the. Read more. The post 4 Ways Ransomware Can Infect A System appeared first on SecureBlitz Cybersecurity.

article thumbnail

Researchers Disclose Rooting Backdoor in Mitel IP Phones for Businesses

The Hacker News

Cybersecurity researchers have disclosed details of two medium-security flaws in Mitel 6800/6900 desk phones that, if successfully exploited, could allow an attacker to gain root privileges on the devices. Tracked as CVE-2022-29854 and CVE-2022-29855 (CVSS score: 6.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Internet Explorer (almost) breathes its final byte on Wednesday

Bleeping Computer

Microsoft will finally end support for Internet Explorer on multiple Windows versions on Wednesday, June 15, almost 27 years after its launch on August 24, 1995. [.].

article thumbnail

Hello XD Ransomware Installing Backdoor on Targeted Windows and Linux Systems

The Hacker News

Windows and Linux systems are being targeted by a ransomware variant called HelloXD, with the infections also involving the deployment of a backdoor to facilitate persistent remote access to infected hosts.

article thumbnail

Russia-linked APT targets Ukraine by exploiting the Follina RCE vulnerability

Security Affairs

Ukraine’s Computer Emergency Response Team (CERT) warns that the Russia-linked Sandworm APT group may exploit the Follina RCE vulnerability. Ukraine’s Computer Emergency Response Team (CERT) is warning that the Russia-linked Sandworm APT may be exploiting the recently discovered Follina RCE. The issue, tracked as CVE-2022-30190, impacts the Microsoft Windows Support Diagnostic Tool (MSDT).

Media 98
article thumbnail

Exposed Travis CI API Leaves All Free-Tier Users Open to Attack

Dark Reading

Public Travis CI logs loaded with GitHub, AWS, Docker Hub account tokens, and other sensitive data could be leveraged for lateral cloud attacks.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Update Chrome now: Four high risk vulnerabilities found

Malwarebytes

Users of Chrome have been advised to apply updates as soon as possible related to seven security vulnerabilities. CISA has also warned that the vulnerabilities could be used to take control of affected systems. Although no detailed explanation of how these vulnerabilities work has been released, there is enough out there to encourage users to apply the patches.

Risk 98
article thumbnail

CISA Recommends Organizations Update to the Latest Version of Google Chrome

Dark Reading

Google last week reported seven vulnerabilities in the browser, four of which it rated as high severity.

98
article thumbnail

GALLIUM APT used a new PingPull RAT in recent campaigns

Security Affairs

China-linked Gallium APT employed a previously undocumented RAT, tracked as PingPull, in recent cyber espionage campaign targeting South Asia, Europe, and Africa. China-linked Gallium APT (aka Softcell) used a previously undocumented remote access Trojan dubbed PingPull in recent attacks aimed at organizations in Southeast Asia, Europe, and Africa. Researchers from Palo Alto Networks defined the PingPull RAT as a “difficult-to-detect” backdoor that leverages the Internet Control Mess

article thumbnail

Apple M1 Flaw Can’t be Fixed — PACMAN Panic

Security Boulevard

Apple’s M1 chip isn’t as safe from buffer overflows as previously thought. M1 and other designs based on ARMv8.3 can have their ‘PAC’ protection neutered. The post Apple M1 Flaw Can’t be Fixed — PACMAN Panic appeared first on Security Boulevard.

IoT 98
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!