Mon.Apr 01, 2024

article thumbnail

Magic Security Dust

Schneier on Security

Adam Shostack is selling magic security dust. It’s about time someone is commercializing this essential technology.

article thumbnail

Best Practices Q&A: The importance of articulating how cybersecurity can be a business enabler

The Last Watchdog

The technology and best practices for treating cybersecurity as a business enabler, instead of an onerous cost-center, have long been readily available. Related: Data privacy vs data security However, this remains a novel concept at most companies. Now comes a Forrester Research report that vividly highlights why attaining and sustaining a robust cybersecurity posture translates into a competitive edge.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Google now blocks spoofed emails for better phishing protection

Bleeping Computer

Google has started automatically blocking emails sent by bulk senders who don't meet stricter spam thresholds and authenticate their messages as required by new guidelines to strengthen defenses against spam and phishing attacks. [.

Phishing 138
article thumbnail

The Incognito Mode Myth Has Fully Unraveled

WIRED Threat Level

To settle a years-long lawsuit, Google has agreed to delete “billions of data records” collected from users of “Incognito mode,” illuminating the pitfalls of relying on Chrome to protect your privacy.

138
138
article thumbnail

The Importance of User Roles and Permissions in Cybersecurity Software

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

article thumbnail

Free VPN apps turn Android phones into criminal proxies

Malwarebytes

Researchers at HUMAN’s Satori Threat Intelligence have discovered a disturbing number of VPN apps that turn users’ devices into proxies for cybercriminals without their knowledge, as part of a camapign called PROXYLIB. Cybercriminals and state actors like to send their traffic through other people’s devices, known as proxies. This allows them to use somebody else’s resources to get their work done, it masks the origin of their attacks so they are less likely to get blocked, and it ma

VPN 136
article thumbnail

CVE-2024-29201 & CVE-2024-29202 Flaws Expose JumpServer Users to RCE Attacks

Penetration Testing

JumpServer, a popular open-source bastion host system, has recently been found to contain two critical vulnerabilities (CVE-2024-29201 and CVE-2024-29202) that could allow attackers to execute arbitrary code remotely. These vulnerabilities pose a severe risk... The post CVE-2024-29201 & CVE-2024-29202 Flaws Expose JumpServer Users to RCE Attacks appeared first on Penetration Testing.

More Trending

article thumbnail

Arjun: HTTP parameter discovery suite

Penetration Testing

Arjun Arjun can find query parameters for URL endpoints. If you don’t get what that means, it’s okay, read along. Web applications use parameters (or queries) to accept user input, consider the following example... The post Arjun: HTTP parameter discovery suite appeared first on Penetration Testing.

article thumbnail

OWASP discloses data breach caused by wiki misconfiguration

Bleeping Computer

The OWASP Foundation has disclosed a data breach after some members' resumes were exposed online due to a misconfiguration of its old Wiki web server. [.

article thumbnail

Malicious Apps Caught Secretly Turning Android Phones into Proxies for Cybercriminals

The Hacker News

Several malicious Android apps that turn mobile devices running the operating system into residential proxies (RESIPs) for other threat actors have been observed on the Google Play Store. The findings come from HUMAN's Satori Threat Intelligence team, which said the cluster of VPN apps came fitted with a Golang library that transformed the user's device into a proxy node without their knowledge.

VPN 127
article thumbnail

Webinar Recap: Cybersecurity Trends to Watch in 2024

Security Boulevard

Predicting the future of cybersecurity is an impossible task, but getting some expert advice doesn’t. The post Webinar Recap: Cybersecurity Trends to Watch in 2024 appeared first on Security Boulevard.

article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

Info stealer attacks target macOS users

Security Affairs

Experts warn of info stealer malware, including Atomic Stealer, targeting Apple macOS users via malicious ads and rogue websites. Jamf Threat Labs researchers analyzed info stealer malware attacks targeting macOS users via malicious ads and rogue websites. One of the attacks spotted by the researchers relied on sponsored ads proposed to the users while searching for “Arc Browser” on Google.

Malware 116
article thumbnail

Cybersecurity Industry Starts Picking Through Malicious XZ Utils Code

Security Boulevard

The open source community, federal agencies, and cybersecurity researchers are still trying to get their hands around the security near-miss of the backdoor found in versions of the popular XZ Utils data compression library, malicious code that apparently was methodically put together by bad actors over more than two years and incidentally discovered by a.

article thumbnail

FTC: Americans lost $1.1 billion to impersonation scams in 2023

Bleeping Computer

Impersonation scams in the U.S. exceeded $1.1 billion in losses last year, according to statistics collected by the Federal Trade Commission (FTC), a figure that is three times higher than in 2020. [.

Scams 101
article thumbnail

The Best SIEM Tools To Consider in 2024

Security Boulevard

What is a SIEM? SIEM solutions enable enterprises to monitor and analyze security-related data from a variety of sources, such as firewalls, intrusion detection systems (IDS), and endpoint security devices. By collecting and analysing this data, companies can spot patterns that may signal a security breach, allowing them to take quick and appropriate action to […] The post The Best SIEM Tools To Consider in 2024 appeared first on Centraleyes.

Firewall 118
article thumbnail

Cybersecurity Predictions for 2024

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

article thumbnail

Shopping platform PandaBuy data leak impacts 1.3 million users

Bleeping Computer

Data belonging to more than 1.3 million customers of the PandaBuy online shopping platform has been leaked, allegedly after two threat actors exploited multiple vulnerabilities to breach systems. [.

100
100
article thumbnail

Bitdefender CVE-2023-6154 Flaw Alert: Update Now to Prevent Potential Privilege Escalation

Penetration Testing

Bitdefender, a leading provider of cybersecurity solutions, has released a critical patch addressing a vulnerability in its popular Total Security, Internet Security, Antivirus Plus, and Antivirus Free products. This vulnerability, designated CVE-2023-6154, carries a... The post Bitdefender CVE-2023-6154 Flaw Alert: Update Now to Prevent Potential Privilege Escalation appeared first on Penetration Testing.

article thumbnail

India rescues 250 citizens enslaved by Cambodian cybercrime gang

Bleeping Computer

The Indian government says it rescued and repatriated 250 citizens who sought jobs in Cambodia, only to be forced into conducting cybercrime once they arrived. [.

article thumbnail

New Vultur malware version includes enhanced remote control and evasion capabilities

Security Affairs

Researchers detected a new version of the Vultur banking trojan for Android with enhanced remote control and evasion capabilities. Researchers from NCC Group discovered a new version of the Vultur banking trojan for Android that includes new enhanced remote control and evasion capabilities. Some of the new features implemented in this variant include the ability to: Download, upload, delete, install, and find files; Control the infected device using Android Accessibility Services (sending comman

Malware 108
article thumbnail

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

article thumbnail

Earth Freybug Uses UNAPIMON for Unhooking Critical APIs

Trend Micro

This article provides an in-depth look into two techniques used by Earth Freybug actors: dynamic-link library (DLL) hijacking and application programming interface (API) unhooking to prevent child processes from being monitored via a new malware we’ve discovered and dubbed UNAPIMON.

Malware 111
article thumbnail

CVE-2024-2975: Octopus Deploy Patches Critical Privilege Escalation Vulnerability

Penetration Testing

Octopus Deploy, the popular deployment automation platform, has released a security advisory and subsequent patches to address a critical vulnerability (CVE-2024-2975). This flaw could allow attackers to escalate their privileges under specific configurations, potentially... The post CVE-2024-2975: Octopus Deploy Patches Critical Privilege Escalation Vulnerability appeared first on Penetration Testing.

article thumbnail

Pentagon established the Office of the Assistant Secretary of Defense for Cyber Policy

Security Affairs

The US government announced establishing the Office of the Assistant Secretary of Defense for Cyber Policy. The US Defense Department announced establishing the Office of the Assistant Secretary of Defense for Cyber Policy (ASD(CP)) as directed in the National Defense Authorization Act for Fiscal Year 2023. The ASD(CP) will oversee DoD policy for cyber operations reporting to the Under Secretary of Defense for Policy (USD(P)).

article thumbnail

Yacht retailer MarineMax discloses data breach after cyberattack

Bleeping Computer

MarineMax, self-described as one of the world's largest recreational boat and yacht retailers, says attackers stole employee and customer data after breaching its systems in a March cyberattack. [.

Retail 91
article thumbnail

5 Key Findings From the 2023 FBI Internet Crime Report

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

article thumbnail

Qualcomm Addresses Critical Security Vulnerabilities in April Bulletin

Penetration Testing

US-based chip giant Qualcomm has released a critical security bulletin patching a major flaw along with 11 other high-severity vulnerabilities. The most serious of these vulnerabilities (CVE-2024-21473) carries a CVSS score of 9.8 and... The post Qualcomm Addresses Critical Security Vulnerabilities in April Bulletin appeared first on Penetration Testing.

article thumbnail

The AI Revolution in Access Management: Intelligent Provisioning and Fraud Prevention

Security Boulevard

AI revolutionizes access management by enabling intelligent provisioning, dynamic access control, and fraud prevention. Using machine learning and predictive analytics, it ensures consistent access policies and detects anomalous behavior in real time. The post The AI Revolution in Access Management: Intelligent Provisioning and Fraud Prevention appeared first on Security Boulevard.

article thumbnail

Detecting Windows-based Malware Through Better Visibility

The Hacker News

Despite a plethora of available security solutions, more and more organizations fall victim to Ransomware and other threats. These continued threats aren't just an inconvenience that hurt businesses and end users - they damage the economy, endanger lives, destroy businesses and put national security at risk.

Malware 109
article thumbnail

Millions Impacted in Mass Passcode Reset of AT&T Accounts

Security Boulevard

AT&T has initiated a mass reset of millions of customer account passcodes following a reported data breach. The post Millions Impacted in Mass Passcode Reset of AT&T Accounts appeared first on Enzoic. The post Millions Impacted in Mass Passcode Reset of AT&T Accounts appeared first on Security Boulevard.

article thumbnail

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

article thumbnail

'Darcula' Phishing Service Unleashes Sophisticated Smishing Attacks

SecureWorld News

A new Phishing-as-a-Service (PhaaS) threat called "darcula" is taking advantage of encrypted mobile messaging services to unleash a wave of sophisticated smishing attacks targeting organizations across more than 100 countries. The darcula platform provides cybercriminals with easy access to branded phishing campaigns mimicking postal services, utilities, banks, airlines, and more through more than 20,000 phishing domains.

article thumbnail

Cryptocurrency and Blockchain security due diligence: A guide to hedge risk

Cisco Security

Blockchain technology has experienced remarkable adoption in recent years, driven by its use across a broad spectrum of institutions, governments, retail investors, and users. However, this surge in… Read more on Cisco Blogs Blockchain adoption and crypto investments are peaking, along with scams. Ensure safety in this bull run by being diligent.

article thumbnail

The Top MSP KPIs and Metrics You Should Measure as a Managed Service Provider

Heimadal Security

When you’re running an MSP, it’s easy to lose sight of the bigger picture. You’re fighting fires, managing people, dealing with clients, and the million-and-one other things a business owner does. This means that weeks or even months can go by, without taking the time to really assess the health of your business. And this […] The post The Top MSP KPIs and Metrics You Should Measure as a Managed Service Provider appeared first on Heimdal Security Blog.

85
article thumbnail

Vulnerability Recap 4/1/24: Cisco, Fortinet & Windows Server Updates

eSecurity Planet

Vendors and researchers disclosed a wide range of vulnerabilities this week from common Cisco IOS, Fortinet, and Windows Server issues to more focused flaws affecting developers (PyPI), artificial intelligence (Ray, NVIDIA), and industrial controls (Rockwell Automation). While most issues can be fixed through prompt patching and updating, a few remain unfixed and may require more significant changes to the security stack to block possible attacks.

article thumbnail

From Complexity to Clarity: Strategies for Effective Compliance and Security Measures

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.