Tue.Mar 14, 2023

article thumbnail

Two U.S. Men Charged in 2022 Hacking of DEA Portal

Krebs on Security

Two U.S. men have been charged with hacking into a U.S. Drug Enforcement Agency (DEA) online portal that taps into 16 different federal law enforcement databases. Both are alleged to be part of a larger criminal organization that specializes in using fake emergency data requests from compromised police and government email accounts to publicly threaten and extort their victims.

Hacking 238
article thumbnail

NetWire Remote Access Trojan Maker Arrested

Schneier on Security

From Brian Krebs : A Croatian national has been arrested for allegedly operating NetWire, a Remote Access Trojan (RAT) marketed on cybercrime forums since 2012 as a stealthy way to spy on infected systems and siphon passwords. The arrest coincided with a seizure of the NetWire sales website by the U.S. Federal Bureau of Investigation (FBI). While the defendant in this case hasn’t yet been named publicly, the NetWire website has been leaking information about the likely true identity and lo

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Learn the basics of cybersecurity with this $60 web-based training package

Tech Republic Security

The Premium Ethical Hacking Certification Bundle features eight courses that introduce students to the fundamentals and prepare them to earn important credentials from CompTIA. The post Learn the basics of cybersecurity with this $60 web-based training package appeared first on TechRepublic.

article thumbnail

Upcoming Speaking Engagements

Schneier on Security

This is a current list of where and when I am scheduled to speak: I’m speaking on “ How to Reclaim Power in the Digital World ” at EPFL in Lausanne, Switzerland, on Thursday, March 16, 2023, at 5:30 PM CET. I’ll be discussing my new book A Hacker’s Mind: How the Powerful Bend Society’s Rules at Harvard Science Center in Cambridge, Massachusetts, USA, on Friday, March 31, 2023 at 6:00 PM EDT.

196
196
article thumbnail

The Importance of User Roles and Permissions in Cybersecurity Software

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

article thumbnail

Attack campaign on edge appliance: undetected since 2021 and resists firmware update

Tech Republic Security

A possible Chinese attack campaign on compromised unpatched SonicWall SMA edge devices stayed undetected since 2021 and could persist even through firmware updates. The post Attack campaign on edge appliance: undetected since 2021 and resists firmware update appeared first on TechRepublic.

Firmware 132
article thumbnail

The slow Tick?ing time bomb: Tick APT group compromise of a DLP software developer in East Asia

We Live Security

ESET Research uncovered a campaign by APT group Tick against a data-loss prevention company in East Asia and found a previously unreported tool used by the group The post The slow Tick‑ing time bomb: Tick APT group compromise of a DLP software developer in East Asia appeared first on WeLiveSecurity

Software 145

More Trending

article thumbnail

DNS data shows one in 10 organizations have malware traffic on their networks

CSO Magazine

During every quarter last year, between 10% and 16% of organizations had DNS traffic originating on their networks towards command-and-control (C2) servers associated with known botnets and various other malware threats, according to a report from cloud and content delivery network provider Akamai. More than a quarter of that traffic went to servers belonging to initial access brokers, attackers who sell access into corporate networks to other cybercriminals, the report stated.

DNS 128
article thumbnail

Access Control Gap in Microsoft Active Directory Widens Enterprise Attack Surface

Dark Reading

One researcher thinks trust is broken in AD. Microsoft disagrees that there's a security vulnerability. But enterprise IT environments should be aware of an authentication gap either way.

article thumbnail

SHARED INTEL Q&A: Bi-partisan report calls a for a self-sacrificing approach to cybersecurity

Security Boulevard

A new report from the Bipartisan Policy Center ( BPC ) lays out — in stark terms – the prominent cybersecurity risks of the moment. Related: Pres. Biden’s impact on cybersecurity. The BPC’s Top Risks in Cybersecurity 2023 analysis … (more…) The post SHARED INTEL Q&A: Bi-partisan report calls a for a self-sacrificing approach to cybersecurity appeared first on Security Boulevard.

article thumbnail

Microsoft Rolls Out Patches for 80 New Security Flaws — Two Under Active Attack

The Hacker News

Microsoft's Patch Tuesday update for March 2023 is rolling out with remediations for a set of 80 security flaws, two of which have come under active exploitation in the wild. Eight of the 80 bugs are rated Critical, 71 are rated Important, and one is rated Moderate in severity. The updates are in addition to 29 flaws the tech giant fixed in its Chromium-based Edge browser in recent weeks.

99
article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

IDIQ Wins Prestigious Gold Stevie® Award for Customer Service Department of The Year

Identity IQ

IDIQ Wins Prestigious Gold Stevie® Award for Customer Service Department of The Year IdentityIQ —IDIQ Customer Care Department Has Been Recognized as Best in the Industry for Consumer Products and Services — Temecula, California, March 14, 2023 – IDIQ ® , an industry leader in identity theft protection and credit monitoring, has earned the prestigious Gold Stevie® Award as the Customer Service Department of the Year.

article thumbnail

Update now! Microsoft fixes two zero-day bugs

Malwarebytes

Microsoft, and other vendors, have released their monthly updates. In total Microsoft has fixed a total of 101 vulnerabilities for several titles (including Edge), with two of them being actively exploited zero-days. On top of that, Adobe has fixed an actively exploited vulnerability in ColdFusion. The Common Vulnerabilities and Exposures (CVE) database lists publicly disclosed computer security flaws.

article thumbnail

Windows 10 KB5023696 and KB5023697 updates released

Bleeping Computer

It's Microsoft's March 2023 Patch Tuesday, and the new Windows 10 KB5023696 and KB5023697 cumulative updates are now available for versions 22H2, version 21H2, version 21H1, and 1809 to fix problems in the operating system. [.

98
article thumbnail

Microsoft Warns of Large-Scale Use of Phishing Kits to Send Millions of Emails Daily

The Hacker News

An open source adversary-in-the-middle (AiTM) phishing kit has found a number of takers in the cybercrime world for its ability to orchestrate attacks at scale. Microsoft Threat Intelligence is tracking the threat actor behind the development of the kit under its emerging moniker DEV-1101.

article thumbnail

Cybersecurity Predictions for 2024

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

article thumbnail

Windows 11 KB5023706 and KB5023698 cumulative updates released

Bleeping Computer

Microsoft has released the Windows 11 KB5023706 and KB5023698 cumulative updates for versions 22H2 and 21H2 to fix security vulnerabilities and bugs in the operating system. [.

97
article thumbnail

Success of National Cybersecurity Strategy Rests on Swift Action

Security Boulevard

Just a week after the White House unveiled its long-anticipated National Cybersecurity Strategy, a pair of incidents—a breach at DC Health Link that may have exposed the personal data of members of Congress and a warning that hackers were exploiting old vulnerabilities in VMware—underscored the importance of shoring up cybersecurity defenses and demonstrated that no.

article thumbnail

Microsoft fixes Outlook zero-day used by Russian hackers since April 2022

Bleeping Computer

Microsoft has patched an Outlook zero-day vulnerability (CVE-2023-23397) exploited by a hacking group linked to Russia's military intelligence service GRU to target European organizations. [.

Hacking 96
article thumbnail

GoBruteforcer: New Golang-Based Malware Breaches Web Servers Via Brute-Force Attacks

The Hacker News

A new Golang-based malware dubbed GoBruteforcer has been found targeting web servers running phpMyAdmin, MySQL, FTP, and Postgres to corral the devices into a botnet. "GoBruteforcer chose a Classless Inter-Domain Routing (CIDR) block for scanning the network during the attack, and it targeted all IP addresses within that CIDR range," Palo Alto Networks Unit 42 researchers said.

Malware 94
article thumbnail

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

article thumbnail

Software supply chain attacks are on the rise — are you at risk?

Graham Cluley

Graham Cluley Security News is sponsored this week by the folks at Sysdig. Thanks to the great team there for their support! Attacks targeting the software supply chain are on the rise and splashed across the news. SolarWinds raised awareness about the risk. More recent events, like the Federal Civilian Executive Branch (FCEB) agency breach, … Continue reading "Software supply chain attacks are on the rise — are you at risk?

article thumbnail

Amazon-owned Ring reportedly suffers ransomware attack

CSO Magazine

Ring, a home security and smart home company owned by Amazon, has reportedly suffered a ransomware attack by Russia-linked ALPHV group, according to a tweet by VX-Underground. The ALPHV ransomware group, also known as BlackCat, has posted the company’s logo on its website along with a message that reads, “There’s always an option to let us leak your data.

article thumbnail

FBI reveals that more money is lost to investment fraud than ransomware and business email compromise combined

Graham Cluley

The latest annual FBI report on the state of cybercrime has shown a massive increase in the amount of money stolen through investment scams. Read more in my article on the Hot for Security blog.

Scams 89
article thumbnail

Microsoft fixes Windows zero-day exploited in ransomware attacks

Bleeping Computer

Microsoft has patched another zero-day bug used by attackers to circumvent the Windows SmartScreen cloud-based anti-malware service and deploy Magniber ransomware payloads without raising any red flags. [.

article thumbnail

5 Key Findings From the 2023 FBI Internet Crime Report

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

article thumbnail

$197 Million in Cryptocurrency Stolen in Euler Finance Attack

Heimadal Security

On Sunday, a cryptocurrency flash loan attack on the lending platform Euler Finance resulted in the theft of $197 million in various digital assets by threat actors. The theft involved multiple tokens including $135.8 million in stETH, $33.85 million in USDC, $18.5 million in WBTC, and $8.75 million in DAI. The ETH wallet used to […] The post $197 Million in Cryptocurrency Stolen in Euler Finance Attack appeared first on Heimdal Security Blog.

article thumbnail

Microsoft March 2023 Patch Tuesday fixes 2 zero-days, 83 flaws

Bleeping Computer

​Today is Microsoft's March 2023 Patch Tuesday, and security updates fix two actively exploited zero-day vulnerabilities and a total of 83 flaws. [.

98
article thumbnail

STALKER 2 hacker demands Ukrainian game developer reinstates Russian language support, or else…

Graham Cluley

A Ukrainian video game developer has revealed that a hacker has leaked development material stolen from the company's systems, and is threatening to release tens of gigabytes more if their unorthodox ransom demands are not met.

article thumbnail

Universities and colleges cope silently with ransomware attacks

CSO Magazine

Although some cybersecurity researchers say that ransomware attacks are on the downswing as cybercriminals face declining payments, a spate of recent ransomware attacks makes it feel like the scourge is continuing at the same, or even an elevated, pace. Nowhere is this more apparent than in the higher education sector, with at least eight colleges and universities in North America reporting ransomware attacks since December 2022.

article thumbnail

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

article thumbnail

Cybercriminals exploit SVB collapse to steal money and data

Bleeping Computer

The collapse of the Silicon Valley Bank (SVB) on March 10, 2023, has sent ripples of turbulence throughout the global financial system, but for hackers, scammers, and phishing campaigns, it's becoming an excellent opportunity. [.

Banking 88
article thumbnail

LockBit Ransomware gang claims to have stolen SpaceX confidential data from Maximum Industries

Security Affairs

The LockBit ransomware group claims to have stolen confidential data belonging to SpaceX from the systems of Maximum Industries. The LockBit ransomware gang claims to have stolen confidential data of SpaceX after they hacked the systems of production company Maximum Industries. Maximum Industries is a full-service, piece-part production, and contract manufacturing facility.

article thumbnail

Google Proposes Reducing TLS Cert Life Span to 90 Days

Dark Reading

Organizations will likely have until the end of 2024 to gain visibility and control over their keys and certificates.

106
106
article thumbnail

The Prolificacy of LockBit Ransomware

The Hacker News

Today, the LockBit ransomware is the most active and successful cybercrime organization in the world. Attributed to a Russian Threat Actor, LockBit has stepped out from the shadows of the Conti ransomware group, who were disbanded in early 2022. LockBit ransomware was first discovered in September 2019 and was previously known as ABCD ransomware because of the ".

article thumbnail

From Complexity to Clarity: Strategies for Effective Compliance and Security Measures

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.