Troy Hunt

OCTOBER 15, 2022

I decided to do something a bit different this week and mostly just answer questions from my talk at GOTO Copenhagen last week. I wasn't actually in Denmark this time, but a heap of really good questions came through and as I started reading them, I thought "this would actually make for a really good weekly update" So here we are, and those questions then spurned on a whole heap more from the live audience too so this week's video became one large Q&A.

Media 223

Media 223

Krebs on Security

OCTOBER 15, 2022

AMLBot , a service that helps businesses avoid transacting with cryptocurrency wallets that have been sanctioned for cybercrime activity, said an investigation published by KrebsOnSecurity last year helped it shut down three dark web services that secretly resold its technology to help cybercrooks avoid detection by anti-money laundering systems. Antinalysis, as it existed in 2021.

Cryptocurrency 218

Cryptocurrency Marketing Cybercrime Technology 218

Bleeping Computer

OCTOBER 15, 2022

Almost 900 servers have been hacked using a critical Zimbra Collaboration Suite (ZCS) vulnerability, which at the time was a zero-day without a patch for nearly 1.5 months. [.].

Hacking 145

Hacking 145

Security Affairs

OCTOBER 15, 2022

Palo Alto Networks addressed a high-severity authentication bypass vulnerability affecting the PAN-OS 8.1 software. Palo Alto Networks released security patches to address a high-severity authentication bypass flaw, tracked as CVE-2022-0030 (CVSS score 8.1), impacting the PAN-OS 8.1 software. “An authentication bypass vulnerability in the Palo Alto Networks PAN-OS 8.1 web interface allows a network-based attacker with specific knowledge of the target firewall or Panorama appliance to imper

Firewall 145

Firewall Authentication Software Hacking 145

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Bleeping Computer

OCTOBER 15, 2022

Over 45,000 VMware ESXi servers inventoried by Lansweeper just reached end-of-life (EOL), with VMware no longer providing software and security updates unless companies purchase an extended support contract. [.].

Software 145

Software 145

Security Affairs

OCTOBER 15, 2022

Tata Power Company Limited, India’s largest power generation company, announced it was hit by a cyberattack. Tata Power on Friday announced that was hit by a cyber attack. Threat actors hit the Information Technology (IT) infrastructure of the company. The company confirmed that the security breach impacted “some of its IT systems.” “The Tata Power Company Limited had a cyber attack on its IT infrastructure impacting some of its IT systems.

Cyber Attacks 122

Cyber Attacks Hacking Technology Risk 122

Malwarebytes

OCTOBER 15, 2022

In less than four weeks, the balance of power in the US House of Representatives and Senate will be up for grabs, along with a host of gubernatorial seats, and positions at the state and municipal levels. With everyone preparing to cast their ballots, the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) have reminded people about the potential threat of disinformation.

Mobile 85

Mobile Media Hacking Cybersecurity 85

Security Boulevard

OCTOBER 15, 2022

Our sincere thanks to BSidesLV for publishing their outstanding conference videos on the organization's YouTube channel. Permalink. The post BSidesLV 2022 Lucky13 Hire Ground – Steve Winterfeld’s ‘Find Your North Star’ appeared first on Security Boulevard.

Education 85

Education Information Security Cybersecurity Network Security 85

WIRED Threat Level

OCTOBER 15, 2022

Plus: Hackers hit the Mormon Church, Signal plans to ditch SMS for Android, and a Fat Bear election erupts in scandal.

Hacking 91

Hacking 91

Security Boulevard

OCTOBER 15, 2022

The post What is Threatening Your Data? appeared first on Fidelis Cybersecurity. The post What is Threatening Your Data? appeared first on Security Boulevard.

Cybersecurity 80

Cybersecurity 80

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Security Affairs

OCTOBER 15, 2022

Experts spotted a PHP version of an information-stealing malware called Ducktail spread as cracked installers for legitimate apps and games. Zscaler researchers discovered a PHP version of an information-stealing malware tracked as Ducktail. The malicious code is distributed as free/cracked application installers for a variety of applications including games, Microsoft Office applications, Telegram, and others. .

Accountability 123

Accountability Malware Cryptocurrency Marketing 123

Security Boulevard

OCTOBER 15, 2022

AMLBot, a service that helps businesses avoid transacting with cryptocurrency wallets that have been sanctioned for cybercrime activity, said an investigation published by KrebsOnSecurity last year helped it shut down three dark web services that secretly resold its technology to help cybercrooks avoid detection by anti-money laundering systems. The post Anti-Money Laundering Service AMLBot Cleans House appeared first on Security Boulevard.

Cryptocurrency 69

Cryptocurrency Cybercrime Technology Web Fraud 69