Krebs on Security

JULY 25, 2023

Researchers this month uncovered a two-year-old Linux-based remote access trojan dubbed AVrecon that enslaves Internet routers into botnet that bilks online advertisers and performs password-spraying attacks. Now new findings reveal that AVrecon is the malware engine behind a 12-year-old service called SocksEscort , which rents hacked residential and small business devices to cybercriminals looking to hide their true location online.

Malware 197

Malware VPN Internet Internet 197

Schneier on Security

JULY 25, 2023

The details are scant—the article is based on a “heavily redacted” contract—but the New York subway authority is using an “AI system” to detect people who don’t pay the subway fare. Joana Flores, an MTA spokesperson, said the AI system doesn’t flag fare evaders to New York police, but she declined to comment on whether that policy could change.

Artificial Intelligence 183

Artificial Intelligence 183

Tech Republic Security

JULY 25, 2023

Want a custom security dashboard to bring together data from multiple places? Microsoft Power BI can do that and help you spot what's changing.

Big data 187

Big data Software 187

Security Boulevard

JULY 25, 2023

Less than two weeks after WormGPT hit the scene as threat actors’ alternative to the wildly popular ChatGPT generative AI chatbot, a similar tool called FraudGPT is making the rounds on the dark web. FraudGPT offers cybercriminals more effective ways to launch phishing attacks and create malicious code. FraudGPT has been circulating on Telegram Channels.

Phishing 98

Phishing Cybersecurity 98

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Tech Republic Security

JULY 25, 2023

If you're new to cyber security or trying to improve your knowledge, Cyber Security Specialist Workshop Live Sessions provides 32 weeks of essential training for under $500.

Cybersecurity 128

Cybersecurity 128

Security Boulevard

JULY 25, 2023

Netskope today published a report that found source code is posted to ChatGPT more than any other type of sensitive data. The post Netskope Sees Lots of Source Code Pushed in ChatGPT appeared first on Security Boulevard.

Cybersecurity 98

Cybersecurity 98

Malwarebytes

JULY 25, 2023

Stalkerware-type app Spyhide is coded so badly that it’s possible to gain access to the back-end databases and retrieve data about everyone that has the app on their device. And it's not a small number. Hacktivist maia arson crimew told TechCrunch she'd found 60,000 compromised Android devices, dating back to 2016. Spyhide, like many other stalkerware-type apps “silently and continually uploads the phone’s contacts, messages, photos, call logs and recordings, and granular locat

Surveillance 98

Surveillance Mobile Marketing Government 98

Bleeping Computer

JULY 25, 2023

A critical severity 'Super Admin' privilege elevation flaw puts over 900,000 MikroTik RouterOS routers at risk, potentially enabling attackers to take full control over a device and remain undetected. [.

Risk 98

Risk 98

Security Boulevard

JULY 25, 2023

A recent article in Forbes discusses the shifting mindset in cybersecurity from the traditional “detect and respond” approach to a prevention-first philosophy. With the continuous evolution of cybersecurity threats, organizations are investing in various tools like EDR (endpoint detection and response), MDR (managed detection and response), and XDR (extended detection and response).

Cybersecurity 98

Cybersecurity 98

Security Affairs

JULY 25, 2023

VMware fixed an information disclosure flaw in VMware Tanzu Application Service for VMs and Isolation Segment that exposed CF API admin credentials in audit logs. VMware has addressed an information disclosure vulnerability, tracked as CVE-2023-20891 (CVSSv3 score 6.5), in VMware Tanzu Application Service for VMs (TAS for VMs) and Isolation Segment that exposed logged credentials via system audit logs.

Hacking 97

Hacking Information Security 97

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Security Boulevard

JULY 25, 2023

Picture this: your company falls victim to a cyber-attack, resulting in loss of revenue and significant operational downtime. Do you know what your next steps should be? The post Cyber Insurance: The Key to Business Resilience in a Risky World appeared first on Security Boulevard.

Cyber Insurance 98

Cyber Insurance Insurance Cyber Attacks Cybersecurity 98

The Hacker News

JULY 25, 2023

A new security vulnerability has been discovered in AMD's Zen 2 architecture-based processors that could be exploited to extract sensitive data such as encryption keys and passwords. Discovered by Google Project Zero researcher Tavis Ormandy, the flaw – codenamed Zenbleed and tracked as CVE-2023-20593 (CVSS score: 6.5) – allows data exfiltration at the rate of 30 kb per core, per second.

Encryption 97

Encryption Passwords Architecture Risk 97

Security Boulevard

JULY 25, 2023

Inside the Attacker’s Playbook: Unmasking the most common lateral movement techniques Lateral movement techniques refer to the methods employed by attackers to move through a network, seeking to escalate privileges, access sensitive data, or achieve persistence. A common and insidious practice, making the most of the common lateral movement techniques is the bread and butter.

98

98

The Hacker News

JULY 25, 2023

A severe privilege escalation issue impacting MikroTik RouterOS could be weaponized by remote malicious actors to execute arbitrary code and seize full control of vulnerable devices. Cataloged as CVE-2023-30799 (CVSS score: 9.

Hacking 95

Hacking Risk 95

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity

Security Boulevard

JULY 25, 2023

The DOJ’s two-year-old National Cryptocurrency Enforcement Team (NCET) will merge with its Crime and Intellectual Property Section (CCIPS). The post DOJ Reorganizes Units to Better Fight Ransomware appeared first on Security Boulevard.

Ransomware 98

Ransomware Cryptocurrency Malware Cybersecurity 98

The Hacker News

JULY 25, 2023

The financially motivated threat actors behind the Casbaneiro banking malware family have been observed making use of a User Account Control (UAC) bypass technique to gain full administrative privileges on a machine, a sign that the threat actor is evolving their tactics to avoid detection and execute malicious code on compromised assets.

Banking 95

Banking Malware Accountability 95

Security Boulevard

JULY 25, 2023

Google employees are to be protected from themselves. In what’s being described as a pilot program, they’ll lose internet access at work and/or root privileges. The post No net for some, no root for devs — Google pilot walls off staff internet, access for ‘safety’ appeared first on Security Boulevard.

Internet 98

Internet Internet Software 98

Security Affairs

JULY 25, 2023

Atlassian addressed three vulnerabilities in its Confluence Server, Data Center, and Bamboo Data Center products that can lead to remote code execution. Atlassian has addressed three critical and high severity vulnerabilities impacting the Confluence Server, Data Center, and Bamboo Data Center products. Successful exploitation of the vulnerabilities could result in remote code execution on vulnerable systems.

Authentication 92

Authentication Hacking Information Security 92

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

Security Boulevard

JULY 25, 2023

July 25, 2023 – Expert Insights, a renowned. The post EasyDMARC Recognized As “Top Solution” Summer 2023 by Expert Insights appeared first on EasyDMARC. The post EasyDMARC Recognized As “Top Solution” Summer 2023 by Expert Insights appeared first on Security Boulevard.

97

97

Bleeping Computer

JULY 25, 2023

The analysis of nearly 20 million information-stealing malware logs sold on the dark web and Telegram channels revealed that they had achieved significant infiltration into business environments. [.

Malware 90

Malware 90

Security Boulevard

JULY 25, 2023

This month we’re delighted to share some updates in Fairwinds Insights related to Prometheus metrics in addition to other improvements and bug fixes. Prometheus-metrics can generate a lot of Action Items, so we’ve updated Insights so prometheus-metrics will no longer be generated for Pod resource kinds. You may notice a dramatically lower number of Action Items as a result of this change, which should make your list of Action Items easier to manage.

97

97

Bleeping Computer

JULY 25, 2023

New details have emerged about Decoy Dog, a largely undetected sophisticated toolkit likely used for at least a year in cyber intelligence operations, relying on the domain name system (DNS) for command and control activity. [.

DNS 88

DNS Malware 88

Advertisement

The losses companies suffered in 2023 ransomware attacks increased by 74% compared to those of the previous year, according to new data from the Federal Bureau of Investigation (FBI). The true figure is likely to be even higher, though, as many identity theft and phishing attacks go unreported. Ransomware attackers can potentially paralyze not just private sector organizations but also healthcare facilities, schools, and entire police departments.

Identity Theft

Security Boulevard

JULY 25, 2023

According to research by the Aite Group, financial institutions are facing a 64% uptick in account takeover attacks than before the pandemic. This number is expected to rise further as the digital ecosystem expands, enlarging the surface area culpable to attack. Account takeover fraud is one of the most common fraud types, and institutions must… Continue reading Account takeover fraud: 5 steps for protecting your customers The post Account takeover fraud: 5 steps for protecting your customers ap

Accountability 96

Accountability Media 96

DoublePulsar

JULY 25, 2023

MobileIron aka EPMM, a widely used Mobile Device Management product from Ivanti, has a crucial flaw — it has an API endpoint which requires no authentication whatsoever. Ivanti customers should patch this zero day now. It became clear this was being exploited in the wild a few days ago, after the Norwegian government disclosed 12 of their ministries were hacked using this MobileIron zero day , and they had to tell Ivanti about the issue.

Mobile 89

Mobile InfoSec Government Accountability 89

Security Boulevard

JULY 25, 2023

Cybersecurity is the practice of safeguarding systems, networks, and programmes from digital attacks. These cyberattacks are often aimed at accessing, changing, or destroying sensitive information, extorting money from users, or disrupting normal business processes. The implementation of effective cybersecurity measures is a challenging task in today’s world, given the increasing number of devices and the […] Het bericht Understanding Cybersecurity and Its Importance in Managing Insider Risks ve

Risk 96

Risk Cybersecurity 96

The Hacker News

JULY 25, 2023

As the number of people using macOS keeps going up, so does the desire of hackers to take advantage of flaws in Apple's operating system. What Are the Rising Threats to macOS? There is a common misconception among macOS fans that Apple devices are immune to hacking and malware infection. However, users have been facing more and more dangers recently.

Malware 90

Malware Hacking 90

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

Cybersecurity

Security Boulevard

JULY 25, 2023

For digital-first companies where software applications power their business, ensuring their SDLC and products are secure has become a paramount concern. If these companies haven’t prioritized secure software development, they face many risks including falling behind their competitors and losing customers. Understanding how to effectively secure your applications, protect sensitive data, and deliver quality software with a robust application security posture is a necessity.

Software 95

Software Risk 95

Bleeping Computer

JULY 25, 2023

Microsoft is investigating a known issue causing Microsoft 365 customers to experience significant delays when saving attachments in Outlook Desktop to a network share. [.

89

89

Security Boulevard

JULY 25, 2023

WhiteHat™Dynamic delivers the compliance testing you need, without slowing down development. The post Compliance? WhiteHat™ Dynamic has you covered appeared first on Security Boulevard.

Risk 94

Risk 94

Heimadal Security

JULY 25, 2023

Yamaha’s Canadian music division has confirmed that it fell victim to a recent cyberattack, as two separate ransomware groups claimed responsibility for targeting the company. Yamaha Corporation, a renowned Japanese manufacturer of musical instruments and audio equipment, experienced unauthorized access and data theft during the cyberattack. In response, the company swiftly took action to contain […] The post Yamaha Confirms Cyber Attack on Its Canadian Division appeared first on Hei

Cyber Attacks 88

Cyber Attacks Manufacturing Ransomware Cybersecurity 88

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.