Krebs on Security

NOVEMBER 13, 2021

The Federal Bureau of Investigation (FBI) confirmed today that its fbi.gov domain name and Internet address were used to blast out thousands of fake emails about a cybercrime investigation. According to an interview with the person who claimed responsibility for the hoax, the spam messages were sent by abusing insecure code in an FBI online portal designed to share information with state and local law enforcement authorities.

Internet 363

Internet Internet Hacking Accountability 363

Troy Hunt

NOVEMBER 13, 2021

Where does the time go? The video is an hour and 35 mins today, I suspect in part because I've done it on a Saturday morning with a bit more time to spare and, well, there was just a lot of stuff happening. I did make up for working on a Saturday by then heading straight down to the beach and it was perfect! Everything here is perfect 😎 🌴 🐋 [link] — Troy Hunt (@troyhunt) November 12, 2021 The water looked so perfect that true to my word, we then had to go jet

Password Management 244

Password Management Passwords 244

Bleeping Computer

NOVEMBER 13, 2021

The Federal Bureau of Investigation (FBI) email servers were hacked to distribute spam email impersonating FBI warnings that the recipients' network was breached and data was stolen. [.].

Hacking 145

Hacking 145

Security Affairs

NOVEMBER 13, 2021

Threat actors hacked email servers of the FBI to distribute spam email impersonating FBI warnings of fake cyberattacks. The email servers of the FBI were hacked to distribute spam email impersonating the Department of Homeland Security (DHS) warnings of fake sophisticated chain attacks from an advanced threat actor. The message tells the recipients that their network has been breached and that the threat actor has stolen their data. “Our intelligence monitoring indicates exfiltration of se

Hacking 143

Hacking Technology Information Security 143

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Bleeping Computer

NOVEMBER 13, 2021

The GravityRAT remote access trojan is being distributed in the wild again, this time under the guise of an end-to-end encrypted chat application called SoSafe Chat. [.].

Encryption 140

Encryption Spyware 140

Security Affairs

NOVEMBER 13, 2021

Qihoo 360’s Netlab detailed a new evolving DDoS botnet called Abcbot with wormable capabilities that targets Linux systems. Researchers from Qihoo 360’s Netlab security team have spotted a new botnet, tracked as Abcbot, that targets Linux systems to launch distributed denial-of-service (DDoS) attacks. The security firm analyzed a total of six versions of the botnet to date.

DDOS 114

DDOS Malware Passwords Cryptocurrency 114

Security Boulevard

NOVEMBER 13, 2021

The Federal Bureau of Investigation (FBI) confirmed today that its fbi.gov domain name and Internet address were used to blast out thousands of fake emails about a cybercrime investigation. According to an interview with the person who claimed responsibility for the hoax, the spam messages were sent by abusing insecure code in an FBI online portal designed to share information with state and local law enforcement authorities.

Cybercrime 109

Cybercrime Internet Internet Web Fraud 109

Bleeping Computer

NOVEMBER 13, 2021

Microsoft has fixed a long list of issues impacting Windows 11 in a newly released build for Windows Insiders in the Beta and Release Preview Channels. [.].

119

119

Security Affairs

NOVEMBER 13, 2021

Chipmakers Intel and AMD addressed several vulnerabilities in their products, including high-risk issues in software drivers. Intel and AMD released patches to address multiple security vulnerabilities in multiple products, including high-severity flaws in software drivers. Intel published 25 advisories impacting Intel Core i5-8305G and i7-8706G processors, and the Intel graphics driver for Windows 10 64-bit for NUC8i7HNK and NUC8i7HVK.

Wireless 111

Wireless Software Hacking Risk 111

Naked Security

NOVEMBER 13, 2021

Fake warnings and false accusations - it's a "call to distraction".

128

128

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Security Affairs

NOVEMBER 13, 2021

Threat actors are distributing the GravityRAT remote access trojan masqueraded as an end-to-end encrypted chat application named SoSafe Chat. Threat actors are distributing the GravityRAT RAT masqueraded as an end-to-end encrypted chat application named SoSafe Chat. GravityRAT was first spotted by Cisco Talos researchers in 2017 who speculate it remained under the radar for the at least a couple of years [since 2015], In October 2020, researchers from Kaspersky Lab spotted new variants of the Gr

Encryption 138

Encryption Malware Media Authentication 138

WIRED Threat Level

NOVEMBER 13, 2021

Plus: A Robinhood breach, NSO Group spyware, and more of the week's top security news.

Spyware 99

Spyware 99

Security Boulevard

NOVEMBER 13, 2021

Answer: To crash on the other side. Recently I was honored and privileged to give a keynote at the MindTheSec 2021 conference. Here are my slides: MTS21_Ottenheimer_EN.pdf This one seems to be especially popular: And here are the numbers they shared with me afterwards: The post MindTheSec 2021 Keynote: Why Did the Driverless Car Cross The Road? appeared first on Security Boulevard.

Network Security 67

Network Security 67

CyberSecurity Insiders

NOVEMBER 13, 2021

NEW YORK–( BUSINESS WIRE )–The cyber budgets of enterprises rose by less than 1% during the pandemic, according to their cyber budget holders. This left cyber spend stagnating at an average of around £18 million ($24.9 million) for the 2021 financial year. This is despite the fact that 61% reported having suffered a major cyber incident in the past three years.

Insurance 52

Insurance Cyber Insurance Marketing Cybercrime 52

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity

Security Boulevard

NOVEMBER 13, 2021

Our thanks to DEFCON for publishing their outstanding DEF CON 29 Voting Village videos on the Conferences’ YouTube channel. Permalink. The post DEF CON 29 Voting Village – Maurice Turner’s ‘Why Hacking Voters Is Easier Than Hacking Ballots’ appeared first on Security Boulevard.

Hacking 67

Hacking Education InfoSec Information Security 67

CyberSecurity Insiders

NOVEMBER 13, 2021

NEWTON, Mass. & PETACH TIKVA, Israel & RAMAT GAN, Israel–( BUSINESS WIRE )– INTENT , The Security Research Summit, which will take place virtually on November 16, 2021, today announced its line-up of world-class speakers. INTENT is a global event for researchers, by researchers. Co-founded by CyberArk (NASDAQ: CYBR ) and Checkmarx , the Summit brings together the global cybersecurity research community to share techniques, discoveries, successes and failures.

CISO 58

CISO Information Security Software Risk 58

Security Boulevard

NOVEMBER 13, 2021

via the comic artistry and dry wit of Randall Munroe , resident at XKCD ! Permalink. The post XKCD ‘TTSLTSWBD’ appeared first on Security Boulevard.

67

67

Security Boulevard

NOVEMBER 13, 2021

Our thanks to DEFCON for publishing their outstanding DEF CON 29 Voting Village videos on the Conferences’ YouTube channel. Permalink. The post DEF CON 29 Voting Village – Sebastian Bay’s ‘Social Media Security = Election Security’ appeared first on Security Boulevard.

Media 62

Media Education InfoSec Information Security 62

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

Security Boulevard

NOVEMBER 13, 2021

via the comic artistry and dry wit of Randall Munroe , resident at XKCD ! Permalink. The post XKCD ‘Flinch’ appeared first on Security Boulevard.

62

62