Thu.Dec 08, 2022

article thumbnail

Leaked Signing Keys Are Being Used to Sign Malware

Schneier on Security

A bunch of Android OEM signing keys have been leaked or stolen, and they are actively being used to sign malware. Ɓukasz Siewierski, a member of Google’s Android Security Team, has a post on the Android Partner Vulnerability Initiative (AVPI) issue tracker detailing leaked platform certificate keys that are actively being used to sign malware.

Malware 293
article thumbnail

New Ransom Payment Schemes Target Executives, Telemedicine

Krebs on Security

Ransomware groups are constantly devising new methods for infecting victims and convincing them to pay up, but a couple of strategies tested recently seem especially devious. The first centers on targeting healthcare organizations that offer consultations over the Internet and sending them booby-trapped medical records for the “patient.” The other involves carefully editing email inboxes of public company executives to make it appear that some were involved in insider trading.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

GUEST ESSAY: Here’s how and why ‘trust’ presents an existential threat to cybersecurity

The Last Watchdog

Over the years, bad actors have started getting more creative with their methods of attack – from pretending to be a family member or co-worker to offering fortunes and free cruises. Related: Deploying employees as human sensors. Recent research from our team revealed that while consumers are being exposed to these kinds of attacks (31 percent of respondents reported they received these types of messages multiple times a day), they continue to disregard cyber safety guidelines.

article thumbnail

Twitter found gathering data from over 70000 websites

CyberSecurity Insiders

Twitter, the world’s second largest social media platform has being caught in a data privacy issue as for the first time, the company that is now being led by Elon Musk is found collecting data from over 70,000 websites that include those belonging to government, retailers, manufacturers, car companies and healthcare related business firms. Going deep into the details, Twitter provides an analytics tool to interested parties that helps in keeping a track of visitors on a website.

Retail 129
article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

Report: Air-Gapped Networks Vulnerable to DNS Attacks

Dark Reading

Common mistakes in network configuration can jeopardize the security of highly protected assets and allow attackers to steal critical data from the enterprise.

DNS 132
article thumbnail

Zero-Day Flaws Found in Several Leading EDR, AV Solutions

eSecurity Planet

SafeBreach Labs researcher Or Yair has uncovered zero-day vulnerabilities in several leading endpoint detection and response ( EDR ) and antivirus ( AV ) solutions that enabled him to turn the tools into potentially devastating next-generation wipers. “This wiper runs with the permissions of an unprivileged user yet has the ability to wipe almost any file on a system, including system files, and make a computer completely unbootable,” Yair warned in a blog post detailing the findings

Antivirus 112

More Trending

article thumbnail

Android app with over 5m downloads leaked user browsing history

Security Affairs

The Android app Web Explorer – Fast Internet left an open instance, exposing a trove of sensitive data that malicious actors could use to check specific users’ browsing history. Original post at [link]. A browsing app for Android devices, Web Explorer – Fast Internet, left open its Firebase instance, exposing app and user data, the Cybernews research team has discovered.

Internet 108
article thumbnail

DeathStalker targets legal entities with new Janicab variant

SecureList

Just to clarify, the subheading isn’t a normal quote, but a message that Janicab malware attempted to decode in its newest use of YouTube dead-drop resolvers (DDRs). While hunting for less common Deathstalker intrusions that use the Janicab malware family, we identified a new Janicab variant used in targeting legal entities in the Middle East throughout 2020, possibly active during 2021 and potentially extending an extensive campaign that has been traced back to early 2015 and targeted leg

Malware 107
article thumbnail

Hackers target Qatar FIFA Worldcup Football 2022

CyberSecurity Insiders

FIFA World Cup Football 2022 that is being held in Qatar is in news for being cyber attacked. According to some confirmed sources, the digital assaults were being witnessed right from the day of the opening ceremony and have increased by many folds since then. First, the target was a third party that was looking into the decoding service. Reports are in that two servers managing decoding process were disrupted at the beginning of the event.

article thumbnail

Cybercriminals Attacking Each Other Gives Defenders Access to Inside Info

Heimadal Security

Researchers discovered a new sub-economy linked to cybercriminal activity: hackers scamming each other for millions of dollars. This practice led to the apparition of arbitration rooms in forums to settle conflicts. And these rooms proved to be full of valuable information for cybersecurity experts about threat actors and their tools. Details About the Findings To […].

Scams 98
article thumbnail

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

article thumbnail

Fake encryption claims in chats leads to Criminals Arrest

CyberSecurity Insiders

To all those who are using various communication platforms with a thought that they are encrypted and so are free from prying eyes, here’s a news piece that needs your attention. It is not true that all communication platforms with such encryption claims are operating in-real as said. One such platform is ‘Encrochat’, the one that was used in the UK till 2020.

article thumbnail

New Google Chrome feature frees memory to make browsing smoother

Bleeping Computer

Google says the latest release of Chrome for desktop devices now comes with a new performance-boosting feature designed to free up memory and make web browsing smoother. [.].

99
article thumbnail

9 online scams to watch out for this holiday season

Security Boulevard

The holiday season is upon us, and that means it's time to start shopping for gifts. But it's not just the hustle and bustle of the holiday season that you need to be aware of; there are also online scams that target unsuspecting consumers. Whether you're shopping online or browsing social media, understanding these 9 common online scams can help keep your family safe this holiday season. .

Scams 98
article thumbnail

Apple's AirTag stalker safeguards are "woefully inadequate," alleges lawsuit

Malwarebytes

Two women filed a proposed class-action lawsuit on Monday, December 5, in the United States District Court for the Northern District of California against Apple, the makers of AirTags. Airtags are a small Bluetooth-enabled devices designed to track personal belongings. The suit accuses the company of failure to introduce measures to combat abuse of the technology as stalkers have and continue to use AirTags to track people.

Media 98
article thumbnail

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

article thumbnail

Why “Complete Coverage” SAST Tools Fall Short for Developers

Security Boulevard

Using SAST alone can cause significant frustration for developers and fall short for security for two fundamental reasons. The post Why “Complete Coverage” SAST Tools Fall Short for Developers appeared first on Security Boulevard.

98
article thumbnail

APT37 used Internet Explorer Zero-Day in a recent campaign

Security Affairs

Google warns that the North Korea-linked APT37 group is exploiting Internet Explorer zero-day flaw to spread malware. North Korea-linked APT37 group (aka ScarCruft , Reaper, and Group123) actively exploited an Internet Explorer zero-day vulnerability, tracked as CVE-2022-41128 , in attacks aimed at South Korean users. Google Threat Analysis Group researchers discovered the zero-day vulnerability in late October 2022, it was exploited by APT37 using specially crafted documents.

article thumbnail

SMS scams trick Indian banking customers into installing malicious apps

Security Boulevard

Zscaler’s ThreatLabz researchers recently observed the rise of a sophisticated phishing campaign spreading via fake banking sites targeting big indian banks like HDFC, AXIS and SBI. The team will continue monitoring the emerging situation and will provide an update on any significant new developments. Previously, ThreatLabz researchers observed Indian banking customers being targeted with fake complaint forms from phishing sites spreading short message service (SMS) mobile text stealer malwares.

Banking 98
article thumbnail

How Does a Fraud Alert Help Protect You?

Identity IQ

How Does a Fraud Alert Help Protect You? IdentityIQ. If you’re like most people, you probably think a fraud alert is only for people who have been victimized by identity theft before. But that’s not the case at all! In fact, anyone can benefit from having a fraud alert on their credit file. So, what exactly is a fraud alert, and how does it help protect you?

article thumbnail

From Complexity to Clarity: Strategies for Effective Compliance and Security Measures

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.

article thumbnail

TAG Cyber Security Annual: Using Breach & Attack Simulation (BAS) to Reduce Cyber Risk

Security Boulevard

The post TAG Cyber Security Annual: Using Breach & Attack Simulation (BAS) to Reduce Cyber Risk appeared first on SafeBreach. The post TAG Cyber Security Annual: Using Breach & Attack Simulation (BAS) to Reduce Cyber Risk appeared first on Security Boulevard.

article thumbnail

Heimdal¼ Threat Prevention Recognized in GetApp’s Category Leaders Cybersecurity Report

Heimadal Security

Copenhagen, December 8th, 2022 – HeimdalÂź Threat Prevention has been placed on GetApp’s newly released Category Leaders Report for Cybersecurity, a free online service that helps organizations find the right software. Category Leaders are designed to help small businesses evaluate which software products may be right for them. Category Leaders is published on GetApp, the […].

article thumbnail

Identification and Classification of Crypto-Malware Using ThreatMapper

Security Boulevard

In addition to classifying malware, the sensors deployed as a part of ThreatMapper provide useful runtime context, which is used to automatically prioritize the malware that needs immediate attention. The post Identification and Classification of Crypto-Malware Using ThreatMapper appeared first on Deepfence. The post Identification and Classification of Crypto-Malware Using ThreatMapper appeared first on Security Boulevard.

Malware 98
article thumbnail

Apple announces 3 new security features

Malwarebytes

Apple has announced three new security features focused on protecting user data in the cloud: iMessage Contact Key Verification, Security Keys for Apple ID, and Advanced Data Protection for iCloud. iMessage Contact Key Verification and Security Keys for Apple ID will be available globally in 2023. Advanced Data Protection for iCloud is available in the US today for members of the Apple Beta Software Program, and will be available to US users by the end of the year.

Backups 95
article thumbnail

Successful Change Management with Enterprise Risk Management

Speaker: William Hord, Vice President of ERM Services

A well-defined change management process is critical to minimizing the impact that change has on your organization. Leveraging the data that your ERM program already contains is an effective way to help create and manage the overall change management process within your organization. Your ERM program generally assesses and maintains detailed information related to strategy, operations, and the remediation plans needed to mitigate the impact on the organization.

article thumbnail

SiriusXM Vulnerability Allows Cyber Criminals to Remotely Unlock and Start Cars: What You Need to Know

Security Boulevard

A vulnerability affecting SiriusXM’s connected vehicle services was recently uncovered – a vulnerability that, if successful, could have enabled cyber criminals to remotely start, unlock, locate, flash the lights and honk the horn on cars. Security researchers discovered the flaw and outlined their findings in a Twitter thread. Here’s what we know. What’s going on?

98
article thumbnail

Pwn2Own Toronto 2022 Day 2: Participants earned $281K

Security Affairs

Pwn2Own Toronto 2022 Day Two – Participants demonstrated exploits for smart speaker, smartphone, printer, router, and NAS. On the first day of the Zero Day Initiative’s Pwn2Own Toronto 2022 hacking competition participants earned $400,000 for 26 unique zero-day exploits. On the second day of the competition, participants earned more $281,000 for smart speaker, smartphone, printer, router, and NAS exploits.

Hacking 96
article thumbnail

Deception Technology: How to Trick Cybercriminals Into Focusing on a Decoy

Security Boulevard

Imagine if you could deceive cybercriminals into thinking your company was an easy target while your real data was safe and sound. Well, that’s what deception technology is all about, and it’s a powerful tool for protecting your business from online attacks. Deception technology is a security measure that uses decoys to divert cybercriminals away.

article thumbnail

Texas Cloud Computing Company Rackspace Confirms Ransomware Attack

Heimadal Security

Rackspace, a cloud computing provider based in Texas, confirmed earlier this week that it is facing a ransomware attack, which is also the reason behind an outage in its Hosted Exchange business. While the investigation takes place, the company states that this is an isolated incident and that its other products and services have not […]. The post Texas Cloud Computing Company Rackspace Confirms Ransomware Attack appeared first on Heimdal Security Blog.

article thumbnail

ERM Program Fundamentals for Success in the Banking Industry

Speaker: William Hord, Senior VP of Risk & Professional Services

Enterprise Risk Management (ERM) is critical for industry growth in today’s fast-paced and ever-changing risk landscape. When building your ERM program foundation, you need to answer questions like: Do we have robust board and management support? Do we understand and articulate our bank’s risk appetite and how that impacts our business units? How are we measuring and rating our risk impact, likelihood, and controls to mitigate our risk?

article thumbnail

JSON-based SQL injection attacks trigger need to update web application firewalls

CSO Magazine

Security researchers have developed a generic technique for SQL injection that bypasses multiple web application firewalls (WAFs). At the core of the issue was WAF vendors failing to add support for JSON inside SQL statements, allowing potential attackers to easily hide their malicious payloads. The bypass technique, discovered by researchers from Claroty’s Team82, was confirmed to work against WAFs from Palo Alto Networks, Amazon Web Services (AWS), Cloudflare, F5, and Imperva.

article thumbnail

North Korean hackers exploit Seoul Halloween tragedy in zero-day attack

Graham Cluley

Malicious hackers, hell-bent on infiltrating an organisation, have no qualms about exploiting even the most tragic events. Read more in my article on the Tripwire State of Security blog.

article thumbnail

Microsoft's rough 2022 security year in review

CSO Magazine

We soon close out the security year of 2022. Only time will tell what 2023 will bring, but for IT and security admins of Microsoft networks, 2022 has been the year of blended attacks, on-premises Exchange Server flaws, and vulnerabilities needing more than patching to mitigate. Here’s a month-by-month look at the past year. January: A bad start for on-premises Microsoft Exchange Server vulnerabilities.

94
article thumbnail

What is SQL Injection? Definition, How It Works, Prevention Tips & More

Digital Guardian

Learn what a SQL injection is, how attackers can use them to damage organizations and their data, and how to best protect against SQL injection attacks in this blog.

98
article thumbnail

Cover Your SaaS: How to Overcome Security Challenges and Risks For Your Organization

Speaker: Ronald Eddings, Cybersecurity Expert and Podcaster

So, you’ve accomplished an organization-wide SaaS adoption. It started slow, and now just a few team members might be responsible for running Salesforce, Slack, and a few others applications that boost productivity, but it’s all finished. Or is it? Through all the benefits offered by SaaS applications, it’s still a necessity to onboard providers as quickly as possible.