Schneier on Security

SEPTEMBER 1, 2023

A Brazilian spyware app vendor was hacked by activists: In an undated note seen by TechCrunch, the unnamed hackers described how they found and exploited several security vulnerabilities that allowed them to compromise WebDetetive’s servers and access its user databases. By exploiting other flaws in the spyware maker’s web dashboard—used by abusers to access the stolen phone data of their victims—the hackers said they enumerated and downloaded every dashboard record, including every

Spyware 339

Spyware Hacking 339

Krebs on Security

SEPTEMBER 1, 2023

Domain names ending in “ US ” — the top-level domain for the United States — are among the most prevalent in phishing scams, new research shows. This is noteworthy because.US is overseen by the U.S. government, which is frequently the target of phishing domains ending in.US. Also,US domains are only supposed to be available to U.S. citizens and to those who can demonstrate that they have a physical presence in the United States.US is the “country code top-level doma

Phishing 309

Phishing Telecommunications Government DNS 309

Tech Republic Security

SEPTEMBER 1, 2023

The National Cyber Security Centre provides details on prompt injection and data poisoning attacks so organizations using machine-learning models can mitigate the risks.

Cybersecurity 207

Cybersecurity Risk Artificial Intelligence Big data 207

Bleeping Computer

SEPTEMBER 1, 2023

Microsoft announced today that it will deprecate WordPad with a future Windows update as it's no longer under active development, though the company did not specify the precise timing of this change. [.

144

144

Speaker: Erroll Amacker

Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.

Risk

The Hacker News

SEPTEMBER 1, 2023

The Classiscam scam-as-a-service program has reaped the criminal actors $64.5 million in illicit earnings since its emergence in 2019. "Classiscam campaigns initially started out on classified sites, on which scammers placed fake advertisements and used social engineering techniques to convince users to pay for goods by transferring money to bank cards," Group-IB said in a new report.

Scams 143

Scams Social Engineering Banking Advertising 143

Dark Reading

SEPTEMBER 1, 2023

The sophisticated attacks, tracked as DB#JAMMER, run shell commands to impair defenses and deploy tools to establish persistence on the host.

Ransomware 140

Ransomware 140

Malwarebytes

SEPTEMBER 1, 2023

Not long ago I wrote about a recent campaign to hold LinkedIn users' accounts to ransom. Shortly after I published the article, a co-worker, Peace, reached out to me told me they'd been a target of the campaign. His story begins with an SMS text from LinkedIn telling him to reset his password. He found this confusing: It arrived in the middle of the night, and he hadn't asked for a password reset.

Accountability 139

Accountability Passwords Mobile Authentication 139

The Hacker News

SEPTEMBER 1, 2023

Identity services provider Okta on Friday warned of social engineering attacks orchestrated by threat actors to obtain elevated administrator permissions.

Social Engineering 141

Social Engineering Engineering 141

Security Affairs

SEPTEMBER 1, 2023

ReversingLabs researchers linked the VMConnect campaign to the North Korea-linked APT group Labyrinth Chollima. ReversingLabs researchers believe that the North Korea-linked APT group Labyrinth Chollima is behind the VMConnect campaign. Threat actors uploaded a series of malicious packages to the PyPI (Python Package Index) repository, including a rogue package posing as the VMware vSphere connector module vConnector named VMConnect targeting IT professionals.

Malware 134

Malware Hacking Software Information Security 134

The Hacker News

SEPTEMBER 1, 2023

A new phishing attack likely targeting civil society groups in South Korea has led to the discovery of a novel remote access trojan called SuperBear. The intrusion singled out an unnamed activist, who was contacted in late August 2023 and received a malicious LNK file from an address impersonating a member of the organization, non-profit entity Interlabs said in a new report.

Phishing 141

Phishing 141

Advertisement

Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.

Cyber threats

Duo's Security Blog

SEPTEMBER 1, 2023

"Based on FIDO standards, passkeys are a replacement for passwords that provide faster, easier, and more secure sign-ins to websites and apps across a user’s devices. Unlike passwords, passkeys are always strong and phishing resistant. Passkeys simplify account registration for apps and websites, are easy to use, work across most of a user’s devices, and even work on other devices within physical proximity.” - FIDO Alliance Most people know what passwords are and have experienced first-hand some

Passwords 133

Passwords Authentication Insurance Cyber Insurance 133

The Hacker News

SEPTEMBER 1, 2023

Cybersecurity and intelligence agencies from Australia, Canada, New Zealand, the U.K., and the U.S. on Thursday disclosed details of a mobile malware strain targeting Android devices used by the Ukrainian military.

Malware 141

Malware Mobile Software Cybersecurity 141

Bleeping Computer

SEPTEMBER 1, 2023

Proof-of-concept exploit code has been released for a critical SSH authentication bypass vulnerability in VMware's Aria Operations for Networks analysis tool (formerly known as vRealize Network Insight). [.

Authentication 133

Authentication 133

The Hacker News

SEPTEMBER 1, 2023

As cyber threats continue to evolve, adversaries are deploying a range of tools to breach security defenses and compromise sensitive data. Surprisingly, one of the most potent weapons in their arsenal is not malicious code but simply stolen or weak usernames and passwords.

Passwords 136

Passwords Cyber threats Security Defenses Malware 136

Advertisement

The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.

Cybersecurity

Security Affairs

SEPTEMBER 1, 2023

WannaCry and NotPetya, probably two most damaging cyberattacks in recent history, were both only made possible because of EternalBlue. Here is how the NSA-developed cyber monster works, and how you should defend against it. What is the EternalBlue vulnerability? EternalBlue is a Windows exploit created by the US National Security Agency (NSA) and used in the 2017 WannaCry ransomware attack.

Social Engineering 133

Social Engineering Penetration Testing Engineering Malware 133

Cisco Security

SEPTEMBER 1, 2023

This blog was written by Annika Mammen, former User Experience Engineer at Cisco There are so many areas to consider when dealing with protecting and detecting threats, unfortunately cognitive overload is one problem that is often overlooked. Remember when search engines had a million news articles, reading suggestions, and market analysis on the home page.

Engineering 130

Engineering Risk Marketing Accountability 130

Security Affairs

SEPTEMBER 1, 2023

Researchers released a free decryptor for the Key Group ransomware that allows victims to recover their data without paying a ransom. Threat intelligence firm EclecticIQ released a free decryption tool for the Key Group ransomware (aka keygroup777) that allows victims to recover their data without paying a ransom. The Key Group ransomware gang has been active since at least January 2023.

Ransomware 131

Ransomware Encryption Backups Malware 131

Dark Reading

SEPTEMBER 1, 2023

The Security and Exchange Commission's Proposed Rule for Public Companies (PPRC) is ambiguous.

CISO 122

CISO Cybersecurity 122

Speaker: Sierre Lindgren

Fraud is a battle that every organization must face – it’s no longer a question of “if” but “when.” Every organization is a potential target for fraud, and the finance department is often the bullseye. From cleverly disguised emails to fraudulent payment requests, the tactics of cybercriminals are advancing rapidly. Drawing insights from real-world cases and industry expertise, we’ll explore the vulnerabilities in your processes and how to fortify them effectively.

Scams

Security Affairs

SEPTEMBER 1, 2023

Cisco reported that multiple threat actors are customizing the SapphireStealer information stealer after the leak of its source code. Cisco Talos researchers reported that multiple threat actors have created their own version of the SapphireStealer after that the source code of the stealer was released on GitHub. SapphireStealer is an open-source information stealer written in.NET, which is available in multiple public malware repositories since its public release in December 2022.

Malware 131

Malware Data collection Architecture Hacking 131

Security Boulevard

SEPTEMBER 1, 2023

In today’s digital-first world, synthetic identity fraud is becoming more prevalent and pervasive. The post Fighting Back Against Synthetic Identity Fraud appeared first on Security Boulevard.

Risk 119

Risk Cybersecurity 119

Heimadal Security

SEPTEMBER 1, 2023

After almost a year of generative AI euphoria and praising the Open.Ai ChatGPT model, it`s time to take a step back. Let`s assess how this amazing piece of technology changed the cyber threat landscape. Like any innovation, generative AI tools can also be used to improve human life or harm. So, after a pretty short […] The post Malicious Generative AI Tools.

Cyber threats 116

Cyber threats Technology 116

Security Boulevard

SEPTEMBER 1, 2023

In an era where technology is the cornerstone of the financial industry, safeguarding sensitive information and maintaining the integrity of data has become paramount. Financial institutions are constantly faced with the challenge of ensuring the security of their systems, especially when it comes to Application Programming Interfaces (APIs) and API security.

Financial Services 114

Financial Services Technology 114

Advertisement

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

Passwords

Heimadal Security

SEPTEMBER 1, 2023

Popular AI-powered coding platform Sourcegraph reveals that its website was breached this week due to a leaked site-admin access token. The token leaked online on July 14th, but it took until the 28th of August for an attacker to use the token to create a new site-admin account and log into the admin dashboard of […] The post Sourcegraph’s Website Breached by Threat Actors appeared first on Heimdal Security Blog.

Accountability 115

Accountability Cybersecurity 115

Dark Reading

SEPTEMBER 1, 2023

The move by New York's Metropolitan Transit Authority (MTA) follows a report that showed how easy it is for someone to pull up another individual's seven-day ride history through the One Metro New York (OMNY) website.

113

113

Security Boulevard

SEPTEMBER 1, 2023

The White House recently announced its new National Cyber Workforce and Education Strategy & Implementation (NCWES): a mouthful that translates into something along the lines of “Let’s fix this cybersecurity skills gap STAT!” The post Upskilling the nation’s cybersecurity savvy won’t solve the skills gap | NCWES initiative issues | Contrast Security appeared first on Security Boulevard.

Cybersecurity 111

Cybersecurity Education 111

Bleeping Computer

SEPTEMBER 1, 2023

Microsoft has announced it is retiring Visual Studio for Mac and that support for the latest version, 17.6, will continue for another year, until August 31, 2024. [.

Software 109

Software 109

Advertisement

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

Software

Digital Shadows

SEPTEMBER 1, 2023

The revival of hacktivism has largely been facilitated by one event: Vladimir Putin’s “special military operation,” or Russia’s invasion of Ukraine.

106

106

Bleeping Computer

SEPTEMBER 1, 2023

Topgolf Callaway (Callaway) suffered a data breach at the start of August, which exposed the sensitive personal and account data of more than a million customers. [.

Data breaches 108

Data breaches Accountability 108

Dark Reading

SEPTEMBER 1, 2023

Researchers crack Key Group's ransomware encryption and release free tool for victim organizations to recover their data.

Ransomware 105

Ransomware Encryption 105

Heimadal Security

SEPTEMBER 1, 2023

A new malware is gaining traction in the cyber world. Dubbed SapphireStealer, this open-source.NET-based information-stealing malware has been observed to be used by threat groups, with some of them even creating their own customized variations. As reported by TheHackerNews, the malware can be used to obtain sensitive information, including corporate credentials, which are often […] The post SapphireStealer: A New Open-Source Information Stealer Malware to Look Out For appeared first on He

Malware 105

Malware Cybersecurity 105

Advertisement

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!