January, 2024

article thumbnail

National Cyber Security Centre Study: Generative AI May Increase Global Ransomware Threat

Tech Republic Security

See the National Cyber Security Centre's predictions for generative AI for cyber attack and defense through 2025.

article thumbnail

New iPhone Exploit Uses Four Zero-Days

Schneier on Security

Kaspersky researchers are detailing “an attack that over four years backdoored dozens if not thousands of iPhones, many of which belonged to employees of Moscow-based security firm Kaspersky.” It’s a zero-click exploit that makes use of four iPhone zero-days. The most intriguing new detail is the targeting of the heretofore-unknown hardware feature, which proved to be pivotal to the Operation Triangulation campaign.

Spyware 330
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Cops Used DNA to Predict a Suspect’s Face—and Tried to Run Facial Recognition on It

WIRED Threat Level

Leaked records reveal what appears to be the first known instance of a police department attempting to use facial recognition on a face generated from crime-scene DNA. It likely won’t be the last.

145
145
article thumbnail

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Krebs on Security

On Jan. 9, 2024, U.S. authorities arrested a 19-year-old Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIM-swapping to steal cryptocurrency. Sources close to the investigation tell KrebsOnSecurity the accused was a key member of a criminal hacking group blamed for a string of cyber intrusions at major U.S. technology companies during the summer of 2022.

article thumbnail

Guide to Business Writing

Everything you need to know about better business writing in one place. This is a complete guide to business writing — from a clear business writing definition to tips on how to hone your business writing skills.

article thumbnail

CVE-2024-21626: Docker Confronts Critical Container Escape Threat

Penetration Testing

In the ever-evolving world of technology, security remains a paramount concern, especially in the realm of containerization. Recently, Docker faced a significant challenge as Snyk Labs identified four critical security vulnerabilities affecting its container... The post CVE-2024-21626: Docker Confronts Critical Container Escape Threat appeared first on Penetration Testing.

article thumbnail

Data Privacy: Why It Matters To The Rest Of Us

Thales Cloud Protection & Licensing

Data Privacy: Why It Matters To The Rest Of Us madhav Mon, 01/22/2024 - 04:47 It seems that there are no limits to the number of data breaches. Company size is not a determinant of victimization, nor is industry or sector. All are equally viable targets. Some of the events are newsworthy, while others stay below the public’s awareness or attention. Most companies must grapple with difficult questions of how to recover from a breach; however, when the typical person hears about a data breach, the

More Trending

article thumbnail

Persistence – Disk Clean-up

Penetration Testing Lab

Disk Clean-up is a utility which is part of Windows operating systems and can free up hard drive disk space by deleting mainly cache and… Continue reading → Persistence – Disk Clean-up

143
143
article thumbnail

Police Arrest Teen Said to Be Linked to Hundreds of Swatting Attacks

WIRED Threat Level

A California teenager who allegedly used the handle Torswats to carry out a nationwide swatting campaign is being extradited to Florida to face felony charges, WIRED has learned.

145
145
article thumbnail

Kasseika Ransomware Deploys BYOVD Attacks, Abuses PsExec and Exploits Martini Driver?

Trend Micro

In this blog, we detail our investigation of the Kasseika ransomware and the indicators we found suggesting that the actors behind it have acquired access to the source code of the notorious BlackMatter ransomware.

article thumbnail

CVE-2024-22860 & CVE-2024-22862: Critical FFmpeg Remote Code Execution Flaws

Penetration Testing

FFmpeg, a widely used open-source project for handling multimedia files, has recently been spotlighted for its vulnerabilities. Discovered through Google’s OSS-Fuzz service, three security vulnerabilities have been identified in its systems, two of which... The post CVE-2024-22860 & CVE-2024-22862: Critical FFmpeg Remote Code Execution Flaws appeared first on Penetration Testing.

article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

New Linux glibc flaw lets attackers get root on major distros

Bleeping Computer

​Unprivileged attackers can get root access on multiple major Linux distributions in default configurations by exploiting a newly disclosed local privilege escalation (LPE) vulnerability in the GNU C Library (glibc). [.

142
142
article thumbnail

What Is Cyber Threat Hunting? (Definition & How it Works)

Tech Republic Security

Cyber threat hunting is the proactive process of searching for and detecting potential threats or malicious activities within a network or system.

article thumbnail

The great non-free-firmware transition

Kali Linux

TL;DR: Dear Kali user, when you have a moment, check your /etc/apt/sources.list , and add non-free-firmware if ever it’s missing. Programmatically speaking: kali@kali:~$ sudo sed -i 's/non-free$/non-free non-free-firmware/' /etc/apt/sources.list Long story now. As you might know already, Kali Linux is a Debian-based Linux distribution. As such, it inherits a number of things from Debian, and in particular, the structure of the package repository.

Firmware 144
article thumbnail

How a 27-Year-Old Codebreaker Busted the Myth of Bitcoin’s Anonymity

WIRED Threat Level

Once, drug dealers and money launderers saw cryptocurrency as perfectly untraceable. Then a grad student named Sarah Meiklejohn proved them all wrong—and set the stage for a decade-long crackdown.

article thumbnail

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

article thumbnail

AI used to fake voices of loved ones in “I’ve been in an accident” scam

Malwarebytes

The San Francisco Chronicle tells a story about a family that almost got scammed when they heard their son’s voice telling them he’d been in a car accident and hurt a pregnant woman. Sadly, this is becoming more common. Scammers want to spread panic among their victims, and to do this, they feign an emergency situation. That may be a car accident, unexpected hospitalization, or any other scenarios which instantly cause concern and cause victims to act quickly.

Scams 144
article thumbnail

Root Access Risk: CVE-2023-6246 Exposes Critical Flaw in Linux’s glibc

Penetration Testing

The GNU C Library (glibc), a fundamental component in major Linux distributions, has a critical vulnerability, CVE-2023-6246. This local privilege escalation (LPE) vulnerability has sent ripples through the Linux community. The core of this... The post Root Access Risk: CVE-2023-6246 Exposes Critical Flaw in Linux’s glibc appeared first on Penetration Testing.

article thumbnail

Lateral Movement – Visual Studio DTE

Penetration Testing Lab

A lot of organizations have some sort of application development program and it is highly likely that developers will utilize Visual Studio for their development… Continue reading → Lateral Movement – Visual Studio DTE

144
144
article thumbnail

Androxgh0st Malware Botnet Steals AWS, Microsoft Credentials and More

Tech Republic Security

The Androxgh0st malware botnet is used for victim identification and exploitation in targeted networks, as well as credentials collection. Read the FBI/CISA's tips for protecting against this malware threat.

Malware 178
article thumbnail

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

article thumbnail

TeamViewer abused to breach networks in new ransomware attacks

Bleeping Computer

Ransomware actors are again using TeamViewer to gain initial access to organization endpoints and attempt to deploy encryptors based on the leaked LockBit ransomware builder. [.

article thumbnail

Malicious AdTech Spies on People as NatSec Targets

Security Boulevard

Targeted ads target targets: Patternz and Nuviad enable potentially hostile governments to track individuals by misusing ad bidding. The post Malicious AdTech Spies on People as NatSec Targets appeared first on Security Boulevard.

article thumbnail

Info-stealers can steal cookies for permanent access to your Google account

Malwarebytes

Hackers have found a way to gain unauthorized access to Google accounts, bypassing any multi-factor authentication (MFA) the user may have set up. To do this they steal authentication cookies and then extend their lifespan. It doesn’t even help if the owner of the account changes their password. Since the discovery of the exploit, numerous white and black hat security researchers have looked into and discussed the issue.

article thumbnail

CVE-2024-0402: GitLab Releases Urgent Security Patches for Critical Vulnerability

Penetration Testing

GitLab has addressed a critical severity vulnerability that could allow an authenticated user to write files to arbitrary locations on the GitLab server while creating a workspace. GitLab is a web-based DevOps platform that... The post CVE-2024-0402: GitLab Releases Urgent Security Patches for Critical Vulnerability appeared first on Penetration Testing.

article thumbnail

From Complexity to Clarity: Strategies for Effective Compliance and Security Measures

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.

article thumbnail

CVE-2023-36025 Exploited for Defense Evasion in Phemedrone Stealer Campaign

Trend Micro

This blog delves into the Phemedrone Stealer campaign's exploitation of CVE-2023-36025, the Windows Defender SmartScreen Bypass vulnerability, for its defense evasion and investigates the malware's payload.

Malware 142
article thumbnail

What Do Apple’s EU App Store Changes Mean for App Developers?

Tech Republic Security

The EU says the DMA keeps markets fair and open; Apple says the DMA introduces security problems. Apple is leveling fees against independent app stores.

Marketing 180
article thumbnail

Tesla hacked, 24 zero-days demoed at Pwn2Own Automotive 2024

Bleeping Computer

Security researchers hacked a Tesla Modem and collected awards of $722,500 on the first day of Pwn2Own Automotive 2024 for three bug collisions and 24 unique zero-day exploits.

Hacking 139
article thumbnail

Tax Season is Upon Us, and So Are the Scammers

Security Boulevard

It’s still relatively early in the year, but bad actors are already targeting accounting and finance organizations as well as filers in the United States with tax-related scams. Researchers at cybersecurity company Proofpoint wrote in a report this week that the return of tax season reliably brought the threat group TA576 back into action. “TA576. The post Tax Season is Upon Us, and So Are the Scammers appeared first on Security Boulevard.

Scams 131
article thumbnail

Successful Change Management with Enterprise Risk Management

Speaker: William Hord, Vice President of ERM Services

A well-defined change management process is critical to minimizing the impact that change has on your organization. Leveraging the data that your ERM program already contains is an effective way to help create and manage the overall change management process within your organization. Your ERM program generally assesses and maintains detailed information related to strategy, operations, and the remediation plans needed to mitigate the impact on the organization.

article thumbnail

Facebook introduces another way to track you – Link History

Malwarebytes

In what seems like yet another attempt to adapt its platform to prepare for new regulations, Facebook has started rolling out a new feature called Link History. Link History allows users to view and re-visit links they have visited with their Facebook browsing activity. Obviously Facebook will tell us that the new feature is for its users’ benefit, but we can see several ways in which this benefits Meta even more.

Mobile 144
article thumbnail

CVE-2023-22527 (CVSS 10): Critical RCE Flaw in Confluence Data Center and Server

Penetration Testing

A new threat looms large for users of Confluence Data Center and Confluence Server, marked by the alarming designation CVE-2023-22527. This vulnerability, with a CVSS score of 10, signifies the highest level of severity... The post CVE-2023-22527 (CVSS 10): Critical RCE Flaw in Confluence Data Center and Server appeared first on Penetration Testing.

article thumbnail

New Variant of DLL Search Order Hijacking Bypasses Windows 10 and 11 Protections

The Hacker News

Security researchers have detailed a new variant of a dynamic link library (DLL) search order hijacking technique that could be used by threat actors to bypass security mechanisms and achieve execution of malicious code on systems running Microsoft Windows 10 and Windows 11.

140
140
article thumbnail

Microsoft Says State-Sponsored Attackers Accessed Senior Leaders’ Emails

Tech Republic Security

The Midnight Blizzard gang appears to have been looking for information about itself. See how organizations can protect their accounts from password spray attacks.

Passwords 174
article thumbnail

Cover Your SaaS: How to Overcome Security Challenges and Risks For Your Organization

Speaker: Ronald Eddings, Cybersecurity Expert and Podcaster

So, you’ve accomplished an organization-wide SaaS adoption. It started slow, and now just a few team members might be responsible for running Salesforce, Slack, and a few others applications that boost productivity, but it’s all finished. Or is it? Through all the benefits offered by SaaS applications, it’s still a necessity to onboard providers as quickly as possible.