November, 2023

article thumbnail

Hackers, Scrapers & Fakers: What's Really Inside the Latest LinkedIn Dataset

Troy Hunt

I like to think of investigating data breaches as a sort of scientific search for truth. You start out with a theory (a set of data coming from an alleged source), but you don't have a vested interested in whether the claim is true or not, rather you follow the evidence and see where it leads. Verification that supports the alleged source is usually quite straightforward , but disproving a claim can be a rather time consuming exercise, especially when a dataset contains fragments of truth m

article thumbnail

Google Drive users angry over losing months of stored data

Bleeping Computer

Google Drive users are reporting that recent files stored in the cloud have suddenly disappeared, with the cloud service reverting to a storage snapshot as it was around April-May 2023. [.

145
145
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

New SSH Vulnerability

Schneier on Security

This is interesting : For the first time, researchers have demonstrated that a large portion of cryptographic keys used to protect data in computer-to-server SSH traffic are vulnerable to complete compromise when naturally occurring computational errors occur while the connection is being established. […] The vulnerability occurs when there are errors during the signature generation that takes place when a client and server are establishing a connection.

339
339
article thumbnail

GUEST ESSAY: How the ‘Scattered Spiders’ youthful ring defeated MFA to plunder Vegas

The Last Watchdog

A hacking gang known as Scattered Spiders soundly defeated the cybersecurity defenses of MGM and Caesars casinos. Related: Russia puts the squeeze on US supply chain This cost the Las Vegas gambling meccas more than $100 million while damaging their reputations. As the companies face nine federal lawsuits for failing to protect customer data, it’s abundantly clear hackers have checkmated multi-factor authentication (MFA).

article thumbnail

Guide to Business Writing

Everything you need to know about better business writing in one place. This is a complete guide to business writing — from a clear business writing definition to tips on how to hone your business writing skills.

article thumbnail

Sekoia: Latest in the Financial Sector Cyber Threat Landscape

Tech Republic Security

Phishing, infostealer malware, ransomware, supply chain attacks, data breaches and crypto-related attacks are among the top evolving threats in the financial sector, says Sekoia.

article thumbnail

Meta sued over forcing users to pay to stop tracking

Malwarebytes

Meta is required to get users’ consent in Europe in order to show them targeted ads. For this reason, Meta has to provide European users with a way to opt out of behavioral advertising or face fines totalling $100,000 a day. Behavioral advertising are ads tailored to someone’s browsing habits and other online behavior. A profile of the user is built up over time, as they work their way around the web.

More Trending

article thumbnail

Telekopye: Chamber of Neanderthals’ secrets

We Live Security

ESET research shares insights about groups operating Telekopye, Telegram bots that scam people in online marketplaces, their internal onboarding process, different tricks of trade that Neanderthals use, and more.

Scams 144
article thumbnail

Modern Asian APT groups’ tactics, techniques and procedures (TTPs)

SecureList

Almost every quarter, someone publishes major research focusing on campaigns or incidents that involve Asian APT groups. These campaigns and incidents target various organizations from a multitude of industries. Likewise, the geographic location of victims is not limited to just one region. This type of research normally contains detailed information about the tools used by APT actors, the vulnerabilities that they exploit and sometimes even a specific attribution.

article thumbnail

Ransomware gang files SEC complaint over victim’s undisclosed breach

Bleeping Computer

The ALPHV/BlackCat ransomware operation has taken extortion to a new level by filing a U.S. Securities and Exchange Commission complaint against one of their alleged victims for not complying with the four-day rule to disclose a cyberattack. [.

article thumbnail

New AI Security Guidelines Published by NCSC, CISA & More International Agencies

Tech Republic Security

The Guidelines for Secure AI System Development have been drawn up to help developers ensure security is baked into the heart of new artificial intelligence models.

article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

YouTube shows ads for ad blocker, financial scams

Malwarebytes

After performing local experiments for a few months, YouTube recently expanded its effort to block ad blockers. The move was immediately unpopular with some users, and raised some questions in Europe about whether it was breaking privacy laws. In addition, there are some still some fundamental issues that have some people concerned. In this blog post, we look at a couple of examples that erode our trust in online ads.

Scams 145
article thumbnail

The CDC's Gun Violence Research Is in Danger

WIRED Threat Level

In a year pocked with fights over US government funding, Republicans are quietly trying to strip the Centers for Disease Control and Prevention of its ability to research gun violence.

article thumbnail

ParaSiteSnatcher: How Malicious Chrome Extensions Target Brazil

Trend Micro

We detail the modular framework of malicious Chrome extensions that consist of various highly obfuscated components that leverage Google Chrome API to monitor, intercept, and exfiltrate victim data.

article thumbnail

Mistaken Identity: Extracting Managed Identity Credentials from Azure Function Apps 

NetSpi Technical

As we were preparing our slides and tools for our DEF CON Cloud Village Talk ( What the Function: A Deep Dive into Azure Function App Security ), Thomas Elling and I stumbled onto an extension of some existing research that we disclosed on the NetSPI blog in March of 2023. We had started working on a function that could be added to a Linux container-based Function App to decrypt the container startup context that is passed to the container on startup.

article thumbnail

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

article thumbnail

Researchers Uncover Undetectable Crypto Mining Technique on Azure Automation

The Hacker News

Cybersecurity researchers have developed what's the first fully undetectable cloud-based cryptocurrency miner leveraging the Microsoft Azure Automation service without racking up any charges. Cybersecurity company SafeBreach said it discovered three different methods to run the miner, including one that can be executed on a victim's environment without attracting any attention.

article thumbnail

Kaspersky’s Advanced Persistent Threats Predictions for 2024

Tech Republic Security

New botnets, more AI in spearphishing and increases in hack-for-hire business are some of Kaspersky's security predictions. Get extensive APT mitigation tips, too.

Hacking 194
article thumbnail

Credit card skimming on the rise for the holiday shopping season

Malwarebytes

As we head into shopping season, customers aren’t the only ones getting excited. More online shopping means more opportunities for cybercriminals to grab their share using scams and data theft. One particular threat we’re following closely and expect to increase over the next several weeks is credit card skimming. Online stores are not always as secure as you might think they are, and yet you need to hand over your valuable credit card information in order to buy anything.

Antivirus 145
article thumbnail

The Mirai Confessions: Three Young Hackers Who Built a Web-Killing Monster Finally Tell Their Story

WIRED Threat Level

Netflix, Spotify, Twitter, PayPal, Slack. All down for millions of people. How a group of teen friends plunged into an underworld of cybercrime and broke the internet—then went to work for the FBI.

article thumbnail

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

article thumbnail

Critical bug in ownCloud file sharing app exposes admin passwords

Bleeping Computer

Open source file sharing software ownCloud is warning of three critical-severity security vulnerabilities, including one that can expose administrator passwords and mail server credentials. [.

Passwords 137
article thumbnail

DarkCasino joins the list of APT groups exploiting WinRAR zero-day

Security Affairs

The DarkCasino APT group leveraged a recently disclosed WinRAR zero-day vulnerability tracked as CVE-2023-38831. Researchers at cybersecurity firm NSFOCUS analyzed DarkCasino attack pattern exploiting the WinRAR zero-day vulnerability tracked as CVE-2023-38831. The economically motivated APT group used specially crafted archives in phishing attacks against forum users through online trading forum posts. “DarkCasino is an APT threat actor with strong technical and learning ability, who is g

Phishing 136
article thumbnail

Reptar: New Intel CPU Vulnerability Impacts Multi-Tenant Virtualized Environments

The Hacker News

Intel has released fixes to close out a high-severity flaw codenamed Reptar that impacts its desktop, mobile, and server CPUs. Tracked as CVE-2023-23583 (CVSS score: 8.8), the issue has the potential to "allow escalation of privilege and/or information disclosure and/or denial of service via local access.

Mobile 138
article thumbnail

Australian Nonprofit Cyber Security Is So Poor It Might Be Affecting Donations

Tech Republic Security

Research from Infoxchange indicates that poor cyber security practices in Australia’s not-for-profit sector are putting its donors’ and communities’ data at risk.

Risk 185
article thumbnail

From Complexity to Clarity: Strategies for Effective Compliance and Security Measures

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.

article thumbnail

Judge rules it’s fine for car makers to intercept your text messages

Malwarebytes

A federal judge has refused to bring back a class action lawsuit that alleged four car manufacturers had violated Washington state’s privacy laws by using vehicles’ on-board infotainment systems to record customers’ text messages and mobile phone call logs. The judge ruled that the practice doesn’t meet the threshold for an illegal privacy violation under state law.

article thumbnail

CVE-2023-46604 (Apache ActiveMQ) Exploited to Infect Systems With Cryptominers and Rootkits

Trend Micro

We uncovered the active exploitation of the Apache ActiveMQ vulnerability CVE-2023-46604 to download and infect Linux systems with the Kinsing malware (also known as h2miner) and cryptocurrency miner.

article thumbnail

Apple fixes two new iOS zero-days in emergency updates

Bleeping Computer

Apple released emergency security updates to fix two zero-day vulnerabilities exploited in attacks and impacting iPhone, iPad, and Mac devices, reaching 20 zero-days patched since the start of the year. [.

136
136
article thumbnail

How to become an ethical hacker: A step-by-step guide

Hack the Box

Our Head of Security, Ben Rollin, calls on more than a decade of experience in cybersecurity to break down the practical steps to a career in ethical hacking.

Hacking 145
article thumbnail

Successful Change Management with Enterprise Risk Management

Speaker: William Hord, Vice President of ERM Services

A well-defined change management process is critical to minimizing the impact that change has on your organization. Leveraging the data that your ERM program already contains is an effective way to help create and manage the overall change management process within your organization. Your ERM program generally assesses and maintains detailed information related to strategy, operations, and the remediation plans needed to mitigate the impact on the organization.

article thumbnail

New Flaws in Fingerprint Sensors Let Attackers Bypass Windows Hello Login

The Hacker News

A new research has uncovered multiple vulnerabilities that could be exploited to bypass Windows Hello authentication on Dell Inspiron 15, Lenovo ThinkPad T14, and Microsoft Surface Pro X laptops.

article thumbnail

Microsoft Improves Windows Security with a Path to Move Off NTLM

Tech Republic Security

It’s time to stop relying on the insecure authentication protocol built into Windows. Microsoft is making it easier to switch to secure modern options.

article thumbnail

Associated Press, ESPN, CBS among top sites serving fake virus alerts

Malwarebytes

ScamClub is a threat actor who’s been involved in malvertising activities since 2018. Chances are you probably ran into one of their online scams on your mobile device. Confiant, the firm that has tracked ScamClub for years, released a comprehensive report in September while also disrupting their activities. However, ScamClub has been back for several weeks, and more recently they were behind some very high profile malicious redirects.

Mobile 138
article thumbnail

Attack Signals Possible Return of Genesis Market, Abuses Node.js, and EV Code Signing

Trend Micro

The Trend Micro Managed XDR team encountered malicious operations that used techniques similar to the ones used by Genesis Market, a website for facilitating fraud that was taken down in April 2023.

Marketing 136
article thumbnail

Cover Your SaaS: How to Overcome Security Challenges and Risks For Your Organization

Speaker: Ronald Eddings, Cybersecurity Expert and Podcaster

So, you’ve accomplished an organization-wide SaaS adoption. It started slow, and now just a few team members might be responsible for running Salesforce, Slack, and a few others applications that boost productivity, but it’s all finished. Or is it? Through all the benefits offered by SaaS applications, it’s still a necessity to onboard providers as quickly as possible.