April, 2023

article thumbnail

5 most dangerous new attack techniques

CSO Magazine

Cyber experts from the SANS Institute have revealed the five most dangerous new attack techniques being used by attackers including cyber criminals and nation-state actors. They were presented in a session at the RSA Conference in San Francisco, where a panel of SANS analysts explored emerging Tactics, Techniques, and Procedures (TTPs) and advised organizations on how to prepare for them.

article thumbnail

FBI Seizes Bot Shop ‘Genesis Market’ Amid Arrests Targeting Operators, Suppliers

Krebs on Security

Several domain names tied to Genesis Market , a bustling cybercrime store that sold access to passwords and other data stolen from millions of computers infected with malicious software, were seized by the Federal Bureau of Investigation (FBI) today. Sources tell KrebsOnsecurity the domain seizures coincided with “dozens” of arrests in the United States and abroad targeting those who allegedly operated the service, as well as suppliers who continuously fed Genesis Market with freshly

Marketing 332
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

UK Threatens End-to-End Encryption

Schneier on Security

In an open letter , seven secure messaging apps—including Signal and WhatsApp—point out that the UK’s Online Safety Bill could destroy end-to-end encryption: As currently drafted, the Bill could break end-to-end encryption,opening the door to routine, general and indiscriminate surveillance of personal messages of friends, family members, employees, executives, journalists, human rights activists and even politicians themselves, which would fundamentally undermine everyone’s ab

article thumbnail

Ransomware attacks increased 91% in March, as threat actors find new vulnerabilities

Tech Republic Security

Ransomware attacks skyrocketed last month according to the new monthly cybersecurity report by NCC Group. New threat group Cl0p is behind the increase as it exploited vulnerabilities in GoAnywhere file transfer manager. The post Ransomware attacks increased 91% in March, as threat actors find new vulnerabilities appeared first on TechRepublic.

article thumbnail

The Importance of User Roles and Permissions in Cybersecurity Software

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

article thumbnail

Flipper Zero banned by Amazon for being a ‘card skimming device’

Bleeping Computer

Amazon has banned the sale of the Flipper Zero portable multi-tool for pen-testers as it no longer allows its sale on the platform after tagging it as a card-skimming device. [.

article thumbnail

Evasive Panda APT group delivers malware via updates for popular Chinese software

We Live Security

ESET Research uncovers a campaign by the APT group known as Evasive Panda targeting an international NGO in China with malware delivered through updates of popular Chinese software The post Evasive Panda APT group delivers malware via updates for popular Chinese software appeared first on WeLiveSecurity

Software 145

More Trending

article thumbnail

Many Public Salesforce Sites are Leaking Private Data

Krebs on Security

A shocking number of organizations — including banks and healthcare providers — are leaking private and sensitive information from their public Salesforce Community websites, KrebsOnSecurity has learned. The data exposures all stem from a misconfiguration in Salesforce Community that allows an unauthenticated user to access records that should only be available after logging in.

Banking 278
article thumbnail

FBI Advising People to Avoid Public Charging Stations

Schneier on Security

The FBI is warning people against using public phone-charging stations, worrying that the combination power-data port can be used to inject malware onto the devices: Avoid using free charging stations in airports, hotels, or shopping centers. Bad actors have figured out ways to use public USB ports to introduce malware and monitoring software onto devices that access these ports.

Malware 288
article thumbnail

BYOD and personal apps: A recipe for data breaches

Tech Republic Security

Some 43% of employees have been targeted with work-related phishing attacks on their personal devices, says a survey from SlashNext. The post BYOD and personal apps: A recipe for data breaches appeared first on TechRepublic.

article thumbnail

'GhostToken' Opens Google Accounts to Permanent Infection

Dark Reading

A bug in how Google Cloud Platform handles OAuth tokens opened the door to Trojan apps that could access anything in users' personal or business Google Drives, Photos, Gmail, and more.

article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

Linux malware strengthens links between Lazarus and the 3CX supply?chain attack

We Live Security

Similarities with newly discovered Linux malware used in Operation DreamJob corroborate the theory that the infamous North Korea-aligned group is behind the 3CX supply-chain attack The post Linux malware strengthens links between Lazarus and the 3CX supply‑chain attack appeared first on WeLiveSecurity

Malware 145
article thumbnail

Western Digital Hacked: ‘My Cloud’ Data Dead (Even Local Storage!)

Security Boulevard

Déjà Vu: Hack of WD systems leads to My Cloud service outage. Owners unable to access files. The post Western Digital Hacked: ‘My Cloud’ Data Dead (Even Local Storage!) appeared first on Security Boulevard.

Hacking 145
article thumbnail

KFC, Pizza Hut owner discloses data breach after ransomware attack

Bleeping Computer

Yum! Brands, the brand owner of the KFC, Pizza Hut, and Taco Bell fast food chains, is now sending data breach notification letters to an undisclosed number of individuals whose personal information was stolen in a January 13 ransomware attack. [.

article thumbnail

5 ways threat actors can use ChatGPT to enhance attacks

CSO Magazine

The Cloud Security Alliance (CSA) has revealed five ways malicious actors can use ChatGPT to enhance their attack toolset in a new report exploring the cybersecurity implications of large language models (LLMs). The Security Implications of ChatGPT paper details how threat actors can exploit AI-driven systems in different aspects of cyberattacks including enumeration, foothold assistance, reconnaissance, phishing, and the generation of polymorphic code.

Phishing 138
article thumbnail

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

article thumbnail

For cybercriminal mischief, it’s dark web vs deep web

Tech Republic Security

A new report from cyberthreat intelligence company Cybersixgill sees threat actors swarming to digital bazaars to collaborate, buy and sell malware and credentials. The post For cybercriminal mischief, it’s dark web vs deep web appeared first on TechRepublic.

Malware 201
article thumbnail

Researcher Tricks ChatGPT into Building Undetectable Steganography Malware

Dark Reading

Using only ChatGPT prompts, a Forcepoint researcher convinced the AI to create malware for finding and exfiltrating specific documents, despite its directive to refuse malicious requests.

Malware 140
article thumbnail

Discarded, not destroyed: Old routers reveal corporate secrets

We Live Security

When decommissioning their old hardware, many companies 'throw the baby out with the bathwater' The post Discarded, not destroyed: Old routers reveal corporate secrets appeared first on WeLiveSecurity

141
141
article thumbnail

FINALLY! Google Makes 2FA App Useable — BUT There’s a Catch

Security Boulevard

2FA OTP ASAP? Google Authenticator app now syncs your secrets: No stress if you break your phone. The post FINALLY! Google Makes 2FA App Useable — BUT There’s a Catch appeared first on Security Boulevard.

article thumbnail

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

article thumbnail

WinRAR SFX archives can run PowerShell without being detected

Bleeping Computer

Hackers are adding malicious functionality to WinRAR self-extracting archives that contain harmless decoy files, allowing them to plant backdoors without triggering the security agent on the target system. [.

145
145
article thumbnail

Google bans 173,000 malicious app developers

CyberSecurity Insiders

Google has issued a ban on approximately 173,000 application developers who tried various methods to get their software published on its Play Store. The web search giant has officially confirmed that it has weeded out a large number of bad accounts and has announced that it will raise the bar even further this year. According to a source at the technology giant, the company has taken stringent action against those spreading malware and spying tools under the guise of renowned applications and wi

article thumbnail

Google moves to keep public sector cybersecurity vulnerabilities leashed

Tech Republic Security

Google Cloud and The Center for Internet Security, Inc., launched the Google Cloud Alliance this week with the goal of advancing digital security in the public sector. The Center for Internet Security, founded in 2000 to address growing cyber threats and establish a set of cybersecurity protocols and standards like CIS Critical Security Controls and.

article thumbnail

What is the true potential impact of artificial intelligence on cybersecurity?

CSO Magazine

Will artificial intelligence become clever enough to upend computer security? AI is already surprising the world of art by producing masterpieces in any style on demand. It’s capable of writing poetry while digging up arcane facts in a vast repository. If AIs can act like a bard while delivering the comprehensive power of the best search engines, why can’t they shatter security protocols, too?

article thumbnail

From Complexity to Clarity: Strategies for Effective Compliance and Security Measures

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.

article thumbnail

Over 1 Million WordPress Sites Infected by Balada Injector Malware Campaign

The Hacker News

Over one million WordPress websites are estimated to have been infected by an ongoing campaign to deploy malware called Balada Injector since 2017. The massive campaign, per GoDaddy's Sucuri, "leverages all known and recently discovered theme and plugin vulnerabilities" to breach WordPress sites. The attacks are known to play out in waves once every few weeks.

Malware 133
article thumbnail

TikTok Abused Kids’ Data — UK Fines it $16 Million

Security Boulevard

$8.50 per child: UK regulator punishes TikTok at 5.5% of revenue. Says app illegally tracked children. The post TikTok Abused Kids’ Data — UK Fines it $16 Million appeared first on Security Boulevard.

article thumbnail

US, UK warn of govt hackers using custom malware on Cisco routers

Bleeping Computer

The US, UK, and Cisco are warning of Russian state-sponsored APT28 hackers deploying a custom malware named 'Jaguar Tooth' on Cisco IOS routers, allowing unauthenticated access to the device. [.

Malware 144
article thumbnail

Quantum Computing Threats: A How-to Guide for Preparing Your Company’s Cybersecurity Defenses

CyberSecurity Insiders

Quantum computing, while still in its infancy, is developing rapidly and holds tremendous potential for solving complex computational problems. However, its growth also presents significant challenges to cybersecurity, as it has the potential to render traditional cryptographic algorithms obsolete. This guide aims to provide a comprehensive understanding of the implications of quantum computing on cybersecurity, review the most notable quantum security technologies and vendors, and offer real-wo

article thumbnail

Successful Change Management with Enterprise Risk Management

Speaker: William Hord, Vice President of ERM Services

A well-defined change management process is critical to minimizing the impact that change has on your organization. Leveraging the data that your ERM program already contains is an effective way to help create and manage the overall change management process within your organization. Your ERM program generally assesses and maintains detailed information related to strategy, operations, and the remediation plans needed to mitigate the impact on the organization.

article thumbnail

API security becoming C-level cybersecurity concern

Tech Republic Security

With Neosec acquisition, Akamai gains capabilities around API visibility, a security challenge for organizations, many of which have hundreds of integrated applications. The post API security becoming C-level cybersecurity concern appeared first on TechRepublic.

article thumbnail

EU privacy regulators to create taskforce to investigate ChatGPT

CSO Magazine

The European Data Protection Board (EDPB) plans to launch a dedicated task force to investigate ChatGPT after a number of European privacy watchdogs raised concerns about whether the technology is compliant with the EU's General Data Protection Regulation (GDPR). Europe's national privacy regulators said on Thursday that the decision came following discussions about recent enforcement action undertaken by the Italian data protection authority against OpenAI regarding its ChatGPT service.

article thumbnail

Not just an infostealer: Gopuram backdoor deployed through 3CX supply chain attack

SecureList

On March 29, Crowdstrike published a report about a supply chain attack conducted via 3CXDesktopApp, a popular VoIP program. Since then, the security community has started analyzing the attack and sharing their findings. The following has been discovered so far: The infection is spread via 3CXDesktopApp MSI installers. An installer for macOS has also been trojanized.

article thumbnail

Rust in Windows — it’s Official — Safe and Fast

Security Boulevard

40-year-old code: Starting with ancient, vulnerable legacy, Redmond team is rewriting chunks in the trendy secure language. The post Rust in Windows — it’s Official — Safe and Fast appeared first on Security Boulevard.

article thumbnail

Cybersecurity Predictions for 2024

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.