October, 2023

article thumbnail

Safe, Secure, Anonymous, and Other Misleading Claims

Troy Hunt

Imagine you wanted to buy some s**t on the internet. Not the metaphorical kind in terms of "I bought some random s**t online", but literal s**t. Turds. Faeces. The kind of thing you never would have thought possible to buy online until. Shitexpress came along. Here's a service that enables you to send an actual piece of smelly s**t to "An irritating colleague.

Internet 330
article thumbnail

Hackers Stole Access Tokens from Okta’s Support Unit

Krebs on Security

Okta , a company that provides identity tools like multi-factor authentication and single sign-on to thousands of businesses, has suffered a security breach involving a compromise of its customer support unit, KrebsOnSecurity has learned. Okta says the incident affected a “very small number” of customers, however it appears the hackers responsible had access to Okta’s support platform for at least two weeks before the company fully contained the intrusion.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Cisco Can’t Stop Using Hard-Coded Passwords

Schneier on Security

There’s a new Cisco vulnerability in its Emergency Responder product: This vulnerability is due to the presence of static user credentials for the root account that are typically reserved for use during development. An attacker could exploit this vulnerability by using the account to log in to an affected system. A successful exploit could allow the attacker to log in to the affected system and execute arbitrary commands as the root user.

Passwords 338
article thumbnail

Author Q&A: Here’s why the good guys must continually test the limitations of ‘EDR’

The Last Watchdog

A new tier of overlapping, interoperable, highly automated security platforms must, over the next decade, replace the legacy, on-premise systems that enterprises spent multiple kings’ fortunes building up over the past 25 years. Related: How ‘XDR’ defeats silos Now along comes a new book, Evading EDR: The Definitive Guide for Defeating Endpoint Detection Systems , by a red team expert, Matt Hand, that drills down a premier legacy security system that is in the midst of this transitio

article thumbnail

Human-Centered Cyber Security Training: Driving Real Impact on Security Culture

Speaker: Speakers:

In today's digital age, having an untrained workforce can be a significant risk to your business. Cyber threats are evolving; without proper training, your employees could be the weakest link in your defense. This webinar empowers leaders like you with the tools and strategies needed to transform your employees into a robust frontline defense against cyber attacks.

article thumbnail

New DDoS Attack is Record Breaking: HTTP/2 Rapid Reset Zero-Day Reported by Google, AWS & Cloudflare

Tech Republic Security

A vulnerability in the HTTP/2 network protocol is currently being exploited, resulting in the largest DDoS attack in history. Find out what security teams should do now, and hear what Cloudflare's CEO has to say about this DDoS.

DDOS 210
article thumbnail

Cybersecurity Awareness Month 2023 – What it is and why we should be aware

Thales Cloud Protection & Licensing

Cybersecurity Awareness Month 2023 – What it is and why we should be aware madhav Tue, 10/03/2023 - 05:33 The inception of Cybersecurity Awareness Month in 2004 came at a critical juncture in our technological history. As we are well and truly in the digital-first age, the need for robust cybersecurity measures is glaringly evident. Though significant, the early days' threats vastly differed from today's sophisticated cyberattacks.

More Trending

article thumbnail

Tech CEO Sentenced to 5 Years in IP Address Scheme

Krebs on Security

Amir Golestan , the 40-year-old CEO of the Charleston, S.C. based technology company Micfo LLC , has been sentenced to five years in prison for wire fraud. Golestan’s sentencing comes nearly two years after he pleaded guilty to using an elaborate network of phony companies to secure more than 735,000 Internet Protocol (IP) addresses from the American Registry for Internet Numbers (ARIN), the nonprofit which oversees IP addresses assigned to entities in the U.S., Canada, and parts of the Ca

Internet 303
article thumbnail

Security Vulnerability of Switzerland’s E-Voting System

Schneier on Security

Online voting is insecure, period. This doesn’t stop organizations and governments from using it. (And for low-stakes elections, it’s probably fine.) Switzerland—not low stakes—uses online voting for national elections. Ed Appel explains why it’s a bad idea: Last year, I published a 5-part series about Switzerland’s e-voting system.

Malware 314
article thumbnail

How to catch a wild triangle

SecureList

In the beginning of 2023, thanks to our Kaspersky Unified Monitoring and Analysis Platform (KUMA) SIEM system, we noticed suspicious network activity that turned out to be an ongoing attack targeting the iPhones and iPads of our colleagues. The moment we understood that there was a clear pattern in the connections, and that the devices could have been infected, we initiated a standard digital forensics and incident response (DFIR) protocol for such cases – moving around the office, collecting th

article thumbnail

Generative AI Can Write Phishing Emails, But Humans Are Better At It, IBM X-Force Finds

Tech Republic Security

Hacker Stephanie "Snow" Carruthers and her team found phishing emails written by security researchers saw a 3% better click rate than phishing emails written by ChatGPT.

Phishing 194
article thumbnail

The Importance of User Roles and Permissions in Cybersecurity Software

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

article thumbnail

Winter Vivern exploits zero-day vulnerability in Roundcube Webmail servers

We Live Security

ESET Research discover campaigns by the Winter Vivern APT group that exploit a zero-day XSS vulnerability in the Roundcube Webmail server and target governmental entities and a think tank in Europe.

144
144
article thumbnail

1Password discloses security incident linked to Okta breach

Bleeping Computer

1Password, a popular password management platform used by over 100,000 businesses, suffered a security incident after hackers gained access to its Okta ID management tenant. [.

article thumbnail

23andMe User Data Stolen in Targeted Attack on Ashkenazi Jews

WIRED Threat Level

At least a million data points from 23andMe accounts appear to have been exposed on BreachForums. While the scale of the campaign is unknown, 23andMe says it's working to verify the data.

article thumbnail

Android devices shipped with backdoored firmware as part of the BADBOX network

Security Affairs

Researchers warn that more than 70,000 Android smartphones, CTV boxes, and tablets were shipped with backdoored firmware as part of BADBOX network. Cybersecurity researchers at Human Security discovered a global network of consumer products, dubbed BADBOX, with firmware backdoors installed and sold through a compromised hardware supply chain. The experts reported that at least 74,000 Android-based mobile phones, tablets, and Connected TV boxes worldwide were shipped with the backdoored firmware.

Firmware 144
article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

A PowerShell Script to Mitigate Active Directory Security Risks

eSecurity Planet

Cyber attackers frequently use legacy technology as part of their attack strategies, targeting organizations that have yet to implement mitigations or upgrade obsolete components. In an Active Directory environment, one such component is legacy protocols, which attackers can use to gain access to Active Directory. While patching (or even virtual patching ) might help address obsolete components, most legacy components have been thoroughly evaluated by adversaries to determine whether they should

Risk 142
article thumbnail

New EvilProxy Phishing Attack Uses Indeed.com Redirector to Target US Executives

Tech Republic Security

Microsoft, the Dark Web and the name John Malkovich all factor into this EvilProxy phishing attack. The good news is there are steps IT can take to mitigate this security threat.

Phishing 184
article thumbnail

'Log in with.' Feature Allows Full Online Account Takeover for Millions

Dark Reading

Hundreds of millions of users of Grammarly, Vidio, and the Indonesian e-commerce giant Bukalapak are at risk for financial fraud and credential theft due to OAuth misfires -- and other online services likely have the same problems.

article thumbnail

Number of hacked Cisco IOS XE devices plummets from 50K to hundreds

Bleeping Computer

The number of Cisco IOS XE devices hacked with a malicious backdoor implant has mysteriously plummeted from over 50,000 impacted devices to only a few hundred, with researchers unsure what is causing the sharp decline. [.

Hacking 142
article thumbnail

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

article thumbnail

How Neuralink Keeps Dead Monkey Photos Secret

WIRED Threat Level

Elon Musk’s brain-chip startup conducted years of tests at UC Davis, a public university. A WIRED investigation reveals how Neuralink and the university keep the grisly images of test subjects hidden.

145
145
article thumbnail

ESET APT Activity Report Q2–Q3 2023

We Live Security

This issue of the ESET APT Activity Report features an overview of the activities of selected APT groups as analyzed by ESET Research between April and September 2023.

143
143
article thumbnail

Meta is using your public Facebook and Instagram posts to train its AI

Malwarebytes

Post anything publicly on Facebook and Instagram? Meta has likely been using those posts to train its AI, according to the company's top policy executive. In an interview with Reuters , Meta President of Global Affairs Nick Clegg said the company used the public posts to train the LLM (large language model) that feeds into its new Meta AI virtual assistant.

Media 139
article thumbnail

Apple Vulnerability Can Expose iOS and macOS Passwords, Safari Browsing History

Tech Republic Security

This Safari vulnerability has not been exploited in the wild. Apple offers a mitigation, but the fix needs to be enabled manually.

Passwords 206
article thumbnail

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

article thumbnail

Critical, Unpatched Cisco Zero-Day Bug Is Under Active Exploit

Dark Reading

No patch or workaround is currently available for the maximum severity flaw, which allows attackers to gain complete administrator privilege on affected devices remotely and without authentication.

article thumbnail

New 'Looney Tunables' Linux bug gives root on major distros

Bleeping Computer

A new Linux vulnerability, known as 'Looney Tunables' and tracked as CVE-2023-4911, enables local attackers to gain root privileges by exploiting a buffer overflow weakness in the GNU C Library's ld.so dynamic loader. [.

143
143
article thumbnail

They Cracked the Code to a Locked USB Drive Worth $235 Million in Bitcoin. Then It Got Weird

WIRED Threat Level

Stefan Thomas lost the password to an encrypted USB drive holding 7,002 bitcoins. One team of hackers believes they can unlock it—if they can get Thomas to let them.

article thumbnail

Fraudsters target Booking.com customers claiming hotel stay could be cancelled

Graham Cluley

One of the world's largest online travel agencies, Booking.com, is being used by fraudsters to trick hotel guests into handing over their payment card details. How do I know? The fraudsters tried the trick with me.

Phishing 139
article thumbnail

From Complexity to Clarity: Strategies for Effective Compliance and Security Measures

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.

article thumbnail

Warning: Unpatched Cisco Zero-Day Vulnerability Actively Targeted in the Wild

The Hacker News

Cisco has warned of a critical, unpatched security flaw impacting IOS XE software that’s under active exploitation in the wild. Rooted in the web UI feature, the zero-day vulnerability is assigned as CVE-2023-20198 and has been assigned the maximum severity rating of 10.0 on the CVSS scoring system.

Software 138
article thumbnail

Software Supply Chain Security Attacks Up 200%: New Sonatype Research

Tech Republic Security

Sonatype's 9th annual State of the Software Supply Chain also covers regulations and how AI could help developers protect organizations from security risks.

Software 184
article thumbnail

NoEscape Ransomware, AvosLocker Ransomware, Retch Ransomware, S-H-O Ransomware and More: Hacker’s Playbook Threat Coverage Round-up: October 31st, 2023

Security Boulevard

New and updated coverage for ransomware and malware variants, including NoEscape ransomware, AvosLocker ransomware, and others. The post NoEscape Ransomware, AvosLocker Ransomware, Retch Ransomware, S-H-O Ransomware and More: Hacker’s Playbook Threat Coverage Round-up: October 31st, 2023 appeared first on SafeBreach. The post NoEscape Ransomware, AvosLocker Ransomware, Retch Ransomware, S-H-O Ransomware and More: Hacker’s Playbook Threat Coverage Round-up: October 31st, 2023 appeared first on Se

article thumbnail

Microsoft Defender now auto-isolates compromised accounts

Bleeping Computer

Microsoft Defender for Endpoint now uses automatic attack disruption to isolate compromised user accounts and block lateral movement in hands-on-keyboard attacks with the help of a new 'contain user' capability in public preview. [.

article thumbnail

Successful Change Management with Enterprise Risk Management

Speaker: William Hord, Vice President of ERM Services

A well-defined change management process is critical to minimizing the impact that change has on your organization. Leveraging the data that your ERM program already contains is an effective way to help create and manage the overall change management process within your organization. Your ERM program generally assesses and maintains detailed information related to strategy, operations, and the remediation plans needed to mitigate the impact on the organization.