February, 2024

article thumbnail

Microsoft Is Spying on Users of Its AI Tools

Schneier on Security

Microsoft announced that it caught Chinese, Russian, and Iranian hackers using its AI tools—presumably coding tools—to improve their hacking abilities. From their report : In collaboration with OpenAI, we are sharing threat intelligence showing detected state affiliated adversaries—tracked as Forest Blizzard, Emerald Sleet, Crimson Sandstorm, Charcoal Typhoon, and Salmon Typhoon—using LLMs to augment cyberoperations.

Hacking 332
article thumbnail

Scammers Steal Over $25 Million By Using AI Deepfake Video Call To Convince Suspicious Employee That A Phishing Email Is Legitimate

Joseph Steinberg

Scammers stole over $25 million from a multinational business by utilizing cutting-edge real-time video deepfake technology to convince an employee in the firm’s accounts-payable department that the worker had properly validated a payment request previously sent to him via email. According to police in Hong Kong, the worker (whose identity police did not reveal) had received a request by email to issue a $200 Million Hong Kong Dollar payment (equivalent to approximately $25.6 Million USD at the

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

U.S. Internet Leaked Years of Internal, Customer Emails

Krebs on Security

The Minnesota-based Internet provider U.S. Internet Corp. has a business unit called Securence , which specializes in providing filtered, secure email services to businesses, educational institutions and government agencies worldwide. But until it was notified last week, U.S. Internet was publishing more than a decade’s worth of its internal email — and that of thousands of Securence clients — in plain text out on the Internet and just a click away for anyone with a Web browser

Internet 330
article thumbnail

Spear Phishing vs Phishing: What Are The Main Differences?

Tech Republic Security

There are a few differences between spear phishing and phishing that can help you identify and protect your organization from threats. Learn about these differences.

Phishing 204
article thumbnail

The Importance of User Roles and Permissions in Cybersecurity Software

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

article thumbnail

Kali Linux 2024.1 Release (Micro Mirror)

Kali Linux

Hello 2024! Today we are unveiling Kali Linux 2024.1. As this is our the first release of the year, it does include new visual elements! Along with this we also have some exciting new mirrors to talk about, and of course some package changes - both new tools and upgrades to existing ones. If you want to see the new theme for yourself and maybe try out one of those new mirrors, download a new image or upgrade if you have an existing Kali Linux installation.

Software 145
article thumbnail

Researchers found a zero-click Facebook account takeover

Security Affairs

A critical vulnerability in Facebook could have allowed threat actors to hijack any Facebook account, researcher warns. Meta addressed a critical Facebook vulnerability that could have allowed attackers to take control of any account. The Nepalese researcher Samip Aryal described the flaw as a rate-limiting issue in a specific endpoint of Facebook’s password reset flow.

More Trending

article thumbnail

Malicious AI models on Hugging Face backdoor users’ machines

Bleeping Computer

At least 100 instances of malicious AI ML models were found on the Hugging Face platform, some of which can execute code on the victim's machine, giving attackers a persistent backdoor. [.

138
138
article thumbnail

Android banking trojans: How they steal passwords and drain bank accounts

Malwarebytes

For the most popular operating system in the world—which is Android and it isn’t even a contest —there’s a sneaky cyberthreat that can empty out a person’s bank accounts to fill the illicit coffers of cybercriminals. These are “Android banking trojans,” and, according to our 2024 ThreatDown State of Malware report , Malwarebytes detected an astonishing 88,500 of them last year alone.

Banking 143
article thumbnail

OpenAI’s Sora Generates Photorealistic Videos

Tech Republic Security

Sora is in red teamers' and selected artists' hands for now, as OpenAI tries to prevent AI video from being used for misinformation or offensive content.

article thumbnail

How the Pentagon Learned to Use Targeted Ads to Find its Targets—and Vladimir Putin

WIRED Threat Level

Meet the guy who taught US intelligence agencies how to make the most of the ad tech ecosystem, "the largest information-gathering enterprise ever conceived by man.

144
144
article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

GitHub Fights Forks — Millions of Them — Huge Software Supply Chain Security FAIL

Security Boulevard

Forking hell: Scrotebots clone thousands of projects, injecting malware millions of times. The post GitHub Fights Forks — Millions of Them — Huge Software Supply Chain Security FAIL appeared first on Security Boulevard.

Software 137
article thumbnail

CVE-2024-24401 & 24402: Nagios XI Security Flaws Found! PoC Published

Penetration Testing

Two security vulnerabilities (CVE-2024-24401 and CVE-2024-24402) have been identified in Nagios XI, a widely used enterprise-grade monitoring tool. These flaws pose significant risks for organizations utilizing the software. What is Nagios XI? Nagios XI... The post CVE-2024-24401 & 24402: Nagios XI Security Flaws Found! PoC Published appeared first on Penetration Testing.

article thumbnail

Lazarus hackers exploited Windows zero-day to gain Kernel privileges

Bleeping Computer

North Korean threat actors known as the Lazarus Group exploited a flaw in the Windows AppLocker driver (appid.sys) as a zero-day to gain kernel-level access and turn off security tools, allowing them to bypass noisy BYOVD (Bring Your Own Vulnerable Driver) techniques. [.

140
140
article thumbnail

Vibrator virus steals your personal information

Malwarebytes

I know that some of you are expecting a post similar to that about a toothbrush botnet , but this is not a hypothetical case. It actually happened. A Malwarebytes Premium customer started a thread on Reddit saying we had blocked malware from trying to infect their computer after they connected a vibrator to a USB port in order to charge the device. The vibrator, Spencer’s Sexology Pussy Power 8-Function Rechargeable Bullet Vibrator, was infected with an information stealer known as Lumma.

Software 143
article thumbnail

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

article thumbnail

Google Cloud’s Nick Godfrey Talks Security, Budget and AI for CISOs

Tech Republic Security

Google Cloud’s Director of Office of the CISO Nick Godfrey reminds business leaders to integrate security into conversations around financial and business targets.

CISO 187
article thumbnail

Travel Update! The NIST CSF 2.0 is HERE…Along with Many Helpful Resources…

NSTIC

NIST CSF 2.0 QUICK LINKS | Explore our Full Suite of Resources: CSF 2.0 Quick Start Guides CSF 2.0 Profiles CSF 2.0 Informative References Cybersecurity & Privacy Reference Tool (CPRT) CSF 2.0 Reference Tool CSF 2.0 Website ( Homepage ) Official NIST News Announcement The NIST Cybersecurity Framework (CSF) development process all started with Executive Order (EO)13636 over a decade ago, which called for building a set of approaches ( a framework ) for reducing risks to critical infrastructure.

article thumbnail

LockBit Ransomware Group Returns After Law Enforcement Operation

Security Boulevard

The LockBit ransomware group is swinging back days after U.S. and UK law enforcement agencies announced they had disrupted the operations of the prolific cybercrime gang. The post LockBit Ransomware Group Returns After Law Enforcement Operation appeared first on Security Boulevard.

article thumbnail

CVE-2024-24691 (CVSS 9.6): Critical Zoom Privilege Escalation Vulnerability

Penetration Testing

Zoom, the popular video conferencing platform, has addressed several critical security vulnerabilities affecting its Windows, iOS, and Android clients. A total of 7 security flaws were fixed. IT teams and individual users should patch... The post CVE-2024-24691 (CVSS 9.6): Critical Zoom Privilege Escalation Vulnerability appeared first on Penetration Testing.

article thumbnail

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

article thumbnail

Russian hackers shift to cloud attacks, US and allies warn

Bleeping Computer

Members of the Five Eyes (FVEY) intelligence alliance warned today that APT29 Russian Foreign Intelligence Service (SVR) hackers are now switching to attacks targeting their victims' cloud services. [.

135
135
article thumbnail

FBI and CISA publish guide to Living off the Land techniques

Malwarebytes

The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), and other authoring agencies have released a joint guidance about common living off the land (LOTL) techniques and common gaps in cyber defense capabilities. Living Off The Land (LOTL) is a covert cyberattack technique in which criminals carry out malicious activities using legitimate IT administration tools.

Software 145
article thumbnail

Botnet Struck U.S. Routers. Here’s How to Keep Employees Safe

Tech Republic Security

The FBI spotted this state-sponsored attack that highlights how home office setups can be overlooked when it comes to employees’ cybersecurity.

article thumbnail

New SocGholish Infection Chain Discovered

Digital Shadows

ReliaQuest has detected a variant of the SocGholish malware that uses Python instead of PowerShell for persistence, signaling an evolution in the TTPs of threat actors utilizing this malware.

Malware 138
article thumbnail

From Complexity to Clarity: Strategies for Effective Compliance and Security Measures

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.

article thumbnail

‘Total Bollocks’ — No, Your Toothbrush isn’t DDoS’ing

Security Boulevard

PR FAIL: Were 3 million toothbrushes hacked into a botnet? Or does a Fortinet spokeschild have egg on his face? The post ‘Total Bollocks’ — No, Your Toothbrush isn’t DDoS’ing appeared first on Security Boulevard.

Hacking 142
article thumbnail

Google Chrome Zero-Day PoC Code Released

Penetration Testing

A proof-of-concept (PoC) exploit code and technical details have been made available for a zero-day security flaw, tracked as CVE-2022-4262 (CVSS 8.8), affecting Google Chrome. The heart of this vulnerability lies within the Chrome... The post Google Chrome Zero-Day PoC Code Released appeared first on Penetration Testing.

article thumbnail

Russian hackers hijack Ubiquiti routers to launch stealthy attacks

Bleeping Computer

Russian APT28 military hackers are using compromised Ubiquiti EdgeRouters to evade detection, the FBI says in a joint advisory issued with the NSA, the U.S. Cyber Command, and international partners. [.

136
136
article thumbnail

Warning from LastPass as fake app found on Apple App Store

Malwarebytes

Password Manager LastPass has warned about a fraudulent app called “LassPass Password Manager” which it found on the Apple App Store. The app closely mimics the branding and appearance of LastPass, right down to the interface. So, even if the name was a “happy accident” it seems clear that this was a purposeful attempt to trick users installing the fake app.

article thumbnail

Successful Change Management with Enterprise Risk Management

Speaker: William Hord, Vice President of ERM Services

A well-defined change management process is critical to minimizing the impact that change has on your organization. Leveraging the data that your ERM program already contains is an effective way to help create and manage the overall change management process within your organization. Your ERM program generally assesses and maintains detailed information related to strategy, operations, and the remediation plans needed to mitigate the impact on the organization.

article thumbnail

IBM, ISC2 Offer Free Cybersecurity Certificate

Tech Republic Security

The entry-level IBM and ISC2 Cybersecurity Specialist Professional Certificate takes four months to complete.

article thumbnail

No fix KrbRelay VMware style

Pen Test Partners

TL;DR The VMware Enhanced Authentication plugin that is offered as part of VMware vSphere’s seamless login experience for the web console contains multiple vulnerabilities relating to Kerberos authentication relay. The first vulnerability, CVE-2024-22245, is a Kerberos relay vulnerability where a malicious public website can communicate with the Enhanced Authentication Plugin (EAP) and request arbitrary Kerberos service tickets on behalf of the user visiting the malicious site.

article thumbnail

PRC State Hacking: ‘Chinese Edward Snowden’ Spills I?Soon Secrets in Huge Dump of TTPs

Security Boulevard

Underpaid, overworked and angry: Whistleblower in hacker contractor firm for Chinese government blows lid off tactics, techniques and procedures. The post PRC State Hacking: ‘Chinese Edward Snowden’ Spills I‑Soon Secrets in Huge Dump of TTPs appeared first on Security Boulevard.

Hacking 136
article thumbnail

Lazarus Hacking Group’s Malicious Python Packages Uncovered

Penetration Testing

Security researchers warn of a new wave of malicious Python packages uploaded to PyPI, the official Python repository. This attack, attributed to the infamous Lazarus hacking group, leverages a dangerous tactic: preying on developers’... The post Lazarus Hacking Group’s Malicious Python Packages Uncovered appeared first on Penetration Testing.

Hacking 145
article thumbnail

Cybersecurity Predictions for 2024

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.