Sat.Dec 28, 2024 - Fri.Jan 03, 2025

article thumbnail

Threat Modeling Google Cloud (Threat Model Thursday)

Adam Shostack

NCC has released a threat model for Google Cloud Platform. What can it teach us? In Threat Modelling Cloud Platform Services by Example: Google Cloud Storage Ken Wolstencroft of NCC presents a threat model for Google Cloud Storage, and Id like to take a look at it to see what we can learn. As always, and especially in these Threat Model Thursday posts, my goal is to point out interesting work in a constructive way.

article thumbnail

Google Is Allowing Device Fingerprinting

Schneier on Security

Lukasz Olejnik writes about device fingerprinting, and why Google’s policy change to allow it in 2025 is a major privacy setback.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

What Is Patch Tuesday? Microsoft’s Monthly Update Explained

Tech Republic Security

Patch Tuesday is Microsofts monthly update day for fixing vulnerabilities. Learn its purpose, benefits, and how it enhances system security.

Software 159
article thumbnail

Handling Pandemic-Scale Cyber Threats (preprint)

Adam Shostack

A new paper on 'Pandemic Scale Cyber Events Josiah Dykstra and I have a new pre-print at Arxiv, Handling Pandemic-Scale Cyber Threats: Lessons from COVID-19. The abstract is: The devastating health, societal, and economic impacts of the COVID-19 pandemic illuminate potential dangers of unpreparedness for catastrophic pandemic-scale cyber events.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Is Cybersecurity Awareness Month Worth the Money?

Adam Shostack

How can we measure the ROI on an awareness month? As we wrap up another cybersecurity awareness month, Id like to ask: Is it worth the money and effort? If it is, we should be able to see evidence of that in reductions of successful attacks in October/November, slowly rising over time as the effect of the awareness campaign drips evaporates, and then renewing the next year.

article thumbnail

ShredOS

Schneier on Security

ShredOS is a stripped-down operating system designed to destroy data. GitHub page here.

278
278

More Trending

article thumbnail

“Can you try a game I made?” Fake game sites lead to information stealers

Malwarebytes

The background and the IOCs for this blog were gathered by an Expert helper on our forums and Malwarebytes researchers. Our thanks go out to them. A new, malicious campaign is making the rounds online and it starts simple: Unwitting targets receive a direct message (DM) on a Discord server asking about their interest in beta testing a new videogame (targets can also receive a text message or an email).

Scams 143
article thumbnail

Microsoft Can Fix Ransomware Tomorrow

Adam Shostack

My latest at Dark Reading draws attention to how Microsoft can fix ransomware tomorrow. My latest article at Dark Reading is Microsoft Can Fix Ransomware Tomorrow. It starts: Recently, I was at a private event on security by design. I explained that Microsoft could fix ransomware tomorrow, and was surprised that the otherwise well-informed people I was speaking to hadn't heard about this approach.

article thumbnail

Salt Typhoon’s Reach Continues to Grow

Schneier on Security

The US government has identified a ninth telecom that was successfully hacked by Salt Typhoon.

article thumbnail

Windows 11 Media Update Bug Stops Security Updates

Tech Republic Security

Microsoft advises users not to install recent security updates using physical media. The company is working on a fix.

Media 172
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Beware! Fake EditThisCookie Extension Steals User Data

Penetration Testing

EditThisCookie, a browser extension with over 3 million downloads, primarily used for editing local cookie files, has been The post Beware! Fake EditThisCookie Extension Steals User Data appeared first on Cybersecurity News.

article thumbnail

The State of Appsec in 2024

Adam Shostack

2024 is bringing lots of AI, and Liability, too At the start of 2024, appsec is moving through two major inflection points: liability and AI. The first has two facets: how do we secure AI systems, and how do we use AI in appsec? The second major inflection is driven by governments re-arranging liability from software operators to software makers. And as I think about where we are in 2024, Im optimistic and hopeful because of a third change, much more nascent, that lays groundwork for assessing a

Software 243
article thumbnail

Pro-Russia group NoName targeted the websites of Italian airports

Security Affairs

Pro-Russia group NoName057 targets Italian sites, including Malpensa and Linate airports, in a new DDoS campaign amid rising geopolitical tensions. The pro-Russia group NoName57 continues its campaign of DDoS attacks against Italian infrastructure. This time, the group of alleged hacktivists targeted multiple websites, include the sites of Malpensa and Linate airports, as well as the site of the Ministry of Foreign Affairs (Farnesina) and the Turin Transport Group (GTT).

DDOS 122
article thumbnail

How To Use SCP (Secure Copy) With SSH Key Authentication

Tech Republic Security

Here's how to use the secure copy command, in conjunction with ssh key authentication, for an even more secure means of copying files to your remote Linux servers.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Patched But Still Vulnerable: Windows BitLocker Encryption Bypassed Again

Penetration Testing

A revelation emerged from the Chaos Communication Congress (CCC) last week, shaking the foundations of Windows’ trusted BitLocker The post Patched But Still Vulnerable: Windows BitLocker Encryption Bypassed Again appeared first on Cybersecurity News.

article thumbnail

Use the Defcon Wifi

Adam Shostack

Why its ok to use the Defcon wifi Many security professionals, especially on social media, have an unfortunate tendency towards what we might call performative security. Its where people broadcast their security measures to show how aware they are, and they suggest others follow their lead. Its the inverse of security theater where ineffective security is imposed on us by organizations.

Media 246
article thumbnail

LDAPNightmare PoC Exploit Crashes LSASS and Reboots Windows Domain Controllers

The Hacker News

A proof-of-concept (PoC) exploit has been released for a now-patched security flaw impacting Windows Lightweight Directory Access Protocol (LDAP) that could trigger a denial-of-service (DoS) condition. The out-of-bounds reads vulnerability is tracked as CVE-2024-49113 (CVSS score: 7.5).

143
143
article thumbnail

VyprVPN Review (2025): Can It Still Perform This Year and Beyond?

Tech Republic Security

VyprVPN is known for strong performance with top-notch security and speed. Discover if it remains a reliable choice for privacy and streaming this year and beyond.

VPN 149
article thumbnail

The Importance of User Roles and Permissions in Cybersecurity Software

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

article thumbnail

PoC Exploit Released for Zero-Click Vulnerability CVE-2024-49112 in Windows

Penetration Testing

SafeBreach Labs revealed a zero-click vulnerability in the Windows Lightweight Directory Access Protocol (LDAP) service, dubbed LDAP Nightmare. The post PoC Exploit Released for Zero-Click Vulnerability CVE-2024-49112 in Windows appeared first on Cybersecurity News.

article thumbnail

Safety and Security in Automated Driving

Adam Shostack

Lets explore the risks associated with Automated Driving. " Safety First For Automated Driving " is a big, over-arching whitepaper from a dozen automotive manufacturers and suppliers. One way to read it is that those disciplines have strongly developed safety cultures, which generally do not consider cybersecurity problems. This paper is the cybersecurity specialists making the argument that cyber will fit into safety, and how to do so.

Risk 189
article thumbnail

LDAPNightmare, a PoC exploit targets Windows LDAP flaw CVE-2024-49113

Security Affairs

Experts warn of a new PoC exploit, LDAPNightmare, that targets a Windows LDAP flaw (CVE-2024-49113), causing crashes & reboots. The vulnerability CVE-2024-49113 (CVSS score of 7.5), namedLDAPNightmare, is a Windows Lightweight Directory Access Protocol (LDAP) Denial of Service flaw that was discovered by the researcher Yuki Chen. An attacker can exploit the now-patched vulnerability to trigger a denial of service condition.

DNS 122
article thumbnail

New "DoubleClickjacking" Exploit Bypasses Clickjacking Protections on Major Websites

The Hacker News

Threat hunters have disclosed a new "widespread timing-based vulnerability class" that leverages a double-click sequence to facilitate clickjacking attacks and account takeovers in almost all major websites. The technique has been codenamed DoubleClickjacking by security researcher Paulos Yibelo. "Instead of relying on a single click, it takes advantage of a double-click sequence," Yibelo said.

article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

AI agents might be the new workforce, but they still need a manager

Zero Day

AI agents keep getting smarter and more independent. But there is still work to be done before an agentic AI-driven workforce can truly assume a broad range of tasks.

140
140
article thumbnail

A Different Hackathon Design?

Adam Shostack

What should hackathon judges value? The Threat Modeling Connect team has built a hackathon thats gotten a lot of enthusiastic participation over the last few years. Today I want to discuss the design of that hackathon, talk about an effect of the design and ask if we can do something different. None of this is intended to critique the organizers, participants or judges.

article thumbnail

DoubleClickjacking allows clickjacking on major websites

Security Affairs

The “DoubleClickjacking” exploit bypasses protections on major websites, using a double-click sequence for clickjacking and account takeover attacks. DoubleClickjackingis a technique that allows attackers to bypass protections on major websites by leveraging a double-click sequence. Attackers can exploit the technique to facilitate clickjacking attacks and account takeovers on almost all major websites.

article thumbnail

16 Chrome Extensions Hacked, Exposing Over 600,000 Users to Data Theft

The Hacker News

A new attack campaign has targeted known Chrome browser extensions, leading to at least 16 extensions being compromised and exposing over 600,000 users to data exposure and credential theft.

Hacking 145
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

CVE-2024-21182: PoC Exploit Code Published for Severe WebLogic Flaw

Penetration Testing

A security researcher published a proof-of-concept (PoC) exploit for CVE-2024-21182, a critical vulnerability in Oracle WebLogic Server. Rated at CVSS 7.5, this flaw exposes affected systems to potentially devastating consequences,... The post CVE-2024-21182: PoC Exploit Code Published for Severe WebLogic Flaw appeared first on Cybersecurity News.

article thumbnail

CSRB Report on Microsoft

Adam Shostack

The CSRB has released its report into an intrusion at Microsoft, and.its a doozy. The Cyber Safety Review Board has released its report into an intrusion at Microsoft, and. its a doozy. It opens: The Board concludes that this intrusion should never have happened. Storm-0558 was able to succeed because of a cascade of security failures at Microsoft. With some time to reflect on the findings, I think the report is best characterized as a well-earned rebuke to Microsoft.

article thumbnail

This Trusted App Helps Sluggish PCs Work Faster

Tech Republic Security

CCleaner speeds up sluggish PCs by clearing junk files, fixing registry issues, and optimizing performance.

Software 135
article thumbnail

New AI Jailbreak Method 'Bad Likert Judge' Boosts Attack Success Rates by Over 60%

The Hacker News

Cybersecurity researchers have shed light on a new jailbreak technique that could be used to get past a large language model's (LLM) safety guardrails and produce potentially harmful or malicious responses.

article thumbnail

Bringing the Cybersecurity Imperative Into Focus

Tech leaders today are facing shrinking budgets and investment concerns. This whitepaper provides insights from over 1,000 tech leaders on how to stay secure and attract top cybersecurity talent, all while doing more with less. Download today to learn more!