Schneier on Security

FEBRUARY 20, 2024

Microsoft announced that it caught Chinese, Russian, and Iranian hackers using its AI tools—presumably coding tools—to improve their hacking abilities. From their report : In collaboration with OpenAI, we are sharing threat intelligence showing detected state affiliated adversaries—tracked as Forest Blizzard, Emerald Sleet, Crimson Sandstorm, Charcoal Typhoon, and Salmon Typhoon—using LLMs to augment cyberoperations.

Hacking 332

Hacking Artificial Intelligence 332

Troy Hunt

FEBRUARY 23, 2024

It's just been a joy to watch the material produced by the NCA and friends following the LockBit takedown this week. So much good stuff from the agencies themselves, not just content but high quality trolling too. Then there's the whole ecosystem of memes that have since emerged and provided endless hours of entertainment 😊 I'm sure we'll see a lot more come out of this yet and inevitably there's seized material that will still be providing value to further inves

Phishing 255

Phishing 255

Krebs on Security

FEBRUARY 20, 2024

U.S. and U.K. authorities have seized the darknet websites run by LockBit , a prolific and destructive ransomware group that has claimed more than 2,000 victims worldwide and extorted over $120 million in payments. Instead of listing data stolen from ransomware victims who didn’t pay, LockBit’s victim shaming website now offers free recovery tools, as well as news about arrests and criminal charges involving LockBit affiliates.

Ransomware 259

Ransomware Cybercrime Encryption Insurance 259

The Last Watchdog

FEBRUARY 21, 2024

Achieving “ digital trust ” is not going terribly well globally. Related: How decentralized IoT boosts decarbonization Yet, more so than ever, infusing trustworthiness into modern-day digital services has become mission critical for most businesses. Now comes survey findings that could perhaps help to move things in the right direction. According to DigiCert’s 2024 State of Digital Trust Survey results, released today , companies proactively pursuing digital trust are seeing boosts in revenue, i

Energy and Utilities 257

Energy and Utilities IoT Healthcare Manufacturing 257

Advertisement

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

Cybersecurity

Schneier on Security

FEBRUARY 21, 2024

First-person account of someone who fell for a scam, that started as a fake Amazon service rep and ended with a fake CIA agent, and lost $50,000 cash. And this is not a naive or stupid person. The details are fascinating. And if you think it couldn’t happen to you, think again. Given the right set of circumstances, it can. It happened to Cory Doctorow.

Scams 267

Scams Accountability Social Engineering Engineering 267

Troy Hunt

FEBRUARY 17, 2024

It's a short video this week after a few days in Sydney doing both NDC and the Azure user group. For the most part, I spoke about the same things as I did at NDC Security in Oslo last month. except that since then we've had the Spoutibe incident. It was fascinating to talk about this in front of a live audience and see everyone's reactions first hand, let's just say there were a lot of "oh wow!

Ransomware 227

Ransomware 227

The Last Watchdog

FEBRUARY 20, 2024

AI chatbots are computer programs that talk like humans, gaining popularity for quick responses. They boost customer service, efficiency and user experience by offering constant help, handling routine tasks, and providing prompt and personalized interactions. Related: The security case for AR, VR AI chatbots use natural language processing, which enables them to understand and respond to human language and machine learning algorithms.

Cybersecurity 218

Cybersecurity Penetration Testing Authentication Social Engineering 218

Schneier on Security

FEBRUARY 23, 2024

New research : LLM Agents can Autonomously Hack Websites Abstract: In recent years, large language models (LLMs) have become increasingly capable and can now interact with tools (i.e., call functions), read documents, and recursively call themselves. As a result, these LLMs can now function autonomously as agents. With the rise in capabilities of these agents, recent work has speculated on how LLM agents would affect cybersecurity.

Hacking 255

Hacking Cybersecurity Artificial Intelligence 255

Tech Republic Security

FEBRUARY 22, 2024

Discover the top free password managers for securely storing and managing your passwords. Learn about their features, benefits and choose the best one for your needs.

Password Management 179

Password Management Passwords 179

Penetration Testing

FEBRUARY 23, 2024

A high-severity vulnerability, designated CVE-2024-26582, has been discovered within the Transport Layer Security (TLS) subsystem of the Linux kernel. This flaw stems from a use-after-free error in the way kTLS (the kernel’s TLS implementation)... The post CVE-2024-26582 (CVSS 8.4): Linux Kernel Code Execution Vulnerability appeared first on Penetration Testing.

Penetration Testing 144

Penetration Testing 144

Advertiser: Revenera

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

Risk

Thales Cloud Protection & Licensing

FEBRUARY 21, 2024

How Thales and Red Hat Protect Telcos from API Attacks madhav Thu, 02/22/2024 - 04:55 Application programming interfaces (APIs) power nearly every aspect of modern applications and have become the backbone of today’s economy. Every time you send a mobile payment, search for airline flight prices, or book a restaurant reservation - you are using an API.

Encryption 139

Encryption Mobile Government Consumer Protection 139

Schneier on Security

FEBRUARY 22, 2024

Simon Willison has been playing with the video processing capabilities of the new Gemini Pro 1.5 model from Google, and it’s really impressive. Which means a lot of scary new video prompt injection attacks. And remember, given the current state of technology, prompt injection attacks are impossible to prevent in general.

Technology 233

Technology Artificial Intelligence 233

Tech Republic Security

FEBRUARY 21, 2024

Australian IT and security teams should play key roles in communications during outages and cyber attacks; they also need to be prepared to act when such a tech-related crisis occurs.

Cyber Attacks 170

Cyber Attacks Cybersecurity 170

Malwarebytes

FEBRUARY 21, 2024

I know that some of you are expecting a post similar to that about a toothbrush botnet , but this is not a hypothetical case. It actually happened. A Malwarebytes Premium customer started a thread on Reddit saying we had blocked malware from trying to infect their computer after they connected a vibrator to a USB port in order to charge the device. The vibrator, Spencer’s Sexology Pussy Power 8-Function Rechargeable Bullet Vibrator, was infected with an information stealer known as Lumma.

Software 144

Software Passwords Malware Cryptocurrency 144

Advertisement

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

Healthcare

Penetration Testing

FEBRUARY 19, 2024

PostgreSQL databases are a popular choice for developers, but a recently discovered vulnerability (CVE-2024-1597, CVSS 10) highlights the importance of vigilance and proactive security measures. Let’s explore this flaw in the PostgreSQL JDBC Driver... The post CVE-2024-1597 (CVSS 10): Critical SQL Injection Flaw in PostgreSQL JDBC Driver appeared first on Penetration Testing.

Penetration Testing 140

Penetration Testing 140

Security Boulevard

FEBRUARY 22, 2024

Underpaid, overworked and angry: Whistleblower in hacker contractor firm for Chinese government blows lid off tactics, techniques and procedures. The post PRC State Hacking: ‘Chinese Edward Snowden’ Spills I‑Soon Secrets in Huge Dump of TTPs appeared first on Security Boulevard.

Hacking 136

Hacking Government Digital transformation Social Engineering 136

Tech Republic Security

FEBRUARY 20, 2024

The enforcement action is a major blow against the ransomware-as-a-service provider, which has been connected to 2,000 victims globally.

Ransomware 191

Ransomware Software 191

The Hacker News

FEBRUARY 21, 2024

Cybersecurity researchers have identified two authentication bypass flaws in open-source Wi-Fi software found in Android, Linux, and ChromeOS devices that could trick users into joining a malicious clone of a legitimate network or allow an attacker to join a trusted network without a password.

Authentication 136

Authentication Passwords Software Cybersecurity 136

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

Cybersecurity

Penetration Testing

FEBRUARY 19, 2024

Autodesk AutoCAD, a widely used CAD software across engineering, architecture, and manufacturing industries, has been found to contain 40 zero-day vulnerabilities. These flaws, if exploited, could potentially allow attackers to execute arbitrary code, compromising... The post 40 Zero-Day Vulnerabilities Found in Autodesk AutoCAD appeared first on Penetration Testing.

Penetration Testing 137

Penetration Testing Architecture Manufacturing Engineering 137

Bleeping Computer

FEBRUARY 19, 2024

Up to 97,000 Microsoft Exchange servers may be vulnerable to a critical severity privilege escalation flaw tracked as CVE-2024-21410 that hackers are actively exploiting. [.

137

137

Tech Republic Security

FEBRUARY 22, 2024

Explore the top open source IAM (Identity and Access Management) tools, their features and how they can enhance your organization's security and access control.

172

172

The Hacker News

FEBRUARY 22, 2024

A recently open-sourced network mapping tool called SSH-Snake has been repurposed by threat actors to conduct malicious activities. "SSH-Snake is a self-modifying worm that leverages SSH credentials discovered on a compromised system to start spreading itself throughout the network," Sysdig researcher Miguel Hernández said.

135

135

Advertisement

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

Cybersecurity

Pen Test Partners

FEBRUARY 20, 2024

TL;DR The VMware Enhanced Authentication plugin that is offered as part of VMware vSphere’s seamless login experience for the web console contains multiple vulnerabilities relating to Kerberos authentication relay. The first vulnerability, CVE-2024-22245, is a Kerberos relay vulnerability where a malicious public website can communicate with the Enhanced Authentication Plugin (EAP) and request arbitrary Kerberos service tickets on behalf of the user visiting the malicious site.

Authentication 135

Authentication Risk 135

Bleeping Computer

FEBRUARY 20, 2024

Law enforcement arrested two operators of the LockBit ransomware gang in Poland and Ukraine, created a decryption tool to recover encrypted files for free, and seized over 200 crypto-wallets after hacking the cybercrime gang's servers in an international crackdown operation. [.

Ransomware 136

Ransomware Cybercrime Encryption Hacking 136

Tech Republic Security

FEBRUARY 22, 2024

The outing of China-backed threat actor Volt Typhoon and Microsoft’s compromise by Russia-backed Midnight Blizzard provide important cyber security strategy lessons for Australia, says Tenable.

Cyber Attacks 157

Cyber Attacks Cybersecurity 157

Penetration Testing

FEBRUARY 19, 2024

A critical remote code execution (RCE) vulnerability (CVE-2024-25600, CVSS 9.8) has been discovered in the widely used WordPress site builder, Bricks Builder. This vulnerability is actively being exploited, rendering affected websites at significant risk.... The post CVE-2024-25600: WordPress’s Bricks Builder RCE Flaw Under Attack appeared first on Penetration Testing.

Penetration Testing 135

Penetration Testing Risk 135

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.

Security Affairs

FEBRUARY 18, 2024

Cybersecurity firm ESET has addressed a high-severity elevation of privilege vulnerability in its Windows security solution. ESET addressed a high-severity vulnerability, tracked as CVE-2024-0353 (CVSS score 7.8), in its Windows products. The vulnerability is a local privilege escalation issue that was submitted to the company by the Zero Day Initiative (ZDI).

Antivirus 135

Antivirus Internet Internet Cybersecurity 135

Bleeping Computer

FEBRUARY 22, 2024

The U.S. Federal Trade Commission (FTC) will order Avast to pay $16.5 million and ban the company from selling the users' web browsing data or licensing it for advertising purposes. [.

Advertising 134

Advertising 134

Tech Republic Security

FEBRUARY 22, 2024

Deepfakes are at the top of the list of the concerns in the ISC2 AI survey, which polled cybersecurity professionals on the real-world impact of AI. Gen AI regulation is another top-of-mind subject.

Cybersecurity 131

Cybersecurity Artificial Intelligence Social Engineering Engineering 131

Penetration Testing

FEBRUARY 22, 2024

A patched vulnerability within Apple’s Shortcuts automation framework presents a substantial risk to macOS and iOS devices. Identified as CVE-2024-23204, this flaw leaves affected systems susceptible to unauthorized data exfiltration due to a potential... The post Apple Shortcuts Vulnerability (CVE-2024-23204): Technical Analysis and Mitigation appeared first on Penetration Testing.

Penetration Testing 131

Penetration Testing Risk 131

Speaker: William Hord, Vice President of ERM Services

A well-defined change management process is critical to minimizing the impact that change has on your organization. Leveraging the data that your ERM program already contains is an effective way to help create and manage the overall change management process within your organization. Your ERM program generally assesses and maintains detailed information related to strategy, operations, and the remediation plans needed to mitigate the impact on the organization.

Risk