Sat.Feb 24, 2024 - Fri.Mar 01, 2024

article thumbnail

Apple Announces Post-Quantum Encryption Algorithms for iMessage

Schneier on Security

Apple announced PQ3 , its post-quantum encryption standard based on the Kyber secure key-encapsulation protocol, one of the post-quantum algorithms selected by NIST in 2022. There’s a lot of detail in the Apple blog post , and more in Douglas Stabila’s security analysis. I am of two minds about this. On the one hand, it’s probably premature to switch to any particular post-quantum algorithms.

article thumbnail

Calendar Meeting Links Used to Spread Mac Malware

Krebs on Security

Malicious hackers are targeting people in the cryptocurrency space in attacks that start with a link added to the target’s calendar at Calendly , a popular application for scheduling appointments and meetings. The attackers impersonate established cryptocurrency investors and ask to schedule a video conference call. But clicking the meeting link provided by the scammers prompts the user to run a script that quietly installs malware on macOS systems.

Malware 253
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

NIST Cybersecurity Framework: A Cheat Sheet for Professionals

Tech Republic Security

The US National Institute of Standards and Technology's framework defines federal policy, but it can be used by private enterprises, too. Here's what you need to know.

article thumbnail

Researchers found a zero-click Facebook account takeover

Security Affairs

A critical vulnerability in Facebook could have allowed threat actors to hijack any Facebook account, researcher warns. Meta addressed a critical Facebook vulnerability that could have allowed attackers to take control of any account. The Nepalese researcher Samip Aryal described the flaw as a rate-limiting issue in a specific endpoint of Facebook’s password reset flow.

article thumbnail

The Importance of User Roles and Permissions in Cybersecurity Software

How many people would you trust with your house keys? Chances are, you have a handful of trusted friends and family members who have an emergency copy, but you definitely wouldn’t hand those out too freely. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing.

article thumbnail

NIST Cybersecurity Framework 2.0

Schneier on Security

NIST has released version 2.0 of the Cybersecurity Framework: The CSF 2.0, which supports implementation of the National Cybersecurity Strategy , has an expanded scope that goes beyond protecting critical infrastructure, such as hospitals and power plants, to all organizations in any sector. It also has a new focus on governance, which encompasses how organizations make and carry out informed decisions on cybersecurity strategy.

article thumbnail

Fulton County, Security Experts Call LockBit’s Bluff

Krebs on Security

The ransomware group LockBit told officials with Fulton County, Ga. they could expect to see their internal documents published online this morning unless the county paid a ransom demand. LockBit removed Fulton County’s listing from its victim shaming website this morning, claiming the county had paid. But county officials said they did not pay, nor did anyone make payment on their behalf.

More Trending

article thumbnail

CVE-2024-0692: SolarWinds Security Event Manager Unauthenticated RCE Flaw

Penetration Testing

Recently, SolarWinds has disclosed and patched a serious remote code execution (RCE) vulnerability in its Security Event Manager (SEM) solution. This flaw, tracked as CVE-2024-0692, could allow unauthenticated attackers to take complete control of... The post CVE-2024-0692: SolarWinds Security Event Manager Unauthenticated RCE Flaw appeared first on Penetration Testing.

article thumbnail

China Surveillance Company Hacked

Schneier on Security

Last week, someone posted something like 570 files, images and chat logs from a Chinese company called I-Soon. I-Soon sells hacking and espionage services to Chinese national and local government. Lots of details in the news articles. These aren’t details about the tools or techniques, more the inner workings of the company. And they seem to primarily be hacking regionally.

article thumbnail

Kali Linux 2024.1 Release (Micro Mirror)

Kali Linux

Hello 2024! Today we are unveiling Kali Linux 2024.1. As this is our the first release of the year, it does include new visual elements! Along with this we also have some exciting new mirrors to talk about, and of course some package changes - both new tools and upgrades to existing ones. If you want to see the new theme for yourself and maybe try out one of those new mirrors, download a new image or upgrade if you have an existing Kali Linux installation.

Software 145
article thumbnail

CrowdStrike 2024 Global Threat Report: 6 Key Takeaways

Tech Republic Security

Identity-based and social engineering attacks still take center stage, according to the CrowdStrike 2024 Global Threat Report.

article thumbnail

IDC Analyst Report: The Open Source Blind Spot Putting Businesses at Risk

In a recent study, IDC found that 64% of organizations said they were already using open source in software development with a further 25% planning to in the next year. Most organizations are unaware of just how much open-source code is used and underestimate their dependency on it. As enterprises grow the use of open-source software, they face a new challenge: understanding the scope of open-source software that's being used throughout the organization and the corresponding exposure.

article thumbnail

Lazarus Hacking Group’s Malicious Python Packages Uncovered

Penetration Testing

Security researchers warn of a new wave of malicious Python packages uploaded to PyPI, the official Python repository. This attack, attributed to the infamous Lazarus hacking group, leverages a dangerous tactic: preying on developers’... The post Lazarus Hacking Group’s Malicious Python Packages Uncovered appeared first on Penetration Testing.

Hacking 144
article thumbnail

Malicious AI models on Hugging Face backdoor users’ machines

Bleeping Computer

At least 100 instances of malicious AI ML models were found on the Hugging Face platform, some of which can execute code on the victim's machine, giving attackers a persistent backdoor. [.

137
137
article thumbnail

Here Come the AI Worms

WIRED Threat Level

Security researchers created an AI worm in a test environment that can automatically spread between generative AI agents—potentially stealing data and sending spam emails along the way.

article thumbnail

Dashlane Free vs. Premium: Which Plan Is Best For You?

Tech Republic Security

Compare the features and benefits of Dashlane's free and premium versions to determine which option is best for your password management needs.

article thumbnail

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

article thumbnail

CVE-2024-24401 & 24402: Nagios XI Security Flaws Found! PoC Published

Penetration Testing

Two security vulnerabilities (CVE-2024-24401 and CVE-2024-24402) have been identified in Nagios XI, a widely used enterprise-grade monitoring tool. These flaws pose significant risks for organizations utilizing the software. What is Nagios XI? Nagios XI... The post CVE-2024-24401 & 24402: Nagios XI Security Flaws Found! PoC Published appeared first on Penetration Testing.

article thumbnail

Lazarus hackers exploited Windows zero-day to gain Kernel privileges

Bleeping Computer

North Korean threat actors known as the Lazarus Group exploited a flaw in the Windows AppLocker driver (appid.sys) as a zero-day to gain kernel-level access and turn off security tools, allowing them to bypass noisy BYOVD (Bring Your Own Vulnerable Driver) techniques. [.

139
139
article thumbnail

Android banking trojans: How they steal passwords and drain bank accounts

Malwarebytes

For the most popular operating system in the world—which is Android and it isn’t even a contest —there’s a sneaky cyberthreat that can empty out a person’s bank accounts to fill the illicit coffers of cybercriminals. These are “Android banking trojans,” and, according to our 2024 ThreatDown State of Malware report , Malwarebytes detected an astonishing 88,500 of them last year alone.

Banking 143
article thumbnail

Best Secure Access Service Edge Platforms in 2024

Tech Republic Security

Here are the top Secure Access Service Edge platforms that provide security and network functionality. Find the best SASE solution for your business needs.

137
137
article thumbnail

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

article thumbnail

PoC Released for CVE-2023-42942 – a macOS Root Privilege Escalation Vulnerability

Penetration Testing

An independent security researcher has published details and proof-of-concept (PoC) code for a macOS vulnerability (CVE-2023-42942) that could be exploited for root privilege escalation. The Discovery of CVE-2023-42942 The security defect was identified and reported... The post PoC Released for CVE-2023-42942 – a macOS Root Privilege Escalation Vulnerability appeared first on Penetration Testing.

article thumbnail

Russian hackers shift to cloud attacks, US and allies warn

Bleeping Computer

Members of the Five Eyes (FVEY) intelligence alliance warned today that APT29 Russian Foreign Intelligence Service (SVR) hackers are now switching to attacks targeting their victims' cloud services. [.

134
134
article thumbnail

U.S. Court Orders NSO Group to Hand Over Pegasus Spyware Code to WhatsApp

The Hacker News

A U.S. judge has ordered NSO Group to hand over its source code for Pegasus and other products to Meta as part of the social media giant's ongoing litigation against the Israeli spyware vendor.

Spyware 137
article thumbnail

UK’s NCSC Issues Warning as SVR Hackers Target Cloud Services

Tech Republic Security

Cyber espionage group APT29 is adapting its tactics for cloud environments. Here’s what you should know.

article thumbnail

Cybersecurity Predictions for 2024

Within the past few years, ransomware attacks have turned to critical infrastructure, healthcare, and government entities. Attackers have taken advantage of the rapid shift to remote work and new technologies. Add to that hacktivism due to global conflicts and U.S. elections, and an increased focus on AI, and you have the perfect recipe for a knotty and turbulent 2024.

article thumbnail

WordPress Ultimate Member Plugin Under Active Attack: Critical Flaw (CVE-2024-1071) Impacts 200k Sites

Penetration Testing

A critical unauthenticated SQL Injection vulnerability was found in Ultimate Member, a popular WordPress plugin boasting over 200,000 active installations. This critical flaw, identified as CVE-2024-1071, carries a high-severity CVSS score of 9.8, underscoring... The post WordPress Ultimate Member Plugin Under Active Attack: Critical Flaw (CVE-2024-1071) Impacts 200k Sites appeared first on Penetration Testing.

article thumbnail

Russian hackers hijack Ubiquiti routers to launch stealthy attacks

Bleeping Computer

Russian APT28 military hackers are using compromised Ubiquiti EdgeRouters to evade detection, the FBI says in a joint advisory issued with the NSA, the U.S. Cyber Command, and international partners. [.

135
135
article thumbnail

GitHub Fights Forks — Millions of Them — Huge Software Supply Chain Security FAIL

Security Boulevard

Forking hell: Scrotebots clone thousands of projects, injecting malware millions of times. The post GitHub Fights Forks — Millions of Them — Huge Software Supply Chain Security FAIL appeared first on Security Boulevard.

Software 137
article thumbnail

How the Pentagon Learned to Use Targeted Ads to Find its Targets—and Vladimir Putin

WIRED Threat Level

Meet the guy who taught US intelligence agencies how to make the most of the ad tech ecosystem, "the largest information-gathering enterprise ever conceived by man.

144
144
article thumbnail

From Complexity to Clarity: Strategies for Effective Compliance and Security Measures

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.

article thumbnail

CVE-2024-25065 & CVE-2024-23946: Critical Vulnerabilities Exposed in Apache OFBiz

Penetration Testing

Apache OFBiz, the popular open-source ERP framework, has recently been in the security spotlight. Two critical vulnerabilities (CVE-2024-25065, CVE-2024-23946) have been discovered that put a wide range of businesses at risk. Decoding the Vulnerabilities... The post CVE-2024-25065 & CVE-2024-23946: Critical Vulnerabilities Exposed in Apache OFBiz appeared first on Penetration Testing.

article thumbnail

Airbnb scam sends you to a fake Tripadvisor site, takes your money

Malwarebytes

One of my co-workers who works on Malwarebytes’ web research team just witnessed a real life example of how useful his work is in protecting people against scammers. Stefan decided to visit Amsterdam with his girlfriend, and found a very nice and luxurious apartment in Amsterdam on Airbnb. In the description the owner asked interested parties to contact them by email.

Scams 136
article thumbnail

Free VPN vs Paid VPN: Which One Is Right for You?

Tech Republic Security

Discover the key differences between a free VPN and a paid VPN and determine which one is right for your online privacy and security needs.

VPN 141
article thumbnail

LockBit Ransomware Group Returns After Law Enforcement Operation

Security Boulevard

The LockBit ransomware group is swinging back days after U.S. and UK law enforcement agencies announced they had disrupted the operations of the prolific cybercrime gang. The post LockBit Ransomware Group Returns After Law Enforcement Operation appeared first on Security Boulevard.

article thumbnail

Successful Change Management with Enterprise Risk Management

Speaker: William Hord, Vice President of ERM Services

A well-defined change management process is critical to minimizing the impact that change has on your organization. Leveraging the data that your ERM program already contains is an effective way to help create and manage the overall change management process within your organization. Your ERM program generally assesses and maintains detailed information related to strategy, operations, and the remediation plans needed to mitigate the impact on the organization.