Sat.May 13, 2023 - Fri.May 19, 2023

article thumbnail

Russian Hacker “Wazawaka” Indicted for Ransomware

Krebs on Security

A Russian man identified by KrebsOnSecurity in January 2022 as a prolific and vocal member of several top ransomware groups was the subject of two indictments unsealed by the Justice Department today. U.S. prosecutors say Mikhail Pavolovich Matveev , a.k.a. “ Wazawaka ” and “ Boriselcin ” worked with three different ransomware gangs that extorted hundreds of millions of dollars from companies, schools, hospitals and government agencies.

article thumbnail

The AI Attack Surface Map v1.0

Daniel Miessler

Introduction Purpose Components Attacks Discussion Summary Introduction This resource is a first thrust at a framework for thinking about how to attack AI systems. At the time of writing, GPT-4 has only been out for a couple of months, and ChatGPT for only 6 months. So things are very early. There has been, of course, much content on attacking pre-ChatGPT AI systems, namely how to attack machine learning implementations.

Internet 364
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Micro-Star International Signing Key Stolen

Schneier on Security

Micro-Star International—aka MSI—had its UEFI signing key stolen last month. This raises the possibility that the leaked key could push out updates that would infect a computer’s most nether regions without triggering a warning. To make matters worse, Matrosov said, MSI doesn’t have an automated patching process the way Dell, HP, and many larger hardware makers do.

Software 238
article thumbnail

Generative AI: Rewards, Risks and New EU Legislation

Lohrman on Security

Depending on who you talk with or what stories you read, Open AI and ChatGPT may be the greatest things in the world — or the beginning of the end for humanity.

Risk 236
article thumbnail

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers. Tracking tools on user-authenticated and unauthenticated web pages can access personal health information (PHI) such as IP addresses, medical record numbers, home and email addresses, appointment dates, or other info provided by users on pages and thus can violate HIPAA Rules that govern the Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates.

article thumbnail

PaperCut vulnerability abused by several threat actors could impact 70,000 organizations

Tech Republic Security

Get technical details about how the cybercriminals are targeting this vulnerability, who is impacted, and how to detect and protect against this security threat. The post PaperCut vulnerability abused by several threat actors could impact 70,000 organizations appeared first on TechRepublic.

article thumbnail

KeePass exploit helps retrieve cleartext master password, fix coming soon

Bleeping Computer

The popular KeePass password manager is vulnerable to extracting the master password from the application's memory, allowing attackers who compromise a device to retrieve the password even with the database is locked. [.

Passwords 145

More Trending

article thumbnail

How Duo Guards Against a Galaxy of Threats

Duo's Security Blog

What do Duo and the Guardians of the Galaxy have in common? They’re superheroes who save their galaxies from unexpected threats. Tech smarts and teamwork are critical to superhero-level protection, no matter what threats you’re facing. How do you protect your galaxy against cyber attacks? In Marvel Studios’ Guardians of the Galaxy Vol. 3, Groot is locked and loaded with bigger and more advanced skills, Mantis has opened up and embraced her powers to help protect her family, and Nebula has brand-

article thumbnail

Survey: Most CISOs feel their business is at risk for cyberattack

Tech Republic Security

A new report from Proofpoint provides global insight into CISOs' challenges, expectations and priorities for 2023. The post Survey: Most CISOs feel their business is at risk for cyberattack appeared first on TechRepublic.

CISO 175
article thumbnail

Hackers use Azure Serial Console for stealthy access to VMs

Bleeping Computer

A financially motivated cybergang tracked by Mandiant as 'UNC3944' is using phishing and SIM swapping attacks to hijack Microsoft Azure admin accounts and gain access to virtual machines. [.

Phishing 145
article thumbnail

Google Chrome 3rd Party Cookies Crumbling — Finally!

Security Boulevard

Om Nom Nom Nom Nom: Privacy Sandbox inching towards reality. But concerns remain. The post Google Chrome 3rd Party Cookies Crumbling — Finally! appeared first on Security Boulevard.

article thumbnail

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3 billion in 2022. All of these stats beg the question, “Do you know what’s in your software?

article thumbnail

Security breaches push digital trust to the fore

CSO Magazine

As digital transactions with customers, employees, suppliers, and other stakeholders grow, digital trustworthiness is set to become one of the most important enterprise-wide initiatives with the biggest potential impact (both negative and positive), even though it often has the smallest budget allocation. “Organizations are focusing on security and privacy, but if your customers don’t trust you, they will go elsewhere,” says Mark Thomas president of Escoute Consulting, which specializes in compl

136
136
article thumbnail

What is IBM Hybrid Cloud Mesh?

Tech Republic Security

Learn what the expanded cloud offerings mean for potentially smoothing out the line between DevOps and SecOps. The post What is IBM Hybrid Cloud Mesh? appeared first on TechRepublic.

article thumbnail

Hackers target vulnerable Wordpress Elementor plugin after PoC released

Bleeping Computer

Hackers are now actively probing for vulnerable Essential Addons for Elementor plugin versions on thousands of WordPress websites in massive Internet scans, attempting to exploit a critical account password reset flaw disclosed earlier in the month. [.

Passwords 143
article thumbnail

Architecture Matters When it Comes to SSE

CyberSecurity Insiders

by John Spiegel, Director of Strategy, Axis Security Gartner just released the 2023 version of their “Magic Quadrant” for Secure Service Edge or SSE. Cheers are being heard from the companies who scored upper righthand and jeers being shouted for those companies who did not enjoy where they landed on Gartner’s matrix. Over the next few months, there will be a lot of noise coming from all the vendors.

article thumbnail

From Complexity to Clarity: Strategies for Effective Compliance and Security Measures

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.

article thumbnail

Water Orthrus's New Campaigns Deliver Rootkit and Phishing Modules

Trend Micro

Water Orthrus has been active recently with two new campaigns. CopperStealth uses a rootkit to install malware on infected systems, while CopperPhish steals credit card information. This blog will provide the structure of the campaign and how they work.

Phishing 134
article thumbnail

Israel-based threat actors show growing sophistication of email attacks

Tech Republic Security

Abnormal Security is tracking cybercriminals from an unusual location for business email compromises who are using sophisticated spoofing to spur payments for fake acquisitions. The post Israel-based threat actors show growing sophistication of email attacks appeared first on TechRepublic.

Phishing 151
article thumbnail

Malicious Microsoft VSCode extensions steal passwords, open remote shells

Bleeping Computer

Cybercriminals are starting to target Microsoft's VSCode Marketplace, uploading three malicious Visual Studio extensions that Windows developers downloaded 46,600 times. [.

Passwords 144
article thumbnail

AppSec: How Do You Know Your app is 100% Secure? You Don’t

Security Boulevard

Insecure applications come with a cost that can be measured in billions of dollars of losses. I recently spoke with Brook Schoenfield, a distinguished engineer who quietly describes himself as an “Elder AppSec Diplomat,” on the eve of the RSA Conference. Schoenfield is the quintessential walking, talking go-to resource on anything involved with application security.

article thumbnail

Successful Change Management with Enterprise Risk Management

Speaker: William Hord, Vice President of ERM Services

A well-defined change management process is critical to minimizing the impact that change has on your organization. Leveraging the data that your ERM program already contains is an effective way to help create and manage the overall change management process within your organization. Your ERM program generally assesses and maintains detailed information related to strategy, operations, and the remediation plans needed to mitigate the impact on the organization.

article thumbnail

Microsoft Azure VMs Hijacked in Cloud Cyberattack

Dark Reading

Cybercrime group that often uses smishing for initial access bypassed traditional OS targeting and evasion techniques to directly gain access to the cloud.

article thumbnail

Google combats AI misinformation with Search labels, adds dark web security upgrades

Tech Republic Security

Artificial intelligence art service Midjourney and Shutterstock will identify their computer-generated images in Google Search. The post Google combats AI misinformation with Search labels, adds dark web security upgrades appeared first on TechRepublic.

article thumbnail

ASUS routers knocked offline worldwide by bad security update

Bleeping Computer

ASUS has apologized to its customers for a server-side security maintenance error that has caused a wide range of impacted router models to lose network connectivity. [.

article thumbnail

Ransomware – Stop’em Before They Wreak Havoc

Thales Cloud Protection & Licensing

Ransomware – Stop’em Before They Wreak Havoc madhav Thu, 05/18/2023 - 06:03 Cybercriminals have been making a run on your data with ransomware attacks over the last decade in increasing frequency. They wreak havoc by bringing critical infrastructures, supply chains, hospitals, and city services to a grinding halt. Cybersecurity Ventures predicts by 2031 ransomware will cost victims $265 billion annually, and it will affect a business, consumer, or device every 2 seconds.

article thumbnail

Cover Your SaaS: How to Overcome Security Challenges and Risks For Your Organization

Speaker: Ronald Eddings, Cybersecurity Expert and Podcaster

So, you’ve accomplished an organization-wide SaaS adoption. It started slow, and now just a few team members might be responsible for running Salesforce, Slack, and a few others applications that boost productivity, but it’s all finished. Or is it? Through all the benefits offered by SaaS applications, it’s still a necessity to onboard providers as quickly as possible.

article thumbnail

When ChatGPT Goes Phishing

Security Boulevard

ChatGPT has become a powerful tool for security professionals seeking to enrich their work. However, its widespread use has raised concerns about the potential for bad actors to misuse the technology. Experts are worried that ChatGPT’s ability to source recent data about an organization could make social engineering and phishing attacks more effective than ever.

Phishing 128
article thumbnail

How business email compromise attacks emulate legitimate web services to lure clicks

Tech Republic Security

New BEC cyberattacks use phishing with a legitimate Dropbox link as a lure for malware and credentials theft. The post How business email compromise attacks emulate legitimate web services to lure clicks appeared first on TechRepublic.

Phishing 148
article thumbnail

Luxottica confirms 2021 data breach after info of 70M leaks online

Bleeping Computer

Luxottica has confirmed one of its partners suffered a data breach in 2021 that exposed the personal information of 70 million customers after a database was posted this month for free on hacking forums. [.

article thumbnail

CLR SqlShell Malware Targets MS SQL Servers for Crypto Mining and Ransomware

The Hacker News

Poorly managed Microsoft SQL (MS SQL) servers are the target of a new campaign that's designed to propagate a category of malware called CLR SqlShell that ultimately facilitates the deployment of cryptocurrency miners and ransomware.

Malware 128
article thumbnail

How Preparation and Strategy Can Be Used to Fight and Defeat Any Ransomware Attack

Speaker: Karl Camilleri, Cloud Services Product Manager at phoenixNAP

Did you know that 2021 was a record-breaking year for ransomware? The days of a “once in a while” attack against businesses and organizations are over. Cyberthreats have become a serious issue. With 495.1 million attacks, the threat marked a 148% increase compared to 2020 and was the most expensive year on record! As a result, data protection needs to be a concern for most banks, businesses, and information technology specialists.

article thumbnail

How is information stored in cloud secure from hacks

CyberSecurity Insiders

The rise of cloud computing has provided individuals and businesses with a convenient way to store and access their data. However, with this convenience comes a concern about data security. Cloud storage services have become a target for hackers, and the theft of personal and sensitive information can have serious consequences. So, how is information stored in the cloud secured from hacks?

Hacking 128
article thumbnail

Sticking to traditional security playbook is mistake for cloud security: Palo Alto Networks SVP

Tech Republic Security

Ankur Shah of Palo Alto Networks’ Prisma Cloud security platform says he sees a bright future for AI in security operations, but not so much for DevOps using many tools with little left-to-right integration. The post Sticking to traditional security playbook is mistake for cloud security: Palo Alto Networks SVP appeared first on TechRepublic.

article thumbnail

CISA warns of Samsung ASLR bypass flaw exploited in attacks

Bleeping Computer

CISA warned today of a security vulnerability affecting Samsung devices used in attacks to bypass Android address space layout randomization (ASLR) protection. [.

141
141
article thumbnail

Lemon Group’s Cybercriminal Businesses Built on Preinfected Devices

Trend Micro

An overview of the Lemon Group’s use of preinfected mobile devices, and how this scheme is potentially being developed and expanded to other internet of things (IoT) devices. This research was presented in full at the Black Hat Asia 2023 Conference in Singapore in May 2023.

IoT 126
article thumbnail

ERM Program Fundamentals for Success in the Banking Industry

Speaker: William Hord, Senior VP of Risk & Professional Services

Enterprise Risk Management (ERM) is critical for industry growth in today’s fast-paced and ever-changing risk landscape. When building your ERM program foundation, you need to answer questions like: Do we have robust board and management support? Do we understand and articulate our bank’s risk appetite and how that impacts our business units? How are we measuring and rating our risk impact, likelihood, and controls to mitigate our risk?