Sat.Nov 04, 2023 - Fri.Nov 10, 2023

article thumbnail

Hackers, Scrapers & Fakers: What's Really Inside the Latest LinkedIn Dataset

Troy Hunt

I like to think of investigating data breaches as a sort of scientific search for truth. You start out with a theory (a set of data coming from an alleged source), but you don't have a vested interested in whether the claim is true or not, rather you follow the evidence and see where it leads. Verification that supports the alleged source is usually quite straightforward , but disproving a claim can be a rather time consuming exercise, especially when a dataset contains fragments of truth m

article thumbnail

Spaf on the Morris Worm

Schneier on Security

Gene Spafford wrote an essay reflecting on the Morris Worm of 1988—35 years ago. His lessons from then are still applicable today.

Malware 342
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Who’s Behind the SWAT USA Reshipping Service?

Krebs on Security

Last week, KrebsOnSecurity broke the news that one of the largest cybercrime services for laundering stolen merchandise was hacked recently, exposing its internal operations, finances and organizational structure. In today’s Part II, we’ll examine clues about the real-life identity of “ Fearlless ,” the nickname chosen by the proprietor of the SWAT USA Drops service.

Passwords 311
article thumbnail

Decoupled SIEM: Brilliant or Stupid?

Anton on Security

Frankly, not sure why I am writing this, I get a sense that this esoteric topic is of interest to a very small number of people. But hey … LinkedIn made me do it :-) And many of those few people are my friends or at least close industry peers. So, the topic is so-called “decoupled SIEM” (I probably made up the term, but …hey… at least this is not an acronym like EDR so YMMV).

article thumbnail

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

Speaker: Erroll Amacker

Automation is transforming finance but without strong financial oversight it can introduce more risk than reward. From missed discrepancies to strained vendor relationships, accounts payable automation needs a human touch to deliver lasting value. This session is your playbook to get automation right. We’ll explore how to balance speed with control, boost decision-making through human-machine collaboration, and unlock ROI with fewer errors, stronger fraud prevention, and smoother operations.

article thumbnail

Google Cloud’s Cybersecurity Trends to Watch in 2024 Include Generative AI-Based Attacks

Tech Republic Security

A November report from Google Cloud details possible nation-state malware tactics in 2024 and new angles of cyberattacks.

article thumbnail

The Privacy Disaster of Modern Smart Cars

Schneier on Security

Article based on a Mozilla report.

341
341

LifeWorks

More Trending

article thumbnail

YouTube shows ads for ad blocker, financial scams

Malwarebytes

After performing local experiments for a few months, YouTube recently expanded its effort to block ad blockers. The move was immediately unpopular with some users, and raised some questions in Europe about whether it was breaking privacy laws. In addition, there are some still some fundamental issues that have some people concerned. In this blog post, we look at a couple of examples that erode our trust in online ads.

Scams 145
article thumbnail

New SecuriDropper Malware Bypasses Android 13 Restrictions, Disguised as Legitimate Applications

Tech Republic Security

A new malware is bypassing an Android 13 security measure that restricts permissions to apps downloaded out of the legitimate Google Play Store.

Malware 204
article thumbnail

Crashing iPhones with a Flipper Zero

Schneier on Security

The Flipper Zero is an incredibly versatile hacking device. Now it can be used to crash iPhones in its vicinity by sending them a never-ending stream of pop-ups. These types of hacks have been possible for decades, but they require special equipment and a fair amount of expertise. The capabilities generally required expensive SDRs­—short for software-defined radios­—that, unlike traditional hardware-defined radios, use firmware and processors to digitally re-create radio signal tran

Firmware 341
article thumbnail

GUEST ESSAY: How to mitigate the latest, greatest phishing variant — spoofed QR codes

The Last Watchdog

QR code phishing attacks started landing in inboxes around the world about six months ago. Related: ‘BEC’ bilking on the rise These attacks prompt the target to scan a QR code and trick them into downloading malware or sharing sensitive information. In June, we started seeing these types of attacks amongst our customer base. Since June, there has been a fourfold increase in the search volume around keywords associated with these types of attacks.

Phishing 202
article thumbnail

Why Giant Content Libraries Do Nothing for Your Employees’ Cyber Resilience

Many cybersecurity awareness platforms offer massive content libraries, yet they fail to enhance employees’ cyber resilience. Without structured, engaging, and personalized training, employees struggle to retain and apply key cybersecurity principles. Phished.io explains why organizations should focus on interactive, scenario-based learning rather than overwhelming employees with excessive content.

article thumbnail

Modern Asian APT groups’ tactics, techniques and procedures (TTPs)

SecureList

Almost every quarter, someone publishes major research focusing on campaigns or incidents that involve Asian APT groups. These campaigns and incidents target various organizations from a multitude of industries. Likewise, the geographic location of victims is not limited to just one region. This type of research normally contains detailed information about the tools used by APT actors, the vulnerabilities that they exploit and sometimes even a specific attribution.

article thumbnail

Microsoft and SysAid Find Clop Malware Vulnerability

Tech Republic Security

SysAid has patched a zero-day vulnerability that could allow attackers to exfiltrate data and launch ransomware.

Malware 202
article thumbnail

Decoupling for Security

Schneier on Security

This is an excerpt from a longer paper. You can read the whole thing (complete with sidebars and illustrations) here. Our message is simple: it is possible to get the best of both worlds. We can and should get the benefits of the cloud while taking security back into our own hands. Here we outline a strategy for doing that. What Is Decoupling? In the last few years, a slew of ideas old and new have converged to reveal a path out of this morass, but they haven’t been widely recognized, comb

article thumbnail

Government Surveillance Reform Act of 2023 Seeks to End Warrantless Police and FBI Spying

WIRED Threat Level

The Government Surveillance Reform Act of 2023 pulls from past privacy bills to overhaul how police and the feds access Americans’ data and communications.

article thumbnail

Zero Trust Mandate: The Realities, Requirements and Roadmap

The DHS compliance audit clock is ticking on Zero Trust. Government agencies can no longer ignore or delay their Zero Trust initiatives. During this virtual panel discussion—featuring Kelly Fuller Gordon, Founder and CEO of RisX, Chris Wild, Zero Trust subject matter expert at Zermount, Inc., and Principal of Cybersecurity Practice at Eliassen Group, Trey Gannon—you’ll gain a detailed understanding of the Federal Zero Trust mandate, its requirements, milestones, and deadlines.

article thumbnail

Judge rules it’s fine for car makers to intercept your text messages

Malwarebytes

A federal judge has refused to bring back a class action lawsuit that alleged four car manufacturers had violated Washington state’s privacy laws by using vehicles’ on-board infotainment systems to record customers’ text messages and mobile phone call logs. The judge ruled that the practice doesn’t meet the threshold for an illegal privacy violation under state law.

article thumbnail

GitHub Universe: Open Source Trends Report and New AI Security Products

Tech Republic Security

GitHub Advanced Security gains some AI features, and GitHub Copilot now includes a chatbot option. Github Copilot Enterprise is expected in February 2024.

article thumbnail

Online Retail Hack

Schneier on Security

Selling miniature replicas to unsuspecting shoppers: Online marketplaces sell tiny pink cowboy hats. They also sell miniature pencil sharpeners, palm-size kitchen utensils, scaled-down books and camping chairs so small they evoke the Stonehenge scene in “This Is Spinal Tap.” Many of the minuscule objects aren’t clearly advertised. […] But there is no doubt some online sellers deliberately trick customers into buying smaller and often cheaper-to-produce items, Witcher said

Retail 326
article thumbnail

Researchers Uncover Undetectable Crypto Mining Technique on Azure Automation

The Hacker News

Cybersecurity researchers have developed what's the first fully undetectable cloud-based cryptocurrency miner leveraging the Microsoft Azure Automation service without racking up any charges. Cybersecurity company SafeBreach said it discovered three different methods to run the miner, including one that can be executed on a victim's environment without attracting any attention.

article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Malvertiser copies PC news site to deliver infostealer

Malwarebytes

The majority of malvertising campaigns delivering malicious utilities that we have tracked so far typically deceive victims with pages that are almost the exact replica of the software vendor being impersonated. For example, we have seen fake websites appearing like the real Webex, AnyDesk or KeePass home page. In a new campaign, we observed a threat actor copying a legitimate Windows news portal (WindowsReport.com) to distribute a malicious installer for the popular processor tool CPU-Z.

Software 145
article thumbnail

IT Pros in Australian Crypto Need to Brace for Regulation

Tech Republic Security

The Australian government is moving towards regulating cryptocurrency, with a focus on those involved in developing and maintaining crypto platforms.

article thumbnail

Unlucky Kamran: Android malware spying on Urdu-speaking residents of Gilgit-Baltistan

We Live Security

ESET researchers discover Kamran, previously unknown malware, which spies on Urdu-speaking readers of Hunza News in the Gilgit-Baltistan region

Malware 145
article thumbnail

Google Warns How Hackers Could Abuse Calendar Service as a Covert C2 Channel

The Hacker News

Google is warning of multiple threat actors sharing a public proof-of-concept (PoC) exploit that leverages its Calendar service to host command-and-control (C2) infrastructure. The tool, called Google Calendar RAT (GCR), employs Google Calendar Events for C2 using a Gmail account. It was first published to GitHub in June 2023.

article thumbnail

Next-Level Fraud Prevention: Strategies for Today’s Threat Landscape

Speaker: Sierre Lindgren

Fraud is a battle that every organization must face – it’s no longer a question of “if” but “when.” Every organization is a potential target for fraud, and the finance department is often the bullseye. From cleverly disguised emails to fraudulent payment requests, the tactics of cybercriminals are advancing rapidly. Drawing insights from real-world cases and industry expertise, we’ll explore the vulnerabilities in your processes and how to fortify them effectively.

article thumbnail

Attackers use Google Calendar RAT to abuse Calendar service as C2 infrastructure

Security Affairs

Google warns of multiple threat actors that are leveraging its Calendar service as a command-and-control (C2) infrastructure. Google warns of multiple threat actors sharing a public proof-of-concept (PoC) exploit, named Google Calendar RAT, that relies on Calendar service to host command-and-control (C2) infrastructure. Google Calendar RAT is a PoC of Command&Control (C2) over Google Calendar Events, it was developed red teaming activities. “To use GRC, only a Gmail account is require

article thumbnail

Is a VPN Worth It? Benefits and Choosing the Best VPN

Tech Republic Security

Is a VPN worth it? Learn about the benefits of using a VPN and how to choose the right one for your business needs.

VPN 190
article thumbnail

OpenAI confirms DDoS attacks behind ongoing ChatGPT outages

Bleeping Computer

During the last 24 hours, OpenAI has been addressing what it describes as "periodic outages" linked to DDoS attacks affecting its API and ChatGPT services. [.

DDOS 141
article thumbnail

Beware, Developers: BlazeStealer Malware Discovered in Python Packages on PyPI

The Hacker News

A new set of malicious Python packages has slithered their way to the Python Package Index (PyPI) repository with the ultimate aim of stealing sensitive information from compromised developer systems. The packages masquerade as seemingly innocuous obfuscation tools, but harbor a piece of malware called BlazeStealer, Checkmarx said in a report shared with The Hacker News.

Malware 143
article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

After ChatGPT, Anonymous Sudan took down the Cloudflare website

Security Affairs

After ChatGPT, Anonymous Sudan took down the Cloudflare website with a distributed denial-of-service (DDoS) attack. The hacktivist group Anonymous Sudan claimed responsibility for the massive distributed denial-of-service (DDoS) attack that took down the website of Cloudflare. Cloudflare confirmed that a DDoS attack took down its website for a few minutes and ponited out that it did not impact other products or services. “ To be clear, there was no Cloudflare breach.

DDOS 142
article thumbnail

How to Use a VPN: 4 Easy Steps to Get Started

Tech Republic Security

Learn how to set up and use a VPN with just four easy steps. This step-by-step guide takes you through how you can secure your connection and online data.

VPN 187
article thumbnail

Threat Actors Leverage File-Sharing Service and Reverse Proxies for Credential Harvesting

Trend Micro

We analyzed a phishing campaign involving malicious emails containing a link to a file-sharing solution, which further leads to a PDF document with a secondary link designed to steal login info and session cookies.

Phishing 141
article thumbnail

StripedFly Malware Operated Unnoticed for 5 Years, Infecting 1 Million Devices

The Hacker News

An advanced strain of malware masquerading as a cryptocurrency miner has managed to fly the radar for over five years, infecting no less than one million devices around the world in the process. That's according to findings from Kaspersky, which has codenamed the threat StripedFly, describing it as an "intricate modular framework that supports both Linux and Windows.

Malware 143
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!