2023

article thumbnail

Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach

Krebs on Security

In November 2022, the password manager service LastPass disclosed a breach in which hackers stole password vaults containing both encrypted and plaintext data for more than 25 million users. Since then, a steady trickle of six-figure cryptocurrency heists targeting security-conscious people throughout the tech industry has led some security experts to conclude that crooks likely have succeeded at cracking open some of the stolen LastPass vaults.

Passwords 359
article thumbnail

The AI Attack Surface Map v1.0

Daniel Miessler

Introduction Purpose Components Attacks Discussion Summary Introduction This resource is a first thrust at a framework for thinking about how to attack AI systems. At the time of writing, GPT-4 has only been out for a couple of months, and ChatGPT for only 6 months. So things are very early. There has been, of course, much content on attacking pre-ChatGPT AI systems, namely how to attack machine learning implementations.

Internet 364
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

68k Phishing Victims are Now Searchable in Have I Been Pwned, Courtesy of CERT Poland

Troy Hunt

Last week I was contacted by CERT Poland. They'd observed a phishing campaign that had collected 68k credentials from unsuspecting victims and asked if HIBP may be used to help alert these individuals to their exposure. The campaign began with a typical email requesting more information: In this case, the email contained a fake purchase order attachment which requested login credentials that were then posted back to infrastructure controlled by the attacker: All in all, CERT Poland identifi

Phishing 337
article thumbnail

AI vs AI: Next front in phishing wars

Tech Republic Security

Threat intelligence firm Abnormal Software is seeing cybercriminals using generative AI to go phishing; the same technology is part of the defense. The post AI vs AI: Next front in phishing wars appeared first on TechRepublic.

Phishing 216
article thumbnail

From Complexity to Clarity: Strategies for Effective Compliance and Security Measures

Speaker: Erika R. Bales, Esq.

When we talk about “compliance and security," most companies want to ensure that steps are being taken to protect what they value most – people, data, real or personal property, intellectual property, digital assets, or any other number of other things - and it’s more important than ever that safeguards are in place. Let’s step back and focus on the idea that no matter how complicated the compliance and security regime, it should be able to be distilled down to a checklist.

article thumbnail

Millions of Exim mail servers exposed to zero-day RCE attacks

Bleeping Computer

A critical zero-day vulnerability in all versions of Exim mail transfer agent (MTA) software can let unauthenticated attackers gain remote code execution (RCE) on Internet-exposed servers. [.

Internet 142
article thumbnail

Update Chrome Now: Google Releases Patch for Actively Exploited Zero-Day Vulnerability

The Hacker News

Google on Wednesday rolled out fixes to address a new actively exploited zero-day in the Chrome browser. Tracked as CVE-2023-5217, the high-severity vulnerability has been described as a heap-based buffer overflow in the VP8 compression format in libvpx, a free software video codec library from Google and the Alliance for Open Media (AOMedia).

Software 140

More Trending

article thumbnail

Okta Flaw Involved in MGM Resorts Breach, Attackers Claim

Dark Reading

ALPHV/BlackCat ransomware operators have used their leak site to "set the record straight" about the MGM Resorts cyberattack. Meanwhile, more attacks abusing Okta could be likely.

article thumbnail

Ransomware group claims it's "compromised all of Sony systems"

Malwarebytes

Newcomer ransomware group RansomedVC claims to have successfully compromised the computer systems of entertainment giant Sony. As ransomware gangs do, it made the announcement on its dark web website, where it sells data that it's stolen from victims' computer networks. The announcement says Sony's data is for sale: Sony Group Corporation, formerly Tokyo Telecommunications Engineering Corporation, and Sony Corporation, is a Japanese multinational conglomerate corporation headquartered in Minato,

article thumbnail

From Caribbean shores to your devices: analyzing Cuba ransomware

SecureList

Introduction Knowledge is our best weapon in the fight against cybercrime. An understanding of how various gangs operate and what tools they use helps build competent defenses and investigate incidents. This report takes a close look at the history of the Cuba group, and their attack tactics, techniques and procedures. We hope this article will help you to stay one step ahead of threats like this one.

article thumbnail

RedLine/Vidar Abuses EV Certificates, Shifts to Ransomware

Trend Micro

In this blog, we investigate how threat actors used information-stealing malware with EV code signing certificates and later delivered ransomware payloads to its victims via the same delivery method.

article thumbnail

Successful Change Management with Enterprise Risk Management

Speaker: William Hord, Vice President of ERM Services

A well-defined change management process is critical to minimizing the impact that change has on your organization. Leveraging the data that your ERM program already contains is an effective way to help create and manage the overall change management process within your organization. Your ERM program generally assesses and maintains detailed information related to strategy, operations, and the remediation plans needed to mitigate the impact on the organization.

article thumbnail

iOS 17 update secretly changed your privacy settings; here’s how to set them back

Graham Cluley

Many iPhone users who upgraded their iPhones to the recently-released iOS 17 will be alarmed to hear that they may have actually downgraded their security and privacy. Read more in my article on the Hot for Security blog.

133
133
article thumbnail

Lazarus luring employees with trojanized coding challenges: The case of a Spanish aerospace company

We Live Security

ESET researchers uncover a Lazarus attack against an aerospace company in Spain, where the group deployed several tools, including a publicly undocumented backdoor we named LightlessCan.

126
126
article thumbnail

How Shady Chinese Encryption Chips Got Into the Navy, NATO, and NASA

WIRED Threat Level

The US government warns encryption chipmaker Hualan has suspicious ties to China’s military. Yet US agencies still use one of its subsidiary’s chips, raising fears of a backdoor.

article thumbnail

Check Point: Hackers Are Dropping USB Drives at Watering Holes

Tech Republic Security

Check Point's Global CISO discusses the firm's 2023 threat intelligence, including new AI malice and threat actors spreading malware by dropping flash drives.

CISO 210
article thumbnail

Cover Your SaaS: How to Overcome Security Challenges and Risks For Your Organization

Speaker: Ronald Eddings, Cybersecurity Expert and Podcaster

So, you’ve accomplished an organization-wide SaaS adoption. It started slow, and now just a few team members might be responsible for running Salesforce, Slack, and a few others applications that boost productivity, but it’s all finished. Or is it? Through all the benefits offered by SaaS applications, it’s still a necessity to onboard providers as quickly as possible.

article thumbnail

Apple emergency updates fix 3 new zero-days exploited in attacks

Bleeping Computer

Apple released emergency security updates to patch three new zero-day vulnerabilities exploited in attacks targeting iPhone and Mac users, for a total of 16 zero-days patched this year. [.

145
145
article thumbnail

Microsoft AI Researchers Accidentally Expose 38 Terabytes of Confidential Data

The Hacker News

Microsoft on Monday said it took steps to correct a glaring security gaffe that led to the exposure of 38 terabytes of private data. The leak was discovered on the company's AI GitHub repository and is said to have been inadvertently made public when publishing a bucket of open-source training data, Wiz said.

Backups 140
article thumbnail

FBI hacker USDoD leaks highly sensitive TransUnion data

Security Affairs

Researchers from vx-underground reported that FBI hacker ‘USDoD ‘ leaked sensitive data from consumer credit reporting agency TransUnion. TransUnion is an American consumer credit reporting agency. TransUnion collects and aggregates information on over one billion individual consumers in over thirty countries, including “200 million files profiling nearly every credit-active consumer in the United States” A threat actor who goes by the moniker “ USDoD ” announced the lea

article thumbnail

MGM, Caesars Cyberattack Responses Required Brutal Choices

Dark Reading

Tens of millions in losses later, the MGM and Caesars systems are back online following dual cyberattacks by the same threat actor — here's what experts say about their incident responses.

140
140
article thumbnail

How Preparation and Strategy Can Be Used to Fight and Defeat Any Ransomware Attack

Speaker: Karl Camilleri, Cloud Services Product Manager at phoenixNAP

Did you know that 2021 was a record-breaking year for ransomware? The days of a “once in a while” attack against businesses and organizations are over. Cyberthreats have become a serious issue. With 495.1 million attacks, the threat marked a 148% increase compared to 2020 and was the most expensive year on record! As a result, data protection needs to be a concern for most banks, businesses, and information technology specialists.

article thumbnail

Malicious ad served inside Bing's AI chatbot

Malwarebytes

In February 2023, Microsoft disclosed its new AI-assisted search engine, Bing Chat, powered by OpenAI's GPT-4. Even though Google has been dominating the search industry for years, this event was significant enough to generate not only interest but also plant the seed for a possible change in the balance in the future. Considering that tech giants make most of their revenue from advertising, it wasn't surprising to see Microsoft introduce ads into Bing Chat shortly after its release.

Malware 127
article thumbnail

Andariel’s silly mistakes and a new malware family

SecureList

Introduction Andariel, a part of the notorious Lazarus group, is known for its use of the DTrack malware and Maui ransomware in mid-2022. During the same period, Andariel also actively exploited the Log4j vulnerability as reported by Talos and Ahnlab. Their campaign introduced several new malware families, such as YamaBot and MagicRat, but also updated versions of NukeSped and, of course, DTrack.

Malware 145
article thumbnail

Earth Lusca Employs New Linux Backdoor, Uses Cobalt Strike for Lateral Movement

Trend Micro

While monitoring Earth Lusca, we discovered an intriguing, encrypted file on the threat actor's server — a Linux-based malware, which appears to originate from the open-source Windows backdoor Trochilus, which we've dubbed SprySOCKS due to its swift behavior and SOCKS implementation.

Malware 139
article thumbnail

Thousands of dollars stolen from Texas ATMs using Raspberry Pi

Graham Cluley

A Texas court has heard how last month a gang of men used a Raspberry Pi device to steal thousands of dollars from ATMs. Read more in my article on the Tripwire State of Security blog.

Malware 137
article thumbnail

How to Avoid the Pain and Cost of PCI Compliance While Optimizing Payments

Speaker: P. Andrew Sjogren, Sr. Product Marketing Manager at Very Good Security, Matt Doka, Co-Founder and CTO of Fivestars, and Steve Andrews, President & CEO of the Western Bankers Association 

PCI compliance can feel challenging and sometimes the result feels like you are optimizing more for security and compliance than you are for business outcomes. The key is to take the right strategy to PCI compliance that gets you both. In this webinar, we have a great set of panelists who will take you through how Zero Data strategies can be used as part of a well-rounded compliance and security approach, and get you to market much sooner by also allowing for payment optimization.

article thumbnail

Apple Fixes 0-Days — Russia Says US Used for Spying

Security Boulevard

Vulns unpatched for FOUR years: ‘Triangulation’ spyware said to use backdoor Apple gave to NSA. The post Apple Fixes 0-Days — Russia Says US Used for Spying appeared first on Security Boulevard.

Spyware 145
article thumbnail

ChatGPT creates mutating malware that evades detection by EDR

CSO Magazine

A global sensation since its initial release at the end of last year, ChatGPT 's popularity among consumers and IT professionals alike has stirred up cybersecurity nightmares about how it can be used to exploit system vulnerabilities. A key problem, cybersecurity experts have demonstrated, is the ability of ChatGPT and other large language models (LLMs) to generate polymorphic, or mutating, code to evade endpoint detection and response (EDR) systems.

Malware 145
article thumbnail

FBI-Led Global Effort Takes Down Massive Qakbot Botnet

Tech Republic Security

After more than 15 years in the wild, the Qakbot botnet, a zombie network of over 700,000 computers worldwide, is hanging on the FBI's trophy wall for now.

202
202
article thumbnail

Building automation giant Johnson Controls hit by ransomware attack

Bleeping Computer

Johnson Controls International has suffered what is described as a massive ransomware attack that encrypted many of the company devices, including VMware ESXi servers, impacting the company's and its subsidiaries' operations. [.

article thumbnail

Back to the Office: Privacy and Security Solutions to Compliance Issues for 2021 and Beyond

Speaker: Mike Cramer, Director of HIPAA & Data Security at The Word & Brown Companies

The COVID-19 pandemic forced many people into working remotely, opening the floodgates for a host of digital compliance issues. Now that companies are slowly allowing employees to return to work at the office, it's time to re-evaluate your company’s posture towards privacy and security. This is especially vital if your workers were (and still are!) using company equipment from home, or are still working remotely.

article thumbnail

Google Rushes to Patch Critical Chrome Vulnerability Exploited in the Wild - Update Now

The Hacker News

Google on Monday rolled out out-of-band security patches to address a critical security flaw in its Chrome web browser that it said has been exploited in the wild. Tracked as CVE-2023-4863, the issue has been described as a case of heap buffer overflow that resides in the WebP image format that could result in arbitrary code execution or a crash.

article thumbnail

Apple rolled out emergency updates to address 3 new actively exploited zero-day flaws

Security Affairs

Apple released emergency security updates to address three new actively exploited zero-day vulnerabilities. Apple released emergency security updates to address three new zero-day vulnerabilities (CVE-2023-41993, CVE-2023-41991, CVE-2023-41992) that have been exploited in attacks in the wild. The three flaws were discovered by Bill Marczak of The Citizen Lab at The University of Toronto’s Munk School and Maddie Stone of Google’s Threat Analysis Group.

Hacking 131
article thumbnail

How to Get Your Board on Board With Cybersecurity

Dark Reading

CISOs can refine their soft skills to help get their cybersecurity best-practices message across. Steps include increasing staff incident-response training and staying current with the threat landscape.

article thumbnail

Google’s Bard conversations turn up in search results

Malwarebytes

Google is coming under scrutiny after people discovered transcripts of conversations with its AI chatbot Bard are being indexed in Google search results. Bard is Google’s answer to ChatGPT, and allows users to have conversations with an AI. Services like these have attracted a lot of attention, because with a bit of tweaking and getting used to they can be really helpful in speeding up tasks.

article thumbnail

ERM Program Fundamentals for Success in the Banking Industry

Speaker: William Hord, Senior VP of Risk & Professional Services

Enterprise Risk Management (ERM) is critical for industry growth in today’s fast-paced and ever-changing risk landscape. When building your ERM program foundation, you need to answer questions like: Do we have robust board and management support? Do we understand and articulate our bank’s risk appetite and how that impacts our business units? How are we measuring and rating our risk impact, likelihood, and controls to mitigate our risk?