Episode 282 kicks off with new research from Which? Showing that smart technology might not be as smart as weve been led to believe – their research shows that most devices stop receiving updates from 2 years, even thought the device has a suggested life of 10 – it seems more work needs to be done. From there show more ...
Telegrams developers position their product as safe and protected. But in practice thats not entirely true: the reality is that Telegram has a number of quirks that make protecting your messages a little tricky, and its got nothing to do with the complexities of cryptography, but with much more prosaic stuff. Lets show more ...
Ensuring that data can be easily discovered, classified, and secured is a crucial cornerstone of a data security strategy.
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.
Craft specific awareness training for high-exposure teams like finance, and reinforce other critical awareness training across the organization.
Without noncompetes, how do organizations make sure employees aren't taking intellectual property when they go work to work for a competitor?
The "BoldMove" backdoor demonstrates a high level of knowledge of FortiOS, according to Mandiant researchers, who said the attacker appears to be based out of China.
Mainly Apple iOS in-app ads were targeted, injecting malicious JavaScript code to rack up phony views.
The growing use of mobile devices for MFA and the proliferation of 5G and VoIP in general could result in more attacks in future, experts say.
There's a fine line between a hacker and an attacker, but it pays to be proactive. Consider tests by ethical hackers, a red team, or pen testers, and then bolster your company's defenses against malicious attacks.
The bug is described as an OS command injection vulnerability that allows remote attackers to execute commands via shell metacharacters in the login parameter. The vulnerability has a CVSS score of 9.8/10 and is considered trivial to exploit.
Abacus Group acquired two boutique cybersecurity consulting companies, Gotham Security and its parent company, GoVanguard, both of which have unparalleled track records of excellence in the cyber arena.
Vendors and agencies are actively bypassing the security patch that Adobe released in February 2022 to address CVE-2022-24086, a critical mail template vulnerability in Adobe Commerce and Magento stores, ecommerce security firm Sansec warns.
In essence, Payzero is a fraudulent scheme where the attackers typically pay nothing to the victim for their digital assets and simply trick them into allowing the transfer of token ownership.
The lack of the most basic security precaution is especially alarming in critical infrastructure. These organizations operate chemical plants, pipelines, utilities, hospitals, and other industries that support essential functions of daily life.
CERT-U says the cyberattack was likely carried out by the Sandworm group based on the threat actors' tactics, which was previously linked to the Main Directorate of the General Staff of the Armed Forces of the Russian Federation (GRU).
Federal authorities on Wednesday arrested the founder of Bitzlato, a cryptocurrency exchange they said has been a financial haven for Russia-aligned criminals engaged in ransomware and illicit drug sales on the dark web.
Group-IB Hi-Tech Crime Trends 2022/2023 report found that the number of instances of corporate access being sold on the dark web by Initial Access Brokers (IABs) has doubled in the past year. IABs primarily targeted U.S. companies, with manufacturing (5.8%), financial services (5.1%), real estate (4.6%), and education (4.2%) sectors being the most affected.
Email marketing and newsletter giant Mailchimp says it was hacked and that dozens of customers’ data was exposed. It’s the second time the company was hacked in the past six months.
Forter acquires Immue to not only strengthen the company’s existing fraud management capabilities but add Immue’s domain-specific bot expertise to Forter’s fraud prevention solution stack.
Once the initial IcedID infection is done, an interactive command line session is started, which downloads additional files on the infected system. Seven minutes after the initial infection, a Cobalt Strike beacon is used on the infected computer.
Two new investors, Link Ventures and Harel Insurance & Finance, took a significant part in the round and were joined by existing nsKnox investors, including M12 – Microsoft’s Venture Fund, Viola Ventures, and Alon Cohen, the company’s CEO.
Hackers are setting up fake websites for popular free and open-source software, including 7-Zip, Blender 3D, Capcut, CCleaner, Notepad++, OBS, Rufus, VirtualBox, VLC Media Player, WinRAR, and Putty, to promote malicious downloads through Google ads.
A web-based Git repository manager, Kudu is the engine behind several Azure App Service features, supporting the deployment and management of code in Azure. The service is used by Functions, App Service, Logic Apps, and other Azure services.
The Solaris marketplace emerged a few months ago, following the seizure of Hydra, attempting to capture a portion of the then-disturbed market. The new marketplace quickly captured about 25% of the market and processed roughly $150M in illegal sales.
Proprietors of these so-called “booter” or “stresser” services — designed to knock websites and users offline — have long operated in a legally murky area of cybercrime law.
Cisco on Wednesday announced patches for a high-severity SQL injection vulnerability in Unified Communications Manager (CM) and Unified Communications Manager Session Management Edition (CM SME).
In 2022, there were about 2,800 known new ransomware victims, based on successful attacks that came to light publicly, including via ransomware groups listing victims on their dedicated data leak sites, reports threat intelligence firm Kela.
One of the many spectacular tricks ChatGPT has been able to pull off is writing highly advanced malware that actually contains no malicious code at all, making it difficult to detect and mitigate, researchers at CyberArk explained.
BackdoorDiplomacy is continuously evolving its TTPs during cyberespionage campaigns. Unit 42 spotted the new campaign by the group that targeted Iranian government entities between July and December 2022. Historically, it has targeted government and diplomatic entities in the Middle East and Africa, as well as in the U.S.
Trevor Osagie, a 31-year-old man from the Bronx, admitted to playing a key role in the operation of a credit card conspiracy group that caused over $1,500,000 in damages to 4,000 account holders.
Roaming Mantis (aka Shaoye) is well-known campaign that uses malicious APK files to control infected Android devices and steal device information; it also uses phishing pages to steal user credentials, with a strong financial motivation.
Social media giant Meta has been fined an additional 5.5 million euros ($5.9 million) for violating EU data protection regulations with its instant messaging platform WhatsApp, Ireland's regulator announced Thursday.
PayPal explains that the credential stuffing attack occurred between December 6 and December 8, 2022. The company detected and mitigated it at the time but also started an internal investigation to find out how the hackers obtained access.
Trend Micro laid bare details of Batloader malware in a report that has anti-sandboxing capabilities and can fingerprint hosts for legitimacy. The modular malware abuses legitimate tools such as NirCmd.exe and Nsudo.exe to escalate privileges. First observed in the last quarter of 2022, it was found dropping several show more ...
In the ransomware section of its 2023 crypto crime report, Chainalysis found that ransomware attackers extorted $456.8m from victims in 2022. This represents a significant drop from $765.6m in 2021 and $765m in 2020.
A recent study has shown that it is possible to identify relationships between different threat actors by analyzing the metadata of malicious LNK files, uncovering information such as the specific tools and techniques used by different groups.
Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.
Ubuntu Security Notice 5812-1 - It was discovered that urllib3 incorrectly handled certain characters in URLs. A remote attacker could possibly use this issue to cause urllib3 to consume resources, leading to a denial of service.
Ubuntu Security Notice 5811-2 - USN-5811-1 fixed a vulnerability in Sudo. This update provides the corresponding update for Ubuntu 16.04 ESM. Matthieu Barjole and Victor Cutillas discovered that Sudo incorrectly handled user-specified editors when using the sudoedit command. A local attacker that has permission to use the sudoedit command could possibly use this issue to edit arbitrary files.
Debian Linux Security Advisory 5322-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code, information disclosure or spoofing.
Ubuntu Security Notice 5811-1 - Matthieu Barjole and Victor Cutillas discovered that Sudo incorrectly handled user-specified editors when using the sudoedit command. A local attacker that has permission to use the sudoedit command could possibly use this issue to edit arbitrary files. It was discovered that the show more ...
SLIMS version 9.5.2 suffers from a cross site scripting vulnerability.
The report highlights concerning security stats following two years of extreme tech growth.
ICS/OT cybersecurity firm finds 35% of CVEs in second half of 2022 unpatchable.
Open architecture, non-standalone roaming, nation-state attacks, ransomware, and the need for more industry collaboration are among the major 5G security challenges that operators must address in the year ahead.
KnowBe4 partners with the Center for Cyber Safety and Education to bolster women in cybersecurity for the fourth consecutive year.
New program enables students and early career professionals to learn critical skills required in today's entry-level cybersecurity field, helping address urgent cyber workforce jobs gap.
Research shows that over 50% of organizations performing software development struggle with fully integrating security into their software development lifecycle.
Traditional compliance and IAM are insufficient to secure the modern enterprise. We must shift left with modern access controls to avoid costly data breaches.
Popular email marketing and newsletter service Mailchimp has disclosed yet another security breach that enabled threat actors to access an internal support and account admin tool to obtain information about 133 customers. "The unauthorized actor conducted a social engineering attack on Mailchimp employees and contractors, and obtained access to select Mailchimp accounts using employee
A new critical remote code execution (RCE) flaw discovered impacting multiple services related to Microsoft Azure could be exploited by a malicious actor to completely take control of a targeted application. "The vulnerability is achieved through CSRF (cross-site request forgery) on the ubiquitous SCM service Kudu," Ermetic researcher Liv Matan said in a report shared with The Hacker News. "By
The threat actor behind the BlackRock and ERMAC Android banking trojans has unleashed yet another malware for rent called Hook that introduces new capabilities to access files stored in the devices and create a remote interactive session. ThreatFabric, in a report shared with The Hacker News, characterized Hook as a novel ERMAC fork that's advertised for sale for $7,000 per month while featuring
Cybercriminals are increasingly leveraging malicious LNK files as an initial access method to download and execute payloads such as Bumblebee, IcedID, and Qakbot. A recent study by cybersecurity experts has shown that it is possible to identify relationships between different threat actors by analyzing the metadata of malicious LNK files, uncovering information such as the specific tools and
An organization’s sensitive information is under constant threat. Identifying those security risks is critical to protecting that information. But some risks are bigger than others. Some mitigation options are more expensive than others. How do you make the right decision? Adopting a formal risk assessment process gives you the information you need to set priorities. There are many ways to
The U.S. Department of Justice (DoJ) on Wednesday announced the arrest of Anatoly Legkodymov (aka Gandalf and Tolik), the cofounder of Hong Kong-registered cryptocurrency exchange Bitzlato, for allegedly processing $700 million in illicit funds. The 40-year-old Russian national, who was arrested in Miami, was charged in a U.S. federal court with "conducting a money transmitting business that
Carole's in her sick bed, which leaves Graham in charge of the good ship "Smashing Security" as it navigates the choppy seas of credential stuffing and avoids the swirling waters of apps being sloppy with sensitive information. Find out more in this latest edition of the "Smashing Security" podcast, hosted by Graham Cluley with special guest BJ Mendelson.
It is the world's most active ransomware group - responsible for an estimated 40% of all ransomware infections worldwide. Find out what you need to know about LockBit in my article on the Tripwire State of Security blog.
For the second time in less than a year, email newsletter service Mailchimp has found itself in the embarrassing position of admitting it has suffered a data breach, putting its customers' subscribers at risk.
The Bitzlato cryptocurrency exchange has had its website seized by the authorities, after its Russian founder was charged with processing more than US $700m worth of "dirty money" on behalf of criminals.
