Nascent platform provides miscreants an easier and cheaper way to launch remote access, DDoS, and other attacks A platform that makes it easier for cyber criminals to establish command-and-control (C2) servers has already attracted 3,000 users since launc ...
User enumeration bug created in July 2021, plugged in January 2022.
Plus: That Twitter privacy leak, scammers send Ubers for victims, critical flaw in Cisco gear, and more In brief DuckDuckGo has finally cracked down on the Microsoft tracking scripts that got the alternative search engine into hot water earlier this yea ...
What it's like bargaining with criminals ... and advising clients suffering their worst day yet Interview The first rule of being a ransomware negotiator is that you don't admit you're a ransomware negotiator — at least not to LockBit or another cyber ...
Seems like they are being discovered all the time: In the past, the DEEPEND crew has discovered three new species of Bathyteuthids, a type of squid that lives in depths between 700 and 2,000 meters. The findings were validated and published in 2020. Anoth ...
The Feds may see things differently Cryptocurrency bridge Nomad sent a message to the looters who drained nearly $200 million in tokens from its coffers earlier this week: return at least 90 percent of the ill-gotten gains, keep 10 percent as a bounty for ...
What issues are cybersecurity professionals concerned about in 2022? You tell us!
DEF CON may be about to blow lid off security hole The US government is warning of critical vulnerabilities in its Emergency Alert System (EAS) systems that, if exploited, could enable intruders to send fake alerts out over television, radio, and cable ne ...
As the market for initial access brokers matures, services like Genesis — which offers elite access to compromised systems and slick, professional services — are raising the bar in the underground economy.
For the right price, threat actors can get just about anything they want to launch a ransomware attack — even without technical skills or any previous experience.
With names, email addresses, and mobile numbers from underground databases, one person in five is at risk of account compromise even with SMS two-factor authentication in place.
Over the past few weeks, a Mirai variant appears to have made a pivot from infecting new servers to maintaining remote access.
Development of digital gateways to protect the places where we live, work, and converse need to be secure and many doors need to offer restricted access.
This Tech Tip outlines how DevOps teams can address security integration issues in their CI/CD pipelines.
Separate phishing campaigns targeting thousands of victims impersonate FedEx and Microsoft, among others, to trick victims.
From ransomware to password-stealing trojans, here's what you need to look out for.
At least Switchzilla thinks they're salvageable, unlike the boxes it ordered binned back in June Cisco has revealed four of its small business router ranges have critical flaws – for the second time in 2022 alone.…
WebView plus JavaScript bypass user permissions.
Two Trojans in use for over a decade.
I got played via the Play store Last October, California resident Jacob Pearlman downloaded an Android version of a cryptocurrency wallet app called Phantom from the Google Play app store.…
At Black Hat USA, Igal Gofman plans to address how machine identities in the cloud and the explosion of SaaS apps are creating risks for IAM, amid escalating attention from attackers.
A month after the algorithms were revealed, some companies have already begun incorporating the future standards into their products and services.
A dangerous VMware authentication-bypass bug could give threat actors administrative access over virtual machines.
The CVE-2022-27535 local privilege-escalation security vulnerability in the security software threatens remote and work-from-home users.
Securing email communication has never been more critical for organizations, and it has never been more challenging to do so. Attack volumes have increased and become more sophisticated.
A global network of inauthentic news sites present themselves as independent news outlets, offering content favoring China's government and articles critical of the US.
Users can identify risks across five domains, work on multiple projects, and take advantage of exclusive community benefits.
It's a myth that consuming and processing alerts qualifies as security. Today's technology allows better detection and prevention, rather than accepting the low bar for protection set by ingrained incident response reactions.
Agentless approach meets the attacker earlier to protect financial services and other large enterprises from an underserved attack vector.
In the last month, "Pl0xP" cloned several GitHub repositories, adding malicious code to the forks that would attempt to infect developer systems and steal sensitive files that included software keys.
The identity-services company is being acquired by Thoma Bravo software investment for cash, before being delisted.
Controversial visit to Taiwan continues to reverberate through cyberspace, the real world, and the semiconductor industry Taiwan's Ministry of National Defense confirmed it was hit by a DDoS attack on Wednesday in what has been an eventful week for the is ...
SIKE is one of the new algorithms that NIST recently added to the post-quantum cryptography competition. It was just broken, really badly. We present an efficient key recovery attack on the Supersingular Isogeny Diffie-Hellman protocol (SIDH), based on ...
Tech giants and digital rights groups didn't like it, but at least it was a law The government of India has scrapped the Personal Data Protection Bill it's worked on for three years, and announced it will – eventually – unveil a superior bill.…
Simple to exploit, enough to pocket $3,000 A Danish ethical hacker was able to work his way uninvited into a closed Cloudflare beta and found a vulnerability that could have been exploited by a cybercriminal to hijack and steal someone else's email.…
Plan to educate the children turned out to be a 'won't someone think of the children?' moment The UK's Parliament has ended its presence on TikTok after MPs pointed out the made-in-China social media service probably sends data about its users back to Bei ...
SOL holders literally S.O.L. Millions of dollars worth of Solana cryptocurrency and other tokens were stolen from seemingly thousands of netizens this week by thieves exploiting some kind of security weakness or blunder.…
Remote code execution, denial of service.
Early-stage startup Footprint's goal is to provide tools that change how enterprises verify, authentication, authorize, and secure identity.
Organizations can be more proactive in tracking threats, finding holes in their protection Microsoft says it will give enterprise security operation centers (SOCs) broader access to the massive amount of threat intelligence it collects every day.…
Copado's Kyle Tobener will discuss a three-pronged plan at Black Hat USA for addressing human weaknesses in cybersecurity with this medical concept — from phishing to shadow IT.
Deepens cyber security bets.
Works on new law.
SMBs should patch CVE-2022-32548 now to avoid a host of horrors, including complete network compromise, ransomware, state-sponsored attacks, and more.
The malware packages had names that were common typosquats of a legitimate widely used Python library. One was downloaded hundreds of times.
So far, the ongoing attack has impacted nearly 8,000 Solana hot wallets.
It's all fun and games until somebody gets their files encrypted Miscreants making use of typosquatting are being spotted by researchers at Sonatype, emphasizing the need to check that the package is really the one you meant to download.…
Because they leave so little time to patch and defuse, zero-day threats require a proactive, multilayered approach based on zero trust.
Without a road to recovery, you’re just going to be roadkill Sponosred Feature What sort of disaster would you rather prepare for? Hurricanes are destructive, but you know when one's coming, giving you time to take defensive action. Earthquakes vary i ...
Serial entrepreneur, cybersecurity leader, and industry veteran joins ShiftLeft to drive growth and AI/ML innovation globally.
The new program offers robust protection across all five data risk categories: cyber, human, application, operation, and environmental.
Vulnerability—for which a proof-of-concept is forthcoming—is one of a string of flaws the company fixed that could lead to an attack chain.
Todd Thibodeaux uses ChannelCon 2022 state of the industry remarks to unveil CompTIA’s Project Agora; invites broad industry participation in the effort to fight for tech talent.
Microsoft rolls out enhanced ransomware protections for Windows users in the latest Windows 11 previews.
Converged SASE platform provides AI-driven Zero trust security and simplified, optimized connectivity to any network location or device, including IoT.
Rising interest in chess may feed the next generation of cybersecurity experts.
Phishing operators are taking advantage of security bugs in the Amex and Snapchat websites (the latter is unpatched) to steer victims to phishing pages looking to harvest Google and Microsoft logins.
Enabling it is easy but there is one caveat.
Seems it’s now common to sneak contraband into prisons with a drone.
Google fixes at least 27 security flaws in Chrome 104 and the browser has dropped its original API for supporting USB two-factor authentication security keys.
Plus: Even market authorities can't seem to keep up with Microsoft's Defender branding The UK's Competition and Markets Authority has given a provisional nod to the proposed merger of British cybersecurity company Avast and US rival NortonLifeLock.…
NIST's nifty new algorithm looks like it's in trouble One of the four encryption algorithms the US National Institute of Standards and Technology (NIST) recommended as likely to resist decryption by quantum computers has has holes kicked in it by research ...
Country passes amendments to Act that will see a new digital intelligence unit--including a digital chief--formally established as part of the armed forces, a step the government says is necessary as "cyber intrusions" intensify and threaten critical syst ...
And is if to confirm the link, a DDoS takes out Taiwan's presidential website ahead of senior politico's arrival Speaker of the US House of Representatives Nancy Pelosi has tied her controversial visit to Taiwan to an alleged barrage of China-directed cyb ...
Code execution via email templates.
Meanwhile, a security update for rsync VMware has fixed a critical authentication bypass vulnerability that hits 9.8 out of 10 on the CVSS severity scale and is present in multiple products.…
Flash mob exploits Nomad's validation code blunder Cryptocurrency bridge service Nomad, which describes itself as "an optimistic interoperability protocol that enables secure cross-chain communication," has been drained of tokens notionally worth $190.7 m ...
DMARC analysis by Proofpoint shows that institutions in the U.S. have among some of the poorest protections to prevent domain spoofing and lack protections to block fraudulent emails.
New finding comes amid report of overall surge in threats targeting mobile and IoT devices over the past year.
Complex neural networks, including GPT-3, can deliver useful cybersecurity capabilities such as explaining malware and quickly classifying websites, researchers find.
The campaign uses adversary-in-the-middle techniques to bypass multifactor authentication, evade detection.
Venafi investigation of 35 million Dark Web URLs shows macro-enabled ransomware widely available at bargain prices.
Authentication bypass and remote code execution bugs fixed.
Netwrix study reveals that manufacturing organizations experienced these types of attacks more often than any other industry surveyed.
Cancel the kitchen scraps for lepers and orphans, no more merciful beheadings, and call off Christmas Robinhood's cryptocurrency operations has been fined $30 million for violating New York's anti-money-laundering and cybersecurity regulations.…
Launches industry’s first ZTNA Migration Tool and ZTNA Buyback Program, setting the stage for migration away from ZTNA 1.0.
Now-convicted phone dealer reset locked and blocked phones on various mobile networks.
Underground forums are so last year. Telegram, Discord offer better privacy, functionality to criminals, says Intel 471 Cybercriminals are turning to messaging apps like Telegram and Discord as alternatives to popular underground forums: not only for the ...
Microsoft says the new tools will give security teams an attacker's-eye view of their systems and supercharge their investigation and remediation efforts.
To protect against similar attacks, organizations should focus on bringing cloud entitlements and configurations under control.
Attackers are turning to stolen credentials and posing as trusted applications to socially engineer victims, according to Google study of malware submitted to VirusTotal.
With over 323 million users of dating apps worldwide, study finds location spoofing is a threat to user trust and safety.
Microsoft brings in its RiskIQ acquisition to launch Defender Threat Intelligence and Defender External Attack Surface Management.
In conjunction with Black Hat 2022, pioneer of digital executive protection also announces new security innovations and SOC 2 Type II certification.
Series C investment from BuildGroup and Gula Tech Adventures, along with appointment of Kevin Mandia to the board of directors, will propel a new chapter of company growth.
Please stop leaving credentials where miscreants can find them Want to build your own army? Engineers at CloudSEK have published a report on how to do just that in terms of bots and Twitter, thanks to API keys leaking from applications.…
From adopting zero-trust security models to dynamic environments to operating under an "assumed breach" mentality, here are ways IT departments can reduce vulnerabilities as they move deliberately to become more secure.
CREST provides commercially defensible scoping, delivery, and sign-off recommendations for penetration tests.
Shame or just trying to avoid bad publicity means there's very little useful data recorded on ransomware attacks.
TheMarkup has an extensive analysis of connected vehicle data and the companies that are collecting it. The Markup has identified 37 companies that are part of the rapidly growing connected vehicle data industry that seeks to monetize such data in an envi ...
LofyLife campaign comes amid GitHub security lockdown Cybercriminals continue to use npm packages to drop malicious packages on unsuspecting victims, most recently to steal Discord login tokens, bank card data, and other user information from infected sys ...
Cybersecurity researchers say DawDropper campaign delivered four kinds of trojan malware to victims after bypassing Play Store protections.
Financial watchdog accuses 11 of playing role in alleged scam Forsage, an alleged crypto Ponzi scheme purporting to be a decentralized smart contract platform, bilked millions of investors worldwide out of more than $300 million, according to America's se ...
A Justice Department official testifies to a House committee that the cyberattack is a "significant concern."
Customers across several European countries are urged to update credentials in the wake of the attack that affected a gas-pipeline operator and power company.
Canary tokens — also known as honey tokens — force attackers to second-guess their potential good fortune when they come across user and application secrets.
"Bruggling" emerges as a novel technique for pilfering data out from a compromised environment — or for sneaking in malicious code and attack tools.
Come up with a clever caption, and our panel of experts will reward the winner with a $25 Amazon gift card.
Locking in safeguards against incursion with Rubrik Zero Trust Security Webinar It's just any old Monday, already you are mentally ticking off the to do list, and then, as you reach for your morning coffee and switch on your screen. Devastation. You've ...
Samsung offers Galaxy customers some protection from repair technicians abusing access to customers' phones.
Tech companies play a vital role in global communication, which has profound effects on how politics, policies, and human rights issues play out.
Infosec expert Rani Osnat lays out security challenges and offers hope for organizations migrating their IT stack to the private and public cloud environments.
Amazon has revealed that it gives police videos from its Ring doorbells without a warrant and without user consent. Ring recently revealed how often the answer to that question has been yes. The Amazon company responded to an inquiry from US Senator Ed Ma ...
A 'sophisticated, global botnet' held an Eastern European biz under siege over 30 days Akamai Technologies squelched the largest-ever distributed denial-of-service (DDoS) attack in Europe earlier this month against a company that was being consistently ha ...
Investigation continues.
PLUS: India open to space tourism; China/Indonesia infosec pact; Paytm denies breach; Infosys dodges government again; and more Asia In Brief Australia's federal police (AFP) on Friday charged a man with creating and profiting from spyware that allowed ...
For official use only.
Also, malicious VBA macros are out and container files are in, Robin Banks helps criminals rob banks, and more In brief Canadian fast food chain Tim Hortons is settling multiple data privacy class-action lawsuits against it by offering something it know ...
MSP should just stand for My Server's Pwned! A Russian-language miscreant claims to have hacked their way into a managed services provider, and has asked for help monetizing what's said to be access to the networks and computers of that MSP's 50-plus US c ...
Short article on the evolution of the vampire squid. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here.
Identity and access management was front and center at AWS re:inforce this week.
While attackers continue to rely on older, unpatched vulnerabilities, many are jumping on new vulnerabilities as soon as they are disclosed.
Dark Reading's digest of other "don't-miss&quo
t; stories of the week — including a Microsoft alert connecting disparate cybercrime activity together, and an explosion of Luca Stealer variants after an unusual Dark Web move.
Just in time for the midterms The Feds have put up a $10 million reward for information about foreign interference in US elections in general, and more specifically a Russian oligarch and close friend of President Vladimir Putin accused of funding an orga ...
In a Black Hat USA talk, Katie Moussouris will discuss why bug-bounty programs are failing in their goals, and what needs to happen next to use bounties in a way that improves security outcomes.
P2P file system makes it more difficult to detect and take down malicious content Threat groups are increasingly turning to InterPlanetary File System (IPFS) peer-to-peer data sites to host their phishing attacks because the decentralized nature of the sh ...
The first half of the year saw more than 11,800 reported security vulnerabilities, but figuring out which ones to patch first remains a thankless job for IT teams.
The new GuardDuty Malware Protection and Amazon Detective were among 10 products and services unveiled at AWS re:Inforce in Boston this week.
Why was PII belonging to nearly 1 billion people housed in a single, open database? Why didn't anyone notice it was downloaded?
Slow connections are the bane of anyone working, studying, or trying to stay entertained at home. Here's how to fix the most common issues.
Yet another article about cyber-weapons arms manufacturers and their particular supply chain. This one is about Windows and Adobe Reader zero-day exploits sold by an Austrian company named DSIRF. There’s an entire industry devoted to undermining all of ...
Recent LofyLife campaign steals tokens and infects client files to monitor various user actions, such as log-ins, password changes and payment methods.
The campaign uses four malicious packages to spread "Volt Stealer" and "Lofy Stealer" malware in the open source npm software package repository.
Trying to get the whole organization on board with better cybersecurity is much tougher than it may sound.