Researchers Warn of Critical Security Bugs in Schneider Electric Modicon PLCs

Security researchers have disclosed two new vulnerabilities affecting Schneider Electric Modicon programmable logic controllers (PLCs) that could allow for authentication bypass and remote code execution. The flaws, tracked as CVE-2022-45788 (CVSS score: 7.5) and CVE-2022-45789 (CVSS score: 8.1), are part of a broader collection of security defects tracked by Forescout as OT:ICEFALL. Successful

Crypto Buyers Beware: 1 in 4 New Tokens of Any Value Is a Scam

And according to tracing firm Chainalysis, one very prolific scammer ran at least 264 of those scams in 2022 alone.

Breaking the Security "Black Box" in DBs, Data Warehouses and Data Lakes

Security teams typically have great visibility over most areas, for example, the corporate network, endpoints, servers, and cloud infrastructure. They use this visibility to enforce the necessary security and compliance requirements. However, this is not the case when it comes to sensitive data sitting in production or analytic databases, data warehouses or data lakes. Security teams have to

New Threat Actor WIP26 Targeting Telecom Service Providers in the Middle East

Telecommunication service providers in the Middle East are being targeted by a previously undocumented threat actor as part of a suspected intelligence gathering mission. Cybersecurity firms SentinelOne and QGroup are tracking the activity cluster under the former's work-in-progress moniker WIP26. "WIP26 relies heavily on public cloud infrastructure in an attempt to evade detection by making

These aren’t the apps you’re looking for: fake installers targeting Southeast and East Asia

ESET researchers have identified a campaign using trojanized installers to deliver the FatalRAT malware, distributed via malicious websites linked in ads that appear in Google search results

The post These aren’t the apps you’re looking for: fake installers targeting Southeast and East Asia appeared first on WeLiveSecurity

ESXiArgs Ransomware Hits Over 500 New Targets in European Countries

More than 500 hosts have been newly compromised en masse by the ESXiArgs ransomware strain, most of which are located in France, Germany, the Netherlands, the U.K., and Ukraine. The findings come from attack surface management firm Censys, which discovered "two hosts with strikingly similar ransom notes dating back to mid-October 2022, just after ESXi versions 6.5 and 6.7 reached end of life."

Descope Handles Authentication So Developers Don't Have To

Developers don't have to build authentication and user management from scratch, and can devote their energies to the core functions of the application, instead.

Infrastructure Risks Increase As IT and OT Converge

Explosive growth of devices associated with the Internet of Things and operational technologies gives attackers a larger pool of targets.

ESXiArgs ransomware fights off Team America's data recovery script

Want a clue to what you’re dealing with? Check the ransom note

That didn't take long.…

Oligo Security Takes Aim at Open Source Vulnerabilities

The startup's software helps organizations secure their containers in the cloud by teasing out which packages are running and which are vulnerable.

ChatGPT Subs In as Security Analyst, Hallucinates Only Occasionally

Incident response triage and software vulnerability discovery are two areas where the large language model has demonstrated success, although false positives are common.

Brivo Reveals Top Security Trends for 2023: Convenience Is King in Securing the Hybrid Workplaces of the Future

Factoring user experience and convenience into how employees and tenants access buildings is top concern for security professionals says benchmark industry survey.

Call for Speakers Now Open for the RH-ISAC Cyber Intelligence Summit

Retail & Hospitality ISAC invites industry leaders, experts, and innovators to submit proposals for presentations and panel discussions.

Intel patches up SGX best it can after another load of security holes found

Plus bugs squashed in Server Platform Services and more

Intel's Software Guard Extensions (SGX) are under the spotlight again after the chipmaker disclosed several newly discovered vulnerabilities affecting the tech, and recommended users update their firmware.…

GAO Calls for Improved Data Privacy Protections

US federal watchdog agency outlines key measures for better protecting sensitive data under the federal government's control.

2023 Is the Year of Risk: 5 Ways to Prepare

2022 saw a record number of cyberattacks. In response, regulators are prescribing how companies should manage their risks. How do you prepare?

3 Ways CISOs Can Lead Effectively and Avoid Burnout

Information security is a high-stakes field with sky-high expectations. Here's how CISOs can can offset the pressures and stay healthy.

What Purple Teams Wish Companies Knew

Here are some of the easily avoidable mistakes most companies made last year, gleaned from hundreds of cybersecurity engagements by red and blue teams.

Build Cyber Resiliency With These Security Threat-Mitigation Considerations

CISOs need to define their risk tolerance, identify specific critical data, and make changes based on strategic business goals.

IGEL Unveils COSMOS, the Unified End User Computing Platform for Secure, Managed Access to Any Cloud Workspace

Server-side prototype pollution: Black-box detection without the DoS

submitted by /u/Gallus
[link] [comments]

Report Reveals Record-Breaking Year for Cyber Threats

5th State of CCPA, CPRA, and GDPR Compliance Report Shows More Than 90% of Companies Are Not Compliant

As CPRA went into effect on January 1, latest CYTRIO research says 91% of companies still uncompliant with GDPR; 92% not compliant with CCPA and CPRA.

1898 & Co Launches New Cybersecurity Service for Critical Infrastructure

NIST's New Crypto Standard a Step Forward in IoT Security

The National Institute of Standards and Technology has settled on a standard for encrypting Internet of Things (IoT) communications, but many devices remain vulnerable and unpatched.

How Security Teams Can Protect Employees Beyond Corporate Walls

De-shaming security mistakes and taking the blame and punishment out of incident reporting can strengthen security efforts both inside and outside of the workplace.

Russian Cybercriminal Faces Decades in Prison for Hacking and Trading Operation

Vladislav Klyushin and co-conspirators used SEC filings stolen from the networks of Tesla, Roku, and other publicly traded companies to earn nearly $100 million in illegal trades.

Storage security toughen-up for compliance and cyberwar in 2023

Giving storage platforms enhanced built-in security features will be a significant step toward counteracting the impacts of cybercrime in 2023, Dell experts predict

Sponsored Feature Cybercriminals tend not to discriminate when it comes to the type of data they steal. Structured or unstructured, both formats contain valuable information that will bring them a profit. From a cybersecurity practitioner's perspective, however, structural state presents specific challenges when it comes to storing and moving sensitive data assets around.…

The East Palestine, Ohio Train Derailment Created a Perfect TikTok Storm

The social media platform helped push the story into the mainstream while also fueling misinformation and conspiracy theories.

A-Salt: Attacking SaltStack

Apple Splats Zero-Day Bug, Other Gremlins In macOS, iOS

Solving Open Source Security - From Alpha To Omega

Latest Attack On PyPi Users Shows Crooks Are Only Getting Better

Android Launches Another Way To Spy On Users With Privacy Sandbox Beta

High Severity DLP Flaw Impacts Trellix For Windows

Revealed: The Hacking And Disinformation Team Meddling In Elections

Hyundai And Kia Issue Software Upgrades To Thwart TikTok Car Theft Hack

Cloudflare Blocked Largest Reported DDoS Attack At 71M Requests Per Second

US Border Protection Is Finally Able to Check E-Passport Data

After 16 years, the agency has implemented the software to cryptographically verify digital passport data—and it’s already caught a dozen alleged fraudsters.

North Korea's APT37 Targeting Southern Counterpart with New M2RAT Malware

The North Korea-linked threat actor tracked as APT37 has been linked to a piece of new malware dubbed M2RAT in attacks targeting its southern counterpart, suggesting continued evolution of the group's features and tactics. APT37, also tracked under the monikers Reaper, RedEyes, Ricochet Chollima, and ScarCruft, is an element within North Korea's Ministry of State Security (MSS) unlike the

Webinar — A MythBusting Special: 9 Myths about File-based Threats

Bad actors love to deliver threats in files. Persistent and persuasive messages convince unsuspecting victims to accept and open files from unknown sources, executing the first step in a cyber attack.  This continues to happen whether the file is an EXE or a Microsoft Excel document. Far too often, end users have an illusion of security, masked by good faith efforts of other users and (

Financially Motivated Threat Actor Strikes with New Ransomware and Clipper Malware

A new financially motivated campaign that commenced in December 2022 has seen the unidentified threat actor behind it deploying a novel ransomware strain dubbed MortalKombat and a clipper malware known as Laplas. Cisco Talos said it "observed the actor scanning the internet for victim machines with an exposed remote desktop protocol (RDP) port 3389." The attacks, per the cybersecurity company,

What to Look for When Buying a Security Camera (2023): Tips and Risks

Eufy's recent scandal shows it's not so much about the data breach but about how a company responds. Here are a few ways to shop smart.

10 signs that scammers have you in their sights

Don’t be their next victim – here’s a handy round-up of some the most common signs that should set your alarm bells ringing

The post 10 signs that scammers have you in their sights appeared first on WeLiveSecurity

Regular Pen Testing Is Key to Resolving Conflict Between SecOps and DevOps

In an ideal world, security and development teams would be working together in perfect harmony. But we live in a world of competing priorities, where DevOps and security departments often butt heads with each other. Agility and security are often at odds with each other— if a new feature is delivered quickly but contains security vulnerabilities, the SecOps team will need to scramble the release

Experts Warn of 'Beep' - A New Evasive Malware That Can Fly Under the Radar

Cybersecurity researchers have unearthed a new piece of evasive malware dubbed Beep that's designed to fly under the radar and drop additional payloads onto a compromised host. "It seemed as if the authors of this malware were trying to implement as many anti-debugging and anti-VM (anti-sandbox) techniques as they could find," Minerva Labs researcher Natalie Zargarov said. "One such technique

Cross-Thread Return Address Predictions

submitted by /u/Gallus
[link] [comments]

Google Rolling Out Privacy Sandbox Beta on Android 13 Devices

Google announced on Tuesday that it's officially rolling out Privacy Sandbox on Android in beta to eligible mobile devices running Android 13. "The Privacy Sandbox Beta provides new APIs that are designed with privacy at the core, and don't use identifiers that can track your activity across apps and websites," the search and advertising giant said. "Apps that choose to participate in the Beta

Hyundai and Kia issue software upgrades to thwart killer TikTok car theft hack

Gone in 60 seconds using a USB-A plug and brute force instead of a key

Korean car-makers Hyundai and Kia will issue software updates to some of their models after a method of stealing them circulated on TikTok, leading to many thefts and even some deaths.…

Apple splats zero-day bug, other gremlins in macOS, iOS

WebKit flaw 'may have been exploited' – just like Tim Cook 'may have' made a million bucks this week

Apple this week released bug-splatting updates to its operating systems and Safari browser, to fix a zero-day vulnerability in its WebKit browser engine that's reported to have been actively exploited.…

cURL audit: How a joke led to significant findings

submitted by /u/Gallus
[link] [comments]

HAProxy Security Update (CVE-2023-25725) - HTTP content smuggling attack

submitted by /u/Gallus
[link] [comments]

Update Now: Microsoft Releases Patches for 3 Actively Exploited Windows Vulnerabilities

Microsoft on Tuesday released security updates to address 75 flaws spanning its product portfolio, three of which have come under active exploitation in the wild. The updates are in addition to 22 flaws the Windows maker patched in its Chromium-based Edge browser over the past month. Of the 75 vulnerabilities, nine are rated Critical and 66 are rated Important in severity. 37 out of 75 bugs are

Google Lets Anyone See Original Uncropped Images – Proof of Concept

submitted by /u/moxofoxo
[link] [comments]

Could Electric Vehicles Be Hacked? Meta-analysis on the risks of the EV ecosystem.

submitted by /u/UnexpectedLizard
[link] [comments]

Expel Tackles Cloud Threats With MDR for Kubernetes

The new managed detection and response platform simplifies cloud security for Kubernetes applications.

Russian crook made $90M exploiting stolen info on Tesla, Roku, Avnet, Snap, more

Undisclosed earnings reports swiped, exploited

A Russian national with ties to the Kremlin exploited stolen upcoming financial filings belonging to hundreds of companies to help him and his associates net more than $90 million.…

OT Network Security Myths Busted in a Pair of Hacks

How newly exposed security weaknesses in industrial wireless, cloud-based interfaces, and nested PLCs serve as a wake-up call for hardening the physical process control layer of the OT network.

Microsoft delivers 75-count box of patches for Valentine's Day

Adobe, SAP, Intel, AMD, Android also show up with bouquet of fixes

Patch Tuesday Happy Patch Tuesday for February, 2023, which falls on Valentine's Day.…

9 New Microsoft Bugs to Patch Now

78 new CVEs patched in this month's batch — nearly half of which are remotely executable and three of which attackers already are exploiting.