FreshRSS

🔒
❌ About FreshRSS
☷
△ 🔃
There are new available articles, click to refresh the page.
Before yesterdaySecurity

Russia-Linked Hackers Launches Espionage Attacks on Foreign Diplomatic Entities

By Ravie Lakshmanan
The Russia-linked APT29 (aka Cozy Bear) threat actor has been attributed to an ongoing cyber espionage campaign targeting foreign ministries and diplomatic entities located in NATO member states, the European Union, and Africa. According to Poland's Military Counterintelligence Service and the CERT Polska team, the observed activity shares tactical overlaps with a cluster tracked by Microsoft as

Hunting down BlackLotus – Week in security with Tony Anscombe

By Editor

Microsoft releases guidance on how organizations can check their systems for the presence of BlackLotus, a powerful threat first analyzed by ESET researchers

The post Hunting down BlackLotus – Week in security with Tony Anscombe appeared first on WeLiveSecurity

  • April 14th 2023 at 11:00
  • ↗

Kodi Confirms Data Breach: 400K User Records and Private Messages Stolen

By Ravie Lakshmanan
Open source media player software provider Kodi has confirmed a data breach after threat actors stole the company's MyBB forum database containing user data and private messages. What's more, the unknown threat actors attempted to sell the data dump comprising 400,635 Kodi users on the now-defunct BreachForums cybercrime marketplace. "MyBB admin logs show the account of a trusted but currently

While Twitter wants to sell its verification, Microsoft will do it for free on LinkedIn

Redmond expands a digital ID process for its platform as Musk seeks cash for blue check marks

As Elon Musk tears at Twitter's credibility by demanding businesses and individuals pay for their blue verification checks, Microsoft is pushing its own free digital ID tech to companies and their employees on LinkedIn.…

  • April 14th 2023 at 10:14
  • ↗

Safety first: 5 cybersecurity tips for freelance bloggers

By Márk Szabó

The much-dreaded writer’s block isn’t the only threat that may derail your progress. Are you doing enough to keep your blog (and your livelihood) safe from online dangers?

The post Safety first: 5 cybersecurity tips for freelance bloggers appeared first on WeLiveSecurity

Severe Android and Novi Survey Vulnerabilities Under Active Exploitation

By Ravie Lakshmanan
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The two flaws are listed below - CVE-2023-20963 (CVSS score: 7.8) - Android Framework Privilege Escalation Vulnerability CVE-2023-29492 (CVSS score: TBD) - Novi Survey Insecure Deserialization Vulnerability

Webinar: Tips from MSSPs to MSSPs – Building a Profitable vCISO Practice

By The Hacker News
In today's fast-paced and ever-changing digital landscape, businesses of all sizes face a myriad of cybersecurity threats. Putting in place the right people, technological tools and services, MSSPs are in a great position to ensure their customers' cyber resilience.  The growing need of SMEs and SMBs for structured cybersecurity services can be leveraged by MSPs and MSSPs to provide strategic

Linux kernel logic allowed Spectre attack on 'major cloud provider'

Kernel 6.2 ditched a useful defense against ghostly chip design flaw

The Spectre vulnerability that has haunted hardware and software makers since 2018 continues to defy efforts to bury it.…

  • April 14th 2023 at 06:27
  • ↗

To improve security, consider how the aviation world stopped blaming pilots

When admitting to an error isn't seen as a failure, improvement easy to achieve, says pilot-turned-CISO

To improve security, the cybersecurity industry needs to follow the aviation industry's shift from a blame culture to a "just" culture, according to ISACA director Serge Christiaans.…

  • April 14th 2023 at 04:29
  • ↗

Google Launches New Cybersecurity Initiatives to Strengthen Vulnerability Management

By Ravie Lakshmanan
Google on Thursday outlined a set of initiatives aimed at improving the vulnerability management ecosystem and establishing greater transparency measures around exploitation. "While the notoriety of zero-day vulnerabilities typically makes headlines, risks remain even after they're known and fixed, which is the real story," the company said in an announcement. "Those risks span everything from

Pentagon super-leak suspect cuffed: 21-year-old Air National Guardsman

When bragging about your job on Discord gets just a little out of hand?

The FBI has detained a 21-year-old Air National Guardsman suspected of leaking a trove of classified Pentagon documents on Discord.…

  • April 13th 2023 at 19:52
  • ↗

S3 Ep130: Open the garage bay doors, HAL [Audio + Text]

By Paul Ducklin
I'm sorry, Dave. I'm afraid I can't... errr, no, hang on a minute, I can do that easily! Worldwide! Right now!

RTM Locker: Emerging Cybercrime Group Targeting Businesses with Ransomware

By Ravie Lakshmanan
Cybersecurity researchers have detailed the tactics of a "rising" cybercriminal gang called "Read The Manual" (RTM) Locker that functions as a private ransomware-as-a-service (RaaS) provider and carries out opportunistic attacks to generate illicit profit. "The 'Read The Manual' Locker gang uses affiliates to ransom victims, all of whom are forced to abide by the gang's strict rules,"

The Hacking of ChatGPT Is Just Getting Started

By Matt Burgess
Security researchers are jailbreaking large language models to get around safety rules. Things could get much worse.

WhatsApp Introduces New Device Verification Feature to Prevent Account Takeover Attacks

By Ravie Lakshmanan
Popular instant messaging app WhatsApp on Thursday announced a new account verification feature that ensures that malware running on a user's mobile device doesn't impact their account. "Mobile device malware is one of the biggest threats to people's privacy and security today because it can take advantage of your phone without your permission and use your WhatsApp to send unwanted messages,"

New Python-Based "Legion" Hacking Tool Emerges on Telegram

By Ravie Lakshmanan
An emerging Python-based credential harvester and a hacking tool named Legion is being marketed via Telegram as a way for threat actors to break into various online services for further exploitation. Legion, according to Cado Labs, includes modules to enumerate vulnerable SMTP servers, conduct remote code execution (RCE) attacks, exploit unpatched versions of Apache, and brute-force cPanel and

Pakistan-based Transparent Tribe Hackers Targeting Indian Educational Institutions

By Ravie Lakshmanan
The Transparent Tribe threat actor has been linked to a set of weaponized Microsoft Office documents in intrusions directed against the Indian education sector to deploy a continuously maintained piece of malware called Crimson RAT. While the suspected Pakistan-based threat group is known to target military and government entities in the country, the activities have since expanded to include the

Why Shadow APIs are More Dangerous than You Think

By The Hacker News
Shadow APIs are a growing risk for organizations of all sizes as they can mask malicious behavior and induce substantial data loss. For those that aren't familiar with the term, shadow APIs are a type of application programming interface (API) that isn't officially documented or supported.  Contrary to popular belief, it's unfortunately all too common to have APIs in production that no one on

Lazarus Hacker Group Evolves Tactics, Tools, and Targets in DeathNote Campaign

By Ravie Lakshmanan
The North Korean threat actor known as the Lazarus Group has been observed shifting its focus and rapidly evolving its tools and tactics as part of a long-running campaign called DeathNote. While the nation-state adversary is known for persistently singling out the cryptocurrency sector, recent attacks have also targeted automotive, academic, and defense sectors in Eastern Europe and other parts

ChatGPT Security: OpenAI's Bug Bounty Program Offers Up to $20,000 Prizes

By Ravie Lakshmanan
OpenAI, the company behind the massively popular ChatGPT AI chatbot, has launched a bug bounty program in an attempt to ensure its systems are "safe and secure." To that end, it has partnered with the crowdsourced security platform Bugcrowd for independent researchers to report vulnerabilities discovered in its product in exchange for rewards ranging from "$200 for low-severity findings to up to
  • April 13th 2023 at 04:35
  • ↗

How insecure is America's FirstNet emergency response system? Seriously, anyone know?

Senator Wyden warns full probe needed into vital comms network

AT&T is "concealing vital cybersecurity reporting" about its FirstNet phone network for first responders and the US military, according to US Senator Ron Wyden (D-OR), who said the network had been dubbed unsafe by CISA.…

  • April 12th 2023 at 23:58
  • ↗

FBI: How fake Xi cops prey on Chinese nationals in the US

你好 [insert name], 我在 Ministry of Public Security 工作 [insert shakedown]

Criminals posing as law enforcement agents of the Chinese government are shaking down Chinese nationals living the United States by accusing them of financial crimes and threatening to arrest or hurt them if they don't pay, according to the FBI.…

  • April 12th 2023 at 23:26
  • ↗

Leaked Pentagon Documents May Herald a New Era of Revelations

By Lily Hay Newman
The bizarre release of sensitive US government materials soon after their creation signals a potential shift to near-real-time unauthorized disclosures.

LinkedIn Verification Now Lets You Verify Your Job and Account

By Lily Hay Newman
To beat back fake accounts, the professional social network is rolling out new tools to prove you work where you say you do and are who you say you are.

Israel-based Spyware Firm QuaDream Targets High-Risk iPhones with Zero-Click Exploit

By Ravie Lakshmanan
Threat actors using hacking tools from an Israeli surveillanceware vendor named QuaDream targeted at least five members of civil society in North America, Central Asia, Southeast Asia, Europe, and the Middle East. According to findings from a group of researchers from the Citizen Lab, the spyware campaign was directed against journalists, political opposition figures, and an NGO worker in 2021.
  • April 12th 2023 at 11:58
  • ↗

The Service Accounts Challenge: Can't See or Secure Them Until It's Too Late

By The Hacker News
Here's a hard question to answer: 'How many service accounts do you have in your environment?'. A harder one is: 'Do you know what these accounts are doing?'. And the hardest is probably: 'If any of your service account was compromised and used to access resources would you be able to detect and stop that in real-time?'.  Since most identity and security teams would provide a negative reply,
  • April 12th 2023 at 11:50
  • ↗

What are the cybersecurity concerns of SMBs by sector?

By Editor

Some sectors have high confidence in their in-house cybersecurity expertise, while others prefer to enlist the support of an external provider to keep their systems and data secured

The post What are the cybersecurity concerns of SMBs by sector? appeared first on WeLiveSecurity

Mission possible

Tamping down risk in cloud management

Webinar There's nothing like reading a report based on real world data to give IT teams an fresh sense of priority.…

  • April 12th 2023 at 09:21
  • ↗

Urgent: Microsoft Issues Patches for 97 Flaws, Including Active Ransomware Exploit

By Ravie Lakshmanan
It's the second Tuesday of the month, and Microsoft has released another set of security updates to fix a total of 97 flaws impacting its software, one of which has been actively exploited in ransomware attacks in the wild. Seven of the 97 bugs are rated Critical and 90 are rated Important in severity. Interestingly, 45 of the shortcomings are remote code execution flaws, followed by 20
  • April 12th 2023 at 06:38
  • ↗

3CX teases security-focused client update, plus password hashing

As Mandiant finds more evidence it was North Korea wot done it

The CEO of VoIP software provider 3CX has teased the imminent release of a security-focused upgrade to the company’s progressive web application client.…

  • April 12th 2023 at 04:35
  • ↗

North Korean Hackers Uncovered as Mastermind in 3CX Supply Chain Attack

By Ravie Lakshmanan
Enterprise communications service provider 3CX confirmed that the supply chain attack targeting its desktop application for Windows and macOS was the handiwork of a threat actor with North Korean nexus. The findings are the result of an interim assessment conducted by Google-owned Mandiant, whose services were enlisted after the intrusion came to light late last month. The threat intelligence
  • April 12th 2023 at 04:06
  • ↗

US cyber chiefs warn AI will help crooks, China develop nastier cyberattacks faster

It's not all doom and gloom because ML also amplifies defensive efforts, probably

Bots like ChatGPT may not be able to pull off the next big Microsoft server worm or Colonial Pipeline ransomware super-infection but they may help criminal gangs and nation-state hackers develop some attacks against IT, according to Rob Joyce, director of the NSA's Cybersecurity Directorate.…

  • April 12th 2023 at 01:50
  • ↗
❌