NoCrypt: AntiRansomware Linux Kernel Module

submitted by /u/nivebb
[link] [comments]

PyPI Repository Under Attack: User Sign-Ups and Package Uploads Temporarily Halted

The maintainers of Python Package Index (PyPI), the official third-party software repository for the Python programming language, have temporarily disabled the ability for users to sign up and upload new packages until further notice. "The volume of malicious users and malicious projects being created on the index in the past week has outpaced our ability to respond to it in a timely fashion,

Cisco Small Business Series Switches Buffer Overflow Vulnerabilities

submitted by /u/mstfknn
[link] [comments]

PoC for Decrypting SAP Cloud Connector SSFS: Utilizing 'getRecord' Function to Decrypt SSFS Properties without Information of Encryption Algorithm

submitted by /u/vah_13
[link] [comments]

Meet 'Jack' from Romania! Mastermind Behind Golden Chickens Malware

The identity of the second threat actor behind the Golden Chickens malware has been uncovered courtesy of a "fatal" operational security blunder, cybersecurity firm eSentire said. The individual in question, who lives in Bucharest, Romania, has been given the codename Jack. He is one of the two criminals operating an account on the Russian-language Exploit.in forum under the name "badbullzvenom

Notorious Cyber Gang FIN7 Returns With Cl0p Ransomware in New Wave of Attacks

The notorious cybercrime group known as FIN7 has been observed deploying Cl0p (aka Clop) ransomware, marking the threat actor's first ransomware campaign since late 2021. Microsoft, which detected the activity in April 2023, is tracking the financially motivated actor under its new taxonomy Sangria Tempest. "In these recent attacks, Sangria Tempest uses the PowerShell script POWERTRASH to load

Warning: Samsung Devices Under Attack! New Security Flaw Exposed

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned of active exploitation of a medium-severity flaw affecting Samsung devices. The issue, tracked as CVE-2023-21492 (CVSS score: 4.4), impacts select Samsung devices running Android versions 11, 12, and 13. The South Korean electronics giant described the issue as an information disclosure flaw that could be exploited by a

Moderator Applications Open

submitted by /u/sanitybit
[link] [comments]

Release 0.2 · PyCript BurpSuite Extension

submitted by /u/Ano_F
[link] [comments]

How You, or Anyone, Can Dodge Montana’s TikTok Ban

Montana’s TikTok ban will be impossible to enforce. But it could encourage copycat crackdowns against the social media app.

Millions Of Android TVs And Phones Come With Malware

Cisco Squashes Critical Bugs In Small Biz Switches

FTC To Crack Down On Biometric, Health Privacy Violations

US Supreme Court Leaves Protections For Internet Companies Unscathed

Privacy Sandbox Initiative: Google to Phase Out Third-Party Cookies Starting 2024

Google has announced plans to officially flip the switch on its twice-delayed Privacy Sandbox initiatives as it slowly works its way to deprecate support for third-party cookies in Chrome browser. To that end, the search and advertising giant said it intends to phase out third-party cookies for 1% of Chrome users globally in the first quarter of 2024. "This will support developers in conducting

Dr. Active Directory vs. Mr. Exposed Attack Surface: Who'll Win This Fight?

Active Directory (AD) is among the oldest pieces of software still used in the production environment and can be found in most organizations today. This is despite the fact that its historical security gaps have never been amended. For example, because of its inability to apply any security measures beyond checking for a password and username match, AD (as well the resources it manages) is

Developer Alert: NPM Packages for Node.js Hiding Dangerous TurkoRat Malware

Two malicious packages discovered in the npm package repository have been found to conceal an open source information stealer malware called TurkoRat. The packages – named nodejs-encrypt-agent and nodejs-cookie-proxy-agent – were collectively downloaded approximately 1,200 times and were available for more than two months before they were identified and taken down. ReversingLabs, which broke

A Mysterious Group Has Ties to 15 Years of Ukraine-Russia Hacks

Kaspersky researchers have uncovered clues that further illuminate the hackers’ activities, which appear to have begun far earlier than originally believed.

UK's GDPR replacement could wipe out oversight of live facial recognition

Question not whether UK police should use facial recog, but how, says surveillance chief

Biometrics and surveillance camera commissioner Professor Fraser Sampson has warned that independent oversight of facial recognition is at risk just as the policing minister plans to "embed" it into the force.…

Automate the process of discovering and exploiting ESC1 & ESC8 ADCS vulnerabilities 🔥

submitted by /u/S3cur3Th1sSh1t
[link] [comments]

15 Most Loved ASP .Net Development Tools

submitted by /u/CaptainonHoliday
[link] [comments]

Apple warns of three WebKit vulns under active exploitation, dozens more CVEs across its range

High school student and Amnesty International named among bug-finders

Apple has issued a bushel of security updates and warned that three of the flaws it's fixed are under active attack.…

Apple’s secret is out: 3 zero-days fixed, so be sure to patch now!

All Apple users have zero-days that need patching, though some have more zero-days than others.

Cisco squashes critical bugs in small biz switches

You'll want to patch these as proof-of-concept exploit code is out there already

Cisco rolled out patches for four critical security vulnerabilities in several of its network switches for small businesses that can be exploited to remotely hijack the equipment.…

OSINT Industries - 180+ modules to do OSINT from an email address, free beta

submitted by /u/mxrchreborn
[link] [comments]

S3 Ep135: Sysadmin by day, extortionist by night

Laugh (sufficiently), learn (efficiently), and then let us know what you think in our comments (anonymously, if you wish)...

Off-Boarding Cloud Builders and Security Practioners Poses Challenges for Companies With Cloud Environments

submitted by /u/randallvancity
[link] [comments]

How to Stop Google From Deleting Your Inactive Account

Your inactive profiles, like Gmail or Docs, could turn into digital dust later this year. A few clicks can save them.

Microsoft decides it will be the one to choose which secure login method you use

Certificate-based authentication comes first and phones last

Microsoft wants to take the decision of which multi-factor authentication (MFA) method to use out of the users' hands and into its own.…

Walking the Tightrope: Maximizing Information Gathering while Avoiding Detection for Red Teams

submitted by /u/HackingLZ
[link] [comments]

Six Million Patients' Data Feared Stolen From PharMerica

Threat Actor Bypasses Detection, Protections In Microsoft Azure Serial Console

DOJ Links Iran, China, And Russia To Five IP-Theft Related Cases

Polish News Websites Hit By DDoS Attacks

From GitHub to Account Takeover: Misconfigured Actions Place GCP & AWS Accounts at Risk - Rezonate

submitted by /u/Or1rez
[link] [comments]

Top 5 search engines for internet‑connected devices and services

A roundup of some of the handiest tools that security professionals can use to search for and monitor devices that are accessible from the internet

The post Top 5 search engines for internet‑connected devices and services appeared first on WeLiveSecurity

Six million patients' data feared stolen from PharMerica

Cue the inevitable class action lawsuit

PharMerica, one of the largest pharmacy service providers in the US, has revealed its IT systems were breached – and it's feared the intruders stole personal and healthcare data belonging to more than 5.8 million past customers…

'Strictly limit' remote desktop – unless you like catching BianLian ransomware

Do it or don't. We're not cops. But the FBI are, and they have this to say

The FBI and friends have warned organizations to "strictly limit the use of RDP and other remote desktop services" to avoid BianLian infections and the ransomware gang's extortion attempts that follow the data encryption.…

US offers $10m bounty for Russian ransomware suspect outed in indictment

"Up to $10 million for information that leads to the arrest and/or conviction of this defendant."

The US Post Office Is Spying on the Mail. Senators Want to Stop It

The USPS carries out warrantless surveillance on thousands of parcels every year. Lawmakers want it to end—right now.

PASTIS - a Python framework for ensemble fuzzing

submitted by /u/Gallus
[link] [comments]

Security Advisory: Unauthenticated Remote Command Execution in Multiple WAGO Products

submitted by /u/g_e_r_h_a_r_d
[link] [comments]

Bug bounties are broken - the story of "i915" bug, ChromeOS + Intel bounty programs, and beyond

submitted by /u/Adam_pi3
[link] [comments]

Arbitrary email forgery in Webflow [PDF]

submitted by /u/Gallus
[link] [comments]

Twitter Sued Over Saudi Spying That Landed User In Prison

Upstart Encryption App Walks Back Privacy Claims, Pulls From Stores After Probe

US Charges, Sanctions Russian Ransomware Operator Who Leaked Stolen DC Police Data

Oil And Gas Sectors Lag Behind Other Industries In Gathering Intel

Ex-Apple Engineer Accused Of Stealing Self-Driving Car Secrets

Malware Turns Home Routers Into Proxies For Chinese Hackers

Meet “AI”, your new colleague: could it expose your company’s secrets?

Before rushing to embrace the LLM-powered hire, make sure your organization has safeguards in place to avoid putting its business and customer data at risk

The post Meet “AI”, your new colleague: could it expose your company’s secrets? appeared first on WeLiveSecurity

Searching for AI Tools? Watch Out for Rogue Sites Distributing RedLine Malware

Malicious Google Search ads for generative AI services like OpenAI ChatGPT and Midjourney are being used to direct users to sketchy websites as part of a BATLOADER campaign designed to deliver RedLine Stealer malware. "Both AI services are extremely popular but lack first-party standalone apps (i.e., users interface with ChatGPT via their web interface while Midjourney uses Discord)," eSentire

WebKit Under Attack: Apple Issues Emergency Patches for 3 New Zero-Day Vulnerabilities

Apple on Thursday rolled out security updates to iOS, iPadOS, macOS, tvOS, watchOS, and the Safari web browser to address dozens of flaws, including three new zero-days that it said are being actively exploited in the wild. The three security shortcomings are listed below - CVE-2023-32409 - A WebKit flaw that could be exploited by a malicious actor to break out of the Web Content sandbox. It

This Cybercrime Syndicate Pre-Infected Over 8.9 Million Android Phones Worldwide

A cybercrime enterprise known as Lemon Group is leveraging millions of pre-infected Android smartphones worldwide to carry out their malicious operations, posing significant supply chain risks. "The infection turns these devices into mobile proxies, tools for stealing and selling SMS messages, social media and online messaging accounts and monetization via advertisements and click fraud,"

Zero Trust + Deception: Join This Webinar to Learn How to Outsmart Attackers!

Cybersecurity is constantly evolving, but complexity can give hostile actors an advantage. To stay ahead of current and future attacks, it's essential to simplify and reframe your defenses. Zscaler Deception is a state-of-the-art next-generation deception technology seamlessly integrated with the Zscaler Zero Trust Exchange. It creates a hostile environment for attackers and enables you to track

How to Reduce Exposure on the Manufacturing Attack Surface

Digitalization initiatives are connecting once-isolated Operational Technology (OT) environments with their Information Technology (IT) counterparts. This digital transformation of the factory floor has accelerated the connection of machinery to digital systems and data. Computer systems for managing and monitoring digital systems and data have been added to the hardware and software used for

Escalating China-Taiwan Tensions Fuel Alarming Surge in Cyber Attacks

The rising geopolitical tensions between China and Taiwan in recent months have sparked a noticeable uptick in cyber attacks on the East Asian island country. "From malicious emails and URLs to malware, the strain between China's claim of Taiwan as part of its territory and Taiwan's maintained independence has evolved into a worrying surge in attacks," the Trellix Advanced Research Center said 

8220 Gang Exploiting Oracle WebLogic Flaw to Hijack Servers and Mine Cryptocurrency

The notorious cryptojacking group tracked as 8220 Gang has been spotted weaponizing a six-year-old security flaw in Oracle WebLogic servers to ensnare vulnerable instances into a botnet and distribute cryptocurrency mining malware. The flaw in question is CVE-2017-3506 (CVSS score: 7.4), which, when successfully exploited, could allow an unauthenticated attacker to execute arbitrary commands

Darknet Carding Kingpin Pleads Guilty: Sold Financial Info of Tens of Thousands

A U.S. national has pleaded guilty in a Missouri court to operating a darknet carding site and selling financial information belonging to tens of thousands of victims in the country. Michael D. Mihalo, aka Dale Michael Mihalo Jr. and ggmccloud1, has been accused of setting up a carding site called Skynet Market that specialized in the trafficking of credit and debit card data. Mihalo and his

Apple Thwarts $2 Billion in App Store Fraud, Rejects 1.7 Million App Submissions

Apple has announced that it prevented over $2 billion in potentially fraudulent transactions and rejected roughly 1.7 million app submissions for privacy and security violations in 2022. The computing giant said it terminated 428,000 developer accounts for potential fraudulent activity, blocked 105,000 fake developer account creations, and deactivated 282 million bogus customer accounts. It