FreshRSS

πŸ”’
❌ About FreshRSS
☷
β–³ πŸ”ƒ
There are new available articles, click to refresh the page.
Before yesterdaySecurity

Weekly Update 348

By Troy Hunt
Weekly Update 348

I feel like the .zip TLD debate is one of those cases where it's very easy for the purest security view to overwhelm the practical human reality. I'm yet to see a single good argument that is likely to have real world consequences as far as phishing goes and whilst I understand the sentiment surrounding the confusion new TLDs with common file types, all "the sky is falling" commentary I've seen is speculative at best. But hey, there's no rolling it back now, we can start judging by what actually happens with the TLD rather than sitting around creating misuse hypotheses.

Weekly Update 348
Weekly Update 348
Weekly Update 348
Weekly Update 348

References

  1. The .zip TLD situation really isn't going to impact phishing (and if you don't agree, too bad, it's here now so we'll know for sure soon enough)
  2. The ABC's "mosaic effect" visualisation of HIBP data is really cool (give this a go, it's a great way of seeing what the impact of data breaches really looks like)
  3. Luxottica had over 70M unique customer records exposed (also looks like they never contacted impacted individuals)
  4. Sponsored by: Kolide can get your cross-platform fleet to 100% compliance. It's Zero Trust for Okta. Want to see for yourself? Book a demo.

The Real Risks in Google’s New .Zip and .Mov Domains

By Lily Hay Newman
While the company’s new top-level domains could be used in phishing attacks, security researchers are divided on how big of a problem they really pose.

A TikTok β€˜Car Theft’ Challenge Is Costing Hyundai $200 Million

By Andrew Couts
Plus: The FBI gets busted abusing a spy tool, an ex-Apple engineer is charged with corporate espionage, and collection of airborne DNA raises new privacy risks.

The Underground History of Turla, Russia's Most Ingenious Hacker Group

By Andy Greenberg
From USB worms to satellite-based hacking, Russia’s FSB hackers, known as Turla, have spent 25 years distinguishing themselves as β€œadversary number one.”

Teen in court after '$600K swiped from DraftKings gamblers'

Bet he didn't expect these computer hacking charges

An 18-year-old Wisconsin man has been charged with allegedly playing a central role in the theft of $600,000 from DraftKings customer accounts.…

  • May 19th 2023 at 23:56
  • β†—

Russian IT guy sent to labor camp for DDoSing Kremlin websites

Pro-Ukraine techie gets hard time

A Russian IT worker accused of participating in pro-Ukraine denial of service attacks against Russian government websites has been sentenced to three years in a penal colony and ordered to pay 800,000 rubles (about $10,000). …

  • May 19th 2023 at 20:14
  • β†—

The real cost of a free lunch – Week in security with Tony Anscombe

By Editor

Don't download software from non-reputable websites and sketchy links – you might be in for more than you bargained for

The post The real cost of a free lunch – Week in security with Tony Anscombe appeared first on WeLiveSecurity

  • May 19th 2023 at 12:30
  • β†—

PyPI Repository Under Attack: User Sign-Ups and Package Uploads Temporarily Halted

By Ravie Lakshmanan
The maintainers of Python Package Index (PyPI), the official third-party software repository for the Python programming language, have temporarily disabled the ability for users to sign up and upload new packages until further notice. "The volume of malicious users and malicious projects being created on the index in the past week has outpaced our ability to respond to it in a timely fashion,

Meet 'Jack' from Romania! Mastermind Behind Golden Chickens Malware

By Ravie Lakshmanan
The identity of the second threat actor behind the Golden Chickens malware has been uncovered courtesy of a "fatal" operational security blunder, cybersecurity firm eSentire said. The individual in question, who lives in Bucharest, Romania, has been given the codename Jack. He is one of the two criminals operating an account on the Russian-language Exploit.in forum under the name "badbullzvenom

Notorious Cyber Gang FIN7 Returns With Cl0p Ransomware in New Wave of Attacks

By Ravie Lakshmanan
The notorious cybercrime group known as FIN7 has been observed deployingΒ Cl0pΒ (aka Clop) ransomware, marking the threat actor's first ransomware campaign since late 2021. Microsoft, which detected the activity in April 2023, is tracking the financially motivated actor under its new taxonomyΒ Sangria Tempest. "In these recent attacks, Sangria Tempest uses the PowerShell script POWERTRASH to load

Warning: Samsung Devices Under Attack! New Security Flaw Exposed

By Ravie Lakshmanan
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has warned of active exploitation of a medium-severity flaw affecting Samsung devices. The issue, tracked asΒ CVE-2023-21492Β (CVSS score: 4.4), impacts select Samsung devices running Android versions 11, 12, and 13. The South Korean electronics giant described the issue as an information disclosure flaw that could be exploited by a

Moderator Applications Open

By /u/sanitybit

Hello /r/netsec,

I am excited to announce that we are opening up applications for new moderators to join the existing moderation team. As our community continues to expand, we want to ensure that we maintain the quality and integrity of the content shared here.

If you are passionate about information security and have a strong desire to help maintain and foster community, we encourage you to apply!

Preferred qualifications:

  1. A history of posting links and/or comments to /r/netsec, demonstrating your active participation in the community.
  2. At least 3 years of academic or professional experience in information security.
  3. Not involved with the marketing team of any major vendor, to ensure unbiased moderation.
  4. Have read and agree with the /r/netsec posting guidelines.

Application Process:

To apply, please submit the following information via ModMail:

  1. Briefly describe your experience in information security, including any relevant certifications or qualifications.
  2. Explain your history of posting and participating in the /r/netsec community.
  3. Confirm that you are not involved with the marketing team of any major vendor.
  4. Describe why you want to become a moderator for /r/netsec and how you can contribute to maintaining and enhancing the quality of our community.

Applying shouldn't feel like a chore; ~1 paragraph per question is more than enough.

We'll review your application and /r/netsec posting history before deciding.

New moderator selections will be announced on May 31st.

submitted by /u/sanitybit
[link] [comments]

How You, or Anyone, Can Dodge Montana’s TikTok Ban

By Amanda Hoover
Montana’s TikTok ban will be impossible to enforce. But it could encourage copycat crackdowns against the social media app.

Privacy Sandbox Initiative: Google to Phase Out Third-Party Cookies Starting 2024

By Ravie Lakshmanan
Google has announced plans to officially flip the switch on its twice-delayedΒ Privacy SandboxΒ initiatives as it slowly works its way to deprecate support for third-party cookies in Chrome browser. To that end, the search and advertising giant said it intends to phase out third-party cookies for 1% of Chrome users globally in the first quarter of 2024. "This will support developers in conducting

Dr. Active Directory vs. Mr. Exposed Attack Surface: Who'll Win This Fight?

By The Hacker News
Active Directory (AD) is among the oldest pieces of software still used in the production environment and can be found in most organizations today. This is despite the fact that its historical security gaps have never been amended. For example, because of its inability to apply any security measures beyond checking for a password and username match, AD (as well the resources it manages) is

Developer Alert: NPM Packages for Node.js Hiding Dangerous TurkoRat Malware

By Ravie Lakshmanan
Two malicious packages discovered in the npm package repository have been found to conceal an open source information stealer malware calledΒ TurkoRat. The packages – named nodejs-encrypt-agent and nodejs-cookie-proxy-agent – were collectively downloaded approximately 1,200 times and were available for more than two months before they were identified and taken down. ReversingLabs, which broke

A Mysterious Group Has Ties to 15 Years of Ukraine-Russia Hacks

By Lily Hay Newman
Kaspersky researchers have uncovered clues that further illuminate the hackers’ activities, which appear to have begun far earlier than originally believed.

UK's GDPR replacement could wipe out oversight of live facial recognition

Question not whether UK police should use facial recog, but how, says surveillance chief

Biometrics and surveillance camera commissioner Professor Fraser Sampson has warned that independent oversight of facial recognition is at risk just as the policing minister plans to "embed" it into the force.…

  • May 19th 2023 at 09:34
  • β†—

Apple warns of three WebKit vulns under active exploitation, dozens more CVEs across its range

High school student and Amnesty International named among bug-finders

Apple has issued a bushel of security updates and warned that three of the flaws it's fixed are under active attack.…

  • May 19th 2023 at 02:59
  • β†—

Apple’s secret is out: 3 zero-days fixed, so be sure to patch now!

By Paul Ducklin
All Apple users have zero-days that need patching, though some have more zero-days than others.

Cisco squashes critical bugs in small biz switches

You'll want to patch these as proof-of-concept exploit code is out there already

Cisco rolled out patches for four critical security vulnerabilities in several of its network switches for small businesses that can be exploited to remotely hijack the equipment.…

  • May 18th 2023 at 22:31
  • β†—

S3 Ep135: Sysadmin by day, extortionist by night

By Paul Ducklin
Laugh (sufficiently), learn (efficiently), and then let us know what you think in our comments (anonymously, if you wish)...

How to Stop Google From Deleting Your Inactive Account

By Reece Rogers
Your inactive profiles, like Gmail or Docs, could turn into digital dust later this year. A few clicks can save them.

Microsoft decides it will be the one to choose which secure login method you use

Certificate-based authentication comes first and phones last

Microsoft wants to take the decision of which multi-factor authentication (MFA) method to use out of the users' hands and into its own.…

  • May 18th 2023 at 17:32
  • β†—

Top 5 search engines for internet‑connected devices and services

By Camilo GutiΓ©rrez Amaya

A roundup of some of the handiest tools that security professionals can use to search for and monitor devices that are accessible from the internet

The post Top 5 search engines for internet‑connected devices and services appeared first on WeLiveSecurity

Six million patients' data feared stolen from PharMerica

Cue the inevitable class action lawsuit

PharMerica, one of the largest pharmacy service providers in the US, has revealed its IT systems were breached – and it's feared the intruders stole personal and healthcare data belonging to more than 5.8 million past customers…

  • May 18th 2023 at 00:20
  • β†—

'Strictly limit' remote desktop – unless you like catching BianLian ransomware

Do it or don't. We're not cops. But the FBI are, and they have this to say

The FBI and friends have warned organizations to "strictly limit the use of RDP and other remote desktop services" to avoid BianLian infections and the ransomware gang's extortion attempts that follow the data encryption.…

  • May 17th 2023 at 20:32
  • β†—

US offers $10m bounty for Russian ransomware suspect outed in indictment

By Naked Security writer
"Up to $10 million for information that leads to the arrest and/or conviction of this defendant."

The US Post Office Is Spying on the Mail. Senators Want to Stop It

By Dell Cameron
The USPS carries out warrantless surveillance on thousands of parcels every year. Lawmakers want it to endβ€”right now.
❌