Oauth implementation flaws allow access to private repos via ChatGPT plugins

submitted by /u/ScottContini
[link] [comments]

FTC goes undercover to probe suspected antivirus scam, scores $26M settlement

Imagine trying to trick folks into buying $500 of unnecessary repairs – and they turn out to be federal agents

A pair of tech support businesses accused of swindling marks out of their hard-earned cash have agreed to cough up a $26 million settlement following an undercover probe by the FTC.…

LockBit ransomware kingpin gets 4 years behind bars

Canadian-Russian said to have turned to a life of cybercrime during pandemic, now must pay the price – literally

A LockBit ransomware kingpin has been sentenced to almost four years behind bars and ordered to pay more than CA$860,000 ($635,000, £500,000) in restitution to some of his victims by a Canadian court as he awaits extradition to the US.…

Google gooses Safe Browsing with real-time protection that doesn't leak to ad giant

Rare occasion when you do want Big Tech to make a hash of it

Google has enhanced its Safe Browsing service to enable real-time protection in Chrome for desktop, iOS, and soon Android against risky websites, without sending browsing history data to the ad biz.…

Record breach of French government exposes up to 43 million people's data

Zut alors! Department for registering and helping unemployed people broken into

A French government department - responsible for registering and assisting unemployed people - is the latest victim of a mega data breach that compromised the information of up to 43 million citizens.…

International effort to disrupt cybercrime moves into operational phase

Will the WEF experiment work?

The Cybercrime Atlas, a massive undertaking that aims to disrupt cybercriminals across the globe, enters its operational phase in 2024, two years after organizers laid the groundwork at the RSA Conference.…

US to probe Change Healthcare's data protection standards as lawsuits mount

Services slowly coming back online but providers still struggling

Change Healthcare is being investigated over the alleged 6 TB data theft by the ALPHV ransomware group as it continues recovery efforts.…

Fortinet FortiWLM Multiple Vulnerabilities Deep-Dive and IOCs

submitted by /u/scopedsecurity
[link] [comments]

IoT Penetration Testing Part 1: The Basics

submitted by /u/needmorejava
[link] [comments]

Poking Holes In Google Tech Bagged Bug Hunters $10M

RedLine Malware Top Credential Stealer Of Last 6 Months

ChatGPT 0-Click Plugin Exploit Risked Leaked Of Private GitHub Repos

Bitcoin Fog Operator Convicted Of Laundering $400M In Bitcoins On Darknet

Meta Sues Brazenly Disloyal Former Exec Over Stolen Confidential Docs

US Congress Goes Bang, Bang, On Tik-Tok Sale Or Ban Plan

Cisco Patches High Severity IOS RX Vulnerabilities

Side Channel In Most AI Assistants Lets Hackers Read Encrypted Chats

The Anatomy of an ALPHA SPIDER Ransomware Attack

submitted by /u/Due_Spare_6458
[link] [comments]

Microsoft Entra ID: The Complete Guide to Conditional Access Policies

submitted by /u/Or1rez
[link] [comments]

US Congress goes bang, bang, on TikTok sale-or-ban plan

Bill proposes to do to China what China already does to the US – make life hard for foreign social networks

The United States House of Representatives on Wednesday passed the Protecting Americans from Foreign Adversary Controlled Applications Act – a law aimed at forcing TikTok's Chinese parent ByteDance to sell the app's US operations or face the prospect of a ban.…

Nissan to let 100,000 Aussies and Kiwis know their data was stolen in cyberattack

Akira ransomware crooks brag of swiping thousands of ID documents during break-in

Over the next few weeks, Nissan Oceania will make contact with around 100,000 people in Australia and New Zealand whose data was pilfered in a December 2023 attack on its systems – perhaps by the Akira ransomware gang.…

Discovering Deserialization Gadget Chains in Rubyland - Include Security Research Blog

submitted by /u/907jessejones
[link] [comments]

Poking holes in Google tech bagged bug hunters $10M

A $2M drop from previous year. So … things are more secure?

Google awarded $10 million to 632 bug hunters last year through its vulnerability reward programs.…

The ‘Emergency Powers’ Risk of a Second Trump Presidency

Every US president has the ability to invoke “emergency powers” that could give an authoritarian leader the ability to censor the internet, restrict travel, and more.

A case of missing bytes: bruteforcing your way through Jenkins’ CVE-2024-23897

submitted by /u/gquere
[link] [comments]

Threat Modeling on a Virtual Factory Floor

submitted by /u/derp6996
[link] [comments]

Cryptocurrency laundryman gets hung out to dry

Bitcoin Fog washed hundreds of millions for criminals

The operator of the world's longest-running Bitcoin money laundering service faces a 50-year prison sentence after being found guilty in a US court.…

How to share sensitive files securely online

Here are a few tips for secure file transfers and what else to consider when sharing sensitive documents so that your data remains safe

Third-Party ChatGPT Plugins Could Lead to Account Takeovers

Cybersecurity researchers have found that third-party plugins available for OpenAI ChatGPT could act as a new attack surface for threat actors looking to gain unauthorized access to sensitive data. According to new research published by Salt Labs, security flaws found directly in ChatGPT and within the ecosystem could allow attackers to install malicious plugins without users' consent

Google Introduces Enhanced Real-Time URL Protection for Chrome Users

Google on Thursday announced an enhanced version of Safe Browsing to provide real-time, privacy-preserving URL protection and safeguard users from visiting potentially malicious sites. “The Standard protection mode for Chrome on desktop and iOS will check sites against Google’s server-side list of known bad sites in real-time,” Google’s Jonathan Li and Jasika Bawa said. “If we

Malicious Ads Targeting Chinese Users with Fake Notepad++ and VNote Installers

Chinese users looking for legitimate software such as Notepad++ and VNote on search engines like Baidu are being targeted with malicious ads and bogus links to distribute trojanized versions of the software and ultimately deploy Geacon, a Golang-based implementation of Cobalt Strike. “The malicious site found in the notepad++ search is distributed through an advertisement block,” Kaspersky

LockBit Ransomware Hacker Ordered to Pay $860,000 After Guilty Plea in Canada

A 34-year-old Russian-Canadian national has been sentenced to nearly four years in jail in Canada for his participation in the LockBit global ransomware operation. Mikhail Vasiliev, an Ontario resident, was originally arrested in November 2022 and charged by the U.S. Department of Justice (DoJ) with "conspiring with others to intentionally damage protected computers and to transmit

Researchers Detail Kubernetes Vulnerability That Enables Windows Node Takeover

Details have been made public about a now-patched high-severity flaw in Kubernetes that could allow a malicious attacker to achieve remote code execution with elevated privileges under specific circumstances. “The vulnerability allows remote code execution with SYSTEM privileges on all Windows endpoints within a Kubernetes cluster,” Akamai security researcher Tomer Peled said. “To exploit

Complexity drives more than security risk. Secure Access can help with that too.

Modern networks are complex, often involving hybrid work models and a mix of first- and third-party applications and infrastructure. In response, organizations have adopted security service edge… Read more on Cisco Blogs

3 Things CISOs Achieve with Cato

Being a CISO is a balancing act: ensuring organizations are secure without compromising users’ productivity. This requires taking multiple elements into consideration, like cost, complexity, performance and user experience. CISOs around the globe use Cato SSE 360, as part of the Cato SASE Cloud platform to balance these factors without compromise. This article details how CISOs are

RedCurl Cybercrime Group Abuses Windows PCA Tool for Corporate Espionage

The Russian-speaking cybercrime group called RedCurl is leveraging a legitimate Microsoft Windows component called the Program Compatibility Assistant (PCA) to execute malicious commands. “The Program Compatibility Assistant Service (pcalua.exe) is a Windows service designed to identify and address compatibility issues with older programs,” Trend Micro said in an analysis

Ande Loader Malware Targets Manufacturing Sector in North America

The threat actor known as Blind Eagle has been observed using a loader malware called Ande Loader to deliver remote access trojans (RATs) like Remcos RAT and NjRAT. The attacks, which take the form of phishing emails, targeted Spanish-speaking users in the manufacturing industry based in North America, eSentire said. Blind Eagle (aka APT-C-36) is a financially motivated threat actor&

DarkGate Malware Exploited Recently Patched Microsoft Flaw in Zero-Day Attack

A DarkGate malware campaign observed in mid-January 2024 leveraged a recently patched security flaw in Microsoft Windows as a zero-day using bogus software installers. “During this campaign, users were lured using PDFs that contained Google DoubleClick Digital Marketing (DDM) open redirects that led unsuspecting victims to compromised sites hosting the Microsoft Windows SmartScreen bypass

Fortinet Warns of Severe SQLi Vulnerability in FortiClientEMS Software

Fortinet has warned of a critical security flaw impacting its FortiClientEMS software that could allow attackers to achieve code execution on affected systems. "An improper neutralization of special elements used in an SQL Command ('SQL Injection') vulnerability [CWE-89] in FortiClientEMS may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted

Microsoft Copilot for Security prepares for April liftoff

Automated AI helper intended to make security more manageable

Microsoft Copilot for Security, a subscription AI security service, will be generally available on April 1, 2024, the company announced on Wednesday.…

Demystifying a Common Cybersecurity Myth

One of the most common misconceptions in file upload cybersecurity is that certain tools are “enough” on their own—this is simply not the case. In our latest whitepaper OPSWAT CEO and Founder, Benny Czarny, takes a comprehensive look at what it takes to prevent malware threats in today’s ever-evolving file upload security landscape, and a big part of that is understanding where the

New Google Gemini Content Manipulation Vulns Found

Stanford University Data Breach Impacts 27,000 Individuals

Major CPU, Software Vendors Impacted By New GhostRace Attack

March Patch Tuesday: Microsoft Fixes Two Critical Hyper-V Flaws

Researchers Jimmy OpenAI's And Google's Closed Models

Danchev's EXIF Analysis Of Conti Ransomware Gang Marketing Material

Building an AITM attack tool in Cloudflare Workers (174 LOC)

submitted by /u/wez32
[link] [comments]

PixPirate Android Banking Trojan Using New Evasion Tactic to Target Brazilian Users

The threat actors behind the PixPirate Android banking trojan are leveraging a new trick to evade detection on compromised devices and harvest sensitive information from users in Brazil. The approach allows it to hide the malicious app’s icon from the home screen of the victim’s device, IBM said in a technical report published today. “Thanks to this new technique, during PixPirate reconnaissance

Stanford University failed to detect ransomware intruders for 4 months

27,000 individuals had data stolen, which for some included names and social security numbers

Stanford University says the cybersecurity incident it dealt with last year was indeed ransomware, which it failed to spot for more than four months.…

There Are Dark Corners of the Internet. Then There's 764

A global network of violent predators is hiding in plain sight, targeting children on major platforms, grooming them, and extorting them to commit horrific acts of abuse.

Donex a new ransomware gang malware technical analysis

submitted by /u/ShadowStackRE
[link] [comments]

Google's 'BeyondCorp and the long tail of Zero Trust' article

submitted by /u/PhilipLGriffiths88
[link] [comments]

Porn Sites Need Age-Verification Systems in Texas, Court Rules

The US Court of Appeals for the 5th Circuit has vacated an injunction against an age-verification requirement to view internet porn in Texas.

Reducing the cloud security overhead

Why creating a layered defensive strategy that includes security by design can help address cloud challenges

Sponsored Feature The world is filled with choices. Whether it's the 20 different types of shampoo on offer at the grocery store, or the dozens of Linux distros you can try for free, you can have it all.…

Whizkids jimmy OpenAI, Google's closed models

Infosec folk aren’t thrilled that if you poke APIs enough, you learn AI's secrets

Boffins have managed to pry open closed AI services from OpenAI and Google with an attack that recovers an otherwise hidden portion of transformer models.…

Join Our Webinar on Protecting Human and Non-Human Identities in SaaS Platforms

Identities are the latest sweet spot for cybercriminals, now heavily targeting SaaS applications that are especially vulnerable in this attack vector. The use of SaaS applications involves a wide range of identities, including human and non-human, such as service accounts, API keys, and OAuth authorizations. Consequently, any identity in a SaaS app can create an opening for cybercriminals to

Researchers Highlight Google's Gemini AI Susceptibility to LLM Threats

Google's Gemini large language model (LLM) is susceptible to security threats that could cause it to divulge system prompts, generate harmful content, and carry out indirect injection attacks. The findings come from HiddenLayer, which said the issues impact consumers using Gemini Advanced with Google Workspace as well as companies using the LLM API. The first vulnerability involves

Alert: Cybercriminals Deploying VCURMS and STRRAT Trojans via AWS and GitHub

A new phishing campaign has been observed delivering remote access trojans (RAT) such as VCURMS and STRRAT by means of a malicious Java-based downloader. “The attackers stored malware on public services like Amazon Web Services (AWS) and GitHub, employing a commercial protector to avoid detection of the malware,” Fortinet FortiGuard Labs researcher Yurren Wan said. An unusual aspect of the

Microsoft's March Updates Fix 61 Vulnerabilities, Including Critical Hyper-V Flaws

Microsoft on Tuesday released its monthly security update, addressing 61 different security flaws spanning its software, including two critical issues impacting Windows Hyper-V that could lead to denial-of-service (DoS) and remote code execution. Of the 61 vulnerabilities, two are rated Critical, 58 are rated Important, and one is rated Low in severity. None of the flaws are listed as