FreshRSS

🔒
❌ About FreshRSS
☷
△ 🔃
There are new available articles, click to refresh the page.
Today — April 29th 2024Security

Google Prevented 2.28 Million Malicious Apps from Reaching Play Store in 2023

By Newsroom
Google on Monday revealed that almost 200,000 app submissions to its Play Store for Android were either rejected or remediated to address issues with access to sensitive data such as location or SMS messages over the past year. The tech giant also said it blocked 333,000 bad accounts from the app storefront in 2023 for attempting to distribute malware or for repeated policy violations. "In 2023,
  • April 29th 2024 at 17:07
  • ↗

China-Linked 'Muddling Meerkat' Hijacks DNS to Map Internet on Global Scale

By Newsroom
A previously undocumented cyber threat dubbed Muddling Meerkat has been observed undertaking sophisticated domain name system (DNS) activities in a likely effort to evade security measures and conduct reconnaissance of networks across the world since October 2019. Cloud security firm Infoblox described the threat actor as likely affiliated with the
  • April 29th 2024 at 13:46
  • ↗

France willing to buy key Atos assets to keep them French

Finance minister says government has interests in IT giant's 'sovereign activities'

The French government has tabled an offer to buy key assets of ailing IT giant Atos after the company late last week almost doubled its estimate of the cash it will need to stay afloat in the near future.…

  • April 29th 2024 at 13:00
  • ↗

UK lays down fresh legislation banning crummy default device passwords

New laws mean vendors need to make clear how long you'll get updates too

Smart device manufacturers will have to play by new rules in the UK as of today, with laws coming into force to make it more difficult for cybercriminals to break into hardware such as phones and tablets.…

  • April 29th 2024 at 11:45
  • ↗

New R Programming Vulnerability Exposes Projects to Supply Chain Attacks

By Newsroom
A security vulnerability has been discovered in the R programming language that could be exploited by a threat actor to create a malicious RDS (R Data Serialization) file such that it results in code execution when loaded and referenced. The flaw, assigned the CVE identifier CVE-2024-27322, "involves the use of promise objects and lazy evaluation in R," AI application security
  • April 29th 2024 at 10:50
  • ↗

Watchdog reveals lingering Google Privacy Sandbox worries

Ad tech rewrite to replace web cookies still not to regulatory taste

The UK Competition and Markets Authority (CMA) still has privacy and competition concerns about Google's Privacy Sandbox advertising toolkit, which explains why the ad giant recently again delayed its plan to drop third-party cookies in Chrome until 2025.…

  • April 29th 2024 at 10:15
  • ↗

Navigating the Threat Landscape: Understanding Exposure Management, Pentesting, Red Teaming and RBVM

By The Hacker News
It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to meet this non-stop challenge. Security teams constantly look for ways to reduce risk while improving security posture, but many
  • April 29th 2024 at 10:54
  • ↗

Sandbox Escape Vulnerabilities in Judge0 Expose Systems to Complete Takeover

By Newsroom
Multiple critical security flaws have been disclosed in the Judge0 open-source online code execution system that could be exploited to obtain code execution on the target system. The three flaws, all critical in nature, allow an "adversary with sufficient access to perform a sandbox escape and obtain root permissions on the host machine," Australian
  • April 29th 2024 at 09:58
  • ↗

The next step up for high-impact identity authorization

How SSH Communications Security cuts through the hype around Zero Trust to secure the connections that matter

Sponsored Feature As business enters the 2020s, organizations find themselves protecting fast-expanding digital estates using security concepts that are decades old.…

  • April 29th 2024 at 02:45
  • ↗

Discord dismantles Spy.pet site that snooped on millions of users

ALSO: Infostealer spotted hiding in CDN cache, antivirus update hijacked to deliver virus, and some critical vulns

Updated - Infosec in brief They say sunlight is the best disinfectant, and that appears to have been true in the case of Discord data harvesting site Spy.pet – as it was recently and swiftly dismantled after its existence and purpose became known.…

  • April 29th 2024 at 02:29
  • ↗
Yesterday — April 28th 2024Security

Okta Warns of Unprecedented Surge in Proxy-Driven Credential Stuffing Attacks

By Newsroom
Identity and access management (IAM) services provider Okta has warned of a spike in the "frequency and scale" of credential stuffing attacks aimed at online services. These unprecedented attacks, observed over the last month, are said to be facilitated by "the broad availability of residential proxy services, lists of previously stolen credentials ('combo lists'), and scripting tools," the
  • April 28th 2024 at 13:52
  • ↗

Weekly Update 397

By Troy Hunt
Weekly Update 397

Banks. They screw us on interest rates, they screw us on fees and they screw us on passwords. Remember the old "bank grade security" adage? I took this saying to task almost a decade ago now but it seems that at least as far as password advice goes, they really haven't learned. This week, Commbank is telling people to use a password manager but just not for their bank password, and ANZ bank is forcing people to rotate their passwords once a year because, uh, hackers? Ah well, as I always end up lamenting, it's a great time to be in this industry! 🤣

Weekly Update 397
Weekly Update 397
Weekly Update 397
Weekly Update 397

References

  1. Sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite
  2. T2 tea got themselves scaled by a data breach (don't hate me, that's not my analogy!)
  3. Piping Rock became the 4th victim of shopifyGUY (I wonder where he's finding those API keys?)
  4. Lufthansa provided some advice on how not to get p(ra)wned (cool piece, but "Keepass is already installed on most devices" misses the mark by a long way)
  5. Bank security is important, so why is Commbank telling people to keep their most important passwords in the least secure place?! (it just defines logic)
  6. And while we're talking banks, why is ANZ mandating password rotation in the absence of suspicion of compromise?! (it's been many years since this thinking was flushed down the toilet)

School Employee Allegedly Framed a Principal With Racist Deepfake Rant

By Matt Burgess
Plus: Google holds off on killing cookies, Samourai Wallet founders get arrested, and GM stops driver surveillance program.

Russia Vetoed a UN Resolution to Ban Space Nukes

By Stephen Clark, Ars Technica
A ban on weapons of mass destruction in orbit has stood since 1967. Russia apparently has other ideas.

Major phishing-as-a-service platform disrupted – Week in security with Tony Anscombe

The investigation uncovered at least 40,000 phishing domains that were linked to LabHost and tricked victims into handing over their sensitive details
  • April 26th 2024 at 13:28
  • ↗
Before yesterdaySecurity

Ukraine Targeted in Cyberattack Exploiting 7-Year-Old Microsoft Office Flaw

By Newsroom
Cybersecurity researchers have discovered a targeted operation against Ukraine that has been found leveraging a nearly seven-year-old flaw in Microsoft Office to deliver Cobalt Strike on compromised systems. The attack chain, which took place at the end of 2023 according to Deep Instinct, employs a PowerPoint slideshow file ("signal-2023-12-20-160512.ppsx") as the starting point, with
  • April 27th 2024 at 12:47
  • ↗

Gripped by Python: 5 reasons why Python is popular among cybersecurity professionals

Python’s versatility and short learning curve are just two factors that explain the language’s 'grip' on cybersecurity
  • April 25th 2024 at 09:30
  • ↗

Bogus npm Packages Used to Trick Software Developers into Installing Malware

By Newsroom
An ongoing social engineering campaign is targeting software developers with bogus npm packages under the guise of a job interview to trick them into downloading a Python backdoor. Cybersecurity firm Securonix is tracking the activity under the name DEV#POPPER, linking it to North Korean threat actors. "During these fraudulent interviews, the developers are often asked
  • April 27th 2024 at 05:12
  • ↗

Kaiser Permanente handed over 13.4M people's data to Microsoft, Google, others

Ouch!

Millions of Kaiser Permanente patients' data was likely handed over to Google, Microsoft Bing, X/Twitter, and other third-parties, according to the American healthcare giant.…

  • April 26th 2024 at 18:14
  • ↗

Second time lucky for Thoma Bravo, which scoops up Darktrace for $5.3B

Analysts brand deal a 'nail in the coffin' for UK tech investment

Private equity investor Thoma Bravo has successfully completed a second acquisition attempt of UK-based cybersecurity company Darktrace in a $5.3 billion deal.…

  • April 26th 2024 at 16:00
  • ↗

Severe Flaws Disclosed in Brocade SANnav SAN Management Software

By Newsroom
Several security vulnerabilities disclosed in Brocade SANnav storage area network (SAN) management application could be exploited to compromise susceptible appliances. The 18 flaws impact all versions up to and including 2.3.0, according to independent security researcher Pierre Barre, who discovered and reported them. The issues range from incorrect firewall rules,
  • April 26th 2024 at 14:03
  • ↗

UK's Investigatory Powers Bill to become law despite tech world opposition

Only minor changes from original proposals that kicked up privacy storm

The UK's contentious Investigatory Powers (Amendment) Bill (IPB) 2024 has officially received the King's nod of approval and will become law.…

  • April 26th 2024 at 12:00
  • ↗

Four trends to top the CISO’s packed agenda

Check out the SANS CISO Primer for tips on hardening your organisation’s security posture in 2024

Sponsored Post Ever get nostalgic for the good old days of cybersecurity protection? When attacks were for the most part amateurish and infrequent, and perhaps more in the nature of an occasional nuisance rather than a daily existential threat?…

  • April 26th 2024 at 07:34
  • ↗

Flaws in Chinese keyboard apps leave 750 million users open to snooping, researchers claim

Huawei is OK, but Xiaomi, OPPO, and Samsung are in strife. And Honor isn't living its name

Many Chinese keyboard apps, some from major handset manufacturers, can leak keystrokes to determined snoopers, leaving perhaps three quarters of a billion people at risk according to research from the University of Toronto’s Citizen Lab.…

  • April 26th 2024 at 05:33
  • ↗

Cops cuff man for allegedly framing colleague with AI-generated hate speech clip

Athletics boss accused of deep-faking Baltimore school principal

Baltimore police have arrested Dazhon Leslie Darien, the former athletic director of Pikesville High School (PHS), for allegedly impersonating the school's principal using AI software to make it seem as if he made racist and antisemitic remarks.…

  • April 25th 2024 at 21:43
  • ↗

Ring dinged for $5.6M after, among other claims, rogue insider spied on 'pretty girls'

Cash to go out as refunds to punters

The FTC today announced it would be sending refunds totaling $5.6 million to Ring customers, paid from the Amazon subsidiary's coffers.…

  • April 25th 2024 at 21:03
  • ↗

Two cuffed in Samourai Wallet crypto dirty money sting

Suspects in Portugal and the US said to have laundered over $100M

Two men alleged to be co-founders of cryptocurrency biz Samourai Wallet face serious charges and potentially decades in US prison over claims they owned a product that facilitated the laundering of over $100 million in criminal cash.…

  • April 25th 2024 at 17:15
  • ↗

10 Critical Endpoint Security Tips You Should Know

By The Hacker News
In today's digital world, where connectivity is rules all, endpoints serve as the gateway to a business’s digital kingdom. And because of this, endpoints are one of hackers' favorite targets.  According to the IDC, 70% of successful breaches start at the endpoint. Unprotected endpoints provide vulnerable entry points to launch devastating cyberattacks. With IT
  • April 26th 2024 at 10:46
  • ↗

New 'Brokewell' Android Malware Spread Through Fake Browser Updates

By Newsroom
Fake browser updates are being used to push a previously undocumented Android malware called Brokewell. "Brokewell is a typical modern banking malware equipped with both data-stealing and remote-control capabilities built into the malware," Dutch security firm ThreatFabric said in an analysis published Thursday. The malware is said to be in active development,
  • April 26th 2024 at 10:42
  • ↗

Palo Alto Networks Outlines Remediation for Critical PAN-OS Flaw Under Attack

By Newsroom
Palo Alto Networks has shared remediation guidance for a recently disclosed critical security flaw impacting PAN-OS that has come under active exploitation. The vulnerability, tracked as CVE-2024-3400 (CVSS score: 10.0), could be weaponized to obtain unauthenticated remote shell command execution on susceptible devices. It has been addressed in
  • April 26th 2024 at 10:18
  • ↗

Hackers Exploiting WP-Automatic Plugin Bug to Create Admin Accounts on WordPress Sites

By Newsroom
Threat actors are attempting to actively exploit a critical security flaw in the ValvePress Automatic plugin for WordPress that could allow site takeovers. The shortcoming, tracked as CVE-2024-27956, carries a CVSS score of 9.9 out of a maximum of 10. It impacts all versions of the plugin prior to 3.92.0. The issue has been resolved in version 3.92.1 released on February 27, 2024,
  • April 26th 2024 at 05:49
  • ↗

North Korea's Lazarus Group Deploys New Kaolin RAT via Fake Job Lures

By Newsroom
The North Korea-linked threat actor known as Lazarus Group employed its time-tested fabricated job lures to deliver a new remote access trojan called Kaolin RAT as part of attacks targeting specific individuals in the Asia region in summer 2023. The malware could, "aside from standard RAT functionality, change the last write timestamp of a selected file and load any received DLL
  • April 25th 2024 at 16:47
  • ↗

Russia, Iran pose most aggressive threat to 2024 elections, say infoseccers

Google security crew reveal ‘the four Ds’ to be on the watch for

It may come as a surprise to absolutely nobody that experts say, in revealing the most prevalent and likely tactics to meddle with elections this year, that state-sponsored cybercriminals pose the biggest threat.…

  • April 25th 2024 at 13:34
  • ↗

Network Threats: A Step-by-Step Attack Demonstration

By The Hacker News
Follow this real-life network attack simulation, covering 6 steps from Initial Access to Data Exfiltration. See how attackers remain undetected with the simplest tools and why you need multiple choke points in your defense strategy. Surprisingly, most network attacks are not exceptionally sophisticated, technologically advanced, or reliant on zero-day tools that exploit
  • April 25th 2024 at 11:13
  • ↗

What to do in the age of the critical breach

Why the triple threat of ransomware, data breaches, and extortion is a cybersecurity crisis

Webinar The UK government could be forgiven for wanting to forget March 2024 ever happened.…

  • April 25th 2024 at 09:16
  • ↗

Indian bank’s IT is so shabby it’s been banned from opening new accounts

After two years of warnings, and outages, regulators ran out of patience with Kotak Mahindra Bank

India’s central bank has banned Kotak Mahindra Bank from signing up new customers for accounts or credit cards through its online presence and app.…

  • April 25th 2024 at 06:29
  • ↗
❌