Australia’s spies and cops want ‘accountable encryption’ - aka access to backdoors

And warn that AI is already being used by extremists to plot attacks

The director general of Australia’s lead intelligence agency and the commissioner of its Federal Police yesterday both called for social networks to offer more assistance to help their investigators work on cases involving terrorism, child exploitation, and racist nationalism.…

Governments issue alerts after 'sophisticated' state-backed actor found exploiting flaws in Cisco security boxes

Don't get too comfortable: 'Line Dancer' malware may be targeting other vendors, too

A previously unknown and "sophisticated" nation-state group compromised Cisco firewalls as early as November 2023 for espionage purposes — and possibly attacked network devices made by other vendors including Microsoft, according to warnings from the networking giant and three Western governments.…

Cisco ASA exploit in the wild.

submitted by /u/MrSanford
[link] [comments]

'ArcaneDoor' Cyberspies Hacked Cisco Firewalls to Access Government Networks

Sources suspect China is behind the targeted exploitation of two zero-day vulnerabilities in Cisco’s security appliances.

18 vulnerabilities in Brocade SANnav

submitted by /u/PierreKimSec
[link] [comments]

5 Best VPN Services (2024): For Routers, PC, iPhone, Android, and More

It won’t solve all of your privacy problems, but a virtual private network can make you a less tempting target for hackers.

What makes Starmus unique? Q&A with award-winning filmmaker Todd Miller

The director of the Apollo 11 movie shares his views about the role of technology in addressing pressing global challenges, as well as why he became involved with Starmus

How technology drives progress: Q&A with Nobel laureate Michel Mayor

We spoke to Michel Mayor about the importance of public engagement with science and how to foster responsibility among the youth for the preservation of our changing planet

The vision behind Starmus: Q&A with the festival’s co-founder Garik Israelian

Dr. Israelian talks about Starmus's vision and mission, the importance of inspiring and engaging audiences, and a sense of community within the Starmus universe

DOJ Arrests Founders of Crypto Mixer Samourai for $2 Billion in Illegal Transactions

The U.S. Department of Justice (DoJ) on Wednesday announced the arrest of two co-founders of a cryptocurrency mixer called Samourai and seized the service for allegedly facilitating over $2 billion in illegal transactions and for laundering more than $100 million in criminal proceeds. To that end, Keonne Rodriguez, 35, and William Lonergan Hill, 65, have been charged

Google Postpones Third-Party Cookie Deprecation Amid U.K. Regulatory Scrutiny

Google has once again pushed its plans to deprecate third-party tracking cookies in its Chrome web browser as it works to address outstanding competition concerns from U.K. regulators over its Privacy Sandbox initiative. The tech giant said it's working closely with the U.K. Competition and Markets Authority (CMA) and hopes to achieve an agreement by the end of the year. As part of the

State-Sponsored Hackers Exploit Two Cisco Zero-Day Vulnerabilities for Espionage

A new malware campaign leveraged two zero-day flaws in Cisco networking gear to deliver custom malware and facilitate covert data collection on target environments. Cisco Talos, which dubbed the activity ArcaneDoor, attributed it as the handiwork of a previously undocumented sophisticated state-sponsored actor it tracks under the name UAT4356 (aka Storm-1849 by Microsoft). "UAT4356

Shouldn't Teams, Zoom, Slack all interoperate securely for the Feds? Wyden is asking

Doctorow: 'The most amazing part is that this isn't already the way it's done'

Collaboration software used by federal government agencies — this includes apps from Microsoft, Zoom, Slack, and Google — will be required to work together and be securely end-to-end encrypted, if legislation proposed by US Senator Ron Wyden (D-OR) passes.…

Microsoft cannot keep its own security in order, so what hope for its add-ons customers?

Secure-by-default... if your pockets are deep enough

Microsoft has come under fire for charging for security add-ons despite the company's own patchy record when it comes to vulnerabilities and breaches.…

Management company settles for $18.4M after nuclear weapons plant staff fudged their timesheets

The firm 'fessed up to staff misconduct and avoided criminal liability

A company contracted to manage an Amarillo, Texas nuclear weapons facility has to pay US government $18.4 million in a settlement over allegations that its atomic technicians fudged their timesheets to collect more money from Uncle Sam.…

North Korean Hackers Hijack Antivirus Updates For Malware Delivery

Hackers Are Using Developing Countries For Ransomware Practice

Google Patches Critical Chrome Vulnerability

US Charges Iranians With Cyber Snooping On Government, Companies

CISA Warns Of Windows Print Spooler Flaw After Microsoft Sees Russian Exploitation

TensorFlow AI Models At Risk Due To Keras API Flaw

Google cools on cookie phase-out while regulators chew on plans

Privacy Sandbox slips into 2025 after challenges from UK authorities

Google's plan to phase out third-party cookies in Chrome is being postponed to 2025 amid wrangling with the UK's Competition and Markets Authority (CMA) and Information Commissioner's Office (ICO).…

US charges Iranians with cyber snooping on government, companies

Their holiday options are now far more restricted

The US has charged and sanctioned four Iranian nationals for their alleged roles in various attacks on US companies and government departments, all of whom are claimed to have worked for fake companies linked to Iran's military.…

U.S. Treasury Sanctions Iranian Firms and Individuals Tied to Cyber Attacks

The U.S. Treasury Department's Office of Foreign Assets Control (OFAC) on Monday sanctioned two firms and four individuals for their involvement in malicious cyber activities on behalf of the Iranian Islamic Revolutionary Guard Corps Cyber Electronic Command (IRGC-CEC) from at least 2016 to April 2021. This includes the front companies Mehrsam Andisheh Saz Nik (MASN) and Dadeh

Researchers Detail Multistage Attack Hijacking Systems with SSLoad, Cobalt Strike

Cybersecurity researchers have discovered an ongoing attack campaign that's leveraging phishing emails to deliver a malware called SSLoad. The campaign, codenamed FROZEN#SHADOW by Securonix, also involves the deployment of Cobalt Strike and the ConnectWise ScreenConnect remote desktop software. "SSLoad is designed to stealthily infiltrate systems, gather sensitive

ASPJinjaObfuscator: Heavily obfuscated ASP web shell generation tool.

submitted by /u/fin3ss3g0d
[link] [comments]

ShotSpotter Keeps Listening for Gunfire After Contracts Expire

Internal emails suggest that the company continued to provide gunshot data to police in cities where its contracts had been canceled.

If Britain is so bothered by China, why do these .gov.uk sites use Chinese ad brokers?

One wonders why are there adverts on public-sector portals at all

Exclusive At least 18 public-sector websites in the UK and US send visitor data in some form to various web advertising brokers – including an ad-tech biz in China involved in past privacy controversies, a security firm claims.…

Grafana backend sql injection affected all version

submitted by /u/smokiesmk
[link] [comments]

SAP Threat Modeling Tool - Open Source Software

submitted by /u/vah_13
[link] [comments]

Major Security Flaws Expose Keystrokes of Over 1 Billion Chinese Keyboard App Users

Security vulnerabilities uncovered in cloud-based pinyin keyboard apps could be exploited to reveal users' keystrokes to nefarious actors. The findings come from the Citizen Lab, which discovered weaknesses in eight of nine apps from vendors like Baidu, Honor, iFlytek, OPPO, Samsung, Tencent, Vivo, and Xiaomi. The only vendor whose keyboard app did not have any security

eScan Antivirus Update Mechanism Exploited to Spread Backdoors and Miners

A new malware campaign has been exploiting the updating mechanism of the eScan antivirus software to distribute backdoors and cryptocurrency miners like XMRig through a long-standing threat codenamed GuptiMiner targeting large corporate networks. Cybersecurity firm Avast said the activity is the work of a threat actor with possible connections to a North Korean hacking group dubbed 

CoralRaider Malware Campaign Exploits CDN Cache to Spread Info-Stealers

A new ongoing malware campaign has been observed distributing three different stealers, such as CryptBot, LummaC2, and Rhadamanthys hosted on Content Delivery Network (CDN) cache domains since at least February 2024. Cisco Talos has attributed the activity with moderate confidence to a threat actor tracked as CoralRaider, a suspected Vietnamese-origin

Nation-State Threat Actors Renew Publications to npm

submitted by /u/louis11
[link] [comments]

CVE-2024-2389: Command Injection Vulnerability In Progress Flowmon

submitted by /u/hackers_and_builders
[link] [comments]

Windows Vulnerability Reported By The NSA Exploited To Install Russian Malware

Microsoft DRM Hack Could Allow Movie Downloads From Streaming

UnitedHealth Admits Breach Could Cover Substantial Proportion Of People In America

Authorities Investigate LabHost Users After Phishing Service Shutdown

Over A Million Neighbourhood Watch Members Exposed

MITRE Hacked By State Sponsored Group Via Ivanti Zero Days

Dauthi - MDM Authentication Framework

submitted by /u/emptynebuli
[link] [comments]

BlackBerry MDM Has Some Authentication Flaws

submitted by /u/emptynebuli
[link] [comments]

Mandiant: Orgs are detecting cybercriminals faster than ever

The 'big victory for the good guys' shouldn't be celebrated too much, though

The average time taken by global organizations to detect cyberattacks has dropped to its lowest-ever level of ten days, Mandiant revealed today.…

UnitedHealth admits IT security breach could 'cover substantial proportion of people in America'

That said, good ol' American healthcare system so elaborately costly, some are forced to avoid altogether

UnitedHealth Group, the parent of ransomware-struck Change Healthcare, delivered some very unwelcome news for customers today as it continues to recover from the massively expensive side and disruptive digital break-in.…

Leicester streetlights take ransomware attack personally, shine on 24/7

City council says it lost control after shutting down systems

It's become somewhat cliché in cybersecurity reporting to speculate whether an organization will have the resources to "keep the lights on" after an attack. But the opposite turns out to be true with Leicester City Council following its March ransomware incident.…

An Analysis of the DHEat DoS Against SSH in Cloud Environments

submitted by /u/therealjoetesta
[link] [comments]

Over a million Neighbourhood Watch members exposed through web app bug

Unverified users could scoop up data on high-value individuals without any form of verification process

Neighbourhood Watch (NW) groups across the UK can now rest easy knowing the developers behind a communications platform fixed a web app bug that leaked their data en masse.…

Misconfigured cloud server leaked clues of North Korean animation scam

Outsourcers outsourced work for the BBC, Amazon, and HBO Max to the hermit kingdom

A misconfigured cloud server that used a North Korean IP address has led to the discovery that film production studios including the BBC, Amazon, and HBO Max could be inadvertently using workers from the hermit kingdom for animation projects.…

Apache Cordova App Harness Targeted in Dependency Confusion Attack

Researchers have identified a dependency confusion vulnerability impacting an archived Apache project called Cordova App Harness. Dependency confusion attacks take place owing to the fact that package managers check the public repositories before private registries, thus allowing a threat actor to publish a malicious package with the same name to a public package repository. This&

Webinar: Learn Proactive Supply Chain Threat Hunting Techniques

In the high-stakes world of cybersecurity, the battleground has shifted. Supply chain attacks have emerged as a potent threat, exploiting the intricate web of interconnected systems and third-party dependencies to breach even the most formidable defenses. But what if you could turn the tables and proactively hunt these threats before they wreak havoc? We invite you to join us for an

Unmasking the True Cost of Cyberattacks: Beyond Ransom and Recovery

Cybersecurity breaches can be devastating for both individuals and businesses alike. While many people tend to focus on understanding how and why they were targeted by such breaches, there's a larger, more pressing question: What is the true financial impact of a cyberattack? According to research by Cybersecurity Ventures, the global cost of cybercrime is projected to reach

Police Chiefs Call for Solutions to Access Encrypted Data in Serious Crime Cases

European Police Chiefs said that the complementary partnership between law enforcement agencies and the technology industry is at risk due to end-to-end encryption (E2EE). They called on the industry and governments to take urgent action to ensure public safety across social media platforms. "Privacy measures currently being rolled out, such as end-to-end encryption, will stop tech companies

German Authorities Issue Arrest Warrants for Three Suspected Chinese Spies

German authorities said they have issued arrest warrants against three citizens on suspicion of spying for China. The full names of the defendants were not disclosed by the Office of the Federal Prosecutor (aka Generalbundesanwalt), but it includes Herwig F., Ina F., and Thomas R. "The suspects are strongly suspected of working for a Chinese secret service since an unspecified

U.S. Imposes Visa Restrictions on 13 Linked to Commercial Spyware Misuse

The U.S. Department of State on Monday said it's taking steps to impose visa restrictions on 13 individuals who are allegedly involved in the development and sale of commercial spyware or who are immediately family members of those involved in such businesses. "These individuals have facilitated or derived financial benefit from the misuse of this technology, which

Russia's APT28 Exploited Windows Print Spooler Flaw to Deploy 'GooseEgg' Malware

The Russia-linked nation-state threat actor tracked as APT28 weaponized a security flaw in the Microsoft Windows Print Spooler component to deliver a previously unknown custom malware called GooseEgg. The post-compromise tool, which is said to have been used since at least June 2020 and possibly as early as April 2019, leveraged a now-patched flaw that allowed for

Weekly Update 396

"More Data Breaches Than You Can Shake a Stick At". That seems like a reasonable summary and I suggest there are two main reasons for this observation. Firstly, there are simply loads of breaches happening and you know this already because, well, you read my stuff! Secondly, There are a couple of Twitter accounts in particular that are taking incidents that appear across a combination of a popular clear web hacking forum and various dark web ransomware websites and "raising them to the surface", so to speak. That is incidents that may have previously remained on the fringe are being regularly positioned in the spotlight where they have much greater visibility. The end result is greater awareness and a longer backlog of breaches to process than I've ever had before!

References

1. Sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite
2. Le Slip Français was breached by "shopifyGUY" (I wonder where all these Shopify API keys are coming from?!)
3. Roku got hit with a pretty sizeable credential stuffing attack (looks like they're now mandating multi-step auth for everyone, which is certainly one way of tackling this)
4. There's an extraordinary rate of new breaches appearing at the moment (that's a link to the HackManac Twitter account that's been very good at reporting on these)

Change Healthcare Finally Admits It Paid Ransomware Hackers—and Still Faces a Patient Data Leak

The company belatedly conceded both that it had paid the cybercriminals extorting it and that patient data nonetheless ended up on the dark web.

Old Windows print spooler bug is latest target of Russia's Fancy Bear gang

Putin's pals use 'GooseEgg' malware to launch attacks you can defeat with patches or deletion

Russian spies are exploiting a years-old Windows print spooler vulnerability and using a custom tool called GooseEgg to elevate privileges and steal credentials across compromised networks, according to Microsoft Threat Intelligence.…

FBI and friends get two more years of warrantless FISA Section 702 snooping

Senate kills reform amendments, Biden swiftly signs bill into law

US lawmakers on Saturday reauthorized a contentious warrantless surveillance tool for another two years — and added a whole bunch of people and organizations to the list of those who can be compelled to spy for Uncle Sam.…