FreshRSS

🔒
△ 🔃
☐ ☆ ✇ The Hacker News

Russia-Linked Hackers Launches Espionage Attacks on Foreign Diplomatic Entities

By Ravie Lakshmanan — April 14th 2023 at 12:57
The Russia-linked APT29 (aka Cozy Bear) threat actor has been attributed to an ongoing cyber espionage campaign targeting foreign ministries and diplomatic entities located in NATO member states, the European Union, and Africa. According to Poland's Military Counterintelligence Service and the CERT Polska team, the observed activity shares tactical overlaps with a cluster tracked by Microsoft as
☐ ☆ ✇ WeLiveSecurity

Hunting down BlackLotus – Week in security with Tony Anscombe

By Editor — April 14th 2023 at 11:00

Microsoft releases guidance on how organizations can check their systems for the presence of BlackLotus, a powerful threat first analyzed by ESET researchers

The post Hunting down BlackLotus – Week in security with Tony Anscombe appeared first on WeLiveSecurity

☐ ☆ ✇ The Hacker News

Kodi Confirms Data Breach: 400K User Records and Private Messages Stolen

By Ravie Lakshmanan — April 14th 2023 at 10:22
Open source media player software provider Kodi has confirmed a data breach after threat actors stole the company's MyBB forum database containing user data and private messages. What's more, the unknown threat actors attempted to sell the data dump comprising 400,635 Kodi users on the now-defunct BreachForums cybercrime marketplace. "MyBB admin logs show the account of a trusted but currently
☐ ☆ ✇ The Register - Security

While Twitter wants to sell its verification, Microsoft will do it for free on LinkedIn

April 14th 2023 at 10:14

Redmond expands a digital ID process for its platform as Musk seeks cash for blue check marks

As Elon Musk tears at Twitter's credibility by demanding businesses and individuals pay for their blue verification checks, Microsoft is pushing its own free digital ID tech to companies and their employees on LinkedIn.…

☐ ☆ ✇ WeLiveSecurity

Safety first: 5 cybersecurity tips for freelance bloggers

By Márk Szabó — April 14th 2023 at 09:30

The much-dreaded writer’s block isn’t the only threat that may derail your progress. Are you doing enough to keep your blog (and your livelihood) safe from online dangers?

The post Safety first: 5 cybersecurity tips for freelance bloggers appeared first on WeLiveSecurity

☐ ☆ ✇ The Hacker News

Severe Android and Novi Survey Vulnerabilities Under Active Exploitation

By Ravie Lakshmanan — April 14th 2023 at 07:15
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added two vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The two flaws are listed below - CVE-2023-20963 (CVSS score: 7.8) - Android Framework Privilege Escalation Vulnerability CVE-2023-29492 (CVSS score: TBD) - Novi Survey Insecure Deserialization Vulnerability
☐ ☆ ✇ The Hacker News

Webinar: Tips from MSSPs to MSSPs – Building a Profitable vCISO Practice

By The Hacker News — April 14th 2023 at 07:13
In today's fast-paced and ever-changing digital landscape, businesses of all sizes face a myriad of cybersecurity threats. Putting in place the right people, technological tools and services, MSSPs are in a great position to ensure their customers' cyber resilience.  The growing need of SMEs and SMBs for structured cybersecurity services can be leveraged by MSPs and MSSPs to provide strategic
☐ ☆ ✇ The Register - Security

Linux kernel logic allowed Spectre attack on 'major cloud provider'

April 14th 2023 at 06:27

Kernel 6.2 ditched a useful defense against ghostly chip design flaw

The Spectre vulnerability that has haunted hardware and software makers since 2018 continues to defy efforts to bury it.…

☐ ☆ ✇ The Register - Security

To improve security, consider how the aviation world stopped blaming pilots

April 14th 2023 at 04:29

When admitting to an error isn't seen as a failure, improvement easy to achieve, says pilot-turned-CISO

To improve security, the cybersecurity industry needs to follow the aviation industry's shift from a blame culture to a "just" culture, according to ISACA director Serge Christiaans.…

☐ ☆ ✇ The Hacker News

Google Launches New Cybersecurity Initiatives to Strengthen Vulnerability Management

By Ravie Lakshmanan — April 13th 2023 at 20:00
Google on Thursday outlined a set of initiatives aimed at improving the vulnerability management ecosystem and establishing greater transparency measures around exploitation. "While the notoriety of zero-day vulnerabilities typically makes headlines, risks remain even after they're known and fixed, which is the real story," the company said in an announcement. "Those risks span everything from
☐ ☆ ✇ The Register - Security

Pentagon super-leak suspect cuffed: 21-year-old Air National Guardsman

April 13th 2023 at 19:52

When bragging about your job on Discord gets just a little out of hand?

The FBI has detained a 21-year-old Air National Guardsman suspected of leaking a trove of classified Pentagon documents on Discord.…

☐ ☆ ✇ Naked Security

S3 Ep130: Open the garage bay doors, HAL [Audio + Text]

By Paul Ducklin — April 13th 2023 at 16:54
I'm sorry, Dave. I'm afraid I can't... errr, no, hang on a minute, I can do that easily! Worldwide! Right now!

☐ ☆ ✇ The Hacker News

RTM Locker: Emerging Cybercrime Group Targeting Businesses with Ransomware

By Ravie Lakshmanan — April 13th 2023 at 16:40
Cybersecurity researchers have detailed the tactics of a "rising" cybercriminal gang called "Read The Manual" (RTM) Locker that functions as a private ransomware-as-a-service (RaaS) provider and carries out opportunistic attacks to generate illicit profit. "The 'Read The Manual' Locker gang uses affiliates to ransom victims, all of whom are forced to abide by the gang's strict rules,"
☐ ☆ ✇ WIRED

The Hacking of ChatGPT Is Just Getting Started

By Matt Burgess — April 13th 2023 at 16:07
Security researchers are jailbreaking large language models to get around safety rules. Things could get much worse.
☐ ☆ ✇ The Hacker News

WhatsApp Introduces New Device Verification Feature to Prevent Account Takeover Attacks

By Ravie Lakshmanan — April 13th 2023 at 13:02
Popular instant messaging app WhatsApp on Thursday announced a new account verification feature that ensures that malware running on a user's mobile device doesn't impact their account. "Mobile device malware is one of the biggest threats to people's privacy and security today because it can take advantage of your phone without your permission and use your WhatsApp to send unwanted messages,"
☐ ☆ ✇ The Hacker News

New Python-Based "Legion" Hacking Tool Emerges on Telegram

By Ravie Lakshmanan — April 13th 2023 at 11:10
An emerging Python-based credential harvester and a hacking tool named Legion is being marketed via Telegram as a way for threat actors to break into various online services for further exploitation. Legion, according to Cado Labs, includes modules to enumerate vulnerable SMTP servers, conduct remote code execution (RCE) attacks, exploit unpatched versions of Apache, and brute-force cPanel and
☐ ☆ ✇ The Hacker News

Pakistan-based Transparent Tribe Hackers Targeting Indian Educational Institutions

By Ravie Lakshmanan — April 13th 2023 at 10:19
The Transparent Tribe threat actor has been linked to a set of weaponized Microsoft Office documents in intrusions directed against the Indian education sector to deploy a continuously maintained piece of malware called Crimson RAT. While the suspected Pakistan-based threat group is known to target military and government entities in the country, the activities have since expanded to include the
☐ ☆ ✇ The Hacker News

Why Shadow APIs are More Dangerous than You Think

By The Hacker News — April 13th 2023 at 10:19
Shadow APIs are a growing risk for organizations of all sizes as they can mask malicious behavior and induce substantial data loss. For those that aren't familiar with the term, shadow APIs are a type of application programming interface (API) that isn't officially documented or supported.  Contrary to popular belief, it's unfortunately all too common to have APIs in production that no one on
☐ ☆ ✇ The Hacker News

Lazarus Hacker Group Evolves Tactics, Tools, and Targets in DeathNote Campaign

By Ravie Lakshmanan — April 13th 2023 at 09:07
The North Korean threat actor known as the Lazarus Group has been observed shifting its focus and rapidly evolving its tools and tactics as part of a long-running campaign called DeathNote. While the nation-state adversary is known for persistently singling out the cryptocurrency sector, recent attacks have also targeted automotive, academic, and defense sectors in Eastern Europe and other parts
☐ ☆ ✇ The Hacker News

ChatGPT Security: OpenAI's Bug Bounty Program Offers Up to $20,000 Prizes

By Ravie Lakshmanan — April 13th 2023 at 04:35
OpenAI, the company behind the massively popular ChatGPT AI chatbot, has launched a bug bounty program in an attempt to ensure its systems are "safe and secure." To that end, it has partnered with the crowdsourced security platform Bugcrowd for independent researchers to report vulnerabilities discovered in its product in exchange for rewards ranging from "$200 for low-severity findings to up to
☐ ☆ ✇ The Register - Security

How insecure is America's FirstNet emergency response system? Seriously, anyone know?

April 12th 2023 at 23:58

Senator Wyden warns full probe needed into vital comms network

AT&T is "concealing vital cybersecurity reporting" about its FirstNet phone network for first responders and the US military, according to US Senator Ron Wyden (D-OR), who said the network had been dubbed unsafe by CISA.…

☐ ☆ ✇ The Register - Security

FBI: How fake Xi cops prey on Chinese nationals in the US

April 12th 2023 at 23:26

你好 [insert name], 我在 Ministry of Public Security 工作 [insert shakedown]

Criminals posing as law enforcement agents of the Chinese government are shaking down Chinese nationals living the United States by accusing them of financial crimes and threatening to arrest or hurt them if they don't pay, according to the FBI.…

☐ ☆ ✇ WIRED

Leaked Pentagon Documents May Herald a New Era of Revelations

By Lily Hay Newman — April 12th 2023 at 21:53
The bizarre release of sensitive US government materials soon after their creation signals a potential shift to near-real-time unauthorized disclosures.
☐ ☆ ✇ Naked Security

Patch Tuesday: Microsoft fixes a zero-day, and two curious bugs that take the Secure out of Secure Boot

By Paul Ducklin — April 12th 2023 at 18:57
Is Secure Boot without the Secure just "Boot"?

☐ ☆ ✇ WIRED

LinkedIn Verification Now Lets You Verify Your Job and Account

By Lily Hay Newman — April 12th 2023 at 14:23
To beat back fake accounts, the professional social network is rolling out new tools to prove you work where you say you do and are who you say you are.
☐ ☆ ✇ The Hacker News

Israel-based Spyware Firm QuaDream Targets High-Risk iPhones with Zero-Click Exploit

By Ravie Lakshmanan — April 12th 2023 at 11:58
Threat actors using hacking tools from an Israeli surveillanceware vendor named QuaDream targeted at least five members of civil society in North America, Central Asia, Southeast Asia, Europe, and the Middle East. According to findings from a group of researchers from the Citizen Lab, the spyware campaign was directed against journalists, political opposition figures, and an NGO worker in 2021.
☐ ☆ ✇ The Hacker News

The Service Accounts Challenge: Can't See or Secure Them Until It's Too Late

By The Hacker News — April 12th 2023 at 11:50
Here's a hard question to answer: 'How many service accounts do you have in your environment?'. A harder one is: 'Do you know what these accounts are doing?'. And the hardest is probably: 'If any of your service account was compromised and used to access resources would you be able to detect and stop that in real-time?'.  Since most identity and security teams would provide a negative reply,
☐ ☆ ✇ WeLiveSecurity

What are the cybersecurity concerns of SMBs by sector?

By Editor — April 12th 2023 at 09:30

Some sectors have high confidence in their in-house cybersecurity expertise, while others prefer to enlist the support of an external provider to keep their systems and data secured

The post What are the cybersecurity concerns of SMBs by sector? appeared first on WeLiveSecurity

☐ ☆ ✇ The Register - Security

Mission possible

April 12th 2023 at 09:21

Tamping down risk in cloud management

Webinar There's nothing like reading a report based on real world data to give IT teams an fresh sense of priority.…

☐ ☆ ✇ The Hacker News

Urgent: Microsoft Issues Patches for 97 Flaws, Including Active Ransomware Exploit

By Ravie Lakshmanan — April 12th 2023 at 06:38
It's the second Tuesday of the month, and Microsoft has released another set of security updates to fix a total of 97 flaws impacting its software, one of which has been actively exploited in ransomware attacks in the wild. Seven of the 97 bugs are rated Critical and 90 are rated Important in severity. Interestingly, 45 of the shortcomings are remote code execution flaws, followed by 20
☐ ☆ ✇ The Register - Security

3CX teases security-focused client update, plus password hashing

April 12th 2023 at 04:35

As Mandiant finds more evidence it was North Korea wot done it

The CEO of VoIP software provider 3CX has teased the imminent release of a security-focused upgrade to the company’s progressive web application client.…

☐ ☆ ✇ The Hacker News

North Korean Hackers Uncovered as Mastermind in 3CX Supply Chain Attack

By Ravie Lakshmanan — April 12th 2023 at 04:06
Enterprise communications service provider 3CX confirmed that the supply chain attack targeting its desktop application for Windows and macOS was the handiwork of a threat actor with North Korean nexus. The findings are the result of an interim assessment conducted by Google-owned Mandiant, whose services were enlisted after the intrusion came to light late last month. The threat intelligence
☐ ☆ ✇ The Register - Security

US cyber chiefs warn AI will help crooks, China develop nastier cyberattacks faster

April 12th 2023 at 01:50

It's not all doom and gloom because ML also amplifies defensive efforts, probably

Bots like ChatGPT may not be able to pull off the next big Microsoft server worm or Colonial Pipeline ransomware super-infection but they may help criminal gangs and nation-state hackers develop some attacks against IT, according to Rob Joyce, director of the NSA's Cybersecurity Directorate.…

❌