FreshRSS

🔒
△ 🔃
☐ ☆ ✇ WIRED

Cops Just Revealed a Record-Breaking Dark Web Dragnet

By Andy Greenberg — May 2nd 2023 at 16:58
Operation SpecTor likely drew on leads from multiple dark web market busts, including the secret takedown of Monopoly Market in 2021.
☐ ☆ ✇ The Hacker News

Researchers Uncover New BGP Flaws in Popular Internet Routing Protocol Software

By Ravie Lakshmanan — May 2nd 2023 at 14:26
Cybersecurity researchers have uncovered weaknesses in a software implementation of the Border Gateway Protocol (BGP) that could be weaponized to achieve a denial-of-service (DoS) condition on vulnerable BGP peers. The three vulnerabilities reside in version 8.4 of FRRouting, a popular open source internet routing protocol suite for Linux and Unix platforms. It's currently used by several
☐ ☆ ✇ The Register - Security

In the face of data disaster

May 2nd 2023 at 14:14

How to recover from cyber attacks on Microsoft 365

Webinar Every organization needs a full set of data recovery tools. The sort that will get you back up and running quickly after a ransomware attack, outage, or accidental data deletion. And it's best to be prepared in advance rather than deal with the data disaster face to face when it happens.…

☐ ☆ ✇ The Hacker News

BouldSpy Android Spyware: Iranian Government's Alleged Tool for Spying on Minority Groups

By Ravie Lakshmanan — May 2nd 2023 at 11:56
A new Android surveillanceware possibly used by the Iranian government has been used to spy on over 300 individuals belonging to minority groups. The malware, dubbed BouldSpy, has been attributed with moderate confidence to the Law Enforcement Command of the Islamic Republic of Iran (FARAJA). Targeted victims include Iranian Kurds, Baluchis, Azeris, and Armenian Christian groups. "The spyware
☐ ☆ ✇ The Hacker News

Why Telecoms Struggle with SaaS Security

By The Hacker News — May 2nd 2023 at 11:40
The telecom industry has always been a tantalizing target for cybercriminals. The combination of interconnected networks, customer data, and sensitive information allows cybercriminals to inflict maximum damage through minimal effort. It’s the breaches in telecom companies that tend to have a seismic impact and far-reaching implications — in addition to reputational damage, which can be
☐ ☆ ✇ The Register - Security

Data loss costs are going up – and not just for those who choose to pay thieves

May 2nd 2023 at 10:41

Ransoms, investigations, and breach-related lawsuits are hitting companies in the wallet, law firm says

Data loss – particularly from ransomware attacks – has always been a costly proposition for enterprises. However, the price organizations have to pay is going up, not only in terms of the ransom demanded but also for the cost of investigating attacks and the lawsuits that increasingly follow in the wake of such breaches.…

☐ ☆ ✇ WIRED

SolarWinds: The Untold Story of the Boldest Supply-Chain Hack

By Kim Zetter — May 2nd 2023 at 10:00
The attackers were in thousands of corporate and government networks. They might still be there now. Behind the scenes of the SolarWinds investigation.
☐ ☆ ✇ The Hacker News

LOBSHOT: A Stealthy, Financial Trojan and Info Stealer Delivered through Google Ads

By Ravie Lakshmanan — May 2nd 2023 at 07:09
In yet another instance of how threat actors are abusing Google Ads to serve malware, a threat actor has been observed leveraging the technique to deliver a new Windows-based financial trojan and information stealer called LOBSHOT. "LOBSHOT continues to collect victims while staying under the radar," Elastic Security Labs researcher Daniel Stepanic said in an analysis published last week. "One
☐ ☆ ✇ The Hacker News

North Korea's ScarCruft Deploys RokRAT Malware via LNK File Infection Chains

By Ravie Lakshmanan — May 2nd 2023 at 06:54
The North Korean threat actor known as ScarCruft started experimenting with oversized LNK files as a delivery route for RokRAT malware as early as July 2022, the same month Microsoft began blocking macros across Office documents by default. "RokRAT has not changed significantly over the years, but its deployment methods have evolved, now utilizing archives containing LNK files that initiate
☐ ☆ ✇ The Register - Security

Russia's APT28 targets Ukraine government with bogus Windows updates

May 2nd 2023 at 06:37

Nasty emails designed to infect systems with info-stealing malware

The Kremlin-backed threat group APT28 is flooding Ukrainian government agencies with email messages about bogus Windows updates in the hope of dropping malware that will exfiltrate system data.…

☐ ☆ ✇ The Hacker News

Alert: Active Exploitation of TP-Link, Apache, and Oracle Vulnerabilities Detected

By Ravie Lakshmanan — May 2nd 2023 at 05:35
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three flaws to the Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation. The security vulnerabilities are as follows - CVE-2023-1389 (CVSS score: 8.8) - TP-Link Archer AX-21 Command Injection Vulnerability CVE-2021-45046 (CVSS score: 9.0) - Apache Log4j2 Deserialization of Untrusted
☐ ☆ ✇ The Register - Security

Feds rethink warrantless search stats and – oh look, a huge drop in numbers

May 2nd 2023 at 01:56

119,000 instances of homeland snooping as the power to do so comes under review

Warrantless searches of US residents' communications by the FBI dropped sharply last year – from about 3.4 million in 2021 to 119,383 in 2022, according to Uncle Sam.…

☐ ☆ ✇ Naked Security

Apple delivers first-ever Rapid Security Response “cyberattack” patch – leaves some users confused

By Paul Ducklin — May 1st 2023 at 20:46
Just when we'd got used to three-numbered versions, such as "13.3.1", here comes an update suffix, bringing you "13.3.1 (a)"...

☐ ☆ ✇ The Register - Security

IT giant Bitmarck shuts down customer, internal systems after cyberattack

May 1st 2023 at 18:55

Patient data 'was and is never endangered', says medical tech slinger

German IT services provider Bitmarck has shut down all of its customer and internal systems, including entire datacenters in some cases, following a cyberattack. …

☐ ☆ ✇ The Register - Security

Centralized secrets management picks up pace

May 1st 2023 at 14:08

How cloud migration and machine identities are fueling enterprise demand for secrets management systems

Sponsored Feature There's no question that fast-feedback software delivery offers multiple advantages by streamlining processes for developers. But in software development, as in life, there is no such thing as a free lunch.…

☐ ☆ ✇ The Hacker News

New Decoy Dog Malware Toolkit Uncovered: Targeting Enterprise Networks

By Ravie Lakshmanan — May 1st 2023 at 12:31
An analysis of over 70 billion DNS records has led to the discovery of a new sophisticated malware toolkit dubbed Decoy Dog targeting enterprise networks. Decoy Dog, as the name implies, is evasive and employs techniques like strategic domain aging and DNS query dribbling, wherein a series of queries are transmitted to the command-and-control (C2) domains so as to not arouse any suspicion. "
☐ ☆ ✇ The Register - Security

Google adds account sync for Authenticator, without E2EE

May 1st 2023 at 11:04

Also: Your Salesforce Community site might be leaking; a new CPU side-channel; and this week's critical vunls

in brief You may have heard news this week that Google is finally updating its authenticator app to add Google account synchronization. Before you rush to ensure your two-factor secrets are safe in the event you lose your device, take heed: The sync process isn't end-to-end encrypted.…

☐ ☆ ✇ WIRED

The High-Stakes Scramble to Stop Classified Leaks

By Matt Laslo — May 1st 2023 at 11:00
AI tools? A porn filter, but for Top Secret documents? Just classifying less stuff? US lawmakers are full of ideas but lack a silver bullet.
☐ ☆ ✇ The Hacker News

Wanted Dead or Alive: Real-Time Protection Against Lateral Movement

By The Hacker News — May 1st 2023 at 10:53
Just a few short years ago, lateral movement was a tactic confined to top APT cybercrime organizations and nation-state operators. Today, however, it has become a commoditized tool, well within the skillset of any ransomware threat actor. This makes real-time detection and prevention of lateral movement a necessity to organizations of all sizes and across all industries. But the disturbing truth
☐ ☆ ✇ The Hacker News

Vietnamese Threat Actor Infects 500,000 Devices Using 'Malverposting' Tactics

By Ravie Lakshmanan — May 1st 2023 at 09:17
A Vietnamese threat actor has been attributed as behind a "malverposting" campaign on social media platforms to infect over 500,000 devices worldwide over the past three months to deliver variants of information stealers such as S1deload Stealer and SYS01stealer. Malverposting refers to the use of promoted social media posts on services like Facebook and Twitter to mass propagate malicious
☐ ☆ ✇ The Hacker News

APT28 Targets Ukrainian Government Entities with Fake "Windows Update" Emails

By Ravie Lakshmanan — May 1st 2023 at 08:52
The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of cyber attacks perpetrated by Russian nation-state hackers targeting various government bodies in the country. The agency attributed the phishing campaign to APT28, which is also known by the names Fancy Bear, Forest Blizzard, FROZENLAKE, Iron Twilight, Sednit, and Sofacy. The email messages come with the subject line "
☐ ☆ ✇ The Register - Security

Your security failure was so bad we have to close the company … NOT!

May 1st 2023 at 07:31

There are pranks, and savage pranks, and this prank when the CTO and HR ganged up on a very stressed techie

Who, Me? Welcome once again, gentle reader, to the safe space we call Who, Me? in which Reg readers can confess to the naughty or not-quite-competent things they did at work, knowing they will not be judged.…

☐ ☆ ✇ The Hacker News

Google Blocks 1.43 Million Malicious Apps, Bans 173,000 Bad Accounts in 2022

By Ravie Lakshmanan — May 1st 2023 at 05:10
Google disclosed that its improved security features and app review processes helped it block 1.43 million bad apps from being published to the Play Store in 2022. In addition, the company said it banned 173,000 bad accounts and fended off over $2 billion in fraudulent and abusive transactions through developer-facing features like Voided Purchases API, Obfuscated Account ID, and Play Integrity
☐ ☆ ✇ The Register - Security

China has 50 hackers for every FBI cyber agent, says Bureau boss

May 1st 2023 at 02:32

Combatting it is going to take more money. Lots of more money.

China has 50 hackers for every one of the FBI's cyber-centric agents, the Bureau's director told a congressional committee last week.…

☐ ☆ ✇ WIRED

Apple, Google, and Microsoft Just Fixed Zero-Day Security Flaws

By Kate O'Flaherty — April 30th 2023 at 11:00
Firefox gets a needed tune-up, SolarWinds squashes two high-severity bugs, Oracle patches 433 vulnerabilities, and more updates you should make now.
☐ ☆ ✇ Naked Security

Mac malware-for-hire steals passwords and cryptocoins, sends “crime logs” via Telegram

By Paul Ducklin — April 30th 2023 at 01:23
These malware peddlers are specifically going after Mac users. The hint's in the name: "Atomic macOS Stealer", or AMOS for short.

☐ ☆ ✇ WIRED

The Tragic Fallout From a School District’s Ransomware Breach

By Andy Greenberg — April 29th 2023 at 13:00
Plus: Cyber Command’s disruption of Iranian election hacking, an exposé on child sex trafficking on Meta’s platforms, and more.
☐ ☆ ✇ The Hacker News

ChatGPT is Back in Italy After Addressing Data Privacy Concerns

By Ravie Lakshmanan — April 29th 2023 at 04:23
OpenAI, the company behind ChatGPT, has officially made a return to Italy after the company met the data protection authority's demands ahead of April 30, 2023, deadline. The development was first reported by the Associated Press. OpenAI's CEO, Sam Altman, tweeted, "we're excited ChatGPT is available in [Italy] again!" The reinstatement comes following Garante's decision to temporarily block 
☐ ☆ ✇ Naked Security

Google wins court order to force ISPs to filter botnet traffic

By Naked Security writer — April 28th 2023 at 19:59
CryptBot criminals are alleged to have plundered browser passwords, illicitly-snapped screenshots, cryptocurrency account data, and more.

☐ ☆ ✇ WIRED

DOJ Detected SolarWinds Breach Months Before Public Disclosure

By Kim Zetter — April 28th 2023 at 18:01
In May 2020, the US Department of Justice noticed Russian hackers in its network but did not realize the significance of what it had found for six months.
☐ ☆ ✇ The Register - Security

Online Safety Bill age checks? We won't do 'em, says Wikipedia

April 28th 2023 at 14:30

World's encyclopedia warns draft law could boot it offline in UK

Wikipedia won't be age-gating its services no matter what final form the UK's Online Safety Bill takes, two senior folks from nonprofit steward the Wikimedia Foundation said this morning.…

☐ ☆ ✇ WeLiveSecurity

What was hot at RSA Conference 2023? – Week in security with Tony Anscombe

By Editor — April 28th 2023 at 14:30

The importance of understanding – and prioritizing – the privacy and security implications of large language models like ChatGPT cannot be overstated

The post What was hot at RSA Conference 2023? – Week in security with Tony Anscombe appeared first on WeLiveSecurity

❌