August, 2022

article thumbnail

Cyber Resiliency Isn't Just About Technology, It's About People

Dark Reading

To lessen burnout and prioritize staff resiliency, put people in a position to succeed with staffwide cybersecurity training to help ease the burden on IT and security personnel.

IT 137
article thumbnail

Microsoft Patches 'DogWalk' Zero-Day in August Patch Tuesday

Data Breach Today

Monthly Dump Includes Patches for 141 Flaws, Including 17 'Critical' Fixes More than two years after being notified of it, Microsoft issued a fix for a Microsoft Windows Support Diagnostic Tool vulnerability known as DogWalk. The fix is part of the operating system giant's newest Patch Tuesday dump, which includes patches for 141 flaws.

IT 356
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

PayPal Phishing Scam Uses Invoices Sent Via PayPal

Krebs on Security

Scammers are using invoices sent through PayPal.com to trick recipients into calling a number to dispute a pending charge. The missives — which come from Paypal.com and include a link at Paypal.com that displays an invoice for the supposed transaction — state that the user’s account is about to be charged hundreds of dollars. Recipients who call the supplied toll-free number to contest the transaction are soon asked to download software that lets the scammers assume remote cont

Phishing 310
article thumbnail

PoC exploit code for critical Realtek RCE flaw released online

Security Affairs

Exploit code for a critical vulnerability affecting networking devices using Realtek RTL819x system on a chip released online. The PoC exploit code for a critical stack-based buffer overflow issue, tracked as CVE-2022-27255 (CVSS 9.8), affecting networking devices using Realtek’s RTL819x system on a chip was released online. The issue resides in the Realtek’s SDK for the open-source eCos operating system, it was discovered by researchers from cybersecurity firm Faraday Security. “On Realte

IoT 145
article thumbnail

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

Speaker: Aarushi Kansal, AI Leader & Author and Tony Karrer, Founder & CTO at Aggregage

Software leaders who are building applications based on Large Language Models (LLMs) often find it a challenge to achieve reliability. It’s no surprise given the non-deterministic nature of LLMs. To effectively create reliable LLM-based (often with RAG) applications, extensive testing and evaluation processes are crucial. This often ends up involving meticulous adjustments to prompts.

article thumbnail

Sending Spammers to Password Purgatory with Microsoft Power Automate and Cloudflare Workers KV

Troy Hunt

How best to punish spammers? I give this topic a lot of thought because I spend a lot of time sifting through the endless rubbish they send me. And that's when it dawned on me: the punishment should fit the crime - robbing me of my time - which means that I, in turn, need to rob them of their time. With the smallest possible overhead on my time, of course.

Passwords 145

More Trending

article thumbnail

Hackers Steal Session Cookies to Bypass Multi-factor Authentication

eSecurity Planet

Cyber attackers continue to up their game. One new tactic hackers have been using is to steal cookies from current or recent web sessions to bypass multi-factor authentication (MFA). The new attack method, reported by Sophos researchers yesterday, is already growing in use. The “cookie-stealing cybercrime spectrum” is broad, the researchers wrote, ranging from “entry-level criminals” to advanced adversaries, using various techniques.

article thumbnail

Hackers Steal $8M in Ongoing Attack on Solana Hot Wallets

Data Breach Today

Cause of Attack Is Unknown, Moving Funds to Cold Wallets Recommended Hackers are using an unknown exploit to draw down internet-connected wallets on the Solana blockchain. So far, thieves have made off with about $8 million worth of cryptocurrency, predominantly from mobile wallet users of Phantom and Slope. Solana is working to identify the root cause.

article thumbnail

Scammers Sent Uber to Take Elderly Lady to the Bank

Krebs on Security

Email scammers sent an Uber to the home of an 80-year-old woman who responded to a well-timed email scam, in a bid to make sure she went to the bank and wired money to the fraudsters. In this case, the woman figured out she was being scammed before embarking for the bank, but her story is a chilling reminder of how far crooks will go these days to rip people off.

Passwords 278
article thumbnail

Google blocked the largest Layer 7 DDoS reported to date

Security Affairs

Google announced to have blocked the largest ever HTTPs DDoS attack, which reached 46 million requests per second (RPS). Google announced to have blocked the largest ever HTTPs DDoS attack that hit one of its Cloud Armor customers. The IT giant revealed that the attack reached 46 million requests per second (RPS). The attack took place on June 1st, at 09:45, it started with more than 10,000 requests per second (rps) and targeted a customer’s HTTP/S Load Balancer.

Cloud 136
article thumbnail

How and Why Should You Be Tracking Geopolitical Risk?

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

article thumbnail

The aftermath of an incident – business considerations surrounding record-keeping

Data Protection Report

In our previous publication , we discussed the legal obligations and procedural considerations surrounding maintaining records of privacy incidents. While the specific obligations vary by jurisdiction, maintaining some form of a record that tracks privacy incidents is a statutory obligation for private-sector organizations subject to Quebec, Alberta, or federal laws.

article thumbnail

Starlink Successfully Hacked Using $25 Modchip

Threatpost

Belgian researcher Lennert Wouters revealed at Black Hat how he mounted a successful fault injection attack on a user terminal for SpaceX’s satellite-based internet system.

IoT 137
article thumbnail

New Linux Exploit ‘Dirty Cred’ Revealed at Black Hat

eSecurity Planet

A new Linux kernel exploitation called Dirty Cred was revealed at last week’s Black Hat security conference. Zhenpeng Lin, a PhD student, and a team of researchers worked on an alternative approach to the infamous Dirty Pipe vulnerability that affected Linux kernel versions 8 and later. Dity Pipe is a major flaw that allows attackers to elevate least-privileged accounts to the maximum level (root) by exploiting the way the kernel uses pipes to pass data.

Access 135
article thumbnail

Vendor Ransomware Breach Affects 942,000 Patients

Data Breach Today

Incident Is Among Latest Fallout From Attacks on Healthcare Sector Entities A New York-based practice management vendor has notified 28 healthcare entity clients and more than 942,000 of their patients that sensitive information was compromised in a ransomware attack in April. The incident is the latest fallout from ransomware assaults on the healthcare sector.

article thumbnail

7 Pitfalls for Apache Cassandra in Production

Apache Cassandra is an open-source distributed database that boasts an architecture that delivers high scalability, near 100% availability, and powerful read-and-write performance required for many data-heavy use cases. However, many developers and administrators who are new to this NoSQL database often encounter several challenges that can impact its performance.

article thumbnail

How 1-Time Passcodes Became a Corporate Liability

Krebs on Security

Phishers are enjoying remarkable success using text messages to steal remote access credentials and one-time passcodes from employees at some of the world’s largest technology companies and customer support firms. A recent spate of SMS phishing attacks from one cybercriminal group has spawned a flurry of breach disclosures from affected companies, which are all struggling to combat the same lingering security threat: The ability of scammers to interact directly with employees through their

Phishing 272
article thumbnail

USB “Rubber Ducky” Attack Tool

Schneier on Security

The USB Rubber Ducky is getting better and better. Already, previous versions of the Rubber Ducky could carry out attacks like creating a fake Windows pop-up box to harvest a user’s login credentials or causing Chrome to send all saved passwords to an attacker’s webserver. But these attacks had to be carefully crafted for specific operating systems and software versions and lacked the flexibility to work across platforms.

Passwords 137
article thumbnail

New Linux botnet RapperBot brute-forces SSH servers

Security Affairs

RapperBot is a new botnet employed in attacks since mid-June 2022 that targets Linux SSH servers with brute-force attacks. Researchers from FortiGuard Labs have discovered a new IoT botnet tracked as RapperBot which is active since mid-June 2022. The bot borrows a large portion of its code from the original Mirai botnet, but unlike other IoT malware families, it implements a built-in capability to brute force credentials and gain access to SSH servers instead of Telnet as implemented in Mirai.

IoT 133
article thumbnail

Lost in Translation? New Cryptomining Malware Attacks Based in Turkey Cause Suspicion

KnowBe4

Researchers at Check Point warn that attackers based in Turkey are distributing cryptomining malware via free software distribution websites, including Softpedia and uptodown. The malicious apps appear to be legitimate, but have malware packaged within them.

134
134
article thumbnail

Entity Resolution Checklist: What to Consider When Evaluating Options

Are you trying to decide which entity resolution capabilities you need? It can be confusing to determine which features are most important for your project. And sometimes key features are overlooked. Get the Entity Resolution Evaluation Checklist to make sure you’ve thought of everything to make your project a success! The list was created by Senzing’s team of leading entity resolution experts, based on their real-world experience.

article thumbnail

Security Compliance & Data Privacy Regulations

eSecurity Planet

Regulatory compliance and data privacy issues have long been an IT security nightmare. And since the EU’s General Data Protection Regulation (GDPR) took effect May 25, 2018, IT compliance issues have been at the forefront of corporate concerns. GDPR, the EU’s flagship data privacy and “right to be forgotten” regulation, has made the stakes of a data breach higher than ever.

article thumbnail

How Criminals Are Weaponizing Leaked Ransomware Data

Data Breach Today

Accenture's Robert Boyce Advises Firms to Update Monitoring and Approval Processes Accenture analyzed the top 20 most active ransomware leak sites to see how threat actors are posting sensitive corporate information and making the data easy to search and exploit. Accenture's Robert Boyce explains how cybercriminals are weaponizing stolen ransomware data for follow-up attacks.

article thumbnail

Class Action Targets Experian Over Account Security

Krebs on Security

A class action lawsuit has been filed against big-three consumer credit bureau Experian over reports that the company did little to prevent identity thieves from hijacking consumer accounts. The legal filing cites liberally from an investigation KrebsOnSecurity published in July, which found that identity thieves were able to assume control over existing Experian accounts simply by signing up for new accounts using the victim’s personal information and a different email address.

Security 263
article thumbnail

High-Severity Bug in Kaspersky VPN Client Opens Door to PC Takeover

Dark Reading

The CVE-2022-27535 local privilege-escalation security vulnerability in the security software threatens remote and work-from-home users.

Security 145
article thumbnail

Strategic CX: A Deep Dive into Voice of the Customer Insights for Clarity

Speaker: Nicholas Zeisler, CX Strategist & Fractional CXO

The first step in a successful Customer Experience endeavor (or for that matter, any business proposition) is to find out what’s wrong. If you can’t identify it, you can’t fix it! 💡 That’s where the Voice of the Customer (VoC) comes in. Today, far too many brands do VoC simply because that’s what they think they’re supposed to do; that’s what all their competitors do.

article thumbnail

Serious cyberattack hits German Chambers of Industry and Commerce (DIHK)

Security Affairs

A massive cyberattack hit the website of the German Chambers of Industry and Commerce (DIHK) this week. A massive attack hit the website of the German Chambers of Industry and Commerce (DIHK) forcing the organization to shut down its IT systems as a precautionary measure for security reasons. Aktuell wird intensiv an Lösung und Abwehr gearbeitet. Wir informieren Sie hier, welche Anwendungen wieder funktionsfähig sind: [link] #IHK #DIHK pic.twitter.com/5OHMOLH7Mz — DIHK (@DIHK_News) August

article thumbnail

Hyundai Uses Example Keys for Encryption System

Schneier on Security

This is a dumb crypto mistake I had not previously encountered: A developer says it was possible to run their own software on the car infotainment hardware after discovering the vehicle’s manufacturer had secured its system using keys that were not only publicly known but had been lifted from programming examples. […]. “Turns out the [AES] encryption key in that script is the first AES 128-bit CBC example key listed in the NIST document SP800-38A [PDF]” […].

article thumbnail

New Linux Malware Surges, Surpassing Android

eSecurity Planet

Linux malware is skyrocketing and now surpasses both macOS and Android, according to a new report, suggesting that cybercriminals are increasingly targeting the open source operating system. The Atlas VPN report said the number of new Linux malware samples collected soared by 646% from the first half of 2021 to the first half of 2022, from 226,334 samples to nearly 1.7 million.

article thumbnail

Ransomware Leak Sites Attract More Attacks

Data Breach Today

Victims Often Attacked Simultaneously by Multiple Ransomware Groups Cybercriminals monitor leak sites for newly listed ransomware victims in a bid to try their own hand at dropping encryption malware, says Sophos. The cybersecurity firm says it's seen an uptick in incidents involving multiple criminal gangs demanding a ransom for unencrypted victims' files.

article thumbnail

The Big Payoff of Application Analytics

Outdated or absent analytics won’t cut it in today’s data-driven applications – not for your end users, your development team, or your business. That’s what drove the five companies in this e-book to change their approach to analytics. Download this e-book to learn about the unique problems each company faced and how they achieved huge returns beyond expectation by embedding analytics into applications.

article thumbnail

Initial Access Broker Phishing

KnowBe4

Cisco has disclosed a security incident that occurred as a result of sophisticated voice phishing attacks that targeted employees, according to researchers at Cisco Talos. The researchers believe the attack was carried out by an initial access broker with the intent of selling access to the compromised accounts to other threat actors.

Phishing 127
article thumbnail

Cisco Confirms Data Breach, Hacked Files Leaked

Dark Reading

Ransomware gang gained access to the company's VPN in May by convincing an employee to accept a multifactor authentication (MFA) push notification.

article thumbnail

Surveillance firm’s leaked docs show the purchase of an $8M iOS RCE zero-day exploit?

Security Affairs

Leaked documents show the surveillance firm Intellexa offering exploits for iOS and Android devices for $8 Million. Intellexa is an Israeli surveillance firm founded by Israeli entrepreneur Tal Dilian, it offers surveillance and hacking solution to law enforcement and intelligence agencies. The Vx-undergroud researchers shared some images of several confidential documents that appear to be the commercial offer of Intellect.

IT 129