The International Bar Association (IBA) has published what it claims to be a “first-of-its-kind” report to guide senior executives and boards to protect their organization from cyber risk. Released today, Global perspectives on protecting against cyber risks: best governance practices for senior executives and boards of directors, is a lengthy document designed to give leaders
Month: July 2023
Jul 31, 2023THNCyber Threat / Botnet The P2PInfect peer-to-peer (P2) worm has been observed employing previously undocumented initial access methods to breach susceptible Redis servers and rope them into a botnet. “The malware compromises exposed instances of the Redis data store by exploiting the replication feature,” Cado Security researchers Nate Bill and Matt Muir said
The UK’s Ministry of Defence (MoD) is launching an investigation after a typing error reportedly led to classified emails being sent to a close ally of Russia instead of the intended recipients. The emails were meant for the US military, identifiable by the domain “.mil.” However, due to a simple mistake omitting the letter “i,” the messages
Jul 29, 2023The Hacker NewsBrowser Security / Data Security Increasing cyber threats and attacks have made protecting organizational data a paramount concern for businesses of all sizes. A group of experts have recognized the pressing need for comprehensive browser security solutions and collaborated to develop “The Definitive Browser Security RFP Template.” This resource helps streamline
Nominations are open for the eighth annual Security Serious Unsung Heroes Awards to be held in London and run by Eskenzi PR. The awards are all about celebrating the UK’s cybersecurity professionals, teachers, lecturers, leaders and those working to make the industry not only more secure, but also more diverse and healthier for employees. Whether educating the
Jul 29, 2023THNAndroid / Malware A new Android malware strain called CherryBlos has been observed making use of optical character recognition (OCR) techniques to gather sensitive data stored in pictures. CherryBlos, per Trend Micro, is distributed via bogus posts on social media platforms and comes with capabilities to steal cryptocurrency wallet-related credentials and act as
The Australian and US governments have issued a joint advisory about the growing cyber-threats to web applications and application programming interfaces (APIs). The guidance, Preventing Web Application Access Control Abuse was released by the Australian Cyber Security Centre (ACSC), US Cybersecurity and Infrastructure Security Agency (CISA), and US National Security Agency (NSA) on July 27,
by Paul Ducklin ONE WEEK, TWO BWAINS Apple patches two zero-days, one for a second time. How a 30-year-old cryptosystem got cracked. All your secret are belong to Zenbleed. Remembering those dodgy PC/Mac ads. No audio player below? Listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin. Intro and outro music by Edith Mudge.
Jul 28, 2023THNMalware / Cyber Threat The threat actors linked to the malware loader known as IcedID have made updates to the BackConnect (BC) module that’s used for post-compromise activity on hacked systems, new findings from Team Cymru reveal. IcedID, also called BokBot, is a strain of malware similar to Emotet and QakBot that started
You may have heard Sam Altman, the man behind ChatGPT, call for the regulation of future AI models while at the same time his company OpenAI lobbied the EU to water down its own AI Act. OpenAI and generative AI pioneers Google, Microsoft and Anthropic are now taking Altman’s pledge a step further, launching the
by Paul Ducklin If you’d been quietly chasing down cryptographic bugs in a proprietary police radio system since 2021, but you’d had to wait until the second half of 2023 to go public with your research, how would you deal with the reveal? You’d probably do what researchers at boutique Dutch cybersecurity consultancy Midnight Blue
Jul 27, 2023THNLinux / Endpoint Security Cybersecurity researchers have disclosed two high-severity security flaws in the Ubuntu kernel that could pave the way for local privilege escalation attacks. Cloud security firm Wiz, in a report shared with The Hacker News, said the easy-to-exploit shortcomings have the potential to impact 40% of Ubuntu users. “The impacted
Ransomware attacks surged by 74% in Q2 2023 compared to the first three months of the year, a new report has found. The 2023 SonicWall Mid-Year Cyber Threat Report observed two “very unbalanced quarters” regarding the volume of ransomware attacks so far this year. SonicWall Capture Labs Threat Researchers recorded 51.2 million attacks in Q1
by Paul Ducklin Remember Heartbleed? That was the bug, back in 2014, that introduced the suffix -bleed for vulnerabilities that leak data in a haphazard way that neither the attacker nor the victim can reliably control. In other words, a crook can’t use a bleed-style bug for a precision attack, such as “Find the shadow
A new study conducted by Uptycs has uncovered a stark increase in the distribution of information stealing (a.k.a. infostealer or stealer) malware. Incidents have more than doubled in Q1 2023, indicating an alarming trend that threatens global organizations. According to the new Uptycs’ whitepaper, Stealers are Organization Killers, a variety of new info stealers have
The UK Government’s Cyber Security Skills in the UK Labour Market 2023 report shows a staggering 50% of all UK businesses have a basic cybersecurity skills gap. This shows little improvement from the 2022 report, which found that 51% of businesses lacked these basic skills. Meanwhile, the 2023 report found that 33% have an advanced
by Paul Ducklin Two weeks ago, we urged Apple users with recent hardware to grab the company’s second-ever Rapid Response patch. As we pointed out at the time, this was an emergency bug fix to block off a web-browsing security hole that had apparently been used in real-world spyware attacks: Component: WebKit Impact: Processing web
Jul 25, 2023THNMalware / Cyber Threat The financially motivated threat actors behind the Casbaneiro banking malware family have been observed making use of a User Account Control (UAC) bypass technique to gain full administrative privileges on a machine, a sign that the threat actor is evolving their tactics to avoid detection and execute malicious code
Application security provider Checkmarx has identified what it described as the first open source software supply chain attacks targeting the banking sector. In a recent report, Checkmarx researchers analyzed two distinct, sophisticated supply chain attacks relying on open source toolsets. Both attacks’ targets were banks. The first attack started in February 2023, when a threat
Jul 24, 2023THNLinux / Network Security Details have emerged about a now-patched flaw in OpenSSH that could be potentially exploited to run arbitrary commands remotely on compromised hosts under specific conditions. “This vulnerability allows a remote attacker to potentially execute arbitrary commands on vulnerable OpenSSH’s forwarded ssh-agent,” Saeed Abbasi, manager of vulnerability research at Qualys,
Generative AI tools have conquered the workplace, especially large language model-based (LLM) chatbots like OpenAI’s ChatGPT and Google’s Bard. These powerful tools are capable of performing a broad range of tasks, from helping to draft perfect emails to providing digestible summaries, freeing up the time-strapped worker to focus on more strategic activities. However, using LLMs
Jul 21, 2023THNEmail Security / Cyber Attack The recent attack against Microsoft’s email infrastructure by a Chinese nation-state actor referred to as Storm-0558 is said to have a broader scope than previously thought. According to cloud security company Wiz, the inactive Microsoft account (MSA) consumer signing key used to forge Azure Active Directory (Azure AD
The US Department of Justice (DoJ) is doubling the size of the team investigating cryptocurrency crime, with the fight against ransomware “an urgent priority.” In a speech at the Center for Strategic and International Studies on Thursday, July 20, Principal Deputy Assistant Attorney General Nicole M. Argentieri announced the merger of the National Cryptocurrency Enforcement
Jul 22, 2023THNEncryption / Privacy Apple has warned that it would rather stop offering iMessage and FaceTime services in the U.K. than bowing down to government pressure in response to new proposals that seek to expand digital surveillance powers available to state intelligence agencies. The development, first reported by BBC News, makes the iPhone maker
A Chinese cyber-espionage campaign revealed by Microsoft last week compromised the government email account of the US ambassador to China and other officials, a new report has claimed. Citing people familiar with the matter, the Wall Street Journal revealed that the account of Nicholas Burns and Daniel Kritenbrink, the assistant secretary of state for East
by Paul Ducklin SING US A CYBERSECURITY SONG Why your Mac’s calendar app says it’s JUL 17. One patch, one line, one file. Careful with that {axe,file}, Eugene. Storm season for Microsoft. When typos make you sing for joy. No audio player below? Listen directly on Soundcloud. With Doug Aamoth and Paul Ducklin. Intro and
Jul 21, 2023THNCyber Threat / Malware A new malware strain known as BundleBot has been stealthily operating under the radar by taking advantage of .NET single-file deployment techniques, enabling threat actors to capture sensitive information from compromised hosts. “BundleBot is abusing the dotnet bundle (single-file), self-contained format that results in very low or no static
Why is kids’ personal information in high demand, how do criminals steal it, and what can parents do to help prevent child identity theft? Total identity fraud losses in the US were estimated at a whopping $43bn last year. While many of us are getting savvier about how we protect our personal information online, can
Open source is playing a growing role across the AI technology stack, but most (52%) projects reference known vulnerable dependencies in their manifest files, according to Endor Labs. The security vendor’s latest State of Dependency Management report claimed that just five months after its release, ChatGPT’s API is used in 900 npm and PyPI packages across
by Paul Ducklin At the tail-end of last week, Microsoft published a report entitled Analysis of Storm-0558 techniques for unauthorized email access. In this rather dramatic document, the company’s security team revealed the background to a previously unexplained hack in which data including email text, attachments and more were accessed: from approximately 25 organizations, including
- 1
- 2
- 3
- 4
- Next Page »