Aug 20, 2024The Hacker NewsCybersecurity / Cloud Security As cloud infrastructure becomes the backbone of modern enterprises, ensuring the security of these environments is paramount. With AWS (Amazon Web Services) still being the dominant cloud it is important for any security professional to know where to look for signs of compromise. AWS CloudTrail stands out
Month: August 2024
Read more about election security: Potential ransomware attacks during the 2024 election cycle have been deemed unlikely to compromise the security or accuracy of vote casting or counting. The news comes from a public service announcement (PSA) issued on August 15 by the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency
Aug 19, 2024Ravie LakshmananThreat Intelligence / Cryptocurrency A new type of malware called UULoader is being used by threat actors to deliver next-stage payloads like Gh0st RAT and Mimikatz. The Cyberint Research Team, which discovered the malware, said it’s distributed in the form of malicious installers for legitimate applications targeting Korean and Chinese speakers. There
National Public Data, a US background check company, suffered a data breach in April 2024 that could have exposed sensitive data records of millions of US, UK and Canadian residents. The Florida-based data broker, which provides access to data from various public record databases, court records, state and national databases and other repositories nationwide, confirmed
Aug 16, 2024Ravie LakshmananDark Web / Data Breach A 27-year-old Russian national has been sentenced to over three years in prison for peddling financial information, login credentials, and other personally identifying information (PII) on a now-defunct dark web marketplace called Slilpp. Georgy Kavzharadze, 27, of Moscow, Russia, pleaded guilty to one count of conspiracy to
Microsoft has announced it is mandating multi-factor authentication (MFA) for all Azure sign-ins. Customers can select from multiple MFA options through Microsoft Entra to meet their needs. These are: Users approving sign-ins from a mobile app using push notifications, biometrics, or one-time passcodes though Microsoft Authenticator FIDO2 security keys, enabling sign-ins without a username or
Video Business email compromise (BEC) has once again proven to be a costly issue, with a company losing $60 million in a wire transfer fraud scheme 16 Aug 2024 A Luxembourg-based chemicals and manufacturing company has recently suffered one of the largest-ever business email compromise (BEC) attacks. According to a filing to the U.S. Securities
OpenAI on Friday said it banned a set of accounts linked to what it said was an Iranian covert influence operation that leveraged ChatGPT to generate content that, among other things, focused on the upcoming U.S. presidential election. “This week we identified and took down a cluster of ChatGPT accounts that were generating content for
Two US House of Representatives members have called on the US Department of Commerce to investigate Chinese-made Wi-Fi routers deployed in the US over hacking and espionage concerns. John Moolenaar (R-MI), chairman of the House Select Committee on the Strategic Competition Between the United States and the Chinese Communist Party, and Raja Krishnamoorthi (D-IL), a
Aug 16, 2024Ravie LakshmananCloud Security / Application Security A large-scale extortion campaign has compromised various organizations by taking advantage of publicly accessible environment variable files (.env) that contain credentials associated with cloud and social media applications. “Multiple security missteps were present in the course of this campaign, including the following: Exposing environment variables, using long-lived
Read more about cybersecurity at the Paris Olympics: A new report has revealed a surge in malicious online activities leading up to the Paris Olympic Games, which started on July 26, 2024. Published by cybersecurity researchers at BforeAI today, the new data shows threat actors exploited the popularity of the event by setting up fake
Scams Here’s how to spot and dodge scams when searching for stuff on the classified ads website that offers almost everything under the sun Phil Muncaster 12 Aug 2024 • , 5 min. read People have been buying and selling items on Craigslist for nearly three decades. As a platform for digital classified ads, its
Aug 15, 2024Ravie LakshmananEnterprise Security / Vulnerability SolarWinds has released patches to address a critical security vulnerability in its Web Help Desk software that could be exploited to execute arbitrary code on susceptible instances. The flaw, tracked as CVE-2024-28986 (CVSS score: 9.8), has been described as a deserialization bug. “SolarWinds Web Help Desk was found
A new sophisticated phishing attack featuring a stealthy infostealer malware that exfiltrates a wide range of sensitive data has been uncovered by threat analysts. This malware not only targets traditional data types like saved passwords but also includes session cookies, credit card information, Bitcoin-related extensions and browsing history. The collected data is then sent as a
Scams Your phone number is more than just a way to contact you – scammers can use it to target you with malicious messages and even exploit it to gain access to your bank account or steal corporate data Márk Szabó 13 Aug 2024 • , 5 min. read Last month, we looked at how
Aug 14, 2024Ravie LakshmananMalware / Network Security An ongoing social engineering campaign with alleged links to the Black Basta ransomware group has been linked to “multiple intrusion attempts” with the goal of conducting credential theft and deploying a malware dropper called SystemBC. “The initial lure being utilized by the threat actors remains the same: an
Australian gold mining firm Evolution Mining recently reported a ransomware attack on its IT systems, identified on August 8, 2024. In a Monday filing with the Australian Securities Exchange (ASX), the company stated that the incident was contained. “The incident has been proactively managed with a focus on protecting the health, safety and privacy of
Privacy What if your favorite dating, social media or gaming app revealed your exact coordinates to someone you’d rather keep at a distance? Tony Anscombe 12 Aug 2024 • , 3 min. read In today’s digital age, geolocation features in many apps offer undeniable convenience. Just before writing this blog, I needed to locate some
Aug 13, 2024Ravie LakshmananVulnerability / Hardware Security A team of researchers from the CISPA Helmholtz Center for Information Security in Germany has disclosed an architectural bug impacting Chinese chip company T-Head’s XuanTie C910 and C920 RISC-V CPUs that could allow attackers to gain unrestricted access to susceptible devices. The vulnerability has been codenamed GhostWrite. It
A newly discovered vulnerability, identified as CVE-2024-6768, has surfaced in the Common Log File System (CLFS.sys) driver of Windows. This issue, identified by Fortra cybersecurity researcher, Ricardo Narvaja, highlights a flaw that could allow an unprivileged user to cause a system crash, resulting in Blue Screen of Death (BSOD). The vulnerability exists due to improper input
In 2023, no fewer than 94 percent of businesses were impacted by phishing attacks, a 40 percent increase compared to the previous year, according to research from Egress. What’s behind the surge in phishing? One popular answer is AI – particularly generative AI, which has made it trivially easier for threat actors to craft content
OpenAI has a tool to automatically watermark AI-generated content, but company leadership is split on whether to release it to the public. According to The Wall Street Journal, the company behind ChatGPT started developing a tool capable of labeling content generated by its large language models (LLMs) two years ago. People familiar with the matter
Critical Infrastructure In this high-stakes year for democracy, the importance of robust election safeguards and national cybersecurity strategies cannot be understated Tony Anscombe 09 Aug 2024 • , 3 min. read The mention of election security, especially in a year where the majority of the world is destined to vote, brings to mind images of
Aug 11, 2024Ravie LakshmananSupply Chain / Software Security Cybersecurity researchers have discovered a new malicious package on the Python Package Index (PyPI) repository that masquerades as a library from the Solana blockchain platform but is actually designed to steal victims’ secrets. “The legitimate Solana Python API project is known as ‘solana-py’ on GitHub, but simply
In early July 2024, some of the world’s leading AI companies joined forces to create the Coalition for Secure AI (CoSAI). During a conversation with Infosecurity at Black Hat USA 2024, Jason Clinton, CISO at Anthropic, one of CoSAI’s founding members, explained some of the key goals of the new coalition and the cybersecurity focus
Video Unsurprisingly, many discussions focused on the implications of the recent CrowdStrike outage, including the lessons it may have offered for bad actors 09 Aug 2024 This week was that time of the year when thousands of cybersecurity experts descended on Las Vegas to attend Black Hat USA, one of the world’s top cybersecurity conferences.
Aug 10, 2024Ravie LakshmananVulnerability / Mobile Security As many as 10 security flaws have been uncovered in Google’s Quick Share data transfer utility for Android and Windows that could be assembled to trigger remote code execution (RCE) chain on systems that have the software installed. “The Quick Share application implements its own specific application-layer communication
One of the US Cybersecurity and Infrastructure Security Agency’s (CISA) flagship initiatives is Secure by Design, launched in 2023. Now, the agency is imploring software customers to take the approach of Secure by Demand. This was the message given by CISA director Jen Easterly during the primary stage talk at Black Hat USA. “You have to
Business Security Cyber insurance is not only a safety net, but it can also be a catalyst for advancing security practices and standards Tony Anscombe 08 Aug 2024 • , 3 min. read If there was ever any doubt about the relationship between cybersecurity and the cyber insurance industry, then Black Hat USA 2024 dispelled
Aug 09, 2024Ravie LakshmananVulnerability / Network Security Microsoft on Thursday disclosed four medium-severity security flaws in the open-source OpenVPN software that could be chained to achieve remote code execution (RCE) and local privilege escalation (LPE). “This attack chain could enable attackers to gain full control over targeted endpoints, potentially resulting in data breaches, system compromise,