The Hacker News
Hackers Can Exploit 'Forced Authentication' to Steal Windows NTLM Tokens
A vulnerability in Microsoft Access that could be exploited to leak a Windows user’s NTLM tokens.
Security Affairs
Ukraine's intelligence service hacked Russia's Federal Air Transport Agency, Rosaviatsia
Ukraine's intelligence service announced the hack of the Russian Federal Air Transport Agency, 'Rosaviatsia.'
Infosecurity News
SysJoker Malware: Hamas-Related Threat Expands With Rust Variant
CPR said the malware now uses OneDrive instead of Google Drive for storing dynamic C2 server URLs
Bleeping Computer
Google Drive users angry over losing months of stored data
Google Drive users are reporting that recent files stored in the cloud have suddenly disappeared, with the cloud service reverting to a storage snapshot as it was around April-May 2023.
Cyber Security News
Broadcom Acquires VMware in a $61 Billion Deal
Broadcom has announced the triumphant acquisition of VMware, heralding a watershed moment in the sphere of infrastructure technology.
SecurityWeek
UK, Korea Warn of DPRK Supply Chain Attacks Involving Zero-Day Flaws
UK and Korea say DPRK state-sponsored hackers targeted governments, defense organizations via supply chain attacks.
CyberScoop
Shadowy hacking group targeting Israel shows outsized capabilities
A sophisticated campaign that has targeted Israel for at least 8 years shows evidence of improving its capabilities.
The Record
Suspected Hamas-linked hackers target Israel with new version of SysJoker malware
Cybersecurity companies Check Point and Intezer analyzed what appears to be a rewrite of backdoor malware that targeted Israel's education sector as early as 2021.
The Record
Tao Thomsen and the effort to back up what makes Ukraine uniquely Ukrainian
Since the beginning of Russia’s invasion of Ukraine, government officials, independent media organizations, and nonprofits have accused Russia of deliberately targeting churches and libraries and looting its most important museums.
Bleeping Computer
New Rust-based SysJoker backdoor linked to Hamas hackers
A new version of the multi-platform malware known as 'SysJoker' has been spotted, featuring a complete code rewrite in the Rust programming language.
Security Affairs
Hamas-linked APT uses Rust-based SysJoker backdoor against Israel
Researchers reported that a Hamas-linked APT group is using a rust-based SysJoker backdoor against Israeli entities.
The Hacker News
Cybercriminals Using Telekopye Telegram Bot to Craft Phishing Scams on a Grand Scale
Beware of Telekopye: The malicious Telegram bot used by the "Neanderthals" for large-scale phishing scams. It crafts phishing websites and emails.
The Hacker News
Hamas-Linked Cyberattacks Using Rust-Powered SysJoker Backdoor Against Israel
Researchers found a Rust version of SysJoker, a cross-platform backdoor used by Hamas-affiliated threat actor targeting Israel during ongoing conflict
The Record
EU lawmakers criticize lack of action to tackle spyware abuses
The European Parliament adopted a resolution on Thursday criticizing the bloc’s executive for failing to bring forward any laws that would address spyware abuses.
The Record
How one Russian nonprofit is trying to crack through the Kremlin’s censorship wall
A decade after its founding, the internet freedom organization Roskomsvoboda finds itself adjusting to harsh political and social realities within Russia, where a wartime regime continues to expand its authority over the internet.
Infosecurity News
Rug Pull Schemes: Crypto Investor Losses Near $1M
New scam identified by Check Point Threat Intelligence Blockchain system
Infosecurity News
North Korean Supply Chain Threat is Booming, UK and South Korea Warn
The UK’s NCSC and South Korea’s NIS issued a joint advisory describing some of North Korean hackers’ tactics in deploying supply chain attacks
The Hacker News
6 Steps to Accelerate Cybersecurity Incident Response
Effective Incident Response is more than just tools. It's a process. Explore the 6-step framework for successful IR.
Cyber Security News
Hackers Exploiting Windows SmartScreen Zero-day Vulnerability to Deploy Remcos RAT
Microsoft released multiple security patches as part of their Patch Tuesday in which three zero-day vulnerabilities were also patched.
CSO
Cyberattacks on Israel intensify as the war against Hamas rages: Check Point
Cyberattacks have grown in frequency as well as sophistication as the Israel-Hamas conflict intensifies.
The Record
Kansas Supreme Court: Hackers stole records, confidential files in October attack
Hackers who attacked the Kansas court system last month stole records and confidential files, according to the state's Supreme Court.
DarkReading
Scattered Spider Hops Nimbly from Cloud to On-Prem in Complex Attack
The actor behind the high-profile MGM incident jumps across segmentations in under an hour, in a ransomware attack spanning Okta, Citrix, Azure, SharePoint, and more.
The Hacker News
New Flaws in Fingerprint Sensors Let Attackers Bypass Windows Hello Login
🔒 Multiple vulnerabilities found in laptop fingerprint sensors—allowing attackers to bypass Windows Hello authentication on Dell, Lenovo, and Microso
The Hacker News
AI Solutions Are the New Shadow IT
AI Solutions Are the New Shadow IT - Ambitious Employees Tout New AI Tools, Ignore Serious SaaS Security Risks
The Hacker News
LockBit Ransomware Exploiting Critical Citrix Bleed Vulnerability to Break In
LockBit ransomware affiliates are exploiting the Citrix NetScaler flaw ("Citrix Bleed") to hijack user sessions and gain unauthorized access.
Ars Technica
USB worm unleashed by Russian state hackers spreads worldwide
LitterDrifter's means of self-propagation are simple. So why is it spreading so widely?
Trend Micro
Attack Signals Possible Return of Genesis Market, Abuses Node.js, and EV Code Signing
The Trend Micro Managed XDR team encountered malicious operations that used techniques similar to the ones used by Genesis Market, a website for facilitating fraud that was taken down in April 2023.
The Record
Report claims to reveal identity of Russian hacktivist leader
Killmilk is a 30-year-old Russian citizen, according to the news site Gazeta.ru. The report has drawn extra scrutiny to Killnet, known for DDoS attacks on Western targets.
.webp)
Cyber Security News
Rhysida Ransomware Attacking Windows Machine Through VPN Devices and RDP
Rhysida, a new ransomware group, hit its first victim in May 2023. They use their ransomware, offered as RaaS (Ransomware-as-a-Service), with at least 50 global victims listed on their website.
CyberNews
Cybersec executive caught hacking hospitals to boost business
Cybersecurity exec plead guilty to hacking hospitals to boost business.
SecurityWeek
LLM Security Startup Lasso Emerges From Stealth Mode
Lasso Security raises $6 million in seed funding to tackle cyber threats to secure generative AI and large language model algorithms.
DarkReading
AI Helps Uncover Russian State-Sponsored Disinformation in Hungary
Researchers used machine learning to analyze Hungarian media reports and found Russian narratives soured the nation's perspective on EU sanctions and arms deliveries months before the Ukraine invasion.
The Record
‘Citrix Bleed’ vulnerability targeted by nation-state and criminal hackers: CISA
The bug has caused alarm for weeks as cybersecurity experts warned that many government agencies and major companies were leaving their appliances exposed to the internet — opening themselves up to attacks.
The Record
Binance agrees to pay $4.3 billion for money laundering violations, CEO steps down
Binance, the largest cryptocurrency exchange in the world, agreed to pay more than $4 billion in settlements with several U.S. law enforcement agencies after years of investigations uncovered widespread criminal use of the platform.
Bleeping Computer
Gamaredon's LittleDrifter USB malware spreads beyond Ukraine
A recently discovered worm that researchers call LittleDrifter has been spreading over USB drives infecting systems in multiple countries as part of a campaign from the Gamaredon state-sponsored espionage group.
DarkReading
Amid Military Buildup, China Deploys Mustang Panda in the Philippines
China pairs cyber and kinetic attacks in the South Pacific as it continues to wrangle control of the South China Sea.
Ars Technica
OpenAI employees revolt after board names new CEO and Altman heads to Microsoft
Ilya Sutskever announces regret; 505 OpenAI employees sign letter asking board to resign.
CyberNews
Best botnet ad? An attack on OpenAI
Anonymous Sudan attacks on OpenAI and Cloudlfare are meant to show the groups' capabilities.
SecurityWeek
Johnson Controls Patches Critical Vulnerability in Industrial Refrigeration Products
Johnson Controls patches a critical vulnerability that can be exploited to take complete control of Frick industrial refrigeration products
SecurityWeek
Russia's LitterDrifter USB Worm Spreads Beyond Ukraine
Russian Gamaredon’s self-propagating LitterDrifter USB worm spreads from Ukraine to the US and other countries.
CyberSecurity Dive
‘Honesty’: Estes details its playbook for responding to a cyberattack
Being open about the incident engendered goodwill from customers and colleagues, executives said.
The Record
British Library says ransomware hackers stole data from HR files
The British Library — one of the largest libraries in the world and the national library of the United Kingdom — said the ransomware gang behind a recent attack on its systems appeared to leak data stolen from its human resources files.
Security Affairs
Russian APT Gamaredon uses USB worm LitterDrifter against Ukraine
Russia-linked cyberespionage group Gamaredon has been spotted propagating a worm called LitterDrifter via USB.
The Hacker News
Russian Cyber Espionage Group Deploys LitterDrifter USB Worm in Targeted Attacks
Russian cyber espionage group linked to the FSB are using a USB worm called LitterDrifter to target Ukrainian organizations.
Ars Technica
OpenAI President Greg Brockman quits as nervous employees hold all-hands meeting
After Altman firing, Microsoft has "utmost confidence" in partner OpenAI.
DarkReading
Detection & Response That Scales: A 4-Pronged Approach
Building a resilient incident response team requires more than a simple combination of tools and on-call rotations.
CyberNews
European Commission, IBM pull ads from Elon Musk’s X
The EU’s executive branch said advertising on X posed “reputational damage” while IBM pulled ads after they were displayed next to Nazi content.
Infosecurity News
Black Friday: Scammers Exploit Luxury Brands to Lure Victims
Check Point Research say these latest luxury brand scams are a wake-up call for shoppers to stay vigilant online
The Record
Russian analysts point finger at China, North Korea over cyber activity
Despite the countries' warm relationship, Russia is being targeted by North Korean and Chinese state hacking groups, a cybersecurity firm connected to Rostelecom claims.
The Record
UK privacy authority to appeal decision overturning $10 million fine on Clearview AI
The Information Commissioner’s Office (ICO) said it agreed with some aspects of a ruling from October, but ultimately wants to clarify whether Clearview AI can characterize certain activities as working with "law enforcement."
The Record
Remcos, again: Ukrainian agencies targeted in a new spying campaign
In a recent campaign, the hacking group tracked as UAC-0050 attempted to spread the Remcos remote access tool, according to research by Ukraine's computer emergencies response team (CERT-UA).
The Record
Multiple colleges, K-12 schools facing outages after cyberattacks
North Carolina Central University is investigating a cyberattack this week, as are school districts in Michigan, Oregon and Atlanta.
Cyber Security News
ChatGPT for Malware Analysis: Enhancing GPT’s Ability to Guide Malware Analyst
GPT excels in verbal thinking, skillfully choosing precise words for optimal responses. Understanding this key property is crucial, as much of its subsequent behavior stems from this ability.
Cyber Security News
Best Network Security Vendors for SaaS - 2024
Best Network Security Vendors for SaaS : 1. Perimeter 81 2. Palo Alto Networks 3. Fortinet 4. Symantec 5. Check Point 6. McAfee 7. Okta.
CyberNews
Henry Schein data breach: banking details exposed
Henry Schein confirms an October data breach, claimed by APLHV/BlackCat ransom group, and reveals that customer bank account and credit card numbers were likely exposed.
Cyber Security News
8-Point Security Checklist For Your Storage & Backups - 2024
A ransomware attack is a horrible time to discover that your backups are not secure, so to help, here’s an 8-point checklist.
Bleeping Computer
FBI and CISA warn of opportunistic Rhysida ransomware attacks
The FBI and CISA warned today of Rhysida ransomware gang's opportunistic attacks targeting organizations across multiple industry sectors.
Bleeping Computer
Fraud researchers impersonated on X to push crypto-stealing sites
Multiple fake accounts impersonating cryptocurrency scam investigators and blockchain security companies are promoting phishing pages to drain wallets in an ongoing campaign on X (former Twitter).
Bleeping Computer
Fraudsters make $50,000 a day by spoofing crypto researchers
Multiple fake accounts impersonating cryptocurrency scam investigators and blockchain security companies are promoting phishing pages to drain wallets in an ongoing campaign on X (former Twitter).
Cyber Security News
WP Fastest Cache Plugin Exposes Over 600K+ WordPress Sites to SQL Injection Attacks
In a recent development, the WPScan team has unearthed a significant security flaw within the widely-used WP Fastest Cache plugin.
CyberNews
White faces generated by AI more convincing than real photos
AI image generators are disproportionately trained on white faces – to such an extent that they are even perceived as more real than human ones.
CyberNews
LockBit ransom gang behind mass exploitation of Citrix bug, researchers say
Security researchers are blaming a now-patched Citrix zero-day vulnerability for a recent spate of ransomware attacks said to be carried out by the LockBit gang.
The Record
CISA's Goldstein: Ukrainian response to Viasat hack proves need for redundancy, resilience
The Ukrainian military’s ability to recover from the Russian attack on satellite company Viasat is an example of the need for redundant systems and resilient organizations, according to a top U.S. government cybersecurity official.
The Record
UK National Cyber Force operations to become ‘more embedded’ with policing
The elite U.K. hacking unit eventually will be more integrated into police operations, alongside military and intelligence ones, according to Gen. Sir Jim Hockenhull, the chief of Strategic Command.
.jpg)
DarkReading
Royal Ransom Demands Exceed $275M, Rebrand in Offing
The swift-moving ransomware crew continues to evolve quickly and has already attacked more than 350 victims since it was first detected just over a year ago.
Cyber Security News
10 Best Network Security Companies For CISO - 2024
Best Network Security Companies for CISO: 1. Perimeter81 2. Palo Alto Networks 3. Cisco 4. Check Point 5. IBM 6. Crowdstrike 7. Trend Micro.
Bleeping Computer
Meet the Unique New "Hacking" Group: AlphaLock
A Russian hacking group known as AlphaLock is launching a "pentest" marketplace and training platform to empower a new generation of threat actors. Learn more from Flare about the new hacking group.
Ars Technica
Teens with “digital bazookas” are winning the ransomware war, researcher laments
LockBit victims, among the world's most powerful firms, can't be bothered to patch, it seems.
SecurityWeek
Hacker Conversations: Chris Wysopal, AKA Weld Pond
Chris Wysopal (AKA Weld Pond) founder and CTO of Veracode and member of the hacker collective L0pht Heavy Industries.
The Hacker News
The Importance of Continuous Security Monitoring for a Robust Cybersecurity Strategy
Data breaches cost businesses $4.45 million on average in 2023! Don't let your organization become a statistic.
CyberNews
US Senate warned against rushed renewal of controversial surveillance authority
More than 30 civil liberties and privacy groups wrote to US Senate majority leader Chuck Schumer, urging him to rethink reauthorizing a contentious surveillance program.
CyberSecurity Dive
File-transfer services, rich with sensitive data, are under attack
This year has seen a trio of supply-chain attacks that created turmoil for thousands of corporate victims and their customers.
CyberNews
Denmark hit with largest cyberattack on record
Hackers potentially linked to Russia’s military intelligence carried out a series of highly coordinated cyberattacks on Danish energy infrastructure, a report says.
The Record
CISA, FBI warn that Royal ransomware gang may rebrand as ‘BlackSuit’
The leading cybersecurity agencies in the U.S. released startling new data on the Royal ransomware gang on Monday, confirming previous reports that the gang may be preparing for a rebrand.
The Record
Tom Tugendhat criticizes fake AI attempts to ‘besmirch’ Keir Starmer and Sadiq Khan
Tom Tugendhat, Britain’s minister of state for security — and a Conservative Party politician — decried on Tuesday AI-generated fake audio clips that intended to damage the reputations of high-profile opposition politicians in the United Kingdom.
The Record
Cyberattack on North Carolina county allowed hackers to access data
A cyberattack on a North Carolina county has forced officials to call in the state’s national guard for assistance.
The Record
FBI takes down IPStorm malware botnet as hacker behind it pleads guilty
The FBI dismantled the IPStorm botnet proxy network and its infrastructure this week following a September plea deal with the hacker behind the operation.
Trend Micro
A Closer Look at ChatGPT's Role in Automated Malware Creation
This blog entry explores the effectiveness of ChatGPT's safety measures, the potential for AI technologies to be misused by criminal actors, and the limitations of current AI models.
Infosecurity News
Python Malware Poses DDoS Threat Via Docker API Misconfiguration
Cado Security Labs said the bot agent exhibited various methods for conducting DDoS attacks
CyberNews
Hacking the sky: planes need patching, too – interview
Cyber assaults on the aviation sector carry more serious repercussions than mere data theft or DDoS attacks.
The Hacker News
New BiBi-Windows Wiper Targets Windows Systems in Pro-Hamas Attacks
Researchers warn of BiBi-Windows Wiper, a dangerous Windows version of a wiper malware used in cyber attacks on Israel.
The Record
Canadian banking tech giant Moneris says it prevented ransomware attack
The joint venture of the Royal Bank of Canada and Bank of Montreal said its cybersecurity team “prevented access to critical data and no ransom request was made.”
CSO
Major Australian ports shut down following cyber incident
DP World Australia restricted port operations for two days following the discovery of a cyber incident.
Cyber Security News
Best Security Solutions for Marketers - 2024
Best security solutions for Marketers: 1. Perimeter 81 2. Surfshark3. Private Internet Access 4. Malwarebytes 5. CyberGhost 6. GoodAccess
Cyber Security News
Burp Suite 2023.10.3.4 Released for Professional & Community - What's New!
developers at PortSwigger released a new version of Burp Suite for ethical hackers and security professionals, which is Burp Suite 2023.10.3.4
The Hacker News
Alert: 'Effluence' Backdoor Persists Despite Patching Atlassian Confluence Servers
Researchers found a persistent backdoor called Effluence in compromised Atlassian Confluence servers. This allows attackers to access resources and da
The Record
Android spyware delivered through infected news site targets Urdu speakers in Kashmir
Hackers are targeting Urdu speakers with spyware delivered through an infected popular news site, according to a new report.
The Record
Clearing the informational fog in Israel and Gaza
The Click Here podcast team reports on wartime technological improvisations: An activist unexpectedly leads an effort to identify the missing and the dead. And an English teacher finds a way to connect mobile phones as infrastructure collapses.
CyberNews
Allen & Overy law firm breached, LockBit takes credit
Top global law firm Allen & Overy (A&O) said some of its systems have been impacted due to a “data incident” claimed by the LockBit ransomware group.
CyberScoop
Cyber ops linked to Israel-Hamas conflict largely improvised, researchers say
Microsoft and Mandiant researchers believe Iranian hackers were not prepared for the initial Hamas attack.
CyberNews
Dolly.com pays ransom, attackers release data anyway
Dolly.com was attacked, paid the ransom, but attackers still published its data.
Cyber Security News
Top 6 Cyber Incident Response Plans - 2024
Top Incident Response Plans : 1. Preparation 2. Identification 3. Containment 4. Eradication 5. Recovery 6. Lessons learned.
Bleeping Computer
Russian hackers switch to LOTL technique to cause power outage
Russian state hackers have evolved their methods for breaching industrial control systems by adopting living-off-the-land techniques that enable reaching the final stage of the attack quicker and with less resources
The Hacker News
When Email Security Meets SaaS Security: Uncovering Risky Auto-Forwarding Rules
Beware of email auto-forwarding pitfalls. Learn how Wing Security's free tool can safeguard your sensitive data.
CyberSecurity Dive
Ransomware targeting casinos is on the rise, FBI warns
Threat actors have used phishing attacks and exploited vulnerabilities in third-party vendor remote access tools to target the casino gaming industry.
The Record
Ransomware gang behind MOEVit attacks are targeting new zero-day, Microsoft says
The Russian ransomware gang behind the exploitation of several popular file transfer tools is now exploiting a new vulnerability in SysAid IT support software, according to a new report.
DarkReading
Evasive Jupyter Infostealer Campaign Showcases Dangerous Variant
The attacks are another manifestation of the concerning rise in information stealers for harvesting data and enabling persistent access to enterprise networks.
Cyber Security News
NODLINK - First-ever Online System for APT Attack Detection
Researchers that APTs cause financial harm to organizations.Current online systems prioritize simplicity but create complex graphs.
Computerworld
Windows Hello for Business: Passwordless authentication for Windows shops
Microsoft has brought biometric sign-in to Windows 10 business and enterprise users with Windows Hello for Business. Here’s how it works and how to deploy it to your users.
CSO
Facebook tops security ratings among social networks
Enterprise-grade authentication remains an Achilles heel of the social media world, but security is improving in other areas, according to a report by access management provider Cerby.
Ars Technica
OpenAI introduces GPT-4 Turbo: Larger memory, lower cost, new knowledge
Novel-sized context window, DALL-E 3 API, more announced on OpenAI DevDay 2023.
The Hacker News
Iranian Hackers Launches Destructive Cyberattacks on Israeli Tech and Education Sectors
Iranian-linked Agonizing Serpens APT group using novel wiper malware and tactics to target Israeli education and tech sectors.
Infosecurity News
Security Agency Publishes Post-Quantum Guidance For Firms
NCSC wants to ease transition to quantum safety
The Hacker News
U.S. Treasury Targets Russian Money Launderer in Cybercrime Crackdown
U.S. Treasury imposes sanctions on Russian woman for laundering virtual currency for elites and cybercriminal groups, including Ryuk ransomware.
The Record
Researchers spot an increase in Jupyter infostealer infections
Education and healthcare institutions seem to be targets in the latest wave of Jupyter infections, according to VMware's Carbon Black team.
The Hacker News
StripedFly Malware Operated Unnoticed for 5 Years, Infecting 1 Million Devices
StripedFly, a stealthy malware posing as a crypto miner, has infected over a million devices worldwide and has flown under the radar for 5 years.
Bleeping Computer
Dutch hacker jailed for extortion, selling stolen data on RaidForums
A former Dutch cybersecurity professional was sentenced to four years in prison after being found guilty of hacking and blackmailing more than a dozen companies in the Netherlands and worldwide.
CSO
UK NCSC issues new guidance on post-quantum cryptography migration
The UK National Cyber Security Centre has refreshed its guidance to help system and risk owners plan their migration to post-quantum cryptography (PQC).
The Hacker News
Predictive AI in Cybersecurity: Outcomes Demonstrate All AI is Not Created Equally
Discover how predictive AI is shaping the future of cybersecurity. Learn how BlackBerry's Cylance AI is outperforming the competition in malware.
The Record
UK agency warns post-quantum cryptography migration will be ‘very complicated’
The National Cyber Security Centre says that more than just mathematics will be necessary to meet the threat that quantum computers pose to traditional public-key cryptography.
The Record
Apple warns Armenians of state-sponsored hacking attempts
Apple has sent alerts to people in Armenia in recent weeks that their phones are being targeted by state-sponsored hackers, with several cybersecurity experts warning that it is likely tied to Pegasus spyware.
The Record
Corrupt police intel analyst jailed for tipping off criminal about EncroChat hack
Natalie Mottram, 25, was arrested in June and now begins a prison sentence of more than three years for misconduct in public office, perverting the course of justice and unauthorized access to computer material.
The Record
Cyber experts and officials raise alarms about exploits against Citrix and Apache products
The zero-day bugs affecting products from Citrix and Apache have critical severity scores and require immediate attention, experts warned.
CSO
Microsoft pledges cybersecurity overhaul to protect products and services
Microsoft launches the Secure Future Initiative to usher in “next generation” of cybersecurity to better protect customers against escalating cybersecurity threats.
CyberScoop
Microsoft upgrades security for signing key in wake of Chinese breach
Policymakers and researchers have sharply criticized Microsoft’s security practices after an illicitly obtained key enabled a wide-ranging espionage operation.
The Hacker News
SaaS Security is Now Accessible and Affordable to All
Worried about shadow IT and SaaS security? Wing Security's "Essential SSPM" offers a solution. Discover, Assess, Control.
Computerworld
Q&A: Cisco CIO sees AI embedded in every product and process
After little more than a year on the job, Cisco CIO Fletcher Previn can already see that AI will create productivity and efficiency gains well worth the money spent on developing domain-specific models to address internal and external business plans.
SecurityWeek
Mozi Botnet Likely Killed by Its Creators
The recent shutdown of the Mozi botnet is believed to have been carried out by its creators, possibly forced by Chinese authorities.
SecurityWeek
Iranian Cyber Spies Use 'LionTail' Malware in Latest Attacks
Check Point reports that an Iranian APT has been observed using a new malware framework in targeted attacks in the Middle East.
Bleeping Computer
LayerX Enterprise Browser Security Extension – Secure the Modern Workspace
LayerX has developed a secure enterprise browser extension that delivers comprehensive visibility, monitoring, and granular policy enforcement on every event within a browsing session. Learn more about this cybersecurity platform from LayerxSecurity.
Computerworld
New Jamf CEO John Strosahl on Apple in the enterprise, Jamf's future
John Strosahl became CEO in September when he took over from Dean Hager. We caught up with him to discuss Apple's growing role in the enterprise and the future of his company.
SecurityWeek
DPI: Still Effective for the Modern SOC?
DPI can still be useful in a modern SOC, but its effectiveness and relevance depend on the specific security needs of the organization.
The Hacker News
Hands on Review: LayerX's Enterprise Browser Security Extension
Protect your organization's most critical interface—The Browser! LayerX's secure extension offers comprehensive visibility and policy enforcement, de
The Hacker News
Iranian Cyber Espionage Group Targets Financial and Government Sectors in Middle East
Iranian threat actor "Scarred Manticore" has launched a year-long cyber espionage campaign targeting the Middle East finance, government, military.
CyberSecurity Dive
BeyondTrust, Cloudflare averted Okta attacks thanks to security chops
With details scant, worries remain about how the attacks might have played out for less security-focused businesses that were impacted.
The Hacker News
North Korean Hackers Targeting Crypto Experts with KANDYKORN macOS Malware
State-sponsored North Korean hackers are using a sneaky macOS malware called KANDYKORN to target crypto engineers via Discord.
CSO
BackSlash’s new ASPM combines existing AppSec with context-based risk prioritization
The new platform is designed to drastically reduce alert noise and allow security teams to focus on genuine threats.
DarkReading
Malware 'Meal Kits' Serve Up No-Fuss RAT Attacks
The wider availability of turnkey cyberattack kits in the criminal underground is leading to a glut of campaigns using remote access Trojans (RATs).
CSO
iLeakage updates Spectre for novel info-stealing side-channel attack
The iLeakage proof of concept targets Apple silicon devices running Safari, demonstrating techniques that improve on Sceptre and MeltDown exploits and demonstrate continuing vulnerabilities in modern CPUs.
DarkReading
'Prolific Puma' Hacker Gives Cybercriminals Access to .us Domains
Cybercriminals are upping their phishing with shortened links and showing that coveted, regulated top-level domains aren't as exclusive as you'd think.
Infosecurity News
Scarred Manticore Targets Middle East With Advanced Malware
Discovered by Check Point Research (CPR) and Sygnia, the campaign peaked in mid-2023
SecurityWeek
Extending ZTNA to Protect Against Insider Threats
Overcoming the failures and challenges of Zero Trust Network Access (ZTNA) for in-office and remote users
CSO
SEC sues SolarWinds and its CISO for fraudulent cybersecurity disclosures
SEC has accused SolarWinds and its CISO of understating cybersecurity risks to stakeholders and said the company missed numerous red flags.
Computerworld
What exactly will the UK government's global AI Safety Summit achieve?
With the first global AI Safety Summit beginning in the UK on Nov. 1, questions remain over whether the event will facilitate a meaningful outcome and if there will ever be a global consensus on AI regulation.
Bleeping Computer
Exploit released for critical Cisco IOS XE flaw, many hosts still hacked
Public exploit code is now available for the critical Cisco IOS XE vulnerability tracked as CVE-2023-20198 that was leveraged as a zero-day to hack tens of thousands of devices.
The Record
Iranian hackers caught spying on governments and military in Middle East
An Iranian nation-state threat actor is targeting high-profile organizations in the Middle East in an ongoing espionage campaign, according to a new report.
Bleeping Computer
LastPass breach linked to theft of $4.4 million in crypto
Hackers have stolen $4.4 million in cryptocurrency on October 25th using private keys and passphrases stored in stolen LastPass databases, according to research by crypto fraud researchers who have been researching similar incidents.
Ars Technica
Windows CE, Microsoft’s stunted middle child, reaches end of support at 26 years
From netbooks and PDAs to ATMs, voting kiosks, and ungainly presidential phones.
Bleeping Computer
RCE exploit for Wyze Cam v3 publicly released, patch now
A security researcher has published a proof-of-concept (PoC) exploit for Wyze Cam v3 devices that opens a reverse shell and allows the takeover of vulnerable devices.
Computerworld
Biden lays down the law on AI
The White House today issued a long-awaited executive order that hammers out clear rules and oversight measures to ensure artificial intelligence is kept in check, while also providing paths for it to grow.
Infosecurity News
Lazarus Group Malware Targets Legitimate Software
Kaspersky unveiled the cyber campaign at the Security Analyst Summit
Ars Technica
Biden issues sweeping executive order that touches AI risk, deepfakes, privacy
Order details US admin's approach to AI safety, media authenticity, job loss, and more.
SecurityWeek
Apple Improves iMessage Security With Contact Key Verification
New capability detects attacks on iMessage servers and allows users to verify a conversation partner’s identity.
SecurityWeek
Whistleblowers: Should CISOs Consider Them a Friend or Foe?
Are whistleblowers a danger to corporate brand image, and an insider threat? Or can they be used to strengthen cybersecurity and compliance?
The Hacker News
Urgent: New Security Flaws Discovered in NGINX Ingress Controller for Kubernetes
Three new high-severity security flaws discovered in NGINX Ingress controller for Kubernetes. Hackers can steal secret credentials.
Trend Micro
Customers prefer Trend Micro in XDR, Endpoint & Cloud
Customer feedback validates Trend's leadership in in XDR, endpoint security, hybrid Cloud
Bleeping Computer
The Week in Ransomware - October 27th 2023 - Breaking Records
Ransomware attacks are increasing significantly, with reports indicating that last month was a record month for ransomware attacks in 2023.
Ars Technica
People are speaking with ChatGPT for hours, bringing 2013’s Her closer to reality
Long mobile conversations with the AI assistant using AirPods echo the sci-fi film.
Cyber Security News
11 Best Cloud Access Security Broker Software (CASB) - 2023
Best Cloud Access Security Broker (CASB) Software: 1. DoControl CASB 2. Microsoft Cloud App Security 3. Forcepoint 4. Palo Alto Networks.
CyberSecurity Dive
High-profile summer attacks linked to same aggressive ransomware group
Microsoft researchers described Octo Tempest, or Oktapus, as one of the most dangerous financial criminal groups currently in operation.
CSO
Failure to verify OAuth tokens enables account takeover on websites
Report shows the importance of ensuring OAuth implementation is secure to protect against identity theft, financial fraud, and access to personal information.
The Record
In Chernihiv, a project preserving the past — with technology of the future
On a recent trip to Ukraine, Click Here spoke with Kateryna Goncharova, a Ukraine heritage crisis specialist with the World Monuments Fund (WMF), about a high-tech conservation effort to restore cultural sites damaged in the war.
Ars Technica
iPhone privacy feature hiding Wi-Fi MACs has failed to work for 3 years
“From the get-go, this feature was useless,” researcher says of feature put into iOS 14.
CyberScoop
Kaspersky reveals 'elegant' malware resembling NSA code
The Russian cybersecurity firm discovered sophisticated malware that combined cryptocurrency mining and espionage capabilities.
Infosecurity News
Operation Triangulation iOS Attack Details Revealed
Kaspersky said the attack exploited five vulnerabilities, four of which were unknown zero-days
Infosecurity News
CISO Best Practices for Managing Cyber Risk
Two leading CISOs provide best practice tips for CISOs on undertaking a sustainable cyber risk management program
CSO
Teleport’s new offering to help reduce attack response times
The identity governance and security offering will automate access requests, detect weak access patterns, and help with incident response.
The Record
CISA: Agencies seeing steep decrease in known exploited vulnerabilities on federal networks
A catalog of exploited vulnerabilities run by the top cybersecurity agency in the U.S. is having a significant effect on the security of federal civilian agencies, according to Congressional testimony from a senior official.
The Record
Ukraine’s deputy minister of digital transformation on building a military tech sector from scratch
On a recent trip to Ukraine, Click Here spoke with Ukraine's Alex Bornyakov about the country's booming drone sector and the Brave1 initiative, which aims to get innovative weapons into the hands of soldiers in a matter of weeks, not months.
Bleeping Computer
Chilean telecom giant GTD hit by the Rorschach ransomware gang
Chile's Grupo GTD warns that a cyberattack has impacted its Infrastructure as a Service (IaaS) platform, disrupting online services.
Ars Technica
University of Chicago researchers seek to “poison” AI art generators with Nightshade
Altered images could destroy AI model training efforts that scrape art without consent.
Bleeping Computer
Windows 11 to let admins mandate SMB encryption for outbound connections
Windows 11 will let admins mandate SMB client encryption for all outbound connections, starting with today's Windows 11 Insider Preview Build 25982 rolling out to Insiders in the Canary Channel.
SecurityWeek
Mandiant Intelligence Chief Raises Alarm Over China's 'Volt Typhoon' Hackers in US Critical Infrastructure
Critical infrastructure defenders should urgently work to find and remove traces of Volt Typhoon, a Chinese government-backed hacking team.
The Record
Saving Ukraine’s cultural heritage with a click
When a Russian bomb damaged a beloved library in the Ukrainian city of Chernihiv, locals feared that it would be lost forever. Then a cutting-edge technology came to the rescue.
SecurityWeek
Rockwell Automation Warns Customers of Cisco Zero-Day Affecting Stratix Switches
Rockwell Automation has warned customers about the impact of the actively exploited Cisco IOS XE zero-day on its Stratix industrial switches.
SecurityWeek
Number of Cisco Devices Hacked via Zero-Day Remains High as Attackers Update Implant
The number of Cisco devices hacked via recent zero-days remains high, but the attackers have updated their implant.
The Hacker News
Operation Triangulation: Experts Uncover Deeper Insights into iOS Zero-Day Attacks
Sophisticated Apple iOS attack dubbed Operation Triangulation employed clever techniques to targets victims with a backdoor implant called "TriangleDB
The Record
Finland says Chinese ship to blame for subsea pipeline break
Finland's investigation into the damage found a dragging trail on the seabed leading to the point of damage in the gas pipeline. The report left open the question of whether the damage was intentional or accidental.
SecurityWeek
China Crackdown on Cyber Scams in Southeast Asia Nets Thousands but Leaves Networks Intact
Chinese authorities have netted thousands of people in a crackdown on cyber scams, but the criminal networks remain intact.
SecurityWeek
Cisco Finds Second Zero-Day as Number of Hacked Devices Apparently Drops
Cisco has found a second zero-day vulnerability that has been exploited in recent attacks as the number of hacked devices has dropped.
The Hacker News
Quasar RAT Leverages DLL Side-Loading to Fly Under the Radar
DLL side-loading, a tactic used by malicious actors, helps Quasar RAT and other malware evade detection, steal data.
The Record
As Congress idles, key lawmakers retain sense of urgency on surveillance law
Section 702 of the Foreign Intelligence Surveillance Act (FISA) will sunset on January 1 without congressional action. Several committee chairman are pushing ahead with bills to renew the controversial law.
CyberNews
Social media is drowning in misinformation on the Israel-Hamas conflict
No slickly edited five-minute video can explain the Israeli-Palestinian conflict with adequate context, professor Mazza says.
Ars Technica
Thanks to AI, the future of programming may involve YELLING IN ALL CAPS
Politeness and emphasis play a surprising role in AI-model communications.
Ars Technica
RIP to my 8-port Unifi switch after years and years of Texas outdoor temps
Turns out that only lightning could kill the otherwise-unkillable US-8-150W.
Infosecurity News
ENISA Warns of AI Manipulation Ahead of Upcoming European Elections
Top threats targeting the EU are increasingly motivated by a combination of intentions such as financial gain, disruption, espionage or ideology
The Hacker News
Unleashing the Power of the Internet of Things and Cyber Security
IoT adoption is on the rise, but it comes with risks. Explore the challenges and opportunities of seamlessly integrating IoT into your business while
ZDNet
What is ransomware? Everything you need to know and how to reduce your risk
The ransomware business is booming, and really anyone can be the next victim. Here's how to protect yourself and your organization from an attack. Too late for prevention? We'll show you what to do next.
DarkReading
Patch Now: APTs Continue to Pummel WinRAR Bug
State-sponsored cyberespionage actors from Russia and China continue to target WinRAR users with various info-stealing and backdoor malware, as a patching lag plagues the software's footprint.
Computerworld
Apple’s latest China App Store problem is a warning for us all
As pressure grows for Apple to support app purchases from outside its App Store, reports the company has fired App Store staffers for 'business misconduct' should send a little chill up your spine.
The Hacker News
Vulnerability Scanning: How Often Should I Scan?
Discover the importance of continuous vulnerability scanning in 2023 and how it can protect your business from emerging threats.
CyberSecurity Dive
Cyber venture capital funding on pace to hit four-year low
VC activity in cybersecurity reflects a pragmatic period in an industry oversaturated with vendors, Crunchbase data shows.
CSO
Palo Alto Networks updates Prisma Cloud with integrated cloud security
With the new code-to-cloud intelligence capabilities, Prisma Cloud aims to create a single point of security control for all cloud-native workflows.
CyberScoop
Russian hackers offered phony drone training to exploit WinRAR vulnerability
Despite an August patch, Russian and Chinese state-backed hackers are using a vulnerability in the popular software to carry out espionage.
SecurityWeek
Darwinium Raises $18 Million for Edge-based Fraud Prevention Tech
Since launching in 2021, Darwinium has raised $26 million to build a bot and fraud prevention platform running on the perimeter edge.
CyberNews
DDoS attacks trending upwards: multiple EU websites under siege
DDoS attacks are currently on the rise.
The Hacker News
Unraveling Real-Life Attack Paths – Key Lessons Learned
Hackers seek vulnerabilities and attack paths. Discover 7 real-life scenarios where exposure management made the difference in safeguarding critical a
Bleeping Computer
Twitter testing annual subscriptions for tweeting and retweeting
Twitter, now renamed X, is testing new $1 annual subscriptions to provide unverified accounts access to core features like tweeting and retweeting.
The Record
Exclusive: Ukraine says joint mission with US derailed Moscow’s cyberattacks
Ukrainian officials speak with the Click Here podcast team about something they previously kept close to the vest: Their country's hunt forward operations with personnel from U.S. Cyber Command.
DarkReading
Chatbot Offers Roadmap for How to Conduct a Bio Weapons Attack
Once ethics guardrails are breached, generative AI and LLMs could become nearly unlimited in its capacity to enable evil acts, researchers warn.
SecurityWeek
Beyond Quantum: MemComputing ASICs Could Shatter 2048-bit RSA Encryption
The feared ‘cryptopocalypse’ (the death of current encryption) might be sooner than expected – caused by in-memory computing ASICs rather than quantum computers.
The Hacker News
CERT-UA Reports: 11 Ukrainian Telecom Providers Hit by Cyberattacks
Ukraine's CERT-UA discovered threat actors targeting 11 telecom providers between May and September 2023. The attacks caused service interruptions.
The Record
Russia wants to isolate its internet, but experts warn it won’t be easy
As Russia’s war with Ukraine drags on, the Kremlin has doubled down on its efforts to take control of the internet on its own turf.
SecurityWeek
Academics Devise Cyber Intrusion Detection System for Unmanned Robots
Australian AI researchers teach an unmanned military robot’s operating system to identify MitM cyberattacks.
Trend Micro
Beware Lumma Stealer Distributed via Discord CDN
This blog discusses how threat actors abuse Discord’s content delivery network (CDN) to host and spread Lumma Stealer, and talks about added capabilities to the information stealing malware.
Bleeping Computer
Kwik Trip IT systems outage caused by mysterious ‘network incident’
Kwik Trip has been impacted by a wide range of mysterious business disruptions since this weekend that are indicative of a ransomware attack.
The Hacker News
Researchers Unveil ToddyCat's New Set of Tools for Data Exfiltration
Kaspersky sheds light on hacking group ToddyCat's latest arsenal of tools. Designed for data theft, their tactics are more advanced than ever.
The Hacker News
Ransomware attacks doubled year on year. Are organizations equipped to handle the evolution of Ransomware in 2023?
Ransomware attacks have evolved in Q3-2023, employing new techniques to bypass defenses. Discover the strategies ransomware groups have been adopting.
The Record
Serving startup nation: How Israel's cyber specialists work amid war
Tech and cybersecurity executives who build their businesses in Israel are always aware of the possibility of war.
Bleeping Computer
ToddyCat hackers use 'disposable' malware to target Asian telecoms
A newly discovered campaign dubbed "Stayin' Alive" has been targeting government organizations and telecommunication service providers across Asia since 2021, using a wide variety of "disposable" malware to evade detection.