Ars Technica
Amazon’s $195 thin clients are repurposed Fire TV Cubes
Amazon Workspaces Thin Client is a Fire TV Cube with different software.
Bleeping Computer
Leveraging Wazuh to combat insider threats
Effective strategies for mitigating insider threats involve a combination of detective and preventive controls. Such controls are provided by the Wazuh SIEM and XDR platform.
Bleeping Computer
Windows Hello auth bypassed on Microsoft, Dell, Lenovo laptops
Security researchers bypassed Windows Hello fingerprint authentication on Dell Inspiron, Lenovo ThinkPad, and Microsoft Surface Pro X laptops in attacks exploiting security flaws found in the embedded fingerprint sensors.
Bleeping Computer
The Black Friday 2023 Security, IT, VPN, & Antivirus Deals
Black Friday 2023 is here, and great deals are live in computer security, software, online courses, system admin services, antivirus, and VPN software.
The Hacker News
New Flaws in Fingerprint Sensors Let Attackers Bypass Windows Hello Login
🔒 Multiple vulnerabilities found in laptop fingerprint sensors—allowing attackers to bypass Windows Hello authentication on Dell, Lenovo, and Microso
SecurityWeek
Windows Hello Fingerprint Authentication Bypassed on Popular Laptops
Researchers have tested the fingerprint sensors used for Windows Hello on three popular laptops and managed to bypass them.
Ars Technica
USB worm unleashed by Russian state hackers spreads worldwide
LitterDrifter's means of self-propagation are simple. So why is it spreading so widely?
CyberNews
Appin group legacy: Indian cyber mercenaries will hack for coin
Researchers from SentilenLabs with a high confidence level attributed intrusions in Norway, Pakistan, China, and India to Appin.
The Hacker News
Malicious Apps Disguised as Banks and Government Agencies Targeting Indian Android Users
📱 Alert: Android users in India, beware! Hackers are distributing fake banking and government apps to steal sensitive data like bank info and persona
Bleeping Computer
Gamaredon's LittleDrifter USB malware spreads beyond Ukraine
A recently discovered worm that researchers call LittleDrifter has been spreading over USB drives infecting systems in multiple countries as part of a campaign from the Gamaredon state-sponsored espionage group.
.webp)
Cyber Security News
LitterDrifter Powershell Worm Rapidly Spreads on USB Drives by Itself
Gamaredon (aka Primitive Bear, ACTINIUM, and Shuckworm), stands out in Russian espionage by exclusively targeting Ukrainian entities.
SecurityWeek
Russia's LitterDrifter USB Worm Spreads Beyond Ukraine
Russian Gamaredon’s self-propagating LitterDrifter USB worm spreads from Ukraine to the US and other countries.
CyberSecurity Dive
CISA explains how to apply secure-by-design principles
The focus should be on what manufacturers are doing to keep their customers safe, not the damage attackers might be inflicting, CISA’s Bob Lord said.
Security Affairs
Security Affairs newsletter Round 446 by Pierluigi Paganini
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you.
Security Affairs
Russian APT Gamaredon uses USB worm LitterDrifter against Ukraine
Russia-linked cyberespionage group Gamaredon has been spotted propagating a worm called LitterDrifter via USB.
The Hacker News
Russian Cyber Espionage Group Deploys LitterDrifter USB Worm in Targeted Attacks
Russian cyber espionage group linked to the FSB are using a USB worm called LitterDrifter to target Ukrainian organizations.
DarkReading
Shadowy Hack-for-Hire Group Behind Sprawling Web of Global Cyberattacks
For several years operators at New Delhi-based Appin hacked into, spied on, and stole data from targets around the world for clients that included private investigators, government agencies, law enforcement, and others.
SecurityWeek
Google Adds Passkey Support to New Titan Security Key
Google launches new Titan security key with passkey support, allowing users to store up to 250 unique passkeys.
Latest Hacking News
ICBC Ransomware Attack – China’s Largest Bank Forced To Use USBs
As ransomware attacks continue wreaking havoc, the latest victim turned out to be the largest Chinese bank. The ICBC Bank admitted suffering a ransomware attack, following which, the bank switched to using USB sticks to
Bleeping Computer
Microsoft November 2023 Patch Tuesday fixes 5 zero-days, 58 flaws
Today is Microsoft's November 2023 Patch Tuesday, which includes security updates for a total of 58 flaws and five zero-day vulnerabilities.
CyberNews
‘Denial of pleasure’ attack: FlipperZero targets adult toys
Researchers find that Flipper Zero can connect and control adult toys remotely by making them vibrate or stop working via a Bluetooth Low-Energy (BLE) broadcast.
The Record
Canadian banking tech giant Moneris says it prevented ransomware attack
The joint venture of the Royal Bank of Canada and Bank of Montreal said its cybersecurity team “prevented access to critical data and no ransom request was made.”
Cyber Security News
10 Best Digital Forensic Investigation Tools - 2024
Best Free Digital Forensic Tools: 1. Sleuth Kit (+Autopsy) 2. Forensic Investigator 3.Autopsy 4. Dumpzilla 5. X-Ways Forensics.
CyberSecurity Dive
Chinese banking giant’s US arm hit by ransomware attack
The hack reportedly disrupted the trading of U.S. Treasuries. The Industrial and Commercial Bank of China Financial Services said it is investigating the attack and progressing recovery efforts.
Bleeping Computer
Apple 'Find My' network can be abused to steal keylogged passwords
Apple's "Find My" location network can be abused by malicious actors to stealthily transmit sensitive information captured by keyloggers installed in keyboards.
Ars Technica
This tiny device is sending updated iPhones into a never-ending DoS loop
No cure yet for a popular iPhone attack, except for turning off Bluetooth.
.webp)
Cyber Security News
Google Chrome 119 Released: Fix for 15 security Flaws - Patch Now!
Google has released Chrome 119 to the stable channel for Windows, Mac, and Linux, along with 15 security patches.
SecurityWeek
Chrome 119 Patches 15 Vulnerabilities
Chrome 119 is rolling out to Linux, macOS, and Windows devices with patches for over a dozen vulnerabilities.
Latest Hacking News
Samsung Galaxy Rolls Out Auto Blocker To Protect Devices
Pledging the utmost security and privacy for its users, Samsung has now developed a dedicated device protection feature. Dubbed “Auto Blocker,” this new feature protects Samsung Galaxy devices from malicious actions, such as sneaky sideloading,
Bleeping Computer
How to download a Windows 11 23H2 ISO from Microsoft
Microsoft released Windows 11 23H2, the Windows 11 2023 Update, today, and you can now download an ISO image for the new version to put aside for emergencies or clean installs.
Bleeping Computer
Samsung Galaxy gets new Auto Blocker anti-malware feature
Samsung has unveiled a new security feature called 'Auto Blocker' as part of the One UI 6 update, offering enhanced malware protection on Galaxy devices.
SecurityWeek
Russian Hackers Caught Exploiting Roundcube Webmail Zero-Day
Russian APT Winter Vivern exploits a zero-day in the Roundcube webmail server in attacks targeting European governments.
Cyber Security News
How To Locate Your BitLocker Recovery Key And Initiate BitLocker Recovery
A BitLocker recovery key is a unique 48-character alphanumeric code generated when you enable BitLocker drive encryption on a Windows compuer
Bleeping Computer
New TetrisPhantom hackers steal data from secure USB drives on govt systems
A new sophisticated threat tracked as 'TetrisPhantom' has been using compromised secure USB drives to target government systems in the Asia-Pacific region.
SecurityWeek
In Other News: Energy Services Firm Hacked, Tech CEO Gets Prison Time, X Glitch Leads to CIA Channel Hijack
Summary of notable cybersecurity news stories that may be top headlines, but are important for the week of October 16, 2023.
Bleeping Computer
Iranian hackers lurked in Middle Eastern govt network for 8 months
The Iranian hacking group tracked as MuddyWater (aka APT34 or OilRig) breached at least twelve computers belonging to a Middle Eastern government network and maintained access for eight months between February and September 2023.
The Hacker News
Sophisticated MATA Framework Strikes Eastern European Oil and Gas Companies
New MATA cyber espionage operation strikes Eastern European companies in oil & gas and defense sectors.
Bleeping Computer
MATA malware framework exploits EDR in attacks on defense firms
An updated version of the MATA backdoor framework was spotted in attacks between August 2022 and May 2023, targeting oil and gas firms and the defense industry in Eastern Europe.
Cyber Security News
Best Unified Network Security Solutions for Small Businesses
Best Unified Network Security Solutions for Small Businesses. 1. Perimeter 81, 2. Snort, 3. OSSEC, 4. Wireshark, 5. Burp Suite, 6. Splunk.
SecurityWeek
Lost and Stolen Devices: A Gateway to Data Breaches and Leaks
Strategies to prevent lost and stolen computers from contributing to data breaches and leaks.
The Hacker News
TetrisPhantom: Cyber Espionage via Secure USBs Targets APAC Governments
A sophisticated campaign known as TetrisPhantom is targeting APAC government entities, covertly harvesting sensitive data via secure USB drives.
The Record
Eastern European energy and defense firms targeted with MATA backdoor
Hackers have targeted more than a dozen oil, gas and defense firms in Eastern Europe with an updated version of a malware framework previously linked to North Korean threat actors.
Bleeping Computer
Amazon adds passkey support as new passwordless login option
Amazon has quietly added passkey support as a new passwordless login option for customers, offering better protection from information-stealing malware and phishing attacks.
Infosecurity News
Persistent Espionage Campaign Targets APAC Governments
Kaspersky said the campaign exploiting USB drives first came to light in early 2023
Cyber Security News
Top 10 Best Insider Risk Management Platforms - 2023
Best Insider Risk Management Platforms. 1. DoControl 2.ActivTrak 3. Elevate Platform 4. Splunk 5.Varonis 6.Forcepoint 7.Securonix 8. Observe It 9. Exabeam 10.LogRhythm
The Hacker News
New Survey Uncovers How Companies Are Confronting Data Security Challenges Head-On
What keeps IT pros up at night? Explore the top 10 data security threats in 2023 and how they impact organizations.
Bleeping Computer
Windows 11 KB5030310 update adds recommended websites, fixes 24 issues
Microsoft has released the September 2023 preview update for Windows 11, version 22H2, which adds frequently visited websites to the Start menu and addresses 24 issues.
Bleeping Computer
Windows 11 KB5030310 preview update released with 26 fixes
Microsoft has released the September 2023 preview update for Windows 11, version 22H2, which adds frequently visited websites to the Start menu and addresses 24 issues.
The Hacker News
Inside the Code of a New XWorm Variant
XWorm: The new kid on the malware block. ANY.RUN's analysts dive deep to expose its tactics and evasion techniques.
Computerworld
Critical updates for Microsoft Office and Visual Studio drive September's Patch Tuesday
Microsoft this week rolled out 59 updates with its Patch Tuesday update, including critical patches for Microsoft Office and Visual Studio.
Ars Technica
How Google Authenticator made one company’s network breach much, much worse
Google's app for generating MFA codes syncs to user accounts by default. Who knew?
%20Penetration%20Testing%20(1).webp)
Cyber Security News
Point Of Sale Device (POS) Penetration Testing - A Practical Guide 2023
Penetration testing of point-of-sale (POS) devices is essential to ensure the security of payment systems and protect sensitive customer data
Bleeping Computer
Microsoft will block 3rd-party printer drivers in Windows Update
Microsoft will block third-party printer driver delivery in Windows Update as part of a substantial and gradual shift in its printer driver strategy over the next 4 years.
Cyber Security News
Windows’s File History Service Flaw Let Attackers Escalate Privileges
A Privilege Escalation was recently discovered which affects Windows’s File History service and can be used by hacker to escalated privileges.
Cyber Security News
Peripherals on the Rise: Don't Let Deviant Devices Dismantle your Cyber-Defense
Although the use of peripheral devices has risen to unparalleled rates in the post-pandemic period, many organizations have failed to increase their cybersecurity efforts to match this usage. Do you want your organization to avoid paying out a fortune due to improper cybersecurity practices? One way to achieve that is by staying on top of […]
Cyber Security News
Top 3 Malware Loaders of 2023 that Fueling 80% of Cyber Attacks
Cybersecurity Analysts at ReliaQuest have recently uncovered a multitude of malware loaders that were observed to be the most active this year in 2023.
Infosecurity News
Four in Five Cyber-Attacks Powered by Just Three Malware Loaders
ReliaQuest found that 80% of cyber intrusion campaigns used either QakBot, SocGholish or Raspberry Robin
SecurityWeek
3 Malware Loaders Detected in 80% of Attacks: Security Firm
QakBot, SocGholish, and Raspberry Robin are the three most popular malware loaders, accounting for 80% of the observed incidents.
Infosecurity News
Artificial Intelligence and USBs Drive 8% Rise in Cyber-Attacks
The Check Point report also highlights an evolution of ransomware tactics
Naked Security
Smart light bulbs could give away your password secrets
Cryptography isn’t just about secrecy. You need to take care of authenticity (no imposters!) and integrity (no tampering!) as well.
Cyber Security News
Top 10 Privileged Users Monitoring Best Practices - 2023
Users Monitoring Best Practices: 1. Implement least privilege access 2. Enforce strong authentication (MFA) 3. Log detailed user activities.
Infosecurity News
Chinese Hackers Use DLL Hijacking to Target Asian Gamblers
Espionage campaign shares similarities with previous attacks
SecurityWeek
Ford Says Wi-Fi Vulnerability Not a Safety Risk to Vehicles
Ford says a critical vulnerability in the TI Wi-Fi driver of the SYNC 3 infotainment system does not pose a safety risk
Bleeping Computer
Ford says cars with WiFi vulnerability still safe to drive
Ford is warning of a buffer overflow vulnerability in its SYNC3 infotainment system used in many Ford and Lincoln vehicles, which could allow remote code execution, but says that vehicle driving safety isn't impacted.
Bleeping Computer
Android 14 to let you block connections to unencrypted cellular networks
Google has announced new cellular security features for its upcoming Android 14, expected later this month, that aim to protect business data and communications.
Bleeping Computer
North Korean hackers 'ScarCruft' breached Russian missile maker
The North Korean state-sponsored hacking group ScarCruft has been linked to a cyberattack on the IT infrastructure and email server for NPO Mashinostroyeniya, a Russian space rocket designer and intercontinental ballistic missile engineering organization.
Bleeping Computer
Hackers use new malware to breach air-gapped devices in Eastern Europe
Chinese state-sponsored hackers have been targeting industrial organizations with new malware that can steal data from air-gapped systems.
CSO
Pentagon investigating compromise in Air Force Communications: Report
The unauthorized access by an engineer at the Air Education and Training Command affected communications across 17 Air Force facilities, with an added FBI communication breach.
Trend Micro
A Better Way to Secure Servers & Cloud Workloads
Why endpoint security falls short in the complexity of modern IT infrastructure
Infosecurity News
APT31 Implants Target Industrial Organizations
The attackers established a channel for data exfiltration, including from air-gapped systems
Latest Hacking News
Peloton Treadmill Vulnerabilities Risk Users Data
Researchers found numerous vulnerabilities affecting Peloton Treadmill systems that allow malware attacks. An adversary may exploit the flaws to access sensitive device data, including users’ information. Multiple Vulnerabilities Affected Peloton Treadmill Firmware According to a recent blog
Cyber Security News
20 Best Malware Protection Solutions in 2023
Best Malware protection software and solutions : 1. Perimeter81 2. Norton 3. McAfee 4. Kaspersky 5. Bitdefender 6. Avast 7. ESET 8. AVG.
SecurityWeek
In Other News: Data Breach Cost Rises, Russia Targets Diplomats, Tracker Alerts in Android
Weekly cybersecurity news roundup of noteworthy stories that might have slipped under the radar for the week of July 24, 2023.
SecurityWeek
Multiple Security Issues Identified in Peloton Fitness Equipment
Internet-connected Peloton workout equipment is impacted by multiple security risks, such as having USB debugging enabled.
Latest Hacking News
Flipper Zero Launched "Apps Hub" As A Third-Party App Store
Flipper Zero users can now install third-party apps on their devices as the providers roll out Apps Hub – a dedicated app store. While users can configure the available apps on their devices through Apps
Cyber Security News
Flipper Zero - Now You Install 3rd-Party Apps With The Penetrating Testing Device
The Flipper Zero team has announced the official launch of "Flipper Apps", a new app store enabling mobile users to download third-party apps
Bleeping Computer
Flipper Zero now has an app store to install third-party apps
The Flipper Zero team has launched its very own 'Flipper Apps' mobile app store, allowing mobile users to install 3rd-party apps and extend the functionality of the popular wireless pen-testing tool.
Bleeping Computer
Flipper Zero now has its own app store for iOS, Android users
The Flipper Zero team has launched its very own 'Flipper Apps' mobile app store, allowing mobile users to install 3rd-party apps and extend the functionality of the popular wireless pen-testing tool.
Bleeping Computer
Windows 11 23H2 to give you greater control over power consumption
Microsoft is making it easier to see how much energy your apps use in Windows 11 over a given period by introducing a detailed power consumption page in the latest 23H2 update.
Bleeping Computer
Windows 11 23H2 getting an energy report with app's power usage
Microsoft is making it easier to see how much energy your apps use in Windows 11 over a given period by introducing a detailed power consumption page in the latest 23H2 update.
The Record
Russia’s Turla hackers target Ukraine’s defense with spyware
The Russian hacking group Turla is attacking Ukrainian defense forces with spying malware, according to new research from the country’s computer emergency response team (CERT-UA).
DarkReading
Sogu, SnowyDrive Malware Spreads, USB-Based Cyberattacks Surge
Two separate threat actors are using poisoned USB drives to distribute malware in cyber-espionage campaigns targeting organizations across different sectors and geographies.
Cyber Security News
IT Security Analyst Jailed for Impersonating as a Hacker in Own Company
A 28 years old Former IT security analyst of an Oxford-based company has been sentenced to three years for deceiving the company to extort money.
The Hacker News
Malicious USB Drives Targetinging Global Targets with SOGU and SNOWYDRIVE Malware
Learn more about the SOGU and SNOWYDRIVE campaigns targeting public and private sector entities worldwide.
The Hacker News
CERT-UA Uncovers Gamaredon's Rapid Data Exfiltration Tactics Following Initial Compromise
New report reveals the alarming activities of Gamaredon, a notorious Russian hacking crew. They exploit email and messaging platforms to compromise.
The Record
Russian hacking group Armageddon increasingly targets Ukrainian state services
The Moscow-linked hacking group Armageddon remains one of the most active and dangerous threat actors targeting Ukraine during its war with Russia, according to recent research.
Bleeping Computer
Gamaredon hackers start stealing data 30 minutes after a breach
Ukraine's Computer Emergency Response Team (CERT-UA) is warning that the Gamaredon hacking operates in rapid attacks, stealing data from breached systems in under an hour.
Cyber Security News
10 Mobile App Security Scanners to Detect Vulnerability in Applications 2023
Best Mobile app security scanners: 1. Android Debug Bridge 2. SandDroid 3. App-Ray4. Drozer 5. Synopsys 6. Quixxi 7. StacoAn 8. Ostorlab
Bleeping Computer
USB drive malware attacks spiking again in first half of 2023
What's old is new again, with researchers seeing a threefold increase in malware distributed through USB drives in the first half of 2023
Bleeping Computer
Microsoft July 2023 Patch Tuesday warns of 6 zero-days, 132 flaws
Today is Microsoft's July 2023 Patch Tuesday, with security updates for 132 flaws, including six actively exploited and thirty-seven remote code execution vulnerabilities.
Naked Security
Urgent! Apple fixes critical zero-day hole in iPhones, iPads and Macs
Don’t delay, do it today. This is a code-implantation bug in WebKit that attackers already know how to exploit.
Bleeping Computer
Microsoft finally fixes broken Surface Pro X laptop cameras
Microsoft is finally rolling out a driver update to address a known issue causing built-in cameras on ARM-based Windows devices (including Surface Pro X laptops) to stop working.
SecurityWeek
Honeywell Boosting OT Cybersecurity Offering With Acquisition of SCADAfence
Industrial giant Honeywell wants to extend its OT cybersecurity portfolio with the acquisition of Israel-based OT/IoT security firm SCADAfence.
SecurityWeek
In Other News: Healthcare Product Flaws, Free Email Security Testing, New Attack Techniques
Weekly cybersecurity news roundup that provides a summary of noteworthy stories that might have slipped under the radar
Trend Micro
Four Must-haves to Strengthen Your Endpoint Security
To combat complexity and achieve optimal security outcomes, there are four key factors an organization should consider when evaluating their endpoint security.
DarkReading
China's Mustang Panda Linked to SmugX Attacks on European Governments
Attackers use HTML smuggling to spread the PlugX RAT in the campaign, which has been ongoing since at least December.
Infosecurity News
Chinese Threat Actors Target Europe in SmugX Campaign
The attacks rely on novel delivery methods to deploy a variant of PlugX
Cyber Security News
White Snake Stealer Attacking Windows & Linux Systems to Steal Login Credentials
White snake stealer, an info stealer which has enhanced features now able to target both Windows and Linux platforms posing a significant threat to user privacy and security.
The Record
Chinese hackers target European embassies with HTML smuggling technique
The espionage effort, labeled SmugX by cybersecurity researchers at Check Point, has similarities to previous campaigns linked to China. HTML smuggling helped the malware avoid detection.
SecurityWeek
In Other News: Hospital Infected via USB Drive, EU Cybersecurity Rules, Free Security Tools
Weekly cybersecurity news roundup of noteworthy stories that might have slipped under the radar for the week of June 26, 2023.
The Hacker News
Researchers Find Way to Recover Cryptographic Keys by Analyzing LED Flickers
🔒 Researchers have uncovered an ingenious side-channel attack that can recover secret keys from a device using video footage of its power LED.
ZDNet
Flying this weekend? This $6 USB condom will protect your data from suspicious outlets
Better to have USB data protection and not need it, than need it and not be prepared.
DarkReading
Suspicious Smartwatches Mailed to US Army Personnel
Unknown senders have been shipping smartwatches to service members, leading to questions regarding what kind of ulterior motive is at play, malware or otherwise.
ZDNet
Ransomware and phishing attacks continue to plague businesses in Singapore
In Singapore last year, the number of phishing attempts more than doubled, while ransomware incidents continued to impact small and midsize businesses.
DarkReading
USB Drives Spread Spyware as China's Mustang Panda APT Goes Global
Camaro Dragon (Mustang Panda) is spreading a malware variant of WispRider quickly across the globe even through air gaps, often unbeknown to users.
The Hacker News
Camaro Dragon Hackers Strike with USB-Driven Self-Propagating Malware
Chinese cyber espionage group Camaro Dragon expands global reach with a new self-propagating malware strain spreading via USB drives.
Latest Hacking News
Hackers Can Extract Cryptographic Keys Via Device’s Power LED Videos
Researchers have devised a new attack strategy to exfiltrate sensitive information from target devices without physical access. The attack methodology presents video-based cryptanalysis, where an attacker may extract the cryptographic keys of target devices from
ZDNet
Apple just released iOS 16.5.1 with security fixes
The Mac, iPad, and Apple Watch also received an update on Wednesday to fix two actively exploited vulnerabilities.
Security Affairs
Law enforcement shutdown a long-standing DDoS-for-hire service
Polish police, as part of the international law enforcement operation PowerOFF, dismantled a DDoS-for-hire service that has been active since at least 2013. An international operation codenamed PowerOff led to the shutdown of a DDoS-for-hire service that has been active since at least 2013. The operation was conducted by the Polish Central Bureau for Combating […]
Ars Technica
The US Navy, NATO, and NASA are using a shady Chinese company’s encryption chips
US government warns encryption chipmaker Hualan has suspicious ties to China’s military.
Cyber Security News
Russia-Backed Hackers Using New USB-based Malware to Acquire Ukraine’s Military Intelligence
Ukraine remains under constant threat as the Russian state-sponsored hacking group Shuckworm (aka Armageddon or Gamaredon) continues to carry out numerous cyber attacks.
Computerworld
How and why to use FIDO Security Keys for Apple ID
In a world that needs Apple’s recently-improved Lockdown Mode to protect good people against bad actors, high-risk individuals should consider using physical security keys to protect their Apple ID.
Security Affairs
Russia-linked APT Gamaredon update TTPs in recent attacks against Ukraine
Russia-linked APT group Gamaredon is using a new toolset in attacks aimed at critical organizations in Ukraine. The Gamaredon APT group (aka Shuckworm, Actinium, Armageddon, Primitive Bear, UAC-0010, and Trident Ursa) continues to carry out attacks against entities in Ukraine, including security services, military, and government organizations. Symantec researchers reported that in some cases, the cyberespionage group remained undetected in the […]
Ars Technica
Russia-backed hackers unleash new USB-based malware on Ukraine’s military
Shuckworm's relentless attacks seek intel for use in Russia's invasion of Ukraine.
The Hacker News
New Report Reveals Shuckworm's Long-Running Intrusions on Ukrainian Organizations
Russian threat actor Shuckworm intensifies cyber assaults on Ukrainian entities, aiming to steal sensitive information.
Bleeping Computer
Russian hackers use PowerShell USB malware to drop backdoors
The Russian state-sponsored hacking group Gamaredon (aka Armageddon, or Shuckworm) continues to target critical organizations in Ukraine's military and security intelligence sectors, employing a refreshed toolset and new infection tactics.
The Hacker News
Where from, Where to — The Evolution of Network Security
Compromises are happening from the inside out. Discover the importance of Ingress traffic protection in today's threat landscape.
ZDNet
Are smartphone thermal cameras sensitive enough to uncover PIN codes?
I started out thinking that these cameras were gimmicks, but they've become an important tool in my toolbox. Here's why - and a little test.
Ars Technica
Hackers can steal cryptographic keys by video-recording power LEDs 60 feet away
Key-leaking side channels are a fact of life. Now they can be done by video-recording power LEDs.
Infosecurity News
"PowerDrop" PowerShell Malware Targets US Aerospace Industry
Adlumin said the malware combines elements of off-the-shelf threats and APT tactics
Bleeping Computer
Kali Linux 2023.2 released with 13 new tools, pre-built HyperV image
Kali Linux 2023.2, the second version of 2023, is now available with a pre-built Hyper-V image and thirteen new tools, including the Evilginx framework for stealing credentials and session cookies.
Naked Security
Serious Security: That KeePass “master password crack”, and what we can learn from it
Here, in an admittedly discursive nutshell, is the fascinating story of CVE-2023-32784. (Short version: Don’t panic.)
ZDNet
Were you caught up in the latest data breach? Here's how to find out
Wondering if your information is posted online from a data breach? Here's how to check if your accounts are at risk and what to do next.
Bleeping Computer
Microsoft shares fix for cameras not working on Surface laptops
Microsoft has shared a temporary fix for a widespread issue triggered by a buggy driver that causes built-in cameras on some ARM-based Windows devices (including Surface Pro X laptops) to stop working.
The Hacker News
Cynet Protects Hospital From Lethal Infection
When a USB key brought malware into a hospital, Cynet stepped in to save the day. Discover how layered security and incident response plans make all t
Cyber Security News
Wireshark 4.0.6 Released - What's New!
Wireshark 4.0.6 released with fix for vulnerabilities, bug fixes, protocol updates, and a few improvements.
Naked Security
Ransomware tales: The MitM attack that really had a Man in the Middle
Another traitorous sysadmin story, this one busted by system logs that gave his game away…
Cyber Security News
IT Security Analyst Pleaded Guilty for Attacking his Own Company
The insider threat has been a significant concern for organizations in terms of security. Though they do not happen very often, it is still a major threat to the business.
Bleeping Computer
GoldenJackal state hackers silently attacking govts since 2019
A relatively unknown advanced persistent threat (APT) group named 'GoldenJackal' has been targeting government and diplomatic entities in Asia since 2019 for espionage.
Security Affairs
The previously undocumented GoldenJackal APT targets Middle East, South Asia entities
A previously undocumented APT group tracked as GoldenJackal has been targeting government and diplomatic entities in the Middle East and South Asia since 2019. Kaspersky researchers shared details about the activity of a previously undocumented APT group, tracked as GoldenJackal, which has been active since 2019. The primary motivation of the group appears to be […]
Infosecurity News
GoldenJackal Targets Diplomatic Entities in Middle East, South Asia
According to Kaspersky, GoldenJackal has been active since 2019
The Hacker News
GoldenJackal: New Threat Group Targeting Middle Eastern and South Asian Governments
A new cyber threat, GoldenJackal, is targeting government and diplomatic entities in the Middle East and South Asia.
Computerworld
China bans chip maker Micron from key infrastructure projects
The US Commerce Department opposed the decision, saying the restrictions have no basis in fact.
Bleeping Computer
Microsoft: Notorious FIN7 hackers return in Clop ransomware attacks
A financially motivated cybercriminal group known as FIN7 resurfaced last month, with Microsoft threat analysts linking it to attacks where the end goal was the deployment of Clop ransomware payloads on victims' networks.
Infosecurity News
Cyber Warfare Escalates Amid China-Taiwan Tensions
Trellix report observed a surge in malicious emails targeting Taiwanese industries and government officials
ZDNet
These ransomware victims are paying more to recover data
While the number of businesses reporting attacks this past year remained flat, a Sophos report makes one thing clear: There is a cheaper alternative every business should know.
ZDNet
This is the USB flash drive James Bond would use
We've found the perfect solution if you're in the market for a high-security and military-grade drive.
The Hacker News
XWorm Malware Exploits Follina Vulnerability in New Wave of Attacks
Macros out, Follina vulnerability in! Phishing attacks take a new twist with obfuscated PowerShell scripts.
Cyber Security News
What is Malware Attack? Types, Methods, Distribution, Protection - Guide
A malware attack is a cyber-attack using malicious software to gain unauthorized access to a computer system or network.
Ars Technica
Microsoft will take nearly a year to finish patching new 0-day Secure Boot bug
Fix will eventually render all kinds of older Windows boot media unbootable.
Naked Security
S3 Ep134: It’s a PRIVATE key – the hint is in the name!
Latest episode – listen now! (Full transcript inside.)
Infosecurity News
Threat Actors Use Babuk Code to Build Hypervisor Ransomware
According to SentinelOne, these novel variants emerged between 2022 and 2023
Computerworld
May's Patch Tuesday update includes 3 zero-day flaws; fix them ASAP
Microsoft this week rolled out fixes for 51 vulnerabilities in Windows, Microsoft Office, and Visual Studio — including three zero-day flaws that should be patched immediately.
The Hacker News
New APT Group Red Stinger Targets Military and Critical Infrastructure in Eastern Europe
Researchers uncover new APT group Red Stinger targeting Eastern Europe since 2020. Attackers exfiltrated snapshots, USB drives, keyboard strokes.
Naked Security
Bootkit zero-day fix – is this Microsoft’s most cautious patch ever?
When blocking buggy bootup modules, you have to be really careful not to lock your keys inside the car…
Bleeping Computer
Surprise! Coldplay lyrics hidden in Kingston SSD firmware
What has firmware got to do with pop rock, you ask? That's the question that crossed a security researcher's mind as he analyzed Kingston's firmware and stumbled upon the lyrics of a popular Coldplay song buried deep within it.
Bleeping Computer
Kingston's SSD firmware has Coldplay lyrics hidden within it
What has firmware got to do with pop rock, you ask? That's the question that crossed a security researcher's mind as he analyzed Kingston's firmware and stumbled upon the lyrics of a popular Coldplay song buried deep within it.
Bleeping Computer
Detecting data theft with Wazuh, the open-source XDR
Threat actors can steal data from organizations to sell to other malicious actors, making it a major risk for organizations. Wazuh, the free and open-source XDR/SIEM, offers several capabilities that protection against data theft.
Ars Technica
Those scary warnings of juice jacking in airports and hotels? They’re nonsense
Juice jacking attacks on mobile phones are nonexistent. So why are we so afraid?
Bleeping Computer
Tencent QQ users hacked in mysterious malware attack, says ESET
The Chinese APT hacking group known as 'Evasive Panda' are behind a mysterious attack that distributed the MsgBot malware as part of an automatic update for the Tencent QQ messaging app.
Infosecurity News
Yellow Pages Canada Hit by Cyber-Attack, Black Basta Claims Credit
The unauthorized third party stole employee and business customers' data
Naked Security
S3 Ep131: Can you really have fun with FORTRAN?
Loop-the-loop in this week’s episode. Entertaining, educational and all in plain English. Transcript inside.
Infosecurity News
Daggerfly APT Targets African Telecoms Firm With New MgBot Malware
Symantec described the findings today, saying the ongoing campaign likely started in November 2022
ZDNet
Want a Flipper Zero without paying inflated prices? Now's your chance
The Flipper Zero is a powerful, multi-functional, cybersecurity tool, and you can now pick one up for less than usual.
Naked Security
FBI and FCC warn about “Juicejacking” – but just how useful is their advice?
USB charging stations – can you trust them? What are the real risks, and how can you keep your data safe on the road?
Cyber Security News
Top 15 Best Ethical Hacking Tools - 2023
Best Ethical Hacking Tools: 1. Wireshark 2.NMAP 3. Burp Suite 4. Metasploit 5.Nikto 6. Intruder 7. Aircrack-Ng 8. Nessus 9. Acunetix and more
Security Affairs
Siemens Metaverse exposes sensitive corporate data
Siemens Metaverse, a virtual space built to mirror real machines, factories, and other highly complex systems, has exposed sensitive data, including the company’s office plans and internet of things (IoT) devices. While metaverse is no longer a buzzword, amid the sudden popularity of ChatGPT and similar AI tools, those virtual worlds are still here, presenting […]
Naked Security
S3 Ep130: Open the garage bay doors, HAL [Audio + Text]
I’m sorry, Dave. I’m afraid I can’t… errr, no, hang on a minute, I can do that easily! Worldwide! Right now!
Security Affairs
Hyundai suffered a data breach that impacted customers in France and Italy
Hyundai disclosed a data breach that impacted Italian and French car owners and clients who booked a test drive. Hyundai has suffered a data breach that impacted Italian and French car owners and customers who booked a test drive. Threat actors had access to the email addresses, physical addresses, telephone numbers, and vehicle chassis numbers […]
Naked Security
Patch Tuesday: Microsoft fixes a zero-day, and two curious bugs that take the Secure out of Secure Boot
Is Secure Boot without the Secure just “Boot”?
Cyber Security News
FBI has Warned People to Avoid Free Public Charging Ports
The FBI issued a warning on the evening of Maundy Thursday about using Free public charging ports.
Bleeping Computer
Hyundai data breach exposes owner details in France and Italy
Hyundai has disclosed a data breach impacting Italian and French car owners and those who booked a test drive, warning that hackers gained access to personal data.
ZDNet
Protect your data with a USB condom
Better to have USB data protection and not need it, than need it and not be prepared.
Bleeping Computer
Windows 11 KB5025239 cumulative update released with 25 changes
Microsoft has released the Windows 11 KB5025239 cumulative update for version 22H2 to fix security vulnerabilities and introduce 25 changes, improvements, and bug fixes.
CSO
CrowdStrike expands Falcon platform with XDR for IoT assets
CrowdStrike Falcon Insight for IoT delivers tailored threat prevention, patch management, and interoperability across XIoT including IoT, OT, and medical devices.
ZDNet
FBI warns of public 'juice jacking' charging stations that steal your data. How to stay protected
Public power outlets are being illegally modified to steal your phone's data, according to the FBI. Here's how to keep your information safe.
ZDNet
The best personal safety alarms of 2023
The best portable safety alarms are a simple, compact, non-violent solution to personal safety. These alarms pack the most punch.
CSO
Hackers steal crypto assets by defeating 2FA with rogue browser extension
The Rilide malware tricks victims into revealing their second-factor authentication to withdraw cryptocurrency in the background.
Cyber Security News
Linux Kernel Vulnerabilities in Ubuntu Let Hackers Launch DOS Attack & Execute Arbitrary Code
Several security vulnerabilities were recently addressed by Canonical in both Graphviz and the Linux kernel of Ubuntu.
Cyber Security News
Explosive USB Drive Bomb that Gets Detonated when Plugged into Computer
Journalists across Ecuador were targeted using a novel bomb resembling a USB drive. Once inserted into a computer, these devices detonate.
Trend Micro
Earth Preta’s Cyberespionage Campaign Hits Over 200
We present a case study of the cyberespionage efforts by Earth Preta. This study on an active campaign delves into the structure, goals, and requirements of the organizations involved, and provides an opportunity to conduct wider intelligence analysis and insights in the development of effective countermeasures.
The Hacker News
Researchers Uncover Chinese Nation State Hackers' Deceptive Attack Strategies
Earth Preta's evolving tactics: Threat actors now using TONEINS, TONESHELL, and PUBLOAD malware for more effective infiltration.
Bleeping Computer
BlackGuard stealer now targets 57 crypto wallets, extensions
A new variant of the BlackGuard stealer has been spotted in the wild, featuring new capabilities like USB propagation, persistence mechanisms, loading additional payloads in memory, and targeting additional crypto wallets.
Trend Micro
Earth Preta Updated Stealthy Strategies
After months of investigation, we found that several undisclosed malware and interesting tools used for exfiltration purposes were being used by Earth Preta. We also observed that the threat actors were actively changing their tools, tactics, and procedures (TTPs) to bypass security solutions. In this blog entry, we will introduce and analyze the other tools and malware used by the threat actor.
Ars Technica
Journalist plugs in unknown USB drive mailed to him—it exploded in his face
Explosives replace malware as the scariest thing a USB stick may hide.
Bleeping Computer
Microsoft adding a USB4 troubleshooting page to Windows 11
Microsoft has released a new Windows 11 preview build that adds a new dedicated USB4 settings page and support for displaying seconds in the system tray clock.
Bleeping Computer
Windows 10 KB5023773 preview update released with 10 fixes
Microsoft has released the optional KB5023773 Preview cumulative update for Windows 10 20H2, Windows 10 21H2, and Windows 10 22H2, with ten fixes for various issues.
Security Affairs
New Bad Magic APT used CommonMagic framework in the area of Russo-Ukrainian conflict
Threat actors are targeting organizations located in Donetsk, Lugansk, and Crimea with a previously undetected framework dubbed CommonMagic. In October 2022, Kaspersky researchers uncovered a malware campaign aimed at infecting government, agriculture and transportation organizations located in the Donetsk, Lugansk, and Crimea regions with a previously undetected framework dubbed CommonMagic. Researchers believe that threat actors use spear […]
Bleeping Computer
Hackers use new PowerMagic and CommonMagic malware to steal data
Security researchers have discovered attacks from an advanced threat actor that used "a previously unseen malicious framework" called CommonMagic and a new backdoor called PowerMagic.
The Hacker News
New 'Bad Magic' Cyber Threat Disrupt Ukraine's Key Sectors Amid War
New "Bad Magic" activity cluster targeting gov't, agriculture & transportation orgs in Donetsk, Lugansk & Crimea amid ongoing Russia-Ukraine war.
Computerworld
Russia’s iPhone ban and the digital supply chain
The Kremlin has ordered officials to stop using iPhones because they fear the devices may be vulnerable to Western intelligence agencies.
Cyber Security News
Top 15 Best Security Incident Response Tools In 2023
Best Incident Response Tools - Free & Paid: 1. ManageEngine 2. CrowdStrike Falcon Insight XDR 3. SolarWinds 4. IBM QRadar 5. Splunk
The Hacker News
New FiXS ATM Malware Targeting Mexican Banks
A new ATM malware strain dubbed FiXS has been observed targeting Mexican banks since February 2023.
Computerworld
For Apple’s enterprise success, endpoint management is the new black
"Endpoint management and security has been the most popular security category by number of customers since August 2020," an Okta report explains
Computerworld
Apple’s MFi scheme for USB-C is a good thing
Apple may be about to make it harder to use lower cost USB-C cables with its devices, but there are very good reasons it should do so.
ZDNet
Optimize Mac Storage can make your files go poof. Ask me how I know
Optimize Mac Storage has a dark side. Here's what you need to know if you rely on it.
The Hacker News
PlugX Trojan Disguised as Legitimate Windows Debugger Tool in Latest Attacks
PlugX remote access trojan has been caught disguising itself as a legitimate open source Windows debugger tool called x64dbg to gain control of target
Trend Micro
Investigating the PlugX Trojan Disguised as a Legitimate Windows Debugger Tool
Trend Micro’s Managed Extended Detection and Response (MxDR) team discovered that a file called x32dbg.exe was used to sideload a malicious DLL we identified as a variant of PlugX.
ZDNet
NSA says: Do these things to keep your home network safe from cyberattack
The NSA's 'Best Practices for Securing Your Home Network' guide provides remote workers with advice on how to protect against online threats.
ZDNet
How to easily back up your Mac onto a USB drive (and feel like James Bond doing it)
Regular backups can save you from losing precious data. But it's amazing how few people only think about this after they experience a devastating data disaster.
CSO
Backdoor deployment overtakes ransomware as top attacker action
Thanks to the availability of malware such as Emotet, deploying backdoors on victims' networks is becoming easier and more lucrative for cybercriminals.
DarkReading
Analysts Slam Twitter's Decision to Disable SMS-Based 2FA
Making the option available only to paid subscribers — while also claiming SMS authentication is broken — doesn't make sense, some say. Is it a cash grab?
Latest Hacking News
Hyundai, Kia Release An Emergency Patch For an Actively Exploited Vulnerability
Car makers Hyundai and Kia have rolled out an emergency update for multiple car models, addressing an actively exploited vulnerability. The vulnerability has been under attack for a few months, triggering a rise in car
Bleeping Computer
Twitter gets rid of SMS 2FA for non-Blue members — What you need to do
Twitter has announced that it will no longer support SMS two-factor authentication unless you pay for a Twitter Blue subscription. However, there are more secure options for multi-factor authentication, which we describe below.
Security Affairs
Security Affairs newsletter Round 407 by Pierluigi Paganini
A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here. Twitter will allow using the SMS-based two-factor authentication (2FA) only to its Blue subscribers GoDaddy […]
Cyber Security News
100 Best Free Red Team Tools - 2023
Free Red Team Tools: We are bringing here a collection of open-source and commercial Tools that aid in red team operations.
The Record
Multiple Chinese APTs are attacking European targets, EU cyber agency warns
The EU's cybersecurity agency says several Chinese military hacking groups are targeting European businesses and other organizations.
Naked Security
S3 Ep122: Stop calling every breach “sophisticated”! [Audio + Text]
Latest episode – listen now! (Full transcript inside.)
Security Affairs
Hyundai and Kia to patch a flaw that allows the theft of the cars with a USB cable
Hyundai and Kia car makers are releasing an emergency software update to fix a flaw that can allow stealing a car with a USB cable. Carmakers Hyundai and KIA are rolling out an emergency update for the software shipped with several car models. The update addresses a bug that can be exploited by thieves to […]
Bleeping Computer
Hyundai, Kia patch bug allowing car thefts with a USB cable
Automakers Hyundai and KIA are rolling out an emergency software update on several of their car models impacted by an easy hack that makes it possible to steal them.