Sat.Dec 11, 2021 - Fri.Dec 17, 2021

article thumbnail

Microsoft Patch Tuesday, December 2021 Edition

Krebs on Security

Microsoft , Adobe , and Google all issued security updates to their products today. The Microsoft patches include six previously disclosed security flaws, and one that is already being actively exploited. But this month’s Patch Tuesday is overshadowed by the “ Log4Shell ” 0-day exploit in a popular Java library that web server administrators are now racing to find and patch amid widespread exploitation of the flaw.

Libraries 314
article thumbnail

The Log4J Vulnerability Will Haunt the Internet for Years

WIRED Threat Level

Hundreds of millions of devices are likely affected.

Security 137
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

GUEST ESSAY: Why the arrests of cyber criminals in 2021 will incentize attackers in 2022

The Last Watchdog

In 2021, law enforcement continued making a tremendous effort to track down, capture and arrest ransomware operators, to take down ransomware infrastructure, and to claw back ransomware payments. Related: The targeting of supply chains. While some of these efforts have been successful, and may prevent more damage from being done, it is important to realize that headline news is a lightning rod for more attacks.

article thumbnail

Flaws in Lenovo laptops allow escalating to admin privileges

Security Affairs

The ImControllerService service of Lenovo laptops is affected by a privilege elevation bug that can allow to execute commands with admin privileges. Lenovo laptops, including ThinkPad and Yoga families, are affected by a privilege elevation issues that resides in the ImControllerService service allowing attackers to execute commands with admin privileges.

IT 145
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

NY Man Pleads Guilty in $20 Million SIM Swap Theft

Krebs on Security

A 24-year-old New York man who bragged about helping to steal more than $20 million worth of cryptocurrency from a technology executive has pleaded guilty to conspiracy to commit wire fraud. Nicholas Truglia was part of a group alleged to have stolen more than $100 million from cryptocurrency investors using fraudulent “SIM swaps,” scams in which identity thieves hijack a target’s mobile phone number and use that to wrest control over the victim’s online identities.

Passwords 354

More Trending

article thumbnail

NYC to Regulate Artificial Intelligence-Based Hiring Tools

Hunton Privacy

On November 10, 2021, the New York City Council passed a bill prohibiting employers and employment agencies from using automated employment decision tools to screen candidates or employees, unless a bias audit has been conducted prior to deploying the tool (the “Bill”). The Bill defines an “automated employment decision tool” as any computational process (either derived from machine learning, statistical modeling, data analytics, or artificial intelligence) that issues a simplified output ( e.g.

article thumbnail

While attackers begin exploiting a second Log4j flaw, a third one emerges

Security Affairs

Experts warn that threat actors are actively attempting to exploit a second bug disclosed in the popular Log4j logging library. American web infrastructure and website security company Cloudflare warns that threat actors are actively attempting to exploit a second vulnerability, tracked as CVE-2021-45046 , disclosed in the Log4j library. The CVE-2021-45046 received a CVSS score of 3.7 and affects Log4j versions from 2.0-beta9 through 2.12.1 and 2.13.0 through 2.15.0 (which was released to fix CV

Libraries 145
article thumbnail

Inside Ireland’s Public Healthcare Ransomware Scare

Krebs on Security

The consulting firm PricewaterhouseCoopers recently published lessons learned from the disruptive and costly ransomware attack in May 2021 on Ireland’s public health system. The unusually candid post-mortem found that nearly two months elapsed between the initial intrusion and the launching of the ransomware. It also found affected hospitals had tens of thousands of outdated Windows 7 systems, and that the health system’s IT administrators failed to respond to multiple warning signs

article thumbnail

Log4Shell Exploitation Grows as Cybersecurity Firms Scramble to Contain Threat

eSecurity Planet

Cybercriminals are quickly ramping up efforts to exploit the critical flaw found in the widely used Log4j open-source logging tool, targeting everything from cryptomining to data theft to botnets that target Linux systems. The cybersecurity community is responding with tools for detecting exploitation of the vulnerability, a remote code execution (RCE) flaw dubbed Log4Shell and tracked as CVE-2021-44228.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Google Warns That NSO Hacking Is On Par With Elite Spy Groups

WIRED Threat Level

ForcedEntry is “one of the most technically sophisticated exploits” Project Zero security researchers have ever seen.

Security 138
article thumbnail

Hackers exploit Log4Shell to drop Khonsari Ransomware on Windows systems

Security Affairs

Bitdefender researchers discovered that threat actors are attempting to exploit the Log4Shell flaw to deliver the new Khonsari ransomware on Windows machines. Bitdefender researchers discovered that threat actors are attempting to exploit the Log4Shell vulnerability ( CVE-2021-44228 ) to deliver the new Khonsari ransomware on Windows machines. Experts warn that threat actors are attempting to exploit the Log4Shell flaw to deliver the new Khonsari ransomware on Windows machines.

article thumbnail

Log4Shell: The Big Picture

Dark Reading

A look at why this is such a tricky vulnerability and why the industry response has been good, but not great.

132
132
article thumbnail

10 Best CASB Security Vendors of 2022

eSecurity Planet

Any cloud-based infrastructure needs a robust cloud access security broker (CASB) solution to ensure data and application security and integrity. . With the adoption of cloud-based applications and services growing exponentially, especially as a result of the dramatic growth in remote work in response to the COVID-19 pandemic, more than ever organizations need to protect their data and IT systems from cloud-based threats.

Security 135
article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

NSO Group’s Pegasus Spyware Used Against US State Department Officials

Schneier on Security

NSO Group’s descent into Internet pariah status continues. Its Pegasus spyware was used against nine US State Department employees. We don’t know which NSO Group customer trained the spyware on the US. But the company does: NSO Group said in a statement on Thursday that it did not have any indication their tools were used but canceled access for the relevant customers and would investigate based on the Reuters inquiry. “If our investigation shall show these actions indeed happe

article thumbnail

A phishing campaign targets clients of German banks using QR codes

Security Affairs

Cofense researchers discovered a new phishing campaign using QR codes targeting German e-banking users in the last weeks. Threat actors continue to use multiple techniques to avoid detection and trick recipients into opening phishing messages, including the use of QR codes. The messages used in a campaign recently discovered by cybersecurity firm Cofense use QR codes to deceive users of two Geman financial institutions, Sparkasse and Volksbanken Raiffeisenbanken, and steal digital banking inform

Phishing 145
article thumbnail

Combat Misinformation by Getting Back to Security Basics

Dark Reading

One volley of fake news may land, but properly trained AI can shut down similar attempts at their sources.

Security 131
article thumbnail

What are the benefits of cyber security as a service?

IT Governance

With organisations’ cyber security requirements becoming more complex and the threat of cyber attacks growing each year, many decision-makers are turning towards cyber security as a service. This approach, also known as managed cyber security, works by outsourcing cyber security to a third party. Organisations such as IT Governance that offer cyber security as a service assign dedicated experts to oversee the organisation’s data protection and data privacy needs.

Security 130
article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Kronos Ransomware Outage Drives Widespread Payroll Chaos

Threatpost

Kronos, the workforce-management provider, said a weeks-long outage of its cloud services is in the offing, just in time to hamstring end-of-year HR activities like bonuses and vacation tracking.

article thumbnail

Two Linux botnets already exploit Log4Shell flaw in Log4j

Security Affairs

Immediately after the disclosure of the Log4Shell flaw in Log4j library threat actors started including the exploit code in Linux botnets. Researchers at NetLab 360 reported that their Anglerfish and Apacket honeypots were already hit by attacks attempting to trigger the Log4Shell flaw in the Log4j library. The attempts were carried out by Muhstik and Mirai botnets in attacks aimed at Linux devices.

Honeypots 145
article thumbnail

Why Log4j Mitigation Is Fraught With Challenges

Dark Reading

The Log4j flaw exists in a component that is not always easy to detect and is widely used beyond an organization's own networks and systems.

129
129
article thumbnail

Implementing and Managing Your SIEM Securely: A Checklist

eSecurity Planet

Some companies use cloud-based security information and event management (SIEM) , and others use SIEM that has been installed in a local data center. These on-premises SIEMs can be run on Windows Servers, Linux Servers, and within virtual machines (VMs) or containers. While the security vulnerabilities for each of these instances will be unique and highly dependent upon setup, you can still verify your security using the same checklist, which we’ll give the acronym VIDA DUCA for the steps

Security 128
article thumbnail

Improving the Accuracy of Generative AI Systems: A Structured Approach

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

article thumbnail

When is a Scrape a Breach?

Troy Hunt

A decade and a bit ago during my tenure at Pfizer, a colleague's laptop containing information about customers, healthcare providers and other vendors was stolen from their car. The machine had full disk encryption and it's not known whether the thief was ever actually able to access the data. It's not clear if the car was locked or not.

article thumbnail

PseudoManuscrypt, a mysterious massive cyber espionage campaign

Security Affairs

Tens of thousands of devices worldwide, including many industrial control systems (ICS), have been hit by the PseudoManuscrypt spyware. Kaspersky researchers reported that tens of thousands of devices belonging to industrial and government organizations worldwide have been hit by the PseudoManuscrypt spyware. The name PseudoManuscrypt comes from the similarities with the Manuscrypt malware used by the North Korea-linked Lazarus APT group in attacks aimed at the defense industry.

article thumbnail

How Risky Is the Log4J Vulnerability?

Dark Reading

Security teams around the world are on high alert dealing with the Log4j vulnerability, but how risky is it, really?

Security 127
article thumbnail

Nation-State Attackers, Ransomware Groups Take Aim at Apache Log4j Flaw

eSecurity Planet

Nation-state cyber threat groups and ransomware attackers are moving in to exploit a critical flaw found in the seemingly ubiquitous Apache Log4j open-source logging tool, as attacks spread just days after the vulnerability that could affect hundreds of millions of devices was made public late last week. Microsoft researchers reported that the remote code execution (RCE) vulnerability is being exploited by nation-state groups associated with China, North Korea, Iran and Turkey, with the activity

article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

How to Create a Winning Sales Channel

Thales Cloud Protection & Licensing

How to Create a Winning Sales Channel. jstewart. Wed, 12/15/2021 - 17:43. 75% of world trade flows indirectly through channel sales. What are you doing to optimize your channel partnerships and get the most value from channel selling? What are channel partners? A channel partner is an organization that you partner with to market and sell your hardware, software or SaaS solution.

Sales 126
article thumbnail

Conti ransomware gang exploits Log4Shell bug in its operations

Security Affairs

The Conti ransomware gang is the first ransomware operation exploiting the Log4Shell vulnerability to target VMware vCenter Servers. Conti ransomware gang is the first professional race that leverages Log4Shell exploit to compromise VMware vCenter Server installs. The ransomware group used the exploit to target internal devices that are not protected.

article thumbnail

More Log4j News

Schneier on Security

Log4j is being exploited by all sorts of attackers, all over the Internet: At that point it was reported that there were over 100 attempts to exploit the vulnerability every minute. “Since we started to implement our protection we prevented over 1,272,000 attempts to allocate the vulnerability, over 46% of those attempts were made by known malicious groups,” said cybersecurity company Check Point.