Sat.Nov 12, 2022 - Fri.Nov 18, 2022

article thumbnail

Researchers Quietly Cracked Zeppelin Ransomware Keys

Krebs on Security

Peter is an IT manager for a technology manufacturer that got hit with a Russian ransomware strain called “ Zeppelin ” in May 2020. He’d been on the job less than six months, and because of the way his predecessor architected things, the company’s data backups also were encrypted by Zeppelin. After two weeks of stalling their extortionists, Peter’s bosses were ready to capitulate and pay the ransom demand.

article thumbnail

MY TAKE: Can Matter 1.0 springboard us from truly smart homes to the Internet of Everything?

The Last Watchdog

Ever feel like your smart home has dyslexia? Siri and Alexa are terrific at gaining intelligence with each additional voice command. And yet what these virtual assistants are starkly missing is interoperability. Related: Why standards are so vital. Matter 1.0 is about to change that. This new home automation connectivity standard rolls out this holiday season with sky high expectations.

IoT 213
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Twitter Two-Factor Authentication Has a Vulnerability

Data Breach Today

Hackers Gain Path to Potential Account Takeover by Turning Off SMS Second Factor Twitter accounts that use SMS for two-factor authentication are at a heightened risk of account takeover with the disclosure that texting "STOP" to the verification service results in it being turned off. The vulnerability opens the door to a password reset attack or a password stuffing attack.

article thumbnail

F5 fixed 2 high-severity Remote Code Execution bugs in its products

Security Affairs

Researchers at cybersecurity firm Rapid7 have identified several vulnerabilities and other potential security issues affecting F5 products. Rapid7 researchers discovered several vulnerabilities in F5 BIG-IP and BIG-IQ devices running a customized distribution of CentOS. The experts also discovered several bypasses of security controls that the security vendor F5 does not recognize as exploitable vulnerabilities.

IT 145
article thumbnail

Prevent Data Breaches With Zero-Trust Enterprise Password Management

Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper’s affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance.

article thumbnail

Disneyland Malware Team: It’s a Puny World After All

Krebs on Security

A financial cybercrime group calling itself the Disneyland Team has been making liberal use of visually confusing phishing domains that spoof popular bank brands using Punycode , an Internet standard that allows web browsers to render domain names with non-Latin alphabets like Cyrillic. The Disneyland Team’s Web interface, which allows them to interact with malware victims in real time to phish their login credentials using phony bank websites.

Phishing 312

More Trending

article thumbnail

Ransomware Attackers Don't Take Holidays

Data Breach Today

Cybereason's Sam Curry on the Financial and Business Impact of After-Hours Strikes Cyberattackers love to strike on weekends and holidays - that's not news. What is news: These attacks cost more than weekday incidents, and they take a heavy toll on defenders. Cybereason's Sam Curry shares insight from the new study "Organizations at Risk: Ransomware Attackers Don’t Take Holidays.

article thumbnail

Vulnerability Patching: How to Prioritize and Apply Patches

eSecurity Planet

Every IT environment and cybersecurity strategy has vulnerabilities. To avoid damage or loss, organizations need to find and eliminate those vulnerabilities before attackers can exploit them. Some of those vulnerabilities will be found and fixed by vendors, who will provide patches and updates for their products. Other vulnerabilities cannot be patched and will require coordination between IT, cybersecurity, and app developers to protect those exposed vulnerabilities with additional resources th

Passwords 145
article thumbnail

Top Zeus Botnet Suspect “Tank” Arrested in Geneva

Krebs on Security

Vyacheslav “Tank” Penchukov , the accused 40-year-old Ukrainian leader of a prolific cybercriminal group that stole tens of millions of dollars from small to mid-sized businesses in the United States and Europe, has been arrested in Switzerland, according to multiple sources. Wanted Ukrainian cybercrime suspect Vyacheslav “Tank” Penchukov (right) was arrested in Geneva, Switzerland.

Phishing 309
article thumbnail

Two public schools in Michigan hit by a ransomware attack

Security Affairs

Public schools in two Michigan counties were forced to halt their activities, including the lessons, after a ransomware attack. Public schools in Jackson and Hillsdale counties, Michigan, reopen after a closure of two days caused by a ransomware attack that hit its systems. The public schools started experiencing a systems outage affecting critical operating systems on Monday, the outage occurred because they were victims of a ransomware attack detected over the weekend.

article thumbnail

Optimizing The Modern Developer Experience with Coder

Many software teams have migrated their testing and production workloads to the cloud, yet development environments often remain tied to outdated local setups, limiting efficiency and growth. This is where Coder comes in. In our 101 Coder webinar, you’ll explore how cloud-based development environments can unlock new levels of productivity. Discover how to transition from local setups to a secure, cloud-powered ecosystem with ease.

article thumbnail

Pro-Moscow Nuisance Hackers Claim DDoS Attack on FBI Website

Data Breach Today

KillNet Asserts It Temporarily Made FBI Websites Unavailable Pro-Kremlin hackers claimed credit for a denial-of-service attack against FBI websites, marking the latest in a series of nuisance attacks. The FBI earlier said it is aware of "pro-Russian hacktivist groups employing DDoS attacks to target critical infrastructure companies with limited success.

IT 246
article thumbnail

FTX Collapse Highlights the Cybersecurity Risks of Crypto

eSecurity Planet

John Jay Ray III is one of the world’s top bankruptcy lawyers. He has worked on cases like Enron and Nortel. But his latest gig appears to be the most challenging. On November 11, he took the helm at FTX, a massive crypto platform, which has plunged into insolvency. His Chapter 11 filing reads more like a Netflix script. In it, he notes : “Never in my career have I seen such a complete failure of corporate controls and such a complete absence of trustworthy financial information as occurred here

article thumbnail

Failures in Twitter’s Two-Factor Authentication System

Schneier on Security

Twitter is having intermittent problems with its two-factor authentication system: Not all users are having problems receiving SMS authentication codes, and those who rely on an authenticator app or physical authentication token to secure their Twitter account may not have reason to test the mechanism. But users have been self-reporting issues on Twitter since the weekend, and WIRED confirmed that on at least some accounts, authentication texts are hours delayed or not coming at all.

article thumbnail

Have board directors any liability for a cyberattack against their company?

Security Affairs

Are the directors of a company hit by a cyberattack liable for negligence in failing to take steps to limit the risk. As the risk of a cyberattack grows, it is pivotal to consider whether the directors of a company hit by a ransomware attack, for example, can bear any liability for negligence in failing to take steps to limit the risk. During the past few weeks, I had the pleasure of running a presentation on how to deal with the risk of ransomware cyberattacks on corporations for the benefit of

Insurance 144
article thumbnail

15 Modern Use Cases for Enterprise Business Intelligence

Large enterprises face unique challenges in optimizing their Business Intelligence (BI) output due to the sheer scale and complexity of their operations. Unlike smaller organizations, where basic BI features and simple dashboards might suffice, enterprises must manage vast amounts of data from diverse sources. What are the top modern BI use cases for enterprise businesses to help you get a leg up on the competition?

article thumbnail

Arrest of Ukrainian in Cybercrime Case Shows Patience Pays

Data Breach Today

Suspect in Jabberzeus Banking Malware Gang Nabbed in Geneva The apparent arrest of a Ukrainian national long wanted on cybercrime charges in the U.S. shows that with much patience, law enforcement can notch successes. A key member of the Jabberzeus gang, which stole tens of millions of dollars, was arrested in Geneva.

244
244
article thumbnail

Watch Out For This Tricky New Tactic Called Clone Phishing

KnowBe4

Researchers at Vade Secure describe a type of phishing attack dubbed “clone phishing,” in which attackers follow up a legitimate email from a trusted sender with a replica, claiming that they forgot to include a link or attachment.

Phishing 142
article thumbnail

One in Five Public-Facing Cloud Storage Buckets Expose Sensitive Data

eSecurity Planet

Public-facing cloud storage buckets are a data privacy nightmare, according to a study released today. Members of Laminar Labs’ research team recently found that one in five public-facing cloud storage buckets contains personally identifiable information (PII) – and the majority of that data isn’t even supposed to be online in the first place.

Cloud 141
article thumbnail

Lazarus APT uses DTrack backdoor in attacks against LATAM and European orgs

Security Affairs

North Korea-linked Lazarus APT is using a new version of the DTrack backdoor in attacks aimed at organizations in Europe and Latin America. North Korea-linked APT Lazarus is using a new version of the DTrack backdoor to attack organizations in Europe and Latin America, Kaspersky researchers warn. DTrack is a modular backdoor used by the Lazarus group since 2019 , it was employed in attacks against a wide variety of targets, from financial environments to a nuclear power plan.

article thumbnail

The Tumultuous IT Landscape Is Making Hiring More Difficult

After a year of sporadic hiring and uncertain investment areas, tech leaders are scrambling to figure out what’s next. This whitepaper reveals how tech leaders are hiring and investing for the future. Download today to learn more!

article thumbnail

Russian Hackers Target Ukraine With Malicious Encryption

Data Breach Today

From Russia with Love Group Boasted of Removing Decryptor from Somnia Ransomware Russian hackers are on a campaign to maliciously encrypt the files of Ukrainian victims - but unlike other ransomware groups, doing so without the possibility of offering a decryptor. Ukraine’s Computer Emergency Response Team identifies the group as UAC-0118, also known as From Russia with love.

article thumbnail

Holiday Package or Scam Message? Clickers Beware

KnowBe4

As we enter the holiday season, we start getting bombarded with amazing offers and often take advantage of not only grabbing ourselves a bargain, but also stockpiling gifts for friends and family. During this time, not a day goes by where we do not receive a couple of packages, to the extent that we often become friendly on a first name basis with the delivery drivers.

article thumbnail

Another Event-Related Spyware App

Schneier on Security

Last month, we were warned not to install Qatar’s World Cup app because it was spyware. This month, it’s Egypt’s COP27 Summit app : The app is being promoted as a tool to help attendees navigate the event. But it risks giving the Egyptian government permission to read users’ emails and messages. Even messages shared via encrypted services like WhatsApp are vulnerable, according to POLITICO’s technical review of the application, and two of the outside experts.

article thumbnail

Magento and Adobe Commerce websites under attack

Security Affairs

Researchers warn of a surge in cyberattacks targeting CVE-2022-24086, a pre-authentication issue impacting Adobe Commerce and Magento stores. In September 2022, Sansec researchers warned of a surge in hacking attempts targeting a critical Magento 2 vulnerability tracked as CVE-2022-24086. Magento is a popular open-source e-commerce platform owned by Adobe, which is used by hundreds of thousands of e-stores worldwide.

article thumbnail

Improving the Accuracy of Generative AI Systems: A Structured Approach

Speaker: Anindo Banerjea, CTO at Civio & Tony Karrer, CTO at Aggregage

When developing a Gen AI application, one of the most significant challenges is improving accuracy. This can be especially difficult when working with a large data corpus, and as the complexity of the task increases. The number of use cases/corner cases that the system is expected to handle essentially explodes. 💥 Anindo Banerjea is here to showcase his significant experience building AI/ML SaaS applications as he walks us through the current problems his company, Civio, is solving.

article thumbnail

Discord Fined by French CNIL for GDPR Violations

Data Breach Today

Video Streamer Pays 800,000 Euros to Settle Probe of Privacy and Security Practices The French data protection authority fined Discord 800,000 euros for privacy and security practices that violate the General Data Protection Regulation. Authorities said the fine might have been higher except that Discord's "business model is not based on the exploitation of personal data.

GDPR 240
article thumbnail

Zero-Trust Initiatives Stall, as Cyberattack Costs Rocket to $1M per Incident

Dark Reading

Researchers find current data protections strategies are failing to get the job done, and IT leaders are concerned, while a lack of qualified IT security talent hampers cyber-defense initiatives.

Security 129
article thumbnail

Russian Software Company Pretending to Be American

Schneier on Security

Computer code developed by a company called Pushwoosh is in about 8,000 Apple and Google smartphone apps. The company pretends to be American when it is actually Russian. According to company documents publicly filed in Russia and reviewed by Reuters, Pushwoosh is headquartered in the Siberian town of Novosibirsk, where it is registered as a software company that also carries out data processing.

article thumbnail

Iran-linked threat actors compromise US Federal Network

Security Affairs

Iran-linked threat actors compromised a Federal Civilian Executive Branch organization using a Log4Shell exploit and installed a cryptomining malware. According to a joint advisory published by the FBI and CISA, an Iran-linked APT group compromised a Federal Civilian Executive Branch (FCEB) organization using an exploit for the Log4Shell flaw ( CVE-2021-44228 ) and deployed a cryptomining malware.

Mining 138
article thumbnail

The Cloud Development Environment Adoption Report

Cloud Development Environments (CDEs) are changing how software teams work by moving development to the cloud. Our Cloud Development Environment Adoption Report gathers insights from 223 developers and business leaders, uncovering key trends in CDE adoption. With 66% of large organizations already using CDEs, these platforms are quickly becoming essential to modern development practices.

article thumbnail

Ransomware-as-a-Service Market Now Highly Specialized

Data Breach Today

Services Include Subscription Models, Bug Bounties and High-Paying Jobs Budding cybercriminals can purchase a large number of specialized services from the ransomware criminal underground, reports cybersecurity firm Sophos. The services range from malware distribution to network scanning and even include OPSEC-as-a-service.

article thumbnail

The Next Generation of Supply Chain Attacks Is Here to Stay

Dark Reading

With the proliferation of interconnected third-party applications, new strategies are needed to close the security gap.

Security 128
article thumbnail

The Rise in Unwanted Emails, Now Found to be Nearly 41%

KnowBe4

How many business emails do the recipients actually want? Or, conversely, how many of them are unwanted? A study by Hornetsecurity looked at this question (along with a number of other security issues) and reached a conclusion that, on reflection, most people with a business email account would probably say is consistent with their own experience: some 40.5% of emails that arrive are ones the recipients don’t really want in the first place.

Security 124