Examples and Security - Information Management Today

Amazon discloses employee data breach after May 2023 MOVEit attacks

Security Affairs

NOVEMBER 11, 2024

Exposed data did not include Social Security numbers or financial information. Amazon and AWS systems remain secure, and we have not experienced a security event. We were notified about a security event at one of our property management vendors that impacted several of its customers including Amazon.

Data breaches

Data breaches Ransomware Cybersecurity Security

Burnout in SOCs: How AI Can Help Analysts Focus on High-Value Tasks

Security Affairs

DECEMBER 5, 2024

Security Operations Center (SOC) analyst burnout is a very real problem. The two key problems are: Alert Overload Modern security environments generate an extraordinary number of alerts. These are some of the most important cybersecurity professionals out there, and many of them are being worked to exhaustion.

Cybersecurity

Cybersecurity Artificial Intelligence Risk Data collection

J-magic malware campaign targets Juniper routers

Security Affairs

JANUARY 24, 2025

Lumen experts also mentioned another variant of cd00r, codenamed SEASPY , that was used in a campaign targeting Barracuda Email Security Gateway (ESG) appliances that dates back in 2022. However, there is no evidence that the two campaigns are linked. ” concludes the report.

Encryption

Encryption Access Security IT

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

Abusing Windows Container Isolation Framework to avoid detection by security products

Security Affairs

AUGUST 31, 2023

Researchers demonstrated how attackers can abuse the Windows Container Isolation Framework to bypass endpoint security solutions. Researcher Daniel Avinoam at the recent DEF CON hacking conference demonstrated how attackers can abuse the Windows Container Isolation Framework to bypass endpoint security solutions.

Security

Security Ransomware Communications IT

How to Package and Price Embedded Analytics

Just by embedding analytics, application owners can charge 24% more for their product. How much value could you add? This framework explains how application enhancements can extend your product offerings. Brought to you by Logi Analytics.

Analytics

Cisco warns of password-spraying attacks targeting Secure Firewall devices

Security Affairs

MARCH 29, 2024

Cisco warns customers of password-spraying attacks that have been targeting Remote Access VPN (RAVPN) services of Cisco Secure Firewall devices. Cisco is warning customers of password-spraying attacks that have been targeting Remote Access VPN (RAVPN) services configured on Cisco Secure Firewall devices.

Passwords

Passwords Security Authentication Access

Google Pixel 9 supports new security features to mitigate baseband attacks

Security Affairs

OCTOBER 6, 2024

Google announced that its Pixel 9 has implemented new security features, and it supports measures to mitigate baseband attacks. Pixel phones are known for their strong security features, particularly in protecting the cellular baseband, which is the processor handling LTE, 4G, and 5G communications. ” concludes the announcement.

Security

Security Communications IT Access

Mazda Connect flaws allow to hack some Mazda vehicles

Security Affairs

NOVEMBER 9, 2024

CVE-2024-8357 : Lack of root of trust in App SoC, risking persistent attacker control by bypassing boot security checks. “The CMU can then be compromised and “enhanced” to, for example, attempt to compromise any connected device in targeted attacks that can result in DoS, bricking, ransomware, safety compromise, etc.”

Ransomware

Ransomware Manufacturing Access Risk

Tesla Hack Could Allow Car Theft, Security Researchers Warn

Data Breach Today

SEPTEMBER 13, 2022

Attack Requires 2 People, Customized Gear and Very Close Proximity to the Victim Security researchers revealed yet another method for stealing a Tesla although the brand is one of the least-stolen cars and among the most recovered once pilfered.

Security

North Korea-linked Zinc group posed as Samsung recruiters to target security firms

Security Affairs

NOVEMBER 28, 2021

North Korea-linked threat actors posed as Samsung recruiters in a spear-phishing campaign aimed at employees at South Korean security firms. North Korea-linked APT group posed as Samsung recruiters is a spear-phishing campaign that targeted South Korean security companies that sell anti-malware solutions, Google TAG researchers reported.

Security

Security Phishing Information Security Communications

Security Affairs newsletter Round 488 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

SEPTEMBER 8, 2024

Every week the best security articles from Security Affairs are free in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Managing Cybersecurity in the Age of Artificial Intelligence Clearview AI Faces €30.5M

Security

Security Data breaches Artificial Intelligence Ransomware

SOC Scalability: How AI Supports Growth Without Overloading Analysts

Security Affairs

JANUARY 9, 2025

Scaling up a security operations center (SOC) is inevitable for many organizations. Scaling up a security operations center (SOC) is inevitable for many organizations. Aside from the obvious well-being impacts on analysts which are severe and unignorable traditional SOC scaling practices can compromise an organizations security.

Artificial Intelligence

Artificial Intelligence Cybersecurity Compliance IT

‘Trojan Source’ Bug Threatens the Security of All Code

Krebs on Security

OCTOBER 31, 2021

The vulnerability disclosure was coordinated with multiple organizations, some of whom are now releasing updates to address the security weakness. “Such code copying is a significant source of real-world security exploits.” Additional security advisories from other affected languages will be added as updates here.

Security

Security Paper Information Security IT

New Tech Q&A: Adaptiva – CrowdStrike alliance highlights trend of blending IT and security systems

The Last Watchdog

JULY 1, 2024

The coalescing of the next-gen security platforms that will carry us forward continues. Last Watchdog engaged Davinder Singh , Chief Technology Officer at Adaptiva, to drill down on the current state of securing networks. LW: What’s an example that illustrates the benefit of teaming? All stakeholders have complete visibility.

IT

IT Security Compliance Manufacturing

DoJ seized credit card marketplace PopeyeTools and charges its administrators

Security Affairs

NOVEMBER 24, 2024

Today’s announcement of the takedown of the PopeyeTools domains, the criminal charges against its operators, and the seizure of cryptocurrency is yet another example of the department’s ‘all-tools’ approach to combatting cybercrime. Argentieri, head of the Justice Department’s Criminal Division.

IT

IT Sales Access Ransomware

Identity Thieves Bypassed Experian Security to View Credit Reports

Krebs on Security

JANUARY 9, 2023

Identity thieves have been exploiting a glaring security weakness in the website of Experian , one of the big three consumer credit reporting bureaus. All that was needed was the person’s name, address, birthday and Social Security number. states to place a security freeze on their credit files.

Security

Security Authentication Mining Cybersecurity

Managing Security at the Network Layer

Data Breach Today

SEPTEMBER 25, 2024

How to Safeguard Critical Infrastructure Neglecting network security can lead to serious consequences for organizations. Here are the essential practices for managing network security, along with real-world examples that reinforce the importance of comprehensive protection.

Security

Security IT

Attack of drones: airborne cybersecurity nightmare

Security Affairs

DECEMBER 2, 2022

These numbers inform of the possibility that a once uncluttered skyline may soon be teeming with millions of drone aircraft, and questions begin to arise regarding the sanctity of enterprise security, privacy, and potential cybersecurity threats sourcing from the sky. Aerial trespass. Attacks against enterprise-owned drones.

Cybersecurity

Cybersecurity Computer and Electronics Authentication Marketing

The Netherlands declares war on ransomware operations

Security Affairs

OCTOBER 8, 2021

The Dutch government will not tolerate ransomware attacks that could threaten national security, it will use intelligence or military services to curb them. The Dutch government announced that it will not tolerate cyberattacks that pose a risk to its national security and will employ intelligence or military services to counter them.

Ransomware

Ransomware Military Government Security

Cybercriminals Use Azure Front Door in Phishing Attacks

Security Affairs

JUNE 21, 2022

1 – Example of Phishing Page Delivered by Azure Front Door (AFD). The original phishing e-mails have been retained and observed by Security Affairs. – Example of a phishing template designed to compromise e-mail accounts using Adobe branding. com” VS “alfuttaim[.]com”).

Phishing

Phishing Cloud Cybersecurity Security

U.S. Internet Leaked Years of Internal, Customer Emails

Krebs on Security

FEBRUARY 14, 2024

has a business unit called Securence , which specializes in providing filtered, secure email services to businesses, educational institutions and government agencies worldwide. Internet/Securence says your email is secure. Hold Security founder Alex Holden said his researchers had unearthed a public link to a U.S.

Education

Education Data breaches Government Security

Iranian crypto exchange Bit24.cash leaks user passports and IDs

Security Affairs

JANUARY 7, 2024

Considering the sensitive nature of these documents shared with exchanges, users rightfully expect organizations to safeguard them securely. Data example. The instance has since been secured and is no longer accessible. A user holding its written consent to the platform rules, his credit card and ID attached and visible, too.

Access

Access Marketing Cloud Security

Apache releases the third patch to address a new Log4j flaw

Security Affairs

DECEMBER 18, 2021

While the experts were warning that threat actors are actively attempting to exploit a second vulnerability, tracked as CVE-2021-45046 , disclosed in the Log4j library a third security vulnerability made the headlines. The post Apache releases the third patch to address a new Log4j flaw appeared first on Security Affairs.

Libraries

Libraries Security Ransomware IT

Researchers found multiple flaws in ChatGPT plugins

Security Affairs

MARCH 14, 2024

Researchers from Salt Security discovered three types of vulnerabilities in ChatGPT plugins that can be could have led to data exposure and account takeovers. ” reads the report published by Salt Security. “In our example, we will use “AskTheCode” – a plugin developed with PluginLab.AI

Access

Access Passwords Authentication Security

New Luna ransomware targets Windows, Linux and ESXi systems

Security Affairs

JULY 20, 2022

A notable example includes BlackCat and Hive. Starting Windows system in safe mode allows Black Basta to bypass detection from multiple endpoint security solutions. For example, some endpoint solutions do not run in safe mode, meaning the ransomware will not be detected and files in the system can be “easily” encrypted.”

Ransomware

Ransomware Encryption IT Security

WiHD leak exposes details of all torrent users

Security Affairs

OCTOBER 31, 2023

The leaked data includes: User emails IP addresses Service info Usernames Hashed passwords for all torrent users Exposing sensitive user data to anyone on the internet poses significant security risks, research claims. For example, malicious actors could collate IP addresses with email addresses to pinpoint user locations.

Passwords

Passwords Phishing Privacy Risk

OrBit, a new sophisticated Linux malware still undetected

Security Affairs

JULY 7, 2022

SO file) that can be placed either in persistent storage, for example /lib/libntpVnQE6mk/, or in shim-memory under /dev/shm/ldx/. “Threats that target Linux continue to evolve while successfully staying under the radar of security tools, now OrBit is one more example of how evasive and persistent new malware can be.”

Libraries

Libraries Cybersecurity Authentication Access

Info stealers and how to protect against them

Security Affairs

DECEMBER 18, 2023

This data may include usernames, passwords, credit card numbers, social security numbers, and other sensitive information. They may use various tactics to evade antivirus and other security measures. For example, some may target login credentials, while others may focus on financial data or intellectual property.

Sales

Sales Ransomware Passwords Communications

Experts warn of attacks using a new Linux variant of SFile ransomware

Security Affairs

JANUARY 17, 2022

Recently, the Chinese security firm Rising detected a Linux variant of the SFile ransomware that uses the RSA+AES algorithm mode. “For example, the variant captured this time uses nuctech-gj0okyci (nuctech is the English name of Nuctech Technology Co., as the suffix name. .” Pierluigi Paganini.

Ransomware

Ransomware Encryption Libraries Communications

Pro-Ukraine ‘Protestware’ Pushes Antiwar Ads, Geo-Targeted Malware

Krebs on Security

MARCH 17, 2022

For example, the popular library ES5-ext hadn’t updated its code in nearly two years. A more concerning example can be found at the GitHub page for “ vue-cli ,” a popular Javascript framework for building web-based user interfaces. The message has been Google-Translated from Russian to English. ”

Libraries

Libraries IT Security

A new flaw in OpenSSH can lead to remote code execution

Security Affairs

JULY 10, 2024

A vulnerability affects some versions of the OpenSSH secure networking suite, it can potentially lead to remote code execution. impacts select versions of the OpenSSH secure networking suite, it can be exploited to achieve remote code execution (RCE). The vulnerability CVE-2024-6409 (CVSS score: 7.0)

Authentication

Authentication Security IT Information Security

Threat actors scrape 600 million LinkedIn profiles and are selling the data online – again

Security Affairs

JULY 12, 2021

LinkedIn’s refusal to treat malicious scraping as a security problem can potentially allow cybercriminals to gather data on new victims with impunity. To see if any of your online accounts were exposed in previous security breaches, use our personal data leak checker with a library of 15+ billion breached records. Pierluigi Paganini.

Archiving

Archiving Passwords Data collection Sales

Crooks target Kubernetes installs via Argo Workflows to deploy miners

Security Affairs

JULY 25, 2021

Threat actors target Kubernetes installs via Argo Workflows to cryptocurrency miners, security researchers from Intezer warn. Methodologies such as the principle of least privilege (PoLP) should be followed and always refer to the application documentation for best practices on security.” Pierluigi Paganini.

Mining

Mining Access Security IT

The Quantum Computing Cryptopocalypse – I’ll Know It When I See It

Security Affairs

JANUARY 19, 2024

So, it might not be time to panic, but it certainly is time to recognize that the threats and the benefits of quantum computing are here now, and security professionals need to ensure that they and the organization they work for are fully prepared.

IT

IT Encryption Security Cybersecurity

Credential Flusher, understanding the threat and how to protect your login data

Security Affairs

SEPTEMBER 18, 2024

Flow chart – Credit OALABS In the OALABS example, Amadey loads StealC and “AutoIt2Exe” binary ( [link] ) from http[:]//31.41.244[.]11 Enable 2FA Authentication: This measure adds an extra layer of security by requiring a second factor of authentication in addition to the password. 11 and executes them.

Passwords

Passwords Authentication Education Phishing

Microsoft launched its new Microsoft Defender Bounty Program

Security Affairs

NOVEMBER 24, 2023

Microsoft announced this week it will pay up to $20,000 for security vulnerabilities in its Defender products. For example, simply identifying an out-of-date library would not qualify for an award. Microsoft launched its new Microsoft Defender Bounty Program with a focus on Defender products and services.

IT

IT Security Information Security

Fortune-telling website WeMystic exposes 13M+ user records

Security Affairs

DECEMBER 2, 2023

The content platform WeMystic is a good example of this, with the Cybernews research team discovering that it exposed its users’ sensitive data. WeMystic, a website on astrology, numerology, tarot, and spiritual orientation, left an open database exposing 34GB of sensitive data about the platforms’ users.

Data collection

Data collection Risk Access IT

Misinformation and hacktivist campaigns targeting the Philippines skyrocket

Security Affairs

APRIL 16, 2024

One prolific example of this dynamic is the China-linked Mustang Panda group, which Resecurity observed using cyberspace to stage sophisticated information warfare campaigns. In Q2 2024 , this growth trajectory continues, with Resecurity observing multiple cyberattacks staged by previously unknown threat actors.

Government

Government Security Information Security IT

How the U.S. Government Views the Bright, Dark Sides of AI

Data Breach Today

SEPTEMBER 14, 2023

agencies to address hard problems like quickly writing secure code but comes with risks around nation-states generating attacks more efficiently. The cybersecurity element is a great example of the bright and the dark side of AI technology," said White House Director Arati Prabhakar.

Artificial Intelligence

Artificial Intelligence Government Cybersecurity Risk

Threat actors leverage Microsoft Teams to spread malware

Security Affairs

FEBRUARY 17, 2022

Starting in January 2022, security researchers from Avanan observed attackers compromising Microsoft Teams accounts attach malicious executables to chat and infect participants in the conversation. Further, many email security solutions do not offer robust protection for Teams.” ” continues the analysis. Pierluigi Paganini.

File names

File names Phishing Data breaches Access

Exploit broker Zerodium is looking for Pidgin 0day exploits

Security Affairs

JUNE 2, 2021

Researchers from Trend Micro reported the existence of Asrar al-Dardashah, a plugin released in 2013 that was developed for Pidgin to add encryption to the instant messaging functions, securing instant messaging with the press of a single button. The announcement is temporary likely because it comes after a request of some of its customers.

Encryption

Encryption Communications Security IT

Recently patched Windows flaw CVE-2024-43461 was actively exploited as a zero-day before July 2024

Security Affairs

SEPTEMBER 16, 2024

. “We released a fix for CVE-2024-38112 in our July 2024 security updates which broke this attack chain. See [ CVE-2024-38112 – Security Update Guide – Microsoft – Windows MSHTML Platform Spoofing Vulnerability[([link] Customers should both the July 2024 and September 2024 security update to fully protect themselves.”

Archiving

Archiving File names Libraries Passwords

While attackers begin exploiting a second Log4j flaw, a third one emerges

Security Affairs

DECEMBER 16, 2021

American web infrastructure and website security company Cloudflare warns that threat actors are actively attempting to exploit a second vulnerability, tracked as CVE-2021-45046 , disclosed in the Log4j library. The post While attackers begin exploiting a second Log4j flaw, a third one emerges appeared first on Security Affairs.

Libraries

Libraries Ransomware Access Security

BlackCat Ransomware affiliates target unpatched Microsoft Exchange servers

Security Affairs

JUNE 16, 2022

“For example, while the common entry vectors for these threat actors include remote desktop applications and compromised credentials, we also saw a threat actor leverage Exchange server vulnerabilities to gain target network access. . Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g.

Ransomware

Ransomware Archiving Access Encryption

Amazon discloses employee data breach after May 2023 MOVEit attacks

Burnout in SOCs: How AI Can Help Analysts Focus on High-Value Tasks

Webinars

Trending Sources

J-magic malware campaign targets Juniper routers

Webinars

Abusing Windows Container Isolation Framework to avoid detection by security products

How to Package and Price Embedded Analytics

Cisco warns of password-spraying attacks targeting Secure Firewall devices

Google Pixel 9 supports new security features to mitigate baseband attacks

Mazda Connect flaws allow to hack some Mazda vehicles

Tesla Hack Could Allow Car Theft, Security Researchers Warn

North Korea-linked Zinc group posed as Samsung recruiters to target security firms

Security Affairs newsletter Round 488 by Pierluigi Paganini – INTERNATIONAL EDITION

SOC Scalability: How AI Supports Growth Without Overloading Analysts

‘Trojan Source’ Bug Threatens the Security of All Code

New Tech Q&A: Adaptiva – CrowdStrike alliance highlights trend of blending IT and security systems

DoJ seized credit card marketplace PopeyeTools and charges its administrators

Identity Thieves Bypassed Experian Security to View Credit Reports

Managing Security at the Network Layer

Attack of drones: airborne cybersecurity nightmare

The Netherlands declares war on ransomware operations

Cybercriminals Use Azure Front Door in Phishing Attacks

U.S. Internet Leaked Years of Internal, Customer Emails

Iranian crypto exchange Bit24.cash leaks user passports and IDs

Apache releases the third patch to address a new Log4j flaw

Researchers found multiple flaws in ChatGPT plugins

New Luna ransomware targets Windows, Linux and ESXi systems

WiHD leak exposes details of all torrent users

OrBit, a new sophisticated Linux malware still undetected

Info stealers and how to protect against them

Experts warn of attacks using a new Linux variant of SFile ransomware

Pro-Ukraine ‘Protestware’ Pushes Antiwar Ads, Geo-Targeted Malware

A new flaw in OpenSSH can lead to remote code execution

Threat actors scrape 600 million LinkedIn profiles and are selling the data online – again

Crooks target Kubernetes installs via Argo Workflows to deploy miners

The Quantum Computing Cryptopocalypse – I’ll Know It When I See It

Credential Flusher, understanding the threat and how to protect your login data

Microsoft launched its new Microsoft Defender Bounty Program

Fortune-telling website WeMystic exposes 13M+ user records

Misinformation and hacktivist campaigns targeting the Philippines skyrocket

How the U.S. Government Views the Bright, Dark Sides of AI

Threat actors leverage Microsoft Teams to spread malware

Exploit broker Zerodium is looking for Pidgin 0day exploits

Recently patched Windows flaw CVE-2024-43461 was actively exploited as a zero-day before July 2024

While attackers begin exploiting a second Log4j flaw, a third one emerges

BlackCat Ransomware affiliates target unpatched Microsoft Exchange servers

Stay Connected