Author: Admin
Steve Bellovino’s Retirement Talk Steve Belavin is retiring. Here his retirement speech, reflecting on his career and what the cybersecurity industry needs next. tags: cyber security, security history Posted on November 20, 2024 at 11:22 • 0 comments Bruce Schneier sidebar photo by Joe McInnis. Source link
November 20, 2024Ravi LakshmananPayment Security / Cybercrime Threat actors are increasingly banking on a new technique that uses near-field communication (NFC) to capture a victim’s funds at scale. Technique under the code name Ghost faucet by ThreatFabric, allows cybercriminals to cash out stolen credit cards linked to mobile payment services such as Google Pay or Apple Pay and relay NFC traffic. “Criminals can now abuse Google Pay and Apple Pay to transmit your click-to-pay information worldwide in seconds,” Dutch security firm The Hacker News said in a statement. “This means that even without your physical card or phone, they can…
November 20, 2024Ravi LakshmananEndpoint Security / Artificial Intelligence Research Microsoft has announced a new Windows Sustainability Initiative as a way to improve security and reliability and to ensure that the integrity of the system is not compromised. The idea, the tech giant said, is to avoid incidents like CrowdStrike earlier this July, allow more applications and users to run without administrator privileges, add controls over the use of dangerous programs and drivers, and offer options for encrypting personal data. One of the most important features is Fast recovery of the machine It is expected to be available to the Windows…
November 20, 2024Hacker newsIdentity Security / Cyber Defense Today’s cyber attacks are increasing in frequency and sophistication, making it increasingly difficult for organizations to protect sensitive data and critical infrastructure. When attackers compromise a non-human identity (NHI), they can quickly use it to move across systems, discovering weaknesses and compromising additional NHIs in minutes. While organizations often need months to detect and contain such breaches, quick detection and response can stop an attack in its tracks. The rise of non-human entities in cyber security By 2025 non-human identities will become the primary attack vector in cyber security. As businesses increasingly…
November 20, 2024Ravi LakshmananLinux / Vulnerability The needrestart package installed by default in Ubuntu Server (starting with version 21.04) discovered a number of ten-year-old security vulnerabilities that could allow a local attacker to gain root privileges without the need for user interaction. Qualys Threat Research Unit (TRU) which detected and reported flaws early last month, said they are trivial to use, requiring users to move quickly to apply fixes. The vulnerabilities are believed to have existed since the introduction of translator support in the need to restart 0.8which was released on April 27, 2014. “These needrestart exploits allow local privilege…
November 20, 2024Ravi LakshmananCyber Espionage / Telecom Security A new cyberespionage group linked to China has been blamed for a series of targeted cyberattacks targeting telecommunications organizations in South Asia and Africa since at least 2020 to ensure intelligence gathering. Cybersecurity company CrowdStrike tracks the adversary by name Liminal pandadescribing him as having an in-depth knowledge of telecommunications networks, the protocols that support telecommunications, and the various interconnections between providers. A threat actor’s malware portfolio includes specialized tools that facilitate covert access, command and control (C2), and data extortion. “Liminal Panda used compromised telecommunications servers to initiate intrusions into other…
November 20, 2024Ravi LakshmananSoftware Security / Vulnerability Oracle is warning that a high-severity security flaw has been exploited in the wild that affects the Agile Product Lifecycle Management (PLM) Framework. Vulnerability, tracked as CVE-2024-21287 (CVSS score: 7.5), can be used without authentication to leak sensitive information. “This vulnerability can be exploited remotely without authentication, ie. it can be used over the network without the need to enter a username and password,” the message says. said in the advisory. “If successfully exploited, this vulnerability could lead to file disclosure.” CrowdStrike security researchers Joel Snape and Lutz Wolf are credited with discovering…
November 20, 2024Ravi LakshmananZero Day / Vulnerability Apple has released security updates for iOS, iPadOS, macOS, visionOS and its Safari web browser to address two zero-day vulnerabilities that have been widely exploited in the wild. Disadvantages are listed below – CVE-2024-44308 – A vulnerability in JavaScriptCore that could allow arbitrary code execution when processing malicious web content CVE-2024-44309 – A cookie management vulnerability in WebKit that could lead to a cross-site scripting (XSS) attack when handling malicious web content The iPhone maker said it addressed CVE-2024-44308 and CVE-2024-44309 with improved checks and improved state management, respectively. Not much is known…
November 19, 2024Ravi LakshmananCloud Security / Piracy Attackers use misconfigured JupyterLab and Jupyter Notebooks to copy streams and enable sports piracy using live stream capture tools. The attacks involve hijacking unauthenticated Jupyter laptops to establish initial access and performing a series of actions aimed at facilitating the illegal streaming of live sports events, Aqua said. the report shared with The Hacker News. A stealth hacking campaign in interactive environments widely used for data science applications has been discovered by a cloud security company after its decoys were attacked. “The attacker first updated the server, then downloaded the tool FFmpeg” -…
The malware, known as Ngioweb, was used to power a notorious residential proxy service called NSOCKS, as well as other services such as VN5Socks and Shopsocks5, new findings from Lumen Technologies show. “At least 80% of the NSOCKS bots in our telemetry originate from the Ngioweb botnet, mostly using small office/home office (SOHO) routers and IoT devices,” according to a report by the Black Lotus Labs team at Lumen Technologies. shared in The Hacker News. . “Two-thirds of these proxies are in the US” “On average, there are about 35,000 bots active daily on the network, of which 40% remain…