Author: Admin
September 16, 2024Hacker newsPayment Security / Data Protection The PCI DSS landscape is evolving rapidly. As the Q1 2025 deadline looms large, businesses are scrambling to meet the stringent new requirements of PCI DSS v4.0. Two sections in particular, 6.4.3 and 11.6.1, are of concern because they require organizations to strictly control and manage payment page scripts and use a robust change detection mechanism. With the deadline fast approaching and the serious consequences of non-compliance, there is no room for complacency, so in this article we will look at the best way to meet these complex coding requirements. PCI DSS…
September 16, 2024Ravi LakshmananFinancial Security / Malware Cybersecurity researchers continue to warn of attempts by North Korean threat actors to direct potential victims to LinkedIn to deliver malware called RustDoor. The latest advisory comes from Jamf Threat Labs, which said it discovered an attempted attack in which a user contacted a professional social network claiming to be a recruiter for a legitimate decentralized cryptocurrency exchange (DEX) called STON.fi. The malicious cyber activity is part of a multi-pronged campaign by cyber threat actors supported by the Democratic People’s Republic of Korea (DPRK) to infiltrate networks of interest under the guise of…
September 16, 2024Ravi LakshmananCloud Security / Vulnerability A now-fixed critical security flaw affecting Google Cloud Platform (GCP) Composer could be used to achieve remote code execution on cloud servers using a supply chain attack technique called dependency confusion. The vulnerability was given a code name CloudImposer by Tenable Research. “The vulnerability could allow an attacker to hijack an internal software dependency that Google pre-installs on each Google Cloud Composer pipeline orchestration tool,” security researcher Liv Mattan said in a the report shared with The Hacker News. The dependency confusion (aka substitution attack) that was documented for the first time by…
September 16, 2024Hacker newsPersonal Protection / Incident Response Imagine this… You arrive at work to a chaotic scene. Systems are down, panic is in the air. Guilty? Not a rogue virus, but a compromised individual. There is an attacker inside your walls by pretending to be a trusted user. This is not a horror movie, this is the new reality of cybercrime. The question is, are you prepared? Traditional incident response plans are like old maps in a new world. They focus on malware and network hacking, but today’s criminals are looking for your identity. Stolen credentials and weak access…
September 16, 2024Ravi LakshmananSpy Software / Threat Intelligence Apple has filed a petition to “voluntarily” drop its lawsuit against commercial spyware vendor NSO Group, citing a changing risk landscape that could lead to the exposure of critical “threat analysis” information. There was development reported for the first time writes The Washington Post on Friday. The iPhone maker said its efforts, combined with those of other industry representatives and national governments to combat the rise of commercial spyware, had “significantly weakened” the perpetrators. “At the same time, unfortunately, other attackers have emerged in the commercial spyware industry,” the company said. “It…
Cybersecurity researchers have warned of ongoing phishing campaigns that abuse update entries in HTTP headers to deliver fake email login pages designed to harvest user credentials. “Unlike other methods of distributing phishing web pages through HTML content, these attacks use a response header sent by the server that occurs before the HTML content is processed,” Palo Alto Networks Division 42 researchers Yu Zhang, Zeyu Yu, and Wei Wang said. “Malicious links direct the browser to automatically refresh or immediately reload the web page without requiring user interaction.” Large corporations in South Korea, as well as government agencies and schools in…
September 14, 2024Ravi LakshmananEnterprise Security / Threat Intelligence Ivanti has revealed that a recently patched security flaw in the Cloud Service Appliance (CSA) is being actively exploited in the wild. The high severity vulnerability addressed is CVE-2024-8190 (CVSS Score: 7.2), which allows remote code execution under certain circumstances. “OS command injection vulnerability in Ivanti Cloud Services Appliance versions 4.6 Patch 518 and earlier allows an authenticated attacker to obtain remote code execution” — Ivanti noted in an advisory issued earlier this week. “An attacker must have administrator-level privileges to exploit this vulnerability.” The vulnerability affects Ivanti CSA 4.6, which has…
About Bruce SchneierI a public interest technologistwho work at the intersection of security, technology and people. I wrote about security issues on mine blog since 2004 and in my monthly newsletter since 1998. I am a staff member and faculty member at Harvard Kennedy Schoolmember of the board of EFFand head of the security architecture department at Inrupt, Inc. This personal site does not represent the views of any of these organizations. Source link
September 13, 2024Ravi LakshmananSoftware Security / Threat Intelligence Attackers are likely using publicly available proof-of-concept (PoC) exploits for recently discovered security flaws in Progress Software’s WhatsUp Gold to conduct opportunistic attacks. Activity is said to have started on August 30, 2024, just five hours after the PoC was released for CVE-2024-6670 (CVSS Score: 9.8) by security researcher Sina Heirkham of the challenge team, who is also credited with the discovery and reporting CVE-2024-6671 (CVSS scores: 9.8). Both critical vulnerabilities, which allow an unauthenticated attacker to obtain an encrypted user password, were patched up by Progress in mid-August 2024. “The chronology…
September 13, 2024Ravi LakshmananVirtual Reality / Vulnerability Details have emerged of a patched security flaw affecting Apple’s Vision Pro mixed reality headset that, if successfully exploited, could allow attackers to infer data entered on the device’s virtual keyboard. Attack, dubbing GAZEploitwas assigned the CVE ID CVE-2024-40865. “A New Attack That Can Infer Eye Biometrics from an Avatar Image to Recover Text Typed Using Gaze-Controlled Typing,” by a team of researchers at the University of Florida said. “The GAZEploit attack exploits a vulnerability inherent in gaze-controlled text input when users share a virtual avatar.” After a responsible disclosure, Apple fixed the…