Author: Admin
September 25, 2024Ravi LakshmananSecure Coding / Mobile Security Google found that switching to memory-safe languages like Rust as part of its development security approach saw the percentage of vulnerabilities discovered in Android drop from 76% to 24% over six years. . The tech giant said, focusing on Secure coding for new features not only reduces the overall security risk of the codebase, but also makes switching more “scalable and cost-effective.” This ultimately leads to a reduction in memory security vulnerabilities as the development of new unsafe memory slows down after a period of time and new memory security development takes…
September 25, 2024Ravi LakshmananPenetration Testing / Cyber Threats Cyber security researchers have noted the discovery of a new post-exploitation red team tool called Shard in the wild. Palo Alto Networks Unit 42 shared its findings after discovering the program on several customers’ systems. “It has a standard set of features commonly found in penetration testing tools, and its developer built it using the Rust programming language.” — Dominik Reichel of Unit 42 said. “While Splinter is not as sophisticated as other well-known post-exploitation tools such as Cobalt Strike, it still poses a potential threat to organizations if misused.” Penetration testing…
September 25, 2024Ravi LakshmananData Protection / Online Tracking Vienna-based non-profit organization Noyb (short for None Of Your Business) filed a complaint with the Austrian data protection authority (DPA) against Firefox maker Mozilla for enabling a new feature called Privacy Preserving Attribution (PPA) without explicitly requiring users to consent. “Contrary to its reassuring name, this technology allows Firefox to track user behavior on websites,” noib. said. “Essentially, the browser now controls tracking, not individual websites.” Knoib also accused Mozilla of allegedly leaving Google out of the playbook by “secretly” enabling the feature by default without informing users. PPA that is is…
Phishing attacks are becoming more advanced and harder to detect, but there are still telltale signs that can help you spot them before it’s too late. See these key indicators that security experts use to identify phishing links:1. Check for suspicious URLs Phishing URLs are often long, confusing, or filled with random characters. Attackers use them to disguise the real destination of a link and mislead users. The first step in protecting yourself is to check the URL carefully. Always make sure it starts with “HTTPS” as the “s” stands for a secure connection using an SSL certificate. However, keep…
September 25, 2024Ravi LakshmananArtificial Intelligence / Vulnerability A fixed security vulnerability in the OpenAI ChatGPT app for macOS could have made it possible for attackers to install long-lived spyware in the memory of an artificial intelligence (AI) tool. Methodology, duplicate SpAIwarecan be abused to facilitate “continuous hijacking of any information entered by the user or responses received by ChatGPT, including any future chat sessions,” security researcher Johan Rehberger said. The problem, at its core, is abusing the named feature memorywhich OpenAI introduced earlier this February before rolling it out to ChatGPT Free, Plus, Team, and Enterprise users earlier this month.…
September 25, 2024Ravi LakshmananEmail Security / Threat Intelligence Transportation and logistics companies in North America are being targeted by a new phishing campaign that delivers a variety of information stealers and remote access trojans (RATs). The cluster of activity, according to Proofpoint, uses compromised legitimate email accounts belonging to trucking and transportation companies to inject malicious content into existing email conversations. 15 compromised email accounts used in the campaign were identified. It is currently unclear how these accounts were hacked in the first place or who is behind the attacks. “Activities occurring between May and July 2024 primarily featured Lumma…
September 25, 2024Ravi LakshmananVulnerability / Cyber attack The US Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added critical security flaw affecting known vulnerabilities in Ivanti Virtual Traffic Manager (vTM) (KEV) catalog based on evidence of active operation. The vulnerability in question CVE-2024-7593 (CVSS score: 9.8), which could be used by a remote, unauthenticated attacker to bypass admin panel authentication and create fake admin users. “Ivanti Virtual Traffic Manager contains an authentication bypass vulnerability that could allow a remote, unauthenticated attacker to create a chosen administrator account,” CISA said. The issue was fixed by Ivanti in vTM 22.2R1, 22.3R3, 22.5R2,…
September 24, 2024Ravi LakshmananMobile Security / Malware Altered versions of legitimate Android apps related to Spotify, WhatsApp and Minecraft were used to deliver a new version of a popular malware downloader called Necro. Kaspersky said some of the malware was also found in the Google Play Store. They have been downloaded 11 million times. They include – Wuta Camera – Nice Shot Always (com.benqu.wuta) – Over 10 million downloads Max Browser-Private & Security (com.max.browser) – 1+ million downloads At the time of writing, Max Browser is no longer available for download from the Play Store. Wuta Camera, on the other…
SaaS applications contain a lot of sensitive data and are central to business operations. Despite this, too many organizations rely on half measures and hope that their SaaS suite will remain secure. Unfortunately, this approach is lacking, and security teams will be blind to threat prevention and detection, and open to regulatory breaches, data breaches, and significant breaches. If you understand the importance of SaaS security and need help explaining it internally to motivate your team, this article is for you—and covers: Why SaaS data should be protected Real examples of attacks on SaaS programs The attack surface of SaaS…
September 24, 2024Ravi LakshmananNational Security/Regulatory Compliance The US Department of Commerce (DoC) said it is proposing to ban the import or sale of connected vehicles that incorporate software and hardware made by foreign adversaries, particularly the People’s Republic of China (PRC) and Russia. “The proposed rule focuses on hardware and software integrated into the vehicle connectivity system (VCS) and software integrated into the automated control system (ADS),” according to the Bureau of Industry and Security (BIS). said in a press statement. “These are critical systems that enable external connectivity and autonomous driving capabilities in connected vehicles through dedicated hardware and…