Author: Admin
November 1, 2024Hacker newsSaaS Security / Identity Security Did you know that advanced threat actors can penetrate the identity systems of large organizations and extract sensitive data within days? This is a horrifying reality that is becoming more common and disturbing every day. These attackers exploit vulnerabilities in SaaS and cloud environments, using compromised credentials to move laterally across networks, causing widespread damage. Cybersecurity and IT professionals now face an uphill battle against these sophisticated threats. Traditional security measures are falling short, leaving organizations vulnerable to data breaches, financial losses and reputational damage. This webinar provides important information and actionable…
Track the world leaders with Strava Back in 2018, people noticed that you could find secret military bases using data published by the fitness app Strava. Soldiers and other military used them to track their runs, and you could look at public data and find places where there shouldn’t be people running. Six years later, the problem remains. World has informed what the same Strava data can be used to track the movements of world leaders. They don’t wear tracking devices, but many of their bodyguards do. tags: data privacy, tracking Posted on October 31, 2024 at 11:16 am •…
October 31, 2024Ravi LakshmananSpy software / Mobile security Cybersecurity researchers have discovered an improved version of Apple’s iOS spy software called LightSpy, which not only extends its functionality, but also contains destructive capabilities to prevent a jailbroken device from booting. “While the way iOS implants are delivered is very similar to the macOS version, the post-exploitation and privilege escalation steps are significantly different due to platform differences,” ThreatFabric. said in an analysis published this week. LightSpy, first documented in 2020 as targeting users in Hong Kong, is modular implant which uses a plugin-based architecture to increase its capabilities and allow…
Roger Grimes on prioritizing cybersecurity advice This is a good point: Part of the problem is that we are constantly being given lists…lists of required controls…lists of things we are being asked to fix or improve…lists of new projects…lists of threats and so on that are not ranked by risk . For example, we are often given cybersecurity guidelines (such as PCI-DSS, HIPAA, SOX, NIST, etc.) with hundreds of recommendations. All of these are great guidelines to follow to reduce risk in your environment. They don’t tell you which of the recommended things will have the greatest impact on the…
October 31, 2024Ravi LakshmananCryptocurrency / Software Development LottieFiles discovered that its npm package ‘lottie-player’ had been compromised in a supply chain attack, prompting it to release an updated version of the library. “Oct 30 ~18:20 UTC – LottieFiles has been notified that our popular open source npm web player package @lottiefiles/lottie-player contains unauthorized new versions with malicious code,” the company said in a statement. said in a statement on X. “This does not affect our dotlottie player and/or SaaS service.” LottieFiles is an animation workflow platform that allows designers to create, edit, and share animations in a JSON-based animation file…
October 31, 2024Hacker newsIdentity Security / Browser Security In today’s browser-centric workplace, branding acts as the front line of defense for organizations. Often referred to as the “new perimeter,” identity stands between secure data management and potential breaches. However, a new report shows that businesses are often unaware of how their identities are being used across platforms. This leaves them vulnerable to data breaches, account hijacking and credential theft. “Corporate Identity Threat Report 2024” (download here) is based on exclusive data available only to the LayerX Browser Security platform. This data comes from LayerX’s unique visibility into every user’s browser…
October 31, 2024Ravi LakshmananWebsite Vulnerability / Security A serious security flaw has been discovered in the LiteSpeed Cache plugin for WordPress that could allow unauthenticated threat actors to elevate their privileges and perform malicious actions. The vulnerability, tracked as CVE-2024-50550 (CVSS score: 8.1), was fixed in version 6.5.2 of the plugin. “The plugin suffers from unauthenticated privilege escalation, which allows any unauthenticated visitor to gain administrator-level access, allowing malicious plugins to be downloaded and installed,” Patchstack security researcher Rafi Muhammad. said in the analysis. LiteSpeed Cache is a popular site acceleration plugin for WordPress that, as the name suggests, comes…
Simson Garfinkel on creepy cryptographic action at a distance Excellent to read. One example: Consider the case of basic public-key cryptography, in which a person’s public and private keys are created together in a single operation. These two keys are not related to quantum physics, but to mathematics. When I create a virtual machine server in the Amazon cloud, I am prompted for an RSA public key that will be used to control access to the machine. Typically, I generate a public and private key pair on my laptop and upload the public key to Amazon, which stores my public…
Cybersecurity researchers have discovered an ongoing malware campaign that abuses the Meta advertising platform and hijacks Facebook accounts to spread information, known as SYS01stealer. “The hackers behind the campaign are using trusted brands to expand their reach,” says Bitdefender Labs said in a report shared with The Hacker News. “The malware campaign leverages nearly a hundred malicious domains that are used not only for malware distribution but also for real-time command and control (C2) operations, allowing threat actors to direct the attack in real-time.” SYS01stealer was first documented Morphisec in early 2023, describing campaigns targeting business Facebook accounts using Google…
October 30, 2024Ravi LakshmananRansomware / Threat Intelligence North Korean threat actors have been implicated in a recent incident that deployed a prominent ransomware family called Play, highlighting their financial motives. Activity observed between May and September 2024 was attributed to an individual tracked as a threat Jumping Fishwhich is also known as Andariel, APT45, DarkSeoul, Nickel Hyatt, Onyx Sleet (formerly Plutonium), Operation Troy, Silent Chollima, and Stonefly. “We believe with moderate confidence that Jumpy Pisces or a faction of the group is now working with the Play ransomware group,” Division 42 Palo Alto Networks. said in a new report released…