Author: Admin
Roger Grimes on prioritizing cybersecurity advice This is a good point: Part of the problem is that we are constantly being given lists…lists of required controls…lists of things we are being asked to fix or improve…lists of new projects…lists of threats and so on that are not ranked by risk . For example, we are often given cybersecurity guidelines (such as PCI-DSS, HIPAA, SOX, NIST, etc.) with hundreds of recommendations. All of these are great guidelines to follow to reduce risk in your environment. They don’t tell you which of the recommended things will have the greatest impact on the…
October 31, 2024Ravi LakshmananCryptocurrency / Software Development LottieFiles discovered that its npm package ‘lottie-player’ had been compromised in a supply chain attack, prompting it to release an updated version of the library. “Oct 30 ~18:20 UTC – LottieFiles has been notified that our popular open source npm web player package @lottiefiles/lottie-player contains unauthorized new versions with malicious code,” the company said in a statement. said in a statement on X. “This does not affect our dotlottie player and/or SaaS service.” LottieFiles is an animation workflow platform that allows designers to create, edit, and share animations in a JSON-based animation file…
October 31, 2024Hacker newsIdentity Security / Browser Security In today’s browser-centric workplace, branding acts as the front line of defense for organizations. Often referred to as the “new perimeter,” identity stands between secure data management and potential breaches. However, a new report shows that businesses are often unaware of how their identities are being used across platforms. This leaves them vulnerable to data breaches, account hijacking and credential theft. “Corporate Identity Threat Report 2024” (download here) is based on exclusive data available only to the LayerX Browser Security platform. This data comes from LayerX’s unique visibility into every user’s browser…
October 31, 2024Ravi LakshmananWebsite Vulnerability / Security A serious security flaw has been discovered in the LiteSpeed Cache plugin for WordPress that could allow unauthenticated threat actors to elevate their privileges and perform malicious actions. The vulnerability, tracked as CVE-2024-50550 (CVSS score: 8.1), was fixed in version 6.5.2 of the plugin. “The plugin suffers from unauthenticated privilege escalation, which allows any unauthenticated visitor to gain administrator-level access, allowing malicious plugins to be downloaded and installed,” Patchstack security researcher Rafi Muhammad. said in the analysis. LiteSpeed Cache is a popular site acceleration plugin for WordPress that, as the name suggests, comes…
Simson Garfinkel on creepy cryptographic action at a distance Excellent to read. One example: Consider the case of basic public-key cryptography, in which a person’s public and private keys are created together in a single operation. These two keys are not related to quantum physics, but to mathematics. When I create a virtual machine server in the Amazon cloud, I am prompted for an RSA public key that will be used to control access to the machine. Typically, I generate a public and private key pair on my laptop and upload the public key to Amazon, which stores my public…
Cybersecurity researchers have discovered an ongoing malware campaign that abuses the Meta advertising platform and hijacks Facebook accounts to spread information, known as SYS01stealer. “The hackers behind the campaign are using trusted brands to expand their reach,” says Bitdefender Labs said in a report shared with The Hacker News. “The malware campaign leverages nearly a hundred malicious domains that are used not only for malware distribution but also for real-time command and control (C2) operations, allowing threat actors to direct the attack in real-time.” SYS01stealer was first documented Morphisec in early 2023, describing campaigns targeting business Facebook accounts using Google…
October 30, 2024Ravi LakshmananRansomware / Threat Intelligence North Korean threat actors have been implicated in a recent incident that deployed a prominent ransomware family called Play, highlighting their financial motives. Activity observed between May and September 2024 was attributed to an individual tracked as a threat Jumping Fishwhich is also known as Andariel, APT45, DarkSeoul, Nickel Hyatt, Onyx Sleet (formerly Plutonium), Operation Troy, Silent Chollima, and Stonefly. “We believe with moderate confidence that Jumpy Pisces or a faction of the group is now working with the Play ransomware group,” Division 42 Palo Alto Networks. said in a new report released…
Simpson Garfinkel on creepy cryptographic action at a distance Excellent to read. One example: Consider the case of basic public-key cryptography, in which a person’s public and private keys are created together in a single operation. These two keys are not related to quantum physics, but to mathematics. When I create a virtual machine server in the Amazon cloud, I am prompted for an RSA public key that will be used to control access to the machine. Typically, I generate a public and private key pair on my laptop and upload the public key to Amazon, which stores my public…
October 30, 2024Ravi Lakshmanan Browser Security / Vulnerability A now-fixed security flaw in the Opera web browser could have allowed a malicious extension to gain unauthorized full access to private APIs. A code-named attack CrossBarkingcould enable actions such as capturing screenshots, changing browser settings and account theft, Guardio Labs said. To demonstrate the problem, the company said it managed to publish a seemingly harmless browser extension to the Chrome Web Store, which could then exploit the flaw when installed in Opera, making it an example of a cross-browser attack on the store. “This case study not only highlights the perennial…
October 30, 2024Hacker newsVulnerability / Compliance Navigating complex compliance frameworks like ISO 27001, SOC 2 or GDPR can be difficult. luckily The intruder simplifies the process by helping you address the key vulnerability management criteria these frameworks require, making your compliance much smoother. Read on to understand how to meet each framework’s requirements to keep customer data secure. How Intruder supports your compliance goals Intruder’s continuous vulnerability scanning and automated reporting help you meet the security requirements of various frameworks, including SOC 2, ISO 27001, HIPAA, Cyber Essentials and GDPR. Here are three main ways to support Intruder: 1. Easy…