Business Security Proper disclosure of a cyber-incident can help shield your business from further financial and reputational damage, and cyber-insurers can step in to help Tony Anscombe 18 Sep 2024 • , 4 min. read ‘Seek legal advice’, this has to be my top recommendation if you have suffered a cyber-incident that could be deemed
Month: September 2024
Sep 19, 2024Ravie LakshmananEnterprise Security / DevOps GitLab has released patches to address a critical flaw impacting Community Edition (CE) and Enterprise Edition (EE) that could result in an authentication bypass. The vulnerability is rooted in the ruby-saml library (CVE-2024-45409, CVSS score: 10.0), which could allow an attacker to log in as an arbitrary user
AT&T has agreed to pay $13m to the US telco regulator to settle a long-running investigation into whether it failed to protect customer data stored in the cloud. The Federal Communications Commission (FCC) explained that the incident stemmed from a supply chain breach in January 2023 when threat actors exfiltrated AT&T customer data from a
Digital Security Artificial intelligence is just a spoke in the wheel of security – an important spoke but, alas, only one Cameron Camp 16 Sep 2024 • , 3 min. read That was fast. While the RSA Conference was oozing AI (with or without merit) from every orifice, the luster faded quickly. With a recent
Sep 18, 2024Ravie LakshmananBrowser Security / Privacy Google has announced that it’s rolling out a new set of features to its Chrome browser that gives users more control over their data when surfing the internet and protects against online threats. “With the newest version of Chrome, you can take advantage of our upgraded Safety Check,
Ransomware attacks are surging in the UK, with threat actors possibly encouraged by the propensity of victim organizations to pay up, according to a new study from Cohesity. The security vendor polled over 3100 IT and security decision-makers in eight countries and multiple sectors to compile its Global cyber resilience report 2024. It revealed that,
Sep 17, 2024Ravie LakshmananCryptocurrency / Malware Cryptocurrency exchange Binance is warning of an “ongoing” global threat that’s targeting cryptocurrency users with clipper malware with the goal of facilitating financial fraud. Clipper malware, also called ClipBankers, is a type of malware that Microsoft calls cryware, which comes with capabilities to monitor a victim’s clipboard activity and
Socia media giant Meta is resuming its controversial plans to use Facebook and Instagram user posts to train generative AI (GenAI). The practice is effectively banned in the EU at present after the Irish Data Protection Commission (DPC) requested the firm pause its project, in a move Meta branded as “a step backwards for European
Sep 16, 2024Ravie LakshmananSpyware / Threat Intelligence Apple has filed a motion to “voluntarily” dismiss its lawsuit against commercial spyware vendor NSO Group, citing a shifting risk landscape that could lead to exposure of critical “threat intelligence” information. The development was first reported by The Washington Post on Friday. The iPhone maker said its efforts,
A case involving a medical record hack affecting hundreds of patients and employees at a Pennsylvania healthcare company has been settled for a record-breaking $65m. Filed in March 2023, the case involved nearly 135,000 patients and employees of Lehigh Valley Health Network (LVHN), an independent healthcare network based in Pennsylvania. The plaintiffs, represented by class-action
Sep 13, 2024Ravie LakshmananVirtual Reality / Vulnerability Details have emerged about a now-patched security flaw impacting Apple’s Vision Pro mixed reality headset that, if successfully exploited, could allow malicious attackers to infer data entered on the device’s virtual keyboard. The attack, dubbed GAZEploit, has been assigned the CVE identifier CVE-2024-40865. “A novel attack that can
Read more about disinformation campaigns targeting the US Presidential Elections Malicious actors are spreading false claims that US voter registration databases have been breached, according to a new alert issued by the FBI and the Cybersecurity and Infrastructure Security Agency (CISA). The agencies said the claims are designed to manipulate public opinion and undermine confidence
Video, Ransomware ESET research also finds that CosmicBeetle attempts to exploit the notoriety of the LockBit ransomware gang to advance its own ends 13 Sep 2024 This week, ESET researchers published a deep dive into the recent activities of the CosmicBeetle cybercrime group. Among other notable things, CosmicBeetle was found to abuse the infamy of
Sep 14, 2024Ravie LakshmananEnterprise Security / Threat Intelligence Ivanti has revealed that a newly patched security flaw in its Cloud Service Appliance (CSA) has come under active exploitation in the wild. The high-severity vulnerability in question is CVE-2024-8190 (CVSS score: 7.2), which allows remote code execution under certain circumstances. “An OS command injection vulnerability in
Ireland’s data protection authorities have launched a probe into Google’s AI model, and whether it complies with GDPR. The Irish Data Protection Commission (DPC), An Coimisiún um Chosaint Sonraí, is the EU’s lead privacy regulator for Google. The DPC has opened a cross-border statutory inquiry into Google Ireland, under Section 110 of the Data Protection
Scams Learn about the main tactics used by scammers impersonating Best Buy’s tech support arm and how to avoid falling for their tricks Phil Muncaster 11 Sep 2024 • , 5 min. read For three decades, Geek Squad has been a trusted name in tech for anyone needing IT support. The Best Buy subsidiary dispenses
Sep 13, 2024Ravie LakshmananEnterprise Security / Vulnerability Cybersecurity researchers have uncovered a new malware campaign targeting Linux environments to conduct illicit cryptocurrency mining. The activity, which specifically singles out the Oracle Weblogic server, is designed to deliver malware dubbed Hadooken, according to cloud security firm Aqua. “When Hadooken is executed, it drops a Tsunami malware
Nearly all (95%) version upgrades of open source software contain at least one breaking change that causes other components to fail, with patches having a 75% chance of causing a break, according to Endor Labs. The security vendor revealed the findings in its third annual Dependency Management Report, which is based on Endor Labs vulnerability
ESET researchers have mapped the recent activities of the CosmicBeetle threat actor, documenting its new ScRansom ransomware and highlighting connections to other well-established ransomware gangs. CosmicBeetle actively deploys ScRansom to SMBs in various parts of the world. While not being top notch, the threat actor is able to compromise interesting targets. CosmicBeetle replaced its previously
Sep 12, 2024Ravie LakshmananWeb Security / Content Management WordPress.org has announced a new account security measure that will require accounts with capabilities to update plugins and themes to activate two-factor authentication (2FA) mandatorily. The enforcement is expected to come into effect starting October 1, 2024. “Accounts with commit access can push updates and changes to
Microsoft heaped more work onto sysadmins this week after fixing four zero-day vulnerabilities being actively exploited in the wild. First on the list is CVE-2024-43491 – a CVSS 9.8 remote code execution (RCE) bug in Microsoft Windows Update which requires no privileges or user interaction, and of low attack complexity. “This vulnerability emerged due to a
Sep 11, 2024Ravie LakshmananWindows Security / Vulnerability Microsoft on Tuesday disclosed that three new security flaws impacting the Windows platform have come under active exploitation as part of its Patch Tuesday update for September 2024. The monthly security release addresses a total of 79 vulnerabilities, of which seven are rated Critical, 71 are rated Important,
SonicWall customers have been urged to patch a critical vulnerability in their firewalls after security researchers warned it is being actively exploited in ransomware attacks. The CVSS 9.3-rated vulnerability (CVE-2024-40766) was originally published on August 22 by the security vendor, before an update on September 6 claimed it was being actively exploited. “An improper access
Sep 09, 2024Ravie LakshmananVulnerability / Hardware Security A novel side-channel attack has been found to leverage radio signals emanated by a device’s random access memory (RAM) as a data exfiltration mechanism, posing a threat to air-gapped networks. The technique has been codenamed RAMBO by Dr. Mordechai Guri, the head of the Offensive Cyber Research Lab
London’s transport authority has confirmed that several services are temporarily suspended, as it scrambles to respond to a cyber-attack that occurred a week ago. Transport for London (TfL) first revealed news of the incident on the evening of September 2 but played down its impact on transport services in the capital. However, an update on
Sep 09, 2024Ravie LakshmananCyber Attack / Threat Intelligence A previously undocumented threat actor with likely ties to Chinese-speaking groups has predominantly singled out drone manufacturers in Taiwan as part of a cyber attack campaign that commenced in 2024. Trend Micro is tracking the adversary under the moniker TIDRONE, stating the activity is espionage-driven given the
The US, UK and seven other governments have accused the Russian military of launching cyber-attacks targeting critical infrastructure for espionage and sabotage purposes. The joint advisory, published on September 5, highlighted the cyber activities of Unit 29155, which the agencies assess to be affiliated with the Main Directorate of the General Staff of the Armed
Video The schemes disproportionately victimize senior citizens, as those aged 60 or over were more than three times as likely as younger adults to fall prey to the scams 06 Sep 2024 Consumers in the United States lost more than $114 million to scams involving Bitcoin ATMs (BTMs) last year, with the figure soaring ten-fold
Sep 07, 2024Ravie LakshmananCybercrime / Dark Web Two men have been indicted in the U.S. for their alleged involvement in managing a dark web marketplace called WWH Club that specializes in the sale of sensitive personal and financial information. Alex Khodyrev, a 35-year-old Kazakhstan national, and Pavel Kublitskii, a 37-year-old Russian national, have been charged
Read more about the international crackdown on spyware US Moves to Ban “Anti-Democratic” Spyware US Cracks Down on Spyware with Visa Restrictions Governments and Tech Giants Unite Against Commercial Spyware Global scrutiny on hack-for-hire services and spyware tools has heightened over the past few months, with many countries strengthening their legal response to human rights