News

  • Privacy watchdog recommends court approval for FBI searches of spy data
    on September 28, 2023 in Privacy, Privacy and Civil Liberties Oversight Board (PCLOB), Section 702

    The recommendations from the executive branch's privacy watchdog to reform Section 702 puts the panel at odds with the White House. The post Privacy watchdog recommends court approval for FBI searches of spy data appeared first on CyberScoop.

  • The Dark Side of Browser Isolation – and the Next Generation Browser Security Technologies
    on September 28, 2023

    The landscape of browser security has undergone significant changes over the past decade. While Browser Isolation was once considered the gold standard for protecting against browser exploits and malware downloads, it has become increasingly inadequate and insecure in today's SaaS-centric world. The limitations of Browser Isolation, such as degraded browser performance and inability to tackle

  • China-Linked Budworm Targeting Middle Eastern Telco and Asian Government Agencies
    on September 28, 2023

    Government and telecom entities have been subjected to a new wave of attacks by a China-linked threat actor tracked as Budworm using an updated malware toolset. The intrusions, targeting a Middle Eastern telecommunications organization and an Asian government, took place in August 2023, with the adversary deploying an improved version of its SysUpdate toolkit, the Symantec Threat Hunter Team,

  • New working group to probe AI risks and applications
    on September 28, 2023 in Cybersecurity, AI, R Street Institute

    The free-market think tank R Street Institute is convening members of industry and government to explore AI's cybersecurity applications. The post New working group to probe AI risks and applications appeared first on CyberScoop.

  • Update Chrome Now: Google Releases Patch for Actively Exploited Zero-Day Vulnerability
    on September 28, 2023

    Google on Wednesday rolled out fixes to address a new actively exploited zero-day in the Chrome browser. Tracked as CVE-2023-5217, the high-severity vulnerability has been described as a heap-based buffer overflow in the VP8 compression format in libvpx, a free software video codec library from Google and the Alliance for Open Media (AOMedia). Exploitation of such buffer overflow flaws can

  • Millions of files with potentially sensitive information exposed online, researchers say
    on September 27, 2023 in Cybercrime, Censys, data leak, open directories

    A survey by Censys found 314,000 distinct internet-connected devices and web servers with open directory listings. The post Millions of files with potentially sensitive information exposed online, researchers say appeared first on CyberScoop.

  • Creating an impactful culture in remote work environment
    on September 27, 2023

    Jim Barkdoll, CEO at Axiomatics, discusses what initiatives or strategies organizations can utilize to build or maintain an impactful culture in a remote work environment, and more.

  • Red Cross-Themed Phishing Attacks Distributing DangerAds and AtlasAgent Backdoors
    on September 27, 2023

    A new threat actor known as AtlasCross has been observed leveraging Red Cross-themed phishing lures to deliver two previously undocumented backdoors named DangerAds and AtlasAgent. NSFOCUS Security Labs described the adversary as having a "high technical level and cautious attack attitude," adding that "the phishing attack activity captured this time is part of the attacker's targeted strike on

  • 40% of U.S. security leaders cite malware as threat focus
    on September 27, 2023

    According to a report from CompTIA, cybersecurity leaders struggle with conflicting challenges and interests when it comes to prioritizing threats.

  • Researchers Uncover New GPU Side-Channel Vulnerability Leaking Sensitive Data
    on September 27, 2023

    A novel side-channel attack called GPU.zip renders virtually all modern graphics processing units (GPU) vulnerable to information leakage. "This channel exploits an optimization that is data dependent, software transparent, and present in nearly all modern GPUs: graphical data compression," a group of academics from the University of Texas at Austin, Carnegie Mellon University, University of

  • Retailers need to enhance cybersecurity before holiday shopping season
    on September 27, 2023

    Cybercrime increases during the holidays, and numerous studies show that threats like ransomware have jumped by as much as 30% in recent years.

  • CISA releases HBOM framework for supply chain risk management
    on September 27, 2023

    The CISA released the new Hardware Bill of Materials Framework for Supply Chain Risk Management product from the Information and Communications Technology Supply Chain Risk Management Task Force.

  • New Survey Uncovers How Companies Are Confronting Data Security Challenges Head-On
    on September 27, 2023

    Data security is in the headlines often, and it’s almost never for a positive reason. Major breaches, new ways to hack into an organization’s supposedly secure data, and other threats make the news because well, it’s scary — and expensive.  Data breaches, ransomware and malware attacks, and other cybercrime might be pricey to prevent, but they are even more costly when they occur, with the 

  • New ZenRAT Malware Targeting Windows Users via Fake Password Manager Software
    on September 27, 2023

    A new malware strain called ZenRAT has emerged in the wild that's distributed via bogus installation packages of the Bitwarden password manager. "The malware is specifically targeting Windows users and will redirect people using other hosts to a benign web page," enterprise security firm Proofpoint said in a technical report. "The malware is a modular remote access trojan (RAT) with information

  • Critical libwebp Vulnerability Under Active Exploitation - Gets Maximum CVSS Score
    on September 27, 2023

    Google has assigned a new CVE identifier for a critical security flaw in the libwebp image library for rendering images in the WebP format that has come under active exploitation in the wild. Tracked as CVE-2023-5129, the issue has been given the maximum severity score of 10.0 on the CVSS rating system. It has been described as an issue rooted in the Huffman coding algorithm - With a specially

  • CISA launches campaign to teach Americans to be safe online
    on September 26, 2023 in Government, Cybersecurity and Infrastructure Security Agency (CISA), Department of Homeland Security (DHS), Jen Easterly

    The program is starting with a new commercial that will encourage viewers to adopt basic cyber hygiene. The post CISA launches campaign to teach Americans to be safe online appeared first on CyberScoop.

  • Microsoft is Rolling out Support for Passkeys in Windows 11
    on September 26, 2023

    Microsoft is officially rolling out support for passkeys in Windows 11 today as part of a major update to the desktop operating system. The feature allows users to login to websites and applications without having to provide a username and password, instead relying on their device PIN or biometric information to complete the step. Based on FIDO standards, Passkeys were first announced in May

  • Russian hacking operations target Ukrainian law enforcement
    on September 26, 2023 in Geopolitics, GRU, Russia, Russian spies, Sandworm, SSSCIP, Ukraine

    Ukrainian officials say Russian hackers targeted counter-intelligence and law enforcement data during the first half of this year. The post Russian hacking operations target Ukrainian law enforcement appeared first on CyberScoop.

  • ShadowSyndicate: A New Cybercrime Group Linked to 7 Ransomware Families
    on September 26, 2023

    Cybersecurity experts have shed light on a new cybercrime group known as ShadowSyndicate (formerly Infra Storm) that may have leveraged as many as seven different ransomware families over the past year. "ShadowSyndicate is a threat actor that works with various ransomware groups and affiliates of ransomware programs," Group-IB and Bridewell said in a joint technical report. The actor, active

  • Report shows cybersecurity budgets increased 6% for 2022-2023 cycle
    on September 26, 2023

    A new report shows despite economic uncertainty and inflation, security budgets generally continued to rise but at a lower rate than prior years.

  • 85% of IT anticipate leaving their role due to burnout
    on September 26, 2023

    According to a report, a majority of IT security leaders say that stress has caused them and others to make errors that led to data breaches.

  • How a private company helps ICE track migrants’ every move
    on September 26, 2023 in Privacy, biometrics, Department of Homeland Security (DHS), immigration, privacy

    Immigration and Customs Enforcement's claims about how long surveillance data is retained conflicts with internal records. The post How a private company helps ICE track migrants’ every move appeared first on CyberScoop.

  • 40% of organizations have hybrid cloud environments
    on September 26, 2023

    According to a recent report, 75% of respondents are extremely or very concerned about cloud security and 40% have hybrid cloud environments.

  • 75% who didn't report cyber attack to leadership, felt guilty about it
    on September 26, 2023

    Research finds 40% of organizations have experienced a cybersecurity incident, yet 48% didn't disclose those incidents to the appropriate authorities.

  • 4 ways MDM solutions can help IT stay ahead of regulatory compliance
    on September 26, 2023

    While compliance can feel like a burden that stifles innovation, it can also serve as a roadmap to better security, improved governance and shared accountability.

  • Security leaders weigh in on latest MOVEit data breach
    on September 26, 2023

    A U.S. educational nonprofit has announced that nearly 900 schools using the organization’s services may have been affected by a recent data breach.

  • Essential Guide to Cybersecurity Compliance
    on September 26, 2023

    SOC 2, ISO, HIPAA, Cyber Essentials – all the security frameworks and certifications today are an acronym soup that can make even a compliance expert’s head spin. If you’re embarking on your compliance journey, read on to discover the differences between standards, which is best for your business, and how vulnerability management can aid compliance. What is cybersecurity compliance?

  • Xenomorph Banking Trojan: A New Variant Targeting 35+ U.S. Financial Institutions
    on September 26, 2023

    An updated version of an Android banking trojan called Xenomorph has set its sights on more than 35 financial institutions in the U.S. The campaign, according to Dutch security firm ThreatFabric, leverages phishing web pages that are designed to entice victims into installing malicious Android apps that target a broader list of apps than its predecessors. Some of the other targeted prominent

  • Threat Report: The High Tech Industry Targeted the Most with 46% of NLX-Tagged Attack Traffic
    on September 26, 2023

    How To Use This Report Enhance situational awareness of techniques used by threat actors Identify potential attacks targeting your industry Gain insights to help improve and accelerate your organization’s threat response Summary of Findings The Network Effect Threat Report offers insights based on unique data from Fastly’s Next-Gen WAF from Q2 2023 (April 1, 2023 to June 30, 2023). This report

  • Chinese Hackers TAG-74 Targets South Korean Organizations in a Multi-Year Campaign
    on September 26, 2023

    A "multi-year" Chinese state-sponsored cyber espionage campaign has been observed targeting South Korean academic, political, and government organizations. Recorded Future's Insikt Group, which is tracking the activity under the moniker TAG-74, said the adversary has been linked to "Chinese military intelligence and poses a significant threat to academic, aerospace and defense, government,

  • Critical JetBrains TeamCity Flaw Could Expose Source Code and Build Pipelines to Attackers
    on September 26, 2023

    A critical security vulnerability in the JetBrains TeamCity continuous integration and continuous deployment (CI/CD) software could be exploited by unauthenticated attackers to achieve remote code execution on affected systems. The flaw, tracked as CVE-2023-42793, carries a CVSS score of 9.8 and has been addressed in TeamCity version 2023.05.4 following responsible disclosure on September 6,

  • Report: 79% of organizations confident in ransomware defenses
    on September 25, 2023

    A recently released ransomware defense report analyzes how security leaders and practitioners view the threat of ransomware and their organizations’ cyber readiness.

  • How the Cult of the Dead Cow plans to save the internet
    on September 25, 2023 in Technology, Cult of the Dead Cow, Facebook, hackers, privacy, product development

    The "original hacking supergroup" is trying to design tools to rebuild the internet from the ground up. The post How the Cult of the Dead Cow plans to save the internet appeared first on CyberScoop.

  • Tim Roemer hired as Chief Security Officer at Global Market Innovators
    on September 25, 2023

    Tim Roemer has been hired as CSO at Global Market Innovators. Roemer previously served as the Director of the Arizona Department of Homeland Security.

  • Ukrainian Military Targeted in Phishing Campaign Leveraging Drone Manuals
    on September 25, 2023

    Ukrainian military entities are the target of a phishing campaign that leverages drone manuals as lures to deliver a Go-based open-source post-exploitation toolkit called Merlin. "Since drones or Unmanned Aerial Vehicles (UAVs) have been an integral tool used by the Ukrainian military, malware-laced lure files themed as UAVs service manuals have begun to surface," Securonix researchers Den

  • The transformative impact of cryptocurrency on digital fraud investigations
    on September 25, 2023

    Cryptocurrency's rise has reshaped the landscape of digital fraud investigations, presenting new challenges and opportunities for enterprise security leaders.

  • Webinar — AI vs. AI: Harnessing AI Defenses Against AI-Powered Risks
    on September 25, 2023

    Generative AI is a double-edged sword, if there ever was one. There is broad agreement that tools like ChatGPT are unleashing waves of productivity across the business, from IT, to customer experience, to engineering. That's on the one hand.  On the other end of this fencing match: risk. From IP leakage and data privacy risks to the empowering of cybercriminals with AI tools, generative AI

  • Are You Willing to Pay the High Cost of Compromised Credentials?
    on September 25, 2023

    Weak password policies leave organizations vulnerable to attacks. But are the standard password complexity requirements enough to secure them? 83% of compromised passwords would satisfy the password complexity and length requirements of compliance standards. That’s because bad actors already have access to billions of stolen credentials that can be used to compromise additional accounts by

  • From Watering Hole to Spyware: EvilBamboo Targets Tibetans, Uyghurs, and Taiwanese
    on September 25, 2023

    Tibetan, Uyghur, and Taiwanese individuals and organizations are the targets of a persistent campaign orchestrated by a threat actor codenamed EvilBamboo to gather sensitive information. "The attacker has created fake Tibetan websites, along with social media profiles, likely used to deploy browser-based exploits against targeted users," Volexity security researchers Callum Roxan, Paul

  • New Report Uncovers 3 Distinct Clusters of China-Nexus Attacks on Southeast Asian Government
    on September 25, 2023

    An unnamed Southeast Asian government has been targeted by multiple China-nexus threat actors as part of espionage campaigns targeting the region over extended periods of time. "While this activity occurred around the same time and in some instances even simultaneously on the same victims' machines, each cluster is characterized by distinct tools, modus operandi, and infrastructure," Palo Alto