News

  • After LockBit takedown, police try to sow doubt in cybercrime community
    on February 23, 2024 in Cybercrime, Federal Bureau of Investigation (FBI), LockBit, National Crime Agency, ransomware

    After taking down the world's most prolific ransomware group, a police messaging campaign is trying to undermine its leaders. The post After LockBit takedown, police try to sow doubt in cybercrime community appeared first on CyberScoop.

  • 81% of security leaders predict SEC rules will impact their businesses
    on February 23, 2024

    Organizations have been working to adjust to the new SEC expectations with mixed results. 

  • Dormant PyPI Package Compromised to Spread Nova Sentinel Malware
    on February 23, 2024

    A dormant package available on the Python Package Index (PyPI) repository was updated nearly after two years to propagate an information stealer malware called Nova Sentinel. The package, named django-log-tracker, was first published to PyPI in April 2022, according to software supply chain security firm Phylum, which detected an anomalous update to the library on February 21,

  • Utilities trade association releases baseline cyber standards for distributed renewable energy
    on February 23, 2024 in Government, critical infrastructure, Cybersecurity and Infrastructure Security Agency (CISA), Department of Energy (DOE), Department of Homeland Security (DHS), distributed energy resources, energy

    The DOE-funded initiative provides voluntary guidance to electric distribution systems and distributed energy resources companies. The post Utilities trade association releases baseline cyber standards for distributed renewable energy appeared first on CyberScoop.

  • Five reasons a building needs a peer-to-peer based IP intercom system
    on February 23, 2024

    Intercom systems can provide a facility with a significant amount of security and control, enabling users to communicate with other individuals.

  • Navigating the complexities of security staffing
    on February 23, 2024

    With the rise of retail crime and workplace violence in industries like healthcare, the need for good security personnel is greater than ever.

  • The role of access control systems in school safety
    on February 23, 2024

    Access control systems and video surveillance have always played a significant role in campus security. Now, that technology is changing, too.

  • 54% of Americans would disclose their email account for a discount
    on February 23, 2024

    A survey shows that many Americans would willingly impart identifiable data in exchange for a bargain. 

  • Microsoft Releases PyRIT - A Red Teaming Tool for Generative AI
    on February 23, 2024

    Microsoft has released an open access automation framework called PyRIT (short for Python Risk Identification Tool) to proactively identify risks in generative artificial intelligence (AI) systems. The red teaming tool is designed to "enable every organization across the globe to innovate responsibly with the latest artificial intelligence advances," Ram Shankar Siva Kumar, AI red team

  • How to Use Tines's SOC Automation Capability Matrix
    on February 23, 2024

    Created by John Tuckner and the team at workflow and automation platform Tines, the SOC Automation Capability Matrix (SOC ACM) is a set of techniques designed to help security operations teams understand their automation capabilities and respond more effectively to incidents.  A customizable, vendor-agnostic tool featuring lists of automation opportunities, it's been shared

  • Researchers Detail Apple's Recent Zero-Click Shortcuts Vulnerability
    on February 23, 2024

    Details have emerged about a now-patched high-severity security flaw in Apple's Shortcuts app that could permit a shortcut to access sensitive information on the device without users' consent. The vulnerability, tracked as CVE-2024-23204 (CVSS score: 7.5), was addressed by Apple on January 22, 2024, with the release of iOS 17.3, iPadOS 17.3, macOS Sonoma 14.3, and 

  • FTC Slams Avast with $16.5 Million Fine for Selling Users' Browsing Data
    on February 23, 2024

    The U.S. Federal Trade Commission (FTC) has hit antivirus vendor Avast with a $16.5 million fine over charges that the firm sold users' browsing data to advertisers after claiming its products would block online tracking. In addition, the company has been banned from selling or licensing any web browsing data for advertising purposes. It will also have to notify users whose browsing data was

  • Georgia election officials withheld evidence in voting machine breach, group alleges
    on February 22, 2024 in Cybersecurity, Government, election, election interference, election systems, Trump, voting machines, voting systems

    A filing accuses county election officials of withholding records related to unauthorized copying of voting software by Trump allies in 2021. The post Georgia election officials withheld evidence in voting machine breach, group alleges appeared first on CyberScoop.

  • Year-over-year, the median initial ransom has risen by 20%
    on February 22, 2024

    A recent report reveals an increase in initial ransom demand amounts. Furthermore, vulnerabilities detected in 2022 are continuing to be exploited. 

  • Apple Unveils PQ3 Protocol - Post-Quantum Encryption for iMessage
    on February 22, 2024

    Apple has announced a new post-quantum cryptographic protocol called PQ3 that it said will be integrated into iMessage to secure the messaging platform against future attacks arising from the threat of a practical quantum computer. "With compromise-resilient encryption and extensive defenses against even highly sophisticated quantum attacks, PQ3 is the first messaging protocol to reach

  • Report finds blocklists are still effective in mitigating attacks
    on February 22, 2024

    Web application attacks were analyzed in a recent report by Edgio. The report found that the most prevalent attack mitigated was path traversal. 

  • Safeguarding municipalities against rising cyber threats
    on February 22, 2024

    In an era marked by the escalating frequency of cyberattacks across industries, the public sector emerges as a particularly enticing target for cybercriminals due to its historical vulnerabilities. 

  • Trust in biometric data is declining among consumers
    on February 22, 2024

    Confidence in biometric technology and the security of organizations that store biometric data is declining, according to a new report. 

  • Cybercriminals Weaponizing Open-Source SSH-Snake Tool for Network Attacks
    on February 22, 2024

    A recently open-sourced network mapping tool called SSH-Snake has been repurposed by threat actors to conduct malicious activities. "SSH-Snake is a self-modifying worm that leverages SSH credentials discovered on a compromised system to start spreading itself throughout the network," Sysdig researcher Miguel Hernández said. "The worm automatically searches through known credential

  • A New Age of Hacktivism
    on February 22, 2024

    In the past 2 years, we have observed a significant surge in hacktivism activity due to ongoing wars and geopolitical conflicts in various regions. Since the war against Ukraine began, we have witnessed a notable mobilization of non-state and state-backed actors alike, forming new groups or joining existing hacker collectives.  We understand hacktivism as a form of computer hacking that is

  • Russian Government Software Backdoored to Deploy Konni RAT Malware
    on February 22, 2024

    An installer for a tool likely used by the Russian Consular Department of the Ministry of Foreign Affairs (MID) has been backdoored to deliver a remote access trojan called Konni RAT (aka UpDog). The findings come from German cybersecurity company DCSO, which linked the activity as originating from the Democratic People's Republic of Korea (DPRK)-nexus actors targeting Russia. The

  • U.S. Offers $15 Million Bounty to Hunt Down LockBit Ransomware Leaders
    on February 22, 2024

    The U.S. State Department has announced monetary rewards of up to $15 million for information that could lead to the identification of key leaders within the LockBit ransomware group and the arrest of any individual participating in the operation. "Since January 2020, LockBit actors have executed over 2,000 attacks against victims in the United States, and around the world, causing costly

  • Leaked documents show how firm supports Chinese hacking operations
    on February 21, 2024 in Geopolitics, APT41, Chengdu 404, China, hack and leak, I-SOON

    Documents that appear to belong to the offensive security firm I-SOON provide a rare window into the world of Beijing's hackers for hire. The post Leaked documents show how firm supports Chinese hacking operations appeared first on CyberScoop.

  • Microsoft rolls out expanded logging six months after Chinese breach
    on February 21, 2024 in Geopolitics, Government, China, Cybersecurity and Infrastructure Security Agency (CISA), hacking, Microsoft, office of management and budget, OMB, Ron Wyden

    The technology giant has come under heavy criticism for not making robust logging features available by default.  The post Microsoft rolls out expanded logging six months after Chinese breach appeared first on CyberScoop.

  • New Jersey construction company cited by OSHA
    on February 21, 2024

    The Occupational Safety and Health Administration (OSHA) cited a New Jersey contractor after exposing construction employees to fall hazards. 

  • New Wi-Fi Vulnerabilities Expose Android and Linux Devices to Hackers
    on February 21, 2024

    Cybersecurity researchers have identified two authentication bypass flaws in open-source Wi-Fi software found in Android, Linux, and ChromeOS devices that could trick users into joining a malicious clone of a legitimate network or allow an attacker to join a trusted network without a password. The vulnerabilities, tracked as CVE-2023-52160 and CVE-2023-52161, have been discovered following a

  • Security industry mourns the loss of John L. Sullivan
    on February 21, 2024

    Chief Security and Resiliency Officer, Vice President John L. Sullivan has passed away at the age of 58.

  • Diversifying the security workforce
    on February 21, 2024

    Larry Whiteside, Jr., CISO at RegScale and Co-Founder and President at Cyversity, discusses the importance of diversity within the security workforce and how critical mentorship is when it comes developing talent.

  • CVEs expected to increase 25% in 2024
    on February 21, 2024

    According to a recent cybersecurity report, the total number of common vulnerabilities and exposures (CVEs) is expected to increase by 25% in 2024.

  • Report: Average breakout time for intrusive activity is 62 minutes
    on February 21, 2024

    Cyberattackers are getting past defenses quicker than they were in previous years, leaving security leaders with a small window of time to respond. 

  • Apple rolls out quantum-resistant cryptography for iMessage
    on February 21, 2024 in Technology, Apple, encryption, iMessage, National Institute of Standards and Technology (NIST), NIST, quantum computing

    The tech giant hopes to make its messaging platform secure against highly capable quantum computers of the future.  The post Apple rolls out quantum-resistant cryptography for iMessage appeared first on CyberScoop.

  • Mustang Panda Targets Asia with Advanced PlugX Variant DOPLUGS
    on February 21, 2024

    The China-linked threat actor known as Mustang Panda has targeted various Asian countries using a variant of the PlugX (aka Korplug) backdoor dubbed DOPLUGS. "The piece of customized PlugX malware is dissimilar to the general type of the PlugX malware that contains a completed backdoor command module, and that the former is only used for downloading the latter," Trend Micro researchers Sunny Lu

  • 6 Ways to Simplify SaaS Identity Governance
    on February 21, 2024

    With SaaS applications now making up the vast majority of technology used by employees in most organizations, tasks related to identity governance need to happen across a myriad of individual SaaS apps. This presents a huge challenge for centralized IT teams who are ultimately held responsible for managing and securing app access, but can’t possibly become experts in the nuances of the native

  • New 'VietCredCare' Stealer Targeting Facebook Advertisers in Vietnam
    on February 21, 2024

    Facebook advertisers in Vietnam are the target of a previously unknown information stealer dubbed VietCredCare at least since August 2022. The malware is “notable for its ability to automatically filter out Facebook session cookies and credentials stolen from compromised devices, and assess whether these accounts manage business profiles and if they maintain a positive Meta ad credit

  • Biden signs executive order to give Coast Guard added authority over maritime cyber threats
    on February 21, 2024 in Government, Policy, China, critical infrastructure, U.S. Coast Guard, Executive order, Department of Homeland Security (DHS), Maritime industry, Maritime

    National security officials have been sounding the alarm over a China-linked hacking group that’s been targeting critical infrastructure. The post Biden signs executive order to give Coast Guard added authority over maritime cyber threats appeared first on CyberScoop.

  • Cybersecurity for Healthcare—Diagnosing the Threat Landscape and Prescribing Solutions for Recovery
    on February 21, 2024

    On Thanksgiving Day 2023, while many Americans were celebrating, hospitals across the U.S. were doing quite the opposite. Systems were failing. Ambulances were diverted. Care was impaired. Hospitals in three states were hit by a ransomware attack, and in that moment, the real-world repercussions came to light—it wasn’t just computer networks that were brought to a halt, but actual patient

  • Signal Introduces Usernames, Allowing Users to Keep Their Phone Numbers Private
    on February 21, 2024

    End-to-end encrypted (E2EE) messaging app Signal said it’s piloting a new feature that allows users to create unique usernames (not to be confused with profile names) and keep the phone numbers away from prying eyes. “If you use Signal, your phone number will no longer be visible to everyone you chat with by default,” Signal’s Randall Sarafa said. “People who have your number saved in their

  • Russian Hackers Target Ukraine with Disinformation and Credential-Harvesting Attacks
    on February 21, 2024

    Cybersecurity researchers have unearthed a new influence operation targeting Ukraine that leverages spam emails to propagate war-related disinformation. The activity has been linked to Russia-aligned threat actors by Slovak cybersecurity company ESET, which also identified a spear-phishing campaign aimed at a Ukrainian defense company in October 2023 and a European Union agency in November 2023

  • VMware Alert: Uninstall EAP Now - Critical Flaw Puts Active Directory at Risk
    on February 21, 2024

    VMware is urging users to uninstall the deprecated Enhanced Authentication Plugin (EAP) following the discovery of a critical security flaw. Tracked as CVE-2024-22245 (CVSS score: 9.6), the vulnerability has been described as an arbitrary authentication relay bug. "A malicious actor could trick a target domain user with EAP installed in their web browser into requesting and relaying

  • Rob Joyce leaving NSA at the end of March
    on February 20, 2024 in Cybersecurity, Government, Cyber Command, Cybersecurity Directorate, National Security Agency (NSA)

    The spy agency’s cyber director will be replaced by David Luber, deputy director of the Cybersecurity Directorate and former executive director of U.S. Cyber Command. The post Rob Joyce leaving NSA at the end of March appeared first on CyberScoop.