Monday, September 25, 2023

Ars Technica

3 iOS 0-days, a cellular network compromise, and HTTP used to infect an iPhone

Enlarge (credit: Getty Images) Apple has patched a potent chain of iOS zero-days that were used to infect the iPhone of an Egyptian presidential candidate with sophisticated spyware developed by a commercial exploit seller, Google and researchers from Citizen Lab...

Incomplete disclosures by Apple and Google create “huge blindspot” for 0-day hunters

Enlarge (credit: Getty Images) Incomplete information included in recent disclosures by Apple and Google reporting critical zero-day vulnerabilities under active exploitation in their products has created a “huge blindspot” that’s causing a large number of offerings from other developers to...

AI-generated books force Amazon to cap ebook publications to 3 per day

Enlarge (credit: Getty Images) On Monday, Amazon introduced a new policy that limits Kindle authors from self-publishing more than three books per day on its platform, reports The Guardian. The rule comes as Amazon works to curb abuses of its...

Computerworld

ServiceNow embeds AI-powered customer-assist features throughout products

Workflow management software provider ServiceNow has embedded a chatbot for assisting customers with most of its products.ServiceNow’s new Now Assist tool is an expansion to its AI-powered Now Platform, and is available in its Vancouver software release for IT Service Management (ITSM), Customer Service Management (CSM), HR Service Delivery (HRSD), and Creator workflow application.To read...

UK’s controversial online safety bill set to become law

Four years after it started life as a white paper, the UK government’s controversial Online Safety Bill has finally passed through Parliament and is set to become law in the coming weeks.The  bill aims to keep websites and different types of internet-based services free of illegal and harmful material...

Jamf: Generative AI is coming to an Apple IT admin near you

Imagine running fleets of iPhones that alert you when unexpected security-related incidents take place, or when otherwise legitimate service requests arrive from devices at an unexpected time or location. Imagine management and security software that not only identified these kinds of anomalies but gave you useful advice to help...

CSO

Dark Reading

Don’t Get Burned by CAPTCHAs: A Recipe for Accurate Bot Protection

Traditional CAPTCHAs, such as reCAPTCHA, no longer protect online businesses adequately. Real users hate them. Bots bypass them. It's time to upgrade.

Errata Security

C can be memory-safe

The idea of memory-safe languages is in the news lately. C/C++ is famous for being the world's system language (that runs most things) but also infamous for being unsafe. Many want to solve this by hard-forking the world's system code, either by changing C/C++ into something that's memory-safe, or rewriting everything...

I’m still bitter about Slammer

Today is the 20th anniversary of the Slammer worm. I'm still angry over it, so I thought I'd write up my anger. This post will be of interest to nobody, it's just me venting my bitterness and get off my lawn!!Back in the day, I wrote "BlackICE", an intrusion...

The RISC Deprogrammer

I should write up a larger technical document on this, but in the meanwhile is this short (-ish) blogpost. Everything you know about RISC is wrong. It's some weird nerd cult. Techies frequently mention RISC in conversation, with other techies nodding their head in agreement, but it's all wrong....

F-Secure

FireEye

Forbes

Cisco Disrupts Observability & Cybersecurity Markets with Splunk Acquisition

Cisco's acquisition of Splunk benefits Cisco's ongoing b shift towards more software and subscription-based services, but will cause churn in the market,

iOS 17: iPhone Users Report Worrying Privacy Settings Change After Update

Have you updated your iPhone to iOS 17? You should check your privacy settings as they could reveal an unwanted and surprising change.

New Critical Security Warning For iPhone, iPad, Watch, Mac—Attacks Underway

Citizen Lab alongside Google’s Threat Analysis Group, has uncovered a no-click zero-day exploit chain impacting iPhones, iPads, Apple Watch and Macs.

Google Security

Scaling Rust Adoption Through Training

Posted by Martin Geisler, Android team Android 14 is the third major Android release with Rust support. We are already seeing a number of benefits: Productivity: Developers quickly feel productive writing Rust. They report important indicators of development velocity, such as confidence in the code quality and ease of code review. Security:...

Capslock: What is your code really capable of?

Jess McClintock and John Dethridge, Google Open Source Security Team, and Damien Miller, Enterprise Infrastructure Protection TeamWhen you import a third party library, do you review every line of code? Most software packages depend on external libraries, trusting that those packages aren’t doing anything unexpected. If that trust is...

Android Goes All-in on Fuzzing

Posted by Jon Bottarini and Hamzeh Zawawy, Android Security Fuzzing is an effective technique for finding software vulnerabilities. Over the past few years Android has been focused on improving the effectiveness, scope, and convenience of fuzzing across the organization. This effort has directly resulted in improved test coverage, fewer security/stability...

Graham Cluley

Snatch ransomware – what you need to know

The FBI and US Cybersecurity and Infrastructure Security Agency (CISA) have issued a joint advisory warning organisations about a ransomware-as-a-service operation called "Snatch." Learn more about the threat in my article for the Tripwire State of Security blog.

Donald Trump Jr’s hacked Twitter account announces his father has died

Donald Trump Jr may not have just inherited his famous father's name. He may also have inherited his bad password security.

Smashing Security podcast #340: Heated seats, car privacy, and Graham’s porn video

Do you know what data your car is collecting about you? Do you think it’s right for a car manufacturer to collect a subscription to keep your bottom warm? And just why has YouPorn sent an email to Graham about his sex video? All this and much much more is...

IBM Security

Most organizations want security vendor consolidation

Cybersecurity is complicated, to say the least. Maintaining a strong security posture goes far beyond knowing about attack groups and their devious TTPs. Merely understanding, coordinating and unifying security tools can be challenging. We quickly passed through the “not if, but when” stage of cyberattacks. Now, it’s commonplace for companies...

How IBM secures the U.S. Open

More than 15 million tennis fans around the world visited the US Open app and website this year, checking scores, poring over statistics and watching highlights from hundreds of matches over the two weeks of the tournament. To help develop this world-class digital experience, IBM Consulting worked closely with...

How the FBI Fights Back Against Worldwide Cyberattacks

In the worldwide battle against malicious cyberattacks, there is no organization more central to the fight than the Federal Bureau of Investigation (FBI). And recent years have proven that the bureau still has some surprises up its sleeve. In early May, the U.S. Department of Justice announced the conclusion of...

Info Security Buzz

Almighty Mistakes: The Danger Of Accidental Insider Threats And How To Prevent Them

Insider threats may sound like an act of revenge – disgruntled employees, contractors or partners misusing their access privileges to cause harm to an organisation, most often resulting in the loss of data or access to crucial systems. But this preconceived notion is largely false – two out of...

China Threat Recap: A Deeper Insight

1. Accusation at the Heart of British Democracy Background on the Tory Parliamentary Expert A Tory parliamentary expert on China has been accused of spying for Beijing from a position at the very heart of the seat of British democracy has declared they are completely innocent. The unnamed male...

Security Breaches Are On The Rise, Here’s How Verified Identities Can Help

There are only three certainties in life. Death, taxes and cybercriminals attempting to steal information they can flip for money. Verizon’s annual Data Breach Investigation Report analyzed more than 23,000 security incidents that occurred in 2022 alone, demonstrating just how attempts at illicit information harvesting have proliferated. One of...

Infosec Island

Infosecurity Magazine

Almost US 900 Schools Breached Via MOVEit

National Student Clearinghouse reveals more details of incident

CISA and NFL Collaborate to Secure Super Bowl LVIII

Tabletop exercise assessed the cybersecurity response capabilities, plans and procedures for the event

Over 700 Dark Web Ads Offer DDoS Attacks Via IoT in 2023

Kaspersky said these services range from $20 per day to $10,000 a month

Krebs on Security

LastPass: ‘Horse Gone Barn Bolted’ is Strong Password

The password manager service LastPass is now forcing some of its users to pick longer master passwords. LastPass says the changes are needed to ensure all customers are protected by their latest security improvements. But critics say the move is little more than a public relations stunt that will...

Who’s Behind the 8Base Ransomware Website?

The victim shaming website operated by the cybercriminals behind 8Base — currently one of the more active ransomware groups — was until earlier today leaking quite a bit of information that the crime group probably did not intend to be made public. The leaked data suggests that at least...

FBI Hacker Dropped Stolen Airbus Data on 9/11

In December 2022, KrebsOnSecurity broke the news that a cybercriminal using the handle “USDoD” had infiltrated the FBI‘s vetted information sharing network InfraGard, and was selling the contact information for all 80,000 members. The FBI responded by reverifying all InfraGard members and by seizing the cybercrime forum where the...

Naked Security

PC Mag

The Best Parental Control Software for 2020

Parenting styles run the gamut and so do the features in parental control and monitoring utilities. We've tested the top hardware- and software-based services to help you choose the right one for your family.

The Best Free Antivirus Protection for 2020

Windows Defender is improving, but you still shouldn't rely on Windows 10's security tools as your sole means of protection. Many free third-party security apps are more effective at keeping you safe. We've tested 17 no-cost services to help you find the best free antivirus for protecting your PC....

Qustodio

Parental control app Qustodio is a highly configurable, easy-to-manage tool for keeping track of your child's activity on Windows, Mac, iOS, and Android devices, though it comes at a premium price.

SC Magazine

What the National Cyber Strategy Implementation Plan means for critical infrastructure

The Department of Transportation has led the way in leveling-up security for the energy and transportation industries – and more critical infrastructure sectors will follow.

New AI phishing tool FraudGPT tied to same group behind WormGPT

Much like WormGPT, Netenrich researchers said this new set of phishing tools has also focused on business emails compromises (BEC).

Hacktivism: is it fashionable again or just a sly cover?

Reports of individuals and groups hacking for political reasons are everywhere, but experts tell SC Media that "true" hacktivism may be dead as we redefine the term to include a broader range of motivations.

Schneier on Security

Friday Squid Blogging: New Squid Species

An ancient squid: New research on fossils has revealed that a vampire-like ancient squid haunted Earth’s oceans 165 million years ago. The study, published in June edition of the journal Papers in Palaeontology, says the creature had a bullet-shaped body with luminous organs, eight arms and sucker attachments. The discovery...

New Revelations from the Snowden Documents

Jake Appelbaum’s PhD thesis contains several new revelations from the classified NSA documents provided to journalists by Edward Snowden. Nothing major, but a few more tidbits. Kind of amazing that that all happened ten years ago. At this point, those documents are more historical than anything else. And it’s unclear who...

On the Cybersecurity Jobs Shortage

In April, Cybersecurity Ventures reported on extreme cybersecurity job shortage: Global cybersecurity job vacancies grew by 350 percent, from one million openings in 2013 to 3.5 million in 2021, according to Cybersecurity Ventures. The number of unfilled jobs leveled off in 2022, and remains at 3.5 million in 2023, with...

SecureMac

Checklist 344: iOS 17, Pegasus, and Sportsball!

iOS 17 enhances privacy with Lockdown Mode, anti-tracking, and secure passkeys. NSO's Pegasus spyware targets journalists. Microsoft warns of cybersecurity threats in live sports events. The post Checklist 344: iOS 17, Pegasus, and Sportsball! appeared first on SecureMac.

Checklist 343: Pegasus and Wonderlust

This week we discuss Apple resuming their efforts to battle pegasus, urgent security updates, and what went down at Apple's Wonderlust event. The post Checklist 343: Pegasus and Wonderlust appeared first on SecureMac.

Checklist 342: Cyberattacks, Moonshots, and HIPAA

In this week's Checklist podcast, we go over Blackberry's cybersecurity solutions, ARPA-H's healthcare systems cybersecurity initiative, and more. The post Checklist 342: Cyberattacks, Moonshots, and HIPAA appeared first on SecureMac.

Security Affairs

Security Affairs newsletter Round 438 by Pierluigi Paganini – International edition

A new round of the weekly SecurityAffairs newsletter arrived! Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Government of Bermuda blames Russian threat actors for the cyber attackCity of...

CISA adds Trend Micro Apex One and Worry-Free Business Security flaw to its Known Exploited Vulnerabilities catalog

US CISA added the flaw CVE-2023-41179 in Trend Micro Apex and other security products to its Known Exploited Vulnerabilities catalog. US Cybersecurity and Infrastructure Security Agency (CISA) added the high-severity flaw CVE-2023-41179 (CVSS score 7.2) affecting Trend Micro Apex One and Worry-Free Business Security to its Known Exploited Vulnerabilities Catalog. Trend Micro this week has released...

Space and defense tech maker Exail Technologies exposes database access

Exail Technologies, a high-tech manufacturer whose clients include the US Coast Guard, exposed sensitive company data that could’ve enabled attackers to access its databases. Exail, a French high-tech industrial group, left exposed a publicly accessible environment (.env) file with database credentials, the Cybernews research team has discovered. The company, formed in...

SecurityWeek

Researchers Discover Attempt to Infect Leading Egyptian Opposition Politician With Predator Spyware

Egyptian opposition politician Ahmed Altantawy was targeted with spyware after announcing a presidential bid, security researchers reported The post Researchers Discover Attempt to Infect Leading Egyptian Opposition Politician With Predator Spyware appeared first on SecurityWeek.

In Other News: New Analysis of Snowden Files, Yubico Goes Public, Election Hacking

Noteworthy stories that might have slipped under the radar: Snowden file analysis, Yubico starts trading, election hacking event. The post In Other News: New Analysis of Snowden Files, Yubico Goes Public, Election Hacking appeared first on SecurityWeek.

China’s Offensive Cyber Operations in Africa Support Soft Power Efforts

Chinese state-sponsored threat groups have targeted telecoms, financial and government organizations in Africa as part of soft power efforts. The post China’s Offensive Cyber Operations in Africa Support Soft Power Efforts appeared first on SecurityWeek.

TechRepublic

Point of Sale Security Guide and Checklist

For retail businesses, the POS system is arguably their most important IT system. This TechRepublic Premium guide, and the accompanying checklist, will help you successfully secure a POS system for your business enterprise. From the guide: ACCESS CONTROLS The first line of defense in any POS system is the...

Cisco to Acquire Splunk for $28 Billion, Accelerating AI-Enabled Security and Observability

On Thursday Cisco agreed to buy Splunk in a $28 billion deal intended to address AI-enabled security and observability issues.

7 Best Cloud Security Posture Management (CSPM) Software for 2023

What is the best CSPM tool for your business? Use our guide to review our picks for the best cloud security posture management (CSPM) tools for 2023.

The Guardian

Pizza Hut Australia hack: data breach exposes customer information and order details

Company says it believes about 193,000 customers are affected by the breach, which it spotted in early SeptemberFollow our Australia news live blog for latest updatesGet our morning and afternoon news emails, free app or daily news podcastPizza Hut’s Australian operations have been hit by a cyber-attack, the company...

Greater Manchester police officers’ data hacked in cyber-attack

Details of ‘thousands’ of officers may have been taken by hackers after breach of third-party supplierThe details of thousands of Greater Manchester police officers have been hacked as part of a cyber-attack.The force said one of its third-party suppliers had been breached in a ransomware attack that was being...

‘Our health data is about to flow more freely, like it or not’: big tech’s plans for the NHS

The government is about to award a £480m contract to build a vast new database of patient data. But if people don’t trust it, they’ll opt out – I know, because I felt I had toLast December, I had an abortion. Most unwanted pregnancies set a panic-timer ticking, but...

The Hacker News

New Report Uncovers Three Distinct Clusters of China-Nexus Attacks on Southeast Asian Government

An unnamed Southeast Asian government has been targeted by multiple China-nexus threat actors as part of espionage campaigns targeting the region over extended periods of time. "While this activity occurred around the same time and in some instances even simultaneously on the same victims' machines, each cluster is characterized by...

Deadglyph: New Advanced Backdoor with Distinctive Malware Tactics

Cybersecurity researchers have discovered a previously undocumented advanced backdoor dubbed Deadglyph employed by a threat actor known as Stealth Falcon as part of a cyber espionage campaign. "Deadglyph's architecture is unusual as it consists of cooperating components – one a native x64 binary, the other a .NET assembly," ESET said in a new report shared with...

Apple and Chrome Zero-Days Exploited to Hack Egyptian ex-MP with Predator Spyware

The three zero-day flaws addressed by Apple on September 21, 2023, were leveraged as part of an iPhone exploit chain in an attempt to deliver a spyware strain called Predator targeting former Egyptian member of parliament Ahmed Eltantawy between May and September 2023. "The targeting took place after Eltantawy publicly stated his plans to run for...

The Register

T-mobile exposes some customer data – but don’t call it a breach

PLUS: Trojan hidden in PoC; cyber insurance surge; pig butchering's new cuts; and the week's critical vulns Infosec in brief  T-Mobile has had another bad week on the infosec front – this time stemming from a system glitch that exposed customer account data, followed by allegations of another breach...

Apple squashes security bugs after iPhone flaws exploited by Predator spyware

Holes in iOS, macOS and more fixed up after tip off from Google, Citizen Lab Apple has emitted patches this week to close security holes that have been exploited in the wild by commercial spyware.…

Apple squashes security bugs after iPhone flaws exploited by Predator spyware

Holes in iOS, macOS and more fixed up after tip off from Google, Citizen Lab Apple has emitted patches this week to close security holes that have been exploited in the wild by commercial spyware.…

The Security Ledger

Black Hat: Colin O’Flynn On Hacking An Oven To Make It Stop Lying

In this episode of the podcast, host Paul Roberts speaks with Colin O'Flynn, CTO and founder of the firm NewAE about his work to patch shoddy software on his home's electric oven - and the bigger questions about owners rights to fix, tinker with or replace the software that...

Spotlight Podcast: Are you ready for Threat Reconnaissance?

In this Spotlight podcast interview, David Monnier of Team Cymru talks about the evolution of the threat intelligence into actionable and target specific “threat reconnaissance.” The post Spotlight Podcast: Are you ready for Threat Reconnaissance? first appeared on The Security Ledger with Paul F. Roberts. The post Spotlight Podcast: Are you...Read...

Attacks on APIs demand a Security Re-Think

New threats demand that we transform the way we think about securing the endpoints. Case in point: APIs, writes Ross Moore. The post Attacks on APIs demand a Security Re-Think appeared first on The Security Ledger with Paul F. Roberts. Related StoriesMalicious Automation is driving API Security BreachesThe surveys speak:...

Threatpost

Tripwire

Troy Hunt

Weekly Update 366

Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSiteWell that's it, Europe is done! I've spent the week in Prague with highlights including catching up with Josef Prusa, keynoting at Experts Live EU and taking a "beer spa"...

Weekly Update 365

Presently sponsored by: 1 in 3 families have been affected by fraud. Secure your personal info with Aura’s award-winning identity protection. Start free trial.It's another week of travels, this time from our "second home", Oslo. That's off the back of 4 days in the Netherlands and starting tomorrow, another...

Weekly Update 364

Presently sponsored by: Fastmail. Check out Masked Email, built with 1Password. One click gets you a unique email address for every online signup. Try it now!I'm in Spain! Alicante, to be specific, where we've spent the last few days doing family wedding things, and I reckon we scrubbed up...

We Live Security

ESET’s cutting-edge threat research at LABScon – Week in security with Tony Anscombe

Two ESET malware researchers took to the LABScon stage this year to deconstruct sophisticated attacks conducted by two well-known APT groups

Stealth Falcon preying over Middle Eastern skies with Deadglyph

ESET researchers have discovered Deadglyph, a sophisticated backdoor used by the infamous Stealth Falcon group for espionage in the Middle East

OilRig’s Outer Space and Juicy Mix: Same ol’ rig, new drill pipes

ESET researchers document OilRig’s Outer Space and Juicy Mix campaigns, targeting Israeli organizations in 2021 and 2022

Wired

The Shocking Data on Kia and Hyundai Thefts in the US

Plus: MGM hackers hit more than just casinos, Microsoft researchers accidentally leak terabytes of data, and China goes on the PR offensive over cyberespionage.

Satellite Images Show the Devastating Cost of Sudan’s Aerial War

As civil conflict continues in and above the streets of Khartoum, satellite images from the Conflict Observatory at Yale University have captured the catastrophic damage.

Chinese Spies Infected Dozens of Networks With Thumb Drive Malware

Security researchers found USB-based Sogu espionage malware spreading within African operations of European and US firms.

You Need to Update Google Chrome or Whatever Browser You Use

Plus: Spyware-packing ads, TikTok GDPR violations, Elon Musk investigations, and more.

ZDNet

Don’t make this USB mistake! Protect your data with this encrypted gadget instead

From a military-standardized build to a complex passphrase mode, Kingston's IronKey is one of the most secure USBs you can buy.

Apple issues emergency security updates for iPhone, iPad, and Apple Watch

Aimed at iOS 17/iPadOS 17 and WatchOS 10, the bug fixes are designed to combat zero-day vulnerabilities that could let someone remotely control your device.

How to create custom fields in Bitwarden password manager (and why you should)

If you use Bitwarden password manager, there's a simple feature that can come in very handy. Let's find out how to use custom fields.